Link here

WiFi Configuration and Security

How to set the SSID and use the security features of the WiFi Wildcard

The WiFi Wildcard™ is ideal for web-enabled instrumentation and automation applications. Based on the Lantronix WiPort WiFi server device, it implements a wireless interface that enables communications between your instrument and other computers or wireless access points via a Wireless Local Area Network (WLAN) using the standard 802.11b/g packet-based protocol. This page describes how to set the SSID and use the security features of the WiFi Wildcard.


WiFi Wildcard configuration

The WiFi Wildcard ships in a default configuration that specifies the "infrastructure" (access point) mode with reasonable values for transmit power level and rate. All WiFi security is disabled by default; this makes it simpler to verify proper WiFi operation when first installing the Wildcard in a network that attaches to a WAN (wide area network). The default case-sensitive SSID (Service Set ID) is


The SSID and the security settings must be shared by all nodes on the WLAN in order for mutual communications to be established.

There are two ways to modify the WiFi configuration and security settings:

  1. by calling the functions listed in Table 1-5; or,
  2. by using the Lantronix internal configuration webserver available on port 8000 at the Wildcard’s IP address.

Each of these methods is discussed in turn.

Table 1-5 WiFi configuration functions and constants.


The WiFi_SSID Function

The WiFi_Options Function

The WiFi_Security Function

The WiFi_Encryption_Key Function


Using the Lantronix WiPort configuration webserver to configure security

An alternative method to customize the wireless and security settings of the WiFi Wildcard is to log into the configuration web site served out by the Lantronix WiPort. Assuming that you have established wireless communications (see the section titled "Verifying WiFi Wildcard Communications"), and you know its IP address, you can use your PC’s browser to access its internal configuration website on port 8000. For the WiFi Wildcard with IP address, you would type the following into the address bar of your web browser:

The :8000 tells the browser to go to port 8000 instead of the standard web port 80. The WiFi Wildcard uses port 80 for all of its standard network traffic, and locates the built-in configuration webserver at port 8000.

When the login box comes up, just hit "Enter" (no password required), and you should see the Lantronix configuration web page. The column at the left allows you to select which settings are to be configured. Click on the "WLAN" item to bring up the screen shown in Figure 1-9.

embedded ethernet router

Figure 1-9 Default WLAN settings page served out by the WiPort’s internal configuration webserver on port 8000.

A good rule is to use the WiPort configuration webserver to change ONLY the "WLAN" settings which include the SSID and the wireless security settings. Changing other settings could render the WiFi Wildcard inoperable. (It is permissible to use the "Network" screen if you want to hard code an IP address and subnet; these can also be configured as described in the section above titled "Configuring the Lantronix Device").

If by any chance any settings are corrupted, use the Ether_XPort_Defaults function described in this document to restore the Mosaic factory settings. Do not use the "Apply Factory Defaults" button in the configuration website. The "Apply Factory Defaults" button does NOT establish the correct Mosaic defaults; Mosaic’s defaults are different than those selected by Lantronix.

Figure 1-9 shows the WLAN configuration page of the Lantronix configuration site in its default state with security disabled and the SSID equal to "WIFI_WILDCARD". You can use this page to change the SSID, specify ad hoc (as opposed to infrastructure) mode, enable WiFi security, specify the encryption key, and change the transmit data rate and power settings. To instantiate the changed fields, click the "OK" button at the bottom of the screen, and then click "Apply Settings" from the left-hand menu. The Lantronix device will install the new settings in its flash memory and reboot; this takes over 10 seconds. Of course, once you change the SSID or enable security on any part of the WLAN, the same SSID, security key and security type must be setup on the other members of the WLAN to enable communications.

We examine each of the fields shown in Figure 1-9 in turn. The "Network name (SSID)" contains the default case-sensitive WIFI_WILDCARD Service Set ID. You can type any valid ASCII string up to 32 bytes long into this field. Make sure to configure the same SSID on any other devices on your WLAN, as matching SSID’s are required for wireless association to occur.

The default "Network Type" is infrastructure, meaning a network that incorporates a wireless access point to coordinate communications among wireless nodes. The alternative is "ad hoc" mode, which is a point-to-point network between two wireless devices. For example, you could configure two WiFi Wildcards in ad hoc mode and set them up to communicate with one another. If the ad hoc mode is specified, the "Channel" box is enabled, allowing you to specify a WiFi channel number between 1 and 13, inclusive. Channels 1 through 11 are valid in the U.S. and Canada. Channel 11 is the default.

