Set the Encryption Algorithm

The encryption algorithm indicates the level of encryption for your selected wireless security mode.

Encryption Algorithm in Fireware v12.10 or Higher

In Fireware v12.10 or higher, the encryption algorithm is automatically set based on the wireless security mode configured for the SSID. Previous configurations are converted to these defaults when you upgrade to Fireware v12.10 or higher:

  • Open — No Encryption
  • OWE — SAE
  • WPA — TKIP
  • WPA/WPA2 — TKIP/AES
  • WPA2 — AES CCMP
  • WPA2/WPA3 — AES CCMP/SAE
  • WPA3 — SAE

Encryption Algorithm in Fireware v12.9 or Lower

Fireware v12.9 or lower, from the Encryption algorithm drop-down list in the wireless access point configuration, you can select the level of encryption for your wireless connections. The available selections change when you use different authentication mechanisms. The Firebox automatically creates a random encryption key for you when a key is required. You can use this key or change it to a different key. Each wireless client must use this key when they connect to the Firebox.

We recommend that you use WPA2 (with AES) or higher encryption for the strongest security.

Encryption for Wi-Fi Protected Access Authentication

The encryption algorithm options for Wi-Fi Protected Access WPA/WPA2 authentication methods are:

  • AES — Uses only AES (Advanced Encryption Standard) for encryption. This is the default for 802.11ax/ac/n.
  • TKIP — Uses only TKIP (Temporal Key Integrity Protocol) for encryption.
    This option is not available if you configure the Radio Settings to use a wireless mode that supports 802.11ax/ac/n.
  • TKIP or AES — Uses either TKIP or AES for encryption.

Encryption for Open System and Shared Key Authentication

As of Fireware v12.1.1 and higher, you can no longer save a configuration with WEP encryption enabled. WEP is an insecure and deprecated protocol, and we recommend you use WPA2.

Encryption options for Open System and Shared Key authentication are WEP 64-bit hexadecimal, WEP 40-bit ASCII, WEP 128-bit hexadecimal, and WEP 128-bit ASCII.

If you select Open System authentication, you can also select Disabled.

  1. If you use WEP encryption, in the Key text boxes, type hexadecimal or ASCII characters. Not all wireless adapter drivers support ASCII characters. You can have a maximum of four keys, numbered 1 - 4.
    • A WEP 64-bit hexadecimal key must have 10 hexadecimal (0-f) characters.
    • A WEP 40-bit ASCII key must have 5 characters.
    • A WEP 128-bit hexadecimal key must have 26 hexadecimal (0-f) characters.
    • A WEP 128-bit ASCII key must have 13 characters.
  2. If you typed more than one key, in the Key Index text box, type the key number to use as the default key.

The Firebox wireless device can use only one wireless encryption key at a time. If you select a key other than the first key in the list, you also must set your wireless client to use the same key.

Related Topics

Set the Wireless Security Method