JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: Network Interfaces and Network Virtualization     Oracle Solaris 11 Express 11/10
search filter icon
search icon

Document Information


Part I Network Auto-Magic

1.  Introduction to NWAM

2.  NWAM Configuration and Administration (Overview)

3.  NWAM Profile Configuration (Tasks)

4.  NWAM Profile Administration (Tasks)

5.  About the NWAM Graphical User Interface

Part II Administering Single Interfaces

6.  Overview of the Networking Stack

7.  Datalink Configuration and Administration

8.  Configuring an IP Interface

9.  Configuring Wireless Interface Communications on Oracle Solaris

WiFi Communications Task Map

Communicating Over WiFi Interfaces

Finding a WiFi Network

Commercial WiFi Networks

Municipal WiFi Networks

Private WiFi Networks

Planning for WiFi Communications

How to Prepare a System for WiFi Communications

Connecting and Using WiFi on Oracle Solaris Systems

How to Connect to a WiFi Network

How to Monitor the WiFi Link

Secure WiFi Communications

How to Set Up an Encrypted WiFi Network Connection

Part III Administering Interface Groups

10.  Administering Bridges

11.  Administering Link Aggregations

12.  Administering VLANs

13.  Introducing IPMP

14.  Administering IPMP

Part IV  Network Virtualization and Resource Management

15.  Introducing Network Virtualization and Resource Control (Overview)

16.  Planning for Network Virtualization and Resource Control

17.  Configuring Virtual Networks (Tasks)

18.  Using Link Protection in Virtualized Environments

19.  Managing Network Resources

20.  Monitoring Network Traffic and Resource Usage



Secure WiFi Communications

Radio wave technology makes WiFi networks readily available and often freely accessible to users in many locations. As a result, connecting to a WiFi network can be an insecure undertaking. However, certain types of WiFi connections are more secure:

The dladm command can use a Wired Equivalent Privacy (WEP) key for encrypting connections through the access point. The WEP protocol is defined in IEEE 802.11 specifications for wireless connections. For complete details on the WEP-related options of the dladm command, refer to the dladm(1M) man page.

How to Set Up an Encrypted WiFi Network Connection

The next procedure shows how to set up secure communications between a system and a router in the home. Many wireless and wired routers for the home have an encryption feature that can generate a secure key. This procedure assumes that you use such a router and have its documentation available. The procedure also assumes that your system is already plugged into the router.

  1. Start the software for configuring the home router.

    Refer to the manufacturer's documentation for instructions. Router manufacturers typically offer an internal web site or a graphical user interface for router configuration.

  2. Generate the value for the WEP key.

    Follow the manufacturer's instructions for creating a secure key for the router. The router configuration GUI might ask you to supply a passphrase of your choice for the key. The software then uses the passphrase to generate a hexadecimal string, typically 5 bytes or 13 bytes in length. This string becomes the value to be used for the WEP key.

  3. Apply and save the key configuration.

    Refer to the manufacturer's documentation for instructions.

  4. Become an administrator.

    For more information, see How to Obtain Administrative Rights in System Administration Guide: Security Services.

  5. Create a secure object that contains the WEP key.

    Open a terminal window on the system and type the following:

    # dladm create-secobj -c wep keyname

    where keyname represents the name you want to give to the key.

  6. Supply the value for the WEP key to the secure object.

    The create-secobj subcommand then runs a script that requests the value for the key.

    provide value for keyname: 5 or 13 byte key
    confirm value for keyname: retype key

    This value is the key that was generated by the router. The script accepts either a five byte or thirteen byte string, in ASCII or in hexadecimal for the key value.

  7. View the contents of the key that you just created.
    # dladm show-secobj
    OBJECT               CLASS
    keyname                wep

    where keyname is the name for the secure object.

  8. Make an encrypted connection to the WiFi network.
    # dladm connect-wifi -e network -k keyname interface
  9. Verify that the connection is secure.
    # dladm show-wifi
    LINK       STATUS        ESSID         SEC     STRENGTH   MODE   SPEED
    ath0       connected     net1          wep     good       g      11Mb

    The wep value under the SEC heading indicates that WEP encryption is in place for the connection.

Example 9-3 Setting Up Encrypted WiFi Communications

This example assumes that you have already done the following:

# dladm create-secobj -c wep mykey
provide value for mykey: *****
confirm value for mkey: *****

When you supply the WEP key generated that is by the router, asterisks mask the value that you type.

# dladm show-secobj
OBJECT               CLASS
 mykey               wep
# dladm connect-wifi -e citinet -k mykey ath0

This command establishes an encrypted connection to the WiFi network citinet, using the secure object mykey.

# dladm show-wifi
LINK       STATUS        ESSID         SEC     STRENGTH   MODE   SPEED
ath0       connected     citinet       wep     good       g      36Mb

This output verifies that you are connected to citinet through WEP encryption.