Equinox Systems ZyAIR G-200 Network Card User Manual
Contents
1. is sesse ese ae RA RA RA RA Re 4 4 3 Problem with the Link Status se ea AR GR Re ee ee ee ee Re GRA GRA E 4 2 4 4 The ZyAIR Does Not Respond iese se RA Re Re ee ee ee ee Ge ee GRA GR Re GRA RA ee ee 4 2 Table of Contents ix ZyAIR G 200 User s Guide List of Figures Figure 1 1 Windows XP System Tray CON ees sae see ee Ga RA GRA RA Ee ee ee ee Re Ge Re Ge Re GR Re GRA GRA GRA Gee ee ee 1 1 Figure 1 2 Windows XP System Tray CON ees sea sea ae Ga RA GRA RA Ee ee ee ee Re Re Ge Re GR Re GRA GRA GR ee Gee ee ee 1 1 Figure 1 3 Windows XP Wireless Network Connection Status esse see se ee ee SR Ge AR Ge Re GR ee ek Ge RR Ge 1 2 Figure 1 4 Windows XP Connect to Wireless Network iese ese es se ee Ge Re GR Re Re GR Re GR ee GRA Ge AR Ge ek sans 1 2 Figure 1 5 Windows XP Wireless Network Connection Properties iese sesse se se ee Ge ek GR ee ek Ge RR Ge 1 3 Figure 1 6 ZyAIR Utility System Tray CON esse see se ea GRA GRA RA Ee ee ee ee ee ee ee Re Ge Re ee Re GR Re ee Re ee ee 1 3 Figure 2 1 Ad hoc Network Example c cccccescessessscesseesecesecseecaeecaeeeseseneeeeeeesseeaeceaecesenaeenaeeneeceeeseeaes 2 1 Figure 2 2 BSS Example esse ees cus ee ses se iia 2 2 Figure 2 3 Infrastructure Network Example sesse see se ese see se ek ee GRA Ge AR Gee GR ek Gee GR ek ee AR Ge ek Ge Re GR eek Ge 2 2 Figure 2 4 Roaming Example eie Ee Gees en en dee See Ke ee ene bes beste ee Roe Bee See ERGE 2 3 Figure 2 5 Z2. 802 1x There are three data authentication options available from the Authentication drop down list box when you select Ad Hoc as the Operating Mode in the previous screen None WEP WPA PSK 2 6 1 Data Encryption with WEP Select WEP from the Authentication drop down list box to view the security configuration options WEP Wired Equivalent Privacy encryption scrambles all communication transmitted between the ZyAIR and the AP or other wireless stations to keep network communications private Both the wireless clients and the access points must use the same WEP key for data encryption and decryption There are two ways to create WEP keys in your ZyAIR Automatic WEP key generation based on a password phrase called a passphrase The passphrase is case sensitive You must use the same passphrase for all WLAN adapters with this feature in the same WLAN Enter the WEP keys manually Your ZyAIR allows you to configure up to four 64 bit or 128 bit WEP keys but only one key can be enabled at any one time Authentication Type Two different methods can be used to authenticate wireless stations to the network Open System and Shared Key The following figure illustrates the steps involved 2 8 Using the ZyAIR Utility ZyAIR G 200 User s Guide Wireless Station Authentication Access Point Authentication Acceptance Challenge Text Authentication Acceptance Figure 2 9 WEP Authentication Steps
3. Table 2 2 Site Survey FIELD DESCRIPTION SSID This field displays the SSID or name of each wireless device Signal This field displays the signal strength of each wireless device Channel This field displays the channel number used by each wireless device Security This field shows whether the wireless security is activated WEP WPA PSK WPA or 802 1x or inactive None BSSType This field displays the wireless network type as Infrastructure or Ad Hoc of each wireless device Infrastructure the ZyAIR associates to an AP Ad Hoc the ZyAIR associates to a peer ad hoc computer Mode This field displays the wireless standard 802 11b or 802 11g of the wireless device BSSID This field displays the MAC address of the wireless device Search Click Search to scan for available wireless device within transmission range Connect Click Connect to associate to the selected wireless device OK Click OK to apply the changes and close the screen Cancel Click Cancel to discard all changes and close the screen Help Click Help to display on line help screen 2 3 1 Connecting to a Wireless Network Follow the steps below to connect to a network Using the ZyAIR Utility 2 5 ZyAIR G 200 User s Guide 1 Click Search to scan for all available wireless networks within range 2 To join a network either click an entry in the table to select a wireless network and then click Connect o
4. 2 11 Troubleshooting MR EE MEER Ee Ee 4 WPA with RADIUS Application 2 14 Checking Hardware Conflict u 4 1 WPA PSK Application 2 14 Communication problems 4 1 Radio interference oues ss skeer ede 4 2 Z Starting ZyAIR UI ee 4 RR Using the ZyAIR aan 4 2 ZyAIR Utility ees see ek ee ee ee ee 3 1 TTS EE EE GE RO E Eneryption ese EE 2 10 2 13 Tunneled Transport Layer Service See TTLS Link Info tn 2 3 Remove 3 1 U Site SURVEY RE Re 2 5 Uninstall uni 3 1 Uninstall the ZyAIR Utility ee 3 1 Ge EE E 3 1 Upgrade the ZyAIR Utility 3 1 ZyAIR Utility system tray icon 1 3 User Authentication ncsene 2 11 Using the ZyAIR Utility 2 1 J Index
5. G 200 User s Guide Chapter 2 Using the ZyAIR Utility This chapter shows you how to configure the ZyAIR using the ZyAIR Utility 2 1 About Wireless LAN Network This section describes the wireless LAN network terms and applications 2 1 1 SSID The SSID Service Set Identity is a unique name shared among all wireless devices in a wireless network Wireless devices must have the same SSID to communicate with each other 2 1 2 Channel A range of radio frequencies used by IEEE 802 11b wireless devices is called a channel 2 1 3 Transmission Rate Your ZyAIR automatically adjusts the transmission rate to operate at the maximum transmission data rate When the communication quality drops below a certain level the ZyAIR automatically switches to a lower transmission data rate Transmission at lower data speeds is usually more reliable However when the communication quality improves again the ZyAIR gradually increases the transmission data rate again until it reaches the highest available transmission rate 2 1 4 Wireless Network Application Wireless LAN works in either of the two modes ad hoc and infrastructure To connect to a wired network within a coverage area using Access Points APs set the ZyAIR operation mode to Infrastructure BSS An AP acts as a bridge between the wireless stations and the wired network In case you do not wish to connect to a wired network but prefer to set up a small independent wireless workg
6. Message Integrity Check MIC named Michael an extended initialization vector IV with sequencing tules and a re keying mechanism TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice The RADIUS server distributes a Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the pair wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients This all happens in the background automatically The Message Integrity Check MIC is designed to prevent an attacker from capturing data packets altering them and resending them The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC If they do not match it is assumed that the data has been tampered with and the packet is dropped By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism MIC TKIP makes it much more difficult to decode data on a Wi Fi network than WEP making it difficult for an intruder to break into the network The encryption mechanisms used for WPA and WPA PSK are the same The only difference between the two is that WPA PSK uses a simple common password instead of user specific credentials The common password approach makes WPA PSK susceptible to brute forc
7. Right click on the ZyAIR Utility system tray icon and click Turn off zero configuration Turn off zero configuration Show Config Utility Exit Figure 1 1 Windows XP System Tray Icon From the Wireless Network Connection Status Screen 1 Double click on the network icon for the wireless connection in the system tray If the icon is not present proceed to Step 2 Otherwise skip to Step 5 Figure 1 2 Windows XP System Tray Icon 2 Ifthe icon for the wireless network connection is not in the system tray click Start Control Panel and double click on Network Connections Getting Started 1 1 ZyAIR G 200 User s Guide 3 Double click on the icon for wireless network connection to display a status window as shown next Wireless Network Connection 3 Status PR SS General Support Connection Status Connected Duration 00 07 13 Speed 11 0 Mbps Signal Strength Fall Activity Sent Received Packets 253 6 Figure 1 3 Windows XP Wireless Network Connection Status 4 Click Properties and click the Wireless Networks tab Then skip to Step 6 5 When a Connect to Wireless Network window displays click Advanced Connect to Wireless Network The following network s are available To access a network select it from the list and then click Connect Available networks i CPESW3 Wireless 1 CPF 337 1 This network requires the use of a network key WEP To access this ne
