CLEAR is popular 4G wireless internet provider, offering its services in the United States. It provides internet connectivity by using a 4G wireless modem that also acts as a wireless access point. Unfortunately, currently, the safest supported wireless security mode is only the WPA2-PSK. In this post I will describe my procedure of securing CLEAR’s wireless network with better, RADIUS powered, WPA2-Enterprise security mode.
Firstly, I have to access modem’s administration interface by opening http://192.168.15.1 from my web browser. After successful authentication, modem welcomes me with the following Welcome screen.
To verify available Wireless Security Settings, let’s click on the Basic -> Wi-Fi -> Advanced buttons.
As you can see in the picture above, this modem really supports authentication only with the pre-shared keys and not our desired WPA2-Enterprise mode. It is necessary to add another wireless router, in my case the TP-Link WR842ND, to create new RADIUS powered wireless network.
Connecting TP-Link router to CLEAR’s modem
As CLEAR will remain my provider of internet connectivity, I have to connect the TP-Link router to the modem with provided Ethernet cable and turn the router on. It is important to plug the Ethernet cable into the blue network port (uplink).
Next, I connect my computer to new TP-Link’s wireless network and follow initial configuration instructions. During this procedure, the router asks me to enter a PIN number, that is printed on the sticker on the bottom side of the router.
In next step, I have to select the Wireless Security type. At this moment, not all security options are available, so I select the WPA2-PSK security mode, type in some temporary pre-shared key and finish this configuration.
Creating virtual RADIUS server and user’s accounts
Now, let’s go to https://console.ironwifi.com to register new wireless router and create accounts for my users. After signing in, all I have to do is follow Configuration Wizard, which provides all required information in the last page’s summary. I will keep this page open, so I am able to use the values in next step.
Configuring TP-Link router to use WPA2-Enterprise security mode
I go back to the TP-Link router to change wireless security settings. TP-Link’s web administration interface is available at http://192.168.0.1, and it will prompt to enter default credentials; username is admin and password is admin too.
After accessing the Wireless Security Settings, I change the Wireless Security type to WPA/WPA2 and enter information from the IronWifi console – the RADIUS server IP address, port, and Shared secret/Password.
Finally, save new settings and restart router.
Connecting with user’s credentials
Finally I connect my client devices to the new Protected Wireless Network using user’s credentials. For me it works like a charm, but if you still have connecting issues, please follow our documentation for your specific platform.
Was your upgrade also so easy, or did you experience some difficulty?