Menu path: Setup > Network > LAN Interfaces > Wireless > Default Wi-Fi network

Here, you can configure wireless network connections.

Disable Encryption: No encryption will be used. (Default)

Enable WEP Encryption: WEP encryption will be used.

Enable WPA Encryption: WPA encryption will be used.

You will need to give further information depending on the encryption method chosen.

Wireless Network Name (SSID): Name of the wireless network (SSID)

For WEP Encryption

Transmit key ID: Choose from a maximum of four configurable keys. (Default: 1)

Key Format:

  • ASCII
  • Hexadecimal

Key [1-4]: Enter the key here.

Characters to be entered for WEP keys:
  • For 64-bit encryption, 5 characters (ASCII) or 10 hex digits (hexadecimal)
  • For 128-bit encryption, 13 characters (ASCII) or 26 hex digits (hexadecimal)

For WPA/WPA2 Personal Encryption

Network authentication

  • WPA Personal: Wi-Fi Protected Access Pre-Shared Key (WPA / IEEE 802.11i/D3.0)
  • WPA Enterprise: Wi-Fi Protected Access with 802.1X authentication (WPA / IEEE 802.11i/D3.0)
  • WPA2 Personal: Wi-Fi Protected Access Pre-Shared Key (WPA2 / IEEE 802.11i/RSN)
  • WPA2 Enterprise: Wi-Fi Protected Access with 802.1X authentication (WPA2/IEEE 802.11i/RSN)

Network key: WPA network key/passphrase as set at the dial-in point. This is either an ASCII character string with a length of 8...63 or exactly 64 hexadecimal digits.

Data encryption:

  • Default: The default value depends on which network authentication method is selected - TKIP for WPA, AES (CCMP) for WPA2.
  • TKIP: Temporal Key Integrity Protocol (IEEE 802.11i/D7.0)
  • AES (CCMP): AES in Counter mode with CBC-MAC (RFC 3610, IEEE 802.11i/D7.0)
  • AES (CCMP) + TKIP: One of two encryption methods is selected by the access point.
  • Automatic: The access point can choose the encryption method freely – nothing is stipulated.

AP Scan mode: Scan mode for access points

  • Default
  • Broadcast: Alternative for access points which allow the SSID broadcast
  • No broadcast: Alternative for access points which refuse the SSID broadcast (hidden access points)

For WPA/WPA2 Enterprise Encryption

Network authentication:

  • WPA Enterprise: Wi-Fi Protected Access with 802.1X authentication (WPA / IEEE 802.11i/D3.0)
  • WPA2 Enterprise: Wi-Fi Protected Access with 802.1X authentication (WPA2/IEEE 802.11i/RSN)

Data encryption:

  • Default: The default value depends on which network authentication method is selected - TKIP for WPA, AES (CCMP) for WPA2.
  • TKIP: Temporal Key Integrity Protocol (IEEE 802.11i/D7.0)
  • AES (CCMP): AES in Counter mode with CBC-MAC (RFC 3610, IEEE 802.11i/D7.0)
  • AES (CCMP) + TKIP: One of two encryption methods is selected by the access point.
  • Automatic: The access point can choose the encryption method freely – nothing is stipulated.

AP Scan mode: Scan mode for access points

  • Default
  • Broadcast: Alternative for access points which allow the SSID broadcast
  • No broadcast: Alternative for access points which refuse the SSID broadcast (hidden access points)

EAP Type

  • PEAP
  • TLS: Transport Layer Security with client certificate
  • TTLS: Tunneled Transport Layer Security (from IGEL Linux 10.04.100 onwards)

Auth Method: Method for authentification that is available for the selected EAP type
Possible options for PEAP:

  • MSCHAPv2: Microsoft Challenge Handshake Authentication Protocol
  • TLS: Transport Layer Security with client certificate
  • GTC: Generic Token Card
  • MD5: MD5-Challenge


Possible options for TTLS:

  • MSCHAPv2: Microsoft Challenge Handshake Authentication Protocol
  • PAP: Password Authentication Protocol

Validate Server Certificate

☑ The thin client validates the authenticity of the authentification server against the certificate file. This certificate file is stored under the path defined by CA Root Certificate.

☐ The authenticity of the authentification server is not validated.

CA Root Certificate: Path and file name of the file that contains the certificates with which the authentification server authenticates itself.

Identity: User name that is stored at the authentification server

Password: Password relevant to the user name


Learn more from the how-to Using WPA Enterprise / WPA2 Enterprise with TLS Client Certificates.