8. configure the WEP encryptions Table 2 6 WPA PSK Authentication FIELD DESCRIPTION Authentication Select WPA PSK from the drop down list box Using the ZyAIR Utility 2 15 ZyAlR G 200 User s Guide Table 2 6 WPA PSK Authentication FIELD DESCRIPTION Encryption Status All unicast traffic is automatically encrypted by TKIP when WPA or WPA PSK Authentication is selected See the section on Encryption for details about Temporal Key Integrity Protocol TKIP Passphrase Type a Passphrase from 8 to 63 ASCII characters long The Passphrase is case sensitive You must use the same Passphrase for all wireless LAN adapters with this feature in the same WLAN For more information on Passphrase see section 2 6 1 OK Click OK to apply the changes and close the screen 2 6 4 Data Encryption with 802 1x Select 802 1x from the Authentication drop down list box to view the security configuration options 802 1x Overview The IEEE 802 1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management Authentication can be done using an external RADIUS server for an unlimited number of users EAP Authentication Overview EAP Extensible Authentication Protocol is an authentication protocol that runs on top of the IEEE802 1x transport mechanism in order to support multiple types of user authentication By using EAP to interact with an EAP compati
9. ranging from a z A Z and O 9 for example MyKey12345678 for ASCII key type You must configure all four WEP keys the first time you use the ZyAIR GE ASCII WEP keys are case sensitive OK Click OK to apply the changes and close the screen 2 6 2 Data Encryption with WPA Select WPA from the Authentication drop down list box to view the security configuration options Introduction to WPA Wi Fi Protected Access WPA is a subset of the IEEE 802 111 security specification draft Key differences between WPA and WEP are user authentication and improved data encryption User Authentication WPA applies IEEE 802 1x and Extensible Authentication Protocol EAP to authenticate wireless clients using an external RADIUS database See later in this User s Guide for more information on IEEE 802 1x and EAP WPA PSK WPA Pre Shared Key only requires a single identical password entered into each access point wireless gateway and wireless client As long as the passwords match a client will be granted access to a WLAN Using the ZyAIR Utility 2 11 ZyAlR G 200 User s Guide Encryption WPA improves data encryption by using Temporal Key Integrity Protocol TKIP Message Integrity Check MIC and IEEE 802 1x Temporal Key Integrity Protocol TKIP uses 128 bit keys that are dynamically generated and distributed by the authentication server It includes a per packet key mixing function a
10. 130 N Miller St Anaheim CA 92806 2001 U S A ZyXEL Deutschland GmbH Adenauerstr 20 A2 D 52146 Wuerselen Germany ZyXEL France 1 rue des Vergers Bat 1 C 69760 Limonest France ZyXEL Communications Alejandro Villegas 33 1 28043 Madrid Spain ZyXEL Communications A S Columbusvej 5 2860 Soeborg Denmark ZyXEL Communications A S Nils Hansens vei 13 0667 Oslo Norway ZyXEL Communications A S Sj porten 4 41764 G teborg Sweden ZyXEL Communications Oy Malminkaari 10 00700 Helsinki Finland Customer Support vii ZyAIR G 200 User s Guide Table of Contents Chapter 1 Se Ie ee EO nin cias 1 1 1 1 ZyAIR Hardware and Utility Installation 0 0 0 ee see se ee ee ee ee ee Ge GR Re RA RA ee ee 1 1 1 2 Disable Windows XP Wireless LAN Configuration Tool sees sees se ee ee ee 1 1 1 3 Accessing the Zy AIR UI sesse see es Se SEE Re ee RR ek EER ester seceded Rg GN Ee SE Ed ke ed se eke Ee 1 3 Chapter 2 Using the ZyAIR UR ses ese ke See se Se Ad Ag ee kenn 2 1 2 1 About Wireless LAN Network ese ee ee ee RA RA RA RA Re Re ee ee ee ee ee Ge nn 2 1 AA N ELE NI 2 1 2 1 2 Channel si EE EG Ee ie Ee EG GE bek SR ae Ge Ge Eve GR DE SE Ee ES ee Ge ee Ee se ie 2 1 2 1 3 Transmission EA OE RE OE OE 2 1 2 1 4 Wireless Network Application esse ese se RA RA RR RA ER ee Re RA GRA GRA RA ee Re ee Re ee 2 1 DANS Roaming nis EE EE EE RE EE AN 2 2 2 2 The in dees AAA OR EE E 2 3 2 3 The Site Survey Scr
11. 3 Sequences for EAP MD5 Challenge Authentication D Wireless LAN With IEEE 802 1x ZyAIR G 200 User s Guide Appendix C Types of EAP Authentication This appendix discusses the five popular EAP authentication types EAP MD5 EAP TLS EAP TTLS PEAP and LEAP The type of authentication you use depends on the RADIUS server Consult your network administrator for more information EAP MD5 Message Digest Algorithm 5 MDS authentication is the simplest one way authentication method The authentication server sends a challenge to the wireless station The wireless station proves that it knows the password by encrypting the password with the challenge and sends back the information Password is not sent in plain text However MDS authentication has some weaknesses Since the authentication server needs to get the plaintext passwords the passwords must be stored Thus someone other than the authentication server may access the password file In addition it is possible to impersonate an authentication server as MDS authentication method does not perform mutual authentication Finally MDS authentication method does not support data encryption with dynamic session key You must configure WEP encryption keys for data encryption EAP TLS Transport Layer Security With EAP TLS digital certifications are needed by both the server and the wireless stations for mutual authentication The server presents a certificate to the client Aft
12. Figure 2 3 Infrastructure Network Example 2 1 5 Roaming Roaming is where in an infrastructure network wireless clients are able to switch from one BSS to another as they move between coverage areas During this period the wireless client maintains uninterrupted connection to the network As the wireless client moves from place to place it scans for the most appropriate AP depending on the signal strength network utilization or other factors The following figure depicts a roaming example When Wireless Client B moves to position X the ZyAIR in Wireless Client B automatically switches the channel to the one used by Access Point 2 in order to stay connected to the network 2 2 Using the ZyAIR Utility ZyAIR G 200 User s Guide Computer Erf L er f Na Wireless Station A a wae EE Wireless Station C BSS 2 ya ba BSS 1 Wireless Station B x e N S or Bg or vee oe a Figure 2 4 Roaming Example 2 2 The Link Info Screen When the ZyAIR Utility starts the Link Info screen displays showing the current configuration of your ZyAIR AAA mE Link Info Configuration Site Survey About Current SSID Simon Status Associated Re Connect m Settings Channel je Security Disabled Transfer Rate fas Current IP 192 168 1 35 Operating Mode Infrastructure m TX RX Total frame Transmitted Received 252 l 57 Signal Strength Exc
13. MAC address table on the access point Although WEP data encryption offers a form of data security you have to reset the WEP key on the clients each time you change your WEP key on the access point IEEE 802 1x In June 2001 the IEEE 802 1x standard was designed to extend the features of IEEE 802 11 to support extended authentication as well as providing additional accounting and control features It is supported by Windows XP and a number of network devices Advantages of the IEEE 802 1x User based identification that allows for roaming Support for RADIUS Remote Authentication Dial In User Service RFC 2138 2139 for centralized user profile and accounting management on a network RADIUS server Support for EAP Extensible Authentication Protocol RFC 2486 that allows additional authentication methods to be deployed with no changes to the access point or the wireless stations RADIUS Server Authentication Sequence The following figure depicts a typical wireless network with a remote RADIUS server for user authentication using EAPOL EAP Over LAN Wireless LAN With IEEE 802 1x C ZyAIR G 200 User s Guide Wireless Station RADIUS Server Unauthorized State AP RADIUS Server RADIUS Access Request RADIUS Access Challenge RADIUS Access Request RADIUS Access Accept Client computer S nn access authorized PADUS Access Deny _____ Client computer access not authorized Diagram 4
