N220 Wireless N-lite USB Adapter Version 1.0 Edition 1, 07/2010 www.zyxel.com www.zyxel.
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the N220 using the ZyXEL utility. Tips for Reading User’s Guides On-Screen When reading a ZyXEL User’s Guide On-Screen, keep the following in mind: • If you don’t already have the latest version of Adobe Reader, you can download it from http://www.adobe.com. • Use the PDF’s bookmarks to quickly navigate to the areas that interest you.
About This User's Guide Customer Support Should problems arise that cannot be solved by using this manual, please contact your vendor for customer service. Please have the following information ready when you contact the vendor. • Product model and serial number. • Date that you received your device. • Brief description of the problem and the steps you took to solve it.
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your N220. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions • The N220 may be referred to as the “N220”, the “device”, the “system” or the “product” in this User’s Guide.
Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons.
Safety Warnings Safety Warnings • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. • Connect ONLY suitable accessories to the device.
Safety Warnings 8 N220 User’s Guide
Contents Overview Contents Overview Introduction and Configuration ............................................................................................ 17 Getting Started ........................................................................................................................... 19 Wireless LANs ........................................................................................................................... 27 ZyXEL Utility ..................................................
Contents Overview 10 N220 User’s Guide
Table of Contents Table of Contents About This User's Guide .......................................................................................................... 3 Document Conventions............................................................................................................ 5 Safety Warnings........................................................................................................................ 7 Contents Overview .......................................................
Table of Contents 3.1.1 What You Can Do in This Chapter ............................................................................. 33 3.1.2 What You Need to Know ............................................................................................ 33 3.1.3 Before You Begin ....................................................................................................... 34 3.2 ZyXEL Utility Screen Summary .......................................................................................
CHAPTER 1 Getting Started 1.1 Overview The ZyXEL N220 Wireless N-lite USB Adapter brings you a better Internet experience over existing IEEE 802.11 b/g/n networks. With data rates of up to 150 Mbps, you can enjoy a breathtaking high-speed connection at home or in the office. It is an excellent solution for daily activities such as file transfers, music downloading, video streaming and online gaming. 1.1.
Chapter 1 Getting Started 1.2 Features Your N220 is an IEEE 802.11n draft 2.0 compliant wireless LAN adapter. It can also connect to IEEE 802.11b/g wireless networks. The N220 is WPS (Wi-Fi Protected Setup) compliant. WPS allows you to easily set up a secure connection with another WPS-enabled device. The N220 is a USB adapter which connects to an empty USB port on your computer. Figure 1 The N220 A B The following table describes the N220.
Chapter 1 Getting Started 1.3 Hardware Installation This sections shows you how to install your N220. 1 Locate an available USB port on the computer. 2 Remove the protective cap to expose the USB connector. Insert the N220 into an available USB port on the computer. The N220’s LED (light) turns on if it is properly inserted. Note: Never bend, twist or force the N220 into the port. If there is not enough space to attach the N220, use the included USB cable. 1.
Chapter 1 Getting Started 1.4.2 Installing the ZyXEL Utility To install the ZyXEL Utility: 16 1 Make sure the N220 is disconnected from your computer before you begin the installation process. 2 Open the ZyXEL_USB.dmg file on the included disc. 3 Inside the ZyXEL_USB.dmg, open the folder for your version of Mac OS X. For example, if you are using 10.5 then open the USBWireless-10.5 folder.
Chapter 1 Getting Started 4 Double-click the USBWireless-Leopard.pkg to run the installation program. When it opens, follow the on-screen instructions. 5 After installing the ZyXEL Utility and device driver, you must restart your computer. 6 Once your computer restarts, you can find the ZyXEL Utility in your Applications folder under the name USBWirelessUtility. Note: A second application called the AwakeZyXELUI.
Chapter 1 Getting Started 1.4.2.1 Uninstalling the ZyXEL Utility While you can drag the ZyXEL Utility from your Applications folder directly to the Trash and remove it that way, the best and safest course of action is to run the uninstallation program bundled on the included disc. This ensures that all components of the application are properly removed, especially the device driver. To uninstall the ZyXEL Utility: 1 Open the ZyXEL_USB.dmg file on the included disc.
