ZyXEL nwd2205 User's Manual
Contents
1. 3 ick l X 5 c lk i1 e 7 geri 9 Table oi el 11 Chapter 1 GENO or g Meet ES 13 ARAS tects sc techs abi cea oa ic alsa le Se esc TRU 13 1 1 1 Whar You Nest fo INOW uei ERI REB AR a cate adaconertasaacberadsducnaumnaaactondenatasmeneesnente 13 UIS VOU BO RSR PR ER T T 13 jR n d c r Tm 14 Ladies IS leon P m 15 1 3 1 Minimum System Rege ial S ucciso necesite drag Nigel tra ani ana 15 1 2 2 Installing he ZYXEL DUI secccctcchssscccetentienadecontepescnedeuenaceeceaiemacdsentepeatersammensccansieencners 15 13 9 Unnotalimg the ZyXEL UNY rebre 19 1A Radwa sic LENS HN a a ertterr tree rer rr terete re rrr rrr 21 jussu Fere f 22 Chapter 2 Wireless LANS 25 CAE UC CIS TR VN 25 2 1 1 Whal You Can Do in This DOSE ser ec paa eerie nant cct e sue tenner ce renner cet eter 25 eTe CITUR ELI GEI TT ULIS 25 Bob Fou BOOID ennaa aa Ea a toi dedans 26 dat roles LAN CVEVIEW inner tm exi um ule ont een ben UH anne canette ne nine cr baneta ces 26 ERE ILIIL LAN SEONI MR rco 27 2 3 1 User Autheniicalon and EBCFEDDIOE issscscbecein2. The wireless network is the part in the blue circle In this wireless network devices A and B are called wireless clients The wireless clients use the access point AP to interact with other devices such as the printer or with the Internet Every wireless network must follow these basic guidelines Every device in the same wireless network must use the same SSID The SSID is the name of the wireless network It stands for Service Set I Dentity NWD2205 User s Guide Chapter 2 Wireless LANs f two wireless networks overlap they should use a different channel Like radio stations or television channels each wireless network uses a specific channel or frequency to send and receive information Every device in the same wireless network must use security compatible with the AP or peer computer Security stops unauthorized devices from using the wireless network It can also protect the information that is sent in the wireless network 2 3 Wireless LAN Security Wireless LAN security is vital to your network to protect wireless communications If you do not enable any wireless security on your NWD2205 the NWD2205 s wireless communications are accessible to any wireless networking device that is in the coverage area Note You can use only WEP encryption if you set the NWD2205 to Ad hoc mode See the appendices for more detailed information about wireless security 2 3 1 User Authentication and Encryption Y
3. Wired Equivalent Privacy WEP Although one of the original wireless encryption protocols WEP is also the weakest Many people use it strictly to deter unintentional usage of their wireless network by outsiders NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X Wi Fi Protected Access WPA The WPA protocol affords users with vastly stronger security than WEP It comes in two different varieties WPA and WPA2 Always try to use WPA2 as it implements the full version of the security standard and WPA does not Pre Shared Key PSK A pre shared key is a password shared between the server and the client that unlocks the algorithm used to encrypt the data traffic between them Without the proper password the client and the server cannot communicate Extensible Authentication Protocol EAP An enhanced security framework designed to improve an existing security protocol such as WPA PSK or WPA2 PSK 3 1 3 Before You Begin Make sure the Mac OS X version of the ZyXEL utility is already installed on your computer See Section 1 3 on page 15 for more information After installation make sure you repair permissions on your installation drive Click Applications gt Utilities gt Disk Utility or do a Spotlight search for the key words Disk Utility and select it from the search results list When the Disk Utility application opens select your installation drive and then click the Repair Disk Permissions button
4. Key index This field is configurable when you select to use WEP for data advanced encryption Select the key number 1 4 and enter the WEP key in the network key fields Cancel Click this to return to the previous screen without saving your settings OK Click this to save your settings and return to the previous screen NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X 3 5 The Available Network Screen This screen allows you to view available networks and connect to a network Figure 14 ZyXEL Utility Available Network eoo ZyXEL NWD2205 Utility Link Status Profiles Available Netw Advanced Setting WPS Information Associated SSID Channel Network Type Encryption BSSID ZyXEL l Infrastructure WPA 2 PSK AES 404a03ff5be4 ZyXEL MIS 1 Infrastructure WEP 0019cb8a34d0 ZyXEL MIS WPA l Infrastructure WPA2 PSK AES 0619cb8a34d0 ZyXEL Guest l Infrastructure WEP 0a19cb8a34d0 ZyXEL4 1 Infrastructure WPA 2 PSK AES 404a03ff5be7 Zy private R9XPSP 1 Infrastructure WPA2 PSK AES 001349120115 ZyXEL MIS l Infrastructure WEP 0023f855b680 ZyXEL HM97W9 1 Infrastructure WPA 2 PSK AES 404a03ff5d14 ZyXEL MIS WPA 1 Infrastructure WPA 2 PSK AES 0623f855b680 ZyXEL GUEST 1 Infrastructure WEP 0a23f855b680 ZyXEL2053 6 Infrastructure WPA PSK AES 00268219ce69 HCI LAB 6 Infrastructure WPA PSK TKIP 0019cbf7fa8c ZyXEL_668C 5 Infrastructure WPA PSK TKIP 02134911668c 12898_8483 6 Infrastructure
5. NWD2205 User s Guide Appendix B Legal Information including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser To obtain the services of this warranty contact your vendor You may also refer to the warranty policy for the region in which you bought the device at http WWVW Zyxel com web support warranty info php Registration Register your product online to receive e mail notices of firmware upgrades and information at www zyxel com NWD2205 User s Guide Appendix B Legal Information NWD2205 User s Guide Index A about your ZyXEL Device 14 Access Point AP 26 Access point AP 26 Access Point See also AP ACT LED 14 Ad Hoc 23 Advanced Encryption Standard 29 See AES AES 67 antenna directional 72 gain 71 omni directional 72 AP 59 See also access point authentication type 28 auto 28 open system 28 shared key 28 auto authentication 28 Basic Service Set See BSS 58 BSS 58 C CA 29 65 CCMP 29 Certificate Authority See CA certifications 73 notices 76 viewing 76 channel 27 59 Index interference 59 copyright 73 CTS Clear to Send 60 D digital ID 29 dimensions 53 disclaimer 73 dynamic WEP key exchange 66 E EAP Extensible Authentication Protocol 28 EAP Authentication 64 EAP authentication 29 EAP PEAP
6. otherwise the NWD2205 uses long preamble Note The wireless devices MUST use the same preamble mode in order to communicate NWD2205 User s Guide Appendix A Wireless LANs IEEE 802 11g Wireless LAN IEEE 802 11g is fully compatible with the IEEE 802 11b standard This means an EEE 802 11b adapter can interface directly with an IEEE 802 11g access point and vice versa at 11 Mbps or lower depending on range IEEE 802 11g has several intermediate rate steps between the maximum and minimum data rates The IEEE 802 11g data rate and modulation are as follows Table 12 IEEE 802 11g MBPS MODULATION 1 DBPSK Differential Binary Phase Shift Keyed 2 DQPSK Differential Quadrature Phase Shift Keying 5 5 11 CCK Complementary Code Keying 6 9 12 18 24 36 OFDM Orthogonal Frequency Division Multiplexing 48 54 Wireless Security Overview Wireless security is vital to your network to protect wireless communication between wireless clients access points and the wired network Wireless security methods available on the NWD2205 are data encryption wireless client authentication restricting access by device MAC address and hiding the NWD2205 identity The following figure shows the relative effectiveness of these wireless security methods available on your NWD2205 Table 13 Wireless Security Levels SECURITY LEVEL SECURITY TYPE Least Unique SSID Default Secure Unique SSID with Hide S
7. 3 2 ZyXEL Utility Screen Summary This section describes the ZyXEL utility screens in Mac OS X Figure 10 ZyXEL Utility ZyXEL Utility Menu Summary eo ZyXEL NWD2205 Utility Link Status Profiles Available Netw Advanced Setting WPS Information The following table describes the menus Table 3 ZyXEL Utility Menu Summary TAB DESCRIPTION Link Status Use this screen to see your current connection status configuration and data rate statistics Profiles Use this screen to add delete edit or activate a profile with a set of wireless and security settings NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X Table 3 ZyXEL Utility Menu Summary continued TAB DESCRIPTION Available Use this screen to Network scan for a wireless network configure wireless security if activated on the selected network connect to a wireless network Advanced Use this screen to configure advanced settings on your NWD2205 Setting WPS Use this screen to configure the WPS Wi Fi Protected Security settings on your NWD2205 Information Use this screen to find the utility and driver version 3 3 The Link Status Screen This screen allows you to view the status of the NWD2205 s wireless connection with an AP or peer computer Figure 11 ZyXEL Utility Link Status T eo gt ZyXEL NWD2205 Utility f Link Status Profiles Available Netw Advanced
8. Canada Viewing Certifications Go to http www zyxel com 2 Select your product on the ZyXEL home page to go to that product s page 3 Select the certification you wish to view from this page ZyXEL Limited Warranty ZyXEL warrants to the original end user purchaser that this product is free from any defects in material or workmanship for a specific period the Warranty Period from the date of purchase The Warranty Period varies by region Check with your vendor and or the authorized ZyXEL local distributor for details about the Warranty Period of this product During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its discretion repair or replace the defective products or components without charge for either parts or labor and to whatever extent it shall deem necessary to restore the product or components to proper operating condition Any replacement will consist of a new or re manufactured functionally equivalent product of equal or higher value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product has been modified misused tampered with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied
9. EE Ee RE RER SEE ASS ERR RETIRE chee RARE PIERRE e iy W F HIP GAGES TRIKE a SLE VER CARE TE RR BRS R EL FERRER IBC ST E a Ra TE o RE KRET FRET AE ERT CT ECRIRE T DAS PIE VAD FMR areca BEA e NWD2205 User s Guide Appendix B Legal Information 1 Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment This device has been designed for the WLAN 2 4 GHz network throughout the EC region and Switzerland with restrictions in France This Class B digital apparatus complies with Canadian ICES 003 Operation is subject to the following two conditions 1 this device may not cause interference and 2 this device must accept any interference including interference that may cause undesired operation of the device Cet appareil num rique de la classe B est conforme la norme NMB 003 du