14. Open System authentication involves an unencrypted two message procedure A wireless station sends an open system authentication request to the AP which will then automatically accept and connect the wireless station to the network In effect open system is not authentication at all as any station can gain access to the network Shared Key authentication involves a four message procedure A wireless station sends a shared key authentication request to the AP which will then reply with a challenge text message The wireless station must then use the AP s default WEP key to encrypt the challenge text and return it to the AP which attempts to decrypt the message using the AP s default WEP key If the decrypted message matches the challenge text the wireless station is authenticated When your ZyAIR s authentication method is set to open system it will only accept open system authentication requests The same is true for shared key authentication However when it is set to auto authentication the ZyAIR will accept either type of authentication request and the ZyAIR will fall back to use open authentication if the shared key does not match Using the ZyAIR Utility 2 9 ZyAlR G 200 User s Guide ZyAIR G 200 Wireless LAN x Link Infa Cantiquration Site Sirven haut ZyAIR G 200 Wireless LAN USB Adapter Security Configura Authentication WEP v Encryption 64 bit AuthenticationT ype Open System y Passphrase A Tr
15. P checks each client s password and only allows it to join the network if it matches its password 3 The AP derives and distributes keys to the wireless clients 4 The AP and wireless clients use the TKIP encryption process to encrypt data exchanged between them PSK A J r yy LL N Internet A Y ME gt Figure 2 12 WPA PSK Authentication WPA with RADIUS Application Example You need the IP address of the RADIUS server its port number default is 1812 and the RADIUS shared secret A WPA application example with an external RADIUS server looks as follows A is the RADIUS server DS is the distribution system 1 The AP passes the wireless client s authentication request to the RADIUS server 2 The RADIUS server then checks the user s identification against its database and grants or denies network access accordingly 3 The RADIUS server distributes a Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the pair wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients Using the ZyAIR Utility ZyAIR G 200 User s Guide mi Figure 2 13 WPA with RADIUS Application Example ZyAIR G 200 Wireless LAN USB Adapter Security Conmigo Figure 2 14 WPA PSK Authentication Follow the instructions in the table to
16. Re Ge ek GR ee ek Ge ek Ge 3 2 Figure 3 4 Safely Remove Hardware Windows XP esse se se ee Gee Re ek ee GR Ge Re Ge ee ek ee ek Ge ee ee 3 2 Figure 3 5 Problem Ejecting Message Windows XP iese see se es se ee Ge Re Ge Re GR ee GRA Ge Re Ge Ge Re Ge ek son 3 2 Figure 3 6 Stop a Hardware device Windows XP esse ese ese se ee see se ek ee GR de Ge eed Ge AR Ge ee ek ee ek Ge ek Ge 3 3 Figure 3 7 Safe To Remove Hardware Message Windows XP iese sesse see se ek Ge ge AR Ge ee ek ee ek Ge ek Ge 3 3 List of Figures Xi ZyAIR G 200 User s Guide List of Tables Table 1 1 ZyAIR Utility System Tray CON esse se see ee RA GRA GRA RA Ee ee ee ee Re ee Re Ge Re ee Re GRA GRA GR ee Gee ee ee 1 3 Table 2 1 ZyAIR Utility Link Info nenne OE RE OE EO EN 2 3 Pale 2 2 Sit SULV CY Ee a EE ee ete EE N GE Le ee Ee es 2 5 Table 2 3 CONAPUTAtOn EDE EE DEE GE ED DR ee 2 6 Table 2 4 WEP Authentication ee ee ee se Re RR RA GR AR Re RR RA GRA GRA Gee ee non ee ee Re Re ee Re ee Re Gee ee Re ee Re ee ee 2 10 Table 2 5 WPA Authentication ceceeecseeccssesseeecseesecnecsevsecnecsecsaeeceaecaeesecnevseenseeeesaecateaecaeeateneeaeearente 2 13 Table 2 6 WPA PSK Authentication ccc ccesccssssecseeesceeeeeceseceessecaeceessecaeseecnevseesaeeeesaecatesecnesarenaeaeeareets 2 15 Table 2 7 802 1x SUG UIE AR AT EO i 2 17 Table 2 8 A DOUG A ee Re ee 2 18 Table 4 1 Troubleshooting Starting ZyAIR Utility Program iese sesse ee ee ee R
17. ZyAIR G 200 802 11g Wireless USB Adapter User s Guide Version 1 1 11 2004 YA Networking Power ZyAIR G 200 User s Guide Copyright Copyright 2004 by ZyXEL Communications Corporation The contents of this publication may not be reproduced in any part or as a whole transcribed stored in a retrieval system translated into any language or transmitted in any form or by any means electronic mechanical magnetic optical chemical photocopying manual or otherwise without the prior written permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patents rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publication is subject to change without notice Trademarks Trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners ii Copyright ZyAIR G 200 User s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user purchaser that this product is free from any defects in materials or workmanship for a period of up to one 1 year from the date of purchase During the warranty period and upon proof of purc
18. ansmit Key Key Type HEX v Key1 fT SY Key2 A Key3 OI Kep4 NAAA OK Cancel Help A c teo Figure 2 10 WEP Authentication Follow the instructions in the table to configure the WEP encryptions Table 2 4 WEP Authentication FIELD DESCRIPTION Authentication Select WEP from the drop down list box to activate WEP Authentication Encryption Select either 64 Bits or 128 Bits from the drop down list box to activate WEP encryption and then fill in the related fields Select Disabled to deactivate the WEP encryption GE WEP Key Entry The WEP keys are used to encrypt communication before transmitting The values for the keys must be set up exactly the same on the APs or other peer ad hoc wireless computers as they are on the ZyAIR Authentication Type Select Open System or Shared Key from the drop down list box See the section on Authentication Type for further descriptions of these Select Open System to allow any station to gain access to the network Select Shared Key if you want the ZyAIR to automatically generate four different WEP keys based on the passphrase specified in the Passphrase field Passphrase Type a Passphrase As you enter the Passphrase the ZyAIR automatically generates four different WEP keys and displays them in the key fields below Write down the automatically generated WEP keys and use them to manually set the WEP keys in other WLAN adapters Pass
19. apan Data Rate 802 11g OFDM 6 9 12 18 24 36 48 54 Mbps 802 11b 1 2 5 5 11 Mbps 802 11g OFDM with BPSK QPSK and 16 64 QAM sub carrier modulations Modulation 802 11b DBPSK DOPSK CCK Output Power 17 dBm typical at 11Mbps CCK 13 dBm typical at 54Mbps OFDM RX Sensitivity 802 11g OFDM 54 Mbps 71 dBm 48 Mbps 72 dBm 36 Mbps 76 dBm 24 Mbps 80 dBm 18 Mbps 83 dBm 12 Mbps 85 dBm 9 Mbps 87 dBm 6 Mbps 88 dBm 802 11b CCK DSS 11 Mbps 85 dBm 5 5 Mbps 88 dBm 2 Mbps 91 dBm 1 Mbps 94 dBm Product Specifications ZyAIR G 200 User s Guide SOFTWARE SPECIFICATIONS Device Drivers Windows 2000 Windows XP Roaming 802 11 compliant WEP Supports 64 bit and 128 bit encryption ENVIRONMENTAL SPECIFICATIONS O ting 0 55 C Temperature oe Storage 25 70 C Relative Humidity 10 to 90 non condensing At the time of writing Product Specifications ZyAIR G 200 User s Guide A Ui EE RE 2 17 Accessing the ZyAIR Utility 1 3 Ad hoc Configuration A Automatic WEP key generation 2 8 B Basic Service Set See BSS Dan nee ee 2 2 A C 6 A ETR E Certificate Authority See CA Communication Problem 4 Ad hoc IBSS eeee 4 2 Infrastructure iese se ee ee ee 4 1 Configuration Utility yersion 2 18 Connecting to a W
20. ate access to information and the ability to communicate decisions while on the go 5 It provides campus wide networking mobility allowing enterprises the roaming capability to set up easy to use wireless networks that cover the entire campus transparently IEEE 802 11 The 1997 completion of the IEEE 802 11 standard for wireless LANs WLANs was a first important step in the evolutionary development of wireless networking technologies The standard was developed to maximize interoperability between differing brands of wireless LANs as well as to introduce a variety of performance improvements and benefits The IEEE 802 11 specifies three different transmission methods for the PHY the layer responsible for transferring data between nodes Two of the methods use spread spectrum RF signals Direct Sequence Spread Spectrum DSSS and Frequency Hopping Spread Spectrum FHSS in the 2 4 to 2 4825 GHz unlicensed ISM Industrial Scientific and Medical band The third method is infrared technology using very high frequencies just below visible light in the electromagnetic spectrum to carry data Ad hoc Wireless LAN Configuration The simplest WLAN configuration is an independent Ad hoc WLAN that connects a set of computers with wireless nodes or stations STA which is called a Basic Service Set BSS In the most basic form a wireless LAN connects a set of computers with wireless adapters Any time two or more wireless adapters are withi
