Quelle anzeigen

Description:

Standard-compliant Wi-Fi 7 certified operation according to the specifications of the Wi-Fi Alliance requires specific encryption parameters. This means, that different encryption profiles are required for Wi-Fi 6 and Wi-Fi 7 clients. As of LCOS LX 7.10 Rel there is a separate encryption profile for Wi-Fi 7, so that it can be selected directly in an SSID.

However, the encryption profile for Wi-Fi 7 in Wi-Fi 7 access points with LCOS LX as of version 7.10 Rel is only present in access points in the factory state. In existing installations the encryption profile has to be created manually.

This article describes, which parameters have to be selected for the Wi-Fi 7 encryption profile.

A separate encryption profile for Wi-Fi 7 can currently only be created on a standalone access point via LANconfig. This is not possible via WEBconfig.

It is currently also not possible to create a separate encryption profile for Wi-Fi 7 in a WLAN-Controller or in the LMC and assign it to an access point.

Using the LMC, the encryption profile for Wi-Fi 7 can only be created via an Add-in and assigned to a new or existing SSID. You can find the Add-in on the following page in the Add-in manual:

Add Encryption-Profile for Wifi 7 certified operation

Requirements:

Access point with Wi-Fi 7 support (e.g. LX-7300 and LX-7500)
LCOS LX as of version 7.10 Rel (download latest version)
LANtools as of version 10.92 RU1 (download latest version)

Procedure:

1) Open the configuration of the access point in LANconfig and go to the menu Wireless LAN → WLAN networks → Encryption.

Open the menu Encryption on the access point

2) Click Add to create a new encryption profile.

Add a new encryption profile

3) Modify the following parameters:

Profile-Name: Enter a descriptive name for the encryption profile (in this example P-PSK-WiFi7).
WPA-Version: In the dropdown menu select the option WPA3. WPA2 is not supported.
WPA2/3-Session-Keytypes: Activate the type AES-GCMP-256.
Group-Mgmt-Cipher: In the dropdown menu select the option BIP-GMAC-256.
Encrypt management frames: In the dropdown menu select the option mandatory.
Beacon protection: In the dropdown menu select the option Yes.
SAE/OWE-Groups: Activate the groups DH-19, DH-20 and DH-21.

Enter the encryption parameters for Wi-Fi 7

Afterwards, the encryption profile can be selected in a WLAN network (in the menu Wireless LAN → WLAN networks → Network).

Assign the encryption profile for Wi-Fi 7 to a WLAN network

Thank you for your feedback! You can also send us constructive suggestions for improving our knowledge base or ideas for new articles by email to knowledgebase@lancom.de.