Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Configure Wireless Security on an RV Series Router

Objective

Wireless networking operates by sending information over radio waves, which can be more vulnerable to intruders than a traditional wired network. You can take the steps to keep your network secure by configuring the wireless security settings on the router. Examples of configuration includes adding a passphrase to prevent unauthorized access, setting encryption types to prevent brute force authorization, and allowing the router to renew its keys at specific intervals to prevent decryption bots attempting to break the encryption key.

Out of the box, the RV130W, RV132W, and RV134W provide you with four Service Set Identifiers (SSIDs) with the same passwords. To increase network security, the wireless Security Settings page of the web-based utility of the router allows you to choose an encryption method and configure the appropriate security mode for your network. More advanced encryption methods, such as Wi-Fi Protected Access (WPA)/(WPA2), are often preferred over Wired Equivalent Privacy (WEP) encryption, as it has very weak authentication that is meant for wireless devices that do not support WPA or WPA2 encryption.

This article aims to show you how to configure wireless security on your RV Series router.

Applicable Devices

  • RV130W
  • RV132W
  • RV134W

Software Version

  • 1.0.0.17 — RV132W
  • 1.0.0.21 — RV134W
  • 1.0.1.3 — RV130W

Configure Wireless Security Settings on your Router

Configure Security Settings

Editing the SSID lets you personalize the name of your network and change it to something that is more relevant to your preference. Follow these steps to customize the SSID of your router:

Step 1. Log in to the web-based utility of the router and choose Wireless > Basic Settings.

Step 2. Check the check box for the SSID that you need to edit. In this example, SSIDName1 is chosen.

Note: If you are using the RV134W, you can also edit the wireless security settings of the 5 GHz network.

Step 3. Click Edit Security Mode.

Step 4. Choose the SSID from the Select SSID drop-down list.

Note: In this example, SSIDName1 is chosen.

Step 5. Choose a security mode from the Security Mode drop-down list. The options are:

  • Disabled — This option deactivates the wireless security settings of the selected network. Disabling security mode on your wireless router opens your wireless network and allows anybody who has a wireless device to connect to your network, and its resources. While this is not recommended, it can be useful to networks in remote locations.
  • WEP — WEP security is the predecessor of WPA security. This encryption provides network security comparable to a wired network. Due to its age, WEP security is no longer recommended as it is already outdated.
  • WPA-Personal — WPA-Personal is a security protocol designed to improve the security features of WEP. WPA-Personal enables you to use the Temporal Key Integrity Protocol (TKIP) algorithm, allowing you to use an alphanumeric password up to 64 characters long.
  • WPA-Enterprise — This option lets you combine the security features offered by WPA, while also using a Remote Authentication Dial-in User Service (RADIUS) server. WPA-Enterprise allows you to use the TKIP algorithm, or AES algorithm to let you use an alphanumeric password of up to 64 characters long, to an Enterprise infrastructure.
  • WPA2-Personal —WPA2-Personal lets you use the Advanced Encryption Standard (AES) Algorithm.
  • WPA2-Personal Mixed — WPA2-Personal Mixed is the recommended security mode because it offers the latest wireless security. In WPA2, the use of the AES algorithm is mandatory. Use WPA2 if all devices support AES. Otherwise, use WPA2-Personal Mixed.
  • WPA2-Enterprise — This option offers the same security level with WPA2 and WPA2-Personal but is typically used in bigger offices as it requires the use of a RADIUS Server.
  • WPA2-Enterprise Mixed — This option offers the same security level with WPA2 and WPA2-Personal. It is also typically used in bigger offices as it requires the use of a RADIUS Server. WPA2-Enterprise Mixed may be utilized if there are devices in the network that do not support WPA2 security.

Disable Wireless Security

WEP security is the predecessor of WPA security. This encryption provides network security comparable to a wired network. Due to its age, WEP security is no longer recommended as it is already outdated.

Step 1. Choose Disabled from the Security Mode drop-down list to disable the wireless security settings of your network.

Step 2. Click Save to retain your settings.

You should now have successfully disabled wireless security settings on your network.