21. ble RADIUS server the access point helps a wireless station and a RADIUS server perform authentication The type of authentication you use depends on the RADIUS server or the AP The ZyAIR supports EAP TLS EAP TTLS LEAP and PEAP with RADIUS Refer to the Types of EAP Authentication appendix for descriptions on the different types The details below provide a general description of how IEEE 802 1x EAP authentication works For an example list of EAP MDS authentication steps see the JEEE 802 1x appendix The wireless station sends a start message to the AP The AP sends a request identity message to the wireless station for identity information The wireless station replies with identity information including username and password The RADIUS server checks the user information against its user profile database and determines whether or not to authenticate the wireless station 2 16 Using the ZyAIR Utility ZyAIR G 200 User s Guide Link Info Configuration Site Survey About ZyAIR G 200 Wireless LAN USB Adapter Security Coni x Authentication 8021 x y EAP Type EAP TLS v EAP TLS Login Name EAP TTLS EAP MD5 Certificate EAP PEAP LEAP IV Validate Server Certificate Cancel Figure 2 15 802 1x Authentication Follow the instructions in the table to configure 802 1x authentication Table 2 7 802 1x Authentication FIELD DESCRIPTION Authentication Select 802 1x from
22. e 2 6 Using the ZyAIR Utility ZyAIR G 200 User s Guide Table 2 3 Configuration FIELD DESCRIPTION Configuration Service Set Identifier Enter the SSID Service Set Identifier of the AP or the peer ad hoc computer to which you want to associate in this field To associate to an ad hoc network or a particular AP in an infrastructure network you must enter the same SSID as the peer ad hoc computer Enter any to associate to or roam between any infrastructure wireless networks This is the default setting Operating Mode Select Infrastructure or Ad Hoc from the drop down list box Select Infrastructure to associate to an AP Select Ad Hoc to associate to a peer ad hoc computer Refer to Section 2 1 4 for more information Channel This field is activated if you select Ad Hoc in the Operation Mode field Select the channel number from the drop down list box To associate to a peer ad hoc computer you must use the same channel as the peer ad hoc computer Set Security Click Set Security to display the Security Configuration screen Configure your ZyAIR with wireless LAN security in this screen Undo Changes Click Undo Changes to start configuring the fields again Apply Changes Click Apply Changes to save the changes back to ZyAIR Ok Click OK to apply the changes and close the screen Cancel Click Cancel to discard all changes and close the screen Hel
23. e password guessing attacks but it s still an improvement over WEP as it employs an easier to use consistent single alphanumeric password ZyAIR G 200 Wireless LAN USB x Link Infa Danfim raar Site Sirven Shout ZyAIR G 200 Wireless LAN USB Adapter Security Confit x Authentication WPA Encryption Status TKIP v EAP Type EAP TTLS y Login Name Password IV Validate Server Certificate TTLS Protocol PAP y OK Cancel Help Figure 2 11 WPA Authentication Follow the instructions in the table to configure WPA security 2 12 Using the ZyAIR Utility ZyAIR G 200 User s Guide Table 2 5 WPA Authentication FIELD DESCRIPTION Authentication Select WPA from the drop down list box Encryption Status All unicast traffic is automatically encrypted by TKIP when WPA or WPA PSK Authentication is selected See the section on Encryption for details about Temporal Key Integrity Protocol TKIP EAP Type Select an EAP Type from the drop down list box See Types of EAP Authentication in the Appendix of this User s Guide for information on the fields listed below The choices are EAP TLS EAP TTLS EAP MD5 EAP PEAP LEAP Login Name If you want all wireless stations to have to enter user names before access to the wired network is allowed type a Login Name Password If you want all wireless stations to have to enter passwords before access to the wired ne
24. e Re GR Re GRA RA GRA GR ee Gee ee ee 4 1 Table 4 2 Troubleshooting Communication Problems ie ee see ee ee ee Re RR RR RA GRA GRA Gee Ge ron ee ee 4 1 Table 4 3 Troubleshooting Link Quality ies ea RR RA GRA GRA Re Ee ee ee ee Re ee nono nono Re GRA GR AR Re ee ee ee 4 2 Table 4 4 Troubleshooting the ZYAIR ee se ee RR RR RA GRA RA Ee ee ee ee Re ee Re Ge Re GR Re GR Re GR ee GR ee ee ee 4 2 xii List of Tables ZyAIR G 200 User s Guide Preface Congratulations on the purchase of your new ZyAIR G 200 802 11g Wireless USB Adapter About This User s Guide This guide provides information about the ZyAIR G 200 802 11g Wireless USB Utility that you use to configure your ZyAIR Syntax Conventions e Type or Enter means for you to type one or more characters Select or Choose means for you to use one of the predefined choices e Mouse action sequences are denoted using a comma For example click the Apple icon Control Panels and then Modem means first click the Apple icon then point your mouse pointer to Control Panels and then click Modem e Window and command choices are in Bold Times New Roman font Predefined field choices are in Bold Arial font e The ZyXEL ZyAIR G 200 802 11g Wireless USB Adapter is referred to as the ZyAIR in this guide e The ZyAIR G 200 802 11g Wireless USB Utility may be referred to as the ZyAIR Utility in this guide Related Documentation gt Support Disk Refer to the incl
25. een issie si seders sed Seks i ed een ke ke de dee Oe See Ede dee Red onbe ge eek rend 2 4 2 3 1 Connecting to a Wireless NetWoOTrk iese see sa RA RR RR GR ee Re RA GRA GRA RA RA ee Re ee 2 5 2 4 The Configuration A Ge sesse De ee E ese Se R ee ee SE ees 2 6 25 Wireless LAN SeCUIIEY iese ee ee se ee AG Ge AR RA Ge Re AA Ge non ee AA GR ee Re Ee Ge Eae 2 7 2 6 The Security Configuration Screen ese se ea RA RA RA Re Re ee ee GRA GRA GRA RA ee ee 2 8 2 6 1 Data Encryption with WEP iese esse ee ee ee ee se ee ee ee ee ee ee ee ee ee ee ee ee ee a GR Re GRA ee Re ee ee 2 8 2 6 2 Data Encryption with WPA ccccccccssesssecssecsseceseceseceseesseeseeseeeseneseeeseseeeseeeseeeaaes 2 11 2 6 3 Data Encryption with WPA PSK ees esse ee se ae ee ae ee Re Re Re ee ee ee ee ee ee nn 2 13 2 6 4 Data Encryption with 802 IX ee ee ee ee Re RA RA RA GRA GRA ee Re Re ee Re ee ee ee ee ee 2 16 2 7 The About CO DEE SR ES EE EE Ge GES Ge DEE ee Ee GEREG Ge R ee Gee be ee 2 17 Chapter 3 Maintenaince encia 3 1 3 1 Removing the ZyAIR UUItY ees se RA RA RA ae ee ee Ee RA Ge Re nennen 3 1 3 2 Upgrading the ZyAIR Utility ee se ea RA RA RA GR Re Re ee ee ee ee ee GR ee Re Ge Re ee 3 1 3 3 Disconnecting the ZyAIR aiii 3 1 Chapter 4 Troubleshooting cuina Ge ge Ke ee ee se ni IE Ee eg Re Ge Gede be 4 4 1 Problems Starting the ZyAIR Utility Program iese sesse ee ee ee Ge GRA GRA GRA RA Ge Re 4 1 4 2 Problems Communicating With Other Computer
26. ellent 88 NEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEN Link Quality Excellent 100 Figure 2 5 ZyAIR Utility Link Info The following table describes the fields in this screen Table 2 1 ZyAIR Utility Link Info LABEL DESCRIPTION Current SSID This field displays the name of the wireless LAN network to which the ZyAIR is associated This field displays the connection status of the ZyAIR This field is blank if there is no Status device associated with the ZyAIR 2 3 Using the ZyAIR Utility ZyAIR G 200 User s Guide Table 2 1 ZyAIR Utility Link Info LABEL DESCRIPTION Re Connect Click Re Connect to re establish the connection to the wireless network whose SSID is shown in the Current SSID field Channel This field displays the radio channel the ZyAIR is currently using Transfer Rate This field displays the current transmission rate of the ZyAIR in megabits per second Security This field displays the security level configured as either None WEP WPA PSK WPA or 802 1x for the wireless device Current IP This field displays your computers IP address Operating Mode This field displays the operating mode of the ZyAIR Infrastructure the ZyAIR associates to an AP Ad Hoc the ZyAIR associates to a peer ad hoc computer TX RX Total Frame Transmitted This field displays the number of data frames transmitted Received This field displays the number
27. er validating the identity of the server the client sends a different certificate to the server The exchange of certificates is done in the open before a secured tunnel is created This makes user identity vulnerable to passive attacks A digital certificate is an electronic ID card that authenticates the sender s identity However to implement EAP TLS you need a Certificate Authority CA to handle certificates which imposes a management overhead EAP TTLS Tunneled Transport Layer Service EAP TTLS is an extension of the EAP TLS authentication that uses certificates for only the server side authentications to establish a secure connection Client authentication is then done by sending username and password through the secure connection thus client identity is protected For client authentication EAP TTLS supports EAP methods and legacy authentication methods such as PAP CHAP MS CHAP and MS CHAP v2 PEAP Protected EAP Like EAP TTLS server side certificate authentication is used to establish a secure connection then use simple username and password methods through the secured connection to authenticate the clients thus hiding client identity However PEAP only supports EAP methods such as EAP MDS5 EAP MSCHAPv2 and EAP GTC EAP Generic Token Card for client authentication EAP GTC is implemented only by Cisco LEAP LEAP Light Extensible Authentication Protocol is a Cisco implementation of IEEE802 Ix For added security c
