8,949
edits
Changes
Template:Networking rutos manual wireless (view source)
Revision as of 12:23, 28 June 2024
, 28 Juneno edit summary
==Summary==
==Summary==
The <b>Wireless</b> section of the Network tab can be used to manage and configure WiFi Access Points and WiFi Stations (clients) . This chapter of the user manual provides an overview of the Wireless section for {{{name}}} devices.
The <b>Wireless</b> section of the Network tab can be used to manage and configure WiFi Access Points, WiFi Stations (clients) and WiFi devices. This chapter of the user manual provides an overview of the Wireless section for {{{name}}} devices.
{{#switch: {{{series}}} | TAP100 | TAP200= | #default= {{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer
{{#switch: {{{series}}} | TAP100 | TAP200= | #default= {{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer
| series = {{{series}}}
| series = {{{series}}}
{{#switch: {{{wifi}}}
{{#switch: {{{wifi}}}
| 2 = {{{name}}} devices support IEEE 802.11b/g/n and 802.11e_WMM wireless technologies.
| 2 = {{{name}}} devices support IEEE 802.11b/g/n and 802.11e_WMM wireless technologies.
| 5 = {{{name}}} devices support IEEE 802.11ac (WiFi 5) with data transmission rates up to 867 Mbps (Dual Band, MU-MIMO), 802.11r fast transition.
| 5 = {{#switch: {{{name}}} | RUTC50 = {{{name}}} devices support IEEE 802.11b/g/n/ac/ax with data transmission rates up to 3603Mbps on 5GHz, 576Mbps on 2.4GHz (Dual Band, MU-MIMO), 802.11r fast transition.| #default = {{{name}}} devices support IEEE 802.11ac (WiFi 5) with data transmission rates up to 867 Mbps (Dual Band, MU-MIMO), 802.11r fast transition.}}
}}
}}
The <b>SSIDs</b> section is used to configure your wireless access points (AP) and wireless clients (STA).
The <b>SSIDs</b> section is used to configure your wireless access points (AP) and wireless clients (STA).
{{#switch:{{{name}}}
{{#switch:{{{series}}}
|TCR100 = [[File:Networking_rutos_manual_wireless_wifi_5_tcr1_v4.png|border|class=tlt-border]]
|TCR1 = [[File:Networking_rutos_manual_wireless_wifi_tcr1.png|border|class=tlt-border]]
|TAP100 = [[File:Networking_rutos_manual_wireless_wifi_tap100_v1.png|border|class=tlt-border]]
|TAP100|TAP200 = [[File:Networking_rutos_manual_wireless_wifi_{{{wifi}}}_tap.png|border|class=tlt-border]]
|TAP200 = [[File:Networking_rutos_manual_wireless_wifi_tap200_v1.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_wireless_wifi_{{{wifi}}}_v4.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_wireless_wifi_{{{wifi}}}_v4.png|border|class=tlt-border]]
}}
}}
Above is the overview of the SSIDS Overview window. It displays active access points{{#switch:{{{series}}}|TAP100|TAP200=.|#default= and stations.}}
Above is the overview of the SSIDS Overview window. It displays active access points{{#switch:{{{series}}}|TAP100|TAP200=.|#default= and stations.}}
Here you can turn on or off your WiFi interfaces, remove them or start configuring by clicking on
Here you can turn on or off your WiFi interfaces, remove them or start configuring by clicking on
<b>Edit</b> button on the right side of interface.{{#switch:{{{series}}}|TAP100|TAP200=|#default= You can also configure your WiFi devices by clicking <b>Edit</b> button in the right side of each table header. To configure your Wireless device as Client press '''Scan''' button to scan the surrounding area and attempt to connect to a new wireless access point.}}
<b>Edit</b> button on the right side of interface.{{#switch:{{{series}}}|TAP100|TAP200=|#default= To configure your Wireless device as Client press '''Scan''' button to scan the surrounding area and attempt to connect to a new wireless access point.}}
{{#ifeq: {{{series}}} | TCR1 |
{{#ifeq: {{{series}}} | TCR1 |
====Guest Network====
====Guest Network====
Most of us are aware, that network security is extremely important. If your WiFi network is not properly secured, it makes you and all of your home or office resources vulnerable to a variety of security threats. To stay ahead of the curve, many companies and home users have guest WiFi. Unlike your regular WiFi network that you or your company members use, the guest WiFi network restricts what your guests can do in your network. It gives visitors access to the Internet connection, but nothing else making you or your company a lot more secure.
