From the Encryption menu, select the data encryption mode:
-
TKIP + AES: This type of data encryption enables WiFi devices that support
either WPA or WPA2 to join the access point’s WiFi network. This is the default
mode.
-
AES: This type of data encryption provides a secure connection but some
older WiFi devices do not detect WPA2 and support only WPA. Therefore, if
your network includes such older devices, select TKIP + AES encryption.
When you select WPA2 Enterprise authentication, the Dynamic VLAN radio
buttons display:
-
Enable: The RADIUS server can assign a VLAN ID to clients. If the RADIUS
server does not do so, the clients are automatically assigned the VLAN ID that
you configured for the SSID.
-
Disable: The clients are assigned the VLAN ID that you configured for the
SSID. This is the default setting.
•
WPA3 Personal: This option is the most secure personal authentication option.
WPA3 uses SAE encryption and enables only WiFi devices that support WPA3
to join the VAP. If you select this option, 802.11w (PMF) is automatically set to
mandatory (see Enable or disable PMF for a WiFi network on page 76).
WPA3 provides a more secure connection than WPA2 but many WiFi devices
might not yet detect WPA3 and support only WPA2. If your network also includes
WPA2 devices, select WPA3/WPA2 Personal authentication.
In the Passphrase field, enter a phrase of 8 to 63 characters. To join the VAP, a
user must enter this passphrase. To view the passphrase in clear text, click the
eye icon.
•
WPA3/WPA2 Personal: This option, which is the same as WPA3/WPA2-PSK,
enables WiFi devices that support either WPA3 or WPA2 to join the VAP. This
option uses SAE and AES encryption.
WPA2-PSK (which uses AES) is less secure than WPA3 (which uses SAE).
In the Passphrase field, enter a phrase of 8 to 63 characters. To join the VAP, a
user must enter this passphrase. To view the passphrase in clear text, click the
eye icon.
•
WPA3 Enterprise: This enterprise-level security uses RADIUS for centralized
Authentication, Authorization, and Accounting (AAA) management. For WPA3
Enterprise security to function, you must set up RADIUS servers (see Set up RADIUS
servers on page 131). If you select this option, 802.11w (PMF) is automatically set
to mandatory (see Enable or disable PMF for a WiFi network on page 76).
When you select WPA3 Enterprise security, the encryption is automatically set to
GCMP256, which is a 256-bit encryption protocol.
User Manual
75
Manage the Basic WiFi Features
for a WiFi network
Insight Managed WiFi 6E AXE7800 Tri-band Multi-Gig Access Point Model WAX630E