28. ertificate based authentications EAP TLS EAP TTLS and PEAP use dynamic keys for data encryption They are often deployed in corporate environments but for public deployment a simple user name and password pair is more practical The following table is a comparison of the features of five authentication types Types of EAP Authentication E ZyAlR G 200 User s Guide Comparison of EAP Authentication Types EAP MD5 EAP TLS EAP TTLS PEAP LEAP Mutual No Yes Yes Yes Yes Authentication Certificate Client No Yes Optional Optional No Certificate Server No Yes Yes Yes No Dynamic Key No Yes Yes Yes Yes Exchange Credential Security None Strong Strong Strong Moderate Deployment Easy Hard Moderate Moderate Moderate Difficulty Wireless Security Poor Best Good Good Good Client Identity No No Yes Yes No Protection F Types of EAP Authentication ZyAIR G 200 User s Guide Appendix D Product Specifications PHYSICAL SPECIFICATIONS Product Name ZyAIR G 200 Wireless LAN USB Adapter Type USB 2 0 Standarde IEEE 802 11b IEEE 802 11g Antenna Internal PCB antenna Power 5V DC Dimensions 110 3 mm H x 73 1 mm W x 53 8 mm D Weight 107g RADIO SPECIFICATIONS Media Access Protocol IEEE802 11 Frequency 2 4 2 4835GHz Industrial Scientific Medical Band 11 Channels USA Canada Channels 13 Channels Europe 14 Channels J
29. hase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its discretion repair or replace the defective products or components without charge for either parts or labor and to whatever extent it shall deem necessary to restore the product or components to proper operating condition Any replacement will consist of a new or re manufactured functionally equivalent product of equal value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product is modified misused tampered with damaged by an act of God or subjected to abnormal working conditions NOTE Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser To obtain the services of this warranty contact ZyXEL s Service Center for your Return Material Authorization RMA number Products must be returned Postage Prepaid It is recommended that the unit be insured when shipped Any returned products without proof of purchase or those with an out dated warranty will be repaired or replaced at the discretion of ZyXEL and the customer will be billed for parts and labor All repaired or replaced p
30. if not installed and used in accordance with the instructions may cause harmful interference to radio communications If this equipment does cause harmful interference to radio television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the receiving antenna 2 Increase the separation between the equipment and the receiver 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected 4 Consult the dealer or an experienced radio TV technician for help Notice 1 Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment Caution 1 The equipment complies with FCC RF radiation exposure limits set forth for an uncontrolled environment under 47 CFR 2 1093 paragraph d 2 2 This Transmitter must not be co located or operating in conjunction with any other antenna or transmitter Certifications Trade Name Model Number Refer to the product page at www zyxel com Tested To Comply C With FCC Standards FOR HOME OR OFFICE USE CERTIFIED interoperable with 2 4 GHz Band 11 Mbps 7 54 Mbps 7 5 GHz Band 54 Mbps O Wi Fi Protected Access Y Cert ID W001932 www wi fi org FCC Statement v ZyAIR G 200 User s Guide Custo
31. ing window displays as shown Click OK and then close and exit the ZyAIR Utility Problem Ejecting ZyAIR G 200 Wireless LAN USB Adapter N The device ZyAIR G 200 Wireless LAN USB Adapter cannot be stopped because a program is stil accessing it Figure 3 5 Problem Ejecting Message Windows XP 5 Click OK in the Stop a Hardware device window to stop the ZyAIR 3 2 Maintenance ZyAIR G 200 User s Guide Y Stop a Hardware device Confim devices to be stopped Choose OK to continue Windows will attempt to stop the following devices After the devices are stopped they may be removed safely BR ZYAIR G 200 Wireless LAN USB Adapter i Cancel Figure 3 6 Stop a Hardware device Windows XP 6 After the following notice window displays in the system tray you can safely disconnect the ZyAIR from your computer iD Safe To Remove Hardware x The ZyAIR G 200 Wireless LAN USB Adapter device can now be safely removed from the system 9 01 AM Figure 3 7 Safe To Remove Hardware Message Windows XP Maintenance ZyAIR G 200 User s Guide Chapter 4 Troubleshooting This chapter covers potential problems and the possible remedies After each problem description some instructions are provided to help you to diagnose and to solve the problem 4 1 Problems Starting the ZyAIR Utility Program Table 4 1 Troubleshooting Starting ZyAIR Utility Program PROBLEM CORRECTIVE ACTION Cann
32. ireless Network 2 5 Copyrig dust 11 Disclaimer sus Gee Edge Ee ee 11 TrademarkS esse see see se ek ek se 11 Customer SUDDOTE iese sees ee ee ee vil D Data encryption esse see se ee ee ek ee ek 2 8 Direct Sequence Spread SpectrumSee DSSS Disable Windows XP Wireless Support 1 1 Disconnecting the ZyAIR from your COMPUTEL nee 3 1 Distribution System See DS DE EURO SEINE GOING B DES SE PIE KO DPI DE ee Ee A A E FAT EE EE HE 2 16 EAP AuthenticatiON ocoooocccnonicnnononannnnnnnanos E MD Sii rien E PEAP ii ee ee E TES E EE EE tesa ren E TERS MERS eo ed ie eo eli E Eneryption esse esse esse ss see se ee ee ee Se 2 12 ESS aushalten 2 2 B Extended Service Set See ESS Extensible Authentication Protocol See EAP Index F Federal Communications Commission FCC Interference Statement v ek EE A Frequency Hopping Spectrum See FHSS le EE EE decane ees 2 1 A IEEF 402 dd ori A Deployment ISSUES ee ee ee ee C Security Flaws e esse esse ee see see ee ee ee C JEEE 02 ee C Advantages esse ese ee se se ee Re GR ge C Independent Basic Service Set A See IBSS Information for Canadian Users iv CAUTION enge aiei iv LR ER aaRS iv Infrastructure seinen 2 2 Infrastructure Configuration B L A annn 2 3 M MDS nee Ee gede GESE Ee nee dee es E Message Digest Algorithm 5 See MDS N Network Topology Wi
33. isconnecting the ZyAIR er To avoid losing data DO NOT disconnect the ZyAIR while data transmission is taking place After you exit from the ZyAIR Utility program you may disconnect the ZyAIR from your computer You do not have to turn off the computer before removing the ZyAIR you can insert or remove the ZyAIR while the computer is turned on However it is recommended that you stop the operation of the ZyAIR first Follow the steps below to disable the ZyAIR in Windows Screen shots may vary depending on the version of Windows 1 Close and exit the ZyAIR Utility Maintenance 3 1 ZyAIR G 200 User s Guide Turn on zero configuration Show Config Utility Exit Figure 3 2 ZyAIR Utility Exit 2 Double click the removable device icon in the system tray Lx gt 8 15 AM Figure 3 3 Removable Device System Tray Icon Windows XP 3 When a Safely Remove Hardware window displays select the ZyAIR device in the Hardware devices list and click Stop Safely Remove Hardware Select the device you want to unplug or eject and then click Stop When Windows notifies you that it is safe to do so unplug the device from your computer Hardware devices EE EE EG AA ZyAIR G 200 Wireles N USB Adapter ZAIR G 200 Wireless LAN USB Adapter at Location 0 C Display device components Figure 3 4 Safely Remove Hardware Windows XP 4 Ifyou do not close and exit the ZyAIR Utility a warn
34. le 4 4 Troubleshooting the ZyAIR PROBLEM CORRECTIVE ACTION The ZyAIR connected When you resume your computer from sleep standby suspend mode the to a computer does not ZyAIR may not work or immediately respond respond after resuming If this happens disconnect and connect the ZyAIR the computer from sleep mode 4 2 Troubleshooting ZyAIR G 200 User s Guide Appendix A Wireless LAN and IEEE 802 11 A wireless LAN WLAN provides a flexible data communications system that you can use to access various services navigating the Internet email printer services etc without the use of a cabled connection In effect a wireless LAN environment provides you the freedom to stay connected to the network while roaming around in the coverage area WLAN is not available on all models Benefits of a Wireless LAN Wireless LAN offers the following benefits 1 It provides you with access to network services in areas otherwise hard or expensive to wire such as historical buildings buildings with asbestos materials and classrooms 2 It provides healthcare workers like doctors and nurses access to a complete patient s profile on a handheld or notebook computer upon entering a patient s room 3 It allows flexible workgroups a lower total cost of ownership for workspaces that are frequently reconfigured 4 Itallows conference room users access to the network as they move from meeting to meeting getting up to d
