Show
From the Encryption (Authentication) drop-down list in the wireless access point configuration, you can select the level of the authentication method for your wireless connections. The eight available authentication methods, from least secure to most secure, are explained in this topic. Select the most secure authentication method that is supported by your wireless network clients. KRACK WPA/WPA2 VulnerabilitiesWatchGuard has addressed recent KRACK WPA/WPA2 vulnerabilities for Firebox wireless devices in Fireware v12.0.1 and higher. In Fireware v12.0.2 and higher, you can enable the WPA/WPA2 vulnerability mitigation check box in the Wireless settings to mitigate KRACK WPA/WPA2 vulnerabilities in unpatched wireless clients. For more information, see About Firebox Wireless Configuration. WPA and WPA2 with Pre-Shared KeysWPA (PSK) and WPA2 (PSK) Wi-Fi Protected Access methods use pre-shared keys for authentication. WPA (PSK) and WPA2 (PSK) are more secure than WEP shared key authentication. When you choose one of these methods, you configure a pre-shared key that all wireless devices must use to authenticate to the wireless access point. Your wireless Firebox supports three wireless authentication settings that use pre-shared keys:
WPA and WPA2 with Enterprise AuthenticationThe WPA Enterprise and WPA2 Enterprise authentication methods use the IEEE 802.1X standard for network authentication. These authentication methods use the EAP (Extensible Authentication Protocol) framework to enable user authentication to an external RADIUS authentication server or to the Firebox (Firebox-DB). The WPA Enterprise and WPA2 Enterprise authentication methods are more secure than WPA/WPA2 (PSK) because users authenticate with their own credentials instead of a shared key. Wireless Fireboxes that run Fireware v11.4 and higher support three WPA and WPA2 Enterprise wireless authentication methods:
For more information about these authentication methods, see WPA/WPA2 Enterprise Authentication with RADIUS. To use the Enterprise authentication methods, you must configure an external RADIUS authentication server, or configure the Firebox as an authentication server. For more information about how to configure the settings for these authentication methods, see
Open System and Shared KeyThe Open System and Shared Key authentication methods use WEP encryption. WEP is not as secure as WPA2 and WPA (Wi-Fi Protected Access). We recommend you do not use these less secure methods unless your wireless clients do not support WPA or WPA2.
See AlsoSet the Encryption Level WPA/WPA2 Enterprise Authentication with RADIUS
Select Your RegionSign In to access restricted content Using Intel.com SearchYou can easily search the entire Intel.com site in several ways.
Quick LinksYou can also try the quick links below to see results for most popular searches.
Recent SearchesSign In to access restricted content Advanced SearchOnly search inTitle Description Content ID Sign in to access restricted content.
The browser version you are using is not recommended
for this site.
Documentation Content Type Product Information & Documentation Article ID 000006999 Last Reviewed 10/28/2021 802.1X overview 802.1X is a port access protocol for protecting networks via authentication. As a result, this type of authentication method is extremely useful in the Wi-Fi environment due to the nature of the medium. If a Wi-Fi user is authenticated via 802.1X for network access, a virtual port is opened on the access point allowing for communication. If not successfully authorized, a virtual port isn't made available and
communications are blocked. There are three basic pieces to 802.1X authentication: Extensible Authentication Protocol (EAP) is used to
pass the authentication information between the supplicant (the Wi-Fi workstation) and the authentication server (Microsoft IAS or other). The EAP type actually handles and defines the authentication. The access point acting as authenticator is only a proxy to allow the supplicant and the authentication server to communicate. Which should I use? Which EAP type to implement, or whether to implement 802.1X at all, depends on the level of security that the
organization needs, the administrative overhead, and features desired. Hopefully the descriptions here and a comparative chart will ease the difficulties in understanding the variety of EAP types available. Extensible Authentication Protocol (EAP) authentication types Because Wi-Fi Local Area Network (WLAN) security is essential and EAP authentication types provide a potentially better means of securing the WLAN connection, vendors are rapidly developing and adding
EAP authentication types to their WLAN access points. Some of the most commonly deployed EAP authentication types include EAP-MD-5, EAP-TLS, EAP-PEAP, EAP-TTLS, EAP-Fast, and Cisco LEAP. 802.1X EAP Types Feature / Benefit FAST A review of the above discussions and table usually provides the following conclusions: Another option is VPN Instead of relying on Wi-Fi LAN for authentication and privacy (encryption), many enterprises implement a VPN. This is done by placing the access points outside the corporate firewall and having the user tunnel in via a VPN Gateway - just as if they were a remote user. The downsides of implementing a VPN solution are cost, initial installation complexities, and ongoing administration overhead.
Related ProductsThis article applies to 140 products.Intel® Killer™ Wi-Fi 6E AX1675 (i/s) Intel® Killer™ Wi-Fi 6E AX1675 (i/s) Discontinued ProductsNeed more help?
Give FeedbackWhat are the two protocols used by external authentication server?The most commonly used authorization and authentication protocols are Oauth 2, TACACS+, RADIUS, Kerberos, SAML, and LDAP/Active Directory.
Which two protocols are used by an administrator for authentication and configuration on access points?Remote Access Dial In User Service (RADIUS) and Terminal Access Controller Access-Control System Plus (TACACS+) are two common security protocols used to provide centralized access into networks.
Which protocol is used for authentication?Kerberos (protocol)
It is the default authentication method in Windows 2000 and later.
Which wireless authentication method implements two way or mutual authentication between client and access point?WEP supports two authentication methods: Open authentication. Shared key authentication.
|