Chapter 1 Getting Started 1.5 Device Applications This section describes some network applications for the N220. You can either set the network type to Infrastructure and connect to an AP or use Ad-Hoc mode and connect to a peer computer (another wireless device in Ad-Hoc mode). Infrastructure To connect to a network via an access point (AP), set the N220 network type to Infrastructure. Through the AP, you can access the Internet or the wired network behind it.
Chapter 1 Getting Started Ad-Hoc To set up a small independent wireless workgroup without an AP, use Ad-Hoc. Ad-Hoc does not require an AP or a wired network. Two or more wireless clients communicate directly with each other. Note: Wi-Fi Protected Setup (WPS) is not available in ad-hoc mode.
CHAPTER 2 Wireless LANs 2.1 Overview This section provides background information on wireless Local Area Networks. 2.1.1 What You Can Do in This Section • Connect securely to an AP using many of the strongest and most common encryption protocols. See Section 2.3 on page 23 for details. • Connect securely either to an AP or computer-to-computer using WPS. See Section 2.4 on page 25 for details. 2.1.2 What You Need to Know The following terms and concepts may help as you read through this section.
Chapter 2 Wireless LANs Encryption The process of taking data and encoding it, usually using a mathematical formula, so that it becomes unreadable unless decrypted with the proper code or pass phrase. 2.1.3 Before You Begin • You should have valid login information for an existing network Access Point, otherwise you may not be able to make a network connection right away. 2.2 Wireless LAN Overview The following figure provides an example of a wireless network with an AP.
Chapter 2 Wireless LANs • If two wireless networks overlap, they should use a different channel. Like radio stations or television channels, each wireless network uses a specific channel, or frequency, to send and receive information. • Every device in the same wireless network must use security compatible with the AP or peer computer. Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network. 2.
Chapter 2 Wireless LANs • Automatic WEP key generation based on a “password phrase” called a passphrase. The passphrase is case sensitive. You must use the same passphrase for all WLAN adapters with this feature in the same WLAN. For WLAN adapters without the passphrase feature, you can still take advantage of this feature by writing down the four automatically generated WEP keys from the Security Settings screen of the ZyXEL utility and entering them manually as the WEP keys in the other WLAN adapter(s).
Chapter 2 Wireless LANs For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the certificate(s) from a certificate authority (CA). Certificates (also called digital IDs) can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner. 2.3.1.3 WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.
Chapter 2 Wireless LANs Depending on the devices you have, you can either press a button (on the device itself, or in its configuration utility) or enter a PIN (a unique Personal Identification Number that allows one device to authenticate the other) in each of the two devices. When WPS is activated on a device, it has two minutes to find another device that also has WPS activated. Then, the two devices connect and set up a secure network by themselves. 2.4.
Chapter 2 Wireless LANs When you use the PIN method, you must enter the PIN from one device (usually the wireless client) into the second device (usually the Access Point or wireless router). Then, when WPS is activated on the first device, it presents its PIN to the second device. If the PIN matches, one device sends the network and security information to the other, allowing it to join the network.
Chapter 2 Wireless LANs The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. Figure 5 Example WPS Process: PIN Method ENROLLEE REGISTRAR WPS This device’s WPS PIN: 123456 WPS Enter WPS PIN from other device: WPS START WPS START WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION 2.4.3 How WPS Works When two WPS-enabled devices connect, each device must assume a specific role.
Chapter 2 Wireless LANs already part of a network, it sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly. The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point.
Chapter 2 Wireless LANs subsequent WPS connections in which it is involved. If you want a configured AP to act as an enrollee, you must reset it to its factory defaults. 2.4.3.1 Example WPS Network Setup This section shows how security settings are distributed in an example WPS setup. The following figure shows an example network. In step 1, both AP1 and Client 1 are unconfigured. When WPS is activated on both, they perform the handshake. In this example, AP1 is the registrar, and Client 1 is the enrollee.
Chapter 2 Wireless LANs In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead. Figure 9 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 E N TIO EC N ON GC N I T XIS AP1 REGISTRAR CLIENT 2 SE CU RIT Y INF O ENROLLEE AP1 2.4.
