Home » Netgear Manuals » Wireless » Netgear WPN802v2 » Manual Viewer

Netgear WPN802v2 WPN802v2 Reference Manual - Page 33

Implementing Appropriate Wireless Security

Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

Reference Manual for the NETGEAR RangeMax™ Wireless Access Point WPN802 Implementing Appropriate Wireless Security Note: Indoors, computers can connect over 802.11b/g wireless networks at ranges of up to 300 feet. Such distances can allow for others outside of your immediate area to access your network. Unlike wired network data, your wireless data transmissions can be received well beyond your walls by anyone with a compatible adapter. For this reason, use the security features of your wireless equipment. The WPN802 Access Point provides highly effective security features which are covered in detail in this chapter. Deploy the security features appropriate to your needs. Wireless Data Security Options 4 Range: Up to 300 Foot Radius /PEN%ASYBUTNOSECURITY -!#!CCESS,IST.ODATASECURITY 7%03ECURITYBUTVULNERABLE 70!OR70! 03+6ERYSTRONGSECURITY !UTO#ELL2&hSTEALTHvMODE Figure 4-4: WPN802 wireless data security options There are several ways you can enhance the security of your wireless network. • Restrict Access Based on MAC address. You can restrict access to only trusted computers so that unknown computers cannot wirelessly connect to the WPN802. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed. • Turn Off the Broadcast of the Wireless Network Name SSID. If you disable broadcast of the SSID, only devices that have the correct SSID can connect. This nullifies the wireless network 'discovery' feature of some products such as Windows XP, but the data is still fully exposed to a determined snoop using specialized test equipment like wireless sniffers. • WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared Key authentication and WEP data encryption will block all but the most determined eavesdropper. Wireless Configuration 4-5 202-10101-01, 4 May 2005

