SMC Networks Router SMCWBR14T User Manual
Have a look at the manual SMC Networks Router SMCWBR14T User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 10 SMC Networks manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
SECURITY 4-43 Wireless Encryption The Barricade can transmit your data securely over a wireless network. Matching security mechanisms must be set up on your Barricade and your wireless client devices. Select the most suitable security mechanism from the drop-down list on this screen. Click Save Settings to proceed, or Cancel to change your settings. Parameter Description No WEP, No WPA/WPA2 Disables all wireless security. To make it easier to set up your wireless network, we recommend enabling this setting initially. By default, wireless security is disabled. WEP Only Once you have your wireless network in place, the minimum security we recommend is to enable the legacy security standard, Wired Equivalent Privacy (WEP). See “WEP” on page 4-45. WPA/WPA2 Only For maximum wireless security, you should enable the WPA/WPA2 option. See “WPA/WPA2” on page 4-47.
CONFIGURING THE BAR RICADE 4-44 Access Control For a more secure wireless network you can specify that only certain wireless clients can connect to the Barricade. Up to 32 MAC addresses can be added to the MAC Filtering Table. When enabled, all registered MAC addresses are controlled by the Access Rule. By default, this MAC filtering feature is disabled.
SECURITY 4-45 WEP WEP is the basic mechanism to transmit your data securely over a wireless network. Matching encryption keys must be set up on your Barricade and and each of your wireless client devices. Parameter Description WEP Mode Select 64-bit or 128-bit key to use for encryption. Key Entry Method Select hexadecimal (Hex) or ASCII for the key entry method. Key Provisioning Select Static if there is only one fixed key for encryption. If you want to select Dynamic, you need to enable 802.1X function first. Default Key ID Choose which key to use as default. Passphrase Check the Passphrase check box to generate a key automatically. Key 1~4 The Barricade supports up to 4 keys. You select the default key.
CONFIGURING THE BAR RICADE
4-46
You may automatically generate encryption keys or manually enter the
keys. To generate the key automatically with passphrase, check the
Passphrase box, and enter a string of characters. Select the default key
from the drop-down menu. Click APPLY.
Note:The passphrase can consist of up to 63 alphanumeric characters.
Hexadecimal Keys
A hexadecimal key is a mixture of numbers and letters from A-F and 0-9.
64-bit keys are 10 digits long and can be divided into five two-digit
numbers. 128-bit keys are 26 digits long and can be divided into 13 two-
digit numbers.
ASCII Keys
There are 95 printable ASCII characters;
!#$%&()*+,-./0123456789:;?
@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_
`abcdefghijklmnopqrstuvwxyz{|}~
Click Save Settings to proceed, or Cancel to change your settings.
SECURITY 4-47 WPA/WPA2 WPA/WPA2 is a security enhancement that strongly increases the level of data protection and access control for existing wireless LAN. Matching authentication and encryption methods must be set up on your Barricade and wireless client devices to use WPA/WPA2. To use WPA, your wireless network cards must be equipped with software that supports WPA. A security patch from Microsoft is available for free download (for XP only). Parameter Description Cipher Suite The security mechanism used in WPA for encryption. Select TKIP+AES (WPA/WPA2) or AES WPA2 Only. Authentication Select 802.1X or Pre-shared Key for the authentication method. •802.1X: for the enterprise network with a RADIUS server. •Pre-shared key: for the SOHO network environment without an authentication server. Pre-shared key type Select the key type to be used in the Pre-shared Key. Pre-shared Key Type the key here. Group Key Re_Keying The period of renewing the broadcast/multicast key.
