Home » Netgear Manuals » Modems » Netgear DG834Gv4 » Manual Viewer

Netgear DG834Gv4 DG834Gv4 Reference Manual - Page 32

Restrict Access Based on MAC Address, Turn Off the Broadcast of the Wireless Network Name SSID

Add to My Manuals
Save this manual to your list of manuals

Page 32 highlights

ADSL2+ Modem Wireless Router DG834G Reference Manual There are several ways you can enhance the security of your wireless network: Figure 2-2 • Restrict Access Based on MAC Address. You can allow only trusted PCs to connect so that unknown PCs cannot wirelessly connect to the modem router. Restricting access by MAC address adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed. • Turn Off the Broadcast of the Wireless Network Name SSID. If you disable broadcast of the SSID, only devices that have the correct SSID can connect. This nullifies wireless network 'discovery' feature of some products, such as Windows XP, but the data is still exposed. • WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared Key authentication and WEP data encryption block all but the most determined eavesdropper. This data encryption mode has been superseded by WPA-PSK and WPA2-PSK. • WPA-802.1x, WPA2-802.1x. Wi-Fi Protected Access (WPA) with user authentication implemented using IEE 802.1x and RADIUS servers. • WPA-PSK (TKIP), WPA2-PSK (AES). Wi-Fi Protected Access (WPA) using a pre-shared key to perform authentication and generate the initial data encryption keys. The very strong authentication along with dynamic per frame re-keying of WPA makes it virtually impossible to compromise. 2-6 Wireless Configuration v2.0, September 2007