Most of us are aware, that network security is extremely important. If your WiFi network is not properly secured, it makes you and all of your home or office resources vulnerable to a variety of security threats. To stay ahead of the curve, many companies and home users have guest WiFi. Unlike your regular WiFi network that you or your company members use, the guest WiFi network restricts what your guests can do in your network. It gives visitors access to the Internet connection, but nothing else making you or your company a lot more secure.|}}
|}}
===Radio===
----
----
The <b>{{#switch:{{{series}}}|TAP100|TAP200=Radio|#default=Global}} Settings</b> section is used for configuring WiFi hardware parameters. You can find this section {{#switch:{{{series}}}|TAP100|TAP200=|#default=by clicking the 'Edit' button next to a wireless device (<u>not an interface</u>)}} in the Network → {{#switch:{{{series}}}|TAP100|TAP200=Wireless → Radio page.|#default=SSIDS page:}}
The <b>Global Settings</b> section is used for configuring the country code which is used for regulatory purposes (different areas allow different maximum transmit power and operating frequencies) and WiFi hardware parameters. You can change parameters by clicking the 'Edit' button next to a wireless device (<u>not an interface</u>) in the Network → SSIDS page:
{{#switch:{{{name}}}
{{#switch:{{{name}}}
|TCR1 = [[File:Networking_rutos_manual_wireless_radio_tcr1.png|border|class=tlt-border]]
|TAP100|TAP200 = [[File:Networking_rutos_manual_wireless_radio_{{{wifi}}}_tap.png|border|class=tlt-border]]
|TCR1 = [[File:Networking rutos manual wireless wifi 5 tcr1 v4.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_wireless_radio_{{{wifi}}}.png|border|class=tlt-border]]
|RUT241|RUT200|RUT951|RUT956|RUT906|RUT901 = [[File:Networking rutos manual wireless wifi 2 v4 mixed.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_wireless_wifi_{{{wifi}}}_v4.png|border|class=tlt-border]]
}}
}}
<table class="nd-mantable">
<tr>
<th>Field</th>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>Country code</td>
<td>country code; default: <b>US - United States</b></td>
<td>SO/IEC 3166 alpha2 country codes as defined in ISO 3166-1 standard.</td>
</tr>
</table>
The <b>General Setup</b> section is used to turn a wireless device on or off, select the operating frequency (WiFi mode and channel), transmit power and define a country code.
====General Setup====
The <b>General Setup</b> section is used to turn a wireless device on or off, select the operating frequency (WiFi mode, channel and channel width) and transmit power.
A wireless 2.4 GHz WiFi channel requires a signaling band roughly 22 MHz wide, radio frequencies of neighboring channels numbers significantly overlap each other. Choose a WiFi channel according to the busyness of other channels. You can download a free WiFi analyzer app on your phone, laptop or other WiFi device and check which channel is the least populated.
A wireless 2.4 GHz WiFi channel requires a signaling band roughly 22 MHz wide, radio frequencies of neighboring channels numbers significantly overlap each other. Choose a WiFi channel according to the busyness of other channels. You can download a free WiFi analyzer app on your phone, laptop or other WiFi device and check which channel is the least populated.
