• Choose a category
• All
• Classic-Fiction

Figure 24-13 Security login for Linksys WAP

Figure 24-14 Linksys WAP setup screen

Configure the SSID option where indicated. Channel selection is usually automatic, but you can reconfigure this option if you have particular needs in your organization (for example, if you have multiple wireless networks operating in the same area). Remember that it’s always more secure to configure a unique SSID than it is to accept the well-known default one. You should also make sure that the option to allow broadcasting of the SSID is disabled. This ensures that only wireless nodes specifically configured with the correct SSID can join the wireless network.

To increase security even more, use MAC filtering. Figure 24-15 shows the MAC filtering configuration screen on a Linksys WAP. Simply enter the MAC address of a wireless node that you wish to allow (or deny) access to your wireless network. Set up encryption by turning encryption on at the WAP and then generating a unique security key. Then configure all connected wireless nodes on the network with the same key information. Figure 24-16 shows the WEP key configuration dialog for a Linksys WAP.

* * *

EXAM TIP As noted earlier in the chapter, the WEP protocol provides security, but it’s easily cracked. Use WPA2 or, if you have older equipment, settle for WPA until you can upgrade.

Figure 24-15 MAC filtering configuration screen for a Linksys WAP

Figure 24-16 WEP Encryption key configuration screen on Linksys WAP

When setting up WEP, you have the option of automatically generating a set of encryption keys or doing it manually; save yourself a headache and use the automatic method. Select an encryption level—the usual choices are either 64-bit or 128-bit—and then enter a unique passphrase and click the Generate button (or whatever the equivalent button is called on your WAP). Then select a default key and save the settings. The encryption level, key, and passphrase must match on the wireless client node or communication will fail. Many WAPs have the capability to export the WEP encryption key data onto a media storage device for easy importing onto a client workstation, or you can manually configure encryption by using the vendor-supplied configuration utility, as shown in Figure 24-17.

WPA and WPA2 encryption is configured in much the same way as WEP. There are two ways to set up WPA/WPA2: Pre-shared Key (PSK) or Enterprise. WPA/WPA2-PSK is the most common for small and home networks. Enterprise is much more complex, requires extra equipment (a RADIUS server), and is only used in the most serious and secure wireless networks.

If you have the option, choose WPA2 encryption for the WAP as well as the NICs in your network. You configure WPA2 the same way you would WPA. Note that the settings such as WPA2 for the Enterprise assume you’ll enable authentication by using a device called a RADIUS server (Figure 24-18). This way, businesses can allow only people with the proper credentials to connect to their Wi-Fi networks. For home use, select the PSK version of WPA/WPA2. Use the best encryption you can. If you have WPA2, use it. If not, use WPA. WEP is always a last choice.

Figure 24-17 WEP Encryption screen on client wireless network adapter configuration utility

Figure 24-18 Encryption screen with RADIUS option

* * *

NOTE Always try WPA2-PSK first. If you then have wireless computers that can’t connect to your WAP, fall back to WPA-PSK.

With most home networks, you can simply leave the channel and frequency of the WAP at the factory defaults, but in an environment with overlapping Wi-Fi signals, you’ll want to adjust one or both features. To adjust the channel, find the option in the WAP configuration screens and simply change it. Figure 24-19 shows the channel option in a Linksys WAP.

Figure 24-19 Changing the channel

With dual-band 802.11n WAPs, you can choose which band to put 802.11n traffic on, either 2.4 GHz or 5 GHz. In an area with overlapping signals, most of the traffic will be