User manual NETGEAR WPN 802 REFERENCE MANUAL

[. . . ] Reference Manual for the NETGEAR RangeMaxTM Wireless Access Point WPN802 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10101-01 May 2005 © 2005 by NETGEAR, Inc. Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders. [. . . ] As long as the stations are within range of one another, this is the easiest and least expensive way to set up a wireless network. Network Name: Extended Service Set Identification (ESSID) The Extended Service Set Identification (ESSID) is one of two types of Service Set Identification (SSID). In an ad hoc wireless network with no access points, the Basic Service Set Identification (BSSID) is used. In an infrastructure wireless network that includes an access point, the ESSID is used, but may still be referred to as SSID. An SSID is a thirty-two character (maximum) alphanumeric key identifying the name of the wireless local area network. For the wireless devices in a network to communicate with each other, all devices must be configured with the same SSID. This means the wireless station will try to associate with whichever access point has the stronger radio frequency (RF) signal, providing that both the access point and wireless station use Open System authentication. Authentication and WEP Data Encryption The absence of a physical connection between nodes makes the wireless links vulnerable to eavesdropping and information theft. To provide a certain level of security, the IEEE 802. 11 standard has defined these two types of authentication methods: · Open System. With Open System authentication, a wireless computer can join any network and receive any messages that are not encrypted. B-2 202-10101-01, May 2005 Wireless Networking Basics Reference Manual for the NETGEAR RangeMaxTM Wireless Access Point WPN802 · Shared Key. With Shared Key authentication, only those PCs that possess the correct authentication key can join the network. By default, IEEE 802. 11 wireless devices operate in an Open System network. Wired Equivalent Privacy (WEP) data encryption is used when the wireless devices are configured to operate in Shared Key authentication mode. 802. 11 Authentication The 802. 11 standard defines several services that govern how two 802. 11 devices communicate. The following events must occur before an 802. 11 Station can communicate with an Ethernet network through an access point, such as the one built in to the WPN802: 1. The station listens for messages from any access points that are in range. The station finds a message from an access point that has a matching SSID. The station can now communicate with the Ethernet network through the access point. An access point must authenticate a station before the station can associate with the access point or communicate with the network. The IEEE 802. 11 standard defines two types of authentication: Open System and Shared Key. · Open System Authentication allows any device to join the network, assuming that the device SSID matches the access point SSID. Alternatively, the device can use the "ANY" SSID option to associate with any available Access Point within range, regardless of its SSID. Shared Key Authentication requires that the station and the access point have the same WEP Key to authenticate. These two authentication procedures are described below. · Open System Authentication The following steps occur when two devices use Open System Authentication: 1. The station sends an authentication request to the access point. B-3 202-10101-01, May 2005 Wireless Networking Basics Reference Manual for the NETGEAR RangeMaxTM Wireless Access Point WPN802 2. The station associates with the access point and joins the network. This process is illustrated below. 802. 11b Authentication Open System Steps 1) Authentication request sent to AP 2) AP authenticates IN TER N ET Cable/DSL Access Point W LA N LO CA L 100 MODEL FVM318 ProSafeWirelessVPN Security Firewall PWR TEST LNK ACT Enable 1 2 3 4 5 6 7 8 LNK/ACT Client attempting to connect 3) Client connects to network Cable or DLS modem Figure B-1: Open system authentication Shared Key Authentication The following steps occur when two devices use Shared Key Authentication: 1. 4. The station sends an authentication request to the access point. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and sends the encrypted text to the access point. [. . . ] To use WPA-PSK, a person sets a static key or "passphrase" as with WEP. But, using TKIP, WPA-PSK automatically changes the keys at a preset time interval, making it much more difficult for hackers to find and exploit them. The Wi-Fi Alliance will call this, 'WPA-Personal. ' Wi-Fi Protected Access and IEEE 802. 11i Comparison Wi-Fi Protected Access will be forward-compatible with the IEEE 802. 11i security specification currently under development by the IEEE. Wi-Fi Protected Access is a subset of the current 802. 11i draft, taking certain pieces of the 802. 11i draft that are ready to bring to market today, such as its implementation of 802. 1x and TKIP. [. . . ]