For “compatibility reasons” Swisscom decided to not let you choose the more secure WPA2-PSK wireless encryption mode over the now insecure WPA-TKIP mode in the Netopia 7347 VDSL router. Swisscom customer service says that there are still many customers with old wifi hardware and that’s why only WPA-TKIP is selectable and WPA2 (which uses the more secure AES algorithm) has been disabled in the router’s web interface even though the router is capable of using WPA2!
WTF?! Come on…forcing clients to use insecure wireless settings just to get rid of a few support phone calls?
The following steps show that it’s a matter of 30 seconds to configure WPA2-only for the Motorola Netopia 7347 router. Use the telnet (you can also use Putty) command to log into your Netopia router:
It may take a while until you get a login prompt. Enter the admin-username (defaults to “admin”) and password from the Swisscom customer center web interface (see “Login data for your DSL modem”).
login: admin Password: xxxxxxxxxxxx Terminal shell v1.0 Copyright ?2008 Motorola, Inc. All rights reserved. Netopia Model 7347-84 AnnexA VDSL Wireless Ethernet Switch, PBC Running Netopia SOC OS version 7.8.2 (build r3) VDSL Capable (admin completed login: Full Read/Write access) Netopia-7000/xxxxxxxx000>
After successfully logging in, enter
config set wireless network-id privacy wpa-version WPA2-only exit
Press y to save the modified configuration data and enter
Please note that WPA-TKIP may get re-enabled once you change DSL modem settings in the Swisscom customer center web interface!
Another solution is to enable an additional SSID where WPA2 is selectable. Actually, that solution is recommended by Swisscom. But I think it’s nicer to have WPA2 on the default SSID without enabling additional networks.