10. Key index advanced Cancel 9 3 The following table describes the labels in this screen Table 6 ZyXEL Utility Profile Properties LABEL DESCRIPTION Profile Name Enter a descriptive name in this field SSID Enter the SSID of the wireless device to which you want to associate This is a Select this to connect to another wireless enabled computer without computer to going through an access point Otherwise clear the check box to computer connect to a wireless access point AdHoc network wireless access points are not used Channel In ad hoc mode choose the radio channel to use for the wireless network If there are other networks in the area choose a channel as far away as possible in order to minimize the risk of interference In Infrastructure mode this field is not configurable the NWD2205 uses whichever channel the AP uses a2 NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X Table 6 ZyXEL Utility Profile Properties continued LABEL DESCRIPTION Network Authentication Select the security standard you want to use All the other wireless devices on your network must be able to use the same standard you select OPEN SYSTEM mode is used when security is not an issue No BUE DH aton is required and any wireless device can join the network SHARED KEY mode security is used with WEP Wired Equivalent Privacy WPA PSK security us
11. RADIUS server an access point helps a wireless station and a RADIUS server perform authentication The type of authentication you use depends on the RADIUS server and an intermediary AP s that supports IEEE 802 1x The NWD2205 supports EAP TLS EAP TTLS at the time of writing TTLS is not available in Windows Vista and EAP PEAP Refer to Appendix A on page 57 for descriptions NWD2205 User s Guide Chapter 2 Wireless LANs For EAP TLS authentication type you must first have a wired connection to the network and obtain the certificate s from a certificate authority CA Certificates also called digital IDs can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner 2 3 1 3 WPA and WPA2 Wi Fi Protected Access WPA is a subset of the IEEE 802 11i standard WPA2 IEEE 802 11i is a wireless security standard that defines stronger encryption authentication and key management than WPA Key differences between WPA 2 and WEP are improved data encryption and user authentication Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol TKIP Message Integrity Check MIC and IEEE 802 1x WPA and WPA2 use Advanced Encryption Standard AES in the Counter mode with Cipher block chaining Message authentication code Protocol CCMP to offer stronger encryption than TKI P If both an AP and the wireless clients support WPA2 and you have an externa
12. RADIUS server or not Select WEP only when the AP and or wireless clients do not support WPA or WPA2 WEP is less secure than WPA or WPA2 Encryption Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol TKIP Message Integrity Check MIC and IEEE 802 1x WPA and WPA2 use Advanced Encryption Standard AES in the Counter mode with Cipher block chaining Message authentication code Protocol CCMP to offer stronger encryption than TKI P TKIP uses 128 bit keys that are dynamically generated and distributed by the authentication server AES Advanced Encryption Standard is a block cipher that uses a 256 bit mathematical algorithm called Rijndael They both include a per packet key mixing function a Message Integrity Check MIC named Michael an extended initialization vector IV with sequencing rules and a re keying mechanism WPA and WPA2 regularly change and rotate the encryption keys so that the same encryption key is never used twice The RADIUS server distributes a Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the PMK to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients This all happens in the background automatically The Message Integrity Check MIC is designed to prevent an attacker from capturing data packets altering them and resending
13. Setting WPS Information Signal Strength MAC Address SSID BSSID Security Connection Network Type Channel Link Speed Mbps HT Info 404a03088bcc ZyXEL 424a03d9f97c None Connected Infrastructure 6 TX 120 RX 120 BW 40MHz Gl short MCS 5 SSS Se SoS nnn 97K turn Radio OFF NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X The following table describes the labels in this screen Table 4 ZyXEL Utility Link Status LABEL DESCRIPTION MAC Address This field displays the MAC address of the NWD2205 SSID The SSID Service Set IDentifier identifies the wireless network to which a wireless station is associated This field displays the name of the wireless device to which the NWD2205 is associated BSSID This field displays the MAC address of the AP or peer computer to which the NWD2205 is associated Security This field displays whether data encryption is activated WEP 802 1x WPA WPA PSK WPA2 WPA2 PSK or inactive None Connection This field displays whether the NWD2205 is associated to the wireless device Network Type This field displays the network type Infrastructure or Ad Hoc of the wireless network Channel This displays the channel number of the current wireless connection Link Speed This displays the maximum possible data transmission TX and Mbps reception RX speeds of the current connection in megab
14. X Table 8 ZyXEL Utility Advanced Setting continued LABEL DESCRIPTION Fragment Select the packet size above which the NWD2205 fragments breaks Threshold up the packet into smaller pieces RTS Threshold Select the packet size above which the NWD2205 transmits an RTS Request To Send message Refresh Click this to update this screen Apply Click this to save your settings Set Default Click this to set every field in this screen to its default value 3 7 The WPS Screen This screen allows you to configure the NWD2205 s Wi Fi Protected Security WPS Figure 16 ZyXEL Utility WPS eo ZyXEL NWD2205 Utility Link Status Profiles Available Netw Advanced Setting WPS Information SSID amp Channel Security BSSID HCI LAB 6 WPA PSK TKIP 0019cbf7fa8c ZyXEL 1 WPA 2 PSK AES WPA 2 P 404a03ff5be4 ZyXEL2053 6 WPA PSK AES WPA PSK TKIP 00268219ce69 i 4 SCAN Please key the PIN code into your AP s config page CPN PIN 31348799 PRE Canc The following table describes the labels in this screen Table 9 ZyXEL Utility WPS LABEL DESCRIPTION SSID This field indicates the WPS compatible AP s Service Set Identification SSID which is within range of the NWD2205 Channel This field indicates the channel on which the AP is broadcasting NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X Table 9 ZyXEL Utilit
15. also has WPS activated Then the two devices connect and set up a secure network by themselves 2 4 1 Push Button Configuration WPS Push Button Configuration PBC is initiated by pressing a button on each WPS enabled device and allowing them to connect automatically You do not need to enter any information Not every WPS enabled device has a physical WPS button Some may have a WPS PBC button in their configuration utilities instead of or in addition to the physical button Take the following steps to set up WPS using the button Ensure that the two devices you want to set up are within wireless range of one another Look for a WPS button on each device If the device does not have one log into its configuration utility and locate the button Press the button on one of the devices it doesn t matter which Within two minutes press the button on the other device The registrar sends the network name SSID and security key through an secure connection to the enrollee If you need to make sure that WPS worked check the list of associated wireless clients in the AP s configuration utility If you see the wireless client in the list WPS was successful 2 4 2 PIN Configuration Each WPS enabled device has its own PIN Personal Identification Number This may either be static it cannot be changed or dynamic in some devices you can generate a new PIN by clicking on a button in the configuration interface Use the PIN met
16. between a wireless client and a wired network client go through one access point AP Intra BSS traffic is traffic between wireless clients in the BSS When Intra BSS is enabled wireless client A and B can access the wired network and communicate with each other When Intra BSS is disabled wireless client A and B can still access the wired network but cannot communicate with each other Figure 19 Basic Service Set NWD2205 User s Guide Appendix A Wireless LANs ESS An Extended Service Set ESS consists of a series of overlapping BSSs each containing an access point with each access point connected together by a wired network This wired connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood An ESSID ESS IDentification uniquely identifies each ESS All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate Figure 20 Infrastructure WLAN Channel A channel is the radio frequency ies used by wireless devices to transmit and receive data Channels available depend on your geographical area You may have a choice of channels for your region so you should use a channel different from an adjacent AP access point to reduce interferenc
17. both stations RTS CTS is designed to prevent collisions due to hidden nodes An RTS CTS defines the biggest size data frame you can send before an RTS Request To Send CTS Clear to Send handshake is invoked When a data frame exceeds the RTS CTS value you set between 0 to 2432 bytes the station that wants to transmit this frame must first send an RTS Request To Send message to the AP for permission to send it The AP then responds with a CTS Clear to Send message to all other stations within its range to notify them to defer their transmission It also reserves and confirms with the requesting station the time frame for the requested transmission Stations can send frames smaller than the specified RTS CTS directly to the AP without the RTS Request To Send CTS Clear to Send handshake You should only configure RTS CTS if the possibility of hidden nodes exists on your network and the cost of resending large frames is more than the extra network overhead involved in the RTS Request To Send CTS Clear to Send handshake NWD2205 User s Guide Appendix A Wireless LANs If the RTS CTS value is greater than the Fragmentation Threshold value see next then the RTS Request To Send CTS Clear to Send handshake will never occur as data frames will be fragmented before they reach RTS CTS size Note Enabling the RTS Threshold causes redundant network overhead that could negatively affect the throughput performan
18. them The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC If they do not match it is assumed that the data has been tampered with and the packet is dropped By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism MIC with TKIP and AES it is more difficult to decrypt data on a Wi Fi network than WEP and difficult for an intruder to break into the network NWD2205 User s Guide Appendix A Wireless LANs The encryption mechanisms used for WPA 2 and WPA 2 PSK are the same The only difference between the two is that WPA 2 PSK uses a simple common password instead of user specific credentials The common password approach makes WPA 2 PSK susceptible to brute force password guessing attacks but it s still an improvement over WEP as it employs a consistent single alohanumeric password to derive a PMK which is used to generate unique temporal encryption keys This prevent all wireless devices sharing the same encryption keys a weakness of WEP User Authentication WPA and WPA2 apply IEEE 802 1x and Extensible Authentication Protocol EAP to authenticate wireless clients using an external RADIUS database WPA2 reduces the number of key exchange messages from six to four CCMP 4 way handshake and shortens the time required to connect to a network Other WPA2 authentication features that are different
