Weidmuller Wireless Ethernet Modem & Device Server WI-MOD-E-G/A User Manual
Rev.
2.16
www.weidmuller.com
28
methods.
Note:
enabling this option will lower the security level of the network down to the weakest configured encryption
level, ie WPA TKIP
WPA-Enterprise (802.1x)
removes the need to manage the Pre-shared Key (PSK) by using an external server to provide
client authentication. Clients that are not authorized will be prevented from accessing the network. Once a client has
provided the correct authentication credentials, access is permitted and data encryption keys are established, similar to
WPA-PSK. Fine-grain (user level) access control can be achieved using this method.
An 802.1x capable RADIUS server may already be deployed in a large scale network environment. The WI-MOD-E can
make use of this server reducing replication of user authentication information.
In a typical WPA-enterprise setup, the WI-MOD-E Access point acts as Authenticator, controlling access to the network.
Wireless clients (WI-MOD-E’s, Laptops or other devices) act as Supplicants, requesting access to the network. The
Authenticator communicates with an authentication (RADIUS) server on the Ethernet network to verify Supplicant identity.
When a Supplicant requests access, it sends an access request to the Authenticator, which passes an authentication
request to the external authentication server. When the user credentials of the Supplicant are verified, the Authenticator
enables network access for the Supplicant, data encryption keys are established and network traffic can pass.
Configuration of WPA-Enterprise differs when the unit is configured as an Access point (Authenticator) or Client
(Supplicant). If WDS interfaces are used, it is possible for one WI-MOD-E to act as both an Authenticator and a
Supplicant, however in this situation, only one set of user credentials can be entered for all Supplicants.
The WI-MOD-E supports WPA-1 TKIP, WPA-1 AES and WPA-2 AES using a
Pre-Shared Key
(PSK).
WPA PSK (TKIP)
(
Temporal Key Integrity Protocol
) enhances WEP by using 128-bit encryption plus separate 64bit Tx
and Rx MIC (
Message Integrity Check
) keys.
WPA PSK (AES)
(
Advanced Encryption Standard
), Uses the more advanced CCMP encryption protocol and is essentially
a draft of the IEEE 802.11i wireless network standard and is the recommended encryption method in most applications.
WPA2 AES
(Advanced Encryption Standard) is the most secure encryption method, is also based on 128 bit encryption
key.
After changes are made to Network Configuration, it is important to save the configuration by selecting “Save Changes” or
by selecting “Save Changes and Reset”.
Network Settings Webpage Fields
Operating Mode
Used to select Access Point (Infrastructure), Client (Infrastructure).
By default this is set to Client.
System Address (ESSID)
A WI-MOD-E wireless network comprises modules with the same "system
address”. Only modules with the same system address will communicate
with each other. The system address is a text string 1 to 31 characters in
length. Select a text string which identifies your system.
Desired BSSID
To force a client/station to always connect to the same Access Point enter
the MAC address of that Access Point in the Desired BSSID field
(Note that the ESSID of the Access Point must also match the configured
ESSID of the client).
Radio Encryption
Select the desired radio Encryption level.
Encryption key, passphrase, etc is entered on the “Security Menu” (See
section below for details)
Device Mode
Used to select Bridge or Router mode.
By default this is set to Bridge. If VLAN is enabled the Device Mode will
indicate “VLAN” and the IP Address and Netmask will only be editable
from the VLAN page.
Bridge STP
Checking this box enables Spanning Tree protocol in bridged networks.
See to section 3.5 - “Spanning Tree Algorithm”” for more details
Obtain IP Address
Checking this item enables DHCP client on the WI-MOD-E. A DHCP client