Setting The Wireless Authentication Method; Configuring Encryption - Watchguard Firebox X20E User Manual

Configuring Wireless Security Settings

Setting the wireless authentication method

Five authentication methods are available in the Firebox X Edge e-Series Wireless. We recommend that
you use WPA2 if possible because it is the most secure. The five available methods, from least secure to
most secure, are:
Open System
Open System authentication allows any user to authenticate with the access point. This method
can be used with no encryption, or with WEP encryption.
Shared Key
In Shared Key authentication, only those wireless clients that have the shared key can connect.
Shared Key authentication can be used only with WEP encryption.
WPA ONLY (PSK)
When you use WPA (Wi-Fi Protected Access) with pre-shared keys, each wireless user is given the
same password to authenticate to the wireless access point.
WPA/WPA2 (PSK)
When you select WPA/WPA2 (PSK) authentication, the Edge accepts connections from wireless
devices configured to use WPA or WPA2.
WPA2 ONLY (PSK)
WPA2 authentication with pre-shared keys implements the full 802.11i standard and is the most
secure authentication method. It does not work with some older wireless network cards.

Configuring encryption

From the Encryption drop-down list, select the level of encryption for your wireless connections. The
options change when you use different authentication mechanisms. The Edge automatically creates a
random encryption key for you when a key is required. You can use this key, or change it to a key you
prefer. Each wireless client must use this same key when they connect to the Edge.
Open system and shared key authentication
Encryption options for open system and shared key authentication are WEP 64-bit hexadecimal, WEP
40-bit ASCII, WEP 128-bit hexadecimal, and WEP 128-bit ASCII. If you select open system authentica-
tion, you also can select no encryption.
If you use WEP encryption, type hexadecimal or ASCII characters in the Key text boxes. Not all
1
wireless adapter drivers support ASCII characters.
You can have a maximum of four keys.
- A WEP 64-bit hexadecimal key must have 10 hexadecimal (0-f ) characters.
- A WEP 40-bit ASCII key must have 5 characters.
- A WEP 128-bit hexadecimal key must have 26 hexadecimal (0-f ) characters.
- A WEP 128-bit ASCII key must have 13 characters.
If you typed more than one key, click the key to use as the default key from the Key Index drop-
2
down list.
The Firebox X Edge e-Series Wireless can use only one key at a time. If you select a key other than
the first key in the list, you also must set your wireless client to use the same key.
WPA and WPA2 PSK authentication
The encryption options for WPA-PSK and WPA2-PSK authentication are TKIP, AES, and Auto. We rec-
ommend that you set the encryption option to Auto to have the Firebox X Edge e-Series Wireless
accept TKIP and AES settings.
84 Firebox X Edge e-Series