Chapter 2 Wireless LANs • WPS works only with other WPS-enabled devices. However, you can still add non-WPS devices to a network you already set up using WPS. WPS works by automatically issuing a randomly-generated WPA-PSK or WPA2PSK pre-shared key from the registrar device to the enrollee devices. Whether the network uses WPA-PSK or WPA2-PSK depends on the device.
CHAPTER 3 ZyXEL Utility - Mac OS X 3.1 Overview This chapter shows you how to use the ZyXEL utility to configure your N220 using the Macintosh operating system, Mac OS X. 3.1.1 What You Can Do in This Chapter • The Profile screen (Section 3.3 on page 35) lets you create, delete and manage your wireless network profiles. • The Link Status screen (Section 3.6 on page 40) lets you see your current connection details, monitor signal strength and quality, and more. • The Site Survey screen (Section 3.
Chapter 3 ZyXEL Utility - Mac OS X Wi-Fi Protected Access (WPA) The WPA protocol affords users with vastly stronger security than WEP. It comes in two different varieties: WPA and WPA2. Always try to use WPA2 as it implements the full version of the security standard and WPA does not. Pre-Shared Key (PSK) A pre-shared key is a password shared between the server and the client that unlocks the algorithm used to encrypt the data traffic between them.
Chapter 3 ZyXEL Utility - Mac OS X Table 3 ZyXEL Utility: Menu Summary TAB DESCRIPTION Site Survey Use this screen to: • • • scan for a wireless network configure wireless security (if activated on the selected network) connect to a wireless network Statistics Use this screen to view advanced information on wireless network traffic. Advanced Use this screen to configure advanced settings on your N220. WPS Use this screen to configure the WPS (Wi-Fi Protected Security) settings on your N220.
Chapter 3 ZyXEL Utility - Mac OS X The following table describes the labels in this screen. Table 4 ZyXEL Utility: Profile LABEL DESCRIPTION This icon indicates the currently active profile. Profile This is the name of the pre-configured profile. SSID This is the SSID of the wireless network to which the selected profile associates. Channel This field displays the channel number used by the profile.
Chapter 3 ZyXEL Utility - Mac OS X 3.4 The Profile - System Configuration Screen This screen allows you to configure system and network settings for your N220. Figure 12 ZyXEL Utility: Profile - System Configuration The following table describes the labels in this screen. Table 5 ZyXEL Utility: Profile - System Configuration LABEL DESCRIPTION Profile Name Enter a descriptive name in this field, or alternatively keep the name assigned by the utility.
Chapter 3 ZyXEL Utility - Mac OS X Table 5 ZyXEL Utility: Profile - System Configuration (continued) LABEL DESCRIPTION RTS Threshold Select the packet size above which the N220 transmits an RTS (Request To Send) message. Fragment Threshold Select the packet size above which the N220 fragments (breaks up) the packet into smaller pieces. OK Click this to save your changes and return to the Profile List screen. Cancel Click this to return to the Profile List screen without saving your changes. 3.
Chapter 3 ZyXEL Utility - Mac OS X The following table describes the labels in this screen. Table 6 ZyXEL Utility: Profile - Authentication and Security LABEL DESCRIPTION Authentication Type Select the security standard you want to use. All the other wireless devices on your network must be able to use the same standard you select. • • • • Encryption Type • • • Open mode is used when security is not an issue. No authentication is required, and any wireless device can join the network.
Chapter 3 ZyXEL Utility - Mac OS X 3.6 The Link Status Screen This screen allows you to view the status of the N220’s wireless connection with an AP or peer computer. Figure 14 ZyXEL Utility: Link Status The following table describes the labels in this screen. Table 7 ZyXEL Utility: Link Status 40 LABEL DESCRIPTION Status This displays the SSID (Service Set IDentifier) and MAC (Media Access Control) address of the access point or peer device to which the N220 is connected.
Chapter 3 ZyXEL Utility - Mac OS X Table 7 ZyXEL Utility: Link Status (continued) LABEL DESCRIPTION Signal Strength 1 This shows the strength of the antenna’s signal. Noise Level This indicates the relative interfence from other nearby wireless devices as a percentage. The higher the percentage, the greater the interference. HT Info This section displays wireless technical data, such Bandwidth (BW) frequency, Guard Interval (GI), and Modulation and Coding Scheme (MCS).
