3
1
I am using older SOHO router wl500gP (it is v1 but I think this is not important) with custom Oleg firmware which allows me to use one of the following "Authentication Method":
Authentication Method:
- Open System
- Shared Key
- WPA-Personal
- WPA2-Personal
- WPA-Auto-Personal
- WPA-Enterprise
- WPA2-Enterprise
- Radius with 802.1x
Bellow are further options available on my router. Availability of those options is depending upon which "Authentication Method" was chosen.
WPA Encryption:
- TKIP
- AES
- TKIP + AES
WPA Pre-Shared Key:
WEP Encryption:
- WEP 64-bits
- WEP 128-bits
Passphrase:
WEP Key 1 (10 or 26 hex digits):
WEP Key 2 (10 or 26 hex digits):
WEP Key 3 (10 or 26 hex digits):
WEP Key 4 (10 or 26 hex digits):
Key Index:
Network Key Rotation Interval:
This is my current configuration. I've set it some time ago and did not changed it because it simply works:
Authentication Method:
- WPA-Personal
- WPA Encryption:
- TKIP
- WPA Pre-Shared Key: # Here I fill my secret password
- WEP Encryption:
- None
Now after a long time I want to explore what is the best security that my router offers. I am just exploring the web interface of the router and I have noticed that the router allows me to use "WEP Encryption" option no matter which "Authentication Method" I've chosen (it also works under "Open System"). In contrast "WPA Encryption" option is available only if some of following "Authentication Method" were chosen
- WPA-Personal
- WPA2-Personal
- WPA-Auto-Personal
- WPA-Enterprise
- WPA2-Enterprise
- How is possible that I can also use both WEP and WPA together? Is this allowed by wireless standard or is it just mistake from router vendor?
- What are differences between Personal vs Enterprise authentication methods?
- What does those options (TKIP, AES, TKIP + AES) under "WPA Encryption" mean? I was thinking that WPA differs from WEP and this is the whole story. Now it seems that there are several WPA encryptions that can be used.
- I have also noticed that under WPA there is no more option for choosing bits for key length (64 or 128) as it was in WEP. Does this mean that WPA uses some unified key length?
I apologize for this type of questions, I am not expert in this area and basically what I know is the order of encryptions from least secure to most secure (WEP < WPA < WPA2) and that the fact that longer key means more secure key.
Thank you for reply. I am not sure if I have WPA2 only (I have Personal and Enterprise) also I did not find nowhere the AES-CCMP. Can you please also explain following: if WEP and WPA can be set together? TKIP vs AES vs TKIP + AES? Does WPA uses some unified key length? Thank you very much – Wakan Tanka – 2015-04-03T21:18:55.933
1If the UI just says "AES", it implies "AES-CCMP". You don't want to enable any kind of WEP, original WPA (as opposed to WPA2), or TKIP, because they are weak by today's standards, and you probably don't have any ancient Wi-Fi gear that can't do WPA2. – Spiff – 2015-04-03T21:21:56.137
Thank you very much, this is the most complete answer regarding wireless security I've found on whole Internet. – Wakan Tanka – 2015-04-03T21:33:04.557