1<!-- 2$Copyright Open Broadcom Corporation$ 3 4$Id: security.asp,v 1.54 2011-01-11 18:43:43 willfeng Exp $ 5--> 6 7<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 8<html lang="en"> 9<head> 10<title>Broadcom Home Gateway Reference Design: Security</title> 11<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 12<link rel="stylesheet" type="text/css" href="style.css" media="screen"> 13<script language="JavaScript" type="text/javascript" src="overlib.js"></script> 14<script language="JavaScript" type="text/javascript"> 15<!-- 16function wl_key_update() 17{ 18 var mode = document.forms[0].wl_auth_mode[document.forms[0].wl_auth_mode.selectedIndex].value; 19 var wep = document.forms[0].wl_wep[document.forms[0].wl_wep.selectedIndex].value; 20 var wpa= document.forms[0].wl_akm_wpa[document.forms[0].wl_akm_wpa.selectedIndex].value; 21 var psk = document.forms[0].wl_akm_psk[document.forms[0].wl_akm_psk.selectedIndex].value; 22 var wl_ibss = <% wl_ibss_mode(); %>; 23 var wpa2 = document.forms[0].wl_akm_wpa2[document.forms[0].wl_akm_wpa2.selectedIndex].value; 24 var psk2 = document.forms[0].wl_akm_psk2[document.forms[0].wl_akm_psk2.selectedIndex].value; 25 var brcm_psk = document.forms[0].wl_akm_brcm_psk[document.forms[0].wl_akm_brcm_psk.selectedIndex].value; 26 var i, cur, algos; 27 28 /* enable network key 1 to 4 */ 29 if (wep == "enabled") { 30 if (document.forms[0].wl_akm_wpa.disabled == 0 && wpa == "enabled" || 31 document.forms[0].wl_akm_psk.disabled == 0 && psk == "enabled" 32 || document.forms[0].wl_akm_wpa2.disabled == 0 && wpa2 == "enabled" 33 || document.forms[0].wl_akm_psk2.disabled == 0 && psk2 == "enabled" 34 || document.forms[0].wl_akm_brcm_psk.disabled == 0 && brcm_psk == "enabled" 35 || mode == "radius") { 36 document.forms[0].wl_key1.disabled = 1; 37 document.forms[0].wl_key4.disabled = 1; 38 } 39 else { 40 document.forms[0].wl_key1.disabled = 0; 41 document.forms[0].wl_key4.disabled = 0; 42 } 43 document.forms[0].wl_key2.disabled = 0; 44 document.forms[0].wl_key3.disabled = 0; 45 } 46 else { 47 document.forms[0].wl_key1.disabled = 1; 48 document.forms[0].wl_key2.disabled = 1; 49 document.forms[0].wl_key3.disabled = 1; 50 document.forms[0].wl_key4.disabled = 1; 51 } 52 53 /* Save current network key index */ 54 for (i = 0; i < document.forms[0].wl_key.length; i++) { 55 if (document.forms[0].wl_key[i].selected) { 56 cur = document.forms[0].wl_key[i].value; 57 break; 58 } 59 } 60 61 /* Define new network key indices */ 62 if (mode == "radius" || 63 document.forms[0].wl_akm_wpa.disabled == 0 && wpa == "enabled" || 64 document.forms[0].wl_akm_psk.disabled == 0 && psk == "enabled" 65 || document.forms[0].wl_akm_wpa2.disabled == 0 && wpa2 == "enabled" 66 || document.forms[0].wl_akm_psk2.disabled == 0 && psk2 == "enabled" 67 || document.forms[0].wl_akm_brcm_psk.disabled == 0 && brcm_psk == "enabled" 68 ) 69 algos = new Array("2", "3"); 70 else 71 algos = new Array("1", "2", "3", "4"); 72 73 /* Reconstruct network key indices array from new network key indices */ 74 document.forms[0].wl_key.length = algos.length; 75 for (var i in algos) { 76 document.forms[0].wl_key[i] = new Option(algos[i], algos[i]); 77 document.forms[0].wl_key[i].value = algos[i]; 78 if (document.forms[0].wl_key[i].value == cur) 79 document.forms[0].wl_key[i].selected = true; 80 } 81 82 /* enable key index */ 83 if (wep == "enabled") 84 document.forms[0].wl_key.disabled = 0; 85 else 86 document.forms[0].wl_key.disabled = 1; 87 88 /* enable gtk rotation interval */ 89 if ((wep == "enabled") || (wl_ibss == "1")) 90 document.forms[0].wl_wpa_gtk_rekey.disabled = 1; 91 else { 92 if (document.forms[0].wl_akm_wpa.disabled == 0 && wpa == "enabled" || 93 document.forms[0].wl_akm_psk.disabled == 0 && psk == "enabled" 94 || document.forms[0].wl_akm_wpa2.disabled == 0 && wpa2 == "enabled" 95 || document.forms[0].wl_akm_psk2.disabled == 0 && psk2 == "enabled" 96 || document.forms[0].wl_akm_brcm_psk.disabled == 0 && brcm_psk == "enabled" 97 ) 98 document.forms[0].wl_wpa_gtk_rekey.disabled = 0; 99 else 100 document.forms[0].wl_wpa_gtk_rekey.disabled = 1; 101 } 102} 103 104function wl_auth_change() 105{ 106 var auth = document.forms[0].wl_auth[document.forms[0].wl_auth.selectedIndex].value; 