Page 1
ZyAIR G-300
Wireless LAN PCI Adapter
User's Guide
Version 2.00
October 2004
Page 2
ZyAIR G-300 User’s Guide
Copyright
Copyright ©2004 by ZyXEL Communications Corporation
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a
retrieval system, translated into any language, or transmitted in any form or by any means, electronic,
mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written
permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software
described herein. Neither does it convey any license under its patent rights nor the patents' rights of others.
ZyXEL further reserves the right to make changes in any products described herein without notice. This
publication is subject to change without notice.
Trademarks
Trademarks mentioned in this publication are used for identification purposes only and may be properties
of their respective owners.
ii Copyright
Page 3
ZyAIR G-300 User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials
or workmanship for a period of up to one (1) year from the date of purchase. During the warranty period
and upon proof of purchase, should the product have indications of failure due to faulty workmanship
and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components
without charge for either parts or labor and to whatever extent it shall deem necessary to restore the product
or components to proper operating condition. Any replacement will consist of a new or re-manufactured
functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty
shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected
to abnormal working conditions.
NOTE
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This
warranty is in lieu of all other warranties, express or implied, including any implied warranty of
merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for
indirect or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material
Authorization (RMA) number. Products must be returned Postage Prepaid. It is recommended that the unit
be insured when shipped. Any returned products without proof of purchase or those with an out-dated
warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts
and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address,
Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary
from country to country.
Online Registration
Register online at www.zyxel.com
.for free future product updates and information.
ZyXEL Limited Warranty iii
Page 4
ZyAIR G-300 User’s Guide
Information for Canadian Users
The Industry Canada label identifies certified equipment. This certification means that the equipment meets
certain telecommunications network protective operation and safety requirements. The Industry Canada
does not guarantee that the equipment will operate to a user's satisfaction.
Before installing this equipment, users should ensure that it is permissible to be connected to the facilities
of the local telecommunications company. The equipment must also be installed using an acceptable
method of connection. In some cases, the company's inside wiring associated with a single line individual
service may be extended by means of a certified connector assembly. The customer should be aware that
compliance with the above conditions may not prevent degradation of service in some situations.
Repairs to certified equipment should be made by an authorized Canadian maintenance facility designated
by the supplier. Any repairs or alterations made by the user to this equipment, or equipment malfunctions,
may give the telecommunications company cause to request the user to disconnect the equipment.
For their own protection, users should ensure that the electrical ground connections of the power utility,
telephone lines, and internal metallic water pipe system, if present, are connected together. This precaution
may be particularly important in rural areas.
Caution
Users should not attempt to make such connections themselves, but should contact the appropriate
electrical inspection authority, or electrician, as appropriate.
Note
This digital apparatus does not exceed the Class B limits for radio noise emissions from digital apparatus
set out in the radio interference regulations of Industry.
iv Information for Canadian Users
Page 5
ZyAIR G-300 User’s Guide
Federal Communications Commission
(FCC) Interference Statement
The device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause undesired
operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful
interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency
energy, and if not installed and used in accordance with the instructions, may cause harmful interference to
radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of
the following measures:
1. Reorient or relocate the receiving antenna.
2. Increase the separation between the equipment and the receiver.
3. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
4. Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the
user's authority to operate the equipment.
Caution
1. To comply with FCC RF exposure compliance requirements, a separation distance of at least 20 cm
must be maintained between the antenna of this device and all persons.
2. This Transmitter must not be co-located or operating in conjunction with any other antenna or
transmitter.
Certifications
Refer to the product page at www.zyxel.com
FCC Statement v
.
Page 6
Page 7
ZyAIR G-300 User’s Guide
Customer Support
When contacting your Customer Support Representative, please have the following information ready:
Product model and serial number.
Warranty Information.
Date you received your product.
Brief description of the problem and the steps you took to solve it.
LOCATION
WORLDWIDE
AMERICA
SUPPORT E-MAIL TELEPHONE1 WEB SITE METHOD
SALES E-MAIL FAX1 FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
ZyXEL Communications
sales@zyxel.com.tw
support@zyxel.com +1-800-255-4101
sales@zyxel.com
support@zyxel.de +49-2405-6909-0 www.zyxel.de GERMANY
sales@zyxel.de
support@zyxel.es +34 902 195 420 SPAIN
sales@zyxel.es
support@zyxel.dk +45 39 55 07 00 www.zyxel.dk DENMARK
sales@zyxel.dk
support@zyxel.no +47 22 80 61 80 www.zyxel.no NORWAY
sales@zyxel.no
+886-3-578-2439 ftp.europe.zyxel.com
+1-714-632-0882
+1-714-632-0858 ftp.us.zyxel.com
+49-2405-6909-99
+33 (0)4 72 52 97 97 FRANCE info@zyxel.fr
+33 (0)4 72 52 19 20
+34 913 005 345
+45 39 55 07 07
+47 22 80 61 81
www.europe.zyxel.com
ftp.zyxel.com
www.us.zyxel.com NORTH
www.zyxel.fr ZyXEL France
www.zyxel.es
REGULAR MAIL
ZyXEL Communications Corp.
6 Innovation Road II
Science Park
Hsinchu 300
Taiwan
ZyXEL Communications Inc.
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.
ZyXEL Deutschland GmbH.
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
1 rue des Vergers
Bat. 1 / C
69760 Limonest
France
Alejandro Villegas 33
1º, 28043 Madrid
Spain
ZyXEL Communications A/S
Columbusvej 5
2860 Soeborg
Denmark
ZyXEL Communications A/S
Nils Hansens vei 13
0667 Oslo
Norway
1
“+” is the (prefix) number you enter to make an international telephone call.
Customer Support vii
Page 8
ZyAIR G-300 User’s Guide
SUPPORT E-MAIL TELEPHONE1 WEB SITE METHOD
LOCATION
FINLAND support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
SALES E-MAIL FAX1 FTP SITE
support@zyxel.se +46 31 744 7700 www.zyxel.se SWEDEN
sales@zyxel.se
+46 31 744 7701
REGULAR MAIL
ZyXEL Communications A/S
Sjöporten 4, 41764 Göteborg
Sweden
Malminkaari 10
00700 Helsinki
Finland
viii Information for Canadian Users
Page 9
ZyAIR G-300 User’s Guide
Table of Contents
Copyright.........................................................................................................................................ii
ZyXEL Limited Warranty ...............................................................................................................iii
Information for Canadian Users...................................................................................................iv
Federal Communications Commission (FCC) Interference Statement.....................................v
Customer Support ........................................................................................................................vii
List of Figures............................................................................................................................... xi
List of Tables................................................................................................................................ xii
Preface......................................................................................................................................... xiii
Chapter 1 Getting Started .......................................................................................................... 1-1
1.1 About Your ZyAIR G-300 ............................................................................................. 1-1
1.2 ZyAIR Hardware and Utility Installation..................................................................... 1-1
1.3 Configuration Methods................................................................................................ 1-1
1.4 Windows XP Users Only ............................................................................................. 1-2
1.5 Accessing the ZyAIR Utility ........................................................................................ 1-2
Chapter 2 Using the ZyAIR Utility ............................................................................................. 2-1
2.1 About Wireless LAN Network ..................................................................................... 2-1
2.1.1 Channel................................................................................................................... 2-1
2.1.2 SSID........................................................................................................................ 2-1
2.1.3 Transmission Rate .................................................................................................. 2-1
2.1.4 Wireless Network Application ................................................................................. 2-1
2.1.5 Roaming.................................................................................................................. 2-3
2.1.6 Profile...................................................................................................................... 2-4
2.1.7 Threshold Controls.................................................................................................. 2-4
2.2 Wireless LAN Security................................................................................................. 2-5
2.2.1 Authentication Mode ............................................................................................... 2-6
2.2.2 IEEE 802.1x ............................................................................................................ 2-6
2.2.3 WPA........................................................................................................................ 2-6
