Chapter 5 Wireless LAN

ericom D1000 modem User’s Guide

51

In order to configure and enable WEP encryption, click

Network

Setting

>

Wireless

to display the

General

screen, then select

Basic

as the security level.

Figure 21

Wireless > General: Basic (WEP)

The following table describes the wireless LAN security labels in this screen.

5.2.3

More Secure (WPA(2)-PSK)

The WPA-PSK security mode provides both improved data encryption and user authentication over

WEP. Using a Pre-Shared Key (PSK), both the Device and the connecting client share a common

password in order to validate the connection. This type of encryption, while robust, is not as strong

as WPA, WPA2 or even WPA2-PSK. The WPA2-PSK security mode is a newer, more robust version of

the WPA encryption standard. It offers slightly better security, although the use of PSK makes it

less robust than it could be.

Click

Network Setting

>

Wireless

to display the

General

screen. Select

More Secure

as the

security level. Then select

WPA-PSK

or

WPA2-PSK

from the

Security Mode

list.

Table 8

Wireless > General: Basic (WEP)

LABEL

DESCRIPTION

Security Level

Select

Basic

to enable WEP data encryption.

Generate

password

automatically

Select this option to have the Device automatically generate a password. The password

field will not be configurable when you select this option.

Password

The password (WEP key) are used to encrypt data. Both the Device and the wireless

stations must use the same password (WEP key) for data transmission.

If you chose

64-bit

WEP, then enter any 5 ASCII characters or 10 hexadecimal characters

("0-9", "A-F").

If you chose

128-bit

WEP, then enter 13 ASCII characters or 26 hexadecimal characters

("0-9", "A-F").

WEP Encryption

Select

64-bits

or

128-bits

.

This dictates the length of the security key that the network is going to use.

Chapter 5 Wireless LAN

ericom D1000 modem User’s Guide

52

Figure 22

Wireless > General: More Secure: WPA(2)-PSK

The following table describes the wireless LAN security labels in this screen.

5.2.4

WPA(2) Authentication

The WPA2 security mode is currently the most robust form of encryption for wireless networks. It

requires a RADIUS server to authenticate user credentials and is a full implementation the security

protocol. Use this security option for maximum protection of your network. However, it is the least

backwards compatible with older devices.

Table 9

Wireless > General: More Secure: WPA(2)-PSK

LABEL

DESCRIPTION

Security Level

Select

More Secure

to enable WPA(2)-PSK data encryption.

Security Mode

Select

WPA-PSK

or

WPA2-PSK

from the drop-down list box.

Pre-Shared Key

The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only

difference between the two is that WPA(2)-PSK uses a simple common password,

instead of user-specific credentials.

Type a pre-shared key from 8 to 63 case-sensitive keyboard characters.

more.../hide more

Click

more...

to show more fields in this section. Click

hide more

to hide them.

WPA-PSK Compatible

This field appears when you choose

WPA-PSK2

as the

Security Mode

.

Select

Enable

to allow wireless devices using

WPA-PSK

security mode to connect to

your Device. The Device supports WPA-PSK and WPA2-PSK simultaneously. Otherwise,

select

Disable

.

Group Key Update

Timer

The

Group Key Update Timer

is the rate at which the RADIUS

server sends a new

group key out to all clients.

Encryption

This field displays the encryption type for data encryption.

If you choose

WPA-PSK

as the security mode, the Device uses

TKIP

for data

encryption.

If you choose

WPA2-PSK

as the security mode and enable WPA-PSK Compatible, the

Device uses either TKIP and AES (

TKIPAES MIX

) for data encryption.

If you choose

WPA2-PSK

as the security mode but disable WPA-PSK Compatible, the

Device uses

AES

for data encryption.

Chapter 5 Wireless LAN

ericom D1000 modem User’s Guide

53

The WPA security mode is a security subset of WPA2. It requires the presence of a RADIUS server

on your network in order to validate user credentials. This encryption standard is slightly older than

WPA2 and therefore is more compatible with older devices.

Click

Network Setting

>

Wireless

to display the

General

screen. Select

More Secure

as the

security level. Then select

WPA

or

WPA2

from the

Security Mode

list.

Figure 23

Wireless > General: More Secure: WPA(2)

The following table describes the labels in this screen.

Table 10

Wireless > General: More Secure: WPA(2)

LABEL

DESCRIPTION

Security Level

Select

More Secure

to enable WPA(2) data encryption.

