WiFi Authentication

When you setup your computers on your network, and your network is used by more than one person, you'll likely have files and folders on your computer that you don't want other people to access. Windows file sharing, and access permissions, is a complex subject with many issues to challenge you.

When you setup your WiFi LAN, you probably have simpler goals.

• Allow you (and your family, friends, co-workers, other folks you know) to connect to your LAN.
• Prevent folks you don't know from connecting to your LAN.

With these simple goals, you setup very simple security. Give everybody (every computer) a simple, pre-shared key. WPA-PSK is the simplest effective solution for securing your WiFi LAN.

Given the possibility that you might not want everybody to have WiFi access permanently, WPA-PSK may not be versatile enough for you. You can setup individual access, using 802.1x authentication, which generally uses a RADIUS server. To use 802.1x authentication, you have to setup 3 components.

• A RADIUS server.
• Your router or WiFi access point.
• Your WiFi clients.

If you select 802.1x authentication in the WiFi client setup, and you don't have a RADIUS server, your WiFi client will spend a lot of time needlessly trying to contact a RADIUS server. If your WiFi connection drops regularly and resumes with no action taken by you, or regularly hangs with high bandwidth peaks (say every 60 or 120 seconds), check your WiFi client, and make sure that 802.1x authentication is not enabled.

Interestingly enough, 802.1x authentication is a selectable feature on most client connections, Ethernet as well as WiFi. Selecting 802.1x authentication on an Ethernet LAN, without a RADIUS server, isn't usually a problem, as it is with WiFi.

You may also see odd behaviour like this, if you are running two or more WiFi clients.

>> Top