107 var wl_ure = <% wl_ure_enabled(); %>; 108 var wl_ibss = <% wl_ibss_mode(); %>; 109 110 if (auth == "1") { 111 document.forms[0].wl_akm_wpa.disabled = 1; 112 document.forms[0].wl_akm_psk.disabled = 1; 113 document.forms[0].wl_akm_wpa2.disabled = 1; 114 document.forms[0].wl_akm_psk2.disabled = 1; 115 document.forms[0].wl_akm_brcm_psk.disabled = 1; 116 document.forms[0].wl_preauth.disabled = 1; 117/* 118#ifdef BCMWAPI_WAI 119*/ 120 document.forms[0].wl_akm_wapi.disabled = 1; 121 document.forms[0].wl_akm_wapi_psk.disabled = 1; 122/* 123#endif 124*/ 125 document.forms[0].wl_wpa_psk.disabled = 1; 126 document.forms[0].wl_crypto.disabled = 1; 127 128 } 129 else { 130 if ((wl_ure == "1") || (wl_ibss == "1")) { 131 document.forms[0].wl_akm_wpa.disabled = 1; 132 } 133 else { 134 document.forms[0].wl_akm_wpa.disabled = 0; 135 136 } 137 if (wl_ibss == "1") { 138 document.forms[0].wl_akm_psk.disabled = 1; 139 } 140 else { 141 document.forms[0].wl_akm_psk.disabled = 0; 142 } 143 if (wl_ure == "1") { 144 document.forms[0].wl_akm_wpa2.disabled = 1; 145 document.forms[0].wl_preauth.disabled = 1; 146 document.forms[0].wl_akm_brcm_psk.disabled = 1; 147 } else if (wl_ibss == "1") { 148 document.forms[0].wl_akm_wpa2.disabled = 1; 149 document.forms[0].wl_preauth.disabled = 1; 150 document.forms[0].wl_akm_psk2.disabled = 1; 151 document.forms[0].wl_akm_brcm_psk.disabled = 0; 152 153 } else { 154 document.forms[0].wl_akm_wpa2.disabled = 0; 155 document.forms[0].wl_akm_psk2.disabled = 0; 156 document.forms[0].wl_preauth.disabled = 0; 157 document.forms[0].wl_akm_brcm_psk.disabled = 1; 158 } 159/* 160#ifdef BCMWAPI_WAI 161*/ 162 if ((wl_ure == "1") || (wl_ibss == "1")) { 163 document.forms[0].wl_akm_wapi.disabled = 1; 164 document.forms[0].wl_akm_wapi_psk.disabled = 1; 165 } 166 else { 167 document.forms[0].wl_akm_wapi.disabled = 0; 168 document.forms[0].wl_akm_wapi_psk.disabled = 0; 169 } 170/* 171#endif 172*/ 173 document.forms[0].wl_wpa_psk.disabled = 0; 174 document.forms[0].wl_crypto.disabled = 0; 175 } 176 177 wl_key_update(); 178} 179 180function wl_auth_mode_change() 181{ 182 var mode = document.forms[0].wl_auth_mode[document.forms[0].wl_auth_mode.selectedIndex].value; 183 var wpa = document.forms[0].wl_akm_wpa[document.forms[0].wl_akm_wpa.selectedIndex].value; 184 var psk = document.forms[0].wl_akm_psk[document.forms[0].wl_akm_psk.selectedIndex].value; 185 var wl_nmode = <% wl_nmode_enabled(); %>; 186 var wpa2 = document.forms[0].wl_akm_wpa2[document.forms[0].wl_akm_wpa2.selectedIndex].value; 187 var psk2 = document.forms[0].wl_akm_psk2[document.forms[0].wl_akm_psk2.selectedIndex].value; 188 189 /* enable radius IP, port, password */ 190 if (mode == "radius" || 191 document.forms[0].wl_akm_wpa.disabled == 0 && wpa == "enabled" 192 || document.forms[0].wl_akm_wpa2.disabled == 0 && wpa2 == "enabled" 193 ) { 194 document.forms[0].wl_radius_ipaddr.disabled = 0; 195 document.forms[0].wl_radius_port.disabled = 0; 196 document.forms[0].wl_radius_key.disabled = 0; 197 } else { 198 document.forms[0].wl_radius_ipaddr.disabled = 1; 199 document.forms[0].wl_radius_port.disabled = 1; 200 document.forms[0].wl_radius_key.disabled = 1; 201 } 202 203 /* enable network re-auth interval */ 204 if (mode == "radius" || 205 document.forms[0].wl_akm_wpa.disabled == 0 && wpa == "enabled" 206 || document.forms[0].wl_akm_wpa2.disabled == 0 && wpa2 == "enabled" 207 ) 208 document.forms[0].wl_net_reauth.disabled = 0; 209 else 210 document.forms[0].wl_net_reauth.disabled = 1; 211 212 wl_key_update(); 213} 214 215function wl_akm_change() 216{ 217 var mode = document.forms[0].wl_auth_mode[document.forms[0].wl_auth_mode.selectedIndex].value; 218 var wpa = document.forms[0].wl_akm_wpa[document.forms[0].wl_akm_wpa.selectedIndex].value; 219 var psk = document.forms[0].wl_akm_psk[document.forms[0].wl_akm_psk.selectedIndex].value; 220 var wpa2 = document.forms[0].wl_akm_wpa2[document.forms[0].wl_akm_wpa2.selectedIndex].value; 221 var psk2 = document.forms[0].wl_akm_psk2[document.forms[0].wl_akm_psk2.selectedIndex].value; 222 var brcm_psk = document.forms[0].wl_akm_brcm_psk[document.forms[0].wl_akm_brcm_psk.selectedIndex].value; 223/* 224#ifdef BCMWAPI_WAI 225*/ 226 var wapi = document.forms[0].wl_akm_wapi[document.forms[0].wl_akm_wapi.selectedIndex].value; 227 var wapi_psk = document.forms[0].wl_akm_wapi_psk[document.forms[0].wl_akm_wapi_psk.selectedIndex].value; 228/* 229#endif 230*/ 231 var wl_nmode = <% wl_nmode_enabled(); %>; 232 var i; 233 234 /* enable Pre-shared Key */ 235 if (psk == "enabled" 236 || psk2 == "enabled" || brcm_psk == "enabled" 237/* 238#ifdef BCMWAPI_WAI 239*/ 240 || wapi_psk == "enabled" 241/* 242#endif 243*/ 244 ) 245 document.forms[0].wl_wpa_psk.disabled = 0; 246 else 247 document.forms[0].wl_wpa_psk.disabled = 1; 248 249 /* enable radius options */ 250 if (mode == "radius" || wpa == "enabled" 251 || wpa2 == "enabled" 252 ) { 253 document.forms[0].wl_radius_ipaddr.disabled = 0; 254 document.forms[0].wl_radius_port.disabled = 0; 255 document.forms[0].wl_radius_key.disabled = 0; 256 } 257 else { 258 document.forms[0].wl_radius_ipaddr.disabled = 1; 259 document.forms[0].wl_radius_port.disabled = 1; 260 document.forms[0].wl_radius_key.disabled = 1; 261 } 262 263 /* enable crypto */ 264 if (wpa == "enabled" || psk == "enabled" 265 || wpa2 == "enabled" || psk2 == "enabled" || brcm_psk == "enabled" 266/* 267#ifdef BCMWAPI_WAI 268*/ 269 || wapi == "enabled" || wapi_psk == "enabled" 270/* 271#endif 272*/ 273 ) 274 document.forms[0].wl_crypto.disabled = 0; 275 else 276 document.forms[0].wl_crypto.disabled = 1; 277 278 /* enable re-auth interval */ 279 if (mode == "radius" || wpa == "enabled" 280 || wpa2 == "enabled" 281 ) 282 document.forms[0].wl_net_reauth.disabled = 0; 283 else 284 document.forms[0].wl_net_reauth.disabled = 1; 285 286 if (wpa2 == "enabled") 287 document.forms[0].wl_preauth.disabled = 0; 288 else 289 document.forms[0].wl_preauth.disabled = 1; 290 291 if ((wpa2 == "enabled") || (psk2 == "enabled") || (brcm_psk == "enabled") || 292 (wpa == "enabled") || (psk == "enabled") || (wl_nmode == "1")) { 293 document.forms[0].wl_wep.selectedIndex = 1; 294 document.forms[0].wl_wep.disabled = 1; 295 } else { 296 document.forms[0].wl_wep.disabled = 0; 297 } 298 299/* 300#ifdef BCMWAPI_WAI 301*/ 302 303 if (wapi_psk == "enabled" || wapi == "enabled") { 304 document.forms[0].wl_auth.disabled = 1; 305 document.forms[0].wl_auth_mode.disabled = 1; 306 document.forms[0].wl_auth_mode.value = "none"; 307 document.forms[0].wl_akm_wpa.disabled = 1; 308 document.forms[0].wl_akm_wpa.value = "disabled"; 309 document.forms[0].wl_akm_psk.disabled = 1; 310 document.forms[0].wl_akm_psk.value = "disabled"; 311 document.forms[0].wl_akm_wpa2.disabled = 1; 312 document.forms[0].wl_akm_wpa2.value = "disabled"; 313 document.forms[0].wl_akm_psk2.disabled = 1; 314 document.forms[0].wl_akm_psk2.value = "disabled"; 315 document.forms[0].wl_wep.disabled = 1; 316 document.forms[0].wl_wep.value = "disabled"; 317 document.getElementById('wl_wapi_encrypt_div').style.display=""; 318 document.getElementById('wl_wpa_encrypt_div').style.display="none"; 319 320 321 if (wapi == "enabled") { 322 document.forms[0].wl_wai_as_ip.disabled = 0; 323 document.forms[0].wl_wai_as_port.disabled = 0; 324 } 325 else { 326 document.forms[0].wl_wai_as_ip.disabled = 1; 327 document.forms[0].wl_wai_as_port.disabled = 1; 328 } 329 330 331 if (wapi_psk == "enabled") { 332 document.getElementById('wl_wapi_psk_div').style.display=""; 333 document.getElementById('wl_wpa_psk_div').style.display="none"; 334 } 335 336 /* Save current crypto algorithm */ 337 for (i = 0; i < document.forms[0].wl_crypto.length; i++) { 338 if (document.forms[0].wl_crypto[i].value == "sms4") { 339 document.forms[0].wl_crypto[i].disabled = 0; 340 document.forms[0].wl_crypto[i].selected = true; 341 } 342 else 343 document.forms[0].wl_crypto[i].disabled = 1; 344 } 345 346 /* Unicast/Multicast rekeying */ 347 document.forms[0].wl_wai_uck_rekey.disabled = 0; 348 document.forms[0].wl_wai_mck_rekey.disabled = 0; 349 } 350 else { 351 document.forms[0].wl_auth.disabled = 0; 352 document.forms[0].wl_auth_mode.disabled = 0; 353 document.forms[0].wl_akm_wpa.disabled = 0; 354 document.forms[0].wl_akm_psk.disabled = 0; 355 document.forms[0].wl_akm_wpa2.disabled = 0; 356 document.forms[0].wl_akm_psk2.disabled = 0; 357 if (wl_nmode != "1") 358 document.forms[0].wl_wep.disabled = 0; 359 