Mailing List os2-wireless_users@2rosenthals.com Archived Message #553

From: "Lewis G Rosenthal" <os2-wireless_users@2rosenthals.com> Full Headers
Undecoded message
Subject: Re: [OS2Wireless]Re: Asus WL-330g problems
Date: Tue, 02 Jan 2007 15:36:17 -0500
To: OS/2 Wireless Users Mailing List <os2-wireless_users@2rosenthals.com>

On 12/11/06 07:04 am, Dave Saville thus wrote :
Done some more testing. All tests done with my Artem card set to 128 wep.

1) Asus set to "Open & Shared" no wep key. - Cannot connect. xwlan says
configuring all the time.

2) Asus set to "Open & Shared" wep key same as card. - Can connect.

3)  Asus set to "Open & Shared" wep key different. - Cannot connect.
Configuring all the time.

4) Asus set to "shared" + correct wep key. Cannot connect. Searching all the
time.

So it looks as if "shared" is not even being seen by my card. I cannot test
with the card and no wep key as I have a problem with xwlan.

What the hell is the difference between "Open & Shared" and "Shared"? My DLink
only has "Open" or "Shared" and that works fine on shared with the same Artem
card.
  
Hi, Dave, and Happy New Year (to all)...

From "802.11 Wireless Networks: The Definitive Guide:"

   7.3. Authentication

   On a wired network, authentication is implicitly provided by
   physical access; if you're close enough to the network to plug in a
   cable, you must have gotten by the receptionist at the front door.
   While this is a weak definition of authentication, and one that is
   clearly inappropriate for high-security environments, it works
   reasonably well as long as the physical access control procedures
   are strong. Wireless networks are attractive in large part because
   physical access is not required to use network resources. Therefore,
   a major component of maintaining network security is ensuring that
   stations attempting to associate with the network are allowed to do
   so. Two major approaches are specified by 802.11: open-system
   authentication and shared-key authentication. Shared-key
   authentication is based on WEP and requires that both stations
   implement WEP.

   802.11 does not restrict authentication to any particular scenario.
   Any station can authenticate with any other station. In practice,
   authentication is most useful in infrastructure networks. The
   usefulness of authentication for infrastructure networks is due in
   part to the design of the authentication methods, which do not
   really result in mutual authentication. As a matter of design, the
   authentication process really only proves the identity of one
   station. 802.11 implicitly assumes that access points are in a
   privileged position by virtue of the fact that they are typically
   under control of network administrators. Network administrators may
   wish to authenticate mobile stations to ensure that only authorized
   users access the 802.11 network, but mobile stations can't
   authenticate the access point. For this reason, the examples in this
   section assume that a mobile station such as an 802.11-equipped PC
   is attempting to authenticate to an access point. The standard,
   however, does not restrict authentication to infrastructure networks.

Open + Shared is a manufacturer-specific issue, just like with WPA TKIP + AES. Essentially, Open + Shared should give you the best of both worlds, where pre-configured clients (those with the pre-shared key - the WEP keys, in this case) may connect, and those without them running the proper 802.11i authentication supplicant may request a key (authenticate). If using WEP, then you would normally want Shared, however, I realize that this is contrary to your experience. Again, it's a munfacturer thing, straying from the standard.

Here's an interesting pointer to a forum discussion concerning 802.1x and 802.11i: http://forums.wi-fiplanet.com/archive/index.php/t-784.html. It's worth a quick read.

Not much help, sorry, but at least you pass the sanity check! ;-)

--
Lewis
------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE
Rosenthal & Rosenthal, LLC
Accountants / Network Consultants
 New York / Northern Virginia           www.2rosenthals.com
eComStation Consultants                  www.ecomstation.com
Novell Users Int'l       www.novell.com/openenterpriseserver
Need a managed Wi-Fi hotspot?               www.hautspot.com
------------------------------------------------------------


Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster