Home
/
NETGEAR
/
MR814 - 802.11b Cable/DSL Wireless Router
/
Reference Manual

NETGEAR MR814 - 802.11b Cable/DSL Wireless Router, Reference Manual

Share

Page: 145 / 162

NETGEAR MR814 - 802.11b Cable/DSL Wireless Router Reference Manual Download Page 145

Reference Manual for the MR814 v3 Cable/DSL Wireless Router

Wireless Networking Basics

D-9

202-10039-01

The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected
Access products. Starting August of 2003, all new Wi-Fi certified products will have to support
WPA. NETGEAR will implement WPA on client and access point products and make this
available in the second half of 2003. Existing Wi-Fi certified products will have one year to add
WPA support or they will loose their Wi-Fi certification.

The 802.11i standard is currently in draft form, with ratification due at the end of 2003. While the
new IEEE 802.11i standard is being ratified, wireless vendors have agreed on WPA as an
interoperable interim standard.

How Does WPA Compare to WEP?

WEP is a data encryption method and is not intended as a user authentication mechanism. WPA
user authentication is implemented using 802.1x and the Extensible Authentication Protocol
(EAP). Support for 802.1x authentication is required in WPA. In the 802.11 standard, 802.1x
authentication was optional. For details on EAP specifically, refer to IETF's RFC 2284.

With 802.11 WEP, all access points and client wireless adapters on a particular wireless LAN must
use the same encryption key. A major problem with the 802.11 standard is that the keys are
cumbersome to change. If you don't update the WEP keys often, an unauthorized person with a
sniffing tool can monitor your network for less than a day and decode the encrypted messages.
Products based on the 802.11 standard alone offer system administrators no effective method to
update the keys.

For 802.11, WEP encryption is optional. For WPA, encryption using Temporal Key Integrity
Protocol (TKIP) is required. TKIP replaces WEP with a new encryption algorithm that is stronger
than the WEP algorithm, but that uses the calculation facilities present on existing wireless devices
to perform encryption operations. TKIP provides important data encryption enhancements
including a per-packet key mixing function, a message integrity check (MIC) named Michael, an
extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through
these enhancements, TKIP addresses all of known WEP vulnerabilities.

«
...
143
144
145
146
147
...
»

Summary of Contents for MR814 - 802.11b Cable/DSL Wireless Router

Page 1: ...202 10039 01 202 10039 01 Version 1 0 June 2004 NETGEAR Inc 4500 Great America Parkway Santa Clara CA 95054 USA Reference Manual for the MR814 v3 Cable DSL Wireless Router ...

Page 2: ...rence in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception...

Page 3: ...rtain restrictions Please refer to the notes in the operating instructions Federal Office for Telecommunications Approvals has been notified of the placing of this equipment on the market and has been granted the right to test the series for compliance with the regulations Voluntary Control Council for Interference VCCI Statement This equipment is in the second category information equipment to be...

Page 4: ...202 10039 01 iv ...

Page 5: ...sive Protocol Support 2 3 Easy Installation and Management 2 4 Maintenance and Support 2 5 Package Contents 2 5 The Router s Front Panel 2 6 The Router s Rear Panel 2 7 A Road Map for How to Get There From Here 2 7 Chapter 3 Connecting the Router to the Internet Prepare to Install Your Router 3 1 First Connect the Router to the Internet 3 1 Now Set Up a Computer for Wireless Connectivity 3 7 Troub...

Page 6: ... How to Configure WPA PSK Wireless Security 4 11 How to Restrict Wireless Access by MAC Address 4 12 Chapter 5 Content Filtering Content Filtering Overview 5 1 Blocking Access to Internet Sites 5 2 Blocking Access to Internet Services 5 3 Configuring a User Defined Service 5 4 Configuring Services Blocking by IP Address Range 5 5 Scheduling When Blocking Will Be Enforced 5 5 Viewing Logs of Web Ac...

Page 7: ... IP Setup Parameters 7 6 Using the Router as a DHCP server 7 8 Using Address Reservation 7 8 Using a Dynamic DNS Service 7 9 Configuring Static Routes 7 10 Enabling Remote Management Access 7 12 Using Universal Plug and Play UPnP 7 13 Chapter 8 Troubleshooting Basic Functioning 8 1 Power Light Not On 8 1 Lights Never Turn Off 8 2 LAN or WAN Port Lights Not On 8 2 Troubleshooting the Web Configurat...