Security Mode

Choose

WPA

or

WPA2

from the drop-down list box.

Authentication Server

IP Address

Enter the IP address of the external authentication server in dotted decimal notation.

Port Number

Enter the port number of the external authentication server.

You need not change this value unless your network administrator instructs you to do

so with additional information.

Shared Secret

Enter a password (up to 31 alphanumeric characters) as the key to be shared between

the external authentication server and the Device.

The key must be the same on the external authentication server and your Device. The

key is not sent over the network.

more.../hide more

Click

more...

to show more fields in this section. Click

hide more

to hide them.

ReAuthentication

Timer

Enter how often the external authentication server requires a connected wireless client

to reauthenticate itself to the server again.

Network Re-auth

Interval

Specify how often wireless stations have to resend usernames and passwords in order

to stay connected.

This field is available only when you select

WPA2

as security mode. If wireless station

authentication is done using a RADIUS server, the reauthentication timer on the

RADIUS server has priority.

WPA Compatible

This field is only available for WPA2. Select this if you want the Device to support WPA

and WPA2 simultaneously.

Chapter 5 Wireless LAN

ericom D1000 modem User’s Guide

54

5.3

The More AP Screen

This screen allows you to enable and configure multiple Basic Service Sets (BSSs) on the Device.

Click

Network Setting > Wireless

>

More AP

. The following screen displays.

Figure 24

Network Seting > Wireless > More AP

The following table describes the labels in this screen.

5.3.1

More AP Edit

Use this screen to edit an SSID profile. Click the

Edit

icon next to an SSID in the

More AP

screen.

The following screen displays.

Group Key Update

Timer

The

Group Key Update Timer

is the rate at which the RADIUS

server sends a new

group key out to all clients.

Encryption

Select the encryption type for data encryption.

If you choose

WPA

as the security mode, the Device uses

TKIP

for data encryption.

If you choose

WPA2

as the security mode and enable WPA-PSK Compatible, the

Device uses either TKIP and AES (

TKIPAES MIX

) for data encryption.

If you choose

WPA2

as the security mode but disable WPA-PSK Compatible, the

Device uses

AES

for data encryption.

Table 10

Wireless > General: More Secure: WPA(2) (continued)

LABEL

DESCRIPTION

Table 11

Network Setting > Wireless > More AP

LABEL

DESCRIPTION

#

This is the index number of each SSID profile.

Active

This field indicates whether this SSID is active. A yellow bulb signifies that this SSID is active. A

gray bulb signifies that this SSID is not active.

SSID

An SSID profile is the set of parameters relating to one of the Device’s BSSs. The SSID (Service

Set IDentifier) identifies the Service Set with which a wireless device is associated.

This field displays the name of the wireless profile on the network. When a wireless client scans for

an AP to associate with, this is the name that is broadcast and seen in the wireless client utility.

Security

This field indicates the security mode of the SSID profile.

Modify

Click the

Edit

icon to configure the SSID profile.

Chapter 5 Wireless LAN

ericom D1000 modem User’s Guide

55

Figure 25

More AP: Edit

The following table describes the fields in this screen.

Table 12

More AP: Edit

LABEL

DESCRIPTION

Wireless Network Setup

Wireless

Select

Enable Wireless LAN

to activate wireless LAN.

Wireless Network Settings

Wireless Network Name

(SSID)

The SSID (Service Set IDentity) identifies the service set with which a wireless

device is associated. Wireless devices associating to the access point (AP) must

have the same SSID.

Enter a descriptive name (up to 32 English keyboard characters) for the wireless

LAN.

Hide SSID

Select this check box to hide the SSID in the outgoing beacon frame so a station

cannot obtain the SSID through scanning using a site survey tool.

Client Isolation

Select this to keep the wireless clients in this SSID from communicating with each

other through the Device.

MBSSID/LAN Isolation

Select this to keep the wireless clients in this SSID from communicating with clients

in other SSIDs or wired LAN devices through the Device.

Select both

Client Isolation

and

MBSSID/LAN Isolation

to allow this SSID’s

wireless clients to only connect to the Internet through the Device.

Security Level

Security Mode

Select

Basic (WEP)

or

More Secure (WPA(2)-PSK, WPA(2))

to add security on

this wireless network. The wireless clients which want to associate to this network

must have same wireless security settings as the Device. After you select to use a

security, additional options appears in this screen.

Or you can select

No Security

to allow any client to associate this network without

any data encryption or authentication.