Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Reviews


Along with the Plus' other wireless security features (MAC address filtering and SSID broadcast disable), you have your choice of the following ways to secure your wireless LAN:

  • Static WEP
  • 802.1x and Dynamic WEP
  • 802.1x and Static WEP
  • 802.1x and no WEP
  • WPA-Enterprise

The main story of the Plus, however, is its built-in PEAP RADIUS server. PEAP stands for Protected EAP, and is one of several TLS-based (Transport Layer Security) protocols developed for use with EAP (Extensible Authentication Protocol) in wireless environments. (The IEEE 802.1x standard makes use of EAP to define an authentication framework for wireless communications.)

PEAP is a joint effort undertaken by Microsoft, Cisco, and RSA, supported on the client side by Microsoft in Windows XP, and Cisco (and compatibles) on the server side. PEAP (and other forms of EAP, which include EAP-TLS and TTLS) are important because they provide for strong encryption of ongoing traffic, secure exchange (and regular rotation) of keys, and strong authentication of user identity.

PEAP RADIUS is an implementation of PEAP that uses a RADIUS (Remote Authentication Dial-User Service) server to handle the authentication side of things, which essentially uses a challenge / response exchange with an authentication server (RADIUS) to perform that action. PEAP is a two-stage protocol, where security is established in stage by establishing a TLS tunnel and authenticating the (RADIUS) server to the client with a certificate. Client authentication exchanges then occur during stage two. The flavor of PEAP supported by the Plus uses MS-CHAP v2 for authentication and authorization.

RADIUS Server Trusted AP's

Figure 8: RADIUS Server Trusted AP's

Although the PEAP RADIUS features may sound complex, the web interface makes it easy to set those up. Basically, you set up trusted wireless access points (Figure 8) and trusted wireless users (Figure 9) using simple lists:

RADIUS Server Trusted Users

Figure 9: RADIUS Server Trusted Users

Using this feature, the system can authenticate not only individual users, but also other access points. It's easy to see how this ability could be daisy-chained together to serve users over a wide area. Unfortunately, you're limited to authenticating a maximum of 32 wireless users using the RADIUS server built into the G-2000 Plus, no matter how many access points you connect. That said, the Plus will forward authentication requests to an external IAS or RADIUS server you can designate to handle authentication requests for more users.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Recently got a RT-AC86u and installed with the latest Merlin (384.18), and noticed WebUI being unresponsive after a while. Restarting the httpd servic...
I've installed last version of Asus Merlin. I have tried to install pyload but now the default version of python in entware is version 3. Pyload still...
Asuswrt-Merlin 384.19 beta is now available (except for the RT-AX56U which won't be available for this release, due to outdated GPL code).The main cha...
Hi There,Update 2020/07/28Here we have new 386 rc2 beta for public test(so the old links are removed).link:
Is there a way to disable the pop-up when hovering the mouse pointer over threads?

Don't Miss These

  • 1
  • 2
  • 3