Chapter 6 Wireless

VMG8324-B10A / VMG8324-B30A Series User’s Guide

76

Note: WEP is extremely insecure. Its encryption can be broken by an attacker, using

widely-available software. It is strongly recommended that you use a more

effective security mechanism. Use the strongest security mechanism that all the

wireless devices in your network support. For example, use WPA-PSK or WPA2-PSK

if all your wireless devices support it, or use WPA or WPA2 if your wireless devices

support it and you have a RADIUS server. If your wireless devices support nothing

stronger than WEP, use the highest encryption level available.

Your Device allows you to configure up to four 64-bit or 128-bit WEP keys but only one key can be

enabled at any one time.

In order to configure and enable WEP encryption, click

Network

Setting

>

Wireless

to display the

General

screen, then select

Basic

as the security level.

Figure 35

Wireless > General: Basic (WEP)

The following table describes the labels in this screen.

Table 17

Wireless > General: Basic (WEP)

LABEL

DESCRIPTION

Security Level

Select

Basic

to enable WEP data encryption.

Generate

password

automatically

Select this option to have the Device automatically generate a password. The password field

will not be configurable when you select this option.

Password 1~4

The password (WEP keys) are used to encrypt data. Both the Device and the wireless

stations must use the same password (WEP key) for data transmission.

If you chose

64-bit

WEP, then enter any 5 ASCII characters or 10 hexadecimal characters

("0-9", "A-F").

If you chose

128-bit

WEP, then enter 13 ASCII characters or 26 hexadecimal characters

("0-9", "A-F").

You must configure at least one password, only one password can be activated at any one

time.

Chapter 6 Wireless

VMG8324-B10A / VMG8324-B30A Series User’s Guide

77

6.2.3

Basic (802.1X)

Use this screen to configure 802.1X encryption and authentication. Configure your RADIUS server

information and WEP encryption settings. Use this security method if your wireless usernames and

passwords are configured on a RADIUS server.

In order to configure and enable WEP encryption, click

Network

Setting

>

Wireless

to display the

General

screen, then select

Basic

as the security level and

802.1X

as the

Security Mode

.

Figure 36

Wireless > General: Basic (802.1X)

The following table describes the labels in this screen.

more.../less

Click

more...

to show more fields in this section. Click

less

to hide them.

WEP Encryption

Select

64-bits

or

128-bits

.

This dictates the length of the security key that the network is going to use.

Table 17

Wireless > General: Basic (WEP) (continued)

LABEL

DESCRIPTION

Table 18

Wireless > General: Basic (802.1X)

LABEL

DESCRIPTION

Security Level

Select

Basic

and

802.1X

to enable 802.1X data encryption.

Generate

password

automatically

Select this option to have the Device automatically generate a password. The password field

will not be configurable when you select this option.

Chapter 6 Wireless

VMG8324-B10A / VMG8324-B30A Series User’s Guide

78

Password 1~4

The password (WEP key) is used to encrypt data. Both the Device and the wireless stations

must use the same password (WEP key) for data transmission.

If you chose

64-bit

WEP, then enter any 5 ASCII characters or 10 hexadecimal characters

("0-9", "A-F").

If you chose

128-bit

WEP, then enter 13 ASCII characters or 26 hexadecimal characters

("0-9", "A-F").

You must configure at least one password, only one password can be activated at any one

time.

more.../less

Click

more...

to show more fields in this section. Click

less

to hide them.

WEP Encryption

Select

64-bits

or

128-bits

.

This dictates the length of the security key that the network is going to use.

IP Address

Enter the IP address of an external RADIUS server in dotted decimal notation.

Port Number

The default port of a RADIUS server for authentication is 1812. You need not change this

value unless your network administrator instructs you to do so.

Shared Secret

Specify a password (up to 32 alphanumeric characters) as the key to be shared between the

external RADIUS server and the Device. This key is not sent over the network. This key

must be the same on the external RADIUS server and the Device.

Table 18

Wireless > General: Basic (802.1X) (continued)

LABEL

DESCRIPTION

Chapter 6 Wireless

VMG8324-B10A / VMG8324-B30A Series User’s Guide

79

6.2.4

More Secure (WPA(2)-PSK)

The WPA-PSK security mode provides both improved data encryption and user authentication over

WEP. Using a Pre-Shared Key (PSK), both the Device and the connecting client share a common

password in order to validate the connection. This type of encryption, while robust, is not as strong

as WPA, WPA2 or even WPA2-PSK. The WPA2-PSK security mode is a newer, more robust version of

the WPA encryption standard. It offers slightly better security, although the use of PSK makes it

less robust than it could be.

Click

Network Setting

>

Wireless

to display the

General

screen. Select

More Secure

as the

security level. Then select

WPA-PSK

or

WPA2-PSK

from the

Security Mode

list.

Figure 37

Wireless > General: More Secure: WPA(2)-PSK

The following table describes the labels in this screen.

Table 19

Wireless > General: More Secure: WPA(2)-PSK

LABEL

DESCRIPTION

Security Level

Select

More Secure

to enable WPA(2)-PSK data encryption.

Security Mode

Select

WPA-PSK

or

WPA2-PSK

from the drop-down list box.

Generate

password

automatically

Select this option to have the Device automatically generate a password. The password field

will not be configurable when you select this option.

Password

The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only

difference between the two is that WPA(2)-PSK uses a simple common password, instead of

user-specific credentials.

If you did not select

Generate password automatically

, you can manually type a pre-

shared key from 8 to 64 case-sensitive keyboard characters.

more.../less

Click

more...

to show more fields in this section. Click

less

to hide them.

WPA-PSK

Compatible

This field appears when you choose

WPA-PSK2

as the

Security Mode

.

Check this field to allow wireless devices using

WPA-PSK

security mode to connect to your

Device. The Device supports WPA-PSK and WPA2-PSK simultaneously.

Chapter 6 Wireless

VMG8324-B10A / VMG8324-B30A Series User’s Guide

80

6.2.5

WPA(2) Authentication

The WPA2 security mode is currently the most robust form of encryption for wireless networks. It

requires a RADIUS server to authenticate user credentials and is a full implementation the security

protocol. Use this security option for maximum protection of your network. However, it is the least

backwards compatible with older devices.

The WPA security mode is a security subset of WPA2. It requires the presence of a RADIUS server

on your network in order to validate user credentials. This encryption standard is slightly older than

WPA2 and therefore is more compatible with older devices.

Click

Network Setting

>

Wireless

to display the

General

screen. Select

More Secure

as the

security level. Then select

WPA

or

WPA2

from the

Security Mode

list.

Figure 38

Wireless > General: More Secure: WPA(2)

The following table describes the labels in this screen.

Encryption

Select the encryption type (

TKIP

,

AES

or

TKIP+AES

) for data encryption.

Select

TKIP

if your wireless clients can all use TKIP.

Select

AES

if your wireless clients can all use AES.

Select

TKIP+AES

to allow the wireless clients to use either TKIP or AES.

Group Key

Update Timer

The

Group Key Update Timer

is the rate at which the RADIUS

server sends a new group

key out to all clients.

Table 19

Wireless > General: More Secure: WPA(2)-PSK (continued)

LABEL

DESCRIPTION

Table 20

Wireless > General: More Secure: WPA(2)

LABEL

DESCRIPTION

Security Level

Select

More Secure

to enable WPA(2)-PSK data encryption.

Security Mode

Choose

WPA

or

WPA2

from the drop-down list box.