Table of Contents
Advertisement
Network Setup menu options
Wireless
Typically, the appliance's wireless interface is configured in one of two ways; with strong wireless security
(WPA) to bridge wireless clients directly onto your LAN, or with weak wireless security as a Guest
connection. The latter requires wireless clients to establish a VPN tunnel on top of the wireless connection
to access the LAN, DMZ, and Internet to compensate for the security vulnerabilities WEP poses.
In addition to connection configuration, you can also configure wireless access point, access control list
(ACL), and advanced settings.
Tip:
You can also opt to select the Access Point option from the Change Type list, which automatically creates
a bridge to the LAN. See
Bridging wireless and LAN
Wireless security methods
The following wireless security methods are supported:
• None — Any client is allowed to connect, and there is no data encryption.
• WEP (Wired Equivalent Privacy) — Allows for 64- or 128-bit encryption.
• WEP with 802.1X — Extends WEP to use the IEEE 802.1X protocol to authenticate the user and
dynamically assign a 128-bit encryption key via a RADIUS server. This is a significant improvement to the
security of WEP. The RADIUS server must be defined on the RADIUS page. For information, refer to
RADIUS
page.
• WPA-PSK (Wi-Fi Protected Access Preshared Key, also known as WPA-Personal) — An
authentication and encryption protocol that fixes the security flaws in WEP. This security method is
recommended if you do not have a RADIUS server. If you elect to use the AES encryption protocol with
WPA-PSK, then this method is also known as WPA2 or 802.11i.
Security Alert:
If you use WEP or no wireless security method at all, McAfee recommends you configure the
wireless interface as a Guest connection, disable bridging between clients, and only allow VPN traffic over the
wireless connection.
This section contains the following procedures:
•
Configuring a wireless connection
•
Bridging wireless and LAN connections
•
Configuring Wireless MAC-based ACL
•
Configuring WDS
•
Configuring advanced wireless features
Configuring a wireless connection
Use this procedure to configure a wireless connection.
Security Alert:
McAfee recommends configuring the wireless interface as a LAN connection only if wireless clients
are using WPA-based encryption/authentication. For more information, see WPA-PSK and WPA-Enterprise in
Wireless security
methods.
From the Network Setup menu, click Network Setup. The Connections page appears.
1
Select Direct Connection from the Change Type list of the wireless network interface. The Direct
2
Connections Settings page appears
McAfee UTM Firewall 4.0.4 Administration Guide
connections.
(Figure
82).
83
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