Page 8: ...Security and Firewalls B 10 What is a Firewall B 10 Stateful Packet Inspection B 11 Denial of Service Attack B 11 Ethernet Cabling B 11 Category 5 Cable Quality B 12 Inside Twisted Pair Cables B 13 Uplink Switches Crossover Cables and MDI MDIX Switching B 14 Appendix C Preparing Your Network What You Need To Use a Router with a Broadband Modem C 1 Cabling and Computer Hardware C 1 Computer Network...

Page 9: ... the Macintosh for TCP IP Networking C 18 MacOS 8 6 or 9 x C 18 MacOS X C 18 Verifying TCP IP Properties for Macintosh Computers C 19 Verifying the Readiness of Your Internet Account C 20 Are Login Protocols Used C 20 What Is Your Configuration Information C 20 Obtaining ISP Configuration Information for Windows Computers C 21 Obtaining ISP Configuration Information for Macintosh Computers C 22 Re...

Page 10: ... WPA Authentication Enterprise level User Authentication via 802 1x EAP and RADIUS D 12 WPA Data Encryption Key Management D 14 Is WPA Perfect D 16 Product Support for WPA D 16 Supporting a Mixture of WPA and WEP Wireless Clients D 16 Changes to Wireless Access Points D 16 Changes to Wireless Network Adapters D 17 Changes to Wireless Client Programs D 18 Glossary Index ...

Page 11: ...the following typographical conventions This guide uses the following formats to highlight special messages This manual is written for the MR814 v3 router according to these specifications Table 1 1 Typographical Conventions italics Emphasis books CDs URL names bold User input SMALL CAPS Screen text file and server names extensions commands IP addresses Note This format is used to highlight inform...

Page 12: ...buttons Use the toolbar buttons across the top to navigate print pages and more The Show in Contents button locates the current topic in the Contents tab Previous Next buttons display the previous or next topic The PDF button links to a PDF version of the full manual The Print button prints the current topic Click this button when a step by step procedure is displayed to send the entire procedure ...

Page 13: ... want to print The PDF version of the chapter you were viewing opens in a browser window Note Your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files The Acrobat reader is available on the Adobe web site at http www adobe com Click the print icon in the upper left of the window Tip If your printer supports printing two pages on a single sheet of paper y...

Page 14: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router 4 About This Manual 202 10039 01 ...

Page 15: ...of day Web site addresses and address keywords and share high speed cable DSL Internet access for up to 253 personal computers In addition to the Network Address Translation NAT feature the built in firewall protects you from hackers With minimum setup you can install and use the router within minutes The MR814 v3 router provides the following features 802 11b Standards based wireless networking W...

Page 16: ...outers the MR814 v3 is a true firewall using stateful packet inspection to defend against hacker attacks Its firewall features include Denial of Service DoS protection Automatically detects and thwarts DoS attacks such as Ping of Death SYN Flood LAND Attack and IP Spoofing Blocks unwanted traffic from the Internet to your LAN Blocks access from your LAN to Internet locations or services that you s...

Page 17: ...etwork or a 100 Mbps Fast Ethernet network Both the LAN and WAN interfaces are autosensing and capable of full duplex or half duplex operation The router incorporates Auto UplinkTM technology Each Ethernet port will automatically sense whether the Ethernet cable plugged into the port should have a normal connection such as to a PC or an uplink connection such as to a switch or hub That port will t...

Page 18: ...m such as Entersys or WinPOET on your PC Easy Installation and Management You can install configure and operate the MR814 v3 Cable DSL Wireless Router within minutes after connecting it to the network The following features simplify installation and management tasks Smart Wizard Configuration Assistant A user friendly Smart Wizard configuration assistant that automatically connects you to the rout...

Page 19: ...y Package Contents The product package should contain the following items MR814 v3 Cable DSL Wireless Router AC power adapter Category 5 CAT5 Ethernet cable MR814 v3 Resource CD 2230 10095 01 including This guide Application Notes and other helpful information Registration and Warranty Card Support Information Card If any of the parts are incorrect missing or damaged contact your NETGEAR dealer Ke...