19. your computer closer to the AP or the peer computer s within the transmission range 3 There may be too much radio interference for example from a microwave oven or another AP using the same channel around your wireless network Lower the output power of each AP 4 Make sure there are not too many wireless stations connected to a wireless network NWD2205 User s Guide Chapter 4 Troubleshooting 4 5 Problems Communicating with Other Computers The computer with the NWD2205 installed cannot communicate with the other computer s In Infrastructure Mode Make sure that the AP and the associated computers are turned on and working properly Make sure the NWD2205 computer and the associated AP use the same SSID Change the AP and the associated wireless clients to use another radio channel if interference is high Make sure that the computer and the AP share the same security option and key Verify the settings in the Profile Properties screen If you are using WPA 2 or WPA 2 PSK security try changing your encryption type from TKIP to AES or vice versa In Ad Hoc Mode Verify that the peer computer s is turned on Make sure the NWD2205 computer and the peer computer s are using the same SSID and channel Make sure that the computer and the peer computer s share the same security settings Change the wireless clients to use another radio channel if interference is high NWD2205 User s Guide EI
20. 28 EAP TLS 28 EAP TTLS 28 encryption 67 encryption type 28 environmental specifications 53 ESS 59 Extended Service Set See ESS 59 F FCC interference statement 73 fragmentation threshold 61 frequency 27 54 G getting started 13 NWD2205 User s Guide Index H hidden node 60 humidity 53 IBSS 57 IEEE 802 11g 62 IEEE 802 1x 28 Independent Basic Service Set See IBSS 57 infrastructure 22 Initialization Vector IV 67 interface 53 Internet access 22 L LEDs 14 lights 14 LINK LED 14 Message Integrity Check MI C 29 67 N network overlap 27 network type 40 P Pairwise Master Key PMK 67 69 passphrase 28 password 28 peer computer 22 physical specifications 53 preamble mode 61 product registration 77 product specifications 53 PSK 68 R radio interference 50 radio specifications 53 54 RADIUS 28 29 63 message types 63 messages 63 shared secret key 64 registration product 77 related documentation 3 RTS Request To Send 60 threshold 60 61 S safety warnings 7 Security configuration 27 security 27 40 55 data encryption 27 sensitivity 54 Service Set Identity SSID 26 SSID 26 40 51 syntax conventions 5 T temperature 53 Temporal Key Integrity Protocol TKIP 29 67 trademarks 73 NWD2205 User s Guide Index U user authentication 27 W warranty 76 note 76 weight 53 WEP 27 automatic setup 28 manual setup 28 passphrase
21. 28 WEP Wired Equivalent Privacy 27 WEP key generation 28 Wi Fi Protected Access 29 66 wireless client 26 wireless client WPA supplicants 68 wireless LAN introduction 25 security 27 wireless LAN WLAN 25 wireless network 26 wireless security 62 wireless standard 53 WLAN interference 59 security parameters 70 WPA 29 66 key caching 68 pre authentication 68 user authentication 68 vs WPA PSK 68 wireless client supplicant 68 with RADIUS application example 68 WPA2 29 66 user authentication 68 vs WPA2 PSK 68 wireless client supplicant 68 with RADIUS application example 68 WPA2 Pre Shared Key 29 67 WPA2 PSK 29 67 68 application example 69 WPA PSK 29 67 68 application example 69 NWD2205 User s Guide Index NWD2205 User s Guide
22. 8 WPS Example Network Step 2 REGISTRAR EXISTING CONNECTION C iom a CLIENT 1 o apt Ls ii ENROLLEE cue m at 7 aad CLIENT 2 NWD2205 User s Guide Chapter 2 Wireless LANs In step 3 you add another access point AP2 to your network AP2 is out of range of AP1 so you cannot use AP1 for the WPS handshake with the new access point However you know that Client 2 supports the registrar function so you use it to perform the WPS handshake instead Figure 9 WPS Example Network Step 3 EXISTING CONNECTION T CLIENT 1 AP1 REGISTRAR a N CLIENT 2 SE Ur ENROLLEE r O DEN AP1 2 4 4 Limitations of WPS WPS has some limitations of which you should be aware WPS works in Infrastructure networks only where an AP and a wireless client communicate It does not work in Ad Hoc networks where there is no AP When you use WPS it works between two devices only You cannot enroll multiple devices simultaneously you must enroll one after the other For instance if you have two enrollees and one registrar you must set up the first enrollee by pressing the WPS button on the registrar and the first enrollee for example then check that it successfully enrolled then set up the second device in the same way NWD2205 User s Guide 35 Chapter 2 Wireless LANs WPS works only with other WPS enabled devices However you can still add non WPS devices to a netw
23. Chapter 4 Troubleshooting 52 NWD2205 User s Guide Product Specifications Table 11 Product Specifications PHYSICAL AND ENVIRONMENTAL Product Name NWD2205 Wireless N USB Adapter Interface USB 2 0 Standards IEEE 802 11b IEEE 802 119 IEEE 802 11n Operating Frequency 2 4GHZ Antenna Type PIFA Planar Inverted F Antenna Antenna Peak Gain Left 2 8 dBi Right 2 9 dBi Operating Temperature 0 50 degrees Celsius Storage Temperature 30 70 degrees Celsius Operating Humidity 20 90 non condensing Storage Humidity 10 90 non condensing Voltage 5V Power Saving Mode Yes Current Consumption Transmit lt 315 mA Receive lt 250 mA Device Weight 3g Device Dimensions 18 mm L x 6 mm W x 36 mm H RADIO SPECIFICATIONS Transmit Power 1 5 dB 802 11b 18 5 dBm 802 11g 16 5 dBm 802 11n HT20 16 5 dBm HT40 16 5 dBm NWD2205 User s Guide Chapter 5 Product Specifications Table 11 Product Specifications continued FCC and NCC RF Output Power 802 11b 18 1 dBm 802 11g 24 5 dBm 802 11n HT20 28 3 dBm HT40 27 7 dBm Receiver Sensitivity 802 11b 11Mbps at 88 dBm 802 11g 54Mbps at 74 dBm 802 11n HT20 at 65 dBm HT40 at 63 dBm WIRELESS STANDARDS IEEE 802 11b Operation Frequency Dynamically shifts between 11 5 5 2
24. Driver 1883 UI 1 7 9 Uninstal be l command exit zyxel s ibook g4 ZyXEL Users ZyXEL Desktop NWD 22805 PowerPC Mac0S18 4 Dri ver 1883 UI 1 7 9 Uninstall command exit Please type the password of root to Uninstall Uninstalling Script and Utility WARNING Improper use of the sudo command could lead to data loss or the deletion of important system files Please double check your typing when using sudo Type man sudo for more information To proceed enter your password or type Ctrl C to abort Password Uninstalling UI Removing Driver Removing Pkg Uninstall Complete logout Process completed NWD2205 User s Guide Chapter 1 Getting Started 1 4 Hardware Installation This sections shows you how to install your NWD2205 1 Locate an available USB port on the computer 2 Insert the NWD2205 into an available USB port on the computer The NWD2205 s LED light turns on if it is properly inserted Note Never bend twist or force the NWD2205 into the port If there is not enough space to attach the NWD2205 use the included USB cable NWD2205 User s Guide EI Chapter 1 Getting Started 1 5 Device Applications This section describes some network applications for the NWD2205 You can either set the network type to I nfrastructure and connect to an AP or use Ad Hoc mode and connect to a peer computer another wireless device in Ad Hoc mode Infrastructure To connect to a n
25. ENTER key Select or choose means for you to use one of the predefined choices A right angle bracket gt within a screen name denotes a mouse click For example Maintenance gt Log gt Log Setting means you first click Maintenance in the navigation panel then the Log sub menu and finally the Log Setting tab to get to that screen Units of measurement may denote the metric value or the scientific value For example k for kilo may denote 1000 or 1024 M for mega may denote 1000000 or 1048576 and so on e e g is a Shorthand for for instance and i e means that is or in other words NWD2205 User s Guide 5 Document Conventions Icons Used in Figures Figures in this User s Guide may use the following generic icons Wireless Access Point Computer Notebook computer o Le lt gt Ss z jo Server Modem Telephone NS IH Internet Wireless Signal 7 7 Nr m jm NWD2205 User s Guide Safety Warnings Safety Warnings Do NOT use this product near water for example in a wet basement or near a swimming pool Do NOT expose your device to dampness dust or corrosive liquids Do NOT store things on the device Do NOT install use or service this device during a thunderstorm There is a remote risk of electric shock from lightning Connect ONLY suitable accessories to the device Ground yourself by properl
26. NWD2205 Wireless N USB Adapter Version 1 8 1 Edition 1 09 2010 www zyxel com Copyright 2010 ZyXEL Communications Corporation About This User s Guide About This User s Guide Intended Audience This manual is intended for people who want to configure the NWD2205 using the ZyXEL utility Tips for Reading User s Guides On Screen When reading a ZyXEL User s Guide On Screen keep the following in mind f you don t already have the latest version of Adobe Reader you can download it from http www adobe com Use the PDF s bookmarks to quickly navigate to the areas that interest you Adobe Reader s bookmarks pane opens by default in all ZyXEL User s Guide PDFs f you know the page number or know vaguely which page range you want to view you can enter a number in the toolbar in Reader then press ENTER to jump directly to that page Type CTRL F to open the Adobe Reader search utility and enter a word or phrase This can help you quickly pinpoint the information you require You can also enter text directly into the toolbar in Reader To quickly move around within a page press the SPACE bar This turns your cursor into a hand with which you can grab the page and move it around freely on your screen Embedded hyperlinks are actually cross references to related text Click them to jump to the corresponding section of the User s Guide PDF Related Documentation Quick Start Guide The Quic
27. No Encryption 001349a4ffa8 c ZyXEL 6 Infrastructure No Encryption 424a03d9f97c ZvXFI MIS A Infrastructure WFP N0134976r797 7 Refresh Connect Add to Profile The following table describes the labels in this screen Table 7 ZyXEL Utility Available Network LABEL DESCRIPTION Associated An asterisk indicates a connection to the associated wireless device SSID This displays the network s Service Set I Dentifier The SSID is the name of the network Channel This displays the wireless channel on which the network is operating Network Type This field displays the network type I nfrastructure or Ad Hoc of the wireless device Encryption This displays whether WEP WPA WPA2 WPA PSK TKIP or WPA2 PSK AES WPA 2 PSK AES TKIP is used on the network If the network uses no security No Encryption displays BSSID This displays the Basic Service Set IDentifier The BSSID is the MAC Media Access Control address of the access point or peer wireless device Every networking device has a unique MAC address which identifies it on the network Refresh Click this to update the list Connect Click this to connect to the highlighted wireless network Add to Profile Click this to go to the Profile Properties screen to add the selected wireless device in a profile LEN NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X 3 6 The Advanced Setting Screen This scr
28. SID Enabled MAC Address Filtering WEP Encryption I EEE802 1x EAP with RADIUS Server Authentication Wi Fi Protected Access WPA WPA2 Most Secure NWD2205 User s Guide Appendix A Wireless LANs Note You must enable the same wireless security settings on the NWD2205 and on all wireless clients that you want to associate with it IEEE 802 1x In June 2001 the IEEE 802 1x standard was designed to extend the features of IEEE 802 11 to support extended authentication as well as providing additional accounting and control features It is supported by Windows XP and a number of network devices Some advantages of IEEE 802 1x are User based identification that allows for roaming Support for RADIUS Remote Authentication Dial In User Service RFC 2138 2139 for centralized user profile and accounting management on a network RADIUS server Support for EAP Extensible Authentication Protocol RFC 2486 that allows additional authentication methods to be deployed with no changes to the access point or the wireless clients RADIUS RADIUS is based on a client server model that supports authentication authorization and accounting The access point is the client and the server is the RADIUS server The RADIUS server handles the following tasks Authentication Determines the identity of the users Authorization Determines the network services available to authenticated users once the