Section	Page
Reference Manual for the NETGEAR RangeMax™ Wireless Access Point WPN802	1
Contents	5
Chapter 1 About This Manual	9
Audience, Scope, Conventions, and Formats	9
Table 1-1. Typographical Conventions	9
Table 1-2. Manual Scope	9
How to Use This Manual	10
How to Print this Manual	10
Chapter 2 Introduction	13
Key Features	13
RangeMax™ Multi-In, Multi-Out (MIMO) Technology	13
802.11g Wireless Networking	14
Autosensing Ethernet Connections with Auto Uplink	14
Compatible and Related NETGEAR Products	15
Package Contents	15
The Front Panel Status Lights	16
Table 2-1. Status Light Descriptions	16
The Rear Panel	16
Figure 2-1: WPN802 Rear Panel	16
Chapter 3 Basic Installation and Configuration	19
Default Factory Settings	19
System Requirements	20
Prepare to Install Your Wireless Access Point	20
First, Connect the Wireless Access Point to Your Computer	20
1. Prepare a computer with Internet access and an Ethernet adapter. If this computer is already part of your network, record its TCP/IP configuration settings.	20
2. Configure the computer with a static IP address of 192.168.0.210 and 255.255.255.0 as the Subnet Mask.	21
3. Connect an Ethernet cable from the WPN802 to the computer.	21
Figure 3-1: WPN802 connected to a computer during configuration	21
4. Turn on your computer, and connect the power adapter to the WPN802. Then check the lights on the front:	21
Then, Configure the Basic Settings	22
1. Connect to the WPN802 by opening your browser and entering http://192.168.0.231 in the address field.	22
2. When prompted, enter admin for the user name and password for the password, both in lower case letters. The Settings page opens.	22
Figure 3-2: WPN802 Settings page	22
3. Click the Basic Settings link to configure the IP Settings for your network. The Basic Settings menu appears:	23
Figure 3-3: Basic Settings menu	23
4. Configure the Basic Settings for your network.	23
Next, Configure the Wireless Settings	24
1. On the Settings page, click Wireless Settings. The Wireless Settings menu appears:	24
Figure 3-4: Wireless Settings menu	24
2. Enter the wireless settings. For more information, see “Understanding Wireless Settings” on page 4-2.	24
3. Test the wireless connectivity. To do this, use a computer with a wireless adapter that is configured according to the wireless settings you just set in the WPN802. With this computer, establish a wireless connection to the WPN802.	24
Deploy the WPN802 and Verify Wireless Connectivity	25
1. Disconnect the WPN802 and position it where you will deploy it.	25
Figure 3-5: WPN802 placed in a vertical orientation	25
2. Connect an Ethernet cable from your WPN802 Access Point to a LAN port on your router, switch, or hub.	25
Figure 3-6: WPN802 connected to a router	25
3. Connect the power adapter to the wireless access point and plug the power adapter in to a power outlet. The Power, WLAN and Ethernet lights should light up.	26
4. Using a computer with an 802.11g or 802.11b wireless adapter with the correct wireless settings, verify connectivity by using...	26
5. Configure the wireless settings for each computer that will use the wireless access point.	26
6. Implement wireless security according to the instructions in “Understanding Wireless Settings” on page 4-2.	26
How to Log In to the WPN802 Using Its Default IP Address	26
Figure 3-7: Login window	26
2. Enter admin for the user name and password for the password, both in lower case letters. To change the password, see “This page displays both wired and wireless interface network traffic. Click Refresh to update the current statistics.” on page 5-6.	26
Figure 3-8: WPN802 home page	27
Chapter 4 Wireless Configuration	29
Observe Performance, Placement, and Range Guidelines	29
Figure 4-1: Vertical orientation required on metallic surfaces	30
Understanding Wireless Settings	30
Figure 4-2: Wireless Settings menu	30
Understanding Advanced Wireless Settings	31
Figure 4-3: Advanced Wireless Settings menu	32
Implementing Appropriate Wireless Security	33
Figure 4-4: WPN802 wireless data security options	33
Information to Gather Before Changing Basic Wireless Settings	35
How to Set Up and Test Basic Wireless Connectivity	36
Figure 4-5: Wireless Settings menu	36
How to Configure WEP or WPA	37
Figure 4-6: Wireless Settings encryption menu	38
5. Either enter a Passphrase and click Generate Keys, or manually enter the keys. The keys must be identical on all computers and access points in your network.	38
6. Enable Wireless Client Security Separator: The associated wireless clients will not be able to communicate with each other if this feature is enabled. The default setting is Disable.	39
Configuring Advanced Wireless Settings	39
Figure 4-7: Advanced Wireless Settings page	39
Wireless Card Access (Restricting by MAC Address)	40
Figure 4-8: Wireless Access Control List screen	40
Turning Access Control On	41
1. Click the Turn Access Control On check box to restrict wireless computers by their MAC addresses.	41
2. Click Apply to save changes and return to the Wireless Settings page.	41
Setting up the Access Control List	41
1. On the Access Control List screen, click the Add button to go to the Access Setup menu.	41
2. If the desired computer is in the list, click the radio button of that computer to capture its MAC address. Or you can manually enter the MAC address of the authorized computer.	41
3. Click the Add button.	41
4. Repeat these steps for each wireless computer.	41
5. You can use the Edit and Delete buttons as needed.	41
6. Make sure to click the Apply button to save changes and return to the Wireless Settings page.	41
Chapter 5 Management and Information	43
Changing the Password	43
Figure 5-1: Change Password dialog box	43
Upgrading the Wireless Access Point Firmware	44
First, Prepare for the Firmware Upgrade	44
Then, Upgrade the Firmware	44
1. Go to the NETGEAR Web site http://www.NETGEAR.com Customer Service downloads section to get new versions of the Access Point software.	44
2. Download and unzip (if the download file is a .zip file) the new software file.	44
Figure 5-2: Upgrade Firmware dialog box	45
Backing up Settings or Restoring Settings	45
Figure 5-3: Backup/Restore Settings dialog box	45
Backing up Settings	46
1. On the Backup/Restore Settings dialog box, click Backup.	46
2. Retrieve backed up settings from a file	46
Restoring Settings from a Backup File	46
1. On the Backup/Restore Settings dialog box, click Browse.	46
2. Locate and select the previously saved backup file (by default, netgear.cfg).	46
3. Click Retrieve.	46
4. Close the message window.	46
Restoring Factory Default Settings	46
Rebooting the WPN802 Access Point	47
1. From the main menu of the browser interface, click the Reboot AP link under the Management heading.	47
Figure 5-4: Reboot AP dialog box	47
2. Select Yes, and then click Apply.	47
Viewing a List of Available Wireless Stations	47
Figure 5-5: Available Wireless Station List	47
Viewing Statistics	48
Figure 5-6: Statistics screen	48
Chapter 6 Troubleshooting	49
Troubleshooting Tips	49
No lights are lit on the access point.	49
The Ethernet light is not lit.	49
The WLAN light is not lit.	49
I cannot configure the access point from a browser.	50
I cannot access the Internet or the LAN with a wireless capable computer.	50
When I enter a URL or IP address I get a timeout error.	50
Using the Reset Button to Restore Factory Default Settings	51
To clear all data and restore the factory default values:	51
1. Power off the WPN802 and power it back on.	51
2. Use something with a small point, such as a pen, to press the reset button in and hold it in for at least five seconds.	51
3. Release the reset button.	51
Appendix A Technical Specifications	53
Appendix B Wireless Networking Basics	55
Wireless Networking Overview	55
Infrastructure Mode	55
Ad Hoc Mode (Peer-to-Peer Workgroup)	56
Network Name: Extended Service Set Identification (ESSID)	56
Authentication and WEP Data Encryption	56
802.11 Authentication	57
Open System Authentication	57
Figure B-1: Open system authentication	58
Shared Key Authentication	58
Figure B-2: Shared key authentication	59
Overview of WEP Parameters	59
Key Size	60
WEP Configuration Options	61
Wireless Channels	61
WPA and WPA2 Wireless Security	62
How Does WPA Compare to WEP?	63
How Does WPA Compare to WPA2 (IEEE 802.11i)?	64
What are the Key Features of WPA and WPA2 Security?	64
WPA/WPA2 Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS	66
Figure B-3: WPA/WPA2 Overview	66
Figure B-4: 802.1x Authentication Sequence	67
WPA/WPA2 Data Encryption Key Management	68
Temporal Key Integrity Protocol (TKIP)	69
Michael	69
AES Support for WPA2	69
Is WPA/WPA2 Perfect?	70
Product Support for WPA/WPA2	70
Supporting a Mixture of WPA, WPA2, and WEP Wireless Clients is Discouraged	70
Changes to Wireless Access Points	71
Changes to Wireless Network Adapters	71
Changes to Wireless Client Programs	72

Match case Limit results 1 per page

Reference Manual for the NETGEAR RangeMax™ Wireless Access Point WPN802

Wireless Configuration

4-5

202-10101-01, 4 May 2005

Implementing Appropriate Wireless Security

Unlike wired network data, your wireless data transmissions can be received well beyond your

walls by anyone with a compatible adapter. For this reason, use the security features of your

wireless equipment. The WPN802 Access Point provides highly effective security features which

are covered in detail in this chapter. Deploy the security features appropriate to your needs.

Figure 4-4:

WPN802 wireless data security options

There are several ways you can enhance the security of your wireless network.

•

Restrict Access Based on MAC address.

You can restrict access to only trusted computers so

that unknown computers cannot wirelessly connect to the WPN802. MAC address filtering

adds an obstacle against unwanted access to your network, but the data broadcast over the

wireless link is fully exposed.

•

Turn Off the Broadcast of the Wireless Network Name SSID.

If you disable broadcast of

the SSID, only devices that have the correct SSID can connect. This nullifies the wireless

network ‘discovery’ feature of some products such as Windows XP, but the data is still fully

exposed to a determined snoop using specialized test equipment like wireless sniffers.

•

WEP.

Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared

Key authentication and WEP data encryption will block all but the most determined

eavesdropper.

Note:

Indoors, computers can connect over 802.11b/g wireless networks at ranges of up

to 300 feet. Such distances can allow for others outside of your immediate area to access

your network.

Wireless Data

Security Options

Range: Up to 300 Foot Radius