Home » Netgear Manuals » Modems » Netgear WGR614L » Manual Viewer

Netgear WGR614L WGR614v5 Reference Manual - Page 149

How Does WPA Compare to WEP?, For 802.11, WEP encryption is optional. For WPA

UPC - 606449057393

Add to My Manuals
Save this manual to your list of manuals

Page 149 highlights

Reference Manual for the 54 Mbps Wireless Router WGR614 v5 • Enhanced data privacy • Robust key management • Data origin authentication • Data integrity protection The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected Access products. Starting August of 2003, all new Wi-Fi certified products will have to support WPA. NETGEAR will implement WPA on client and access point products and make this available in the second half of 2003. Existing Wi-Fi certified products will have one year to add WPA support or they will loose their Wi-Fi certification. The 802.11i standard is currently in draft form, with ratification due at the end of 2003. While the new IEEE 802.11i standard is being ratified, wireless vendors have agreed on WPA as an interoperable interim standard. How Does WPA Compare to WEP? WEP is a data encryption method and is not intended as a user authentication mechanism. WPA user authentication is implemented using 802.1x and the Extensible Authentication Protocol (EAP). Support for 802.1x authentication is required in WPA. In the 802.11 standard, 802.1x authentication was optional. For details on EAP specifically, refer to IETF's RFC 2284. With 802.11 WEP, all access points and client wireless adapters on a particular wireless LAN must use the same encryption key. A major problem with the 802.11 standard is that the keys are cumbersome to change. If you don't update the WEP keys often, an unauthorized person with a sniffing tool can monitor your network for less than a day and decode the encrypted messages. Products based on the 802.11 standard alone offer system administrators no effective method to update the keys. For 802.11, WEP encryption is optional. For WPA, encryption using Temporal Key Integrity Protocol (TKIP) is required. TKIP replaces WEP with a new encryption algorithm that is stronger than the WEP algorithm, but that uses the calculation facilities present on existing wireless devices to perform encryption operations. TKIP provides important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through these enhancements, TKIP addresses all of known WEP vulnerabilities. Wireless Networking Basics D-9 June 2004 202-10036-01

