User manual NETGEAR WG602V1

[. . . ] If you do not have access to the World Wide Web, you can register your product by filling out the registration card and mailing it to NETGEAR customer service. You will find technical support information at: www. netgear. com/support/main. asp through the customer service area. If you want to contact technical support by telephone, see the support information card for the correct telephone number for your country. All rights reserved. Trademarks NETGEAR is a registered trademark of NETGEAR, INC. [. . . ] Shared Key Authentication requires that the station and the access point have the same WEP Key to authenticate. These two authentication procedures are described below. · Open System Authentication The following steps occur when two devices use Open System Authentication: 1. The station sends an authentication request to the access point. B-3 202-10060-02, February 2005 Wireless Networking Basics Reference Manual for the NETGEAR 54 Mbps Wireless Access Point WG602V1V1v3 2. 3. The access point authenticates the station. The station associates with the access point and joins the network. This process is illustrated below. 802. 11 Authentication Open System Steps 1) Authentication request sent to AP 2) AP authenticates IN TER N ET Cable/DSL Router with Integrated Access Point W LA N LO CA L 100 Enable 1 2 3 4 5 6 7 8 LNK/ACT MODEL FVM318 ProSafeWirelessVPN Security Firewall PWR TEST LNK ACT 3) Client connects to network Client attempting to connect Cable or DLS modem Figure B-1: Open system authentication Shared Key Authentication The following steps occur when two devices use Shared Key Authentication: 1. 4. The station sends an authentication request to the access point. The access point sends challenge text to the station. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and sends the encrypted text to the access point. The access point decrypts the encrypted text using its configured WEP Key that corresponds to the station's default key. The access point compares the decrypted text with the original challenge text. If the decrypted text matches the original challenge text, then the access point and the station share the same WEP Key and the access point authenticates the station. The station connects to the network. 5. If the decrypted text does not match the original challenge text (the access point and station do not share the same WEP Key), then the access point will refuse to authenticate the station and the station will be unable to communicate with either the 802. 11 network or Ethernet network. B-4 202-10060-02, February 2005 Wireless Networking Basics Reference Manual for the NETGEAR 54 Mbps Wireless Access Point WG602V1V1v3 This process is illustrated below. 802. 11 Authentication Shared Key Steps 1) Authentication request sent to AP 2) AP sends challenge text Client 3) Client encrypts attempting challenge text and to connect sends it back to AP 4) AP decrypts, and if correct, authenticates client 5) Client connects to network Cable/DSL Router with Integrated Access Point IN TER N ET W LA N LO CA L 100 Enable 1 2 3 4 5 6 7 8 LNK/ACT MODEL FVM318 ProSafeWirelessVPN Security Firewall PWR TEST LNK ACT Cable or DLS modem Figure B-2: Shared key authentication Overview of WEP Parameters Before enabling WEP on an 802. 11 network, you must first consider what type of encryption you require and the key size you want to use. When configured for 128-bit encryption, 802. 11 products typically support four WEP Keys but some manufacturers support only one 128-bit key. The 128-bit WEP Key is expressed as 13 sets of two hexadecimal digits (0-9 and A-F). For example, "12 34 56 78 90 AB CD EF 12 34 56 78 90" is a 128-bit WEP Key. Table B-1: 64-bit (24+40) 128-bit (24+104) Encryption Key Sizes # of Hexadecimal Digits 10 26 Encryption Key Size Example of Hexadecimal Key Content 4C72F08AE1 4C72F08AE19D57A3FF6B260037 Note: Typically, 802. 11 access points can store up to four 128-bit WEP Keys but some 802. 11 client adapters can only store one. Therefore, make sure that your 802. 11 access and client adapters' configurations match. B-6 202-10060-02, February 2005 Wireless Networking Basics Reference Manual for the NETGEAR 54 Mbps Wireless Access Point WG602V1V1v3 WEP Configuration Options The WEP settings must match on all 802. 11 devices that are within the same wireless network as identified by the SSID. In general, if your mobile clients will roam between access points, then all of the 802. 11 access points and all of the 802. 11 client adapters on the network must have the same WEP settings. Note: Whatever keys you enter for an AP, you must also enter the same keys for the client adapter in the same order. In other words, WEP key 1 on the AP must match WEP key 1 on the client adapter, WEP key 2 on the AP must match WEP key 2 on the client adapter, and so on. Note: The AP and the client adapters can have different default WEP Keys as long as the keys are in the same order. In other words, the AP can use WEP key 2 as its default key to transmit while a client adapter can use WEP key 3 as its default key to transmit. The two devices will communicate as long as the AP's WEP key 2 is the same as the client's WEP key 2 and the AP's WEP key 3 is the same as the client's WEP key 3. Wireless Channels The wireless frequencies used by 802. 11b/g networks are discussed below. IEEE 802. 11b/g wireless nodes communicate with each other using radio frequency signals in the ISM (Industrial, Scientific, and Medical) band between 2. 4 GHz and 2. 5 GHz. [. . . ] The Wi-Fi Alliance will call this, 'WPA-Enterprise. ' One variation of WPA is called WPA Pre Shared Key or WPA-PSK for short - this provides an authentication alternative to an expensive RADIUS server. WPA-PSK is a simplified but still powerful form of WPA most suitable for home Wi-Fi networking. To use WPA-PSK, a person sets a static key or "passphrase" as with WEP. But, using TKIP, WPA-PSK automatically changes the keys at a preset time interval, making it much more difficult for hackers to find and exploit them. [. . . ]