document.getElementById('wl_wapi_encrypt_div').style.display="none"; 360 document.getElementById('wl_wpa_encrypt_div').style.display=""; 361 document.getElementById('wl_wapi_psk_div').style.display="none"; 362 document.getElementById('wl_wpa_psk_div').style.display=""; 363 364 document.forms[0].wl_wai_as_ip.disabled = 1; 365 document.forms[0].wl_wai_as_port.disabled = 1; 366 367 /* Save current crypto algorithm */ 368 for (i = 0; i < document.forms[0].wl_crypto.length; i++) { 369 if (document.forms[0].wl_crypto[i].value == "sms4") { 370 document.forms[0].wl_crypto[i].disabled = 1; 371 if (document.forms[0].wl_crypto[i].selected == true) 372 document.forms[0].wl_crypto[0].selected = true; 373 } 374 else { 375 document.forms[0].wl_crypto[i].disabled = 0; 376 } 377 } 378 379 /* Unicast/Multicast rekeying */ 380 document.forms[0].wl_wai_uck_rekey.disabled = 1; 381 document.forms[0].wl_wai_mck_rekey.disabled = 1; 382 } 383/* 384#endif 385*/ 386 wl_key_update(); 387} 388 389 390function wl_wep_change() 391{ 392/* 393#ifdef BCMWPS 394*/ 395<% wps_wep_change_display(); %> 396/* 397#endif 398*/ 399 400 wl_key_update(); 401} 402 403function wl_security_update() 404{ 405 var i, cur, algos; 406 var wl_ure = <% wl_ure_enabled(); %>; 407 var wl_ibss = <% wl_ibss_mode(); %>; 408 var wl_nmode = <% wl_nmode_enabled(); %>; 409 410 /* Save current crypto algorithm */ 411 for (i = 0; i < document.forms[0].wl_crypto.length; i++) { 412 if (document.forms[0].wl_crypto[i].selected) { 413 cur = document.forms[0].wl_crypto[i].value; 414 break; 415 } 416 } 417 418 /* Define new crypto algorithms */ 419 if (<% wl_corerev(); %> >= 3) { 420 if (wl_ibss == "1") { 421 algos = new Array("AES"); 422 } 423 else if (wl_nmode == "1") { 424 algos = new Array("AES", "TKIP+AES"); 425/* 426#ifdef BCMWAPI_WAI 427*/ 428 algos = new Array("AES", "TKIP+AES", "SMS4"); 429/* 430#endif 431*/ 432 } 433 else { 434 algos = new Array("TKIP", "AES", "TKIP+AES"); 435/* 436#ifdef BCMWAPI_WAI 437*/ 438 algos = new Array("TKIP", "AES", "TKIP+AES", "SMS4"); 439/* 440#endif 441*/ 442 } 443 } else { 444 if (wl_ibss == "0") 445 algos = new Array("TKIP"); 446 else 447 algos = new Array(""); 448 } 449 450 /* Reconstruct algorithm array from new crypto algorithms */ 451 document.forms[0].wl_crypto.length = algos.length; 452 for (var i in algos) { 453 document.forms[0].wl_crypto[i] = new Option(algos[i], algos[i].toLowerCase()); 454 document.forms[0].wl_crypto[i].value = algos[i].toLowerCase(); 455 if (document.forms[0].wl_crypto[i].value == cur) 456 document.forms[0].wl_crypto[i].selected = true; 457 } 458 459 /* If nmode then disable WEP */ 460 if (<% wl_corerev(); %> >= 3 && wl_nmode == "1") { 461 document.forms[0].wl_wep.selectedIndex = 1; 462 document.forms[0].wl_wep.disabled = 1; 463 } 464 465 wl_auth_change(); 466 wl_auth_mode_change(); 467 wl_akm_change(); 468 wl_wep_change(); 469 470 if ((wl_ure == "1") || (wl_ibss == "1")) { 471 document.forms[0].wl_auth_mode.disabled = 1; 472 } 473 else { 474 document.forms[0].wl_auth_mode.disabled = 0; 475 } 476 477/* 478#ifdef BCMWAPI_WAI 479*/ 480 if (document.forms[0].wl_akm_wapi[document.forms[0].wl_akm_wapi.selectedIndex].value == "enabled" || 481 document.forms[0].wl_akm_wapi_psk[document.forms[0].wl_akm_wapi_psk.selectedIndex].value == "enabled") { 482 document.forms[0].wl_auth_mode.disabled = 1; 483 document.forms[0].wl_auth_mode.value = "none"; 484 } 485/* 486#endif 487*/ 488} 489 490function wpapsk_window() 491{ 492 var psk_window = window.open("", "", "toolbar=no,scrollbars=yes,width=400,height=100"); 493 psk_window.document.write("The WPA passphrase is <% nvram_get("wl_wpa_psk"); %>"); 494 psk_window.document.close(); 495} 496 497function pre_submit() 498{ 499/* 500#ifdef BCMWPS 501*/ 502<% wps_security_pre_submit_display(); %> 503/* 504#endif 505*/ 506 return true; 507} 508 509//--> 510 511</script> 512</head> 513 514<body onLoad="wl_security_update();"> 515<div id="overDiv" style="position:absolute; visibility:hidden; z-index:1000;"></div> 516 517<table border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#cc0000"> 518 <% asp_list(); %> 519</table> 520 521<table border="0" cellpadding="0" cellspacing="0" width="100%"> 522 <tr> 523 <td colspan="2" class="edge"><img border="0" src="blur_new.jpg" alt=""></td> 524 </tr> 525 <tr> 526 <td><img border="0" src="logo_new.gif" alt=""></td> 527 <td width="100%" valign="top"> 528 <br> 529 <span class="title">SECURITY</span><br> 530 <span class="subtitle">This page allows you to configure 531 security for the wireless LAN interfaces.