29
Max. Number of Clients
This parameter specifies the maximum number of clients that can connect to the wireless
network corresponding to an SSID. If the number is reached, the wireless network rejects
new connection requests from clients. This limit helps balance load among APs.
Security Mode
A wireless network uses radio, which is open to the public, as its data transmission medium. If
the wireless network is not protected by necessary measures, any client can connect to the
network to use the resources of the network or access unprotected data over the network. To
ensure communication security, transmission links of wireless networks must be encrypted for
protection.
The AP supports various security modes for network encryption, including None, WEP,
WPA-PSK, WPA2-PSK, Mixed WPA/WPA2-PSK, WPA, and WPA2.
− None
It indicates that any wireless client can connect to the wireless network. This option is
not recommended because it affects network security.
− WEP
It uses a static key to encrypt all exchanged data, and ensures that a wireless LAN has
the same level of security as a wired LAN. Data encrypted based on WEP can be easily
cracked. In addition, WEP supports a maximum wireless network throughput of only
54 Mbps. Therefore, this security mode is not recommended.
− WPA-PSK, WPA2-PSK, and Mixed WPA/WPA2-PSK
They belong to pre-shared key or personal key modes, where Mixed WPA/WPA2-PSK
supports both WPA-PSK and WPA2-PSK.
WPA-PSK, WPA2-PSK, and Mixed WPA/WPA2-PSK adopt a pre-shared key for
authentication, while the AP generates another key for data encryption. This prevents
the vulnerability caused by static WEP keys, and makes the three security modes
suitable for ensuring security of home wireless networks. Nevertheless, because the
initial pre-shared key for authentication is manually set and all clients use the same
key to connect to the same AP, the key may be disclosed unexpectedly. This makes
the security modes not suitable for scenarios where high security is required.
− WPA and WPA2
To address the key management weakness of WPA-PSK and WPA2-PSK, the WiFi
Alliance puts forward WPA and WPA2, which use 802.1x to authenticate clients and
generate data encryption–oriented root keys. WPA and WPA2 use the root keys to
replace the pre-shared keys that set manually, but adopt the same encryption process
as WPA-PSK and WPA2-PSK.
WPA and WPA2 uses 802.1x to authenticate clients and the login information of a
client is managed by the client. This effectively reduces the probability of information
leakage. In addition, each time a client connects to an AP that adopts the WPA or
WPA2 security mode, the RADIUS server generates a data encryption key and assigns
it to the client. This makes it difficult for attackers to obtain the key. These features of