29. ZyXEL products Learn from others who use ZyXEL products and share your experiences as well Customer Support Should problems arise that cannot be solved by the methods listed above you should contact your vendor If you cannot contact your vendor then contact a ZyXEL office for the region in which you bought the device See http www zyxel com web contact us php for contact information Please have the following information ready when you contact an office Product model and serial number Warranty Information Date that you received your device Brief description of the problem and the steps you took to solve it 4 NWD2205 User s Guide Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User s Guide Warnings tell you about things that could harm you or your NWD2205 Note Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations Syntax Conventions The NWD2205 may be referred to as the NWD2205 the device the system or the product in this User s Guide Product labels screen names field labels and field choices are all in bold font A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press the
30. a comparison of the features of authentication types Table 14 Comparison of EAP Authentication Types EAP MD5 EAP TLS EAP TTLS PEAP LEAP Mutual Authentication No Yes Yes Yes ys Certificate Client No Yes Optional Optional No Certificate Server No Yes Yes Yes No Dynamic Key Exchange No Yes Yes Yes Yes Credential Integrity None Strong Strong Strong Moderate Deployment Difficulty Easy Hard Moderate Moderate Moderate Client Identity No No Yes Yes No Protection WPA and WPA2 Wi Fi Protected Access WPA is a subset of the IEEE 802 11i standard WPA2 IEEE 802 11i is a wireless security standard that defines stronger encryption authentication and key management than WPA Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication NWD2205 User s Guide Appendix A Wireless LANs If both an AP and the wireless clients support WPA2 and you have an external RADI US server use WPA2 for stronger data encryption If you don t have an external RADIUS server you should use WPA2 PSK WPA2 Pre Shared Key that only requires a single identical password entered into each access point wireless gateway and wireless client As long as the passwords match a wireless client will be granted access to a WLAN If the AP or the wireless clients do not support WPA2 just use WPA or WPA PSK depending on whether you have an external
31. allation completes Click Continue Installation The driver will automatically install eoe Install ZyXEL NWD2205 Utility Installing this software requires you to i restart your computer when the a roh installation is done Are you sure you want to install the software now 6 Read Me his Cancel C Continue Installation License Select D 9 After installing the ZyXEL utility and device driver you must restart your computer Click Restart to reboot your computer and complete the driver installation eoe amp Install ZyXEL NWD2205 Utility Introduction Read Me 6 License Select Destin Click Restart to finish installing the software pv 5 n URL Go Back Rester 18 NWD2205 User s Guide Chapter 1 Getting Started 10 Once your computer restarts you can find the ZyXEL utility in your Applications folder eoo LA Applications c3 a gt Mass m amp a Network cma Zi f f E 13 mac os x amp 5 ve Mail Marble Blast Gold Nanosaur 2 mE Desktop A e ZyXEL Ko Q Preview QuickTime Player S D Documents T i 22 Movies 1 _ 6 Sherlock Stickies System Preferences Music 3 a Pictures i E 4 ZyXEL 1 TextEdit Utilities ZyXEL NWD2205 Utility NEM eee eee NEE 1 of 33 selected 26 25 GB available 11 The Z
32. and 1 Mbps network speed 2 412GHz 2 472GHz Operation Channels N America amp Taiwan 2 412GHz 2 462GHz 1 11 Euro ETSI 2 412GHz 2 472GHz 1 13 IEEE 802 11g Dynamically shifts between 54 48 36 24 18 12 9 and 6 Mbps network speed Operation Frequency 2 412GHZ 2 472GHz Operation Channels N America amp Taiwan 2 412GHz 2 462GHz 1 11 Euro ETSI 2 412GHz 2 472GHz 1 13 IEEE 802 11n Downstream data rate 300 Mbps Upstream data rate 300 Mbps Operation Frequency 2 412GHz 2 472GHz 1 13 Operation Channels Networking Mode N America amp Taiwan HT20 2 412GHz 2 462GHz 1 11 N America amp Taiwan HT40 2 422GHz 2 452GHz 3 9 Euro ETSI HT20 2 412GHz 2 472GHz 1 13 Euro ETSI HT40 2 422GHz 2 462GHz 3 11 Infrastructure Ad Hoc SoftAP Support NWD2205 User s Guide Chapter 5 Product Specifications Table 11 Product Specifications continued Approvals Safety European Union EN60950 CE LVD EMI United States FCC Part 15B Class B Canada ICES 003 European Union CE EN 55022 Class B CE EN 301489 1 Australia C Tick EMS European Union CE EN55024 CE EN 301489 17 RF United States FCC Part 15C FCC SAR Canada RSS 210 European Union CE EN 300 328 Taiwan NCC LP0002 Wi Fi Certification 11 b g n WPA WPA2 WPS Microsoft Certification WHQL Windows 7 32 and 64 bit Windows Vista 32 and 64 bit Windows XP 32 and 64
33. available 5 A welcome screen appears Follow the on screen instructions amp Install ZyXEL NWD2205 Utility Welcome to the ZyXEL NWD2205 Utility Installer Introduction Read Me License Select Destinati 4 Welcome to 1 1n WLAN world Go Back Continue A NWD2205 User s Guide Chapter 1 Getting Started 6 When you see the Select a Destination screen select a destination this must be on an actual physical hard drive on the Macintosh not a virtual drive and click Continue eee Install ZyXEL NWD2205 Utility Select a Destination Select a destination volume to install the ZyXEL NWD2205 Introduction Utility software Read Me License Select Destin tion y Installa Tub e Mac OS X 37 1GB 26 2GB Free TU pp 4 s Installing this software requires 4 8MB of space Rip i y b 1 You have chosen to install this software on the volume Mac OS X Go Back Continue 7 When you see the Authenticate screen enter the administrative password you use to log in to the Mac computer and click OK 7 Authenticate Y Installer requires that you type your password m Name Password gt Details C CD NWD2205 User s Guide 17 Chapter 1 Getting Started 8 You then see a screen telling you that you must restart the computer after the inst
34. bit SOFTWARE SPECIFICATIONS Device Drivers WIRELESS FEATURES Windows 7 32 and 64 bit Windows Vista 32 and 64 bit Windows XP 32 and 64 bit Mac OS X 10 4 10 5 10 6 Wireless Security WEP 64bit 128bit WPA WPA PSK WPA2 WPA2 PSK 802 1x EAP TLS EAP TTLS EAP PEAP WPS Note EAP TTLS is not supported in Windows Vista and Windows 7 Wireless QoS Wi Fi Multi Media WMM Wi Fi Protected Setup Push button configuration WPS Use device s PIN Other WMM power saving support Compatible with Windows Zero Configuration NWD2205 User s Guide Chapter 5 Product Specifications NWD2205 User s Guide Wireless LANs This appendix discusses ad hoc and infrastructure wireless LAN topologies Ad hoc Wireless LAN Configuration The simplest WLAN configuration is an independent Ad hoc WLAN that connects a set of computers with wireless adapters A B C Any time two or more wireless adapters are within range of each other they can set up an independent network which is commonly referred to as an ad hoc network or Independent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad hoc wireless LAN Figure 18 Peer to Peer Communication in an Ad hoc Network NWD2205 User s Guide Appendix A Wireless LANs BSS A Basic Service Set BSS exists when all communications between wireless clients or
35. ce instead of providing a remedy Fragmentation Threshold A Fragmentation Threshold is the maximum data fragment size between 256 and 2432 bytes that can be sent in the wireless network before the AP will fragment the packet into smaller data frames A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference If the Fragmentation Threshold value is smaller than the RTS CTS value see previously you set then the RTS Request To Send CTS Clear to Send handshake will never occur as data frames will be fragmented before they reach RTS CTS size Preamble Type Preamble is used to signal that data is coming to the receiver Short and long refer to the length of the synchronization field in a packet Short preamble increases performance as less time sending preamble means more time for sending data All IEEE 802 11 compliant wireless adapters support long preamble but not all support short preamble Use long preamble if you are unsure what preamble mode other wireless devices on the network support and to provide more reliable communications in busy wireless networks Use short preamble if you are sure all wireless devices on the network support it and to provide more efficient communications Use the dynamic setting to automatically use short preamble when all wireless devices on the network support it
36. cular installation If this device does cause harmful interference to radio television reception which can be determined by turning the device off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and the receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help A FCC Radiation Exposure Statement This device has been tested to the FCC exposure requirements Specific Absorption Rate This device complies with the requirements of Health Canada Safety Code 6 for Canada Testing was performed on laptop computers with antennas at 5mm spacing The maximum SAR value is 1 05 W kg The device must not be collocated with any other antennas or transmitters This equipment has been SAR evaluated for use in laptops notebooks with side slot configuration The device complies with FCC RF radiation exposure limits set forth for an uncontrolled environment under 47 CFR 2 1093 paragraph d 2 End users must follow the specific operating instructions for satisfying RF exposure compliance To maintain compliance with FCC RF exposure compliance requirements please follow operation instruction as documented in this manual This transmitter must not be co located or o
37. dware Connections and LEDS eeeeeeee nennen 49 cm Accessind the ye c ee en 50 SRMMIATIL qe ere Peers ernest ee erect ee etere st rretene rece ee esr reee etree eer eter 50 4 5 Problems Communicating with Other Computers sess 51 Chapter 5 dissitis n YOO 53 Appendis A Wiraless LANS M rr 57 Appendix B Legal SANT us onda 73 ips lcs sumannsmaaaninaunanmudausdtiinsaeaAa T 79 12 NWD2205 User s Guide Getting Started 1 1 Overview The ZyXEL NWD2205 wireless N USB adapter brings you a better Internet experience over existing IEEE 802 11 b g n networks With data rates of up to 300 Mbps you can enjoy a high speed connection at home or in the office It is an excellent solution for daily activities such as file transfers music downloading video streaming and online gaming 1 1 1 What You Need to Know The following terms and concepts may help as you read through this section and subsequently as you read through the rest of the User s Guide Access Point An Access Point AP is a network device that acts as a bridge between a wired and a wireless network Outside of the home or office APs can most often be found in coffee shops bookstores and other businesses that offer wireless Internet connectivity to their customers Infrastructure An infrastructure network is one that seamlessly combines both wireless and wired components One or more APs often serve as
