Wi-Fi

From MOTOTRBO
Jump to navigation Jump to search

Higher-tier MOTOTRBO radio models support Wi-Fi®. Depending on the model, 802.11 b/g/n (2,4 GHz) and 802.11 b/g/n/ac (5 GHz) are supported. Ad-hoc (peer to peer) mode is not supported so the radio can only connect to an Access Point.

Wi-Fi is primarily used to deliver configuration and software updates using MOTOTRBO Radio Management or Radio Central.[1] However, a few models have a built-in WAVE client which means they can be used on the WAVE PTX service.

Wi-Fi Support by Model

MOTOTRBO models which support Wi-Fi
Model (EMEA) 802.11 2,4GHz 5GHz WEP WPA2 WPA3 No. of SSIDs WAVE client
DP4401e a; b; g and n Yes
DP4601e a; b; g and n Yes
DP4801e a; b; g and n Yes
DM4401e a; b; g and n Yes
DM4601e a; b; g and n Yes
R7 a; b; g; n and ac Yes Yes Yes From M2025.02
ION a; b; g; n and ac Yes Yes Yes Yes

If a model is not listed here then it does not support Wi-Fi. Also, check the model equivalent table since only EMEA models are shown here.

In EMEA, all MOTOTRBO radios shipped after 18 November 2019 will have Wi-Fi enabled by default. -e series radios shipped before this date may require a software licence to enable this.[1]

Operation

SSID

The Service Set Identifier (SSID) or network name, is a string transmitted by an Access Point which allows users and devices to connect to it. In order for a MOTOTRBO radio to connect to a Wi-Fi network, the SSID needs to be provisioned in the radio. The SSID is case sensitive and supports internationalization per the IEEE 802.11-2012 standard.[2]

Hidden networks do not broadcast their SSID over Wi-Fi. Hidden networks are supported in MOTOTRBO, but this is not recommended since it increases the connection time and (despite popular belief) does not improve security.

Default SSID and passkey[3]

Wi-Fi-enabled MOTOTRBO radios leave the factory with a default SSID and passphrase so using a Wi-Fi Access Point connected to a PC running Radio Management or the Device Programmer, it is possible to load the configuration into out of the box radios without plugging in a programming cable. So in practice, it would be a case of taking the radio out of the box; switching it on; turning on Wi-Fi and putting it straight into service, fully configured.

All that is needed, is to turn on Wi-Fi via the radio's menu and have both the serial number and configuration ready in Radio Management. As soon as the radio connects to the Access Point, it will download the configuration.

The factory-default SSID and Passphrase is:

  • SSID = MOTOTRBO
  • Key = Radio Management

One would need to set up a Wi-Fi Access Point with the above configured. The Access Point would need to be connected to a PC with Device Programmer via ethernet or Wi-Fi. There are two ways to get the serial number into Radio Management: either one can enter them in advance or one can configure Radio Management to automatically add new radios. The radio uses DNS-SD feature to inform the Device Programmer that it is present on the data network (this is not related to ARS).

It is strongly recommended to remove the above Wi-Fi profile from the working configuration to prevent the radio going onto a rogue Access Point.

Security

The radio security setting should match the type of authentication and encryption used by the Wi-Fi network. The security setting controls the access to the Wi-Fi and the level of privacy between the radio and the Access Point. WPA2 with AES encryption provides sufficient security and is therefore recommended.[2]

It is strongly recommended to remove the default (SSID:MOTOTRBO) profile from the working configuration to prevent the radio connecting to a rogue Access Point.

Enterprise Wi-Fi[4][2]

WPA/WPA2-Enterprise/802.1x Certificate based Wi-Fi access was added in R2.9.0. This allows MOTOTRBO radios to be deployed on Wi-Fi networks that require WPA-Enterprise based access. A WPA-Enterprise network uses a certificate for authentication, unlike a WPA-PSK network, which uses a password or pre-shared key. It supports the Simple Certificate Enrolment Protocol (SCEP) for Certificate Management and covers enrolment; renewal and rollover.

New radios will however need to be added via an enrolment Access Point that has been configured with WPA/WPA2 Personal. Once enrolled, the enrolment Access Point is no longer needed.

The following protocols are supported:

  • EAP TLS
  • PEAP with Phase 2 authentication as TLS, MSCHAPV2
  • EAP TTLS with Phase 2 authentication as PAP, CHAP, MSCHAP, MSCHAPV2
  • SCEP also supports X.509 v3 certificates; RSA key size of 1024, 2048 and 4096 bits as well as MD5, SHA-1, SHA-256, SHA-384 and SHA-512 Signature Hash Algorithms.

NTP is also supported but requires an NTP server or connectivity to one of the public time servers such as pool.ntp.org.

Additional Features

Opportunistic Key Caching was added in M2020.01 This feature allows a Wi-Fi enabled radio easily roam across multiple Access Points.[4]

R2.10.0 added the ability to enable or disable Wi-Fi via an over the air radio command. This could be used to turn on Wi-Fi only when the radio is at a depot (or some central location) for a firmware and/or configuration update. Since the Wi-Fi trasciever consumes a small amount of current, turning it off when not needed will improve battery discharge time slightly.