<tr>
<tr>
<td>Mode</td>
<td>Mode</td>
<td>N | Legacy; default: <b>N</b></td>
<td>{{#ifeq:{{{wifi6}}}| 1 | AX {{!}} N {{!}} Legacy; default: <b>AX</b> | N {{!}} Legacy; default: <b>N</b>}}</td>
<td>Wireless N (802.11n) supports a maximum theoretical transfer rate of 300mbps with 2 antennas. It can reach up to 450 Mbps with 3 antennas. Though typical speeds are more accurately around 130 Mbps. The legacy standards include 802.11a, 802.11b, and 802.11g.</td>
<td>Wireless {{#ifeq:{{{wifi6}}}| 1 | AX (802.11ax) supports a maximum theoretical transfer rate of 576mbps with 2 antennas.| N (802.11n) supports a maximum theoretical transfer rate of 300mbps with 2 antennas. It can reach up to 450 Mbps with 3 antennas. Though typical speeds are more accurately around 130 Mbps. The legacy standards include 802.11a, 802.11b, and 802.11g.}}</td>
</tr>
</tr>
<tr>
<tr>
<tr>
<tr>
<td>Mode</td>
<td>Mode</td>
<td>N <nowiki>|</nowiki> AC; default: <b>AC</b></td>
<td>{{#ifeq:{{{wifi6}}}| 1 | AX {{!}} N {{!}} AC; default: <b>AX</b> | N {{!}} AC; default: <b>AX</b>}}</td>
<td>Choose between 802.11n and 802.11ac standards.</td>
<td>Choose between {{#ifeq:{{{wifi6}}}| 1 | 802.11ax,|}} 802.11n and 802.11ac standards.</td>
</tr>
</tr>
<tr>
<tr>
<tr>
<tr>
<td>Width</td>
<td>Width</td>
<td>20 MHz <nowiki>|</nowiki> 40 MHz <nowiki>|</nowiki> 80 MHz; default: <b>80MHz</b></td>
<td>20 MHz {{!}} 40 MHz {{!}} 80 MHz {{#ifeq:{{{wifi6}}}| 1 | 160 |}}; default: <b>80MHz</b></td>
<td>A 40 MHz channel width bonds two 20 MHz channels together, forming a 40 MHz channel width, 8 MHZ channel bonds four 20 MHz channels; therefore, it allows for greater speed and faster transfer rates. But not if those channels are crowded with noise and interference. In crowded areas with a lot of frequency noise and interference, a single 20MHz channel will be more stable. 80 MHz width channel is faster than 40MHz which is faster than 20 MHz but it doesn’t perform as well in crowded areas.</td>
<td>A 40 MHz channel width bonds two 20 MHz channels together, forming a 40 MHz channel width, 8 MHZ channel bonds four 20 MHz channels; therefore, it allows for greater speed and faster transfer rates. But not if those channels are crowded with noise and interference. In crowded areas with a lot of frequency noise and interference, a single 20MHz channel will be more stable. 80 MHz width channel is faster than 40MHz which is faster than 20 MHz but it doesn’t perform as well in crowded areas.</td>
</tr>
</tr>
<td>[{{#switch:{{{series}}}|TAP100|TAP200=13%|#default=5%}}...100%]; default: <b>100 %</b></td>
<td>[{{#switch:{{{series}}}|TAP100|TAP200=13%|#default=5%}}...100%]; default: <b>100 %</b></td>
<td>The transmit power of an access point radio is proportional to its effective range – the higher the transmit power, the more distance that a signal can travel, and/or the more physical materials that it can effectively penetrate and still have data successfully resolved at the receiver.</td>
<td>The transmit power of an access point radio is proportional to its effective range – the higher the transmit power, the more distance that a signal can travel, and/or the more physical materials that it can effectively penetrate and still have data successfully resolved at the receiver.</td>
</tr>
</tr>
</table>
</table>
====Advanced Settings====
The <b>Advanced Settings</b> section is used to configure how the wireless Access Point will work from a hardware perspective.
The <b>Advanced Settings</b> section is used to configure how the wireless Access Point will work from a hardware perspective.