</span> 532 </td> 533 </tr> 534</table> 535 536<form method="post" action="security.asp"> 537<input type="hidden" name="page" value="security.asp"> 538<!-- 539#ifdef BCMWPS 540--> 541<input type="hidden" name="wl_wps_mode" value="<% nvram_get("wl_wps_mode"); %>"> 542<!-- 543#endif 544--> 545<p> 546<table border="0" cellpadding="0" cellspacing="0"> 547 <tr> 548 <th width="310" 549 onMouseOver="return overlib('Selects which wireless interface to configure.', LEFT);" 550 onMouseOut="return nd();"> 551 Wireless Interface: 552 </th> 553 <td> </td> 554 <td> 555 <select name="wl_unit" onChange="submit();"> 556 <% wl_list("INCLUDE_SSID" , "INCLUDE_VIFS"); %> 557 </select> 558 </td> 559 <td> 560 <button type="submit" name="action" value="Select">Select</button> 561 </td> 562 </tr> 563</table> 564 565<p> 566<table border="0" cellpadding="0" cellspacing="0"> 567 <tr> 568 <th width="310" 569 onMouseOver="return overlib('Selects 802.11 authentication method. Open or Shared.', LEFT);" 570 onMouseOut="return nd();"> 571 802.11 Authentication: 572 </th> 573 <td> </td> 574 <td> 575 <select name="wl_auth" onChange="wl_auth_change();"> 576 <% wl_auth_display(); %> 577 </select> 578 </td> 579 </tr> 580 <tr> 581 <th width="310" 582 onMouseOver="return overlib('Selects Network authentication type.', LEFT);" 583 onMouseOut="return nd();"> 584 802.1X Authentication: 585 </th> 586 <td> </td> 587 <td> 588 <select name="wl_auth_mode" onChange="wl_auth_mode_change();"> 589 <option value="radius" <% nvram_match("wl_auth_mode", "radius", "selected"); %>>Enabled</option> 590 <option value="none" <% nvram_invmatch("wl_auth_mode", "radius", "selected"); %>>Disabled</option> 591 </select> 592 </td> 593 </tr> 594 <tr> 595 <th width="310" 596 onMouseOver="return overlib('Enables/Disables WPA Authenticated Key Management suite.', LEFT);" 597 onMouseOut="return nd();"> 598 <input type="hidden" name="wl_akm" value=""> 599 WPA: 600 </th> 601 <td> </td> 602 <td> 603 <select name="wl_akm_wpa" onChange="wl_akm_change();"> 604 <option value="enabled" <% nvram_inlist("wl_akm", "wpa", "selected"); %>>Enabled</option> 605 <option value="disabled" <% nvram_invinlist("wl_akm", "wpa", "selected"); %>>Disabled</option> 606 </select> 607 </td> 608 </tr> 609 <tr> 610 <th width="310" 611 onMouseOver="return overlib('Enables/Disables WPA-PSK Authenticated Key Management suite.', LEFT);" 612 onMouseOut="return nd();"> 613 WPA-PSK: 614 </th> 615 <td> </td> 616 <td> 617 <select name="wl_akm_psk" onChange="wl_akm_change();"> 618 <option value="enabled" <% nvram_inlist("wl_akm", "psk", "selected"); %>>Enabled</option> 619 <option value="disabled" <% nvram_invinlist("wl_akm", "psk", "selected"); %>>Disabled</option> 620 </select> 621 </td> 622 </tr> 623 <tr> 624 <th width="310" 625 onMouseOver="return overlib('Enables/Disables WPA2 Authenticated Key Management suite.', LEFT);" 626 onMouseOut="return nd();"> 627 WPA2: 628 </th> 629 <td> </td> 630 <td> 631 <select name="wl_akm_wpa2" onChange="wl_akm_change();"> 632 <option value="enabled" <% nvram_inlist("wl_akm", "wpa2", "selected"); %>>Enabled</option> 633 <option value="disabled" <% nvram_invinlist("wl_akm", "wpa2", "selected"); %>>Disabled</option> 634 </select> 635 </td> 636 </tr> 637 <tr> 638 <th width="310" 639 onMouseOver="return overlib('Enables/Disables WPA2-PSK Authenticated Key Management suite.', LEFT);" 640 onMouseOut="return nd();"> 641 WPA2-PSK: 642 </th> 643 <td> </td> 644 <td> 645 <select name="wl_akm_psk2" onChange="wl_akm_change();"> 646 <option value="enabled" <% nvram_inlist("wl_akm", "psk2", "selected"); %>>Enabled</option> 647 <option value="disabled" <% nvram_invinlist("wl_akm", "psk2", "selected"); %>>Disabled</option> 648 </select> 649 </td> 650 </tr> 651 <tr> 652 <th width="310" 653 onMouseOver="return overlib('Enables/Disables BRCM-PSK Authenticated Key Management suite.', LEFT);" 654 onMouseOut="return nd();"> 655 BRCM-PSK: 656 </th> 