Instructions for SSID security settings on Omada Controller

EAP610GP-Desktop , EAP683 UR , EAP225-Wall , EAP620-Outdoor HD , EAP225-Outdoor , EAP245 , EAP783 , EAP725-Wall , EAP265 HD , EAP115-Bridge KIT , EAP620 HD , EAP215-Bridge KIT , EAP613 , EAP610 , EAP653 , EAP650-Outdoor , EAP211-Bridge KIT , EAP772-Outdoor( V1 ) , EAP655-Wall , EAP615-Wall , EAP653 UR , EAP660 HD , EAP773 , EAP625-Outdoor HD , EAP772 , EAP650 , EAP670 , EAP235-Wall , EAP690E HD , EAP723 , EAP225 , EAP623-Outdoor HD , EAP625GP-Wall , EAP650-Wall , EAP610-Outdoor , EAP650-Desktop
Recent updates may have expanded access to feature(s) discussed in this FAQ. Visit your product's support page, select the correct hardware version for your device, and check either the Datasheet or the firmware section for the latest improvements added to your product. Please note that product availability varies by region, and certain models may not be available in your region.
Contents
Configuration for WPA-Personal
Configuration for WPA-Enterprise
Objective
This article introduces five different encryption methods available in Omada Controller for New Wireless Network: None, WPA-Personal, WPA-Enterprise, PPSK without RADIUS, and PPSK with RADIUS.
Requirements
- Omada Software Controller / Hardware Controller / Cloud-Based Controller (V5.14 and above)
- Omada AP
Introduction
Users can choose different types of encryption based on their needs. Below are the application scenarios for each encryption method:
None:
Suitable for public spaces or environments requiring an open network. In this scenario, the network can be accessed without a password, allowing users to connect quickly. However, this type of encryption lacks security and is not recommended for transmitting sensitive information.
WPA-Personal:
It is ideal for small offices or home networks that require basic security and have a limited number of connected users. WPA-Personal uses a pre-shared key (PSK) for encryption, which is suitable for small networks that do not require complex authentication mechanisms.
WPA-Enterprise:
It is designed for enterprise and organizational scenarios that require high security and scalable user management. WPA-Enterprise uses the 802.1X standard for authentication via a RADIUS server, suitable for medium to large enterprise networks.
PPSK with RADIUS:
Applicable for enterprise networks that require high security and client access control. Each user has a unique pre-shared key (PPSK) and is authenticated through a RADIUS server.
PPSK without RADIUS:
Suitable for small to medium-sized enterprise networks that do not require complex RADIUS server setups, simplifying user management. Each user still has a unique pre-shared key but does not rely on the RADIUS server for authentication, offering higher security than WPA-Personal and convenient for scenarios without the need for enterprise-level management.
Configuration
Step 1. Log in Controller, select a site, go to Settings > Wireless Networks > WLAN, and click Create New Wireless Network to create a new SSID.
Step 2. Select an encryption method from the drop-down list for Security.
Configuration for None
Step 1. If you select None as the encryption method, you can connect your client devices to the network without a password.
Step 2. With None as the encryption, you can choose whether to enable Opportunistic Wireless Encryption (OWE), with which data transmitted in this wireless network will be encrypted. OWE can protect your data without a password.
Note: The 6 GHz band supports OWE by default, while for the 2.4 GHz and 5 GHz bands, check whether the EAP firmware is compatible with the Omada Controller version 5.14 or above. Refer to the firmware release notes for details.
Configuration for WPA-Personal
Step 1. Select WPA-Personal as the encryption method and enter a password that ranges from 8-63 ASCII characters.
Step 2. Click Advanced Settings. In the WPA Mode, you can choose different modes: WPA is applicable for devices or network adapters that only support WPA; WPA2 is suitable for most home and enterprise networks; WPA3 is a better choice for scenarios with higher security requirements, such as enterprises and government agencies.
Configuration for WPA-Enterprise
Step 1. Select WPA-Enterprise as the encryption method.
Step 2. Select the existing RADIUS Profile or create a new RADIUS Profile.
Note: The RADIUS Profile can also be created in Settings > Profiles > RADIUS Profile.
Step 3. Select a NAS ID, which is used to identify different network service providers during the RADIUS authentication process.
Step 4. Select a WPA Mode in Advanced Settings according to the network scenario. WPA-Enterprise has higher security than WPA-Personal
Configuration for PPSK
Refer to the guide【Omada SDN Controller】Configure PPSK for PPSK without RADIUS and PPSK with RADIUS configuration.
Note: Since the 6 GHz band uses WPA3 for encryption and PPSK only supports WPA and WPA2, PPSK can only be configured in the 2.4 GHz and 5 GHz bands.
Conclusion
You have successfully selected a proper encryption method for the SSID on the Controller.
Get to know more details of each function and configuration please go to Download Center to download the manual of your product.
Is this faq useful?
Your feedback helps improve this site.
What’s your concern with this article?
- Dissatisfied with product
- Too Complicated
- Confusing Title
- Does not apply to me
- Too Vague
- Other
Thank you
We appreciate your feedback.
Click here to contact TP-Link technical support.
Deze website gebruikt cookies om de gebruikservaring te verbeteren, onlineactiviteiten te analyseren en om gebruikers de best mogelijke ervaring te bieden op onze website. U heeft de mogelijkheid op ieder moment de cookies te weigeren. Bekijk onze privacyverklaring voor meer informatie.
Your Privacy Choices
Deze website gebruikt cookies om de gebruikservaring te verbeteren, onlineactiviteiten te analyseren en om gebruikers de best mogelijke ervaring te bieden op onze website. U heeft de mogelijkheid op ieder moment de cookies te weigeren. Bekijk onze privacyverklaring voor meer informatie.
Standaard Cookies
Deze cookies zijn noodzakelijk voor de werking van de website en kunnen niet worden uitgeschakeld.
TP-Link
SESSION, JSESSIONID, accepted_local_switcher, tp_privacy_banner, tp_privacy_base, tp_privacy_marketing, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType
Youtube
id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ
Zendesk
OptanonConsent, __cf_bm, __cfruid, _cfuvid, _help_center_session, _pendo___sg__.<container-id>, _pendo_meta.<container-id>, _pendo_visitorId.<container-id>, _zendesk_authenticated, _zendesk_cookie, _zendesk_session, _zendesk_shared_session, ajs_anonymous_id, cf_clearance
Analyse en Marketing Cookies
Cookies voor analyse geven ons de mogelijkheid uw activiteiten op onze website te volgen en zo de functionaliteit van de website aan te passen en te verbeteren.
Marketing cookies kunnen op onze website worden geplaatst door externe adverteerders waar wij mee samenwerken om een profiel te creëren met uw interesses en u zo van relevante advertenties te kunnen voorzien op andere websites.
Google Analytics & Google Tag Manager
_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>
Google Ads & DoubleClick
test_cookie, _gcl_au