CONFIGURING THE BAR RICADE 4-48 WPA WPA addresses all known vulnerabilities in WEP, the original, less secure 40 or 104-bit encryption scheme in the IEEE 802.11 standard. WPA also provides user authentication, since WEP lacks any means of authentication. Designed to secure present and future versions of IEEE 802.11 devices, WPA is a subset of the IEEE 802.11i specification. WPA replaces WEP with a strong new encryption technology called Temporal Key Integrity Protocol (TKIP) with Message Integrity Check (MIC). It also provides a scheme of mutual authentication using either IEEE 802.1X/Extensible Authentication Protocol (EAP) authentication or pre-shared key (PSK) technolog y. The passphrase can consist of up to 32 alphanumeric characters. WPA2 Launched in September 2004 by the Wi-Fi Alliance, WPA2 is the certified interoperable version of the full IEEE 802.11i specification which was ratified in June 2004. Like WPA, WPA2 supports IEEE 802.1X/EAP authentication or PSK technology. It also includes a new advanced encryption mechanism using the Counter-Mode/CBC-MAC Protocol (CCMP) called the Advanced Encryption Standard (AES). WPA and WPA2 Mode Types Click Save Settings to proceed, or Cancel to change your settings. WPA WPA2 Enterprise Mode Authentication: IEEE 802.1X/EAP Encryption: TKIP/MICAuthentication: IEEE 802.1X/EAP Encryption: AES-CCMP SOHO Mode Authentication: PSK Encryption: TKIP/MICAuthentication: PSK Encryption: AES-CCMP
SECURITY 4-49 802.1X If 802.1X is used in your network, then you should enable this function for the Barricade. This screen allows you to set the 802.1X parameters. 802.1X is a method of authenticating a client wireless connection. Enter the parameters below to connect the Barricade to the Authentication Server. Parameter Description 802.1X Authentication Enable or disable the authentication function. Session Idle Timeout This is the time (in seconds) that a session will sit inactive before terminating. Set to 0 if you do not want the session to timeout. (Default: 300 seconds) Re-Authentication PeriodThe interval time (in seconds) after which the client will be asked to re-authenticate. For example, if you set this to 30 seconds, the client will have to re-authenticate every 30 seconds. Set to 0 for no re-authentication. (Default: 3600 seconds) Quiet Period This is the interval time (in seconds) for which the Barricade will wait between failed authentications. (Default: 60 seconds) Server Type Sets the authentication server type. Server IP Set the IP address of your RADIUS server.
CONFIGURING THE BAR RICADE 4-50 802.1X The use of IEEE 802.1X offers an effective framework for authenticating and controlling user traffic to a protected network, as well as dynamically varying encryption keys. 802.1X ties EAP (Extensible Authentication Protocol) to both the wired and wireless LAN media and supports multiple authentication methods, such as token cards, Kerberos, one-time passwords, certificates, and public key authentication. Click Save Settings to proceed, or Cancel to change your settings. Server Port Set the connection port that is configured on the radius server. Secret Key The 802.1X secret key used to configure the Barricade. NAS-ID Defines the request identifier of the Network Access Server. Parameter Description
ADVANCED SETTINGS 4-51 Advanced Settings To configure the advanced settings such as NAT, Maintenance, System settings and UPnP, click Advanced Settings. Note:Changing some of the device settings in the Advanced Settings mode may cause the Barricade to become unresponsive. The Barricade’s advanced management interface contains 6 main menu items as described in the following table. Menu Description NAT Shares a single ISP account with multiple users, sets up virtual servers. Maintenance Allows you to backup, restore, reset, and upgrade the Barricade’s firmware. System Sets the local time zone, the password for administrator access, the IP address of a PC that will be allowed to manage the Barricade remotely, and the IP address of a Domain Name Server. SNMP Community string and trap server setting. UPnP Universal Plug and Play (UPnP) allows for simple and robust connectivity between external devices and your PC. Routing Sets routing parameters and displays the current routing table.
CONFIGURING THE BAR RICADE 4-52 NAT The first menu item in the Advanced Settings section is Network Address Translation (NAT). This process allows all of the computers on your home network to use one IP address. Using the NAT capability of the Barricade, you can access the Internet from any computer on your home network without having to purchase more IP addresses from your ISP. To use the NAT feature, check the Enable check box and click Save Settings.