38. e Interference occurs when radio signals from different access points overlap causing interference and degrading performance Adjacent channels partially overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an NWD2205 User s Guide Appendix A Wireless LANs adjacent AP is using For example if your region has 11 channels and an adjacent AP is using channel 1 then you need to select a channel between 6 or 11 RTS CTS A hidden node occurs when two stations are within range of the same access point but are not within range of each other The following figure illustrates a hidden node Both stations STA are within range of the access point AP or wireless gateway but out of range of each other so they cannot hear each other that is they do not know if the channel is currently being used Therefore they are considered hidden from each other Figure 21 RTS CTS AIRES CTS Range Station AP CM NI o IS sd D LAE lis e i i b iln e j 1 i Dee E E ESS ACK wi cm Stations A and B do not F pee Station A Trem hear each other They P ner can hear the AP When station A sends data to the AP it might not know that the station B is already using the channel If these two stations send data at the same time collisions may occur when both sets of data arrive at the AP at the same time resulting in a loss of messages for
39. e 23 WPA 2 PSK Authentication e Ss ms T emet y C pec Lr um a Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type MAC address filters are not dependent on how you configure these security features Table 15 Wireless Security Relational Matrix AUTHENTICATION METHOD KEY ENCRYPTIO ENTER IEEE 802 1X MANAGEMENT N METHOD MANUAL KEY PROTOCOL Open None No Disable Enable without Dynamic WEP Key Open WEP No Enable with Dynamic WEP Key Yes Enable without Dynamic WEP Key Yes Disable Shared WEP No Enable with Dynamic WEP Key Yes Enable without Dynamic WEP Key Yes Disable WPA TKI P AES No Enable WPA PSK TKI P AES Yes Disable WPA2 TKI P AES No Enable WPA2 PSK TKI P AES Yes Disable NWD2205 User s Guide Appendix A Wireless LANs Antenna Overview An antenna couples RF signals onto air A transmitter within a wireless device sends an RF signal to the antenna which propagates the signal through the air The antenna also operates in reverse by capturing RF signals from the air Positioning the antennas properly increases the range and coverage area of a wireless LAN Antenna Characteristics Frequency An antenna in the frequency of 2 4GHz IEEE 802 11b and IEEE 802 119 or 5GHz IEEE 802 11a is needed to communicate efficiently in a
40. een allows you to configure advanced network settings on your NWD2205 Figure 15 ZyXEL Utility Advanced Setting eo ZyXEL NWD2205 Utility Link Status Profiles Available Netw Advanced Setting WPS Information 802 11b Preamble Mode Auto QOS Mode Enable M PSP Xlink Mode Disable Fragment Threshold 2432 Refresh RTS Threshold 2346 Ne mt N Apply Set Default The following table describes the labels in this screen Table 8 ZyXEL Utility Advanced Setting LABEL DESCRIPTION 802 11b Preamble is used to signal that data is coming to the receiver Select the Preamble Mode preamble type that the AP uses Short preamble increases performance as less time sending preamble means more time for sending data All IEEE 802 11b g compliant wireless adapters support Long preamble but not all support short preamble Select Auto to have the NWD2205 automatically use short preamble when all access point or wireless stations support it otherwise the NWD2205 uses long preamble Note The NWD2205 and the access point or wireless stations MUST use the same preamble mode in order to communicate QOS Mode Select Enable to enable Wi fi MultiMedia Quality of Service on the NWD2205 PSP XLink Mode Select Enable to allow ad hoc network building with the PSP KAI game server Otherwise select Disable NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS
41. es a pre shared key All the wireless devices on the network use the same key to access the network This option is not available in ad hoc mode e WPA2 PSK is an improved version of WPA PSK security This option is not available in ad hoc mode WPA None is available only when you select to connect to another wireless enabled computer Data Encryption When you select OPEN SYSTEM in the Network Auni caon field either select No Encryption to use no security Open o select WEP to use Wired Equivalent Privacy security Shared for data encryption When you select SHARED KEY in the Network Authentication field this displays WEP and the NWD2205 uses Wired Equivalent Privacy security for data encryption When you select WPA None WPA PSK or WPA2 PSK in the Network Authentication field select TKI P to use the Temporal Key Integrity Protocol Alternatively select AES to use the Advanced Encryption Standard ASCII This field is configurable when you select to use WEP for data encryption Select this option to enter ACII keys that use numerals and all letters Otherwise you need to enter Hexadecimal keys that use numerals and the letters a f only Network Key Enter the network s pre shared key 8 64 uppercase or lowercase letters and numbers or WEP key Check with your network s administrator for the correct settings Confirm network key Enter the network key again for confirmation
42. etwork via an access point AP set the NWD2205 network type to Infrastructure Through the AP you can access the Internet or the wired network behind it Figure 2 Application Infrastructure gt D MILL 22 NWD2205 User s Guide Chapter 1 Getting Started Ad Hoc To set up a small independent wireless workgroup without an AP use Ad Hoc Ad Hoc does not require an AP or a wired network Two or more wireless clients communicate directly with each other Note Wi Fi Protected Setup WPS is not available in ad hoc mode Figure 3 Application Ad Hoc gu t m 1 amp ESS M A j i Ad Hoc i 3 NN d NWD2205 User s Guide 23 Chapter 1 Getting Started NWD2205 User s Guide Wireless LANs 2 1 Overview This section provides background information on wireless Local Area Networks 2 1 1 What You Can Do in This Section Connect securely to an AP using many of the strongest and most common encryption protocols See Section 2 3 on page 27 for details Connect securely either to an AP or computer to computer using WPS See Section 2 4 on page 29 for details 2 1 2 What You Need to Know The following terms and concepts may help as you read through this section Server When two or more devices are connected digitally to form a network the one that distributes data to the other devices is known as the server A RADIUS Remo
43. from WPA include key caching and pre authentication These two features are optional and may not be supported in all wireless devices Key caching allows a wireless client to store the PMK it derived through a successful authentication with an AP The wireless client uses the PMK when it tries to connect to the same AP and does not need to go with the authentication process again Pre authentication enables fast roaming by allowing the wireless client already connecting to an AP to perform IEEE 802 1x authentication with another AP before connecting to it Wireless Client WPA Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA At the time of writing the most widely available supplicant is the WPA patch for Windows XP Funk Software s Odyssey client The Windows XP patch is a free download that adds WPA capability to Windows XP s built in Zero Configuration wireless client However you must run Windows XP to use it WPA 2 with RADIUS Application Example To set up WPA 2 you need the IP address of the RADIUS server its port number default is 1812 and the RADIUS shared secret A WPA 2 application example with an external RADIUS server looks as follows A is the RADIUS server DS is the distribution system The AP passes the wireless client s authentication request to the RADIUS server NWD2205 User s Guide Appendix A Wireless LAN
44. g WPS it becomes configured A configured wireless client can still act as enrollee or registrar in subsequent WPS connections but a configured access point can no longer act as enrollee It will be the registrar in all NWD2205 User s Guide EJ Chapter 2 Wireless LANs subsequent WPS connections in which it is involved If you want a configured AP to act as an enrollee you must reset it to its factory defaults 2 4 3 1 Example WPS Network Setup This section shows how security settings are distributed in an example WPS setup The following figure shows an example network In step 1 both AP1 and Client 1 are unconfigured When WPS is activated on both they perform the handshake In this example AP1 is the registrar and Client 1 is the enrollee The registrar randomly generates the security information to set up the network since it is unconfigured and has no existing information Figure 7 WPS Example Network Step 1 ENROLLEE REGISTRAR a ELLE bere SECURITY INFO CLIENT 1 AP1 In step 2 you add another wireless client to the network You know that Client 1 supports registrar mode but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network In this case AP1 must be the registrar since it is configured it already has security information for the network AP1 supplies the existing security information to Client 2 Figure
45. h the access point to gain access to the network Check the MAC addresses of your wireless clients usually printed on a label on the bottom of the device If there is an unknown MAC address you can remove it or reset the AP NWD2205 User s Guide ZyXEL Utility Mac OS X 3 1 Overview This chapter shows you how to use the ZyXEL utility to configure your NWD2205 using the Macintosh operating system Mac OS X 3 1 1 What You Can Do in This Chapter The Link Status screen Section 3 3 on page 39 lets you see your current connection details monitor signal strength and quality and more The Profiles screen Section 3 4 on page 40 lets you create delete and manage your wireless network profiles The Available Network screen Section 3 5 on page 44 lets you connect to any available unsecured wireless network in range of the NWD2205 or open the security settings screen for any secured wireless network in range The Advanced Setting screen Section 3 6 on page 45 lets you configure your NWD2205 with advanced settings The WPS screen Section 3 7 on page 46 lets you configure your NWD2205 s Wi Fi Protected Setup WPS options as well as establish and manage WPS connections The I nformation screen Section 3 8 on page 48 lets you view the information about which version of the driver and utility you are currently using 3 1 2 What You Need to Know The following terms and concepts may help as you read through this chapter
46. hod instead of the push button configuration PBC method if you want to ensure that the connection is established between the devices you specify not just the first two devices to activate WPS in range of each other However you need to log into the configuration interfaces of both devices to use the PIN method NWD2205 User s Guide Chapter 2 Wireless LANs When you use the PIN method you must enter the PIN from one device usually the wireless client into the second device usually the Access Point or wireless router Then when WPS is activated on the first device it presents its PIN to the second device If the PIN matches one device sends the network and security information to the other allowing it to join the network Take the following steps to set up a WPS connection between an access point or wireless router referred to here as the AP and a client device using the PIN method 1 Ensure WPS is enabled on both devices 2 Access the WPS section of the AP s configuration interface See the device s User s Guide for how to do this 3 Look for the client s WPS PIN it will be displayed either on the device or in the WPS section of the client s configuration interface 4 Enter the client s PIN in the AP s configuration interface Note If the client device s configuration interface has an area for entering another device s PIN you can either enter the client s PIN in the AP or enter the AP s PIN in the client it d
