About Me
MikroTik Certified Wireless Engineer (MTCWE)
1 Introduction to MikroTik Wireless
1-1 Overview of MikroTik Wireless Products
1-2 MikroTik Wireless Standards and Technologies
1-3 MikroTik Wireless Network Architecture
1-4 MikroTik Wireless Security Concepts
2 MikroTik Wireless Devices
2-1 MikroTik Wireless Access Points (APs)
2-2 MikroTik Wireless Bridges
2-3 MikroTik Wireless Routers
2-4 MikroTik Wireless Client Devices
3 MikroTik Wireless Configuration
3-1 Basic Wireless Configuration
3-2 Advanced Wireless Configuration
3-3 Wireless Channel and Power Settings
3-4 Wireless Network Profiles
4 MikroTik Wireless Security
4-1 Wireless Encryption Protocols
4-2 Wireless Authentication Methods
4-3 Wireless Access Control
4-4 Wireless Intrusion Detection and Prevention
5 MikroTik Wireless Performance Optimization
5-1 Wireless Signal Strength and Quality
5-2 Wireless Channel Optimization
5-3 Wireless Load Balancing
5-4 Wireless QoS (Quality of Service)
6 MikroTik Wireless Troubleshooting
6-1 Common Wireless Issues
6-2 Wireless Network Diagnostics
6-3 Wireless Performance Monitoring
6-4 Wireless Problem Resolution
7 MikroTik Wireless Deployment Scenarios
7-1 Wireless LAN (WLAN) Deployment
7-2 Wireless Mesh Network Deployment
7-3 Wireless Point-to-Point (PTP) Deployment
7-4 Wireless Point-to-Multipoint (PTMP) Deployment
8 MikroTik Wireless Management
8-1 MikroTik Wireless Device Management
8-2 MikroTik Wireless Network Management
8-3 MikroTik Wireless Monitoring Tools
8-4 MikroTik Wireless Reporting and Analytics
9 MikroTik Wireless Integration
9-1 Integrating MikroTik Wireless with Other Networks
9-2 MikroTik Wireless and VPN Integration
9-3 MikroTik Wireless and SD-WAN Integration
9-4 MikroTik Wireless and IoT Integration
10 MikroTik Wireless Certification Exam Preparation
10-1 Exam Objectives and Structure
10-2 Sample Exam Questions
10-3 Study Resources and Tips
10-4 Certification Exam Registration and Scheduling
4.2 Wireless Authentication Methods

4.2 Wireless Authentication Methods

Key Concepts

Understanding Wireless Authentication Methods involves grasping several key concepts:

Pre-Shared Key (PSK)

Pre-Shared Key (PSK) is a simple and widely used method for wireless network authentication. In this method, a common password is shared between the wireless router and all client devices. When a device attempts to connect to the network, it must provide the correct PSK to gain access.

Example: Think of PSK as a secret handshake that only members of a club know. When someone new wants to join the club, they must perform the correct handshake to be let in.

802.1X with EAP

802.1X with Extensible Authentication Protocol (EAP) is a more secure method of wireless authentication. It involves a three-party authentication process between the client, the authentication server, and the wireless access point. EAP supports various authentication methods, such as EAP-TLS, EAP-TTLS, and PEAP.

Example: Consider 802.1X with EAP as a secure door with a guard. When someone arrives, the guard (authentication server) checks their credentials (certificate or username/password) before allowing them to enter the building (network).

MAC Address Filtering

MAC Address Filtering involves using the unique Media Access Control (MAC) address of each network device to control access to the wireless network. The router maintains a list of allowed MAC addresses, and only devices with matching addresses are permitted to connect.

Example: Think of MAC Address Filtering as a VIP list at a concert. Only those on the list (allowed MAC addresses) can enter the venue (network), ensuring that only authorized devices can connect.

RADIUS Authentication

Remote Authentication Dial-In User Service (RADIUS) is a network protocol used for centralized authentication, authorization, and accounting (AAA) management. RADIUS servers store user credentials and policies, and wireless access points forward authentication requests to the RADIUS server for verification.

Example: Consider RADIUS as a central security office in a large building. When someone wants to enter a specific room (network), they must first check in at the security office (RADIUS server) to verify their credentials before being granted access.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.