2.2.4 WPA-PSK Application Example.............................................................................. 2-7
2.2.5 WPA with RADIUS Application Example................................................................ 2-8
2.3 The Configuration Screen ........................................................................................... 2-9
Table of Contents ix
Page 10
ZyAIR G-300 User’s Guide
2.3.1 The Advanced Configuration Screen .................................................................... 2-12
2.3.2 The Security Screen.............................................................................................. 2-13
2.3.3 The Certificate Screen .......................................................................................... 2-16
2.4 The Site Survey Screen ............................................................................................. 2-18
2.4.1 Connecting to a Network....................................................................................... 2-20
2.5 The About Screen....................................................................................................... 2-20
Chapter 3 Maintenance ..............................................................................................................3-1
3.1 Removing the ZyAIR Utility ......................................................................................... 3-1
3.2 Upgrading the ZyAIR Utility ........................................................................................ 3-1
Chapter 4 Troubleshooting........................................................................................................ 4-1
4.1 Problems Starting the ZyAIR Utility Program ........................................................... 4-1
4.2 Problems Communicating With Other Computers ................................................... 4-1
4.3 Problem with the Link Status...................................................................................... 4-2
Appendix A Disable Windows XP Wireless LAN Configuration Tool.......................................A
Appendix B Management with Wireless Zero Configuration ..................................................... I
Appendix C Types of EAP Authentication ..................................................................................Y
Appendix D Product Specifications.......................................................................................... AA
Index............................................................................................................................................. CC
x Table of Contents
Page 11
ZyAIR G-300 User’s Guide
List of Figures
Figure 1-1 ZyAIR Utility: System Tray Icon .................................................................................. 1-2
Figure 2-1 Ad-hoc Network Example............................................................................................ 2-2
Figure 2-2 BSS Example .............................................................................................................. 2-2
Figure 2-3 Infrastructure Network Example.................................................................................. 2-3
Figure 2-4 Roaming Example....................................................................................................... 2-3
Figure 2-5 RTS Threshold ............................................................................................................ 2-4
Figure 2-6 Wireless LAN Security Levels..................................................................................... 2-5
Figure 2-7 WPA-PSK Authentication ............................................................................................ 2-8
Figure 2-8 WPA with RADIUS Application Example..................................................................... 2-9
Figure 2-9 Configuration............................................................................................................. 2-10
Figure 2-10 Configuration: Advanced......................................................................................... 2-12
Figure 2-11 Configuration: Privacy Configuration: Security ....................................................... 2-14
Figure 2-12 Configuration: Privacy Configuration: Certification ................................................. 2-17
Figure 2-13 Site Survey.............................................................................................................. 2-19
Figure 2-14 ZyAIR Utility: About ................................................................................................. 2-21
Figure 3-1 Confirm Uninstallation................................................................................................. 3-1
List of Figures xi
Page 12
ZyAIR G-300 User’s Guide
List of Tables
Table 1-1 ZyAIR Utility: System Tray Icon ....................................................................................1-2
Table 2-1 Configuration...............................................................................................................2-10
Table 2-2 Configuration: Advanced............................................................................................. 2-12
Table 2-3 Configuration: Privacy Configuration: Security ........................................................... 2-14
Table 2-4 Configuration: Privacy Configuration: Certification..................................................... 2-17
Table 2-5 Site Survey..................................................................................................................2-19
Table 2-6 ZyAIR Utility: About..................................................................................................... 2-21
Table 4-1 Troubleshooting Starting ZyAIR Utility Program ........................................................... 4-1
Table 4-2 Troubleshooting Communication Problems.................................................................. 4-1
Table 4-3 Troubleshooting Link Quality ........................................................................................ 4-2
xii List of Tables
Page 13
ZyAIR G-300 User’s Guide
Preface
Congratulations on the purchase of your new ZyAIR G-300 Wireless LAN PCI Adapter!
About This User's Guide
This guide provides information about the ZyAIR G-300 Wireless LAN Utility that you use to configure
your ZyAIR.
Syntax Conventions
• “Type” or “Enter” means for you to type one or more characters. "Select" or "Choose" means for
you to use one of the predefined choices.
• Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control
Panels and then Modem” means first click the Apple icon, then point your mouse pointer to
Control Panels and then click Modem.
• Window and command choices are in Bold Times New Roman font. Predefined field choices are
in Bold Arial font.
• The ZyXEL ZyAIR G-300 Wireless LAN PCI adapter is referred to as the ZyAIR in this guide.
• The ZyAIR G-300 Wireless LAN Utility may be referred to as the ZyAIR Utility in this guide.
Related Documentation
Support Disk
Refer to the included CD for support documents and device drivers.
Quick Installation Guide
Our Quick Installation Guide is designed to help you get your ZyAIR up and running right away.
It contains a detailed easy-to-follow connection diagram and information on installing your
ZyAIR.
ZyXEL Glossary and Web Site
Please refer to www.zyxel.com
documentation.
User Guide Feedback
Help us help you. E-mail all User’s Guide-related comments, questions or suggestions for improvement to
techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications
Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
Graphics Icons Key
for an online glossary of networking terms and additional support
Preface xiii
Page 14
ZyAIR G-300 User’s Guide
Wireless Access Point
Server
Telephone
Computer
Modem
Switch
Notebook computer
Wireless Signal
Router
xiv Preface
Page 15
ZyAIR G-300 User’s Guide
Chapter 1
Getting Started
This chapter prepares you to using the ZyAIR Utility.
1.1 About Your ZyAIR G-300
The ZyAIR G-300 is an IEEE 802.11g compliant wireless LAN adapter. With the ZyAIR, you can enjoy
the wireless mobility within the coverage area.
The following lists the main features of your ZyAIR.
• Your ZyAIR can communicate with other IEEE 802.11b/g compliant wireless devices.
• Automatic rate selection.
• Offers 64-bit and 128-bit WEP (Wired Equivalent Privacy) data encryption for network security.
• Supports IEEE 802.1x and WPA (Wi-Fi Protected Access)
• Low CPU utilization allowing more computer system resources for other programs.
• A built-in antenna
• Plug-and-play installation for Windows ME, Windows 2000 and Windows XP.
• Driver and utility support for Windows 98 Second Edition, Windows ME, Windows 2000 and
Windows XP.
1.2 ZyAIR Hardware and Utility Installation
Follow the instructions in the Quick Installation Guide to install the ZyAIR Utility and make hardware
connections.
1.3 Configuration Methods
To configure your ZyAIR, use one of the following applications:
• Wireless Zero Configuration (WZC) (recommended for Windows XP)
• ZyAIR Utility
• Odyssey Client Manager
DO NOT use the Windows XP configuration tool or the Odyssey Client Manager
and the ZyAIR Utility at the same time.
The bundled Odyssey Client Manager only works for your ZyAIR. Do NOT use the
Odyssey Client Manager to configure non-ZyXEL WLAN adapters.
Refer to the Odyssey Client Manager documentation for more information.
Getting Started 1-1
Page 16
ZyAIR G-300 User’s Guide
1.4 Windows XP Users Only
You must disable WZC if you want to use the ZyAIR utility. Refer to the appendices on how to deactivate
WZC or how to use WZC to manage the ZyAIR.
1.5 Accessing the ZyAIR Utility
After you installed the ZyAIR Utility, an icon for the ZyAIR Utility appears in the system tray.
When the ZyAIR Utility system tray icon displays, the ZyAIR is installed properly.
Figure 1-1 ZyAIR Utility: System Tray Icon
The color of the ZyAIR Utility system tray icon indicates the status of the ZyAIR. Refer to the following
table for details.
Table 1-1 ZyAIR Utility: System Tray Icon
COLOR DESCRIPTION
Blue The ZyAIR is connected to a wireless network.
Yellow The ZyAIR has a weak connection to a wireless network.
Red The ZyAIR is working properly but is not connected to any AP or wireless station.
Double click on the ZyAIR Utility icon in the system tray to open the ZyAIR Utility.
1-2 Getting Started
Page 17
ZyAIR G-300 User’s Guide
Chapter 2
Using the ZyAIR Utility
This chapter shows you how to configure the ZyAIR using the ZyAIR Utility.
2.1 About Wireless LAN Network
This section describes each wireless LAN parameter.
2.1.1 Channel
A radio frequency used by a wireless device is called a channel.
2.1.2 SSID
The SSID (Service Set Identity) is a unique name shared among all wireless devices in a wireless network.
Wireless devices must have the same SSID to communicate with each other.