47. ice to which it is connected is turned off NWD2205 User s Guide Chapter 1 Getting Started 1 3 Software Installation This section shows you how to install the Mac OS X version of the ZyXEL Utility For detailed information on using it see Chapter 3 on page 37 1 3 1 Minimum System Requirements In order to install the ZyXEL Utility for Mac OS X your computer must meet the following minimum system requirements 20 MB of free hard drive space 128 MB RAM Mac OS X 10 4 and higher 1 3 2 Installing the ZyXEL Utility Screen shots for Macintosh 10 4 are shown in the following procedure unless otherwise specified The screens on your computer may differ slightly from the screens shown here depending on the version of your operating system To install the ZyXEL utility 1 Make sure the NWD2205 is disconnected from your computer before you begin the installation process 2 Close all programs and applications 3 Insert the included CD into the CD ROM drive NWD2205 User s Guide 15 Chapter 1 Getting Started 4 Open the folder for your version of Mac OS X on the included disc For example if you are using 10 4 then open the MacOS10 4 Driver folder Double click the I nstaller mpkg to run the installation program 7 NWD2205 PowerPC MacOS10 4 Driver 1004 UI 1 8 1 Installer mpkg COMMAND Uninstall command Utility release txt 3 items 26 23 GB
48. ieoekbeeuit s b reE OW COR FREE VIGON PUE Dx ODE EFFET NOUS RA EQIIER 27 2A NF PREI aac bind teen aee RR d dr tup CA DC A MPs a D Mo qu dbi d LS Rd 29 25 1 Push Boum ob UD PR oto a ioc adu B Kcu E La 30 2A PIN CORUNA MONT EET OL SLOTS 30 24 5 How WPS VIS ironia aeo RO nho a eod POL nnb RO P 32 25 Limitations ol WPG 2 issue ceedeee d xe ge bFE QU DU MRE HUE peDEERE UIN EGRE REDI OUI LEE REB EE RE UIN E GEEK QNO Ud UP QUEEN 35 Chapter 3 Zy XEL Utility Mac OS EX 37 NWD2205 User s Guide EN Table of Contents Del RW ie WF ise eei tero Ie bre E pP obi ad Pod raten rara bendi paa di Ea rau dit A REEF 37 2 1 1 What You Can Do in This MOMIE is nantaise ar EBEN san caves hrch caidemniependdt ben thedweaucts caw ceaieetardebaertateaayciedis 37 23 BE YO BE a an ne Re os Nd pa ae 38 mue REL UNY Seres SUITES eaaa bere Dae EFer de IR PEE No quM bres a Ben eod gp Ehe epo S andes 38 ECT DEDERE T E S DOR 39 EX Me Prone SOE c T UNUM TRUE 40 dal The Pille Properties Seat 2 ecqidie bees Di dib tore dd ind nina ia trente 42 3 5 The Available Network SOEN 22 rre ee n a E Ir E pes e E baee ia 44 3 6 The Advanced Setting Sereen 125i eee rennes anaa eaaa EERR one et rene ERE esse RR 45 ag Tav BED oeieo a NEIN aU MI MR P MRNA IM PccI cR OMRI CINE iNiCIM RUPES UNE 46 Bm The Hoi EB ecrit at aac e per ata c Prep och Los ces oc a RE RR 48 Chapter 4 MoupiesS ROOM eR 49 AOON EN E RU UTE EET UTR 49 4 2 Power Har
49. ights reserved Disclaimers ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publication is subject to change without notice Trademarks Trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners Certifications Federal Communications Commission FCC Interference Statement The device complies with Part 15 of FCC rules Operation is subject to the following two conditions This device may not cause harmful interference This device must accept any interference received including interference that may cause undesired operations NWD2205 User s Guide Appendix B Legal Information This device has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This device generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a parti
50. ion This section discusses some popular authentication types EAP MD5 EAP TLS EAP TTLS PEAP and LEAP Your wireless LAN device may not support all authentication types EAP Extensible Authentication Protocol is an authentication protocol that runs on top of the IEEE 802 1x transport mechanism in order to support multiple types of user authentication By using EAP to interact with an EAP compatible RADIUS server an access point helps a wireless station and a RADIUS server perform authentication The type of authentication you use depends on the RADIUS server and an intermediary AP s that supports IEEE 802 1x For EAP TLS authentication type you must first have a wired connection to the network and obtain the certificate s from a certificate authority CA A certificate also called digital IDs can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner NWD2205 User s Guide Appendix A Wireless LANs EAP MD5 Message Digest Algorithm 5 MD5 authentication is the simplest one way authentication method The authentication server sends a challenge to the wireless client The wireless client proves that it knows the password by encrypting the password with the challenge and sends back the information Password is not sent in plain text However MD5 authentication has some weaknesses Since the authentication server needs to get the plaintext passwords the password
51. ireless utility application NWD2205 User s Guide Troubleshooting 4 1 Overview This chapter offers some suggestions to solve problems you might encounter The potential problems are divided into the following categories Power Hardware Connections and LEDs Accessing the ZyXEL Utility Link Quality Problems Communicating with Other Computers 4 2 Power Hardware Connections and LEDs The NWD2205 does not turn on None of the LEDs turn on 1 Make sure the NWD2205 is correctly installed 2 Restart the computer to which the NWD2205 is attached 3 Ifthe problem continues contact the vendor One of the LEDs does not behave as expected 1 Make sure you understand the normal behavior of the LED See Section 1 2 on page 14 2 Check the hardware connection 3 Restart the computer to which the NWD2205 is attached NWD2205 User s Guide Chapter 4 Troubleshooting 4 Ifthe problem continues contact the vendor 4 3 Accessing the ZyXEL Utility cannot access the ZyXEL Utility 1 Make sure the NWD2205 is properly inserted and the LEDs are on 2 Install the NWD2205 on another computer 3 Ifthe error persists you may have a hardware problem In this case you should contact your vendor 4 4 Link Quality The link quality and or signal strength is poor 1 Scan for and connect to another AP with a better link quality using the Available Network screen 2 Move
52. is used as the default key at any one time 2 3 1 1 2 Authentication Type The IEEE 802 11b g standard describes a simple authentication method between the wireless stations and AP Three authentication types are defined Auto Open and Shared Open mode is implemented for ease of use and when security is not an issue The wireless station and the AP or peer computer do not share a secret key Thus the wireless stations can associate with any AP or peer computer and listen to any transmitted data that is not encrypted Shared mode involves a shared secret key to authenticate the wireless station to the AP or peer computer This requires you to enable the wireless LAN security and use same settings on both the wireless station and the AP or peer computer Auto authentication mode allows the NWD2205 to switch between the open system and shared key modes automatically Use the auto mode if you do not know the authentication mode of the other wireless stations 2 3 1 2 IEEE 802 1x The IEEE 802 1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management Authentication can be done using an external RADIUS server 2 3 1 2 1 EAP Authentication EAP Extensible Authentication Protocol is an authentication protocol that runs on top of the IEEE 802 1x transport mechanism in order to support multiple types of user authentication By using EAP to interact with an EAP compatible
53. its per second HT Info This section displays wireless technical data such Bandwidth BW frequency Guard Interval GI and Modulation and Coding Scheme MCS It is not user configurable and is only used for customer service troubleshooting Signal Strength This shows the strength of the antenna s signal The signal strength depends mainly on the antenna output power and the distance between your NWD2205 and the AP or peer computer turn Radio OFF Click turn Radio OFF to disable the NWD2205 s wireless functions ON Click turn Radio ON to enable the NWD2205 s wireless functions 3 4 The Profile Screen A profile is a set of wireless parameters that you need to connect to a wireless network With a profile activated each time you start the NWD2205 it automatically scans for the specific SSID and joins that network with the predefined wireless security settings NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X This screen allows you to configure and manage wireless profiles Figure 12 ZyXEL Utility Profile 660 ZyXEL NWD2205 Utility Link Status Profiles Available Netw Advanced Setting WPS Information Default Profile Name SSID Network Type ZyXEL AP ZyXEL Infrastructure Add j Edit Remove Duplicate Apply The following table describes the labels in this screen Table 5 ZyXEL Utility Profile LABEL DESCRIPTION Defaul
54. k Start Guide is designed to help you get up and running right away It contains information on setting up your network and configuring for Internet access Online Help Embedded web help for descriptions of individual screens and supplementary information Support Disc Refer to the included CD for support documents Documentation Feedback Send your comments questions or suggestions to techwriters zyxel com tw NWD2205 User s Guide 3 About This User s Guide Thank you The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road Il Science Based Industrial Park Hsinchu 30099 Taiwan Need More Help More help is available at www zyxel com ET parer NNNM M Download Library Firmware Knowledge Base Software Glossary Driver Support amp Feedback Datasheet Warranty Information Tech Doc Overview ZyXEL Windows Vista Support User s Guide Forum Quick start guide CLI Reference Guide Support note Certification Declaration SNMP MIB File Download Library Search for the latest product updates and documentation from this link Read the Tech Doc Overview to find out how to efficiently use the documentation in order to better understand how to use your product Knowledge Base If you have a specific question about your product the answer may be here This is a collection of answers to previously asked questions about ZyXEL products Forum This contains discussions on
55. l RADIUS server use WPA2 for stronger data encryption If you don t have an external RADIUS server you should use WPA2 PSK WPA2 Pre Shared Key that only requires a single identical password entered into each access point wireless gateway and wireless client As long as the passwords match a wireless client will be granted access to a WLAN If the AP or the wireless clients do not support WPA2 just use WPA or WPA PSK depending on whether you have an external RADIUS server or not Select WEP only when the AP and or wireless clients do not support WPA or WPA2 WEP is less secure than WPA or WPA2 2 4 WiFi Protected Setup Your NWD2205 supports WiFi Protected Setup WPS which is an easy way to set up a secure wireless network WPS is an industry standard specification defined by the WiFi Alliance WPS allows you to quickly set up a wireless network with strong security without having to configure security settings manually Each WPS connection works between two devices Both devices must support WPS check each device s documentation to make sure NWD2205 User s Guide Chapter 2 Wireless LANs Depending on the devices you have you can either press a button on the device itself or in its configuration utility or enter a PIN a unique Personal Identification Number that allows one device to authenticate the other in each of the two devices When WPS is activated on a device it has two minutes to find another device that