Chapter 3 ZyXEL Utility - Mac OS X The following table describes the labels in this screen. Table 8 ZyXEL Utility: Site Survey LABEL DESCRIPTION This indicates a connection to the associated AP. SSID This displays the network’s Service Set IDentifier. The SSID is the name of the network. BSSID This displays the Basic Service Set IDentifier. The BSSID is the MAC (Media Access Control) address of the access point or peer wireless device.
Chapter 3 ZyXEL Utility - Mac OS X 3.8 The Statistics Screen This screen allows you to view statistics on network traffic between the N220 and the associated AP or peer computer. This screen is primarily for troubleshooting purposes. Figure 16 ZyXEL Utility: Statistics The following table describes the labels in this screen. Table 9 ZyXEL Utility: Statistics LABEL DESCRIPTION Transmit Statistics This section displays statistics about the data frames sent by the N220.
Chapter 3 ZyXEL Utility - Mac OS X Table 9 ZyXEL Utility: Statistics (continued) LABEL Frames Failed to Receive ACK After All Retries This displays the number of frames transmitted by the N220 that did not receive an acknowledgement response from the other wireless device. RTS Frames Successfully Received CTS This displays the number of frames, large enough to require the sending of a “Request to Send” message, that then received a “Clear to Send” message from the other wireless device.
Chapter 3 ZyXEL Utility - Mac OS X 3.9 The Advanced Screen This screen allows you to configure advanced network settings on your N220. Figure 17 ZyXEL Utility: Advanced The following table describes the labels in this screen. Table 10 ZyXEL Utility: Advanced LABEL DESCRIPTION Wireless Mode This indicates the N220’s wireless network mode. TX Rate This field displays the maximum rate at which data is sent by the N220 over the wireless network.
Chapter 3 ZyXEL Utility - Mac OS X 3.10 The WPS Screen This screen allows you to configure the N220’s Wi-Fi Protected Security (WPS). Figure 18 ZyXEL Utility: WPS The following table describes the labels in this screen. Table 11 ZyXEL Utility: WPS LABEL DESCRIPTION WPS AP List This displays a list of WPS-compatible devices within range of the N220. ID This field indicates the AP’s identication number, if it has one.
Chapter 3 ZyXEL Utility - Mac OS X Table 11 ZyXEL Utility: WPS (continued) LABEL DESCRIPTION Authenticati on This field indicates the authentication type required by your N220 while using WPS. Encryption This field indicates the encryption required by your N220 while using WPS. Rescan Click this button to rescan the local area for WPS-compatible devices. Information Select an AP from the WPS AP List and then click this button to display detailed information on it. See Section 3.10.
Chapter 3 ZyXEL Utility - Mac OS X Table 11 ZyXEL Utility: WPS (continued) LABEL DESCRIPTION WPS associate IE Sends the association request with WPS IE during WPS. Note: Leave this option selected at all times to ensure a stable connection. WPS probe IE Sends the probe request with WPS IE during WPS. Note: Leave this option selected at all times to ensure a stable connection.
Chapter 3 ZyXEL Utility - Mac OS X Table 12 Mac OS X: WPS - Information (continued) LABEL DESCRIPTION Device Password ID This field indicates whether device requires PBC or PIN for its method of password registration. AP Setup Locked This field indicates whether the AP has entered a setup locked state or not. UUID-E This field indicates the Universally Unique IDentifier (UUID) element of the AP if it is operating as an Enrollee. Selected Register This field indicates the AP’s selected register.
Chapter 3 ZyXEL Utility - Mac OS X Table 13 Mac OS X: WPS - Profile Details (continued) LABEL DESCRIPTION Key Length This field indicates the length of the encryption key to use for creating secure connections. For WPS connections it is always 64-bit. Key Index This field indicates key index value to use for creating secure connections. For WPS connections it is always 1. Key Material This is the random string of letters and numbers used as the encryption key seed.
