Docs
mobileIoT Hardware
Documentation

Wi-Fi interface profiles

IMPORTANT:
The WiFI profiles are only valid and processed by the device if the Virtual Ethernet-WiFi Bridge is disabled.

As like the other interface profile settings, one can navigate to the Wi-Fi profiles through the Network profiles section in the Network management.

After navigating to the WiFi interface profiles through the Network Profiles section, one can have one or multiple profiles.

🎯 HINT:
It is HIGHLY recommended to only use ONE WiFi interface profile as deep network technology knowledge is required to configure multiple profiles.

Now navigate to one of the Profiles.

General Wi-Fi preferences

Profile name

Give the ethernet connection a unique name, default is Wireless connection

Automatically join this network when available

Connect this profile automatically when the resources for this connection become available. When disabled the profile will be “parked” in the configuration, but not actively used.

Connection Priority
  • Range: 0 .. 1000

Priority for profiles that are configured to auto connect, this setting spans over all profiles of all interfaces where the autoconnect setting is set to true. A higher number means higher priority.

Number of connection retries

Number of times to retry to connect the profile automatically before giving up. When autoconnection fails after the given number of retries, the next highest priority profile will be used. A value of zero means retry forever.

Operating mode & Security

The Wi-Fi interface has three operation mode, which will be described in detail in the next section.

Hotspot configuration

In Hotspot mode, the device acts as WiFi Hotspot or also known Access Point.

SSID

SSID of the Wi-Fi network.

  • default: CR3171_<<LAST 4 DIGITS OF MAC>>
Hide SSID

This option controls if the SSID of the Wi-Fi network is hidden or visible.

  • default: OFF
Security type
Key management configuration for the WiFi connection.
Options:
  • unencrypted , No further setting required
  • WPA/PSK,
  • SAE ,
  • OWE ,
  • WPA/EAP
🎯 TIP :
More information what the options means is described below.
Password

In case of WPA/PSK and SAE a password will be required, for unencrypted and OWE no password will be requested. EAP will be explained separately.

🎯 TIP :
More information about the various security types:
WPA/PSK : Wikipedia - WPA terminology
OWE : Wikipedia - Opportunistic Wireless Encryption
SAE : Wikipedia - Simultaneous Authentication of Equals
WPA/EAP : Wikipedia - Extensible Authentication Protocol


the Password is the Pre-Shared Key for the WPA secured connection.
In case of security type SAE , the password will be handled according to the SAE Authentication method.

WPA/EAP

When the WPA/EAP (Extinsible Authentication Protocol) option is chosen, some more settings has to be entered.

Username

Available when security type is set to WPA/EAP, is the EAP Username.

Password

Available when security type is set to WPA/EAP, is the EAP password.

Anonymous identity

Available when security type is set to WPA/EAP, is the EAP Anonymous identity.

Domain

Available when security type is set to WPA/EAP, is the EAP Domain.

CA Certificate

Available when security type is set to WPA/EAP, is the EAP CA certificate in PEM format.

Client configuration

In Wi-Fi Client mode, the wifi interface will try to connect to the configured WiFi network.

connectivity

The following settings are availble setting up a wifi client:

SSID
  • default: CR3171_<<LAST 4 DIGITS OF MAC>>
SSID of the Wi-Fi network.


Security type

Key management configuration for the WiFi connection.

Options:
  • unencrypted , No further setting required WPA/PSK,
  • SAE ,
  • OWE ,
  • WPA/EAP


Password

In case of WPA/PSK , the Password is the Pre-Shared Key for the WPA secured connection.

In case of security type SAE , the password will be handled according to the SAE Authentication method.

EAP

When the WPA/EAP (Extinsible Authentication Protocol) option is chosen, some more settings has to be entered.

Username
Available when security type is set to WPA/EAP, is the EAP Username.

Password

Available when security type is set to WPA/EAP, is the EAP password.

Anonymous identity

Available when security type is set to WPA/EAP, is the EAP Anonymous identity.

Domain

Available when security type is set to WPA/EAP, is the EAP Domain.

CA Certificate

Available when security type is set to WPA/EAP, is the EAP CA certificate in PEM format.

Ad-hoc configuration

In WiFi Ad-hoc mode, also known as peer-to-peer. In this mode, wireless devices communicate directly with each other without the need for a central access point or network infrastructure. Source

ad-hoc

In this mode only to fields are to be configured.

Security type

Key management configuration for the WiFi connection.

Options:
  • unencrypted , No further setting required WPA/PSK,
  • SAE ,
  • OWE ,
  • WPA/EAP
Password

In case of WPA/PSK, the Password is the Pre-Shared Key for the WPA secured connection.
In case of security type SAE, the password will be handeled according to the SAE Authentication method.

Band and IP configuration method

Band

This option configures the 802.11 frequency band of the network, i.e. the device will not join the network if the band does not match, even if all other options are compatible.

IP configuration method
Selector
  • auto , the interface will be configured as DHCP client and therefore will be assigned a IP address from an external DHCP router.
  • manual , static IP settings will be used,
  • link-local , a link-local address is a network address that is valid only for communications on a local link, i.e. within a subnetwork that a host is connected to
  • shared , interface is set to act as a DHCP server.
Channel

When either band option A or B/G are selected one need to set the Wireless channel.
Wireless channel to use for this connection, the value of zero means, that the channel will be chosen automatically. Explicitly setting this option will ensure that the device only joins a network on the specified channel.

IP configuration method

  • manual , static IP settings will be used,
  • shared , the default, interface is set to act as a DHCP server.
IPV4 Address

IP address used for either static IP, when method is set to manual or DHCP server configurations when the shared method is selected. The CIRD notation is used to define the subnet mask.
By using e.g. 192.168.82.1/24 the device will be part of the 192.168.82.0 network and will allow access or communication from IPs in the range of 192.168.82.1 - 192.168.82.255

🎯 TIP:
As security measure it is advisable to tighten the allowed IPs on the network as possible, for instance to use /29 or 255.255.255.248 subnet to only allow 6 address on the network, as 192.168.82.0 is the network address and 192.168.82.7 is the broardcast address and 192.168.82.1 - 192.168.82.6 remains available.
Shared

In the shared mode the Network Manager will configure the DHCP server to provide a static IP range for static IPs which is 10% of the range with a max of 8 IPs. The remaining IP in the range are for dynamic assignment.

Manual

In manual mode, the IPV4 Address defines the network and mask, the device IP is set through IPV4 Gateway, which is described below.

IPV4 gateway

If the manual mode is selected one can setup the Static IP address of the gateway. Keep in mind this should be in the given subnet range.

DNS servers

It is possible to setup three additional DNS servers if required.