56. less LANs already part of a network it sends the existing information If not it generates the SSID and WPA 2 PSK randomly The following figure shows a WPS enabled client installed in a notebook computer connecting to a WPS enabled access point Figure 6 How WPS works ACTIVATE ACTIVATE WPS WPS WITHIN 2 MINUTES Q fi Nee og WPS HANDSHAKE C ENROLLEE REGISTRAR SECURE TUNNEL q DD ETC SECURITY INFO d COMMUNICATION us m N The roles of registrar and enrollee last only as long as the WPS setup process is active two minutes The next time you use WPS a different device can be the registrar if necessary The WPS connection process is like a handshake only two devices participate in each WPS transaction If you want to add more devices you should repeat the process with one of the existing networked devices and the new device Note that the access point AP is not always the registrar and the wireless client is not always the enrollee All WPS certified APs can be a registrar and so can some WPS enabled wireless clients By default a WPS devices is unconfigured This means that it is not part of an existing network and can act as either enrollee or registrar if it supports both functions If the registrar is unconfigured the security settings it transmits to the enrollee are randomly generated Once a WPS enabled device has connected to another device usin
57. ods such as PAP CHAP MS CHAP and MS CHAP v2 PEAP Protected EAP Like EAP TTLS server side certificate authentication is used to establish a secure connection then use simple username and password methods through the secured connection to authenticate the clients thus hiding client identity However PEAP only supports EAP methods such as EAP MD5 EAP MSCHAPv2 and EAP GTC EAP Generic Token Card for client authentication EAP GTC is implemented only by Cisco NWD2205 User s Guide Appendix A Wireless LANs LEAP LEAP Lightweight Extensible Authentication Protocol is a Cisco implementation of IEEE 802 1x Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server This key expires when the wireless connection times out disconnects or reauthentication times out A new WEP key is generated each time reauthentication is performed If this feature is enabled it is not necessary to configure a default encryption key in the wireless security configuration screen You may still configure and store keys but they will not be used while dynamic WEP is enabled Note EAP MD5 cannot be used with Dynamic WEP Key Exchange For added security certificate based authentications EAP TLS EAP TTLS and PEAP use dynamic keys for data encryption They are often deployed in corporate environments but for public deployment a simple user name and password pair is more practical The following table is
58. oes with the light from its bulb The angle of the beam determines the width of the coverage pattern Angles typically range from 20 degrees very directional to 120 degrees less directional Directional antennas are ideal for hallways and outdoor point to point applications Positioning Antennas In general antennas should be mounted as high as practically possible and free of obstructions In point to point application position both antennas at the same height and in a direct line of sight to each other to attain the best performance For omni directional antennas mounted on a table desk and so on point the antenna up For omni directional antennas mounted on a wall or ceiling point the antenna down For a single AP application place omni directional antennas as close to the center of the coverage area as possible For directional antennas point the antenna in the direction of the desired coverage area NWD2205 User s Guide Legal Information Copyright Copyright 2010 by ZyXEL Communications Corporation The contents of this publication may not be reproduced in any part or as a whole transcribed stored in a retrieval system translated into any language or transmitted in any form or by any means electronic mechanical magnetic optical chemical photocopying manual or otherwise without the prior written permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All r
59. oes not matter which 5 Start WPS on both devices within two minutes Note Use the configuration utility to activate WPS not the push button on the device itself 6 Ona computer connected to the wireless client try to connect to the Internet If you can connect WPS was successful If you cannot connect check the list of associated wireless clients in the AP s configuration utility If you see the wireless client in the list WPS was successful NWD2205 User s Guide EI Chapter 2 Wireless LANs The following figure shows a WPS enabled wireless client installed in a notebook computer connecting to the WPS enabled AP via the PIN method Figure 5 Example WPS Process PIN Method ENROLLEE REGISTRAR WITHIN 2 MINUTES SECURE EAP TUNNEL C a D C SSID WPA 2 PSK E COMMUNICATION Ne 2 4 3 How WPS Works When two WPS enabled devices connect each device must assume a specific role One device acts as the Registrar the device that supplies network and security settings and the other device acts as the Enrollee the device that receives network and security settings The registrar creates a secure EAP Extensible Authentication Protocol tunnel and sends the network name SSID and the WPA PSK or WPA2 PSK pre shared key to the enrollee Whether WPA PSK or WPA2 PSK is used depends on the standards supported by the devices If the registrar is 32 NWD2205 User s Guide Chapter 2 Wire
60. ork you already set up using WPS WPS works by automatically issuing a randomly generated WPA PSK or WPA2 PSK pre shared key from the registrar device to the enrollee devices Whether the network uses WPA PSK or WPA2 PSK depends on the device You can check the configuration interface of the registrar device to discover the key the network is using if the device supports this feature Then you can enter the key into the non WPS device and join the network as normal the non WPS device must also support WPA PSK or WPA2 PSK When you use the PBC method there is a short period from the moment you press the button on one device to the moment you press the button on the other device when any WPS enabled device could join the network This is because the registrar has no way of identifying the correct enrollee and cannot differentiate between your enrollee and a rogue device This is a possible way for a hacker to gain access to a network You can easily check to see if this has happened WPS works between only two devices simultaneously so if another device has enrolled your device will be unable to enroll and will not have access to the network If this happens open the access point s configuration interface and look at the list of associated clients usually displayed by MAC address It does not matter if the access point is the WPS registrar the enrollee or was not involved in the WPS handshake a rogue device must still associate wit
61. ou can make every user log in to the wireless network before they can use it This is called user authentication However every wireless client in the wireless network has to support IEEE 802 1x to do this Wireless networks can use encryption to protect the information that is sent in the wireless network Encryption is like a secret code If you do not know the secret code you cannot understand the message 2 3 1 1 WEP 2 3 1 1 1 Data Encryption WEP Wired Equivalent Privacy encryption scrambles all data packets transmitted between the NWD2205 and the AP or other wireless stations to keep network communications private Both the wireless stations and the access points must use the same WEP key for data encryption and decryption There are two ways to create WEP keys in your NWD2205 NWD2205 User s Guide Chapter 2 Wireless LANs Automatic WEP key generation based on a password phrase called a passphrase The passphrase is case sensitive You must use the same passphrase for all WLAN adapters with this feature in the same WLAN For WLAN adapters without the passphrase feature you can still take advantage of this feature by writing down the four automatically generated WEP keys from the Security Settings screen of the ZyXEL utility and entering them manually as the WEP keys in the other WLAN adapter s Enter the WEP keys manually Your NWD2205 allows you to configure up to four 64 bit or 128 bit WEP keys Only one key
62. perating in conjunction with any other antenna or transmitter EEE 802 11b or 802 11g operation of this product in the U S A is firmware limited to channels 1 through 11 NWD2205 User s Guide Appendix B Legal Information FCC Caution Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment Industry Canada Statement This device complies with RSS 210 of the Industry Canada Rules Operation is subject to the following two conditions 1 this device may not cause interference and 2 this device must accept any interference including interference that may cause undesired operation of the device This device has been designed to operate with an antenna having a maximum gain of 3dBi Antenna having a higher gain is strictly prohibited per regulations of Industry Canada The required antenna impedance is 50 ohms To reduce potential radio interference to other users the antenna type and its gain should be so chosen that the EIRP is not more than required for successful communication IC Radiation Exposure Statement This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment End users must follow the specific operating instructions for satisfying RF exposure compliance N yee A AKT ESTAS FE BCT PETERET ARE B A UN A LE ON KINE BR MIA DERRE BRE PERO HR BIRA
63. s 2 The RADIUS server then checks the user s identification against its database and grants or denies network access accordingly 3 A 256 bit Pairwise Master Key PMK is derived from the authentication process by the RADIUS server and the client 4 The RADIUS server distributes the PMK to the AP The AP then sets up a key hierarchy and management system using the PMK to dynamically generate unique data encryption keys The keys are used to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients Figure 22 WPA 2 with RADIUS Application Example ua NR Ces b WPA 2 PSK Application Example A WPA 2 PSK application looks as follows 1 First enter identical passwords into the AP and all wireless clients The Pre Shared Key PSK must consist of between 8 and 63 ASCII characters or 64 hexadecimal characters including spaces and symbols 2 The AP checks each wireless client s password and allows it to join the network only if the password matches 3 The AP and wireless clients generate a common PMK Pairwise Master Key The key itself is not sent over the network but is derived from the PSK and the SSID NWD2205 User s Guide Appendix A Wireless LANs 4 The AP and wireless clients use the TKIP or AES encryption process the PMK and information exchanged in a handshake to create temporal encryption keys They use these keys to encrypt data exchanged between them Figur