Chapter 3 ZyXEL Utility - Mac OS X The following table describes the labels in this screen. Table 14 Mac OS X: About LABEL DESCRIPTION Wireless Utility This section displays the version number and release date of the N220’s wireless utility application. NIC Driver This section displays the version number and release date of the N220’s device driver. MAC Address This field displays the N220 Media Access Control (MAC) address.
Chapter 3 ZyXEL Utility - Mac OS X 52 N220 User’s Guide
CHAPTER 4 Troubleshooting 4.1 Overview This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Accessing the ZyXEL Utility • Link Quality • Problems Communicating with Other Computers 4.2 Power, Hardware Connections, and LEDs The N220 does not turn on. None of the LEDs turn on. 1 Make sure the N220 is correctly installed. 2 Restart the computer to which the N220 is attached.
Chapter 4 Troubleshooting 4 If the problem continues, contact the vendor. 4.3 Accessing the ZyXEL Utility I cannot access the ZyXEL Utility 1 Make sure the N220 is properly inserted and the LEDs are on. 2 Install the N220 on another computer. 3 If the error persists, you may have a hardware problem. In this case, you should contact your vendor. 4.4 Link Quality The link quality and/or signal strength is poor.
Chapter 4 Troubleshooting 4.5 Problems Communicating with Other Computers The computer with the N220 installed cannot communicate with the other computer(s). In Infrastructure Mode • Make sure that the AP and the associated computers are turned on and working properly. • Make sure the N220 computer and the associated AP use the same SSID. • Change the AP and the associated wireless clients to use another radio channel if interference is high.
Chapter 4 Troubleshooting 56 N220 User’s Guide
CHAPTER 5 Product Specifications Table 15 Product Specifications PHYSICAL AND ENVIRONMENTAL Product Name N220 Wireless N-lite USB Adapter Interface USB 2.0 Standards IEEE 802.11b IEEE 802.11g IEEE 802.11n Operating Frequency 2.
Chapter 5 Product Specifications Table 15 Product Specifications (continued) Transmit Power (+/- 1.5 dB) 802.11b: 1/2/5.5/11M: 18.5 dBm 802.11g: 54/48M: 15dBm 24/36M: 15dBm 12/18M: 16dBm 6/9M: 16.5 dBm 802.11n: @ HT20 MCS0~MCS07: 15.5 dBm @ HT40 MCS0~MCS07: 15.5 dBm Receiver Sensitivity 802.11b: 11Mbps at -82dBm 802.11g: 54Mbps at -68dBm 802.11n: HT20 at -64dBm HT40 at -62dBm WIRELESS STANDARDS IEEE 802.11b Dynamically shifts between 11, 5.5, 2, and 1 Mbps network speed. Operation Frequency 2.
Chapter 5 Product Specifications Table 15 Product Specifications (continued) Operation Channels N. America & Taiwan HT20 2.412GHz~ 2.462GHz 1-11 N. America & Taiwan HT40 2.422GHz~ 2.452GHz 3-9 Euro ETSI HT20 2.412GHz~ 2.472GHz 1-13 Euro ETSI HT40 2.422GHz~ 2.
Chapter 5 Product Specifications Table 15 Product Specifications (continued) Wireless QoS Wi-Fi Multi Media (WMM) Wi-Fi Protected Setup (WPS) Push button configuration Use device's PIN Use AP or Router's PIN Other WMM power-saving support Compatible with Windows Zero Configuration 60 N220 User’s Guide
APPENDIX A Wireless LANs This appendix discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Appendix A Wireless LANs BSS A Basic Service Set (BSS) exists when all communications between wireless clients or between a wireless client and a wired network client go through one access point (AP). Intra-BSS traffic is traffic between wireless clients in the BSS. When Intra-BSS is enabled, wireless client A and B can access the wired network and communicate with each other. When Intra-BSS is disabled, wireless client A and B can still access the wired network but cannot communicate with each other.
Appendix A Wireless LANs ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood.
Appendix A Wireless LANs adjacent AP is using. For example, if your region has 11 channels and an adjacent AP is using channel 1, then you need to select a channel between 6 or 11. RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node.
Appendix A Wireless LANs If the RTS/CTS value is greater than the Fragmentation Threshold value (see next), then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. Note: Enabling the RTS Threshold causes redundant network overhead that could negatively affect the throughput performance instead of providing a remedy.
