• SonicOS 7
• Wireless Overview
  • Device Support
  • Compliance
  • Considerations for Using Wireless Connections
  • Adjusting the Antennas
  • Wireless Node Count Enforcement
  • About MAC Address Filtering
• Status
  • WLAN Settings
  • WLAN Statistics
  • WLAN Activities
  • Station Status
• Settings
  • Access Point
    • Access Point Wireless Settings
      • 802.11n Wireless Settings
      • 802.11a/b/g Wireless Settings
      • 802.11ac Wireless Settings
    • Wireless Virtual Access Point
  • Wireless WDS Station
  • Access Point & WDS Station
• Security
  • About Authentication
  • Configuring the WEP Settings
  • Configuring WPA3/WPA2/WPA PSK Settings
  • Configuring WPA3/WPA2/WPA EAP Settings
• Advanced
  • Beaconing and SSID Controls
  • Green Access Point
  • Advanced Radio Settings
    • Configurable Antenna Diversity
• MAC Filter List
  • Deployment Considerations
  • Configuring MAC Filter List
• IDS - Wireless Intrusion Detection Service
  • Configuring IDS Settings
  • Discovered Access Points
• Virtual Access Point
  • Wireless Virtual AP Configuration Task List
  • Virtual Access Point Profiles
    • Virtual Access Point Schedule Settings
    • Virtual Access Point Profile Settings
      • WEP Encryption Settings
      • WPA-PSK / WPA2-PSK Encryption Settings
      • RADIUS Server Settings
    • ACL Enforcement
  • Virtual Access Point Objects
  • Virtual Access Point Groups
  • Enabling the Virtual Access Point Group
• SonicWall Support
  • About This Document

Configuring WPA3/WPA2/WPA EAP Settings

The settings shown in the below image can be defined when one of the WPA EAP options is selected for the Authentication Type.

To configure wireless appliance for WPA authentication

1. Navigate to DEVICE | Internal Wireless > Security page.

2. Select the appropriate authentication type from the Authentication Type drop-down menu.

   • WPA2 - EAP : Connects using WPA2 and an extensible authentication protocol.

   • WPA2 - Auto - EAP : Automatically tries to connect using WPA2 and an extensible authentication protocol, but falls back to WPA if the client is not WPA2-capable.

   • WPA3 - EAP : Connects using WPA3 and an extensible authentication protocol.

   • WPA3/WPA2 - EAP : Automatically tries to connect using WPA3 and a preset authentication key, but falls back to WPA2 if the client is not WPA3-capable.

     EAP support is available when the Radio Role includes Access Point mode, but not when Radio Role is set to Wireless WDS Station alone.

3. Select the EAPOL Version setting from the drop-down menu:

   • V1—Selects the extensible authentication protocol over LAN version 1.
   • V2—Selects the extensible authentication protocol over LAN version 2. This provides better security than version 1, but might not be supported by some wireless clients.

4. In WPA3/WPA2/WPA Settings section, specify these settings:

   • Cipher Type—Select TKIP. Temporal Key Integrity Protocol (TKIP) is a protocol for enforcing key integrity on a per-packet basis, but it is less secure and has lower throughput. AES and AUTO are also Cipher type options.

   • Group Key Update—Specifies when the SonicWall security appliance updates the key. Select By Timeout to generate a new group key after an interval specified in seconds; this is the default. Select Disabled when using a static key.

   • Interval—If you selected By Timeout in the Group Key Update field, enter the number of seconds before WPA automatically generates a new group key. The default is 86400 seconds. If you selected Disabled for Group Key Update, this option is not displayed.

5. In the Extensible Authentication Protocol Settings (EAP) section, specify these settings:

   • Radius Server Retries—Enter the number of authentication retries the server attempts. The default is 4.

   • Retry Interval (seconds)—Enter the delay the server is to wait between retries. The default is 0 (no delay).

   • Radius Server 1 IP and Port—Enter the IP address and port number for your primary RADIUS server.

   • Radius Server 1 Secret—Enter the password for access to the primary RADIUS server.

   • Radius Server 2 IP and Port—Enter the IP address and port number for your secondary RADIUS server, if you have one.

   • Radius Server 2 Secret—Enter the password for access to the secondary RADIUS server.

6. Click Accept to apply your WPA3/WPA2 EAP settings.