Home » Netgear Manuals » Wireless » Netgear FM114P » Manual Viewer

Netgear FM114P FR114W Reference Manual - Page 139

Extended Service Set Identification (ESSID), Authentication and WEP Encryption - bridge mode

UPC - 606449024029

Add to My Manuals
Save this manual to your list of manuals

Page 139 highlights

Reference Manual for the Model FR114P, FR114W and FM114P Cable/DSL ProSafe Firewall In the infrastructure mode, the wireless access point converts airwave data into wired Ethernet data, acting as a bridge between the wired LAN and wireless clients. Connecting multiple Access Points via a wired Ethernet backbone can further extend the wireless network coverage. As a mobile computing device moves out of the range of one access point, it moves into the range of another. As a result, wireless clients can freely roam from one Access Point domain to another and still maintain seamless network connection. Extended Service Set Identification (ESSID) The Extended Service Set Identification (ESSID) is one of two types of Service Set Identification (SSID). In an ad-hoc wireless network with no access points, the Basic Service Set Identification (BSSID) is used. In an infrastructure wireless network that includes an access point, the Extended Service Set Identification (ESSID) is used, but may still be referred to as SSID. An SSID is a thirty-two character (maximum) alphanumeric key identifying the wireless local area network. Some vendors refer to the SSID as network name. For the wireless devices in a network to communicate with each other, all devices must be configured with the same SSID. Authentication and WEP Encryption The absence of a physical connection between nodes makes the wireless links vulnerable to eavesdropping and information theft. To provide a certain level of security, the IEEE 802.11 standard has defined two types of authentication methods, Open System and Shared Key. With Open System authentication, a wireless PC can join any network and receive any messages that are not encrypted. With Shared Key authentication, only those PCs that possess the correct authentication key can join the network. By default, IEEE 802.11 wireless devices operate in an Open System network. Wired Equivalent Privacy (WEP) data encryption is utilized when the wireless nodes or access points are configured to operate in Shared Key authentication mode. There are two shared key methods implemented in most commercially available products, 64-bit and 128-bit WEP data encryption. The 64-bit WEP data encryption method, allows for a five-character (40-bit) input. Additionally, 24 factory-set bits are added to the forty-bit input to generate a 64-bit encryption key. (The 24 factory-set bits are not user-configurable). This encryption key will be used to encrypt/decrypt all data transmitted via the wireless interface. Some vendors refer to the 64-bit WEP data encryption as 40-bit WEP data encryption since the user-configurable portion of the encryption key is 40 bits wide. Networks, Routing, and Firewall Basics B-13

