Edimax Router Wireless VPN Broadband User Manual

							
 
 Clone MAC           Click the “Clone MAC” button will copy the MAC address of your PC, that you are using to 
configure the AP, to the WLAN MAC. 
 MAC address  If you want to bridge more than one networks 
together with wireless LAN, you have to set this 
access point to “AP Bridge-Point to Point mode”, 
“AP Bridge-Point to Multi-Point mode” or “AP 
Bridge-WDS mode”. You have to enter the 
MAC addresses of other access points that join 
the bridging work. 
 Set Security           Click t he “Set Security” button, then a “WDS 
Security Settings” will pop up. You can set the 
security parameters used to bridge access 
points together here when your AP is in AP 
Bridge modes. You can refer to section 4.3 
“Security Settings” for how to set the 
parameters. 
  Click < Apply>  at the bottom of the screen to save the above 
configurations. You can now configur e other advance sections or start 
using the router (with the advance settings in place) 
      2.4.2 Advanced Settings You can set advanced wireless LAN parameters of this router. The 
parameters include Authentication Type, Fragment Threshold, RTS 
Threshold, Beacon Interval, Preamble Type …… You should not change 
these parameters unless you know  what effect the changes will have on 
this router. 
 
 
40 
						

							
 
  Parameters  Description  Authentication Type      There are two authentication types: Open System and Shared Key. When you select Open System, 
wireless stations can associ ate with this wireless 
router without WEP encryption. When you select 
Shared Key, you should also setup WEP key in 
the Encryption page and wireless stations should 
use WEP encryption in the authentication phase to 
associate with this wireless router. If you select 
Auto, the wireless client  can associate with this 
wireless router by using any one of these two 
authentication types. 
 Fragment Threshold  Fragment Thresh old specifies the maximum size 
of packet during the fragmentation of data to be 
transmitted. If you set this value too low, it will 
result in bad performance. 
 RTS Threshold          When the pa cket size is smaller the RTS threshold, 
the wireless router will not use the RTS/CTS 
mechanism to send this packet. 
 Beacon Interval        The interval of  time that this wireless router broadcast 
a beacon. Beacon is used to synchronize the 
wireless network. 
 
41 
						

							
 
 Data Rate  The “Data Rate” is the rate this access point uses to 
transmit data packets. The access point will use the 
highest possible selected  transmission rate to 
transmit the data packets. 
 Preamble Type  The “Long Preamble” can provide better wireless 
LAN compatibility while the “Short Preamble” can 
provide better wireless LAN performance. 
 Broadcast ESSID  If you enable “Broad cast ESSID”, every wireless 
station located within the  coverage of this access 
point can discover this access point easily. If you are 
building a public wireless network, enabling this 
feature is recommended. Disabling “Broadcast 
ESSID” can provide better security. 
 IAPP  If you enable “IAPP”, it will allow wireless station 
roaming between IAPP enabled access points within 
the same wireless LAN. 
 802.11g Protection  This is also called CTS Protection. It is recommended  to enable the protection mechanism. This mechanism 
can decrease the rate of data collision between 
802.11b and 802.11g wireless stations. When the 
protection mode is enabled,  the throughput of the AP 
will be a little lower due to many of frame traffic 
should be transmitted. 
  Click < Apply>  at the bottom of the screen to save the above 
configurations. You can now configur e other advance sections or start 
using the router. 
   2.4.3 Security  This Access Point provides complete wireless LAN security functions, 
include WEP, IEEE 802.11x, IEEE 802.11x with WEP, WPA with pre-
shared key and WPA with RADIUS. With these security functions, you can 
prevent your wireless LAN from illegal access. Please make sure your 
wireless stations use the same security function. 
 
42 
						

							
 
 2.4.3.1 WEP only  When you select 64-bit or128-bit WEP key, you have to enter WEP keys to 
encrypt data. You can generate the key by yourself and enter it. You can 
enter four WEP keys and select one of them as default key. Then the 
router can receive any packets encrypted by one of the four keys 
 
  Parameters       Default   Description  Key Length        64-bit  You can select the WEP key length for  encryption, 64-bit or 128-bit. Larger WEP key 
length will provide higher level of security, but the 
throughput will be lower.  
 Key Format                   You may to select ASCII Characters 
(alphanumeric format) or Hexadecimal Digits (in 
the A-F, a-f and 0-9 range) to be the WEP 
Key. 
For example: ASCII Characters: guest Hexadecimal Digits: 12345abcde  Default Key  Select one of the four keys to encrypt your data. Only the key you select it in the D efault key will take effect. 
 
 
43 
						

							
 
Key 1 - Key 4      The WEP keys are used to encrypt data transmitted in the wireless network. Fill the text box by following the 
rules : 64-bit WEP: input 10-digit Hex values (in the A-F, 
a-f and 0-9 range) or 5-digit ASCII character as the 
encryption keys. 
128-bit WEP: input 26-digit Hex values (in the A-F, a-f and 0-9 range) or 13-digit ASCII characters as the 
encryption keys. 
  Click < Apply>  at the bottom of the screen to save the above 
configurations. You can now configur e other advance sections or start 
using the router (with the advance settings in place) 
 2.4.3.2 802.1x only  IEEE 802.1x is an authentication protocol. Every user must use a valid 
account to login to this  Access Point before ac cessing the wireless LAN. 
The authentication is processed by a RADIUS server. This mode only 
authenticates user by IEEE 802.1x, but it does not encryption the data 
during communication. 
 