Appendix A Wireless LANs IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data rates. The IEEE 802.11g data rate and modulation are as follows: Table 16 IEEE 802.
Appendix A Wireless LANs Note: You must enable the same wireless security settings on the N220 and on all wireless clients that you want to associate with it. IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.
Appendix A Wireless LANs • Access-Reject Sent by a RADIUS server rejecting access. • Access-Accept Sent by a RADIUS server allowing access. • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access-Request message.
Appendix A Wireless LANs EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless client. The wireless client ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text. However, MD5 authentication has some weaknesses.
Appendix A Wireless LANs LEAP LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE 802.1x. Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed.
Appendix A Wireless LANs If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a wireless client will be granted access to a WLAN.
Appendix A Wireless LANs The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only difference between the two is that WPA(2)-PSK uses a simple common password, instead of user-specific credentials. The common-password approach makes WPA(2)-PSK susceptible to brute-force password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, single, alphanumeric password to derive a PMK which is used to generate unique temporal encryption keys.
Appendix A Wireless LANs 2 The RADIUS server then checks the user's identification against its database and grants or denies network access accordingly. 3 A 256-bit Pairwise Master Key (PMK) is derived from the authentication process by the RADIUS server and the client. 4 The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and management system, using the PMK to dynamically generate unique data encryption keys.
Appendix A Wireless LANs 4 The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them. Figure 27 WPA(2)-PSK Authentication Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type.
Appendix A Wireless LANs Antenna Overview An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air. Positioning the antennas properly increases the range and coverage area of a wireless LAN. Antenna Characteristics Frequency An antenna in the frequency of 2.4GHz (IEEE 802.11b and IEEE 802.11g) or 5GHz (IEEE 802.
Appendix A Wireless LANs • Omni-directional antennas send the RF signal out in all directions on a horizontal plane. The coverage area is torus-shaped (like a donut) which makes these antennas ideal for a room environment. With a wide coverage area, it is possible to make circular overlapping coverage areas with multiple access points. • Directional antennas concentrate the RF signal in a beam, like a flashlight does with the light from its bulb.
APPENDIX B Legal Information Copyright Copyright © 2010 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix B Legal Information This device has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This device generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
Appendix B Legal Information Industry Canada Statement This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: 1) this device may not cause interference and 2) this device must accept any interference, including interference that may cause undesired operation of the device This device has been designed to operate with an antenna having a maximum gain of 3dBi. Antenna having a higher gain is strictly prohibited per regulations of Industry Canada.
Appendix B Legal Information This Class B digital apparatus complies with Canadian ICES-003. Operation is subject to the following two conditions: (1) this device may not cause interference, and (2) this device must accept any interference, including interference that may cause undesired operation of the device. Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada. Viewing Certifications 80 1 Go to http://www.zyxel.com.
Index Index A about your ZyXEL Device 14 interference 63 copyright 77 CTS (Clear to Send) 64 Access Point (AP) 22 Access point (AP) 22 Access Point. See also AP. D ACT LED 14 Ad-Hoc 20 digital ID 25 Advanced Encryption Standard 25 See AES. dimensions 57 AES 71 dynamic WEP key exchange 70 antenna directional 76 gain 75 omni-directional 76 E AP 63 See also access point.
Index H preamble mode 65 hidden node 64 PSK 72 product specifications 57 humidity 57 R I radio interference 54 IBSS 61 radio specifications 57, 58 IEEE 802.11g 66 RADIUS 24, 25, 67 message types 67 messages 67 shared secret key 68 IEEE 802.
Index W weight 57 WEP 23 automatic setup 24 manual setup 24 passphrase 24 WEP (Wired Equivalent Privacy) 23 WEP key generation 24 Wi-Fi Protected Access 25, 70 wireless client 22 wireless client WPA supplicants 72 wireless LAN introduction 21 security 23 wireless LAN (WLAN) 21 wireless network 22 wireless security 66 wireless standard 57 WLAN interference 63 security parameters 74 WPA 25, 70 key caching 72 pre-authentication 72 user authentication 72 vs WPA-PSK 72 wireless client supplicant 72 with RADIUS
Index 84 N220 User’s Guide