2.1.3 Transmission Rate
Your ZyAIR automatically adjusts the transmission rate to operate at the maximum transmission (data)
rate. When the communication quality drops below a certain level, the ZyAIR automatically switches to a
lower transmission (data) rate. Transmission at lower data speeds is usually more reliable. However, when
the communication quality improves again, the ZyAIR gradually increases the transmission (data) rate
again until it reaches the highest available transmission rate.
2.1.4 Wireless Network Application
Wireless LAN works in either of the two modes: ad-hoc and infrastructure.
To connect to a wired network within a coverage area using Access Points (APs), set the ZyAIR operation
mode to Infrastructure. An AP acts as a bridge between the wireless stations and the wired network. In
case you do not wish to connect to a wired network, but prefer to set up a small independent wireless
workgroup without an AP, use the Ad-hoc mode.
Ad-Hoc (IBSS)
Ad-hoc mode does not require an AP or a wired network. Two or more wireless clients communicate
directly to each other. An ad-hoc network may sometimes be referred to as an Independent Basic Service
Set (IBSS).
Using the ZyAIR Utility 2-1
Page 18
ZyAIR G-300 User’s Guide
Figure 2-1 Ad-hoc Network Example
To set up an ad-hoc network, configure all wireless clients in ad-hoc network type
and use the same SSID and channel.
Infrastructure
When a number of wireless clients are connected using a single AP, you have a Basic Service Set (BSS).
Figure 2-2 BSS Example
A series of overlapping BSS and a network medium, such as an Ethernet forms an Extended Service Set
(ESS) or infrastructure network. All communication is done through the AP, which relays data packets to
other wireless clients or devices connected to the wired network. Wireless clients can then access resource,
such as the printer, on the wired network.
2-2 Using the ZyAIR Utility
Page 19
ZyAIR G-300 User’s Guide
Figure 2-3 Infrastructure Network Example
2.1.5 Roaming
In an infrastructure network, wireless stations are able to switch from one BSS to another as they move
between the coverage areas. During this period, the wireless stations maintain uninterrupted connection to
the network. This is roaming. As the wireless station moves from place to place, it is responsible for
choosing the most appropriate AP depending on the signal strength, network utilization or other factors.
The following figure depicts a roaming example. When Wireless Client B moves to position X, the ZyAIR
in Wireless Client B automatically switches the channel to the one used by access point AP 2 in order to
stay connected to the network.
Figure 2-4 Roaming Example
Using the ZyAIR Utility 2-3
Page 20
ZyAIR G-300 User’s Guide
2.1.6 Profile
The Profile function allows you to save the wireless network settings in this screen, use one of the preconfigured network profiles or reset the settings in this screen to the factory default values.
2.1.7 Threshold Controls
Fragmentation Threshold
A fragmentation threshold is the maximum data fragment size (between 256 and 2432 bytes) that can be
sent in the wireless network before the ZyAIR will fragment the packet into smaller data frames.
A large fragmentation threshold is recommended for networks not prone to interference while you should
set a smaller threshold for busy networks or networks that are prone to interference.
If the fragmentation threshold value is smaller than the RTS Threshold value (see previously) you set then
the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be
fragmented before they reach RTS Threshold size.
RTS Threshold
A hidden node occurs when two stations are within range of the same access point, but are not within range
of each other. The following figure illustrates a hidden node. Both stations are within range of the access
point (AP) or wireless gateway, but out-of-range of each other, so they cannot “hear” each other, that is
they do not know if the channel is currently being used. Therefore, they are considered hidden from each
other.
Figure 2-5 RTS Threshold
When station A sends data to the AP, it might not know that the station B is already using the channel. If
these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP
at the same time, resulting in a loss of messages for both stations.
RTS Threshold is designed to prevent collisions due to hidden nodes. An RTS Threshold defines the
biggest size data frame you can send before an RTS (Request To Send)/CTS (Clear to Send) handshake is
invoked.
When a data frame exceeds the RTS Threshold value you set (between 0 to 2432 bytes), the station that
wants to transmit this frame must first send an RTS (Request To Send) message to the AP for permission to
2-4 Using the ZyAIR Utility
Page 21
ZyAIR G-300 User’s Guide
send it. The AP then responds with a CTS (Clear to Send) message to all other stations within its range to
notify them to defer their transmission. It also reserves and confirms with the requesting station the time
frame for the requested transmission.
Stations can send frames smaller than the specified RTS Threshold directly to the AP without the RTS
(Request To Send)/CTS (Clear to Send) handshake.
You should only configure RTS Threshold if the possibility of hidden nodes exists on your network and
the “cost” of resending large frames is more than the extra network overhead involved in the RTS (Request
To Send)/CTS (Clear to Send) handshake.
If the RTS Threshold value is greater than the Frag Threshold value, then the RTS (Request To
Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach
RTS Threshold size.
Enabling the RTS threshold causes redundant network overhead that may affect
throughput performance.
2.2 Wireless LAN Security
Wireless LAN security is vital to your network to protect wireless communication between wireless
stations and the wired network.
The figure below shows the possible wireless security levels on your ZyAIR. EAP (Extensible
Authentication Protocol) is used for authentication and utilizes dynamic WEP key exchange. It requires
interaction with a RADIUS (Remote Authentication Dial-In User Service) server either on the WAN or
your LAN to provide authentication service for wireless stations.
Figure 2-6 Wireless LAN Security Levels
Configure the wireless LAN security using the Profile Security Settings screen. If you do not enable any
wireless security on your ZyAIR, the ZyAIR’s wireless communications are accessible to any wireless
networking device that is in the coverage area.
Using the ZyAIR Utility 2-5
Page 22
ZyAIR G-300 User’s Guide
Data Encryption with WEP
WEP (Wired Equivalent Privacy) encryption scrambles all data packets transmitted between the ZyAIR and
the AP or other wireless stations to keep network communications private. Both the wireless stations and
the access points must use the same WEP key for data encryption and decryption.
Your ZyAIR allows you to configure up to four 64-bit or 128-bit WEP keys and only one key is used as the
default key at any one time.
2.2.1 Authentication Mode
The IEEE 802.11b standard describes a simple authentication method between the wireless stations and
AP. Three authentication modes are defined: Open and Shared.
Open mode is implemented for ease-of-use and when security is not an issue. The wireless station and the
AP do not share a secret key. Thus the wireless stations can associate with any AP and listen to any data
transmitted plaintext.
Shared mode involves a shared secret key to authenticate the wireless station to the AP. This requires you
to enable the WEP encryption and specify a WEP key on both the wireless station and the AP.
2.2.2 IEEE 802.1x
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless
stations and encryption key management. Authentication can be done using an external RADIUS server.
EAP Authentication
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE 802.1x
transport mechanism in order to support multiple types of user authentication. By using EAP to interact
with an EAP-compatible RADIUS server, an access point helps a wireless station and a RADIUS server
perform authentication.
The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that supports
IEEE802.1x. The ZyAIR supports EAP-TLS, EAP-PEAP and LEAP. Refer to the Types of EAP
Authentication appendix for descriptions.
For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the
certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used to
authenticate users and a CA issues certificates and guarantees the identity of each certificate owner.
2.2.3 WPA
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key differences
between WPA and WEP are user authentication and improved data encryption.
User Authentication
WPA applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients
using an external RADIUS database.
2-6 Using the ZyAIR Utility
Page 23
ZyAIR G-300 User’s Guide
Therefore, if you don’t have an external RADIUS server, you should use WPA-PSK (WPA -Pre-Shared
Key) that only requires a single (identical) password entered into each access point, wireless gateway and
wireless client. As long as the passwords match, a client will be granted access to a WLAN.
Encryption
WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity
Check (MIC), IEEE 802.1x and Advanced Encryption Standard (AES).
Temporal Key Integrity Protocol (TKIP) uses 128-bit keys that are dynamically generated and distributed
by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check
(MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying
mechanism.
TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used
twice. The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key
hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption
keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.
This all happens in the background automatically.
The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering
them and resending them. The MIC provides a strong mathematical function in which the receiver and the
transmitter each compute and then compare the MIC. If they do not match, it is assumed that the data has
been tampered with and the packet is dropped.