Page 20: ...linking Off The router is performing its diagnostic test The router successfully completed its diagnostic test Wireless On Off The Wireless port is initialized and the wireless feature is enabled The wireless feature is turned off or there is a problem Internet On Blink The Internet port has detected a link with an attached device Data is being transmitted or received by the Internet port LAN On G...

Page 21: ...set push button for Restoring the Default Configuration and Password Wireless antenna A Road Map for How to Get There From Here The introduction and adoption of any new technology can be a difficult process Broadband Internet service is considered so useful that more and more people want to set up networks in their home to share a broadband connection Wireless technology has removed one of the bar...

Page 22: ... the wireless network For guidelines about the range of wireless networks see Observe Performance Placement and Range Guidelines To set up the MR814 v3 see Chapter 3 Connecting the Router to the Internet and follow the instructions provided To learn about wireless networking technology see Appendix D Wireless Networking Basics for a general introduction Protect my wireless connection from snooping...

Page 23: ... am using to connect to the network need to be configured with the same Windows Workgroup or Domain settings as the other Windows computers in the combined wireless and wired network Any Windows networking security access rights such as login user name password that have been assigned in the Windows network must be provided when Windows prompts for such information If so called Windows peer networ...

Page 24: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router 2 10 Introduction 202 10039 01 ...

Page 25: ...ement and range guidelines in the Reference Manual For Cable Modem Service When you perform the router setup steps be sure to use the computer you first registered with your cable ISP For DSL Service You may need information such as the DSL login name e mail address and password in order to complete the router setup Before proceeding with the router installation familiarize yourself with the conte...

Page 26: ...t cable from the computer d Disconnect the cable at the computer end only point A in the diagram e Look at the label on the bottom of the router Locate the Internet port Securely insert the Ethernet cable from your modem cable 1 in the diagram below into the Internet port of the router as shown in point B of the diagram Figure 3 2 Connect the router to the modem PRGHP DEOH QWHUQHW FRPSXWHU A PRGHP...

Page 27: ...nto the Ethernet port of your computer point D in the diagram Figure 3 3 Connect the computer to the router Your network cables are connected and you are ready to restart your network 2 RESTART YOUR NETWORK IN THE CORRECT SEQUENCE Warning Failure to restart your network in the correct sequence could prevent you from connecting to the Internet a First turn on the broadband modem and wait 2 minutes ...

Page 28: ...light should be lit If not make sure the Ethernet cable is securely attached to the router Internet port and the modem and the modem is powered on Wireless The Wireless light should be lit If the Wireless light is not lit see Troubleshooting Tips on page 3 8 LAN A LAN light should be lit Green indicates your computer is communicating at 100 Mbps yellow indicates 10 Mbps If LAN light is not lit che...

Page 29: ...s check box and clicking Ok If you still do not connect type http www routerlogin net in the browser address bar and click Enter Otherwise to bypass this screen see How to Bypass the Configuration Assistant on page 3 12 and the How to Manually Configure Your Internet Connection on page 3 13 topics in this chapter If you cannot connect to the router verify your computer networking setup It should b...

Page 30: ... on page 3 8 to correct basic problems Note The Smart Wizard configuration assistant only appears when the router is in its factory default state After you configure the router it will not appear again You can always connect to the router to change its settings To do so open a browser such as Internet Explorer and go to http www routerlogin net Then when prompted enter admin as the user name and p...

Page 31: ...ETGEAR wireless adapter configure it to match your settings exactly If you changed the default Network Name SSID be sure to use the correct Network Name SSID you set in the router Warning The Network Name SSID is case sensitive Entering nETgear will not work 2 VERIFY WIRELESS CONNECTIVITY Verify wireless connectivity Connect to the Internet or log in to the router from a computer with a wireless a...

Page 32: ...eless computer must match exactly Make sure the network settings of the computer are correct LAN and wirelessly connected computers must be configured to obtain an IP address automatically via DHCP Please see Appendix C Preparing Your Network or the animated tutorials on the CD for help with this Some cable modem ISPs require you to use the MAC address of the computer registered on the account If ...