Configure WEP Security

WEP security is the predecessor of WPA security. This encryption provides network security comparable to a wired network. Due to its age, WEP security is no longer recommended as it is already outdated.

Step 1. Choose WEP from the Security Mode drop-down list.

Step 2. Choose the authentication from the Authentication Type drop-down menu. The options are:

  • Open System — During Open System authentication, the wireless client does not need to provide its credentials to the parent during the authentication phase. Any client can therefore provide authentication with the Access Point and then attempt to gain access to the WEP network.
  • Shared Key — This option lets you obtain a shared key before connecting to the WEP network.

Note: In this example, Open System is chosen. This is the default setting.

Step 3. Choose the encryption from the Encryption drop-down list. The options are:

  • 10/64-bit (10 hex digits) — This option lets you generate or use a personal password that is 10 characters long. The password can contain numbers 0 to 9, or letters A to F, or a combination of both.
  • 26/128-bit (26 hex digits) — This option lets you generate or use a personal password that is 64 characters long. The password can contain numbers 0 to 9, or letters A to F, or a combination of both.

Note: In this example, 26/128-bit(26 hex digits) is chosen.

Step 4. Enter a desired passphrase in the Passphrase field. This will be used to generate the transmit (TX) key.

Note: In this example, the Passphrase is CiscoPassphrase.

Step 5. Click Generate to generate Keys 1 to 4.

Step 6. Choose the key that you want to use from the TX Key drop-down menu. The TX key is the key that will be used to encrypt your data. Although four keys can be created, only one key is used for encrypting data.

Note: Take note of the key that corresponds to the TX Key as that will be the password you will need to use to connect to the wireless network.

Step 7. (Optional) Check the Unmask Password check box to view the keys in plain text.

Step 8. Click Save to save your settings.

Note: If you have WPS enabled, a message similar to this will appear. Click Yes.

Step 9. A message will pop up stating that WEP authentication is very weak, and should only be used if required for compatibility with devices that do not support WPA or WPA2. Click Yes.

You should now have successfully configured WEP security on your wireless network.

Configure WPA-Personal Security Mode

WPA-Personal is a security protocol designed to improve the security features of WEP. WPA-Personal enables you to use the Temporal Key Integrity Protocol (TKIP) algorithm, allowing you to use an alphanumeric password up to 64 characters long.

Note: This option is available only on the RV130W.

Step 1. Choose WPA-Personal from the Security Mode drop-down list.

Step 2. Choose the Encryption method from the Encryption drop-down menu. The options are:

  • TKIP/AES — This options uses AES and falls back to Temporal Key Integrity Protocol (TKIP) encryption when AES is not supported by the client device. Choose TKIP/AES if you need better compatibility with client devices.
  • AES — This option uses only the AES algorithm to secure the network. Choose this option if you need greater security.

Note: In this example, AES is chosen.

Step 3. Enter a password for the wireless network on the Security Key field.

Step 4. (Optional) Check the Unmask Password check box to display the security key in plain text.

Step 5. (Optional) Enter the number of seconds until the security key is replaced with a newly generated key in the Key Renewal field. The default value is 3600 seconds.

Step 6. Click Save to retain the settings.

You should now have configured WPA-Personal wireless security.

Configure WPA-Enterprise Security

This option lets you combine the security features offered by WPA, while also using a Remote Authentication Dial-in User Service (RADIUS) server. WPA-Enterprise allows you to use the TKIP algorithm, or AES algorithm to let you use an alphanumeric password of up to 64 characters long, to an Enterprise infrastructure.

Note: This option is available only on the RV130W.

Step 1. Choose WPA-Enterprise from the Security Mode drop-down menu.

Step 2. Choose the Encryption method from the drop-down menu. The options are:

  • TKIP/AES — This options uses AES and falls back to TKIP encryption when AES is not supported by the client device. Choose TKIP/AES if you need better compatibility with client devices.
  • AES — This option uses only the AES algorithm to secure the network. Choose this option if you need greater security.

Note: In this example, AES is chosen.

Step 3. Enter the Internet Protocol (IP) address of the Remote Authentication Dial-In Service (RADIUS) server in the RADIUS Server fields.

