LANCOM 1811n Wireless – LANCOM 1821n Wireless
Chapter 8: Security settings
81
EN
WEP. LANCOM Systems recommends the strongest possible encryption
with 802.11i and AES. If the WLAN client adapters do not support these,
then you should use TKIP or at least WEP. Make sure that the encryption
function in your device is activated, and that at least one passphrase or
WEP key has been entered and selected for application.
For security reasons, LANCOM Systems strongly advises you not to use
WEP! You should only ever use WEP under exceptional circumstances.
When using WEP encryption, use additional security mechanisms
additionally.
Ex-factory, WPA encryption is activated for every unconfigured device
as standard. This WPA encryption in WLAN devices being managed by
a LANCOM WLAN Controller is overwritten by the central encryption
settings in the profiles of the WLAN-Controller.
To check encryption settings, open LANconfig, go to the configuration
area and select ‘Wireless LAN’ on the '802.11i/WEP' tab to view the set-
tings for the logical WLAN interfaces.
With the access control list (ACL) you can permit or prevent individual cli-
ents accessing your wireless LAN. The decision is based on the MAC
address that is permanently programmed into wireless network adapters.
To check the access-control list, go to the configuration area in LANconfig
and select ‘WLAN security’ on the ‘Stations’ tab.
The LANCOM Enhanced Passphrase Security (LEPS) uses an additional
column in the ACL to assign an individual passphrase consisting of any 4
to 64 ASCII characters to each MAC address. The connection to the access
point and the subsequent encryption with IEEE 802.11i or WPA is only
possible with the right combination of passphrase and MAC address.
Have you protected the configuration with a password?
The simplest way of protecting the configuration is to agree upon a pass-
word. If no password has been agreed for the device, the configuration is
open to be changed by anybody. The field for entering the password is to
be found in LANconfig in the 'Management' configuration area on the
'Security' tab. It is absolutely imperative to assign a password to the con-
figuration if you want to enable remote configuration!
Have you permitted remote configuration?
If you do not require remote configuration, please ensure to switch it off.
If you need to make use of remote configuration, ensure that you do not