64. s must be stored Thus someone other than the authentication server may access the password file In addition it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication Finally MD5 authentication method does not support data encryption with dynamic session key You must configure WEP encryption keys for data encryption EAP TLS Transport Layer Security With EAP TLS digital certifications are needed by both the server and the wireless clients for mutual authentication The server presents a certificate to the client After validating the identity of the server the client sends a different certificate to the server The exchange of certificates is done in the open before a secured tunnel is created This makes user identity vulnerable to passive attacks A digital certificate is an electronic ID card that authenticates the sender s identity However to implement EAP TLS you need a Certificate Authority CA to handle certificates which imposes a management overhead EAP TTLS Tunneled Transport Layer Service EAP TTLS is an extension of the EAP TLS authentication that uses certificates for only the server side authentications to establish a secure connection Client authentication is then done by sending username and password through the secure connection thus client identity is protected For client authentication EAP TTLS supports EAP methods and legacy authentication meth
65. t An asterisk indicates the currently active profile Profile Name This is the name of the pre configured profile SSID This is the SSID of the wireless network to which the selected profile associates Network Type This field displays Infrastructure when the profile is configured to connect to an access point or Ad Hoc when the profile is configured to connect to another computer Add Click this to create a new profile Edit Click this to alter the settings of a selected profile Remove Click this to delete a selected profile from the list Duplicate Click this to create a similar profile that copies the selected profile s wireless parameters Apply Click this to save your changes back to the NWD2205 NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X 3 4 1 The Profile Properties Screen This screen allows you to create a new profile or edit an existing profile after you click the Add button or select an entry and click the Edit button in the Profiles screen Figure 13 ZyXEL Utility Profile Properties Profile Properties Profile Name SSID This is a computer to computer AdHoc network wireless access points are not used Channel 1 2412 MHz Wireless Network Security Properties This network requires a key for the following Network Authentication OPEN SYSTEM HJ Data Encryption No Encryption M ASCI Network key Confirm network key
66. te Authentication Dial In User Service is a kind of server that manages logins and logout among other things for the network to which it is connected Client When two or more devices are connected digitally to form a network the one that contacts and obtains data from a server is known as the client Each client is designed to work with one or more specific kinds of servers and each server requires a specific kind of client Wireless adapters are clients that connect to a network server through an AP Authentication Authentication is the process of confirming a client s or user s digital identity when they connect to a network Turning off authentication means disabling all security protocols and opening your network to anyone with the means to connect to it NWD2205 User s Guide E Chapter 2 Wireless LANs Encryption The process of taking data and encoding it usually using a mathematical formula so that it becomes unreadable unless decrypted with the proper code or pass phrase 2 1 3 Before You Begin You should have valid login information for an existing network Access Point otherwise you may not be able to make a network connection right away 2 2 Wireless LAN Overview The following figure provides an example of a wireless network with an AP See Figure 3 on page 23 for an Ad Hoc network example Figure 4 Example of a Wireless Network ll l E ee BEP o
67. the bridge between wireless and wired LANs Ad Hoc An Ad Hoc wireless LAN is a self contained group of computers connected wirelessly and which is independent of any other networks and Access Points 1 1 2 Before You Begin Read the Quick Start Guide for information on making hardware connections and using the ZyXEL utility to connect your NWD2205 to a network NWD2205 User s Guide 13 Chapter 1 Getting Started 1 2 Features Your NWD2205 is an IEEE 802 11n 2 0 compliant wireless LAN adapter It can also connect to IEEE 802 11b g wireless networks The NWD2205 is WPS Wi Fi Protected Setup compliant WPS allows you to easily set up a secure connection with another WPS enabled device The NWD2205 is a USB adapter which connects to an empty USB port on your computer Figure 1 The NWD2205 The following table describes the NWD2205 Table 1 NWD2205 External View LABEL DESCRIPTION A LED and also a WPS button B USB connector The following table describes the operation of the NWD2205 s LEDs Table 2 NWD2205 LEDs LED COLOR STATUS DESCRIPTION Amber Slow The NWD2205 is turned on connected to an AP and is Q Blinking not transmitting or receiving data Rapid The NWD2205 is turned on connected to an AP and is Blinking transmitting or receiving data It also blinks when the WPS feature is being used or a WPS connection is being initiated Off The NWD2205 is either not connected or the dev
68. wireless LAN Radiation Pattern A radiation pattern is a diagram that allows you to visualize the shape of the antenna s coverage area Antenna Gain Antenna gain measured in dB decibel is the increase in coverage within the RF beam width Higher antenna gain improves the range of the signal for better communications For an indoor site each 1 dB increase in antenna gain results in a range increase of approximately 2 596 For an unobstructed outdoor site each 1dB increase in gain results in a range increase of approximately 596 Actual results may vary depending on the network environment Antenna gain is sometimes specified in dBi which is how much the antenna increases the signal power compared to using an isotropic antenna An isotropic antenna is a theoretical perfect antenna that sends out radio signals equally well in all directions dBi represents the true gain that the antenna provides Types of Antennas for WLAN There are two types of antennas used for wireless LAN applications NWD2205 User s Guide Appendix A Wireless LANs Omni directional antennas send the RF signal out in all directions on a horizontal plane The coverage area is torus shaped like a donut which makes these antennas ideal for a room environment With a wide coverage area it is possible to make circular overlapping coverage areas with multiple access points Directional antennas concentrate the RF signal in a beam like a flashlight d
69. y WPS continued LABEL DESCRIPTION Security BSSID This field indicates the type of authentication and encryption required by the AP This field indicates the AP s MAC address SCAN Click this button to rescan the local area for WPS compatible devices PIN This field displays a randomly generated 8 digit personal identification code for your NWD2205 PIN Click this button to make a PI N based WPS connection For details see Section 2 4 2 on page 30 Note For most WPS connections this button or the PBC button are all you need PBC Click this button to make a PBC based WPS connection For details see Section 2 4 1 on page 30 Note For most WPS connections this button or the PIN button are all you need Cancel Click this button to stop scanning and or making a WPS connection NWD2205 User s Guide Chapter 3 ZyXEL Utility Mac OS X 3 8 The Information Screen This screen shows you the driver utility version of your NWD2205 Figure 17 ZyXEL Utility About eoc ZyXEL NWD2205 Utility Link Status Profiles Available Netw Advanced Setting WPS Information ZyXEL NWD2205 Utility Version 1 8 1 2010 08 20 Copyright 2010 ZyXEL The following table describes the labels in this screen Table 10 ZyXEL Utility About LABEL DESCRIPTION Version This section displays the version number and release date of the NWD2205 s w
70. y are connected to the network Accounting Keeps track of the client s network activity RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless client and the network RADIUS server Types of RADIUS Messages The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication Access Request Sent by an access point requesting authentication NWD2205 User s Guide Appendix A Wireless LANs Access Reject Sent by a RADIUS server rejecting access Access Accept Sent by a RADIUS server allowing access e Access Challenge Sent by a RADIUS server requesting more information in order to allow access The access point sends a proper response from the user and then sends another Access Request message The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting Accounting Request Sent by the access point requesting accounting Accounting Response Sent by the RADIUS server to indicate that it has started or stopped accounting In order to ensure network security the access point and the RADIUS server use a shared secret key which is a password they both know The key is not sent over the network In addition to the shared key password information exchanged is also encrypted to protect the network from unauthorized access Types of EAP Authenticat
71. y using an anti static wrist strap for example whenever working with the device s hardware or connections ONLY qualified service personnel should service or disassemble this device Antenna Warning This device meets ETSI and FCC certification requirements when using the included antenna s Only use the included antenna s Your product is marked with this symbol which is known as the WEEE mark WEEE stands for Waste Electronics and Electrical Equipment It means that used electrical and electronic products should not be mixed with general waste Used electrical and electronic equipment should be treated separately NWD2205 User s Guide Safety Warnings NWD2205 User s Guide Contents Overview Contents Overview introduccion and CORFIQUEARIQR 17 Saa HEN MO en ne A bp EH DER dol Hp bcd ur aont A oed de ones 19 LE Se LAA ie ppoak kim psp pER DANSE A bo c ob data raa oec du ORE Roo E EE xk OS Ou Dd CRUS 27 A NENNEN E oo OE 39 Troubleshooting and Specifications nent 53 Hsec Me 55 adis Vedere e wii MER RH eco 59 Appendices and ION LunssssinsasnaskiaR san aa ka ER AR RR RARMu MEI ERRRK UAR ERRARE RR iA MAKE E ERIA A AU AL QUEM 2M A RAE KA 63 NWD2205 User s Guide 9 Contents Overview NWD2205 User s Guide Table of Contents Table of Contents About This Users Guide YXO X
72. yXEL utility starts automatically after you connect the NWD2205 to the computer 1 3 3 Uninstalling the ZyXEL Utility You need to remove the ZyXEL utility from your computer only when you want to upgrade the ZyXEL utility or the ZyXEL utility cannot work properly Note Disconnect the NWD22095 if you are going to uninstall or upgrade the ZyXEL utility While you can drag the ZyXEL Utility from your Applications folder directly to the Trash and remove it that way the best and safest course of action is to run the uninstallation program bundled on the included disc This ensures that all components of the application are properly removed especially the device driver To uninstall the ZyXEL Utility 1 Insert the included CD into the CD ROM drive NWD2205 User s Guide Chapter 1 Getting Started 2 Double click your Macintosh OS s driver folder on the included disc Double click the file Uninstall command e090 NWD2205_ PowerPC MacOS10 4_Driver_1004_UI_1 8 1 c3 E 35 m Q l O Network E Mac OS X Installer mpkg Uninstall command Utility release txt jk Applications Documents ss Movies amp Music Pictures 3 items 26 23 GB available vA The command screen displays Enter the administrative password you use to log in to the Mac computer and press ENTER eoo Completed Command Welcome to Darwin E Users Zy EL Desktop NWD 2285 PowerPC MacO0S18 4
Download Pdf Manuals
Related Search