By generating unique data encryption keys for every data packet and by creating an integrity checking
mechanism (MIC), TKIP makes it much more difficult to decode data on a Wi-Fi network than WEP,
making it difficult for an intruder to break into the network.
The encryption mechanisms used for WPA and WPA-PSK are the same. The only difference between the
two is that WPA-PSK uses a simple common password, instead of user-specific credentials. The commonpassword approach makes WPA-PSK susceptible to brute-force password-guessing attacks but it’s still an
improvement over WEP as it employs an easier-to-use, consistent, single, alphanumeric password.
Advanced Encryption Standard (AES) is a newer method of data encryption that also uses a secret key.
This implementation of AES applies a 128-bit key to 128-bit blocks of data
2.2.4 WPA-PSK Application Example
A WPA-PSK application looks as follows.
1. First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must
consist of between 8 and 63 ASCII characters (including spaces and symbols).
2. The AP checks each client’s password and (only) allows it to join the network if it matches its
password.
3. The AP derives and distributes keys to the wireless clients.
4. The AP and wireless clients use the TKIP encryption process to encrypt data exchanged between them.
Using the ZyAIR Utility 2-7
Page 24
ZyAIR G-300 User’s Guide
Figure 2-7
WPA-PSK Authentication
2.2.5 WPA with RADIUS Application Example
You need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared
secret. A WPA application example with an external RADIUS server looks as follows. “A” is the RADIUS
server. “DS” is the distribution system.
1. The AP passes the wireless client’s authentication request to the RADIUS server.
2. The RADIUS server then checks the user's identification against its database and grants or denies
network access accordingly.
3. The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key
hierarchy and management system, using the pair-wise key to dynamically generate unique data
encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the
wireless clients.
2-8 Using the ZyAIR Utility
Page 25
ZyAIR G-300 User’s Guide
Figure 2-8 WPA with RADIUS Application Example
2.3 The Configuration Screen
Click the Configuration tab to display the screen as shown next.
Using the ZyAIR Utility 2-9
Page 26
ZyAIR G-300 User’s Guide
Figure 2-9 Configuration
The following table describes the labels in this screen.
Table 2-1 Configuration
LABEL DESCRIPTION
Profile This field displays the name of a predefined profile.
To use a previously saved network profile, select the profile file name from the dropdown list box. Once you activate a profile, the ZyAIR Utility will use that profile the next
time it is started. If you do not activate a profile, the ZyAIR Utility reverts to use the
default profile.
Save
Delete
Configuration
Enter a descriptive name in the Profile field and click Save to save the current
configuration settings this screen.
Select a profile from the drop-down list box and click Delete to remove the selected
profile.
2-10 Using the ZyAIR Utility
Page 27
ZyAIR G-300 User’s Guide
Table 2-1 Configuration
LABEL DESCRIPTION
SSID Enter the SSID (Service Set IDentifier) of the AP or the peer ad-hoc computer to which
you want to associate. To associate to an ad-hoc network, you must enter the same
SSID as the peer ad-hoc computer.
Enter “any” to associate to or roam between any infrastructure wireless networks.
Advanced
Network Type
WEP Enabled The WEP keys are used to encrypt data before transmitting.
Ad-Hoc Channel
Transmit Rate
Default
Apply
Status
State This field displays the type of wireless network and the name and MAC address of the
Current Channel This field displays the radio channel the ZyAIR is currently using.
Current Tx Rate This field displays the current transmission rate of the ZyAIR in megabits per second.
Throughput
(byte/sec)
Link Quality The status bar and the percentage number show the quality of the signal.
Click Advanced to display the Advanced Configuration screen. Refer to Section 2.3.1.
Select Infrastructure or Ad-Hoc from the drop-down list box.
Select Infrastructure to associate to an AP.
Select Ad-Hoc to associate to a peer ad-hoc computer.
Refer to Section 2.1.4 for more information.
Select this check box to activate WEP encryption. Refer to Section 2.2 for more
information.
This field is activated if you select Ad-Hoc in the Network Type field.
Select the channel number from the drop-down list box. To associate to a peer ad-hoc
computer, you must use the same channel as the peer ad-hoc computer.
Select a transmission rate from the drop-down list box. The default is Auto.
Click Default to return the field settings under Configuration back to the factory
defaults.
Click Apply to save and activate the field settings under Configuration.
wireless device to which the ZyAIR is connected.
TX This field displays the number of data frames transmitted.
RX This field displays the number of data frames received.
Using the ZyAIR Utility 2-11
Page 28
ZyAIR G-300 User’s Guide
Table 2-1 Configuration
LABEL DESCRIPTION
Link Strength The status bar and the percentage number or a number in dBm show the strength of the
signal.
Rescan
Click Rescan to re-establish connection to the wireless device whose SSID is shown in
the State field.
2.3.1 The Advanced Configuration Screen
In the Configuration screen, click Advanced to display the pop-up screen as shown.
Figure 2-10 Configuration: Advanced
The following table describes the labels in this screen.
Table 2-2 Configuration: Advanced
LABAL DESCRIPTION
Power Save
Enable
Select this check box to reduce power consumption (especially for laptop computers).
This forces the ZyAIR to go to sleep mode when it is not transmitting data.
This only works if the wireless device to which the ZyAIR is
connected also supports this feature.
2-12 Using the ZyAIR Utility
Page 29
ZyAIR G-300 User’s Guide
Table 2-2 Configuration: Advanced
LABAL DESCRIPTION
RTS Threshold Data with its frame size larger than this value will perform the RTS/CTS handshake.
Setting this attribute to be larger than the maximum MSDU (MAC service data unit) size
turns off the RTS/CTS handshake. Setting this attribute to zero turns on the RTS/CTS
handshake.
Frag Threshold The threshold (number of bytes) for the fragmentation boundary for directed messages.
It is the maximum data fragment size that can be sent.
Nitro Time This is the time interval (in usec) between packet bursts. This allows your ZyAIR to
operate in a network with IEEE802.11b wireless LAN devices and still take advantage of
higher transmission rates with IEEE802.11g standard.
OK
Cancel
Click OK to save the settings.
Click Cancel to discard all changes and close this screen.
2.3.2 The Security Screen
You can configure the ZyAIR to connect to a network with wireless security. In the Configuration screen,
select WEP Enable and click Edit. A Security screen displays as shown.
Field choices vary depending on what encryption method or authentication mode you select in this screen.
Refer to Section 2.2.1 and Section 2.2.3 for more information.
Using the ZyAIR Utility 2-13
Page 30
ZyAIR G-300 User’s Guide
Figure 2-11 Configuration: Privacy Configuration: Security
The following table describes the labels in this screen.
Table 2-3 Configuration: Privacy Configuration: Security
LABEL DESCRIPTION
Privacy
Authentication Mode
Encryption Mode
IEEE 802.1X
Authentication
Select an authentication mode. Choices are Open, Share, WPA and WPA-
PSK.
Select an encryption method. Choices are WEP, TKIP and AES.
2-14 Using the ZyAIR Utility
Page 31
ZyAIR G-300 User’s Guide
Table 2-3 Configuration: Privacy Configuration: Security
LABEL DESCRIPTION
Enable IEEE 802.1X
Authentication for this
network
EAP Type
Keys will be generated
automatically for data
privacy.
Pre-configured Key
(WEP)
Format for entering key
Key Index Select the number (1 to 4) of a key you wish to configure.
Key Length
Network Key Enter the WEP keys in the fields provided.
Select this checkbox to enable IEEE 802.1X authentication to log into the
network.
Select an EAP type. Choices are TLS, PEAP and LEAP.
Select this checkbox to allow the ZyAIR to obtain the security keys from an
authentication server (the RADIUS server). The authentication server
automatically generates the security keys.
Set the following fields when you select WEP in the Encryption Mode field.
Specify the key format. Select either hexadecimal digits or characters.
Specify the key length. Select 64 bits or 128 bits.
If you select 64 bits in the Key Length field.
Enter either 10 hexadecimal digits in the range of “A-F”, “a-f” and “0-9”
(e.g. 11AA22BB33) for HEX key type
or
Enter 5 ASCII characters (case sensitive) ranging from “a-z”, “A-Z” and
“0-9” (e.g. MyKey) for ASCII key type.
