User Manual
Table Of Contents
- NBG-418N v2
- User’s Guide
- Introduction
- The Web Configurator
- Connection Wizard
- Modes
- Tutorials
- 5.1 Overview
- 5.2 How to Connect to the Internet from an AP
- 5.3 Configure Wireless Security Using WPS on both your NBG-418N v2 and Wireless Client
- 5.4 Enable and Configure Wireless Security without WPS on your NBG-418N v2
- 5.5 Using Multiple SSIDs on the NBG-418N v2
- 5.6 Installing UPnP in Windows 7 Example
- 5.7 Using Bandwidth Management on the NBG-418N v2
- Technical Reference
- Wireless LAN
- WAN
- LAN
- DHCP Server
- Network Address Translation
- Dynamic DNS
- Static Route
- Firewall
- Content Filter
- Remote Management
- Universal Plug-and-Play (UPnP)
- Bandwidth MGMT
- System
- Logs
- Tools
- Sys OP Mode
- Language
- Troubleshooting
- Customer Support
- IP Addresses and Subnetting
- Pop-up Windows, JavaScripts and Java Permissions
- Setting Up Your Computer’s IP Address
- Wireless LANs
- Common Services
- Legal Information
- Index
Appendix E Wireless LANs
NBG-418N v2 User’s Guide
211
Type s of RADIUS Me ssa g e s
The following types of RADIUS messages are exchanged between the access point and the RADIUS
server for user authentication:
• Access-Request
Sent by an access point requesting authentication.
• Access-Reject
Sent by a RADIUS server rejecting access.
• Access-Accept
Sent by a RADIUS server allowing access.
• Access-Challenge
Sent by a RADIUS server requesting more information in order to allow access. The access point sends
a proper response from the user and then sends another Access-Request message.
The following types of RADIUS messages are exchanged between the access point and the RADIUS
server for user accounting:
• Accounting-Request
Sent by the access point requesting accounting.
• Accounting-Response
Sent by the RADIUS server to indicate that it has started or stopped accounting.
In order to ensure network security, the access point and the RADIUS server use a shared secret key,
which is a password, they both know. The key is not sent over the network. In addition to the shared key,
password information exchanged is also encrypted to protect the network from unauthorized access.
Type s of EAP Authe ntic a tion
This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and LEAP.
Your wireless LAN device may not support all authentication types.
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE 802.1x
transport mechanism in order to support multiple types of user authentication. By using EAP to interact
with an EAP-compatible RADIUS server, an access point helps a wireless station and a RADIUS server
perform authentication.
The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that
supports IEEE 802.1x.
For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the
certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used to
authenticate users and a CA issues certificates and guarantees the identity of each certificate owner.
EAP- MD5 (Me ssa g e - Dig e st Alg orithm 5)
MD5 authentication is the simplest one-way authentication method. The authentication server sends a
challenge to the wireless client. The wireless client ‘proves’ that it knows the password by encrypting the
password with the challenge and sends back the information. Password is not sent in plain text.