Section	Page
Reference Manual for the Model FR114P, FR114W and FM114P Cable/DSL ProSafe Firewall Family	1
Contents	5
About This Guide	15
Typographical Conventions	15
Special Message Formats	16
Technical Support	16
Related Publications	16
Chapter1 Introduction	19
About the NETGEAR ProSafe Firewalls	19
Key Features	19
A Powerful, True Firewall	20
Content Filtering	21
Configurable Ethernet Connection	21
Protocol Support	21
Easy Installation and Management	22
Maintenance and Support	23
Chapter2 Setting Up the Hardware	25
Package Contents	25
Local Network Hardware Requirements	26
PC Requirements	26
Access Device Requirement	26
The Firewall’s Front Panel	27
The Firewall’s Rear Panel	28
Connecting the Firewall	28
Connecting to Your Internet Access Device	29
Connecting to your Local Ethernet Network	29
Preparing your Wireless Devices	30
Installing a Wireless Card in the FR114W	30
Connecting the Power Adapter	30
Verifying Connections	31
Chapter3 Preparing Your Network	33
Preparing Your Personal Computers for IP Networking	33
Configuring Windows 95, 98, and ME for IP Networking	34
Install or Verify Windows Networking Components	34
Assign TCP/IP configuration by DHCP	36
Selecting Internet Access Method	36
Verifying TCP/IP Properties	37
Configuring Windows NT or 2000 for IP Networking	37
Install or Verify Windows Networking Components	37
Verifying TCP/IP Properties	38
Configuring the Macintosh for IP Networking	38
MacOS 8.6 or 9.x	39
MacOS X	39
Verifying TCP/IP Properties (Macintosh)	40
Your Internet Account	40
Login Protocols	41
Account Information	41
Obtaining ISP Configuration Information (Windows)	42
Obtaining ISP Configuration Information (Macintosh)	43
Restarting the Network	43
Ready for Configuration	44
Chapter4 Basic Configuration	45
Accessing the Web Configuration Manager	45
Configuration using the Setup Wizard	48
Configuring for Dynamic IP Account	49
Configuring for Fixed IP Account	50
Configuring for an Account with Login	51
Manual Configuration	52
Completing the Configuration	53
Chapter5 Security	55
What is a Firewall	55
Security Log	56
Examples of log messages	58
Activation and Administration	58
Dropped Packets	58
Block Sites	59
Rules	60
Inbound Rules (Port Forwarding)	62
Inbound Rule Example: A Local Public Web Server	63
Inbound Rule Example: Allowing Videoconference from Restricted Addresses	64
Considerations for Inbound Rules:	64
Outbound Rules (Service Blocking)	65
Following is an application example of outbound rules:	65
Outbound Rule Example: Blocking Instant Messenger	65
Order of Precedence for Rules	66
Default DMZ Server	66
Respond to Ping on Internet WAN Port	67
Services	68
Schedule	70
Time Zone	71
E-Mail	72
Chapter6 Wireless	75
Wireless Settings	76
Identification	76
Options	77
Access Point	77
Configuring WEP (Wired Equivalent Privacy)	78
Restricting Wireless Access by MAC Address	79
Additional Notes	80
Security	80
Placement and Range	80
Chapter7 Print Server	81
Network Printing from Windows	81
Installing the PTP Driver	81
Printer Management	83
Port Options	83
LPD/LPR Printing from Windows	84
Windows NT 4.0 Server Configuration	85
Client PC Setup for LPD/LPR Printing	87
Network Printing from the Macintosh	89
MacOS 8 or 9 Configuration	89
MacOS X Configuration	90
Network Printing from Linux	90
Troubleshooting the Print Server	90
Chapter8 Maintenance	95
System Status	95
Attached Devices	98
Changing the Administration Password	98
Configuration File Settings Management	99
Restore and Backup the Configuration	100
Erase the Configuration	100
Router Upgrade	101
Diagnostics	102
Ping an IP Address	102
Perform a DNS Lookup	102
Display the Routing Table	103
Reboot the Router	103
Chapter9 Advanced Configuration	105
Dynamic DNS	105
LAN IP Setup	107
LAN TCP/IP Setup	107
MTU Size	109
DHCP	109
Use router as DHCP server	109
Reserved IP adresses	110
Static Routes	110
Static Route Example	112
Remote Management	113
Chapter10 Troubleshooting	115
Basic Functioning	115
Power LED Not On	116
Test LED Never Turns On or Test LED Stays On	116
Local or Internet Port Link LEDs Not On	116
Troubleshooting the Web Configuration Interface	118
Troubleshooting the ISP Connection	119
Troubleshooting a TCP/IP Network Using a Ping Utility	120
Testing the LAN Path to Your Firewall	120
Testing the Path from Your PC to a Remote Device	121
Restoring the Default Configuration and Password	122
Using the Default Reset button	122
Problems with Date and Time	122
Appendix A Technical Specifications	125
Appendix B Networks, Routing, and Firewall Basics	127
Basic Router Concepts	127
What is a Router?	127
Routing Information Protocol	128
IP Addresses and the Internet	128
Netmask	130
Subnet Addressing	131
Private IP Addresses	133
Single IP Address Operation Using NAT	134
MAC Addresses and Address Resolution Protocol	135
Domain Name Server	135
IP Configuration by DHCP	136
Internet Security and Firewalls	136
What is a Firewall?	136
Stateful Packet Inspection	137
Denial of Service Attack	137
Wireless Networking	138
Wireless Network Configuration	138
Ad-hoc Mode (Peer-to-Peer Workgroup)	138
Infrastructure Mode	138
Extended Service Set Identification (ESSID)	139
Authentication and WEP Encryption	139
Wireless Channel Selection	140
Ethernet Cabling	141
Uplink Switches and Crossover Cables	142
Cable Quality	142
Glossary	143

Match case Limit results 1 per page

Reference Manual for the Model FR114P, FR114W and FM114P Cable/DSL ProSafe Firewall

Networks, Routing, and Firewall Basics

B-13

In the infrastructure mode, the wireless access point converts airwave data into wired Ethernet

data, acting as a bridge between the wired LAN and wireless clients. Connecting multiple Access

Points via a wired Ethernet backbone can further extend the wireless network coverage. As a

mobile computing device moves out of the range of one access point, it moves into the range of

another. As a result, wireless clients can freely roam from one Access Point domain to another and

still maintain seamless network connection.

Extended Service Set Identification (ESSID)

The Extended Service Set Identification (ESSID) is one of two types of Service Set Identification

(SSID). In an ad-hoc wireless network with no access points, the Basic Service Set Identification

(BSSID) is used. In an infrastructure wireless network that includes an access point, the Extended

Service Set Identification (ESSID) is used, but may still be referred to as SSID.

An SSID is a thirty-two character (maximum) alphanumeric key identifying the wireless local area

network. Some vendors refer to the SSID as network name. For the wireless devices in a network

to communicate with each other, all devices must be configured with the same SSID.

Authentication and WEP Encryption

The absence of a physical connection between nodes makes the wireless links vulnerable to

eavesdropping and information theft. To provide a certain level of security, the IEEE 802.11

standard has defined two types of authentication methods, Open System and Shared Key. With

Open System authentication, a wireless PC can join any network and receive any messages that are

not encrypted. With Shared Key authentication, only those PCs that possess the correct

authentication key can join the network. By default, IEEE 802.11 wireless devices operate in an

Open System network.

Wired Equivalent Privacy (WEP) data encryption is utilized when the wireless nodes or access

points are configured to operate in Shared Key authentication mode. There are two shared key

methods implemented in most commercially available products, 64-bit and 128-bit WEP data

encryption.

The 64-bit WEP data encryption method, allows for a five-character (40-bit) input. Additionally,

24 factory-set bits are added to the forty-bit input to generate a 64-bit encryption key. (The 24

factory-set bits are not user-configurable). This encryption key will be used to encrypt/decrypt all

data transmitted via the wireless interface. Some vendors refer to the 64-bit WEP data encryption

as 40-bit WEP data encryption since the user-configurable portion of the encryption key is 40 bits

wide.