From: "Lewis G Rosenthal" Received: from [192.168.100.201] (account lgrosenthal HELO [192.168.100.18]) by 2rosenthals.com (CommuniGate Pro SMTP 5.1.3) with ESMTPA id 669773 for os2-wireless_users@2rosenthals.com; Tue, 02 Jan 2007 15:36:43 -0500 Message-ID: <459AC241.8070206@2rosenthals.com> Date: Tue, 02 Jan 2007 15:36:17 -0500 Organization: Rosenthal & Rosenthal, LLC User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.9a2pre) Gecko/20061222 MultiZilla/1.8.3.0a SeaMonkey/1.5a MIME-Version: 1.0 To: OS/2 Wireless Users Mailing List Subject: Re: [OS2Wireless]Re: Asus WL-330g problems References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit On 12/11/06 07:04 am, Dave Saville thus wrote : > Done some more testing. All tests done with my Artem card set to 128 wep. > > 1) Asus set to "Open & Shared" no wep key. - Cannot connect. xwlan says > configuring all the time. > > 2) Asus set to "Open & Shared" wep key same as card. - Can connect. > > 3) Asus set to "Open & Shared" wep key different. - Cannot connect. > Configuring all the time. > > 4) Asus set to "shared" + correct wep key. Cannot connect. Searching all the > time. > > So it looks as if "shared" is not even being seen by my card. I cannot test > with the card and no wep key as I have a problem with xwlan. > > What the hell is the difference between "Open & Shared" and "Shared"? My DLink > only has "Open" or "Shared" and that works fine on shared with the same Artem > card. > Hi, Dave, and Happy New Year (to all)... From "802.11 Wireless Networks: The Definitive Guide:" 7.3. Authentication On a wired network, authentication is implicitly provided by physical access; if you're close enough to the network to plug in a cable, you must have gotten by the receptionist at the front door. While this is a weak definition of authentication, and one that is clearly inappropriate for high-security environments, it works reasonably well as long as the physical access control procedures are strong. Wireless networks are attractive in large part because physical access is not required to use network resources. Therefore, a major component of maintaining network security is ensuring that stations attempting to associate with the network are allowed to do so. Two major approaches are specified by 802.11: open-system authentication and shared-key authentication. Shared-key authentication is based on WEP and requires that both stations implement WEP. 802.11 does not restrict authentication to any particular scenario. Any station can authenticate with any other station. In practice, authentication is most useful in infrastructure networks. The usefulness of authentication for infrastructure networks is due in part to the design of the authentication methods, which do not really result in mutual authentication. As a matter of design, the authentication process really only proves the identity of one station. 802.11 implicitly assumes that access points are in a privileged position by virtue of the fact that they are typically under control of network administrators. Network administrators may wish to authenticate mobile stations to ensure that only authorized users access the 802.11 network, but mobile stations can't authenticate the access point. For this reason, the examples in this section assume that a mobile station such as an 802.11-equipped PC is attempting to authenticate to an access point. The standard, however, does not restrict authentication to infrastructure networks. Open + Shared is a manufacturer-specific issue, just like with WPA TKIP + AES. Essentially, Open + Shared should give you the best of both worlds, where pre-configured clients (those with the pre-shared key - the WEP keys, in this case) may connect, and those without them running the proper 802.11i authentication supplicant may request a key (authenticate). If using WEP, then you would normally want Shared, however, I realize that this is contrary to your experience. Again, it's a munfacturer thing, straying from the standard. Here's an interesting pointer to a forum discussion concerning 802.1x and 802.11i: http://forums.wi-fiplanet.com/archive/index.php/t-784.html. It's worth a quick read. Not much help, sorry, but at least you pass the sanity check! ;-) -- Lewis ------------------------------------------------------------ Lewis G Rosenthal, CNA, CLP, CLE Rosenthal & Rosenthal, LLC Accountants / Network Consultants New York / Northern Virginia www.2rosenthals.com eComStation Consultants www.ecomstation.com Novell Users Int'l www.novell.com/openenterpriseserver Need a managed Wi-Fi hotspot? www.hautspot.com ------------------------------------------------------------