If you select 128 bits in the Key Length field,
Enter either 26 hexadecimal digits in the range of “A-F”, “a-f” and “0-9”
(for example, 00112233445566778899AABBCC) for HEX key type
or
Enter 13 ASCII characters (case sensitive) ranging from “a-z”, “A-Z”
and “0-9” (for example, MyKey12345678) for ASCII key type.
ASCII WEP keys are case sensitive.
Select a WEP key to use for data encryption.
Confirm Network Key Enter the key again for confirmation.
Pre-Shared Key (WPA)
Set the following fields when you select WPA-PSK in the Encryption Mode
field.
Using the ZyAIR Utility 2-15
Page 32
ZyAIR G-300 User’s Guide
Table 2-3 Configuration: Privacy Configuration: Security
LABEL DESCRIPTION
Network Key Enter the pre-shared key (PSK) or passphrase from 8 to 63 case-sensitive
ASCII characters (including spaces and symbols).
Confirm Network Key Enter the PSK again for confirmation.
OK
Cancel
Click OK to save the changes.
Click Cancel to discard all changes and close the screen.
2.3.3 The Certificate Screen
If you set the ZyAIR to use an EAP type (TLS, PEAP or LEAP), configure the Certificate screen.
Click the Certificate tab in the Privacy Configuration screen to display the screen as shown.
2-16 Using the ZyAIR Utility
Page 33
ZyAIR G-300 User’s Guide
Figure 2-12 Configuration: Privacy Configuration: Certification
The following table describes the labels in this screen.
Table 2-4 Configuration: Privacy Configuration: Certification
LABEL DESCRIPTION
Certificate Information Specify the certificate(s) in the fields.
You must first have a wired connection to a network and
obtain the certificate(s) from a certificate authority (CA).
Consult your network administrator for more information.
User Certificate This field is applicable for TLS authentication mode.
Select a certificate you have enrolled.
Using the ZyAIR Utility 2-17
Page 34
ZyAIR G-300 User’s Guide
Table 2-4 Configuration: Privacy Configuration: Certification
LABEL DESCRIPTION
Certificate Authority This field is applicable for PEAP and TLS authentication modes.
Select a certificate authority.
Verify Server Certificate Select the check box to check the certificate of the authentication server.
User Information These fields are applicable for LEAP and PEAP authentication modes.
User Name Enter the user name.
This is the user name that you or an administrator set up on a RADIUS server.
Password Enter the password associated with the user name above.
Login Information These fields are applicable for PEAP and TLS authentication modes.
Server Name Enter the name of the RADIUS server.
Login Name Enter the user name.
This is the user name that you or an administrator set up on a RADIUS server.
OK
Cancel
Click OK to save the changes.
Click Cancel to discard all changes and close the screen.
2.4 The Site Survey Screen
Use the Site Survey screen to scan for and connect to a wireless network automatically.
2-18 Using the ZyAIR Utility
Page 35
ZyAIR G-300 User’s Guide
Figure 2-13 Site Survey
The following table describes the labels in the table.
Table 2-5 Site Survey
LABEL DESCRIPTION
ESSID This field displays the SSID (or name) of each wireless device.
BSSID This field displays the MAC address of the wireless device.
Channel This field displays the channel number used by each wireless device.
Network
Type
Security This field shows whether the data encryption or user authentication is activated or inactive.
Signal This field displays the signal strength of each wireless device in percentage.
Rates This field displays the transmission rates the wireless device supports.
Rescan
This field displays the wireless network type (Infrastructure or Ad Hoc) of the wireless
device.
Click Rescan to scan for available wireless device(s) within transmission range.
Using the ZyAIR Utility 2-19
Page 36
ZyAIR G-300 User’s Guide
Table 2-5 Site Survey
LABEL DESCRIPTION
Join
Click Join to associate to the selected wireless device.
2.4.1 Connecting to a Network
Follow the steps below to connect to a network using the Site Survey screen.
1. Click Search to scan for all available wireless networks within range.
2. To join a network, either click an entry in the table to select a wireless network and then click Connect
or double-click an entry.
3. If the Security field is WEP or WPA for the selected wireless network, you must also set up network
security in the Privacy Configuration screens. Refer to Section 2.3.2 and Section 2.3.3 for more
information.
4. Verify that you have successfully connected to the selected network and check the network
information in the Configuration screen.
2.5 The About Screen
The About screen displays related version numbers of the ZyAIR.
2-20 Using the ZyAIR Utility
Page 37
ZyAIR G-300 User’s Guide
Figure 2-14 ZyAIR Utility: About
The following table describes the read-only fields in this screen.
Table 2-6 ZyAIR Utility: About
FIELD DESCRIPTION
Configuration
Utility Version
Network Driver
Version
NIC Firmware
Version
Frequency
Domain
This field displays the version number of the ZyAIR Utility.
This field displays the version number of the Windows driver for the ZyAIR.
This field displays the firmware version and the MAC address of the ZyAIR.
This field displays the regional code. This field displays MKK (Japan), ETSI (Europe) or
FCC (North America).
If you set your ZyAIR in Ad-Hoc mode, this field displays FCC.
Using the ZyAIR Utility 2-21
Page 38
Page 39
ZyAIR G-300 User’s Guide
Chapter 3
Maintenance
This chapter describes how to uninstall or upgrade the ZyAIR Utility.
3.1 Removing the ZyAIR Utility
Follow the steps below to remove (or uninstall) the ZyAIR Utility from your computer.
1. Close and exit the ZyAIR Utility.
2. Click Start, (all) Programs, ZyAIR G-300 PCI Adapter Utility, Uninstall ZyAIR G-300 Adapter
Utility.
3. When prompted, click OK to remove the driver and the utility software.
Figure 3-1 Confirm Uninstallation
4. Click Finish and restart the computer when prompted.
3.2 Upgrading the ZyAIR Utility
To perform the upgrade, follow the steps below.
1. Download the latest version of the utility from the ZyXEL web site and save the file on your computer.
2. Follow the steps in the Removing the ZyAIR Utility section to remove the current ZyAIR Utility from
your computer.
3. Restart the computer when prompted.
4. After restarting, refer to the procedure in the Quick Installation Guide to install the new utility.
5. Check the version numbers in the About screen to make sure the new utility is installed properly.
Maintenance 3-1
Page 40
Page 41
ZyAIR G-300 User’s Guide
Chapter 4
Troubleshooting
This chapter covers potential problems and the possible remedies. After each problem
description, some instructions are provided to help you to diagnose and to solve the problem.
4.1 Problems Starting the ZyAIR Utility Program
Table 4-1 Troubleshooting Starting ZyAIR Utility Program
Cannot start the ZyAIR
Wireless LAN Utility
Make sure the ZyAIR is properly inserted and the LED is on. Refer to the
Quick Installation Guide for the LED descriptions.
Use the Device Manager to check for possible hardware conflicts.
Click Start, Settings, Control Panel, System, Hardware and Device
Manager. Verify the status of the ZyAIR under Network Adapter. (Steps may
vary depending on the version of Windows).
Install the ZyAIR in another computer.
If the error persists, you may have a hardware problem. In this case, you
should contact your local vendor.
4.2 Problems Communicating With Other Computers
Table 4-2 Troubleshooting Communication Problems
PROBLEM CORRECTIVE ACTION
The ZyAIR computer cannot
communicate with the other
computer.
A. Infrastructure Make sure that the AP and the associated computers are turned on and
Make sure you are connected to the network.
working properly.
Make sure the ZyAIR and the associated AP use the same SSID.
Configure the AP to use another radio channel if interference is high.
Make sure that the computer and the AP shares the same authentication
and encryption mode. Verify the settings in the Privacy Configuration
screens.
Troubleshooting 4-1
Page 42
ZyAIR G-300 User’s Guide
Table 4-2 Troubleshooting Communication Problems
PROBLEM CORRECTIVE ACTION
B. Ad-Hoc Verify that the peer computer(s) is turned on.
Make sure the ZyAIR and the peer computer(s) are using the same SSID
and channel.
Use another radio channel if interference is high.
Make sure that the computer and the AP shares the same authentication
and encryption mode. Verify the settings in the Privacy Configuration
screens..