Section	Page
ADSL2+ Modem Wireless Router DG834G Reference Manual	1
Contents	7
About This Manual	13
Conventions, Formats, and Scope	13
How to Use This Manual	14
How to Print this Manual	14
Chapter 1 Configuring Your Internet Connection	17
Using the Setup Manual	17
What You Need Before You Begin	18
Logging In to the Modem Router	18
Auto-Detecting Your Internet Connection	20
Viewing or Manually Configuring Your ISP Settings	22
Understanding the Basic Settings Screen	23
ADSL Settings	26
How the Internet Connection Works	26
Chapter 2 Wireless Configuration	27
Wireless Placement and Range Guidelines	28
Viewing or Changing Wireless Settings	28
Wireless Security	31
Wireless Station Access Control	33
Restricting Access by MAC Address	34
Configuring WEP	35
Configuring WPA	37
Chapter 3 Protecting Your Network	39
Protecting Access to Your ADSL2+ Modem Wireless Router	39
Changing the Built-In Password	39
Changing the Administrator Login Time-out	40
Configuring Basic Firewall Services	40
Blocking Keywords, Sites, and Services	41
Blocking Keywords and Sites	41
Firewall Rules	42
Instant Messaging (IM) Ports	43
Inbound Rules (Port Forwarding)	44
Inbound Rule Example: A Local Public Web Server	44
Inbound Rule Example: Allowing Videoconferencing	45
Considerations for Inbound Rules	46
Outbound Rules (Service Blocking)	46
Outbound Rule Example: Blocking Instant Messenger	46
Order of Precedence for Rules	48
Services	48
Defining Services	49
Setting Times and Scheduling Firewall Services	49
Setting Your Time Zone	50
Scheduling Firewall Services	51
Chapter 4 Managing Your Network	53
Backing Up, Restoring, or Erasing Your Settings	53
Backing Up the Configuration to a File	53
Restoring the Configuration from a File	54
Erasing the Configuration	54
Upgrading the Modem Router Firmware	54
Upgrading the Modem Router Firmware	55
Network Management Information	56
Viewing Modem Router Status and Usage Statistics	56
Viewing Statistics	58
Connection Status	59
Viewing Attached Devices	60
Viewing, Selecting, and Saving Logged Information	61
Selecting Which Information to Log	62
Saving Log Files on a Server	62
Examples of Log Messages	63
Activation and Administration	63
Dropped Packets	63
Enabling Security Event E-mail Notification	64
Running Diagnostic Utilities and Rebooting the Modem Router	65
Enabling Remote Management	66
Configuring Remote Management	66
Chapter 5 Advanced Configuration	69
Advanced Settings	69
WAN Setup	69
Setting Up a Default DMZ Server	71
LAN IP Settings	72
DHCP Settings	74
Use Router as DHCP Server	74
Reserved IP Addresses	75
Dynamic DNS	75
Configuring Dynamic DNS	76
Using Static Routes	77
Static Route Example	77
Configuring Static Routes	78
Universal Plug and Play (UPnP)	79
Wireless Bridging and Repeating	81
Point-to-Point Bridge Configuration	82
Multi-Point Bridge Configuration	83
Repeater with Wireless Client Association	84
Chapter 6 Virtual Private Networking	87
Overview of VPN Configuration	87
Client-to-Gateway VPN Tunnels	88
Gateway-to-Gateway VPN Tunnels	88
Planning a VPN	89
VPN Tunnel Configuration	91
Setting Up a Client-to-Gateway VPN Configuration	91
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4	92
Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC	95
Setting Up a Gateway-to-Gateway VPN Configuration	104
VPN Tunnel Control	111
Activating a VPN Tunnel	111
Using the VPN Status Page to Activate a VPN Tunnel	111
Activating the VPN Tunnel by Pinging the Remote Endpoint	112
Start Using a VPN Tunnel to Activate It	114
Verifying the Status of a VPN Tunnel	114
Deactivating a VPN Tunnel	116
Using the Policy Table on the VPN Policies Screen to Deactivate a VPN Tunnel	116
Using the VPN Status Screen to Deactivate a VPN Tunnel	116
Deleting a VPN Tunnel	117
Setting Up VPN Tunnels in Special Circumstances	118
Using Auto Policy to Configure VPN Tunnels	118
Configuring VPN Network Connection Parameters	119
Example of Using Auto Policy	123
Using Manual Policy to Configure VPN Tunnels	127
Chapter 7 Troubleshooting	131
Basic Functioning	131
Power LED Is Not On	132
Power LED Is Red	132
LAN or DSL or Internet Port LEDs Are Not On	132
Troubleshooting Access to the Modem Router Main Menu	133
Troubleshooting the ISP Connection	134
ADSL Link	134
ADSL Link	134
DSL LED Is Solid Green	134
DSL LED Is Blinking	134
DSL LED Is Off	134
Obtaining a WAN IP Address	135
Troubleshooting PPPoE or PPPoA	136
Troubleshooting Internet Browsing	136
Troubleshooting a TCP/IP Network Using the Ping Utility	137
Testing the LAN Path to Your Router	137
Testing the Path from Your Computer to a Remote Device	138
Restoring the Default Configuration and Password	138
Using the Reset Button	139
Problems with Date and Time	139
Appendix A Technical Specifications	141
Appendix B NETGEAR VPN Configuration	143
DG834G v4 to FVL328	143
Configuration Profile	143
Step-By-Step Configuration	144
DG834G v4 with FQDN to FVL328	148
Configuration Profile	148
Using a Fully Qualified Domain Name (FQDN)	149
Step-By-Step Configuration	149
Configuration Summary (Telecommuter Example)	153
Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example)	154
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office	154
Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC at the Telecommuter’s Home Office	156
Monitoring the VPN Tunnel (Telecommuter Example)	164
Viewing the PC Client’s Connection Monitor and Log Viewer	164
Viewing the VPN Router’s VPN Status and Log Information	165

Match case Limit results 1 per page

ADSL2+ Modem Wireless Router DG834G Reference Manual

2-6

Wireless Configuration

v2.0, September 2007

There are several ways you can enhance the security of your wireless network:

•

Restrict Access Based on MAC Address

. You can allow only trusted PCs to connect so that

unknown PCs cannot wirelessly connect to the modem router. Restricting access by MAC

address adds an obstacle against unwanted access to your network, but the data broadcast over

the wireless link is fully exposed.

•

Turn Off the Broadcast of the Wireless Network Name SSID

. If you disable broadcast of

the SSID, only devices that have the correct SSID can connect. This nullifies wireless network

‘discovery’ feature of some products, such as Windows XP, but the data is still exposed.

•

WEP.

Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared

Key authentication and WEP data encryption block all but the most determined eavesdropper.

This data encryption mode has been superseded by WPA-PSK and WPA2-PSK.

•

WPA-802.1x, WPA2-802.1x

. Wi-Fi Protected Access (WPA) with user authentication

implemented using IEE 802.1x and RADIUS servers.

•

WPA-PSK (TKIP), WPA2-PSK (AES)

. Wi-Fi Protected Access (WPA) using a pre-shared

key to perform authentication and generate the initial data encryption keys. The very strong

authentication along with dynamic per frame re-keying of WPA makes it virtually impossible

to compromise.

Figure 2-2