Fortinet ORTIWIFI-60A /AM manual Wireless Security, Wireless Equivalent Privacy WEP

Page 59


Using a wireless network	Wireless Security

Figure 11: Using multiple APs to provide a constant strong signal.

Stairs	Elevator
Washrooms

This sample office has washrooms, a stairwell and an elevator shaft in the center of the building, making it impossible to use a single FortiWiFi AP effectively. The elevator shaft and multiple metal stalls in the washrooms can cause signal degradation. However, placing a FortiWiFi AP in opposite corners of the office provides maximum coverage.

When using multiple APs, each FortiWiFi AP should be set to a different channel to avoid interference in areas where signals from both FortiWiFi units can be received.

Wireless Security

Radio waves transmitted between a wireless device and access points provide the weakest link between the wireless device and network servers. Wireless networking can be risky because information travels on radio waves, which is a public medium. The 802.11 standard includes security options to stop your information from being intercepted by unwanted sources. These are Wireless Equivalent Privacy (WEP) and WiFi Protected Access (WPA) encryption. Wireless encryption is only used between the wireless device and the AP. The AP decrypts the data before sending it along the wired network. The FortiWiFi unit supports both encryption methods.

Wireless Equivalent Privacy (WEP)

WEP security uses an encryption key between the wireless device and the AP. For WEP security, the wireless device and AP must use the same encryption key, and is manually typed by the wireless user and administrator. When activated, the wireless device encrypts the data with the encryption key for each frame using RSA RC4 ciphers.

FortiWiFi-60A/AM FortiOS 3.0 MR4 Install Guide	59
01-30004-0283-20070215

Image 59

Contents Install G U I D E Regulatory compliance TrademarksContents Configuring the modem interface Configuring the FortiWiFiIndex Using a wireless networkFortiWiFi Firmware Page FortiWiFi-60A/AM About the FortiWiFi unitFortiClient Register your FortiWiFi unitFortiGuard Subscription Services Fortinet Family ProductsFortiBridge FortiMailFortiAnalyzer FortiReporterDocument conventions About this documentAddressipv4 Typographic conventionsFortinet documentation FortiGate Install GuideComments on Fortinet technical documentation Customer service and technical supportFortinet Knowledge Center Customer service and technical support Package Contents Installing the FortiWiFi unitMounting Powering on the FortiWiFi unitTo power on the FortiWiFi unit SpecificationsTo power off the FortiWiFi unit Connecting to the FortiWiFi unitPowering off the FortiWiFi unit Command line interfaceTo connect to the web-based manager Connecting to the web-based managerSystem Dashboard Connecting to the CLIBits per second 9600 Data bits Parity Quick installation using factory defaultsTo connect to the CLI WelcomeGo to System Network Options Quick installation using factory defaults Factory defaults Factory default NAT/Route mode network configuration Factory default Dhcp server configurationFactory default firewall configuration Factory default Transparent mode network configurationFactory default protection profiles To reset the default settings Go to System Status Restoring the default settingsRestoring the default settings using the web-based manager Restoring the default settings using the CLIRestoring the default settings NAT/Route mode Planning the FortiWiFi configurationExample NAT/Route mode network configuration NAT/Route mode with multiple external network connectionsExample NAT/Route multiple internet connection Transparent modePreparing to configure the FortiWiFi unit in NAT/Route mode NAT/Route mode installationPPPoE setting User name Password Dhcp or PPPoE configurationUsing the web-based manager NAT/Route mode settings Administrator Password InternalTo configure interfaces Go to System Network Interface Configuring basic settingsConfiguring the FortiWiFi unit to operate in NAT/Route mode Adding a default routeVerifying the web-based manager configuration Using the command line interfaceTo set the WAN1 interface to use DHCP, enter To add/change the administrator passwordTo configure interfaces ExampleGet system interface To configure DNS server settingsTo add a default route To set the WAN1 interface to use PPPoE, enterTo connect the FortiWiFi unit Connecting the FortiWiFi unit to the networksNAT/Route mode connections Configuring the networksDNS Settings Transparent mode installationPreparing to configure Transparent mode Transparent mode settings Administrator PasswordTo verify the DNS server settings To change to Transparent mode using the CLITo connect the FortiWiFi unit running in Transparent mode Reconnecting to the web-based managerConnecting the FortiWiFi unit to your network Set the date and time Next stepsUpdating antivirus and IPS signatures Every Scheduling antivirus and IPS updatesTo update IPS signatures using the CLI Updating the IPS signatures from the CLIWeekly To enable schedule updates from the CLIAdding an override server DailyConfig system autoupdate override set address Set status End To add an override server using the CLINext steps Configuring the modem interface To configure the FortiWiFi-60A using the CLI Selecting a modem modeRedundant mode configuration Stand alone mode configurationEnter the following to configure the dialup account Configuring modem settings To disconnect the modem Connecting and disconnecting the modem in Stand alone modeTo configure modem settings Go to System Network Modem To connect to a dial-up account Go to System Network ModemKeywords and variables Description Default Configuring the modem using the CLIPeermodem1 Dead gateway detection Adding a Ping ServerAdding firewall policies for modem connections FortiWiFi unit as an Access Point Setting up a wireless networkRadio Frequency interface Positioning an Access PointUsing multiple access points Wireless Equivalent Privacy WEP Wireless SecurityMAC address filtering Wi-Fi Protected Access WPAAdditional security measures To disable Ssid Go to System Wireless Settings FortiWiFi operation modesService Set Identifier Access Point modeChanging the operating mode Setting up the FortiWiFi unit as an Access PointClient mode Set the security options Set the Dhcp settingsTo set the data security Go to System Wireless Settings Configure the firewall policies Upgrading to a new firmware version Upgrading the firmware using the web-based managerTo upgrade the firmware using the web-based manager Execute restore image image.out Upgrading the firmware using the CLITo upgrade the firmware using the CLI Execute restore image Tftp namestr tftpipv4Reverting to a previous firmware version Execute update-nowTo revert to a previous firmware version using the CLI Reverting to a previous firmware version using the CLIExecute restore image Tftp image.out To install firmware from a system reboot Enter Local Address Press Any Key To Download Boot ImagePress any key to display configuration menu Enter Tftp Server AddressDo You Want To Save The Image? y/n Restoring the previous configurationSave as Default firmware/Run image without savingD/R FortiUSB keyTo restore configuration using the CLI Backup and Restore from the FortiUSB keyTo backup configuration using the CLI To configure the USB Auto-Install using the CLI Using the USB Auto-Install featureTo test a new firmware image Testing a new firmware image before installing itAdditional CLI Commands for the FortiUSB key Testing a new firmware image before installing it Type n FortiWiFi unit running v3.x Bios Testing a new firmware image before installing it Numerics Index01-30004-0283-20070215