657 <td> </td> 658 <td> 659 <select name="wl_akm_brcm_psk" onChange="wl_akm_change();"> 660 <option value="enabled" <% nvram_inlist("wl_akm", "brcm_psk", "selected"); %>>Enabled</option> 661 <option value="disabled" <% nvram_invinlist("wl_akm", "brcm_psk", "selected"); %>>Disabled</option> 662 </select> 663 </td> 664 </tr> 665 <tr> 666 <th width="310">WPA2 Preauthentication: </th> 667 <td> </td> 668 <td> 669 <select name="wl_preauth"> 670 <option value="disabled" <% nvram_match("wl_preauth", "0", "selected"); %>>Disabled</option> 671 <option value="enabled" <% nvram_invmatch("wl_preauth", "0", "selected"); %>>Enabled</option> 672 </select> 673 </td> 674 </tr> 675<!-- 676#ifdef BCMWAPI_WAI 677--> 678 <input type="hidden" name="wl_wai_cert_index" value="<% nvram_get("wl_wai_cert_index"); %>"> 679 <input type="hidden" name="wl_wai_cert_status" value="<% nvram_get("wl_wai_cert_status"); %>"> 680 <tr> 681 <th width="310" 682 onMouseOver="return overlib('Enables/Disables WAPI Authenticated Key Management suite.', LEFT);" 683 onMouseOut="return nd();"> 684 WAPI: 685 </th> 686 <td> </td> 687 <td> 688 <select name="wl_akm_wapi" onChange="wl_akm_change();"> 689 <option value="enabled" <% nvram_inlist("wl_akm", "wapi", "selected"); %>>Enabled</option> 690 <option value="disabled" <% nvram_invinlist("wl_akm", "wapi", "selected"); %>>Disabled</option> 691 </select> 692 </td> 693 </tr> 694 <tr> 695 <th width="310" 696 onMouseOver="return overlib('Enables/Disables WAPI-PSK Authenticated Key Management suite.', LEFT);" 697 onMouseOut="return nd();"> 698 WAPI-PSK: 699 </th> 700 <td> </td> 701 <td> 702 <select name="wl_akm_wapi_psk" onChange="wl_akm_change();"> 703 <option value="enabled" <% nvram_inlist("wl_akm", "wapi_psk", "selected"); %>>Enabled</option> 704 <option value="disabled" <% nvram_invinlist("wl_akm", "wapi_psk", "selected"); %>>Disabled</option> 705 </select> 706 </td> 707 </tr> 708<!-- 709#endif 710--> 711</table> 712 713<p> 714<table border="0" cellpadding="0" cellspacing="0"> 715 <tr> 716 <th width="310" 717 onMouseOver="return overlib('Enables or disables WEP data encryption. Selecting <b>Enabled</b> enables WEP data encryption and requires that a valid network key be set and selected unless <b>802.1X</b> is enabled.', LEFT);" 718 onMouseOut="return nd();"> 719 WEP Encryption: 720 </th> 721 <td> </td> 722 <td> 723 <select name="wl_wep" onChange="wl_wep_change();"> 724 <option value="enabled" <% nvram_match("wl_wep", "enabled", "selected"); %>>Enabled</option> 725 <option value="disabled" <% nvram_invmatch("wl_wep", "enabled", "selected"); %>>Disabled</option> 726 </select> 727 </td> 728 </tr> 729 <tr> 730 <th width="310" 731 onMouseOver="return overlib('Selects the WPA data encryption algorithm.', LEFT);" 732 onMouseOut="return nd();"> 733<!-- 734#ifdef BCMWAPI_WAI 735--> 736 <div id="wl_wapi_encrypt_div"> 737 WAPI Encryption: 738 </div> 739<!-- 740#endif 741--> 742 <div id="wl_wpa_encrypt_div"> 743 WPA Encryption: 744 </div> 745 </th> 746 <td> </td> 747 <td> 748 <select name="wl_crypto"> 749 <option value="tkip" <% nvram_match("wl_crypto", "tkip", "selected"); %>>TKIP</option> 750 <option value="aes" <% nvram_match("wl_crypto", "aes", "selected"); %>>AES</option> 751 <option value="tkip+aes" <% nvram_match("wl_crypto", "tkip+aes", "selected"); %>>TKIP+AES</option> 752<!-- 753#ifdef BCMWAPI_WAI 754--> 755 <option value="sms4" <% nvram_match("wl_crypto", "sms4", "selected"); %>>SMS4</option> 756<!-- 757#endif 758--> 759 </select> 760 </td> 761 </tr> 762</table> 763 764<!-- 765#ifdef BCMWAPI_WAI 766--> 767<p> 768<table border="0" cellpadding="0" cellspacing="0"> 769 <tr> 770 <th width="310" 771 onMouseOver="return overlib('Sets the IP address of the WAPI AS server to use for authentication and dynamic key derivation.', LEFT);" 772 onMouseOut="return nd();"> 773 WAPI AS Server: 774 </th> 775 <td> </td> 776 <td><input name="wl_wai_as_ip" value="<% nvram_get("wl_wai_as_ip"); %>" size="15" maxlength="15"></td> 777 </tr> 778 <tr> 779 <th width="310" 780 onMouseOver="return overlib('Sets the UDP port number of the WAPI AS server. The port number is usually 3810 and depends upon the server.', LEFT);" 781 onMouseOut="return nd();"> 782 WAPI AS Port: 783 </th> 784 <td> </td> 785 <td><input name="wl_wai_as_port" value="<% nvram_get("wl_wai_as_port"); %>" size="5" maxlength="5"></td> 786 </tr> 787</table> 788<!