Version 1.1, 08/2013. Copyright

2013 Hitron Technologies

66

Hitron CGN3 User’s Guide

5

Wireless

This chapter describes the screens that display when you click

Wireless

in the

toolbar. It contains the following sections:



Wireless Overview

on page

66



Basic Settings Screen

on page

70



WPS & Security Screen

on page

75



Access Control Screen

on page

78

5.1

Wireless Overview

This section describes some of the concepts related to the

Wireless

screens.

5.1.1

Wireless Networking Basics

Your CGN3’s wireless network is part of the Local Area Network (LAN), known as the

Wireless LAN (WLAN). The WLAN is a network of radio links between the CGN3 and

the other computers and devices that connect to it.

5.1.2

Architecture

The wireless network consists of two types of device: access points (APs) and

clients.



The access point controls the network, providing a wireless connection to each

client.

Version 1.1, 08/2013. Copyright

2013 Hitron Technologies

67

Hitron CGN3 User’s Guide



The wireless clients connect to the access point in order to receive a wireless

connection to the WAN and the wired LAN.

The CGN3 is the access point, and the computers you connect to the CGN3 are the

wireless clients.

5.1.3

Wireless Standards

The way in which wireless devices communicate with one another is standardized by

the Institute of Electrical and Electronics Engineers (IEEE). The IEEE standards

pertaining to wireless LANs are identified by their 802.11 designation. There are a

variety of WLAN standards, but the CGN3 supports the following (in order of adoption

- old to new - and data transfer speeds - low to high):



IEEE 802.11b



IEEE 802.11g



IEEE 802.11n

5.1.4

Service Sets and SSIDs

Each wireless network, including all the devices that comprise it, is known as a

Service Set.

NOTE:

Depending on its capabilities and configuration, a single wireless access

point may control multiple Service Sets; this is often done to provide different

service or security levels to different clients.

Each Service Set is identified by a Service Set IDentifier (SSID). This is the name of

the network. Wireless clients must know the SSID in order to be able to connect to

the AP. You can configure the CGN3 to broadcast the SSID (in which case, any client

who scans the airwaves can discover the SSID), or to “hide” the SSID (in which case

it is not broadcast, and only users who already know the SSID can connect).

Version 1.1, 08/2013. Copyright

2013 Hitron Technologies

68

Hitron CGN3 User’s Guide

5.1.5

Wireless Security

Radio is inherently an insecure medium, since it can be intercepted by anybody in the

coverage area with a radio receiver. Therefore, a variety of techniques exist to control

authentication (identifying who should be allowed to join the network) and encryption

(signal scrambling so that only authenticated users can decode the transmitted data).

The sophistication of each security method varies, as does its effectiveness. The

CGN3 supports the following wireless security protocols (in order of effectiveness):



WEP

(the Wired Equivalency Protocol): this protocol uses a series of “keys” or

data strings to authenticate the wireless client with the AP, and to encrypt data

sent over the wireless link. WEP is a deprecated protocol, and should only be

used when it is the only security standard supported by the wireless clients.

WEP provides only a nominal level of security, since widely-available software

exists that can break it in a matter of minutes.



WPA-PSK

(WiFi Protected Access - Pre-Shared Key): WPA was created to

solve the inadequacies of WEP. There are two types of WPA: the “enterprise”

version (known simply as WPA) requires the use of a central authentication

database server, whereas the “personal” version (supported by the CGN3)

allows users to authenticate using a “pre-shared key” or password instead.

While WPA provides good security, it is still vulnerable to “brute force”

password-guessing attempts (in which an attacker simply barrages the AP with

join requests using different passwords), so for optimal security it is advised that

you use a random password of thirteen characters or more, containing no

“dictionary” words.



WPA2-PSK

: WPA2 is an improvement on WPA. The primary difference is that

WPA uses the Temporal Key Integrity Protocol (TKIP) encryption standard

(which has been shown to have certain possible weaknesses), whereas WPA2

uses the stronger Advanced Encryption Standard (AES) in the Counter mode

with Cipher block chaining Message authentication code Protocol (CCMP),

which has received the US government’s seal of approval for communications

up to the Top Secret security level. Since WPA2-PSK uses the same pre-shared

key mechanism as WPA-PSK, the same caveat against using insecure or

simple passwords applies.

5.1.5.1

WPS

WiFi-Protected Setup (WPS) is a standardized method of allowing wireless devices

to quickly and easily join wireless networks, while maintaining a good level of

security. The CGN3 provides two methods of WPS authentication:

Version 1.1, 08/2013. Copyright

2013 Hitron Technologies

69

Hitron CGN3 User’s Guide



Push-Button Configuration

(PBC)

: when the user presses the

PBC

button on

the AP (either a physical button, or a virtual button in the GUI), any user of a

wireless client that supports WPS can press the corresponding

PBC

button on

the client within two minutes to join the network.



Personal Identification Number (PIN) Configuration

: all WPS-capable

devices possess a PIN (usually to be found printed on a sticker on the device’s

housing). When you configure another device to use the same PIN, the two

devices authenticate with one another.

Once authenticated, devices that have joined a network via WPS use the WPA2

security standard.

5.1.6

WMM

WiFi MultiMedia (WMM) is a Quality of Service (QoS) enhancement that allows

prioritization of certain types of data over the wireless network. WMM provides four

data type classifications (in priority order; highest to lowest):



Voice



Video



Best effort



Background

If you wish to improve the performance of voice and video (at the expense of other,

less time-sensitive applications such as Internet browsing and FTP transfers), you

can enable WMM. You can also edit the WMM QoS parameters, but are disadvised

to do so unless you have an extremely good reason to make the changes.

5.1.7

Guest Networks

Your CGN3 supports the creation of a wireless guest network. A guest network

enables you to allow temporary visitors to access your wireless Internet connection

without revealing your primary network password(s). Computers connected to the

guest network can access the Internet connection only, and have no access to other

computers or devices on the wireless or wired network.

Version 1.1, 08/2013. Copyright

2013 Hitron Technologies

70

Hitron CGN3 User’s Guide

5.2

Basic Settings Screen

Use this screen to configure your CGN3’s basic 2.4GHz and 5GHz wireless settings.

You can turn the wireless modules on or off, select the wireless mode and channel,

and configure the wireless networks’ SSID settings.

The CGN3 has separate 2.4GHz and 5GHz wireless networks:



To configure the CGN3’s 2.4GHz wireless network, click

Wireless

>

Basic

Settings

, then click the

2.4G

tab. See

2.4G Settings

on page

70

for information

on the screen that displays.



To configure the CGN3’s 5GHz wireless network, click

Wireless

>

Basic

Settings

, then click the

5G

tab. See

5G Settings

on page

72

for information on

the screen that displays.

5.2.1

2.4G Settings

Use this screen to configure the CGN3’s 2.4GHz wireless network.

Click

Wireless

>

Basic Settings

, then click the

2.4G

tab. The following screen

displays.

Figure 26:

The Wireless: Basic Settings Screen (2.4G)