PDA

View Full Version : Wireless authentication



egd
2006-03-31, 21:56
I have the following hardware setup:
- SB3
- ZyXEL P-2602HWL-61C over POTS ADSL2+ VoIP wireless broadband router
- ReadyNAS NV

The ReadyNAS is wired to one of the ZyXEL LAN ports and can be seen on the network from Windows XP.
I'd like to get the ReadyNAS and SB3 talking to one another wirelessly, utilising the zyXEL to provide the wireless connectivity


The SB3 detects the ZyXEL. The SB3 offers the following wireless authentication methods:
- No password/no encryption
- 64 & 128 bit WEP (not an option as insecure)
- WPA Personal
- WPA2 Personal

The ZyXEL offers the following wireless authentication methods:
- allow association by Wireless LAN- MAC Filter
- 802.1x
- WPA
- WPA-PSK

Any idea which of these (other than WEP) are compatible? I was thinking of forcing MAC accoiation, but this would be a problem everytime I introdced another wireless device into the house that needs to talk to the ReadyNAS.

snarlydwarf
2006-03-31, 22:03
WPA-PSK, which (if you look a little deeper, or perhaps it's the only choice on your router) would be TKIP encryption.

PSK = Pre-shared Key: ie, you have to put the same key in the server (router or access point) and in any clients (squeezeboxes, laptops, whatever).

That's what you want, and at this writing it's considered secure.

egd
2006-03-31, 22:24
WPA-PSK, which (if you look a little deeper, or perhaps it's the only choice on your router) would be TKIP encryption.

PSK = Pre-shared Key: ie, you have to put the same key in the server (router or access point) and in any clients (squeezeboxes, laptops, whatever).

That's what you want, and at this writing it's considered
secure.


Thx. Which of "WPA Personal" and/or "WPA2 Personal" represents WPA-PSK?

FYI. WPA-PSK has been cracked. See http://blogs.zdnet.com/Ou/index.php?p=9

snarlydwarf
2006-03-31, 22:42
Well, that article says you can do a dictionary attack... so don't chose a lame key like 'password' or 'secret' It's not really that the encryption has been broken, just that brute force works on dumb passwords. :)

What the SB calls WPA = WPA/PSK/TKIP

WPA2 mandates AES (where it's optional instead of TKIP in WPA), but WPA2 is new enough that a lot of compatibility problems exist. I don't know what your router means by seperating WPA and WPA-PSK... They're different layers of the protocol.

egd
2006-03-31, 23:00
I don't know what your router means by seperating WPA and WPA-PSK... They're different layers of the protocol.

Per my router's manual"Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA is preferred to WEP as WPA has user authentication and improved data encryption.

If you donít have an external RADIUS server, you should use WPA-PSK (WPA-Pre-Shared Key). WPA-PSK only requires a single (identical) password entered into each WLAN member. As long as the passwords match, a client will be granted access to a WLAN."

stinkingpig
2006-04-01, 09:39
snarlydwarf wrote:
> Well, that article says you can do a dictionary attack... so don't chose
> a lame key like 'password' or 'secret' It's not really that the
> encryption has been broken, just that brute force works on dumb
> passwords. :)
>

You mean I gotta think up a strong password and keep it secret!? I feel
totally screwed... Here I've spent hundreds and hundreds of dollars on
Slim Devices, and those cheap jerks won't even come to my house and set
it up!?

--
Jack at Monkeynoodle dot Org: It's a Scientific Venture...
Riding the Emergency Third Rail Power Trip Since 1996

egd
2006-04-07, 21:38
I am very pleased to report that I have managed to solve my wireless authentication problems with the help of Ross Levine in Slim Devices support.

Basically it was a firmware issue - my SB3's were on firmware v29. I upgraded to v37, voila WPA Personal works and I'm listening to FLAC encoded audio with no stuttering or dropout as I type this.

Haven't tried WPA2 Personal yet but will in due course. Thx again Ross :)