-- 789#endif 790--> 791 792<p> 793<table border="0" cellpadding="0" cellspacing="0"> 794 <tr> 795 <th width="310" 796 onMouseOver="return overlib('Sets the IP address of the RADIUS server to use for authentication and dynamic key derivation.', LEFT);" 797 onMouseOut="return nd();"> 798 RADIUS Server: 799 </th> 800 <td> </td> 801 <td><input name="wl_radius_ipaddr" value="<% nvram_get("wl_radius_ipaddr"); %>" size="15" maxlength="15"></td> 802 </tr> 803 <tr> 804 <th width="310" 805 onMouseOver="return overlib('Sets the UDP port number of the RADIUS server. The port number is usually 1812 or 1645 and depends upon the server.', LEFT);" 806 onMouseOut="return nd();"> 807 RADIUS Port: 808 </th> 809 <td> </td> 810 <td><input name="wl_radius_port" value="<% nvram_get("wl_radius_port"); %>" size="5" maxlength="5"></td> 811 </tr> 812 <tr> 813 <th width="310" 814 onMouseOver="return overlib('Sets the shared secret for the RADIUS connection.', LEFT);" 815 onMouseOut="return nd();"> 816 RADIUS Key: 817 </th> 818 <td> </td> 819 <td><input name="wl_radius_key" value="<% nvram_get("wl_radius_key"); %>" type="password"></td> 820 </tr> 821</table> 822 823<p> 824<table border="0" cellpadding="0" cellspacing="0"> 825 <tr> 826 <th width="310" 827 onMouseOver="return overlib('Sets the WPA passphrase.', LEFT);" 828 onMouseOut="return nd();"> 829<!-- 830#ifdef BCMWAPI_WAI 831--> 832 <div id="wl_wapi_psk_div"> 833 WAPI passphrase: 834 </div> 835<!-- 836#endif 837--> 838 <div id="wl_wpa_psk_div"> 839 WPA passphrase: 840 </div> 841 </th> 842 <td> </td> 843 <td><input name="wl_wpa_psk" value="<% nvram_get("wl_wpa_psk"); %>" type="password"></td> 844 <td> </td> 845 <td> <A HREF="javascript:wpapsk_window()">Click here to display</A></td> 846 </tr> 847</table> 848 849<p> 850<table border="0" cellpadding="0" cellspacing="0"> 851 <tr> 852 <th width="310" 853 onMouseOver="return overlib('Enter 5 ASCII characters or 10 hexadecimal digits for a 64-bit key. Enter 13 ASCII characters or 26 hexadecimal digits for a 128-bit key.', LEFT);" 854 onMouseOut="return nd();"> 855 Network Key 1: 856 </th> 857 <td> </td> 858 <td><input name="wl_key1" value="<% nvram_get("wl_key1"); %>" size="26" maxlength="26" type="password"></td> 859 </tr> 860 <tr> 861 <th width="310" 862 onMouseOver="return overlib('Enter 5 ASCII characters or 10 hexadecimal digits for a 64-bit key. Enter 13 ASCII characters or 26 hexadecimal digits for a 128-bit key.', LEFT);" 863 onMouseOut="return nd();"> 864 Network Key 2: 865 </th> 866 <td> </td> 867 <td><input name="wl_key2" value="<% nvram_get("wl_key2"); %>" size="26" maxlength="26" type="password"></td> 868 </tr> 869 <tr> 870 <th width="310" 871 onMouseOver="return overlib('Enter 5 ASCII characters or 10 hexadecimal digits for a 64-bit key. Enter 13 ASCII characters or 26 hexadecimal digits for a 128-bit key.', LEFT);" 872 onMouseOut="return nd();"> 873 Network Key 3: 874 </th> 875 <td> </td> 876 <td><input name="wl_key3" value="<% nvram_get("wl_key3"); %>" size="26" maxlength="26" type="password"></td> 877 </tr> 878 <tr> 879 <th width="310" 880 onMouseOver="return overlib('Enter 5 ASCII characters or 10 hexadecimal digits for a 64-bit key. Enter 13 ASCII characters or 26 hexadecimal digits for a 128-bit key.', LEFT);" 881 onMouseOut="return nd();"> 882 Network Key 4: 883 </th> 884 <td> </td> 885 <td><input name="wl_key4" value="<% nvram_get("wl_key4"); %>" size="26" maxlength="26" type="password"></td> 886 </tr> 887 <tr> 888 <th width="310" 889 onMouseOver="return overlib('Selects which network key is used for encrypting outbound data and/or authenticating clients.', LEFT);" 890 onMouseOut="return nd();"> 891 Current Network Key: 892 </th> 893 <td> </td> 894 <td> 895 <select name="wl_key"> 896 <option value="1" <% nvram_match("wl_key", "1", "selected"); %>>1</option> 897 <option value="2" <% nvram_match("wl_key", "2", "selected"); %>>2</option> 898 <option value="3" <% nvram_match("wl_key", "3", "selected"); %>>3</option> 899 <option value="4" <% nvram_match("wl_key", "4", "selected"); %>>4</option> 900 </select> 901 </td> 902 </tr> 903</table> 904 905<p> 906<table border="0" cellpadding="0" cellspacing="0"> 907 <tr> 908 <th width="310" 909 onMouseOver="return overlib('Sets the Network Key Rotation interval in seconds. Leave blank or set to zero to disable the rotation.', LEFT);" 910 onMouseOut="return nd();"> 911 Network Key Rotation Interval: 912 </th> 913 <td> </td> 914 <td><input name="wl_wpa_gtk_rekey" value="<% nvram_get("wl_wpa_gtk_rekey"); %>" size="10" maxlength="10"></td> 915 </tr> 916<!