35. me SSID Change the AP and the associated wireless clients to use another radio channel if interference is high Make sure that the computer and the AP share the same security option and key Verify the settings in the Security Configuration screen Troubleshooting 4 1 ZyAIR G 200 User s Guide Table 4 2 Troubleshooting Communication Problems PROBLEM CORRECTIVE ACTION B Ad Hoc IBSS Verify that the peer computer s is turned on Make sure the ZyAIR and the peer computer s are using the same SS ID and channel Make sure that the ZyAIR and the peer computer s share the same security option and key Change the wireless clients to use another radio channel if interference is high Make sure that the ZyAIR and the peer computer s share the same security option and key Verify the settings in the Security Configuration screen 43 Problem with the Link Status Table 4 3 Troubleshooting Link Quality PROBLEM CORRECTIVE ACTION The link quality and or signal Search and connect to another AP with a better link quality using the Site strength is poor all the time Survey screen Move your computer closer to the AP or the peer computer s within the transmission range There is too much radio interference for example microwave or another AP using the same channel around your wireless network Relocate or reduce the radio interference 4 4 The ZyAIR Does Not Respond Tab
36. mer Support When contacting your Customer Support Representative please have the following information ready gt Product model and serial number gt Warranty Information gt Date you received your product gt Brief description of the problem and the steps you took to solve it SUPPORT E MAIL TELEPHONE WEB SITE SALES E MAIL FAX FTP SITE support zyxel com tw 886 3 578 3942 www zyxel com www europe zyxel com WORLDWIDE ftp zyxel com sales zyxel com tw 886 3 578 2439 ftp europe zyxel com NORTH support zyxel com 1 800 255 4101 www us zyxel com AMERICA 1 714 632 0882 Ed j 7 di GERMANY FRANCE wi WW ZY 5 DENMARK E www zyxel no sales zyxel com support zyxel de 49 2405 6909 0 sales zyxel de 49 2405 6909 99 info zyxel fr 33 0 4 72 52 97 97 33 0 4 72 52 19 20 34 902 195 420 34 913 005 345 support zyxel es sales zyxel es 45 39 55 07 00 45 39 55 07 07 support zyxel dk sales zyxel dk 47 22 80 61 80 47 22 80 61 81 support zyxel sales zyxel no NO NORWAY SWEDEN FINLAND www zyxel no www zyxel s 46 31 744 7700 46 31 744 7701 support zyxel sales zyxel se Se de fr eS www zyxel dk Se fi support zyxel fi 358 9 4780 8411 is the prefix number you enter to make an international telephone call REGULAR MAIL ZyXEL Communications Corp 6 Innovation Road Il Science Park Hsinchu 300 Taiwan ZyXEL Communications Inc 1
37. n range of each other they can set up an independent network which is commonly referred to as an Ad hoc network or Independent Basic Service Set IBSS See the following diagram of an example of an Ad hoc wireless LAN Wireless LAN and IEEE 802 11 A ZyAIR G 200 User s Guide se mid gt e E Fe Y a SS A Not book with Desktop with wireless card wireless cakd f Ad hoc Wireless LAN IBSS ER man ee n man vars gt fr N Bi Desktop with _ Notebook with wireless card Mod wireless card Diagram 4 1 Peer to Peer Communication in an Ad hoc Network Infrastructure Wireless LAN Configuration For infrastructure WLANS multiple access points APs link the WLAN to the wired network and allow users to efficiently share network resources The access points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood Multiple access points can provide wireless coverage for an entire building or campus All communications between stations or between a station and a wired network client go through the access point The Extended Service Set ESS shown in the next figure consists of a series of overlapping BSSs each containing an Access Point connected together by means of a Distribution System DS Although the DS could be any type of network it is almost invariably an Ethernet LAN Mobile nodes can roam bet
38. of data frames received Signal Strength The status bar and the percentage number or a number in dBm show the strength of the signal Link Quality The status bar and the percentage number show the quality of the signal OK Click OK to apply the changes and close the screen Cancel Click Cancel to discard all changes and close the screen Help Click Help to display on line help screen 2 3 The Site Survey Screen Use the Site Survey screen to scan for and connect to a wireless network automatically Using the ZyAIR Utility ZyAIR G 200 User s Guide ZyAIR G 200 Wireless LAN USB Adapter x Link Info Configuration Site Survey About The list contains available Access Points and their features To update the list click Refresh button You can select a desired Access Point from the list and click Connect button to connect to the specified 4ccess Point SSID Signal Channel Security BSS Simon 98 6 None CPE 5232 G3000 63 6 WEP Wireless 61 1 None nfra CPE Sw1 1806 55 1 None nfra CPE_5658_1 53 2 WPA PSK Infra Wireless 51 1 None nfra Wireless 50 6 None nfta Wireless 48 6 None nfta CPE_5243_ycch 40 8 WPA nfra ZyKEL MIS 34 3 WEP nfta CPE_5235_G300 34 6 None nfra PQA 603 B30005 32 1 PRA AE Br 7 gt None nfra 5 WED Infra gt Search Connect Figure 2 6 Site Survey The following table describes the fields in the table
39. ot start the ZyAIR Utility Make sure the ZyAIR is properly inserted and the PWR LED is on Refer to the Quick Installation Guide for the LED descriptions Use the Device Manager to check for possible hardware conflicts Click Start Settings Control Panel System Hardware and Device Manager Verify the status of the ZyAIR under Network Adapter Steps may vary depending on the version of Windows Install the ZyAIR in another computer If the error persists you may have a hardware problem In this case you should contact your local vendor The ZyAIR Utility displays only three tabs When the ZyAIR Utility displays only three tabs you are using the Windows XP wireless configuration tool at the same time Refer to Section 1 2 to disable the Windows XP wireless configuration tool 4 2 Problems Communicating With Other Computers Table 4 2 Troubleshooting Communication Problems PROBLEM CORRECTIVE ACTION The Connect button is screen You are using the Windows XP wireless configuration tool and the ZyAIR disabled in the Site Survey Utility at the same time Refer to Section 1 2 to disable the Windows XP wireless configuration tool the ZyAIR cannot computer The computer connected to communicate with the other A Infrastructure Make sure that the AP and the associated computers are turned on and working properly Make sure the ZyAIR and the associated AP use the sa
40. p Click Help to display on line help screen 2 5 Wireless LAN Security Wireless LAN security is vital to your network to protect wireless communication between wireless clients and the wired network The figure below shows the possible wireless security levels on your ZyAIR EAP Extensible Authentication Protocol is used for authentication and utilizes dynamic WEP key exchange It requires interaction with a RADIUS Remote Authentication Dial In User Service server either on the WAN or your LAN to provide authentication service for wireless stations i IEEE802 1x Unique EAP with Wi Fi ESSID RADIUS Fi Unique with Hide MAC Parva Protected ESSID ESSID Address WEP Authen Access Default Enabled Filtering Encryption _ tification WPA dr EE eer Least Secure Most Secure Figure 2 8 ZyAIR Wireless Security Levels Using the ZyAIR Utility 2 7 ZyAlR G 200 User s Guide If you do not enable any wireless security on your ZyAIR communication between the ZyAIR and the wired network is accessible to any wireless networking device that is in the coverage area 2 6 The Security Configuration Screen Configure the wireless LAN security by clicking the Set Security button in the Configuration screen There are five data authentication options available from the Authentication drop down list box when you select Infrastucture as the Operating Mode in the previous screen None WEP WPA PSK WPA
