5.3 Wi-Fi Security
The following types of security are supported in the WINC Wi-Fi STA mode.
- OPEN
- WEP (Wired Equivalent Protocol)
- WPA/WPA2 (Wi-Fi Protected Access - Personal Security mode that is Passphrase)
- 802.1X (WPA/WPA2-Enterprise security)
For 802.1X Enterprise Security, the following authentication methods are supported from ATWINC1500 firmware version 19.6.1.
- EAP-TLS
- EAP-PEAPv0/TLS
- EAP-PEAPv1/TLS
- EAP-TTLSv0/MSCHAPv2
- EAP-PEAPv0/MSCHAPv2
- EAP-PEAPv1/MSCHAPv2
The m2m_wifi_connect
is deprecated from v19.6.1 and above
firmware. The legacy APIs m2m_wifi_connect
and
m2m_wifi_connect_sc
are available as wrappers for the new APIs.
Functionally its behavior is unchanged from previously released drivers.
The recommended API for various security type such as OPEN, WEP, WPA/WPA2, 802.1X are summarized in the Table 5-1.
All new connect APIs, enable connection to a particular access point by specifying its
BSSID and the SSID. To restrict connection to a specific access point, the application
can specify the BSSID (in addition to SSID) in the argument tstrNetworkId ->
pu8Bssid
.
The application can instruct the WINC whether to store the credentials or not to store in
Flash and also whether the saved credentials must be encrypted or not. This is done by
configuring the enum tenuCredStoreOption
.
For enterprise security, the application can configure WINC to send actual identity or
use anonymous identity during phase 1 authentication. This can be done by setting or
clearing bUnencryptedUserName
in argument
tstrAuth1xTls
or tstrAuth1xMschap2
.
For more details on usage of API m2m_wifi_connect_1x_tls
, refer ASF
(v3.42 or above) example "WINC1500 Connecting a EAP-TLS / PEAPv0 with TLS / PEAPv1 with
TLS Secured AP Example".
For more details on usage of API m2m_wifi_connect_1x_mschap2
, refer ASF
(v3.42 or above) example "WINC1500 Connecting a EAP-TTLSv0 with MSCHAPv2 / EAP-PEAPv0
with MSCHAPv2 / EAP-PEAPv1 with MSCHAPv2 Secured AP Example".