Note: In this example, the IP address is 10.10.100.10.

Step 4. Enter the port used to access the RADIUS server in the RADIUSPort field. The default port is 1812.

Step 5. Enter a shared key for authentication to gain access to the remote network in the Shared Key field.

Note: In this example, the shared key is Cisco1234@.

Step 6. Enter the number of seconds until your security key is replaced with a newly generated key in the Key Renewal field. The default value is 3600 seconds.

Step 7. Click Save to retain your settings.

You should now have successfully configured WPA-Enterprise wireless security on your network.

Configure WPA2-Personal

WPA2-Personal lets you use the Advanced Encryption Standard (AES) Algorithm.

Step 1. Choose WPA2-Personal from the Security Mode drop-down list. In Personal mode, authentication is based on a pre-shared key (PSK) that is an alphanumeric passphrase.

Step 2. Enter a password for your SSID in the Security Key field.

Step 3. (Optional) Check the Unmask Password check box if you need to view the security key in plain text.

Step 4. Enter the number of seconds until your security key is replaced with a newly generated key in the Key Renewal field. The default value is 3600 seconds.

Step 5. Click Save to retain your settings.

You should now have successfully configured WPA2-Personal security on your wireless network.

Configure WPA2-Personal Mixed Security Mode

WPA2-Personal Mixed is the recommended security mode because it offers the latest wireless security. In WPA2, the use of the AES algorithm is mandatory. Use WPA2 if all devices support AES. Otherwise, use WPA2-Personal Mixed.

Step 1. Choose WPA2-Personal Mixed from the Security Mode drop-down list. In Personal mode, authentication is based on a PSK that is an alphanumeric passphrase.

Step 2. Enter a password for your SSID in the Security Key field.

Step 3. (Optional) Check the Unmask Password check box if you need to view the security key in plain text.

Step 4. Enter the number of seconds until your security key is replaced with a newly generated key in the Key Renewal field. The default value is 3600 seconds.

Step 5. Click Save to retain your settings.

You should now have successfully configured WPA2-Personal Mixed security on your wireless network.

WPA2-Enterprise Security Mode

This option offers the same security level with WPA2 and WPA2-Personal but is typically used in bigger offices as it requires the use of a RADIUS Server.

Step 1. Choose WPA2-Enterprise from the Security Mode drop-down list.

Step 2. Enter the IP address of the RADIUS server in the RADIUS Server fields.

Step 3. Enter the port used to access the RADIUS server in the RADIUS Port field. The default port is 1812.

Step 4. Enter the shared key in the Shared Key field.

Step 5. Enter the number of seconds until your security key is replaced with a newly generated key in the Key Renewal field. The default value is 3600 seconds.

Step 6. Click Save to retain your settings.

You should now have successfully configured WPA2-Enterprise security on your wireless network.

Configure WPA2-Enterprise Mixed

This option offers the same security level with WPA2 and WPA2-Personal. It is also typically used in bigger offices as it requires the use of a RADIUS Server. WPA2-Enterprise Mixed may be utilized if there are devices in the network that do not support WPA2 security.

Step 1. Choose WPA2-Enterprise from the Security Mode drop-down list.

Step 2. Enter the IP address of the RADIUS server in the RADIUS Server fields.

Step 3. Enter the port used to access the RADIUS server in the RADIUS Port field. The default port is 1812.

Step 4. Enter the shared key in the Shared Key field.

Step 5. Enter the number of seconds until your security key is replaced with a newly generated key in the Key Renewal field. The default value is 3600 seconds.

Step 6. Click Save to retain your settings.

You should now have configure WPA2-Enterprise Mixed security on your wireless network.

Connect to your Wireless Network SSID

Note: The following steps assume that your SSID is being broadcast.

Step 1. On the Windows Operating System, click the network icon at the system tray to display the list of networks that are in the range of your computer.

Step 2. Click the name of your network and then click Connect.

Step 3. Enter the Security key or passphrase for your network and click OK.

Step 4. Verify that the status of the connection is Connected.

You should now have successfully connected to the network.

Version history
Revision #:
1 of 1
Last update:
‎04-26-2017 08:03 PM