4.3 Problem with the Link Status
Table 4-3 Troubleshooting Link Quality
PROBLEM CORRECTIVE ACTION
The link quality and/or signal
strength is poor all the time.
Search and connect to another AP with a better link quality using the Site
Survey screen.
Move your computer closer to the AP or the peer computer(s) within the
transmission range.
There is too much radio interference (for example microwave or another
AP using the same channel) around your wireless network. Relocate or
reduce the radio interference.
4-2 Troubleshooting
Page 43
ZyAIR G-300 User’s Guide
Appendix A
Disable Windows XP Wireless LAN
Configuration Tool
Windows XP includes a configuration tool (also known as Wireless Zero Configuration (WZC)) for
wireless devices.
Follow the steps below to disable the configuration tool in Windows XP after you install the ZyAIR Utility.
The screen varies depending on the version of Windows XP service pack.
Via the Wireless Network System Tray Icon
If the network icon for wireless connections is not present in the system tray, see the next section.
1. Double-click the network icon for wireless connections in the system tray.
Diagram 1 Windows XP: System Tray Icon
Disable Windows XP Wireless LAN Configuration Tool A
Page 44
ZyAIR G-300 User’s Guide
2. Windows XP SP1: When a Wireless Network Connection window displays, click Advanced….
Diagram 2 Windows XP SP1: Wireless Network Connection
Windows XP SP2: When a Wireless Network Connection window displays, click Change
advanced settings under Related Tasks and then the Wireless Networks tab.
Diagram 3 Windows XP SP2: Wireless Network Connection
B Disable Windows XP Wireless LAN Configuration Tool
Page 45
ZyAIR G-300 User’s Guide
3. In the Wireless Network Connection Properties window, make sure the Use Windows to configure
my wireless network settings check box is not selected. Click OK.
Diagram 4 Windows XP SP1: Wireless Network Connection Properties
Disable Windows XP Wireless LAN Configuration Tool C
Page 46
ZyAIR G-300 User’s Guide
Diagram 5 Windows XP SP2: Wireless Network Connection Properties
Via the Control Panel
1. If the icon for the wireless network connection is not in the system tray, click Start, Control Panel
and double-click Network Connections.
D Disable Windows XP Wireless LAN Configuration Tool
Page 47
ZyAIR G-300 User’s Guide
2. Double-click on the icon for wireless network connection to display a status window as shown next.
Diagram 6 Windows XP SP1: Wireless Network Connection Status
Diagram 7 Windows XP SP2: Wireless Network Connection Status
3. Click Properties and click the Wireless Networks tab.
Disable Windows XP Wireless LAN Configuration Tool E
Page 48
ZyAIR G-300 User’s Guide
4. In the Wireless Network Connection Properties window, make sure the Use Windows to configure
my wireless network settings check box is not selected. Click OK.
Diagram 8 Windows XP SP1: Wireless Network Connection Properties
F Disable Windows XP Wireless LAN Configuration Tool
Page 49
ZyAIR G-300 User’s Guide
Diagram 9 Windows XP SP2: Wireless Network Connection Properties
Disable Windows XP Wireless LAN Configuration Tool G
Page 50
Page 51
ZyAIR G-300 User’s Guide
Appendix B
Management with Wireless Zero
Configuration
This appendix shows you how to manage your ZyAIR using the Windows XP wireless
configuration tool.
Be sure you have the Windows XP service pack 2 installed on your computer. Otherwise, you should at
least have the Windows XP service pack 1 already on your computer and download the support patch for
WPA from the Microsoft web site.
Windows XP SP2 screen shots are shown unless otherwise specified. Click the help icon (
screens, move the cursor to the item that you want the information about and click to view the help.
Activating Wireless Zero Configuration
Make sure the Use Windows to configure my wireless network settings check box is selected in the
Wireless Network Connection Properties screen. Refer to Appendix A.
If you see the following screen, refer to article 871122 on the Microsoft web site for information on starting
WZC.
) in most
Diagram 10 Windows XP SP2: WZC Not Available
Management with Wireless Zero Configuration I
Page 52
ZyAIR G-300 User’s Guide
Connecting to a Wireless Network
1. Double-click the network icon for wireless connections in the system tray to open the Wireless
Network Connection Status screen.
Diagram 11 Windows XP SP2: System Tray Icon
The type of the wireless network icon in Windows XP SP2 indicates the status of the ZyAIR. Refer to the
following table for details.
Chart 1 Windows XP SP2: System Tray Icon
ICON DESCRIPTION
The ZyAIR is connected to a wireless network.
The ZyAIR is in the process of connecting to a wireless network.
The connection to a wireless network is limited because the network did not assign a network
address to the computer.
The ZyAIR is not connected to a wireless network.
2. Windows XP SP2: In the Wireless Network Connection Status screen, click View Wireless
Networks to open the Wireless Network Connection screen.
J Management with Wireless Zero Configuration
Page 53
ZyAIR G-300 User’s Guide
Diagram 12 Windows XP SP2: Wireless Network Connection Status
Windows XP SP1: In the Wireless Network Connection Status screen, click Properties and the
Wireless Networks tab to open the Wireless Network Connection Properties screen.
Management with Wireless Zero Configuration K
Page 54
ZyAIR G-300 User’s Guide
Diagram 13 Windows XP SP1: Wireless Network Connection Status
3. Windows XP SP2: Click Refresh network list to reload and search for available wireless devices
within transmission range. Select a wireless network in the list and click Connect to join the selected
wireless network.
L Management with Wireless Zero Configuration
Page 55
ZyAIR G-300 User’s Guide
Diagram 14 Windows XP SP2: Wireless Network Connection
The following table describes the icons in the wireless network list.
Chart 2 Windows XP SP2: Wireless Network Connection
ICON DESCRIPTION
This denotes that the wireless security is activated for the wireless network.
This denotes that this wireless network is your preferred network. Ordering your preferred
networks is important because the ZyAIR tries to associate to the preferred network first in the
order that you specify. Refer to the section on security settings for detailed information.
This denotes the signal strength of the wireless network.
Move your cursor to the icon to see details on the signal strength.
Management with Wireless Zero Configuration M
Page 56
ZyAIR G-300 User’s Guide
Windows XP SP1: Click Refresh to reload and search for available wireless devices within transmission
range. Select a wireless network in the Available networks list, click Configure and set the related fields
to the same security settings as the associated AP to add the selected network into the Preferred networks
table. Click OK to join the selected wireless network. Refer to the section on security settings (discussed
later) for more information.
Diagram 15 Windows XP SP1: Wireless Network Connection Properties
4. Windows XP SP2: If the wireless security is activated for the selected wireless network, the Wireless
Network Connection screen displays. You must set the related fields in the Wireless Network
Connection screen to the same security settings as the associated AP. Refer to the section on security
settings (discussed later) for more information. Otherwise click Cancel and connect to another wireless
network without data encryption. If there is no security activated for the selected wireless network, a
warning screen appears. Click Connect Anyway if wireless security is not your concern.
N Management with Wireless Zero Configuration
Page 57
ZyAIR G-300 User’s Guide
Diagram 16 Windows XP SP2: Wireless Network Connection: WEP or WPA-PSK
Diagram 17 Windows XP SP2: Wireless Network Connection: No Security
5. Verify that you have successfully connected to the selected network and check connection status in the
wireless network list or the connection icon in the Preferred networks or Available networks list.
The following table describes the connection icons.
Chart 3 Windows XP: Wireless Networks
ICON DESCRIPTION
This denotes the wireless network is an available wireless network.
This denotes the ZyAIR is associated to the wireless network.
This denotes the wireless network is not available.
Security Settings
When you configure ZyAIR to connect to a secure network but the security settings are not yet enabled on
the ZyAIR, you will see different screens according to the authentication and encryption methods used by
the selected network.
Association
Select a network in the Preferred networks list and click Properties to view or configure security.
Management with Wireless Zero Configuration O
Page 58
ZyAIR G-300 User’s Guide
Diagram 18 Windows XP: Wireless (network) properties: Association
The following table describes the labels in this screen.
