Gennet-OxyGEN RFA1400.Wv2 Router Manual PDF (Setup & Configuration Guide)

Page 86 / 237 Scroll up to view Page 81 - 85

OxyGEN

mini

Office

Administrator’s Guide

Note

WEP keys are some times used in hexadecimal format by wireless PC drivers. For this

reason, when the desired ASCII WEP key is entered, its corresponding hexadecimal

representation is displayed as well next to the

Hex

label.

Figure 8.3: Wireless Security - WPA

WPA / WPA2 Encryption

The Wi-Fi Protected Access (WPA) encryption method provides superior security compared to WEP.

Selecting

WPA

or

WPA2

as the encryption method, the following screen appears:

When using WPA or WPA2, there are two different modes of

Authentication

:

Personal

and

Enterprise

.

Personal

is the simpler and most common method. It uses a fixed security

WPA key

(PSK - Pre-Shared

Key), 8 to 63 ASCII characters long, shared among the Access-Point and the endpoints (PCs).

Enterprise

, on the other hand, is a more complex method. It relies on the use of an external

Radius

Server

for authenticating each endpoint that requests WiFi connectivity (802.1X protocol).

Note

WPA is the default security policy of the OxyGEN miniOffice. The default WPA key is

printed on the bottom label of the device.

WARNING

Microsoft Windows XP with Service Pack 3 (SP3) and newer Microsoft Windows versions

by default support WPA and WPA2. Please refer to

Appendix D

on page 197 for details

about WPA and/or WPA2 support on Windows XP SP1 and SP2.

Gennet s.a.

86

Page 87 / 237

OxyGEN

mini

Office

Administrator’s Guide

MAC Filtering

Apart from the wireless encryption protocols, another method of limiting wireless access to the OxyGEN

mini

Office (but not encrypting traffic), is through the

MAC Filtering

sub-menu.

Figure 8.4: Wireless MAC Address Filter

The

Default Policy

radio buttons set which is the default rule for client access:

Allow

: every host

except

for the ones with MAC addresses in the list that follows can connect.

Reject

:

only

the hosts listed can connect.

After selection of the default policy, add the desired set of

MAC Addresses

in the provided list and

click

Apply

.

Gennet s.a.

87

Page 88 / 237

OxyGEN

mini

Office

Administrator’s Guide

Multiple SSIDs

This page allows the simultaneous use of the device’s wireless network for multiple services.

This is

realized through the separation of the wireless functionality of the OxyGEN

mini

Office into multiple virtual,

independent sub-networks. Each of these independent sub-networks is identified using a

network name

(SSID) and is treated like a totally different wireless network. For example, each sub-network can have

its own encrytpion method (see next paragraph) or can be assigned to a different

Service / Interface

Group

(see page 70). It is also possible to limit the

maximum number of connected clients

and to

control the maximum

Down

and

Up

Bandwidth limit

for each wireless sub-network.

Figure 8.5: Multiple Wireless SSIDs

Note

When the number of active SSIDs is modified, a device restart is required before the new

value is applied (a relevant notification message appears on the web interface).

Encryption

When multiple SSIDs are enabled, each wireless sub-network can use its own encryption method. To this

end, select the corresponding

WiFi-

x

tab from the list of tabs that appear at the top of the screen in the

Security

page, and configure the encryption method and key just like in the single SSID case.

Finally click

Apply

to activate and save your changes for all wireless sub-networks.

Gennet s.a.

88

Page 89 / 237

OxyGEN

mini

Office

Administrator’s Guide

Figure 8.6: Wireless Security - Multiple SSIDs

Gennet s.a.

89

Page 90 / 237

OxyGEN

mini

Office

Administrator’s Guide

Hotspot

The wireless operation of OxyGEN

mini

Office (either in single or in multiple-SSID mode) can also serve as

the basis for its operation in Hotspot deployments. In this case, one or more of the configured wireless

sub-networks can act as a captive portal that controls access requests from multiple wireless clients.

Internet access is provided only to authenticated wireless clients.

On the other hand, HTTP requests

from unauthenticated clients are redirected to an authentication web server. The authentication server

prompts the user of the unauthenticated client for a username and password. These credentials are

checked with the aid of an external radius server. If authentication is successful, the state of the client

is changed to authenticated and Internet access is granted according to the policy (security, QoS, ...)

enforced by the access-control platform.

As mentioned above, the Hotspot functionality relies on 2 additional services, provided externally:

A web portal to which users are redirected. This portal, or Universal Access Method (UAM) server,

provides any mean of access control service such as user login.

A Radius service for authentication, authorization, accounting (AAA) as well as for enforcing the

required access policy for each user account.

The

Hotspot

page contains all the corresponding parameters:

Figure 8.7: Wireless Hotspot

Using this page, the IP address or hostname of a

Primary

and

(optionally)

of a

Backup Radius Server

can be configured, along with the common pre-shared password (

Secret key

). Regarding the

UAM

Server

, on the other hand, the service is defined by configuring the server’s

URL

and the

Secret key

providing authentication and authorization between the Hotspot service of the OxyGEN

mini

Office and

the UAM server.

Gennet s.a.

90

Rate

Popular Gennet-OxyGEN Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share