Page 33: ... feature by typing http www routerlogin net basicsetting htm in the browser address bar and clicking Enter You will not be prompted for a user name or password This will enable you to manually configure the router even when it is in the factory default state When manually configuring the router you must complete the configuration by clicking Apply when finished entering your settings If you do not...

Page 34: ... name and password When prompted enter admin for the router user name and password for the router password both in lower case letters To change the password see Changing the Administrator Password on page 6 8 Note The router user name and password are not the same as any user name or password you may use to log in to your Internet connection A login window like the one shown below opens Figure 3 8...

Page 35: ...rowser will then display the MR814 v3 settings home page When the router is connected to the Internet click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the router If you do not click Logout the router will wait 5 minutes after there is no activity before it automatically logs you out ...

Page 36: ...www routerlogin net basicsetting htm in the address field of your browser then click Enter When the router is in the factory default state a user name and password are not required 2 The browser will then display the MR814 v3 settings home page shown in Login result MR814 v3 home page on page 3 11 If you do not click Logout the router will wait 5 minutes after there is no activity before it automa...

Page 37: ... you can allow the Setup Wizard to determine your configuration as described in the previous section Figure 3 10 Browser based configuration Basic Settings menus You can manually configure the router using the Basic Settings menu shown in Figure 3 10 using these steps 1 Connect to the router by typing http www routerlogin net in the address field of your browser then click Enter ISP Does Not Requi...

Page 38: ...w that your ISP does not automatically transmit DNS addresses to the router during login select Use these DNS servers and enter the IP address of your ISP s Primary DNS Server If a Secondary DNS Server address is available enter it also Note If you enter an address here restart the computers on your network so that these settings take effect d Gateway s MAC Address This section determines the Ethe...

Page 39: ...select c Fill in the parameters for your Internet service provider d Click Apply to save your settings Click the Test button to verify you have Internet access Using the Smart Setup Wizard You can use the Smart Setup Wizard to assist with manual configuration or to verify the Internet connection The Smart Setup Wizard is not the same as the Smart Wizard configuration assistant as illustrated in Fi...

Page 40: ...s as needed 5 At the end of the Setup Wizard click the Test button to verify your Internet connection If you have trouble connecting to the Internet use the Troubleshooting Tips Troubleshooting Tips on page 3 8 to correct basic problems or refer to Chapter 8 Troubleshooting The topics below describe each of the various options the Smart Wizard can detect Use this information to assist you with fil...

Page 41: ...book power consumption also vary depending on your configuration choices For best results place your firewall Near the center of the area in which your PCs will operate In an elevated location such as a high shelf where the wirelessly connected PCs have line of sight access even if through walls Away from sources of interference such as PCs microwaves and 2 4 GHz cordless phones Away from large me...

Page 42: ...ters cannot wirelessly connect to the MR814 v3 MAC address filtering adds an obstacle against unwanted access to your network but the data broadcast over the wireless link is fully exposed WEP Wired Equivalent Privacy WEP data encryption provides data security WEP Shared Key authentication and WEP data encryption will block all but the most determined eavesdropper WPA PSK Wi Fi Protected Access WP...

Page 43: ...s Understanding Wireless Settings This section identifies the default factory settings and introduces each wireless option Default Factory Settings When you first receive your MR814 v3 the default factory settings are shown below You can restore these defaults with the Factory Default Restore button on the rear panel After you install the MR814 v3 router use the procedures below to customize any o...

Page 44: ...This field identifies the region where the MR814 v3 can be used It may not be legal to operate the wireless features of the router in a region other than one of those identified in this field Channel This field determines which operating frequency will be used It should not be necessary to change the wireless channel unless you notice interference problems with another nearby access point For more...

Page 45: ...values or enter a word or group of printable characters in the Passphrase box Manually entered keys are case sensitive but passphrase characters are not case sensitive Note Not all wireless adapter configuration utilities support WEP passphrase key generation WPA PSK WPA Pre shared Key performs authentication uses 128 bit data encryption and dynamically changes the encryption keys making it nearly...

Page 46: ...ngs menu Allow Broadcast of Name SSID If you disable broadcast of the SSID only devices that have the correct SSID can connect Disabling SSID broadcast nullifies the wireless network discovery feature of some products such as Windows XP Enable Wireless Access Point If you disable the wireless access point wireless devices cannot connect to the MR814 v3 Wireless Card Access List When the Trusted PC...

