6.4 Wi-Fi
In this part you will see how to set up a home gateway as a wireless access point.
Now watch the video below, which is about 1 minute long.
Box _unit4.2.4 Wi-Fi
Transcript
Let’s think about adding wireless devices to the network by setting up the gateway as a wireless access point.
I’m using my desktop again to reach the admin pages of the gateway. I’ll click on the ‘Wireless’ tab.
Access points broadcast their identity so Wi-Fi users can see them and choose to connect. I need to give an SSID that doesn’t clash with the neighbours. Click ‘Save’.
And I need some security to restrict access to the network. WPA2 Personal is secure and widely supported. I need a passphrase: you should pick something much more secure but this is only a simulation. Click ‘Save’.
OK, the gateway is now set up as a Wi-Fi access point.
I’ll connect my tablet. On a real device you would pick JONS-WIFI from a list, but here I have to type it in myself. And I need to set the correct security and give the correct passphrase.
And there we are – it has connected OK.
I can check with a ping from my desktop – I need to check the tablet’s IP address first, and then ping from my desktop. And there I have a reply from the tablet.
So the gateway is set up and working as a wireless access point.
When configuring the gateway as a Wi-Fi access point, an SSID (service set identifier) is given which will be broadcast so that users can pick the right network if several are in range. Security should also be set up to prevent unauthorised use: an appropriate setting is WPA2 Personal which requires the user to know a passphrase. The passphrase (also called a pre-shared key) should be picked so it is impossible to guess!
Activity _unit4.2.4 Activity 4 Think about
5 minutes
Some years ago, home gateways were often delivered with the same default SSID and passphrase/key, accompanied by instructions on how to change these. Nowadays, there is usually a label displaying a complicated passphrase/key attached to the gateway. Which is better?
Discussion
Using the same SSID caused problems if neighbours received the same gateway. Sending a gateway pre-configured with well-known default passwords is insecure. There is a high risk that many people (not network engineers!) would not change the default values, because they didn’t know how to, didn’t see the need, or just never got around to it. Configuring each device with a unique, strong password at the factory is clearly preferable.
Are there any downsides? The passphrase/key is clearly printed on a label on the gateway and known by everyone who has used the network; it isn’t secret in the way we normally understand a password to be (hence it is strictly known as a ‘pre-shared key’). But to read the label, someone must be in your house: if you trust someone enough to let them through the door, then you probably trust them enough to use your Wi-Fi. The passphrase/key is complicated but no one needs to remember it: you enter it once on a new device which then stores it. All users of the network can share the same passphrase/key: they don’t all need different passwords.