</table>
</table>
====Interface Configuration====
====SSIDs Configuration====
----
----
The <b>Interface Configuration</b> section is used to configure the parameters of Wireless Access Points{{#switch:{{{series}}}|TAP100|TAP200=|#default= or Clients}}. You can find this section by clicking the 'Edit' button next to a wireless device (<u>not an interface</u>) in the Network → SSIDs page:
The <b>Interface Configuration</b> section is used to configure the parameters of Wireless Access Points {{#switch:{{{series}}}|TAP100|TAP200=|#default= or Clients}}. You can find this section by clicking the 'Edit' button next to a wireless interface (<u>not a device</u>) in the Network → SSIDs page:
{{#switch: {{{name}}}
{{#switch: {{{name}}}
|#default = [[File:Networking_rutos_manual_wireless_wifi_{{{wifi}}}_v4.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_wireless_wifi_{{{wifi}}}_v4.png|border|class=tlt-border]]
<td>No encryption {{!}} WPA-PSK {{!}} WPA2-PSK {{!}} WPA-PSK/WPA2-PSK Mixed Mode {{!}} WPA3-SAE {{!}} WPA2-PSK/WPA3-SAE Mixed Mode
<td>No encryption {{!}} WPA-PSK {{!}} WPA2-PSK {{!}} WPA-PSK/WPA2-PSK Mixed Mode {{!}} WPA3-SAE {{!}} WPA2-PSK/WPA3-SAE Mixed Mode
{{!}} OWE {{#switch:{{{name}}}|RUT241|RUT200|RUT951|RUT956|RUT906 =
|#default = {{!}} WPA2-EAP/WPA3-EAP Mixed Mode {{!}} WPA3-EAP}}; default: {{#switch:{{{name}}}
|#default = {{!}} WPA3-EAP Mixed Mode {{!}} WPA3-EAP}}; default: {{#switch:{{{name}}}
|RUT241|RUT200|RUT951|RUT956|RUT906|RUT901 = <b>WPA2-PSK/WPA3-SAE Mixed Mode</b>
|RUT241|RUT200|RUT951|RUT956|RUT906|RUT901 = <b>WPA2-PSK/WPA3-SAE Mixed Mode</b>
|#default = <b>WPA2-PSK</b>
|#default = <b>WPA2-PSK</b>
</tr>
</tr>
<tr>
<tr>
<th>WPA-PSK, WPA2-PSK, WPA-PSK/WPA2-PSK Mixed Mode, WPA-EAP, WPA2-EAP, WPA3-EAP</th>
<th>WPA-PSK, WPA2-PSK, WPA-PSK/WPA2-PSK Mixed Mode, WPA3-EAP</th>
<th></th>
<th></th>
<th></th>
<th></th>
<tr>
<tr>
<td>NAS id</td>
<td>NAS id</td>
<td>string; default: <b>none</b> </td>
<td>string; default: <b>none</b></td>
<td>Network access server identifier.</td>
<td>Network access server identifier.</td>
</tr>
</tr>
<tr>
<tr>
<th><span style="background-color:red;">Client mode: WPA-EAP, WPA2-EAP, WPA2-EAP/WPA3-EAP Mixed Mode, WPA3-EAP</span></th>
<th><span style="color:red;">Client mode: WPA-EAP, WPA2-EAP, WPA2-EAP/WPA3-EAP Mixed Mode, WPA3-EAP</span></th>
<th></th>
<th></th>
<th></th>
<th></th>
</tr>
</tr>
<tr>
<tr>
<td><span style="background-color:red;">EAP-Method</span></td>
<td><span style="color:red;">EAP-Method</span></td>
<td><span style="background-color:brown;">TLS</span> {{!}} TTLS {{!}} PEAP {{!}} FAST; default: <b>TLS</b> </td>
<td><span style="color:brown;">TLS</span> {{!}} <span style="color:blue;">TTLS</span> {{!}} <span style="color:blue;">PEAP</span> {{!}} <span style="color:blue;">FAST</span>; default: <b><span style="color:brown;">TLS</span></b> </td>
<td>Network access server identifier.</td>
<td>Network access server identifier.</td>
</tr>
</tr>
<tr>
<tr>
<td><span style="background-color:brown;">Use PKCS#12 format</span></td>
<td><span style="color:brown;">Use PKCS#12 format</span></td>
<td>off {{!}} <span style="background-color:brown;">on</span>; default: <b>off</b> </td>
<td>off {{!}} <span style="color:green;">on</span>; default: <b>off</b> </td>
<td>Use PKCS#12 file format for client certificate.</td>
<td>Use PKCS#12 file format for client certificate.</td>