Page 47: ...er devices in the network will not connect unless they are set to Shared Key as well and are configured with the correct key WEP Encryption key size Choose one 64 bit or 128 bit Again the encryption key size must be the same for the wireless adapters and the router Data Encryption WEP Keys There are two methods for creating WEP data encryption keys Whichever method you use record the key values in...

Page 48: ... Test Basic Wireless Connectivity Follow the instructions below to set up and test basic wireless connectivity Once you have established basic wireless connectivity you can enable security settings appropriate to your needs 1 Log in to the MR814 v3 firewall at http www routerlogin net with its default user name of admin and default password of password or using whatever LAN address and password yo...

Page 49: ...ositions from the others in use For more information on the wireless channel frequencies please refer to Wireless Channels on page D 2 6 For initial configuration and test leave the Wireless Card Access List set to Everyone and the Encryption Strength set to Disabled 7 Click Apply to save your changes 8 Configure and test your computers for wireless connectivity Program the wireless adapter of you...

Page 50: ... or using whatever LAN address and password you have set up 2 Click Wireless Settings in the main menu of the MR814 v3 firewall 3 From the Security Options menu select WEP The WEP options display Figure 4 5 Wireless Settings encryption menu Note If you use a wireless computer configure WEP settings you will be disconnected when you click on Apply You must then either configure your wireless adapte...

Page 51: ...These entries are not case sensitive AA is the same as aa Select which of the four keys will be active Please refer to Overview of WEP Parameters on page D 6 for a full explanation of each of these options as defined by the IEEE 802 11 wireless communication standard 6 Click Apply to save your settings How to Configure WPA PSK Wireless Security Note Not all wireless adapters support WPA Furthermor...

Page 52: ...fault user name of admin and default password of password or using whatever LAN address and password you have set up 2 Click Wireless Settings in the Advanced section of the main menu of the MR814 v3 3 Click Setup Access List to display the Wireless Station Access List menu Note When configuring the firewall from a wireless computer whose MAC address is not in the Trusted PC list if you select Tur...

Page 53: ... usually find the MAC address printed on the wireless adapter Note You can copy and paste the MAC addresses from the firewall s Attached Devices menu into the MAC Address box of this menu To do this configure each wireless computer to obtain a wireless link to the firewall The computer should then appear in the Attached Devices menu 7 Click Add to add this wireless device to the Wireless Card Acce...

Page 54: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router 4 14 Wireless Configuration 202 10039 01 ...

Page 55: ...4 v3 Cable DSL Wireless Router provides you with Web content filtering options plus browsing activity reporting and instant alerts via e mail Parents and network administrators can establish restricted access policies based on time of day web addresses and web address keywords You can also block Internet access by applications and services such as chat or games To configure these features of your ...

Page 56: ... Figure 5 1 below Figure 5 1 Block Sites menu To enable keyword blocking select either Per Schedule or Always then click Apply If you want to block by schedule be sure that a time period is specified in the Schedule menu To add a keyword or domain type it in the Keyword box click Add Keyword then click Apply To delete a keyword or domain select it from the list click Delete Keyword then click Appl...

Page 57: ...e use of certain Internet services by PCs on your network This is called services blocking or port filtering The Block Services menu is shown below Figure 5 2 Block Services menu Services are functions performed by server computers at the request of client computers For example Web servers serve web pages time servers serve time and date information and game hosts serve data about other players mo...

Page 58: ...a service first you must determine which port number or range of numbers is used by the application The service numbers for many common protocols are defined by the Internet Engineering Task Force IETF and published in RFC1700 Assigned Numbers Service numbers for other applications are typically chosen from the range 1024 to 65535 by the authors of the application This information can usually be d...

Page 59: ...e MR814 v3 router allows you to specify when blocking will be enforced The Schedule menu is shown below Figure 5 4 Schedule menu Use this schedule for blocking content Check this box if you wish to enable a schedule for Content Filtering Click Apply Days to Block Select days to block by checking the appropriate boxes Select Everyday to check the boxes for all days Click Apply Time of Day to Block ...

