Skip to content

Wi-Fi Configuration

From a configuration standpoint, the Wi-Fi interface (e.g., wlan0) may be viewed as an extension of Ethernet. In addition to the IPv4, IPv6 and DHCPv4 & NAT configuration tabs, it has the Wireless tab that allows for the configuration of wireless settings. These configuration options are described below.

Warning

Before using wifi make sure that you have correctly set the Regulatory Domain on the gateway. You can check the current configuration using the iw reg get command. To set the Regulatory Domain please refer to the specific section in the Gateway Configurations.

Wireless Configuration

The Wireless tab contains the following configuration parameters:

  • Wireless Mode: defines the mode of operation.

    • Access Point: creates a wireless access point.
    • Station Mode: connects to a wireless access point.

  • Network Name: specifies the Service Set Identifier (SSID).

    • In Access Point mode, this is the SSID that identifies this wireless network.
    • In Station mode, this is the SSID of a wireless network to connect to.

  • Band: defines the frequency band to use

    • 2.4GHz: use 2.4GHz band
    • 5GHz: use 5GHz band
    • 2.4GHz/5GHz: use either in 2.4Ghz or 5Ghz depending on the choosen channel

  • Wireless Security: sets the security protocol for the wireless network.

    • None: No Wi-Fi security
    • WEP: Wired Equivalent Privacy
    • WPA: Wi-Fi Protected Access
    • WPA2: Wi-Fi Protected Access II
    • WPA/WPA2: Wi-Fi Protected Access and Wi-Fi Protected Access II
    • WPA2/WPA3-Enterprise: Wi-Fi Protected Access II & III with 802.1x. Please see here for further details. This fearture is available only in station mode.
    • WPA3: Wi-Fi Protected Access III. This is an experimental feature. See here for further details.
    • WPA2/WPA3: Wi-Fi Protected Access II and Wi-Fi Protected Access III. This is an experimental feature. See here for further details.

  • Wireless Password: sets the password for the wireless network.

    • WEP: 64-bit or 128-bit encryption key
    • WPA/WPA2: pre-shared key

  • Pairwise Ciphers: lists accepted pairwise (unicast) ciphers for WPA/WPA2.

    • In Access Point mode, this option is disabled.
    • In Station mode,
      • CCMP (AES-based encryption mode with strong security)
      • TKIP (Temporal Key Integrity Protocol)
      • CCMP and TKIP

  • Group Ciphers: lists accepted group (broadcast/multicast) ciphers for WPA/WPA2.

    • In Access Point mode, this option is disabled.
    • In Station mode,
      • CCMP (AES-based encryption mode with strong security)
      • TKIP (Temporal Key Integrity Protocol)
      • CCMP and TKIP

  • Ignore Broadcast SSID: operates as follows if set to true:

    • In Access Point mode, sends an empty SSID in beacons and ignores probe request frames that do not specify full SSID.
    • In Station mode, does not scan for the SSID before attempting to associate.

  • Channels list: allows the selection of desired channel frequencies. The availability of the desired frequency is subject to the Regdom set on the device. For a list of limitations in different countries you can consult the following page: List of WLAN channels. Channels marked as No Irradiation and Radar Detection can be used only if DFS (Dynamic Frequency Selection) is supported by the Wi-Fi chip.

    • In Access Point mode, only one channel may be selected.
    • In Station mode, the list of available channels depends on the selected Radio Mode. The selected radio mode also affects the ability to select a network in the scan window (if the channel associated with the network is not enabled in the regulatory domain an error message will be shown).

WiFi Configuration

Wi-Fi Station Mode Configuration

In addition to the options described above, the Wireless configuration display the Access Point Scan button that help to configure Wi-Fi in the Station mode.

  • Access Point Scan: clicking this button triggers access point scan operations. Upon a successful scan, a table containing access points within range is presented. This table contains the following information:

    • SSID
    • MAC Address
    • Signal Strength (in dBm)
    • Channel
    • Frequency
    • Security

    If you select one of these access points, respective wireless controls (i.e., Network Name, Wireless Security, and Channel) are filled with information obtained during the scan operation. The Force Wireless Network Scan button triggers a manual scan for available access points.

Notes about WPA3 security

The support to WPA3 security feature is experimental and disabled by default. Before using it, update your system with the latest changes and check that the WiFi module installed on you device has the latest firmware. To check if an interface supports the new WPA3 security, run the following command:

iw phy | grep -i sae

and verify is the following output is present

Device supports SAE with AUTHENTICATE command

To enable the WPA3 WiFi Security in Eclipse Kura, edit the /opt/eclipse/kura/user/kura_custom.properties and add the following line:

kura.wpa3.wifi.security.enable=true

In this way the WPA3 and WPA2/WPA3 entries will be available in the Wireless Tab on the web UI and the wifi interface will be configurable with the new security using the REST APIs.