Home » Netgear Manuals » Wireless » Netgear ME103 » Manual Viewer

Netgear ME103 ME103 Reference Manual - Page 25

Understanding ME103 Wireless Security Options, Wireless Data, Security Options

UPC - 606449026375

Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

Reference Manual for the ME103 802.11b ProSafe Wireless Access Point Understanding ME103 Wireless Security Options Unlike wired network data, your wireless data transmissions can be received well beyond your walls by anyone with a compatible adapter. For this reason, use the security features of your wireless equipment. The ME103 Access Point provides highly effective security features which are covered in detail in this chapter. Deploy the security features appropriate to your needs. ME103 802.11b ProSafe Wireless Access Point PWR LAN Wireless LAN Wireless Data Security Options Range: Up to 500 Feet MODELME103 1) Open System: Easy but no security 2) MAC Access List: No data security 3) WEP: Security but some vulnerabilities 4) 802.1x: Secure Figure 3-1: ME103 wireless data security options There are several ways you can enhance the security of your wireless network: • Restrict Access Based on MAC address. You can restrict access to only trusted PCs so that unknown PCs cannot wirelessly connect to the ME103. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed. • Turn Off the Broadcast of the Wireless Network Name (SSID). If you disable broadcast of the SSID, only devices that have the correct SSID can connect. This nullifies the wireless network 'discovery' feature of some products such as Windows XP, but the data is still fully exposed to a determined snoop using specialized test equipment like wireless sniffers. • Use WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared Key authentication and WEP data encryption will block all but the most determined eavesdropper. • Implement 802.1x. IEEE 802.1x provides very strong security. Although it can use the same data encryption scheme as WEP, it enables stronger authentication as well as the ability to dynamically vary the encryption keys. Basic Installation and Configuration 3-4 August 2003

Section	Page
Trademarks	2
Statement of Conditions	2
Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice	3
Canadian Department of Communications Compliance Statement	4
CE Declaration of Conformity	5
Contents	7
Chapter 1 About This Manual	11
Audience	11
Scope	11
Typographical Conventions	12
Special Message Formats	12
How to Use the HTML Version of this Manual	13
How to Print this Manual	14
Chapter 2 Introduction	15
About the ME103 802.11b ProSafe Wireless Access Point	15
Key Features	16
802.11b Standards-based Wireless Networking	17
Autosensing Ethernet Connections with Auto Uplink	18
Compatible and Related NETGEAR Products	18
System Requirements	18
What’s In the Box?	19
Hardware Description	19
ME103 Wireless Access Point Front Panel	20
ME103 Wireless Access Point Rear Panel	21
Left Side Primary and Right Side Secondary Detachable Antenna	21
Restore to Factory Defaults Button	21
RJ-45 Ethernet Port	21
Power Socket	21
Chapter 3 Basic Installation and Configuration	22
Observing Placement and Range Guidelines	22
Cabling Requirements	23
Default Factory Settings	24
Understanding ME103 Wireless Security Options	25
Installing the ME103 802.11b ProSafe Wireless Access Point	26
How to Log In to the ME103 Using Its Default NetBIOS Name	29
How to Log In to the ME103 Using Its Default IP Address	31
Understanding Basic Wireless Settings	32
Understanding Basic Wireless Security Options	33
Information to Gather Before Changing Basic Wireless Settings	35
How to Set Up and Test Basic Wireless Connectivity	36
How to Restrict Wireless Access by MAC Address	37
How to Configure WEP	38
Using the Basic IP Settings Options	39
Chapter 4 Maintenance	41
Viewing General, Log, Station, and Statistical Information	41
Statistics	43
Activity Log	45
Viewing a List of Attached Devices	46
Upgrading the Wireless Access Point Software	47
Configuration File Management	48
Saving and Retrieving the Configuration	49
Restoring the ME103 to the Factory Default Settings	49
Using the Reset Button to Restore Factory Default Settings	49
Changing the Administrator Password	50
Chapter 5 Advanced Configuration	51
Configuring Advanced Security 802.1x Options	51
Basic Requirements for 802.1x	51
How to Configure the 802.1x Key Exchange Option	52
Understanding Advanced Wireless Settings	58
Configuring Wireless Operating Modes	60
How to Configure a ME103 as a Point-to-Point Bridge	60
How to Configure Multi-Point Wireless Bridging	61
Antenna Installation	63
Blank Configuration Worksheet	64
Chapter 6 Troubleshooting	65
No lights are lit on the access point.	65
The Wireless LAN activity light does not light up.	66
The LAN light is not lit.	66
I cannot access the Internet or the LAN with a wireless capable computer.	66
I am using EAP-TLS security but get disconnected.	67
I cannot connect to the ME103 to configure it.	67
When I enter a URL or IP address I get a timeout error.	67
Using the Reset Button to Restore Factory Default Settings	68
Appendix A Specifications	69
Specifications for the ME103	69
Appendix B Wireless Networking Basics	71
Wireless Networking Overview	71
Infrastructure Mode	71
Ad Hoc Mode (Peer-to-Peer Workgroup)	72
Network Name: Extended Service Set Identification (ESSID)	72
Authentication, WEP, and WPA	72
802.11 Authentication	73
Open System Authentication	73
Shared Key Authentication	74
Overview of WEP Parameters	75
Key Size	76
WEP Configuration Options	77
Wireless Channels	77
Understanding 802.1x Port Based Network Access Control	79
Appendix C Network, Routing, Firewall, and Cabling Basics	83
Basic Router Concepts	83
What is a Router?	84
IP Addresses and the Internet	84
Netmask	86
Subnet Addressing	86
Private IP Addresses	89
Single IP Address Operation Using NAT	89
IP Configuration by DHCP	90
Domain Name Server	91
Routing Protocols	91
RIP	91
MAC Addresses and ARP	92
Internet Security and Firewalls	92
What is a Firewall?	93
Stateful Packet Inspection	93
Denial of Service Attack	93
Ethernet Cabling	94
Uplink Switches, Crossover Cables, and MDI/MDIX Switching	94
Cable Quality	95
Appendix D Preparing Your PCs for Network Access	97
Preparing Your Computers for TCP/IP Networking	97
Configuring Windows 98 and Me for TCP/IP Networking	97
Install or Verify Windows Networking Components	97
Enabling DHCP to Automatically Configure TCP/IP Settings	99
Selecting Windows’ Internet Access Method	101
Verifying TCP/IP Properties	101
Configuring Windows 2000 or XP for TCP/IP Networking	102
Install or Verify Windows Networking Components	102
DHCP Configuration of TCP/IP in Windows XP	103
DHCP Configuration of TCP/IP in Windows 2000	105
Verifying TCP/IP Properties for Windows XP or 2000	107
Glossary	109