41. phrase is case sensitive If you select ASCII characters as the Key Type the Passphrase screen will be grayed out For more information on Passphrase see section 2 6 1 2 10 Using the ZyAIR Utility ZyAIR G 200 User s Guide Table 2 4 WEP Authentication FIELD DESCRIPTION Transmit Key Enter the key number 1 to 4 in this field Only one key can be enabled at any one time This key must be the same on the ZyAIR and the wireless stations to communicate Key Type Select ASCII to enter the WEP keys as ASCII characters Select this option if you want to manually enter the WEP keys Select HEX to have the WEP keys as hexadecimal characters Select this option if you want the ZyAIR to automatically generate four different WEP keys based on the passphrase specified in the Passphrase field Key 1 4 Enter the WEP keys in the fields provided If you select 64 Bits in the Encryption WEP field Enter either 10 hexadecimal digits in the range of A F a f and 0 9 e g 11AA22BB33 for hexadecimal key type or Enter 5 ASCII characters case sensitive ranging from a z A Z and O 9 e g MyKey for ASCII key type If you select 128 Bits in the Encryption WEP field Enter either 26 hexadecimal digits in the range of A F a f and 0 9 for example 00112233445566778899AABBCC for hexadecimal key type or Enter 13 ASCII characters case sensitive
42. quipment or equipment malfunctions may give the telecommunications company cause to request the user to disconnect the equipment For their own protection users should ensure that the electrical ground connections of the power utility telephone lines and internal metallic water pipe system if present are connected together This precaution may be particularly important in rural areas Caution Users should not attempt to make such connections themselves but should contact the appropriate electrical inspection authority or electrician as appropriate Note This digital apparatus does not exceed the Class B limits for radio noise emissions from digital apparatus set out in the radio interference regulations of Industry iv Information for Canadian Users ZyAIR G 200 User s Guide Federal Communications Commission FCC Interference Statement The device complies with Part 15 of FCC rules Operation is subject to the following two conditions e This device may not cause harmful interference e This device must accept any interference received including interference that may cause undesired operations This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a commercial environment This equipment generates uses and can radiate radio frequency energy and
43. r double click an entry 3 Ifthe WEP field is Yes for the selected wireless network you must also set up WEP keys in the Security Configuration screen Refer to Section 2 6 for more information 4 To verify that you have successfully connected to the selected network check the network information in the Link Info screen When you click Connect you are automatically taken to the Link Info screen 24 The Configuration Screen Click Configuration in the ZyAIR Utility program to display the Configuration screen as shown next ZyAIR G 200 Wireless LAN USB Adapter E xj Link Info Configuration Site Survey About r Profile default v r Configuration Service Set Identifier any Operating Mode MEETA Channel Je y Wireless Security Configuration Set Security Figure 2 7 Configuration The following table describes the labels in this screen Table 2 3 Configuration FIELD DESCRIPTION Profile The Profile function allows you to Create a new profile Enter a descriptive name in the drop down list box and click OK in the Configuration screen to save the new profile settings Use one of the pre configured network profiles Remove To delete an existing wireless network configuration select a profile from the drop down list box and click Remove Activate To use a previously saved network profile select the profile file name from the drop down list box and click Activat
44. roducts will be shipped by ZyXEL to the corresponding return address Postage Paid This warranty gives you specific legal rights and you may also have other rights that vary from country to country Online Registration Register your product online to receive e mail notices of firmware upgrades and information at www zyxel com for global products or at www us zyxel com for North American products ZyXEL Limited Warranty iii ZyAIR G 200 User s Guide Information for Canadian Users The Industry Canada label identifies certified eguipment This certification means that the equipment meets certain telecommunications network protective operation and safety requirements The Industry Canada does not guarantee that the equipment will operate to a user s satisfaction Before installing this equipment users should ensure that it is permissible to be connected to the facilities of the local telecommunications company The equipment must also be installed using an acceptable method of connection In some cases the company s inside wiring associated with a single line individual service may be extended by means of a certified connector assembly The customer should be aware that compliance with the above conditions may not prevent degradation of service in some situations Repairs to certified equipment should be made by an authorized Canadian maintenance facility designated by the supplier Any repairs or alterations made by the user to this e
45. roup without an AP use the Ad hoc IBSS Independent Basic Service Set mode Ad Hoc IBSS Ad hoc mode does not require an AP or a wired network Two or more wireless clients communicate directly to each other An ad hoc network may sometimes be referred to as an Independent Basic Service Set IBSS GR S y M Ee N je 7 EER Notebook with Desktop with wireless adapter wireless adhpter I 1 Ad hoc Wireless LAN IBSS j m 1 mm a Es EE 7 Nes Desktop with Notebook with P wireless adapter ma ad Figure 2 1 Ad hoc Network Example Using the ZyAIR Utility 2 1 ZyAIR G 200 User s Guide To set up an ad hoc network configure all wireless clients in ad hoc network type and use the same SSID and channel Infrastructure When a number of wireless clients are connected using a single AP you have a Basic Service Set BSS Figure 2 2 BSS Example A series of overlapping BSS and a network medium such as an Ethernet forms an Extended Service Set ESS or infrastructure network All communication is done through the AP which relays data packets to other wireless clients or devices connected to the wired network Wireless clients can then access resource such as the printer on the wired network ar m m Computer MT Wireless Station A od y EE Bi u OE _ Wireless Station C E BSS 1 Wireless Station B BSS 2 Seng e A A e a ESS res
46. s the version number of the ZyAIR wireless card driver OK Click OK to apply the changes and close the screen Cancel Click Cancel to discard all changes and close the screen Help Click Help to display on line help screen 2 18 Using the ZyAIR Utility ZyAIR G 200 User s Guide Chapter 3 Maintenance This chapter describes how to uninstall or upgrade the ZyAIR Utility 3 1 Removing the ZyAIR Utility Follow the steps below to remove or uninstall the ZyAIR Utility from your computer 1 Click Start Programs ZyAIR G 200 Wireless LAN USB Adapter Uninstall 2 A Confirm Uninstallation window displays Click OK to remove the driver and the utility software Confirm Uninstallation Do you want to uninstall the device driver application and all its components Figure 3 1 Confirm Uninstallation 3 Restart your computer when prompted 3 2 Upgrading the ZyAIR Utility To perform the upgrade follow the steps below 1 Download the latest version of the utility from the ZyXEL web site and save the file on your computer 2 Follow the steps in the Removing the ZyAIR Utility section to remove the current ZyAIR Utility from your computer 3 Restart the computer when prompted 4 After restarting refer to the procedure in the Quick Installation Guide to install the new utility software 5 Check the version numbers in the About screen to make sure the new utility is installed properly 3 3 D
47. th RADIUS Server Example EE ve E C Network TYPE esse sa sa ee Re Re ee 2 1 Ad HOdIBSS ae 2 1 Infrastructure esse sees ee se ee ee ee 2 2 O Online Registration iii Open SYStEM sesse ss se ee de AE ge 2 9 Operating Mode See Network Type P Passphrase 2 8 2 10 2 13 2 16 2 17 od ee lin E Preface sn sense xiii problem description ees ses sea ee ek ee 4 Product specifications G Index ZyAIR G 200 User s Guide Protected EAP ria See PEAP W R W TaY nn 111 eN RE E iii Related Documentation eee xiii WER adn 2 8 Remove the ZyAIR Utility 3 1 WEP Data Encryption RESISnalS nia essen A ConfigUrINE ees se ese ek ek ee Re Ge ee 2 8 ROME inici 2 2 WEP Data Encryption with 2 8 2 11 2 13 Example riadas 2 2 2 16 WEP Key ss n sesde Gegee en 2 8 S Wired Equivalent Privacy See WEP Safely disconnect the ZyAlR 3 1 Wireless LAN ME AN See SSID Benefits EE RE Er A Sharel E eye 2 9 Wireless LAN Parameters Site Survey RE EE NE 2 4 2 5 Channel ee 2 1 A GO N Er 2 7 OORDELE ee EE q e N a 2 1 Network TYPE nennen Syntax Conventions ER EES xiii SSID EE ee Ee ee 2 1 Transmission Rate ese ses se eek ee 2 1 T Wireless LAN Security Data Encryption with WEP 2 8 2 11 2 TLS EE E 13 2 16 Transmission rate ET 2 1 WLAN ann nun A See Wireless LAN Transport Layer Security See TLS WEN EE EE EE EE EE EE
