Setting up WPA on your wireless network

In another article (see Wireless network security basics), I explained, in general terms, the proper way to configure security for your wireless network. This article, a follow-up to that one, will explain in detail what you need to do to set up Wi-Fi Protected Access, or WPA, on your wireless network.

First, a short explanation of the WPA standard is in order. The WPA standard is divided into two types: WPA-Enterprise, and WPA-Home. As its name implies, the former is geared towards larger companies while the latter is for the SOHO user.

Under WPA-Enterprise, a so-called Remote Authentication Dial-In User Service (RADIUS) server issues a certificate to a PC connected to the network, then authenticates the PC each time it connects to the network by looking for the presence of the certificate on the PC. If the server does not find the certificate, it denies access to the client.

Under WPA-Home, also known as WPA-PSK (Wi-Fi Protected Access with Pre-Shared Key), users share a passphrase that is entered into the router and the client PC’s configuration utility. The passphrase must be between 8-63 characters long, although it is recommended that it should be more than 20 characters long and not contain any dictionary words (see article mentioned in the first paragraph for the explanation). WPA-Home is ideal for home users as it does away with the complexity of WPA-Enterprise.

We will be concerned with setting up WPA-Home in this article (make sure to read your router’s documentation for help in setting up WPA, as I’ll just mention the commonalities between various routers here). See steps below for configuring WPA-Home on your router:

1. On the router’s configuration pages, typically viewable through a web browser, look for the Network Name, or the SSID (for Set Service Identifier). Enter here the network name that you’ll also have to set up on the client PCs.
2. On the Security or Encryption page, select WPA-PSK as the protocol and enter the passphrase that you will also need to set up on the client PCs.
3. Select TKIP, or temporal key integrity protocol, as the data encryption method.

Some routers suggest that RADIUS be enabled when you select WPA-PSK. You may choose to either enable oRADIUS or not, if that happens.

For configuring the client PCs, we’ll use Windows XP’s Windows Zero Configuration Utility. If you’re using a Windows version lower than XP, try looking for the network card’s configuration utility. To configure the client PCs, follow the steps below:

1. On the Wireless Network Connection Properties screen, add the preferred network using the name you entered in step 1 for configuring WPA-Home on the router.
2. Click the Properties button. This will bring up the Network Security Properties screen.
3. On the Network Security Properties screen, select WPA-PSK on the Network Authentication box.
4. On the Data Encryption box, select TKIP.
5. Enter the Network Key, or the passphrase, you set up in step 2 for configuring WPA-Home on the router.
6. Click OK.

After setup, if you encounter a problem connecting to the network, check to see that the following are in order:

1. Windows Firewall should be disabled for your network card. To check, open Windows Firewall. On the Advanced tab, uncheck the Wireless Connection box.
2. Configuration should have been set up using only one configuration utility, as this may end up in conflicts.
3. WPA-PSK should be the selected network authentication protocol.

With WPA-PSK, configuring your wireless network’s security is now easier. So, make sure to enable it to ensure the security of your wireless LAN.

Posted in Categories: Hardware ~ Tag: WPA ~ Trackback

Related Posts: No related posts