 Parameters  Description  RADIUS Server IP address   The IP address of external RADIUS server.  
 
44 
						

							
 
RADIUS Server Port  The service port of the external RADIUS server. 
 RADIUS Server Password  The password used by external RADIUS server. 
  Click   at the bottom of the screen to save the above 
configurations. You can now configur e other advance sections or start 
using the router (with the advance settings in place) 
 2.4.3.3 802.1x WEP Static key  IEEE 802.1x is an authentication protocol. Every user must use a valid 
account to login to this  Access Point before ac cessing the wireless LAN. 
The authentication is processed by a RA DIUS server. This mode also uses 
WEP to encrypt the data during communication. 
 
  For the WEP settings, please refer to section 2.4.3.1 “WEP only”. For the 
802.1x settings, please refer to section 2.4.3.2 “802.1x only”. 
 2.4.3.4 WPA Pre-shared key  Wi-Fi Protected Access (WPA) is an  advanced security standard. You can 
use a pre-shared key to authenticate  wireless stations and encrypt data 
during communication. It uses TKIP or CCMP(AES) to change the 
 
45 
						

							
 
encryption key frequently. So the encryption key is not easy to be broken 
by hackers. This can improve security very much. 
 
  Parameters   Description  WPA(TKIP) TKIP can change the encryption key frequently 
to enhance the wireless LAN security. 
 WPA2(AES)  This use CCMP protocol to change encryption 
key frequently. AES can provide high level 
encryption to enhance the wireless LAN 
security. 
 WPA2 Mixed  This will use TKIP or AES based on the other 
communication peer automatically. 
 Pre-shared Key Format  You may select to select Passphrase  (alphanumeric format) or Hexadecimal Digits (in 
the “A-F”, “a-f” and “0-9” range) to be the Pre-
shared Key. For example:  
Passphrase: iamguest Hexadecimal Digits: 12345abcde Pre-shared Key  The Pre-shared ke y is used to authenticate and 
encrypt data transmitted in  the wireless network. Fill 
the text box by following the rules below.  Hex WEP: 
input 64-digit Hex values (in the “A-F”, “a-f” and “0-9” 
 
46 
						

							
 
range) or at least 8 character pass phrase as the pre-
shared keys. 
  Click   at the bottom of the screen to save the above 
configurations. You can now configur e other advance sections or start 
using the router (with the advance settings in place) 
 2.4.3.5 WPA Radius  Wi-Fi Protected Access (WPA) is an  advanced security standard. You can 
use an external RADIUS server to  authenticate wireless stations and 
provide the session key to encrypt data during communication. It uses 
TKIP or CCMP(AES) to change the encryption key frequently. This can 
improve security very much. 
 
  Parameters       Description  WPA(TKIP)  TKIP can change the encryption key 
frequently to enhance the wireless LAN 
security. 
 WPA2(AES)  This use CCMP protocol to change 
encryption key frequently. AES can provide 
 
47 
						

							
 
high level encryption to enhance the wireless 
LAN security. 
 WPA2 Mixed This will use TKIP or AES based on the other 
communication peer automatically. 
 RADIUS Server IP address   The IP address of external RADIUS server.  RADIUS Server Port  The service port of the external RADIUS  server. 
 RADIUS Server Password    The password used by external RADIUS server. 
  Click   at the bottom of the screen to save the above 
configurations. You can now configur e other advance sections or start 
using the router (with the advance settings in place) 
 2.4.4 Access Control This wireless router provides MAC  Address Control, which prevents the 
unauthorized MAC Addresses from acce ssing your wireless network. 
 
  Parameters  Description  
 
48 
						

							
 
Enable wireless access control       Enable wireless access control  Add MAC address into the list         Fill in the MAC Address and 
Comment of the wireless station to be 
added and then click Add. Then this 
wireless station will be added into the 
Current Access Control List below. If 
you find any issues before adding it and 
want to retype again. Just click Clear 
and both MAC Address and 
Comment fields will be cleared. 
 Remove MAC address from list      If you want to remove some MAC 
address from the Current Access 
Control List , select the MAC 
addresses you want to remove in the 
list and then click Delete Selected. If 
you want remove all MAC addresses 
from the table, just click Delete All 
button. Click Reset will clear your 
current selections.  
  Click < Apply>  at the bottom of the screen to save the above 
configurations. You can now configur e other advance sections or start 
using the router (with the advance settings in place) 
 2.5 QoS The QoS can let you classify In ternet application traffic by 
source/destination IP address and port number. You can assign priority for 
each type of application and reserve bandwidth for it. The packets of 
applications with higher priority will always go first. Lower priority 
applications will get bandwidth after higher priority applications get enough 
bandwidth. This can let you have a better experience in using critical real 
time services like Internet phone, video conference …etc. All the 
applications not specified by you are classified as rule name “Others”. The 
rule with smaller priority number has  higher priority; the rule with larger 
priority number has lower priority. You can adjust the priority of the rules by 
moving them up or down. 
 
 
49