28
3 Wireless networking
DMS3-CTC-25-154 v1.0
3.4 Securing your wireless connection
Introduction
We strongly recommend you to protect all wireless communication between any wireless client and your TG389ac with a
wireless key. This ensures that:
Only clients that use the correct Network Name (SSID) and wireless key can connect to the access points of your
TG389ac.
All data passing through the wireless access points of your TG389ac is secured by adequate encryption.
Encryption types
The list below gives you an overview of the encryption types supported by your TG389ac and ordered by descending
security level; you will find the highest level of security at the top of the list:
WPA-Enterprise (WPA-802.1X or simply WPA) encryption:
Wireless clients will authenticate to a specific Remote Authentication Dial In User Service (RADIUS) server. This
RADIUS server then provides the wireless key that must be used to encrypt its data. The RADIUS server regularly
updates this key at a specified interval.
WPA-Personal (WPA-PSK) Encryption:
The wireless connection is secured with a pre-shared key that has been defined by the user. Wireless clients must be
configured with this key before they can connect to your TG389ac. Your TG389ac supports the following WPA-PSK
versions (ordered by descending security):
WPA2 PSK:
the most recent and most secure version of WPA-PSK.
Choose this version if you are sure that all your wireless clients support WPA2-PSK.
WPA+WPA2 PSK
: this is a mixed mode.
WPA2-PSK is the preferred encryption type, but wireless clients that do not support WPA2-PSK can still use
WPA-PSK as encryption type.
Choose this option if not all of your wireless clients support WPA2-PSK, or if you are not sure. Wireless clients that
support WPA2-PSK will use WPA2-PSK, the others will use WPA-PSK.
WEP Encryption:
The least safe encryption type used for wireless connections. Like WPA-PSK it uses a user-defined key, but WEP has
been proven to have security issues.
Configuration
To secure your wireless network with:
WPA-PSK encryption, continue with
“3.4.1 Configuring WPA(2)-PSK encryption” on page 29
WPA encryption (via RADIUS), continue with
“3.4.2 Configuring WPA-Enterprise encryption” on page 30
Although your TG389ac allows you to use WEP or no security, we strongly advise against using one of them!