Wireless > Security

Note
When the SonicWALL wireless security appliance is configured in Access Point mode, this page is called Security . When the appliance is configured in Wireless Bridge mode, this page is called WEP Encryption .

Wired Equivalent Protocol (WEP) can be used to protect data as it is transmitted over the wireless network, but it provides no protection past the SonicWALL. It is designed to provide a minimal level of protection for transmitted data, and is not recommended for network deployments requiring a high degree of security.

Wi-Fi Protected Access (WPA and WPA2) provides much greater security than WEP, but requires a separate authentication protocol, such as RADIUS, be used to authenticate all users. WPA uses a dynamic key that constantly changes, as opposed to the static key that WEP uses.

The SonicWALL security appliance provides a number of permutations of WEP and WPA encryption.The following sections describe the available wireless security options:

Authentication Overview

Below is a list of available authentication types with descriptive features and uses for each:

WEP

WPA

WPA2

WPA2-AUTO

WPA/WPA2 Encryption Settings

Both WPA and WPA2 support two protocols for storing and generating keys:

Pre-Shared Key (PSK) : PSK allows WPA to generate keys from a pre-shared passphrase that you configure. The keys are updated periodically based on time or number of packets. Use PSK in smaller deployments where you do not have a RADIUS server.
Extensible Authentication Protocol (EAP) : EAP allows WPA to synchronize keys with an external RADIUS server. The keys are updated periodically based on time or number of packets. Use EAP in larger, enterprise-like deployments where you have an existing RADIUS framework.

WPA2 also supports EAP and PSK protocols, but adds an optional AUTO mode for each protocol. WPA2 EAP AUTO and WPA2 PSK AUTO try to connect using WPA2 security, but will default back to WPA if the client is not WPA2 capable.

Note

WPA2 and WPA PSK Settings

Encryption Mode : In the Authentication Type field, select either WPA-PSK , WPA2-PSK , or WPA2-Auto-PSK .

WPA Settings

Cypher Type : select TKIP. Temporal Key Integrity Protocol (TKIP) is a protocol for enforcing key integrity on a per-packet basis.
Group Key Update : Specifies when the SonicWALL security appliance updates the key. Select By Timeout to generate a new group key after an interval specified in seconds. Select By Packet to generate a new group key after a specific number of packets. Select Disabled to use a static key.
Interval : If you selected By Timeout , enter the number of seconds before WPA automatically generates a new group key.

Preshared Key Settings (PSK)

Passphrase : Enter the passphrase from which the key is generated.

Click Apply in the top right corner to apply your WPA settings.

WPA2 and WPA EAP Settings

Encryption Mode : In the Authentication Type field, select either WPA-EAP , WPA2-EAP , or WPA2-AUTO-EAP .

WPA Settings

Cypher Type : Select TKIP. Temporal Key Integrity Protocol (TKIP) is a protocol for enforcing key integrity on a per-packet basis.
Group Key Interval : Eenter the number of seconds before WPA automatically generates a new group key.

Extensible Authentication Protocol Settings (EAP)

Radius Server 1 IP and Port : Enter the IP address and port number for your primary RADIUS server.
Radius Server 1 Secret : Enter the password for access to Radius Server
Radius Server 2 IP and Port : Enter the IP address and port number for your secondary RADIUS server, if you have one.
Radius Server 2 Secret : Enter the password for access to Radius Server

Click Apply in the top right corner to apply your WPA settings.

WEP Encryption Settings

The SonicWALL security appliance offers the following WEP encryption options:

WEP - Open system : In open-system authentication, the SonicWALL allows the wireless client access without verifying its identity.
WEP -Shared key : Uses WEP and requires a shared key to be distributed to wireless clients before authentication is allowed.
Both (Open System & Shared Key) : The Default Key assignments are not important as long as the identical keys are used in each field. If Shared Key is selected, then the key assignment is important.

To configure wireless security on the SonicWALL, navigate to the Wireless > Security page and perform the following tasks:

Step 1
Step 2
In the Default Key pulldown menu, select which key will be the default key.
Step 3
In the Key Entry menu, select if your keys will be Alphanumeric or Hexadecimnal .

 

Alphanumeric - 5 characters (0-9, A-Z)

Alphanumeric - 13 characters

Alphanumeric - 16 characters

Hexadecimal - 10 characters (0-9, A-F)

Hexadecimal - 26 characters

Hexadecimal - 32 characters

Step 4
Step 5
Step 6
Click Apply .