CPS/RM Configuration

The Wi-Fi Network set is visible in the CPS; Radio Management or RadioCentral for models which support Wi-Fi. The following parameters can be configured in this set:

  • Wi-Fi Enable turns the Wi-Fi transceiver on or off. The user is also able to do this via the menu. Note that the user must enable W-Fi to use the share the location of the radio through WAVE feature.
  • 802.11D is refers to IEEE 802.11d, which is a wireless networking standard that allows the radio to operate in different regulatory domains. It's essentially a way to make sure the radio can comply with the rules of a specific country or region when it comes to allowed frequencies, power levels, and other technical requirements. This is often referred to as "world mode" in Wi-Fi networking circles.
  • Regulatory Region allows a person programming the radio to select the region in which the radio is will be used. It essentially restricts the Wi-Fi channels only to those which are permitted by the regulations in that region.
  • DHCP turns the DHCP on or off. If turned on, when connecting to Wi-Fi, the radio will get its IP parameters from a DHCP server. If disabled, these paramaters have to be entered manually. If disabled, the person programming the radio must be careful to ensure that addresses are not duplicated or entered incorrectly.
  • DNS-SD Interval enables DNS Service Discovery. DNS Service Discovery (DNS-SD) is a protocol that allows devices on a network to automatically discover and advertise services, like printers or file servers, without needing manual configuration. In MOTOTRBO it allows the radio to be discovered by applications like Radio Management.
  • DNS-SD Listening Port sets the port number that the radio will listen on for responses to its DNS-SD messages. If DNS-SD Interval is set to 90 seconds (enabled), when connected to Wi-Fi, a MOTOTRBO radio will send out Zero Configuration DNS-SD messages that allows Device Programmer to detect the radio and determine programming job availability. The Device Programmer and radio setting of this field must be set to the same value. If there is a value mismatch, the Device Programmer will not detect the radio and therefore cannot perform any Read or Write jobs. One should only change the default value of 5353 when it is necessary to accommodate specific network deployment requirements.
  • Device Discovery Server Name sets the domain name or IP address of the Device Programmer host. If the MOTOTRBO radio and the Device Programmer are on the same subnet, then the user can use the same broadcast setting. If the MOTOTRBO radio and the Device Programmer are not on the same subnet, then the person programming the radio must configure the fully qualified domain name (FQDN) or IP address of the Device Programmer. One must ensure the firewall on the Device Programmer host is properly configured.
  • Enabling Randomize MAC Address will make the radio use a different MAC address when connecting to a Wi-Fi network. This must be disabled if the Wi-Fi network uses a Radius server or any security mechanism to validate deviceds based on their assigned MAC address.
  • Country Code allows the person programming a radio to select the required country code for the 5 GHz Wi-Fi Transmit power configuration and channel to suit a specific country. By default, this is set to Global but some countries have special requirements for 5GHz such as dynamic frequency selection to avoid radar and military applications. For optimum performance, one should select the country where the radios will be used.
  • The Network Profile Table contains the list of configured Wi-Fi networks. Depending on the mode, a MOTOTRBO radio can be provisioned with up to 128 networks. The table contains the following parameters:
    1. Network SSID sets the SSID of the Wi-Fi network the radio should connect to.
    2. Security Type allows the person programming a radio to set the encryption protocol for the above Network SSID. The choices are: Open; WEP; WPA/WPA2 Enterprise; WPA-Personal/WPA2-Personal; WPA3 Enhanced and WPA3 SAE. Opportunistic Key Caching (OKC) is only applicable with WPA Enterprise. If the person programming a radio sets the value to a selection other than Open, the user must reset the Encrypted Network Password value according to the new security type.
    3. WEP, if available, should not be used doe to known security flaws.
    4. Encrypted Network Password This field allows the person programming a radio to specify the password to use for the Wi-Fi access point. Note that the characters entered in this field are not visible. If Security Type is set to None, this field will be greyed out. If Security Type is set to WEP, the value in this field must either be 10 hexadecimal digits, 26 hexadecimal digits, 5 printable ASCII characters, or 13 printable ASCII characters. If the user enters an invalid value the value will reset to the default value. If this field is left blank, the value will not reset.
    5. Roaming Aggressiveness allows the person programming a radio to adjust the level of roaming aggressiveness. Boosting the roaming aggressiveness increases the rate the Wi-Fi transciever (chip) seeks out an Access Point with a stronger signal. When set to Lowest, the Radio scans for new access points to roam to, every 60 seconds. When set to Highest, the Radio will scan for new access points to roam to every 3 seconds. The level range determines how often the radio scans for new access points to roam to.
    6. Boost TX Power allows the person programming this radio to increase the Wi-Fi transmit power and consequently the reliability. This should be enabled to support 802.11b 11 Mbps as the transmit rate when the Wi-Fi signal is weak. Turning this feature on will have an impact on battery discharge time.
    7. WPA2 Fallback will allow the radio to revert to using WPA2 security protocols when a more secure option like WPA3 is not supported.
  • The NTP Server Table allows the person programming this radio to enter the domain name or IP address of the Network Time Protocol (NTP) server.

References.

  1. 1.0 1.1 Some notes on OTAP over Wi-Fi. Retrieved 21.07.23
  2. 2.0 2.1 2.2 68007024085-PA MOTOTRBO System Planner Release M2023.01
  3. MOTOTRBO: Zero touch configuration (almost) retrieved 21.07.23
  4. 4.0 4.1 Enterprise Wi-Fi support on MOTOTRBO retrieved 21.07.2023
Retrieved from "https://cwh050.mywikis.wiki/w139/index.php?title=Wi-Fi&oldid=5260"