</tr>
</tr>
<tr>
<tr>
<td><span style="background-color:brown;">PKCS#12 client certificate file</span></td>
<td><span style="color:green;">PKCS#12 client certificate file</span></td>
<td>off {{!}} <span style="background-color:brown;">on</span>; default: <b>off</b> </td>
<td>- (interactive button)</td>
<td>Use PKCS#12 file format for client certificate.</td>
<td>Use PKCS#12 file format for client certificate.</td>
</tr>
<tr>
<td><span style="color:green;">PKCS#12 passphrase</span></td>
<td>string; default: <b>none</b></td>
<td>Passphrase used to decrypt PKCS #12 certificates..</td>
</tr>
<tr>
<td>Certificate files from device</td>
<td>off {{!}} on; default: <b>off</b></td>
<td>Choose this option if you want to select certificate files from device.</td>
</tr>
<tr>
<td>CA-Certificate</td>
<td>.crt file; default: <b>none</b></td>
<td>This file can have one or more trusted CA certificates. If CA-Certificate is not included, server certificate will not be verified. This is insecure and a trusted CA-Certificate should always be configured when using EAP-TLS/TTLS/PEAP/FAST.</td>
</tr>
<tr>
<td><span style="color:brown;">Client-Certificate</span></td>
<td>.crt file; default: <b>none</b></td>
<td>Client certificate is a type of digital certificate that is used by client systems to make authenticated requests to a remote server. Client certificates play a key role in many mutual authentication designs, providing strong assurances of a requester's identity..</td>
</tr>
<tr>
<td><span style="color:brown;">Private Key</span></td>
<td>.key file; default: <b>none</b></td>
<td>TLS client key file.</td>
</tr>
<tr>
<td><span style="color:brown;">Password of Private Key</span></td>
<td>string; default: <b>none</b></td>
<td>Password of Private Key.</td>
</tr>
<tr>
<td><span style="color:blue;">Authentication</span></td>
<td>EAP-GTC {{!}} EAP-MD5 {{!}} EAP-MSCHAPv2 {{!}} <span style="color:olive;">EAP-TLS</span> {{!}} PAP {{!}} CHAP {{!}} MSCHAP {{!}} MSCHAPv2; default: <b>EAP-GTC</b> </td>
<td>Used as the username for authentication.</td>
</tr>
<tr>
<td><span style="color:olive;">Inner certificate files from device</span></td>
<td>off {{!}} on; default: <b>off</b></td>
<td>Choose this option if you want to select certificate files from device.</td>
</tr>
<tr>
<td><span style="color:olive;">Inner CA-Certificate</span></td>
<td>.crt file; default: <b>none</b></td>
<td>Inner CA-Certificate.</td>
</tr>
<tr>
<td><span style="color:olive;">Inner Client-Certificate</span></td>
<td>.crt file; default: <b>none</b></td>
<td>Inner Client-Certificate.</td>
</tr>
<tr>
<td><span style="color:olive;">Inner Private Key</span></td>
<td>.key file; default: <b>none</b></td>
<td>Inner Private Key.</td>
</tr>
<tr>
<td><span style="color:olive;">Password of inner Private Key</span></td>
<td>string; default: <b>none</b></td>
<td>Password of inner Private Key.</td>
</tr>
<tr>
<td>Identity</td>
<td>string; default: <b>none</b> </td>
<td>Used as the username for authentication.</td>
</tr>
<tr>
<td>Anonymous Identity</td>
<td>string; default: <b>none</b> </td>
<td>Shown as username outside the encrypted tunnel. Not used for authentication.</td>
</tr>
<tr>
<td><span style="color:blue;">Password</span></td>
<td>string; default: <b>none</b> </td>
<td>Used for authentication.</td>
</tr>
</tr>
</table>}}
</table>}}