NetComm N300 Network Router User Manual


 
YML9WMAXXN ADSL2+ Wireless N300 Modem Router with VoIP User Guide
www.netcomm.com.au 35
NetComm Gateway
TM
Series - ADSL2+ Wireless N300 Modem Router with VoIP
WPA-PSK
WPA-PSK is a special mode of WPA providing strong encryption without access to a RADIUS server.
In this mode encryption keys are automatically changed (rekeyed) and authentication re-established between devices after a specied
period referred to as the ‘WPA Group Rekey Interval’.
WPA-PSK is far superior to WEP and provides stronger protection for the home/SOHO user for two reasons: rst, the process used to
generate the encryption key is very rigorous and second, the rekeying (or key changing) is done very quickly. This stops even the most
determined hacker from gathering enough data to identify the key and so break the encryption.
WEP is confusing because of the various types of ‘network keys’ vendors use (HEX, ASCII, or passphrase) and because home users mix
and match equipment from multiple vendors, all using different types of keys. But WPA-PSK employs a consistent, easy to use method to
secure your network. This method uses a passphrase (also called a shared secret) that must be entered in both the NB9WMAXXn and the
wireless clients. This shared secret can be between 8 and 63 characters and can include special characters and spaces. For maximum
security, the “WPA Pre-Shared Key” should be a random sequence of either keyboard characters (upper and lowercase letters, numbers,
and punctuation) at least 20 characters long, or hexadecimal digits (numbers 0-9 and letters A-F) at least 24 hexadecimal digits long.
Note: The less obvious, longer and more ‘random’ your ‘WPA Pre-Shared Key’, the more secure your network.
Note the following ‘WPA Encryption’ options:
TKIP: The Temporal Key Integrity Protocol (TKIP) takes over after the initial shared secret is
entered in your wireless devices and handles the encryption and automatic rekeying.
AES: WPA denes the use of Advanced Encryption Standard (AES) as an additional
replacement for WEP encryption. Because you may not be able to add AES support
through a rmware update to your existing wireless clients / equipment, support for
AES is optional and is dependent on vendor driver support.
TKIP+AES: This will allow either TKIP or AES wireless clients to connect to your NB9WMAXXn.
WPA2
‘WPA Pre-authentication’ support in WPA2 allows a client to pre-authenticate with the NB9WMAXXn toward which it is moving, while
maintaining a connection to the access point it’s moving away from. This new capability allows the roaming to occur in less than 1/10th
of a second while a traditional roam without PMK caching and pre-authentication would take more than one second. Time-sensitive
applications like Citrix, video, or VoIP will all break without fast roaming.
‘Network Re-Auth Interval’ is the interval specied (seconds) that the wireless client needs to re-authenticate with the NB9WMAXXn.
For the remainder of the elds required, see above.
WPA2-PSK: Same as WPA-PSK, but you can only use AES with WPA2 and not WPA.
Mixed WPA2/WPA: Enables WPA2 or WPA wireless clients to connect to the NB9WMAXXn. Requires a RADIUS server to
authenticate the wireless clients.
Mixed WPA2/WPA-PSK: Enables WPA2 and WPA clients to authenticate using a PSK (Pre-Shared Key) instead of a RADIUS
server.