-- 917#ifdef BCMWAPI_WAI 918--> 919 <tr> 920 <th width="310" 921 onMouseOver="return overlib('Sets the Station unicast rekeying interval in seconds. Leave blank or set to zero to disable the rekeying.', LEFT);" 922 onMouseOut="return nd();"> 923 WAPI Unicast Rekeying Interval: 924 </th> 925 <td> </td> 926 <td><input name="wl_wai_uck_rekey" value="<% nvram_get("wl_wai_uck_rekey"); %>" size="10" maxlength="10"></td> 927 </tr> 928 <tr> 929 <th width="310" 930 onMouseOver="return overlib('Sets the Station multicast rekeying interval in seconds. Leave blank or set to zero to disable the rekeying.', LEFT);" 931 onMouseOut="return nd();"> 932 WAPI Multicast Rekeying Interval: 933 </th> 934 <td> </td> 935 <td><input name="wl_wai_mck_rekey" value="<% nvram_get("wl_wai_mck_rekey"); %>" size="10" maxlength="10"></td> 936 </tr> 937<!-- 938#endif 939--> 940</table> 941 942<p> 943<table border="0" cellpadding="0" cellspacing="0"> 944 <tr> 945 <th width="310" 946 onMouseOver="return overlib('Sets the Network Re-authentication interval in seconds. Leave blank or set to zero to disable periodic network re-authentication.', LEFT);" 947 onMouseOut="return nd();"> 948 Network Re-auth Interval: 949 </th> 950 <td> </td> 951 <td><input name="wl_net_reauth" value="<% nvram_get("wl_net_reauth"); %>" size="10" maxlength="10"></td> 952 </tr> 953</table> 954 955<!-- 956#ifdef BCMDBG 957--> 958<p> 959<table border="0" cellpadding="0" cellspacing="0"> 960 <tr> 961 <th width="310" 962 onMouseOver="return overlib('Enables/Disables NAS debugging. 0:Disable | 1:Enable.', LEFT);" 963 onMouseOut="return nd();"> 964 NAS debugging: 965 </th> 966 <td> </td> 967 <td><input name="wl_nas_dbg" value="<% nvram_get("wl_nas_dbg"); %>" size="10" maxlength="10"></td> 968 </tr> 969</table> 970<!-- 971#endif 972--> 973 974<p> 975<table border="0" cellpadding="0" cellspacing="0"> 976 <tr> 977 <td width="310"></td> 978 <td> </td> 979 <td> 980 <input type="submit" name="action" value="Apply" onClick="return pre_submit();"> 981 <input type="reset" name="action" value="Cancel"> 982 </td> 983 </tr> 984</table> 985 986</form> 987 988<!-- 989#ifdef BCMWAPI_WAI 990--> 991<form method="post" action="cert_ul.cgi" enctype="multipart/form-data"> 992<p> 993<table border="0" cellpadding="0" cellspacing="0"> 994 <tr> 995 <th width="310" 996 onMouseOver="return overlib('Displays the current installed certificate status.', LEFT);" 997 onMouseOut="return nd();"> 998 Certificate Status: 999 </th> 1000 <td> </td> 1001 <td><% nvram_match("wl_wai_cert_status", "1", "Valid"); %> 1002 <% nvram_match("wl_wai_cert_status", "2", "Invalid"); %></td> 1003 </tr> 1004 <tr> 1005 <th width="310" 1006 onMouseOver="return overlib('Below push button to install X.509 certificate', LEFT);" 1007 onMouseOut="return nd();"> 1008 Install Certificate: 1009 </th> 1010 </tr> 1011 <tr> 1012 <th width="310" 1013 onMouseOver="return overlib('Enter filename of ASU ceritificate here.', LEFT);" 1014 onMouseOut="return nd();"> 1015 ASU Certificate File: 1016 </th> 1017 <td> </td> 1018 <td><input type="file" name="as_cerfile"></td> 1019 </tr> 1020 <tr> 1021 <th width="310" 1022 onMouseOver="return overlib('Enter filename of user ceritificate here.', LEFT);" 1023 onMouseOut="return nd();"> 1024 User Certificate File: 1025 </th> 1026 <td> </td> 1027 <td><input type="file" name="user_cerfile"></td> 1028 </tr> 1029 <tr> 1030 <th width="310" 1031 </th> 1032 <td> </td> 1033 <td><input type="submit" value="Install X.509 Certificate" onClick="submit()"></td> 1034 </tr> 1035</table> 1036</form> 1037<!-- 1038#endif 1039--> 1040 1041<p class="label">©2001-2012 Broadcom Corporation. All rights reserved. 54g is a trademark of Broadcom Corporation.</p> 1042 1043</body> 1044</html> 1045