Chapter 11: Wireless LAN – WLAN LANCOM Reference Manual LCOS 3.50
233
Wireless LAN – WLAN
example, is not a particularly secure SSID. (’Network settings’
→page251)
햴If you know exactly which wireless network cards are permitted to access
your WLAN, you can enter the MAC addresses of these cards into the
access control list, thus excluding all other cards from communications
with the access point. This reduces access to the WLAN only to those
clients with listed MAC addresses. (’Access Control List’ →page235)
햵Use encryption on the data transferred in the WLAN. Activate the
strongest possible encryption available to you ((802.11i with AES, WPA or
WEP) and enter the appropriate keys or passphrases into the access point
and the WLAN clients (’Encryption settings’ →page 238 and ’WEP group
keys’ →page241).
햶Regularly change the WEP key. Also change the standard key (’Encryption
settings’ →page 238) in the configuration. Alternatively, you can use a
cron job to automatically change the key every day, for example
(’Zeitautomatik für LCOS-Befehle’ →page 46). The passphrases for
802.11i or WPA do not have to be changed regularly as new keys are
generated for each connection anyway. This is no t the onl y rea son tha t the
encry ption with 8 02.11 i/AE S or WPA/ TKIP is so m uch mo re sec ure th at the
now aged WEP method.
햷If the data is of a high security nature, you can further improve the WEP
encryption by additionally authenticating the client with the 802.1x
method (’IEEE 802.1x/EAP’ →page255) or activate an additional
encryption of the WLAN connection as used for VPN tunnels (’IPSec over
WLAN’ →page 256). In special cases, a combination of these two
mechanisms is possible.
Further information is available from our web site www.lancom-
systems.com under Support FAQ.
11.4 Configuration of WLAN parametersChanges to the wireless network settings can be made at various points in the
configuration:
Some parameters concern the physical WLAN interface. Some LANCOM
models have one WLAN interface, others have the option of using a
second WLAN card as well. The settings for the physical WLAN interface