Chart 4 Windows XP: Wireless (network) properties: Association
LABEL DESCRIPTION
Network name
(SSID)
Network
Authentication
Data Encryption
Network Key Enter the passphrase, pre-shared key or WEP key.
This field displays the SSID (Service Set IDentifier) of each wireless network.
This field automatically shows the authentication method (Share, Open, WPA or WPA-
PSK) used by the selected network.
Refer to Section 0 for more information.
This field automatically shows the encryption type (TKIP, WEP or Disable) used by the
selected network.
The values for the keys must be set up exactly the same on all wireless devices in the
same wireless LAN.
P Management with Wireless Zero Configuration
Page 59
ZyAIR G-300 User’s Guide
Chart 4 Windows XP: Wireless (network) properties: Association
LABEL DESCRIPTION
Confirm network
key
Key index
(advanced)
The key is
provided for me
automatically
This is a
computer-tocomputer (ad
hoc) network;
wireless access
points are not
used
OK
Cancel
Enter the key again for confirmation.
Select a default WEP key to use for data encryption.
This field is available only when the network use WEP encryption method and the The
key is provided for me automatically check box is not selected.
If this check box is selected, the wireless AP assigns the ZyAIR a key.
If this check box is selected, you are connecting to another computer directly.
Click OK to save your changes.
Click Cancel to leave this screen without saving any changes you may have made.
Authentication
Click the Authentication tab in the Wireless (network) properties screen to display the screen shown
next. The fields on this screen are grayed out when the network is in Ad-Hoc mode or data encryption is
disabled.
Management with Wireless Zero Configuration Q
Page 60
ZyAIR G-300 User’s Guide
Diagram 19 Windows XP: Wireless (network) properties: Authentication
The following table describes the labels in this screen.
Chart 5 Windows XP: Wireless (network) properties: Authentication
LABEL DESCRIPTION
Enable IEEE
802.1x
authentication
for this network
EAP Type
Properties Click this button to open the properties screen and configure certificates. The screen
Authenticate as
computer when
computer
information is
available
This field displays whether the IEEE 802.1x authentication is active.
If the network authentication is set to Open in the previous screen, you can choose to
disable or enable this feature.
Select the type of EAP authentication. Options are Protected EAP (PEAP) and Smart
Card or other Certificate.
varies depending on what you select in the EAP type field.
Select this check box to have the computer send its information to the network for
authentication when a user is not logged on.
R Management with Wireless Zero Configuration
Page 61
ZyAIR G-300 User’s Guide
Chart 5 Windows XP: Wireless (network) properties: Authentication
LABEL DESCRIPTION
Authenticate as
guest when user
or computer
information is
unavailable
OK
Cancel
Select this check box to have the computer access to the network as a guest when a
user is not logged on or computer information is not available.
Click OK to save your changes.
Click Cancel to close this screen without saving any changes you may have made.
Authentication Properties
Select an EAP authentication type in the Wireless (network) properties: Authentication screen and click
the Properties button to display the following screen.
Protected EAP Properties
Diagram 20 Windows XP: Protcted EAP Properties
Management with Wireless Zero Configuration S
Page 62
ZyAIR G-300 User’s Guide
The following table describes the labels in this screen.
Chart 6 Windows XP: Protected EAP Properties
LABEL DESCRIPTION
Validate server
certificate
Connect to
these servers
Trusted Root
Certification
Authorities:
Select the check box to verify the certificate of the authentication server.
Select the check box and specify a domain in the field below to have your computer
connect to a server which resides only within this domain.
Select a trusted certification authority from the list below.
You must first have a wired connection to a network and obtain
the certificate(s) from a certificate authority (CA). Consult your
network administrator for more information.
Do not prompt
user to
authorize new
server or trusted
certification
authorities.
Select
Authentication
Method:
Enable Fast
Reconnect
OK
Cancel
Select this check box to authorize a new authentication server or trusted CA without
prompting.
This field is available only if you installed the Windows XP server pack 2.
Select an authentication method from the drop-down list box and click Configure to do
settings.
Select the check box to automatically reconnect to the network (without reauthentication) if the wireless connection goes down.
Click OK to save your changes.
Click Cancel to leave this screen without saving any changes you may have made.
T Management with Wireless Zero Configuration
Page 63
ZyAIR G-300 User’s Guide
Smart Card or other Certificate Properties
Diagram 21 Windows XP: Smart Card or other Certificate Properties
The following table describes the labels in this screen.
Chart 7 Windows XP: Smart Card or other Certificate Properties
LABEL DESCRIPTION
Use my smart
card
Use a certificate
on this computer
Validate server
certificate
Connect to
these servers
Select this check box to use the smart card for authentication.
Select this check box to use a certificate on your computer for authentication.
Select the check box to check the certificate of the authentication server.
Select the check box and specify a domain in the field below to have your computer
connect to a server which resides only within this domain.
Management with Wireless Zero Configuration U
Page 64
ZyAIR G-300 User’s Guide
Chart 7 Windows XP: Smart Card or other Certificate Properties
LABEL DESCRIPTION
Trusted Root
Certification
Authorities:
Select a trusted certification authority from the list below.
You must first have a wired connection to a network and obtain
the certificate(s) from a certificate authority (CA). Consult your
network administrator for more information.
View Certificate Click this button if you want to verify the selected certificate.
Use a different
user name for
the connection:
OK
Cancel
Select the check box to use a different user name when the user name in the smart card
or certificate is not the same as the user name in the domain that you are logged on to.
Click OK to save your changes.
Click Cancel to leave this screen without saving any changes you may have made.
Ordering the Preferred Networks
Follow the steps below to manage your preferred networks.
1. Windows XP SP2: Click Change the order of preferred networks in the Wireless Network
Connection screen (see Diagram 14). The screen displays as shown.
V Management with Wireless Zero Configuration
Page 65
ZyAIR G-300 User’s Guide
Diagram 22 Windows XP SP2: Wireless Networks: Preferred Networks
Windows XP SP1: In the Wireless Network Connection Status screen, click Properties and the
Wireless Networks tab to open the screen as shown.
Management with Wireless Zero Configuration W
Page 66
ZyAIR G-300 User’s Guide
Diagram 23 Windows XP SP1: Wireless Networks: Preferred Networks
2. Whenever the ZyAIR tries to connect to a new network, the new network is added in the Preferred
networks table automatically. Select a network and click Move up or Move down to change it’s
order, click Remove to delete it or click Properties to view the security, authentication or connection
information of the selected network. Click Add to add a preferred network into the list manually.
X Management with Wireless Zero Configuration
Page 67
ZyAIR G-300 User’s Guide
Appendix C
Types of EAP Authentication
This appendix discusses the five popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS,
PEAP and LEAP. The type of authentication you use depends on the RADIUS server. Consult your
network administrator for more information.
EAP-MD5 (Message-Digest Algorithm 5)
MD5 authentication is the simplest one-way authentication method. The authentication server sends a
challenge to the wireless station. The wireless station ‘proves’ that it knows the password by encrypting the
password with the challenge and sends back the information. Password is not sent in plain text.
However, MD5 authentication has some weaknesses. Since the authentication server needs to get the
plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may
access the password file. In addition, it is possible to impersonate an authentication server as MD5
authentication method does not perform mutual authentication. Finally, MD5 authentication method does
not support data encryption with dynamic session key. You must configure WEP encryption keys for data
encryption.
EAP-TLS (Transport Layer Security)
With EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual
authentication. The server presents a certificate to the client. After validating the identity of the server, the
client sends a different certificate to the server. The exchange of certificates is done in the open before a
secured tunnel is created. This makes user identity vulnerable to passive attacks. A digital certificate is an
electronic ID card that authenticates the sender’s identity. However, to implement EAP-TLS, you need a
Certificate Authority (CA) to handle certificates, which imposes a management overhead.
EAP-TTLS (Tunneled Transport Layer Service)
EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side
authentications to establish a secure connection. Client authentication is then done by sending username
and password through the secure connection, thus client identity is protected. For client authentication,
EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and
MS-CHAP v2.
PEAP (Protected EAP)
Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use
simple username and password methods through the secured connection to authenticate the clients, thus
hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2
and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by
Cisco.
LEAP
LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE802.1x.
