Ambit Broadband

Users Guide

36

WPA-PSK

If you don't have an external RADIUS server you should use WPA-PSK

(WPA Pre-Shared Key) that only requires a single (identical) password

entered into wireless gateway and wireless client. As long as the

passwords match, a client will be granted access to a WLAN.

WPA2

Advanced protocol, certified through Wi-Fi Alliance's WPA2 program,

implements the mandatory elements of 802.11i. In particular, it

introduces a new AES-based algorithm, CCMP, that is considered fully

secure.

WPA2-PSK

If you don't have an external RADIUS server you should use WPA2-PSK

(WPA Pre-Shared Key) that only requires a single (identical) password

entered into wireless gateway and wireless client. As long as the

passwords match, a client will be granted access to a WLAN.

WPA/WPA2 Encryption

Switch to enable and disable WPA/WPA2 encryption.

WPA Pre-Shared Key

The encryption mechanisms used for WPA and WPA-PSK are the same.

The only difference between the two is that WPA-PSK uses a simple

common password, instead of user-specific credentials.

RADIUS Server

Input the IP address of RADIUS server

RADIUS Port

Enter RADIUS port number when WPA or 802. 1x network authentication

is selected.

RADIUS Key

Enter RADIUS Key when WPA or 802. 1x network authentication is

selected.

Group Key Rotation

Interval

Allows the wireless router to generate best possible random group key

and update all the key-management capable stations periodically.

WPA/WPA2 Re-auth

Interval

Wireless router (if using WPA-PSK key management) or RADIUS server

(if using WPA key management) sends a new group key out to all clients.

The re-keying process is the WPA equivalent of automatically changing

the WEP key for an AP and all stations in a WLAN on a periodic basis.

Setting of the WPA Group Key Update Timer is also supported in

WPA-PSK mode.

WEP Encryption

If you don’t have WPA(2)

-aware wireless clients, then use WEP key

encrypting. A higher bit key offers better security. WEP encryption

scrambles the data transmitted between the wireless stations and the

access points to keep network communications private. It encrypts

unicast and multicast communications in a network. Both the wireless

stations and the access points must use the same WEP key. Data

Encryption can be set to WEP 128-bit, 64-bit, or Disable.

Shared Key

Authentication

Shared Key is an authentication method used by wireless LANs, which

follow the IEEE 802.11 standard. Wireless devices authenticate each

other by using a secret key that is kept by both devices.

Ambit Broadband

Users Guide

37

802.1x Authentication

Enable to user 802.1x to do authenticate wireless client.

Network Key 1

You can pre-define up to 4 keys for 64-bit or 128-bit (64-bit keys require

10 hexadecimal digits) (128-bit key require 26 hexadecimal digits) .

Network Key 2

As above

Network Key 3

As above

Network Key 4

As above

Current Network Key

You can select one of the four pre-defined keys as the current network

key.

PassPhrase

You can set WEP encryption key by entering a word or group of

printable characters in the Pass phrase box and click Generate WEP

keys. These characters are case sensitive.

Generate WEP Keys

Force the wireless route to generate 4 WEP keys automatically.

Apply

Click to save the wireless configurations.

7.3.3 Access Control

This page allows configuration of the Access Control to the AP as well as status on the

connected clients. Selects whether clients with the specified MAC address are allowed or

restricted wireless access.

Label

Description

MAC Restrict Mode

Use to control wireless access control mechanism

- Disable, to turn off this feature, any wireless card can connect to this

wireless router.

- Allow, white list of the wireless client, their MAC address should be

inputted here manually.

- Deny, black list of the wireless client, their MAC address should be

inputted here manually.

Ambit Broadband

Users Guide

38

MAC Addresses

Input the MAC address.

Apply

Click to save.

Connected Clients

List of current connected Wireless client.

MAC Address

MAC of the connected wireless client.

Age(s)

Duration since the wireless client connected to wireless router.

RSSI(dBm)

Received signal strength in a wireless environment

IP Addr

Display the IP address assigned to this wireless client.

Host Name

Host name of the wireless client.

7.3.4 Advanced

This page allows configuration of data rates and WiFi thresholds.

This page allows configuration of data rates and WiFi thresholds.

Label

Description

54g™ Network Mode

Select to run different mode,

Performance for maximum performance among 54gTM

certified equipment.

Ambit Broadband

Users Guide

39

54g™ Protection

In Auto mode, the AP will use RTS/CTS to improve 802.1 1g

performance in mixed 802.11 b/g networks. Turn protection OFF to

maximize 802.11g throughput under most conditions.

XPress™ Technology

Broadcom's standards-based frame-bursting approach to improve

802.11g wireless LAN performance. It is a software-based

implementation of the frame-bursting originally in the IEEE 802.11e draft

specification, and is found in the Wireless Multimedia Extensions

(WME) specification.

Afterburner™

Technology

40 % greater throughput than typical 802.11g

Rate

You can select to limit the rate speed.

Output Power

Output power of

RF.

Beacon Interval

Specify the Beacon Interval from 100 to 6553 5ms.

DTIM Interval

Specify the DTIM interval from 3 to 255ms.

Fragmentation

Threshold

Fragmentation takes place when a higher-level packets length

exceeds the fragmentation threshold. You can set the packet length

between 256-2346 bytes

RTS Threshold

Specify the RTS threshold from 0 to 2347ms

Apply

Click to submit changes.

7.4 Parental Control

7.4.1 User Setup

This page allows configuration of users. 'White List Only' feature limits the user to visit only the sites

specified in the Allowed Domain List of his/her content rule.

The Parental Control User Setup Page is the master page to which each individual user is linked to a

specified time access rule, content filtering rule, and login password to get to the filtered content. Each

specified user may also be enabled as a trusted user which means that person will have access to all

Internet content regardless of filters that may be set up. This check box can be used as a simple override

to grant a user full access but still having the ability to keep all of the previous filtering settings stored and

available. Session duration timers can also be entered to allow a finite amount of time that a user has

Internet access via the rules entered once entering their password to get to the Internet for the first time.

Ambit Broadband

Users Guide

40

This allows access to the Internet for a defined user without having to enter a password every time a new

web page is served to the client. Likewise, there is a password inactivity timer if there is no Internet

access for the specified amount of time in minutes, requiring the user to re-login at expiration to continue

using the Internet. These timed logins insure that a specific user is using the Internet gateway for access

and logging/access can be provided appropriately. Any time a change is made on this page for a

particular user, the Apply button at the bottom of the page needs to be pressed to activate and store the

settings.

Label

Description

User configuration

Input username to create a new user.

Add user

Click to direct add this user into local database even you haven’t

finished the configuration for this user.

User Settings

Enable

Click to active this user account, and to modify current selected

user’s profile.

Unselect this checkbox, to disable this user account.

Remove User

Click to delete the selected user.

Password

Input the password of this user. It’s required when this user tries

to access Internet via wireless router.

Re-Enter Password

Double confirm with the password.

Trusted User

Active the Enable checkbox to allow the selected user to be

trusted user. That means he’s now limited to timing and content

when visiting Internet. But you can define the session duration

period which will trigger wireless router to disable this privilege

after expiration.

Content Rule

Select an existing content rule that defines what kind of website

he can visit and what can’t be visited.