How do I configure Wireless Security?

The Security option allows you to configure a variety of wireless security settings for the primary wireless network.

  1. Login into the device as described in the “How do I log into the modem’s Web User Interface?” FAQ.
  2. On the main menu select Wireless and then click on Security from the left side menu.

  • WPA – Enables or disables the Wi-Fi Protected Access (WPA) security protocol. WPA is a subset of the IEEE 802.11i standard. Key differences between WPA and WEP are user authentication and improved data encryption. Setting WPA alone with a pre-shared key requires a RADIUS or TACACS server for authentication. This method is mostly used in large enterprise implementations.
  • WPA-PSK – If you do not have an external RADIUS server, use WPA-PSK, which requires a single (identical) password entered into wireless gateway and wireless client. As long as the passwords match, a client is granted access to the wireless LAN. Select to enable or disable.
  • WPA2 – Enables or disables WPA2. This advanced protocol is certified through Wi-Fi Alliance's WPA2 program and implements the mandatory elements of 802.11i. In particular, it has an AES-based algorithm (CCMP) that is considered fully secure. Setting WPA2 alone with a pre-shared key requires a RADIUS or TACACS server for authentication. This method is mostly used in large enterprise implementations.
  • WPA2-PSK – Enables or disables WPA2-PSK. If you do not have an external RADIUS server, use WPA2-PSK, which requires a single (identical) password entered into wireless gateway and wireless client. As long as the passwords match, a client is granted access to the wireless LAN. This is the recommended residential subscriber option. It is more secure than WPA-PSK and uses AES encryption.
  • WPA/WPA2 Encryption – Switch to enable or disable WPA/WPA2 encryption.
  • WPA Pre-Shared Key – Displays the WPA key. The encryption mechanisms for WPA and WPA-PSK are the same, except that WPA-PSK uses a simple common password instead of user-specific credentials. The default value is the model number plus 14 zeroes (all upper case, no colons).  Example:  000328A12B4C00000000000000
  • RADIUS Server – Defines the IP address of the RADIUS server, if used.
  • RADIUS Port – Defines a RADIUS port number when WPA or 802.1x network authentication is selected.
  • RADIUS Key – Defines the RADIUS Key when WPA or 802.1x network authentication is selected.
  • Group Key Rotation Interval – Allows the device to generate the best possible random group key and update all the key-management capable stations periodically.
  • WPA/WPA2 Re-auth Interval – Sends a new group key to all clients at the specified interval for a wireless router (if using WPA-PSK key management) or RADIUS server (if using WPA key management). The rekeying process is the WPA equivalent of automatically changing the WEP key for a wireless access point and all stations in the WLAN on a periodic basis. Setting the WPA Group Key Update Timer is also supported in WPA-PSK mode.
  • WEP Encryption – Enables or disables WEP encryption. If you do not have wireless clients that can use WPA or WPA2, you can use WEP key encrypting. A higher bit key offers better security. WEP encryption scrambles the data transmitted between the wireless stations and the DDW365 to keep network communications private. It encrypts unicast and multicast communications in a network. Both the wireless stations and the DDW365 must use the same WEP key. Data Encryption can be set to WEP 128- bit, 64-bit, or Disable.
  • Shared Key Authentication – Defines Shared Key Authentication as optional or required. Shared Key is an authentication method used by wireless LANs, which follow the IEEE 802.11 standard. Wireless devices authenticate each other by using a secret key that is kept by both devices.
  • 802.1x Authentication – Enables or disables 802.1x to authenticate wireless clients.
  • Network Key 1-4 – Pre-defines up to 4 keys for 64-bit or 128-bit (64-bit keys require 10 hexadecimal digits) (128-bit key require 26 hexadecimal digits).
  • Current Network Key – Selects one of the four pre-defined keys as the current network key.
  • Passphrase – Sets the WEP encryption key by entering a word or group of printable characters in the Passphrase box and clicking Generate WEP keys. These characters are case sensitive.
  • Generate WEP Keys – Forces the device to generate 4 WEP keys automatically.
  • Apply – Saves changes.

WiFi Protected Setup (WPS) – Use this feature to set up WPS for devices connecting to the wireless network.

  • WPS Config – Select WPS or disabled.
  • Button Mode – SES lets you configure the SSID and encryption keys on both the router and the client with a press of a button.  WPS is a protocol to simplify the process of configuring security on wireless networks.
  • Device Name – Use the default device name (AmbitAP) or change as needed.  This name identifies the Ubee device in the WPS network.
  • STA PIN – Personal Identification Number of your PC or game machine.  When a WPS supported device tries to connect to this Ubee wireless device, the user has to input the PIN as specified in this STA PIN field.
  • Apply – Click to save all values/changes for WPS.
  • WPS Method/Start WPS/WPS Status – Select which method to have connecting wireless clients use to connect to the wireless network, Push Button or PIN.  If PIN is selected, clients are required to enter the PIN in order to access the wireless network.  For Push Button, a client pushes a button, either on the device or in software on the device.  Within 2 minutes, access this Web GUI screen and click the Start WPS button to trigger the negotiation between the wireless client and the Ubee device.  WPS Status displays the connection status between the device and the wireless clients.