Management with Wireless Zero Configuration Y
Page 68
ZyAIR G-300 User’s Guide
For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys
for data encryption. They are often deployed in corporate environments, but for public deployment, a
simple user name and password pair is more practical. The following table is a comparison of the features
of five authentication types.
Comparison of EAP Authentication Types
EAP-MD5 EAP-TLS EAP-TTLS PEAP LEAP
Mutual
Authentication
Certificate – Client
Certificate – Server
Dynamic Key
Exchange
Credential Integrity
Deployment
Difficulty
Client Identity
Protection
No Yes Yes Yes Yes
No Yes Optional Optional No
No Yes Yes Yes No
No Yes Yes Yes Yes
None Strong Strong Strong Moderate
Easy Hard Moderate Moderate Moderate
No No Yes Yes No
Z Management with Wireless Zero Configuration
Page 69
ZyAIR G-300 User’s Guide
Appendix D
Product Specifications
Product Specifications
Product Name
Type
Standards
Network Architectures
Operating Frequencies
Operating Channels
Data Rate
Modulation
Security
Operating Temperature
Storage Temperature
Operating Humidity
Storage Humidity
Power Consumption
Voltage
ZyAIR G-300 Wireless LAN PCI Adapter
3.3V 32-bit PCI adapter
IEEE 802.11b
IEEE 802.11g
Infrastructure
Ad-Hoc
2.412-2.483GHz
IEEE 802.11b: 11 Channels (North America)
IEEE 802.11g: 11 Channels (North America)
IEEE 802.11b: 13 Channels (Europe)
IEEE 802.11g: 13 Channels (Europe)
IEEE 802.11b: 11, 5.5, 2, 1Mbps
IEEE 802.11g: 54, 48, 36, 24, 18, 12, 9, 6 Mbps
IEEE 802.11g: Orthogonal Frequency Division Multiplexing (64QAM, 16QAM,
QPSK and BPSK)
IEEE 802311b: Direct Spread Spectrum (CCK, DQPSK, DBOSK).
64/128-bit WEP
WPA
WPA-PSK
IEEE 802.1X (EAP-TLS, PEAP and LEAP)
0 ~ 55 degrees Centigrade
-10 ~ 65 degrees Centigrade
90% (non-condensing)
20 ~ 80% (non-condensing)
TX: 460mA RX: 310mA
3.3V±5%
Product Specifications AA
Page 70
ZyAIR G-300 User’s Guide
Product Specifications
Weight
Dimension
<80g
134mm(L)*121mm(W)*22mm(H)
Product Specifications BB
Page 71
ZyAIR G-300 User’s Guide
Index
A
About ..................................................... 2-20
Accessing the ZyAIR Utility ..................... 1-2
AdHoc Channel ..................................... 2-11
authentication ........................................ 2-19
authentication mode .............................. 2-14
Authentication Mode................................ 2-6
Open .................................................... 2-6
Shared.................................................. 2-6
automatically key generation ................. 2-15
B
Basic Service Set ........................... See BSS
BSS.......................................................... 2-2
C
CA............................................................... Y
certificate ............................................... 2-17
server ................................................. 2-18
user .................................................... 2-17
Certificate Authority .......................... See CA
Certificate Authority (CA)....................... 2-18
Certificate screen, the............................ 2-16
Communication Problem ......................... 4-1
Ad-hoc(IBSS) ....................................... 4-2
Infrastructure........................................ 4-1
Configuration utility version ................... 2-21
Connecting to a Network ....................... 2-20
Copyright .....................................................ii
Disclaimer ................................................ii
Trademarks.............................................. ii
CTS (Clear to Send .......................... 2-4, 2-5
Customer Support ..................................... vii
D
Data encryption........................................ 2-6
Disable Windows XP Wireless Support... 1-1
E
EAP Authentication
MD5......................................................... Y
PEAP....................................................... Y
TLS.......................................................... Y
TTLS........................................................ Y
EAP type ................................................ 2-15
encryption .............................................. 2-19
Encryption ................................................ 2-7
encryption method ................................. 2-14
ESS.......................................................... 2-2
Extended Service Set .....................See ESS
F
Federal Communications Commission
(FCC) Interference Statement.................. v
Frag Threshold....................................... 2-13
Fragmentation Threshold......................... 2-4
Frequency domain ................................. 2-21
G
Graphics Icons Key................................... xiii
H
Hidden node............................................. 2-4
I
IBSS......................................................... 2-1
Index CC
Page 72
ZyAIR G-300 User’s Guide
IEEE 802.1X .......................................... 2-15
IEEE 802.1X authentication................... 2-15
Independent Basic Service Set......See IBSS
Information for Canadian Users.................. iv
Caution .................................................... iv
Note.........................................................iv
Infrastructure............................................ 2-2
L
Link quality ............................................. 2-11
Link strength .......................................... 2-12
M
MD5 ............................................................ Y
Message Digest Algorithm 5.......... See MD5
Message Integrity Check ......................... 2-7
MIC ................ See Message Integrity Check
N
Network driver version ........................... 2-21
Network Type........................................... 2-1
Ad-Hoc(IBSS)....................................... 2-1
Infrastructure ........................................ 2-2
NIC firmware version ............................. 2-21
Nitro Time .............................................. 2-13
O
Online Registration ..................................... iii
Open authentication mode....................... 2-6
Operating Mode ...............See Network Type
P
PEAP .......................................................... Y
power save............................................. 2-12
Preface...................................................... xiii
Pre-Shared Key (PSK)........................... 2-15
problem description ................................. 4-1
Product specifications .............................. AA
profile .....................................................2-10
Protected EAP.............................. See PEAP
R
radio frequency ........................................2-1
Related Documentation ............................ xiii
Roaming................................................... 2-3
Example................................................ 2-3
RTS (Request To Send) ...................2-4, 2-5
RTS Threshold ................................ 2-4, 2-13
RTS/CTS handshake ...............................2-5
S
Security screen, the ............................... 2-13
Service Set Identity ....................... See SSID
Shared authentication mode .................... 2-6
Site Survey....................................2-18, 2-19
SSID.......................................2-1, 2-11, 2-19
State....................................................... 2-11
Syntax Conventions .................................. xiii
T
Temporal Key Integrity Protocol............... 2-7
Threshold ............................................... 2-13
Throughput............................................. 2-11
TKIP .... See Temporal Key Integrity Protocol
TLS.............................................................. Y
Transmission rate..................................... 2-1
Transmission rates................................. 2-11
Transmission speeds ............................. 2-11
Transport Layer Security................. See TLS
Troubleshooting .......................................4-1
Checking Hardware Conflict................. 4-1
Communication problems..................... 4-1
Radio interference ................................4-2
Starting ZyAIR Utility ............................ 4-1
TTLS ...........................................................Y
Tunneled Transport Layer ServiceSee TTLS
DD Index
Page 73
ZyAIR G-300 User’s Guide
U
Upgrading the ZyAIR Utility ..................... 3-1
User Authentication ................................. 2-6
Using the ZyAIR Utility............................. 2-1
W
Warranty ..................................................... iii
Note......................................................... iii
WEP......................................................... 2-6
WEP Data Encryption with ...................... 2-6
WEP key ................................................ 2-15
confirmation ....................................... 2-15
format................................................. 2-15
index................................................... 2-15
length ................................................. 2-15
WEP Key ................................................. 2-6
Windows XP Requirement.......................... A
Wired Equivalent Privacy............... See WEP
Wireless LAN Parameters
Channel................................................ 2-1
Configuring........................................... 2-9
Network Type ....................................... 2-1
SSID ..................................................... 2-1
Transmission Rate ............................... 2-1
Wireless LAN Security ............................. 2-5
Data Encryption with WEP ................... 2-6
Wireless Network Basics ............................ A
wireless network type ............................ 2-19
WPA......................................................... 2-6
WPA with RADIUS Application ................ 2-8
WPA-PSK ................................................ 2-7
WPA-PSK Application.............................. 2-7
Z
ZyAIR Utility ............................................. 3-1
About .................................................. 2-21
Before you upgrade.............................. 3-1
Removing ............................................. 3-1
Site Survey......................................... 2-19
Upgrading............................................. 3-1
ZyAIR Utility system tray icon .................. 1-2
Index EE
Loading...