Section	Page
Reference Manual for the 54 Mbps Wireless Router WGR614 v5	1
Contents	5
Chapter 1 About This Manual	11
Audience, Scope, Conventions, and Formats	11
How to Use This Manual	12
How to Print this Manual	13
Chapter 2 Introduction	15
Key Features	15
802.11g Wireless Networking	16
A Powerful, True Firewall with Content Filtering	16
Security	17
Autosensing Ethernet Connections with Auto Uplink	17
Extensive Protocol Support	18
Easy Installation and Management	18
Maintenance and Support	19
Package Contents	19
The Router’s Front Panel	20
The Router’s Rear Panel	21
A Road Map for ‘How to Get There From Here’	21
Chapter 3 Connecting the Router to the Internet	25
Prepare to Install Your Wireless Router	25
First, Connect the Wireless Router to the Internet	25
Now, Set Up a Computer for Wireless Connectivity	31
Troubleshooting Tips	32
Overview of How to Access the Wireless Router	33
How to Log On to the Wireless Router After Configuration Settings Have Been Applied	34
How to Bypass the Configuration Assistant	36
How to Manually Configure Your Internet Connection	37
Using the Smart Setup Wizard	39
NETGEAR Product Registration, Support, and Documentation	40
Chapter 4 Wireless Configuration	41
Observe Performance, Placement, and Range Guidelines	41
Implement Appropriate Wireless Security	42
Understanding Wireless Settings	43
Information to Gather Before Changing Basic Wireless Settings	46
Default Factory Settings	47
How to Set Up and Test Basic Wireless Connectivity	47
How to Configure WEP	49
How to Configure WPA-PSK Wireless Security	51
How to Restrict Wireless Access by MAC Address	51
Chapter 5 Content Filtering	55
Content Filtering Overview	55
Blocking Access to Internet Sites	56
Blocking Access to Internet Services	57
Configuring a User Defined Service	58
Configuring Services Blocking by IP Address Range	59
Scheduling When Blocking Will Be Enforced	59
Viewing Logs of Web Access or Attempted Web Access	60
Configuring E-Mail Alert and Web Access Log Notifications	61
Chapter 6 Maintenance	63
Viewing Wireless Router Status Information	63
Viewing a List of Attached Devices	67
Configuration File Management	67
Restoring and Backing Up the Configuration	68
Erasing the Configuration	69
Upgrading the Router Software	69
Changing the Administrator Password	70
Chapter 7 Advanced Configuration of the Router	73
Configuring Port Triggering	73
Configuring Port Forwarding to Local Servers	75
Adding a Custom Service	77
Editing or Deleting a Port Forwarding Entry	77
Local Web and FTP Server Example	78
Multiple Computers for Half Life, KALI or Quake III Example	78
Configuring the WAN Setup Options	79
Connect Automatically, as Required	79
Disabling the SPI Firewall	80
Setting Up a Default DMZ Server	80
Responding to Ping on Internet WAN Port	80
Setting the MTU Size	81
Using the LAN IP Setup Options	82
Configuring LAN TCP/IP Setup Parameters	82
Using the Router as a DHCP server	84
Using Address Reservation	84
Using a Dynamic DNS Service	85
Configuring Static Routes	86
Enabling Remote Management Access	88
Using Universal Plug and Play (UPnP)	89
Chapter 8 Troubleshooting	91
Basic Functioning	91
Power Light Not On	91
Lights Never Turn Off	92
LAN or WAN Port Lights Not On	92
Troubleshooting the Web Configuration Interface	93
Troubleshooting the ISP Connection	94
Troubleshooting a TCP/IP Network Using a Ping Utility	95
Testing the LAN Path to Your Router	95
Testing the Path from Your Computer to a Remote Device	96
Restoring the Default Configuration and Password	97
Problems with Date and Time	98
Appendix A Technical Specifications	99
Appendix B Network, Routing, Firewall, and Basics	101
Related Publications	101
Basic Router Concepts	101
What is a Router?	101
Routing Information Protocol	102
IP Addresses and the Internet	102
Netmask	104
Subnet Addressing	104
Private IP Addresses	107
Single IP Address Operation Using NAT	107
MAC Addresses and Address Resolution Protocol	108
Related Documents	109
Domain Name Server	109
IP Configuration by DHCP	110
Internet Security and Firewalls	110
What is a Firewall?	110
Stateful Packet Inspection	111
Denial of Service Attack	111
Ethernet Cabling	111
Category 5 Cable Quality	112
Inside Twisted Pair Cables	113
Uplink Switches, Crossover Cables, and MDI/MDIX Switching	114
Appendix C Preparing Your Network	117
What You Need To Use a Router with a Broadband Modem	117
Cabling and Computer Hardware	117
Computer Network Configuration Requirements	117
Internet Configuration Requirements	118
Where Do I Get the Internet Configuration Parameters?	118
Record Your Internet Connection Information	119
Preparing Your Computers for TCP/IP Networking	119
Configuring Windows 95, 98, and Me for TCP/IP Networking	120
Install or Verify Windows Networking Components	120
Enabling DHCP to Automatically Configure TCP/IP Settings in Windows 95B, 98, and Me	122
Selecting Windows’ Internet Access Method	124
Verifying TCP/IP Properties	124
Configuring Windows NT4, 2000 or XP for IP Networking	125
Install or Verify Windows Networking Components	125
DHCP Configuration of TCP/IP in Windows XP, 2000, or NT4	126
DHCP Configuration of TCP/IP in Windows XP	126
DHCP Configuration of TCP/IP in Windows 2000	128
DHCP Configuration of TCP/IP in Windows NT4	131
Verifying TCP/IP Properties for Windows XP, 2000, and NT4	133
Configuring the Macintosh for TCP/IP Networking	134
MacOS 8.6 or 9.x	134
MacOS X	134
Verifying TCP/IP Properties for Macintosh Computers	135
Verifying the Readiness of Your Internet Account	136
Are Login Protocols Used?	136
What Is Your Configuration Information?	136
Obtaining ISP Configuration Information for Windows Computers	137
Obtaining ISP Configuration Information for Macintosh Computers	138
Restarting the Network	139
Appendix D Wireless Networking Basics	141
Wireless Networking Overview	141
Infrastructure Mode	141
Ad Hoc Mode (Peer-to-Peer Workgroup)	142
Network Name: Extended Service Set Identification (ESSID)	142
Wireless Channels	142
WEP Wireless Security	144
WEP Authentication	144
WEP Open System Authentication	145
WEP Shared Key Authentication	146
Key Size and Configuration	147
How to Use WEP Parameters	148
WPA Wireless Security	148
How Does WPA Compare to WEP?	149
How Does WPA Compare to IEEE 802.11i?	150
What are the Key Features of WPA Security?	150
WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS	152
WPA Data Encryption Key Management	154
Is WPA Perfect?	156
Product Support for WPA	156
Supporting a Mixture of WPA and WEP Wireless Clients	156
Changes to Wireless Access Points	156
Changes to Wireless Network Adapters	157
Changes to Wireless Client Programs	158
Glossary	159
List of Glossary Terms	159

Match case Limit results 1 per page

Reference Manual for the 54 Mbps Wireless Router WGR614 v5

Wireless Networking Basics

D-9

June 2004 202-10036-01

•

Enhanced data privacy

•

Robust key management

•

Data origin authentication

•

Data integrity protection

The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected

Access products. Starting August of 2003, all new Wi-Fi certified products will have to support

WPA. NETGEAR will implement WPA on client and access point products and make this

available in the second half of 2003. Existing Wi-Fi certified products will have one year to add

WPA support or they will loose their Wi-Fi certification.

The 802.11i standard is currently in draft form, with ratification due at the end of 2003. While the

new IEEE 802.11i standard is being ratified, wireless vendors have agreed on WPA as an

interoperable interim standard.

How Does WPA Compare to WEP?

WEP is a data encryption method and is not intended as a user authentication mechanism. WPA

user authentication is implemented using 802.1x and the Extensible Authentication Protocol

(EAP). Support for 802.1x authentication is required in WPA. In the 802.11 standard, 802.1x

authentication was optional. For details on EAP specifically, refer to IETF's RFC 2284.

With 802.11 WEP, all access points and client wireless adapters on a particular wireless LAN must

use the same encryption key. A major problem with the 802.11 standard is that the keys are

cumbersome to change. If you don't update the WEP keys often, an unauthorized person with a

sniffing tool can monitor your network for less than a day and decode the encrypted messages.

Products based on the 802.11 standard alone offer system administrators no effective method to

update the keys.

For 802.11, WEP encryption is optional. For WPA, encryption using Temporal Key Integrity

Protocol (TKIP) is required. TKIP replaces WEP with a new encryption algorithm that is stronger

than the WEP algorithm, but that uses the calculation facilities present on existing wireless devices

to perform encryption operations. TKIP provides important data encryption enhancements

including a per-packet key mixing function, a message integrity check (MIC) named Michael, an

extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through

these enhancements, TKIP addresses all of known WEP vulnerabilities.