The "Security" field contains the default value "None"; when this option is selected, the remaining security fields are "greyed out" and cannot be modified. The alternative entries in the "Security" field are "WEP", "WPA", and "802.11i/WPA2". These are explained in detail in the section titled "The WiFi_Security Function". If you specify WEP, WPA, or WPA2 encryption, the remaining security fields are enabled.

Figure 1-10 shows the WLAN settings page when the WEP security suite is selected. The default "Authentication" for WEP is "open/none". The alternative is "shared". This field corresponds to the "authentication_flag" parameter passed to the WiFi_Security function described above, where "open/none" corresponds to a zero flag, and "shared" corresponds to a nonzero authentication flag.

embedded wireless wep

Figure 1-10 WLAN settings page with WEP security selected.

The next "Encryption" field allows the selection of 64-bit or 128-bit WEP encryption. These respectively correspond to the WIFI_WEP64_PAIR_ENCRYPT and WIFI_WEP128_PAIR_ENCRYPT "pairwise_encryption" flag passed to the WiFi_Security function described above.

The "Key Type" field can be specified as either "hex" or "passphrase". The WEP encryption key can be entered as a hexadecimal value, or as a "passphrase". A passphrase is an 8 to 63 byte printable ASCII string that is processed by a "hash function" to create one or more numeric keys. If a passphrase is used, the WiFi Wildcard always uses key index 0 generated by the passphrase hash function. The configuration page asks for the key to be typed twice to help ensure that there is no entry error; keys cannot be read back from the Lantronix device once they are installed.

If "hex" key type is selected, note that a WEP64 hex key is 40 bits, corresponding to ten hex digits. An example 40-bit WEP key is:


A WEP128 hex key is 104 bits, corresponding to 26 hex digits. An example 104-bit key is:


Figure 1-10 shows the WLAN settings page when the WPA security suite is selected. The default (and only) "Authentication" option for WPA is "Pre-Shared Keys (WPA-PSK)". This field corresponds to the "authentication_flag" parameter passed to the WiFi_Security function described above, where a true (nonzero) authentication flag must always be passed if the WPA security suite is in use.

The next "Encryption" field allows the selection of "TKIP" or "TKIP+WEP group keys" encryption. In each case, the pairwise encryption method is TKIP (Temporal Key Integrity Protocol) pairwise encryption method which is used in conjunction with WPA. This corresponds to the WIFI_TKIP_PAIR_ENCRYPT "pairwise_encryption" flag passed to the WiFi_Security function described above. If WPA is in use, the encryption method also specifies a "group encryption" method. Choosing "TKIP" encryption is equivalent to specifying WIFI_TKIP_GROUP_ENCRYPT as the "group_encryption" flag passed to the WiFi_Security function described above. Choosing "TKIP+WEP group keys" encryption with the WPA security suite is equivalent to specifying WIFI_WEP_GROUP_ENCRYPT as the "group_encryption" flag passed to the WiFi_Security function described above.

The "Key Type" field can be specified as either "hex" or "passphrase". The passphrase can be 8 to 32 ASCII bytes. If the "hex" key type is selected, note that a WPA/TKIP key is 128 bits, corresponding to 32 hex digits, An example 128-bit WPA key is:


The remaining settings in Figure 1-10 specify the data rate (with or without automated rate control), and whether automated radio power management is enabled.

To confirm any changes you have made in the WLAN configuration page, click "OK" at the bottom of the page, and then click "Apply Settings" to store the changes into flash in the Lantronix device. As stated earlier, do NOT click the "Apply Factory Defaults" button, as this will corrupt the WiFi Wildcard communications with the Mosaic controller. To recover from this or any other configuration problem and return to the Mosaic defaults, execute Ether_Xport_Defaults or the convenient interactive version Ether_Set_Defaults defined in the demonstration code (see the demo program excerpt in Listing 1-3). embedded wireless wpa

Figure 1-11 WLAN settings page with WPA security selected

See also → WiFi Wildcard

This page is about: WiFi Local Area Network (LAN), 802.11B/G – How to set the SSID and use the security features of the WiFi Wildcard