Match case Limit results 1 per page

Reference Manual for the ME103 802.11b ProSafe Wireless Access Point

Basic Installation and Configuration

3-4

August 2003

Understanding ME103 Wireless Security Options

Unlike wired network data, your wireless data transmissions can be received well beyond your

walls by anyone with a compatible adapter. For this reason, use the security features of your

wireless equipment. The ME103 Access Point provides highly effective security features which

are covered in detail in this chapter. Deploy the security features appropriate to your needs.

Figure 3-1: ME103 wireless data security options

There are several ways you can enhance the security of your wireless network:

•

Restrict Access Based on MAC address.

You can restrict access to only trusted PCs so that

unknown PCs cannot wirelessly connect to the ME103. MAC address filtering adds an

obstacle against unwanted access to your network, but the data broadcast over the wireless link

is fully exposed.

•

Turn Off the Broadcast of the Wireless Network Name (SSID).

If you disable broadcast of

the SSID, only devices that have the correct SSID can connect. This nullifies the wireless

network ‘discovery’ feature of some products such as Windows XP, but the data is still fully

exposed to a determined snoop using specialized test equipment like wireless sniffers.

•

Use WEP.

Wired Equivalent Privacy (WEP) data encryption provides data security. WEP

Shared Key authentication and WEP data encryption will block all but the most determined

eavesdropper.

•

Implement 802.1x.

IEEE 802.1x provides very strong security. Although it can use the same

data encryption scheme as WEP, it enables stronger authentication as well as the ability to

dynamically vary the encryption keys.

1) Open System: Easy but no security

2) MAC Access List: No data security

3) WEP:

Security but some vulnerabilities

4) 802.1x:

Secure

Wireless Data

Security Options

Range: Up to 500 Feet

PWR

LAN

ME103

Wireless LAN