In a typical corporate network, users typically connect their laptops wirelessly to the internet using a username and password provided by the organization’s Microsoft Active Directory servers. The protocol used for this is known as 802.1X authentication. Utilizing username/password authentication for devices that don’t have a person logging into them each day is problematic for a number of reasons:
- Devices such as printers, TVs and irrigation controllers won’t have a Microsoft Active Directory account, so there is no username/password combination to
enter on the device. - Most user accounts have a password expiration policy, meaning that you’d have to go to each of your wireless devices and change their password each
time your password expires. - Devices such as irrigation controllers are typically installed in secure locations and can be hard to reach. For example, your irrigation controller has a locked
door and may be installed in a basement or plant equipment room.
Most devices, such as printers, TVs, and irrigation controllers, do not support 802.1X authentication for the reasons outlined above. With wireless-enabled
As devices become more common, we are often asked for best practices for securely connecting them to the internet. There are several ways to securely connect your irrigation controller to the internet.
Bypassing the campus network completely is one method of gaining access to the internet. Wi-Fi 4G hotspots allow the controller to connect to a dedicated Wi-Fi network with the internet connection via 3G, 4G, or LTE network. Wi-Fi hotspots (also known as Mi-Fi) are available from most wireless carriers such as AT&T and Verizon.
Almost all corporate/campus wireless networks allow the creation of multiple wireless networks without requiring additional hardware. Follow these steps for setting up a security device network:
- Using your wireless management software, create a new wireless SSID.
- Enable WPA2 encryption but make sure to disable 802.1X authentication.
- Choose a complex password for your new wireless network and enter this on devices that require access.
- Enable MAC address filtering on your new wireless network to allow only authorized devices (such as your controller) (optional).
- Allow only access to the internet from your new wireless network (optional).
Still need help? We're here.
Tell us what you need support with and we'll find the best solution for you.