48. the drop down list box EAP Type Select an EAP Type from the drop down list box See Types of EAP Authentication in the Appendix of this User s Guide for information on the fields listed below EAP TLS EAP TTLS EAP MD5 EAP PEAP LEAP Login Name Enter a user name This is the user name that you or an administrator set up on the RADIUS server Password Enter the password associated with the user name above Validate Server This field is not available when you select EAP MD5 or LEAP from the EAP Type Certificate list The server presents a certificate to the client After validating the identity of the server the client sends a different certificate to the server Select the check box to have your server validate this certificate OK Click OK to apply the changes and close the screen 2 7 The About Screen The About screen displays related version numbers of the ZyAIR Using the ZyAIR Utility 2 17 ZyAlR G 200 User s Guide ZyAIR G 200 Wireless LAN USB Adapter a xj Link Info Configuration Site Survey About Z X E l ZyAIR G 200 Wireless LAN USB y Copyright c 2004 r Software Details Utility Version 1 3 Driver Version 1 3 42 9 Figure 2 16 About The following table describes the read only fields in this screen Table 2 8 About FIELD DESCRIPTION Utility Version This field displays the version number of the ZyAlR Utility Driver Version This field display
49. twork type the key and then click Connect Network key If vou are having difficulty connecting to a network click Advanced Figure 1 4 Windows XP Connect to Wireless Network 1 2 Getting started ZyAIR G 200 User s Guide 6 Inthe Wireless Network Connection Properties window make sure the Use Windows to configure my wireless network settings check box is not selected Click OK Wireless Network Connection Properties PR General Wireless Networks Authentication Advanced Available networks AOL i SOC_TEST i CPESW3 Preferred networks Learn about setting up wireless network configuration Figure 1 5 Windows XP Wireless Network Connection Properties 1 3 Accessing the ZyAIR Utility After you installed the ZyAIR Utility an icon for the ZyAIR Utility appears in the system tray E When the ZyAIR Utility system tray icon displays the ZyAIR is installed properly Figure 1 6 ZyAIR Utility System Tray Icon The color of the ZyAIR Utility system tray icon indicates the status of the ZyAIR Refer to the following table for details Table 1 1 ZyAIR Utility System Tray Icon COLOR DESCRIPTION Red The ZyAIR is working properly but is not connected to any AP or wireless station Green The ZyAlR is connected to a wireless network Double click on the ZyAIR Utility icon in the system tray to open the Zy AIR Utility Getting Started 1 3 ZyAIR
50. twork is allowed type a Password Certificate This field is only available when you select EAP TLS in the EAP Type field You must first have a wired connection to a network and obtain the certificate s from a certificate authority CA Consult your network administrator for more information Validate Server Certificate This field is not available when you select EAP MD5 or LEAP from the EAP Type list The server presents a certificate to the client After validating the identity ofthe server the client sends a different certificate to the server Select the check box to have your server validate this certificate TTLS Protocol PEAP Protocol Select a protocol from the drop down list box The choices are EAP TTLS PAP CHAP MS CHAP MS CHAP v2 EAP PEAP MD5 Challenge EAP GTC MS CHAP v2 See the Types of EAP Authentication in the appendix for details OK Click OK to apply the changes and close the screen 2 6 3 Data Encryption with WPA PSK Select WPA PSK from the Authentication drop down list box to view the security configuration options Using the ZyAIR Utility 2 13 ZyAIR G 200 User s Guide WPA PSK Application Example A WPA PSK application looks as follows 1 First enter identical passwords into the AP and all wireless clients The Pre Shared Key PSK or Passphrase must consist of between 8 and 63 ASCII characters including spaces and symbols 2 The A
51. uded CD for support documents and device drivers gt Quick Installation Guide Our Quick Installation Guide is designed to help you get your ZyAIR up and running right away It contains a detailed easy to follow connection diagram and information on installing your ZyAIR gt ZyXEL Glossary and Web Site Please refer to www zyxel com for an online glossary of networking terms and additional support documentation User Guide Feedback Help us help you E mail all User s Guide related comments questions or suggestions for improvement to techwriters zyxel com tw or send regular mail to The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road Il Science Based Industrial Park Hsinchu 300 Taiwan Thank you Preface xiii ZyAIR G 200 User s Guide Chapter 1 Getting Started This chapter prepares you to using the ZyAIR Utility 1 1 ZyAIR Hardware and Utility Installation Follow the instructions in the Quick Installation Guide to install the ZyAIR Utility and driver and make hardware connections 1 2 Disable Windows XP Wireless LAN Configuration Tool Windows XP includes a configuration tool for wireless LAN devices er DO NOT use the Windows XP configuration tool and the ZyAIR Utility at the same time It is recommended you use the ZyAIR Utility to configure the ZyAIR There are two methods to disable the configuration tool in Windows XP after you install the ZyAIR Utility From ZyAIR Utility
52. ween access points and seamless campus wide coverage is possible Pd A El A 3 a H AP 1 y AP 2 Notebook with H eed Desktop with Wireless Card p i olese val 2 WrelessCad x 7 H a to p H A MA 7 E s se lt gt N x A FF Desktop with PA x Desktop with Wireless Card Notebook with Pr N Wireless Card hy al Wireless Card y ESS Nore gh er se Br ies Wireless Car ee Diagram 4 2 ESS Provides Campus Wide Coverage B Wireless LAN and IEEE 802 11 ZyAIR G 200 User s Guide Appendix B Wireless LAN With IEEE 802 1x As wireless networks become popular for both portable computing and corporate networks security is now a priority Security Flaws with IEEE 802 11 Wireless networks based on the original IEEE 802 11 have a poor reputation for safety The IEEE 802 11b wireless access standard first published in 1999 was based on the MAC address As the MAC address is sent across the wireless link in clear text it is easy to spoof and fake Even the WEP Wire Equivalent Privacy data encryption is unreliable as it can be easily decrypted with current computer speed Deployment Issues with IEEE 802 11 User account management has become a network administrator s nightmare in a corporate environment as the IEEE 802 11b standard does not provide any central user account management User access control is done through manual modification of the
53. yAIR BI IE id di RE RE N EE EN N 2 3 Figure 2 6 Site RAS RO EE EE N EER EE RE EES E ESE 2 5 Figure 27 Conhieuration pins aise DE Ge RS ao Ree ee GR ee 2 6 Figure 2 8 ZyAIR Wireless Security Levels iese se se ese se ee ek ee GR Ge Re Gee Re ek ee GRA Ge AR Ge ee ek ee ek Ge AR Ge 2 7 Figure 2 9 WEP Authentication Steps iese sesse sesse se Ge ee Ge ee GR ee GRA Ge AR GR Re ek ee GR GR ee GR Ge ee Ge Re Ge ek Ge 2 9 Figure 2 10 WEP AuthenticaHOn esse sesse sesse se ge ek Ge ee ek Ge ee GR ee GRA Ge Ge Re GR ee GRA Ge AA Ge ee Gee Re Re GR ee eke 2 10 Figure 2 11 WPA AuthenticatiOn ee ee ee ee RR Re GR Re GRA GRA GRA GRA GRA ee ee ee ee ee Re ee Re ee Re Re ee Re ee Re ee ee 2 12 Figure 2 12 WPA PSK AuthenticaHon esse sees se ee ek ge AR Ge AR GR AR GR Re AR Ge Re AR Ge AR Ge Re GR ee AR nennen 2 14 Figure 2 13 WPA with RADIUS Application Example esse sesse esse se ese ee ee se GR ke Ge Re Gee Re GR ee Ge AR ee ee Ge Re Ge 2 15 Figure 2 14 WPA PSK Authentication ees see see se ee ek ee RA Ge Ge GRA Ge Ge Re GR ee GRA Ge AR Ge Re GR Re eke ee ek ee 2 15 Figure 2 15 802 1 Authentication RE EE OR EE OE 2 17 Figure 2 16 Ne 1 EE OE OR OE EE OE ORE a 2 18 Figure 3 1 Confirm Uninstallation e iese sesse se se ek Ge Re GRA Ge AR GR Ge AR Ge GR eke ee GRA Ge AR Ge Re ek ee ek Ge AA Ge 3 1 Figure 3 2 A NAAI AS EE ER ER EO EE EE SEE N 3 2 Figure 3 3 Removable Device System Tray Icon Windows XP esse see se ee Se Ge
Download Pdf Manuals
Related Search