Page 60: ...d User An example is shown below Figure 5 5 Logs menu Log entries are described in Table 5 1 Table 5 1 Log entry descriptions Field Description Number The index number of the content filter log entries 128 entries are available numbered from 0 to 127 The log will keep the record of the latest 128 entries Date and Time The date and time the log entry was recorded Source IP The IP address of the ini...

Page 61: ...b Access Log Notifications In order to receive logs and alerts by E mail you must provide your E mail information in the E Mail menu shown below Figure 5 6 Email menu Table 5 2 Log action buttons Field Description Refresh Click this button to refresh the log screen Clear Log Click this button to clear the log entries Send Log Click this button to email the log immediately ...

Page 62: ...ing to this schedule Specifies how often to send the logs Hourly Daily Weekly or When Full Day for sending log Specifies which day of the week to send the log Relevant when the log is sent weekly or daily Time for sending log Specifies the time of day to send the log Relevant when the log is sent daily or weekly If the Weekly Daily or Hourly option is selected and the log fills up before the speci...

Page 63: ... be found by clicking on the Maintenance heading in the Main Menu of the browser interface Viewing Router Status Information The Router Status menu provides a limited amount of status and usage information From the Main Menu of the browser interface click on Maintenance then select System Status to view the System Status screen shown below Figure 6 1 Router Status screen ...

Page 64: ...the ISP LAN Port These parameters apply to the Local WAN port of the router MAC Address This field displays the Media Access Control address being used by the LAN port of the router IP Address This field displays the IP address being used by the Local LAN port of the router The default is 192 168 0 1 IP Subnet Mask This field displays the IP Subnet Mask being used by the Local LAN port of the rout...

Page 65: ...ned to the router Subnet Mask The WAN Internet Subnet Mask assigned to the router Default Gateway The WAN Internet default gateway the router communicates with DHCP Server The IP address of the DHCP server which provided the IP configuration addresses DNS Server The IP address of the DNS server which provides network name to IP address translation Lease Obtained When the DHCP lease was obtained Le...

Page 66: ...nual clear RxPkts The number of packets received on this port since reset or manual clear Collisions The number of collisions on this port since reset or manual clear Tx B s The current transmission outbound bandwidth used on the WAN and LAN ports Rx B s The current reception inbound bandwidth used on the WAN and LAN ports Up Time The amount of time since the router was last restarted Up Time The ...

Page 67: ...Figure 6 4 Attached Devices menu For each device the table shows the IP address NetBIOS Host Name if available and Ethernet MAC address Note that if the router is rebooted the table data is lost until the router rediscovers the devices To force the router to look for attached devices click the Refresh button Configuration File Management The configuration settings of the MR814 v3 router are stored...

Page 68: ... menu allow you to save and retrieve a file containing your router s configuration settings To save your settings select the Backup tab Click the Backup button Your browser will extract the configuration file from the router and will prompt you for a location on your PC to store the file You can give the file a meaningful name at this time such as pacbell cfg To restore your settings from a saved ...

Page 69: ...ion and Password on page 8 7 Upgrading the Router Software The routing software of the MR814 v3 router is stored in FLASH memory and can be upgraded as new software is released by NETGEAR Upgrade files can be downloaded from Netgear s Web site If the upgrade file is compressed ZIP file you must first extract the binary BIN file before sending it to the router The upgrade file can be sent to the ro...

Page 70: ...link or loading a new page If the browser is interrupted it may corrupt the software When the upload is complete your router will automatically restart The upgrade process will typically take about one minute In some cases you may need to reconfigure the router after upgrading Changing the Administrator Password Note Before changing the router password use the router backup utility to save your co...

Page 71: ...ager is password Netgear recommends that you change this password to a more secure password From the Main Menu of the browser interface under the Maintenance heading select Set Password to bring up the menu shown below Figure 6 7 Set Password menu To change the password first enter the old password and then enter the new password twice Click Apply ...

Page 72: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router 6 10 Maintenance 202 10039 01 ...

Page 73: ...causes your entire local network to appear as a single machine to the Internet you can make a local server for example a web server or game server visible and available to the Internet This is done using the Port Forwarding menu From the Main Menu of the browser interface under Advanced click on Port Forwarding to view the port forwarding menu shown below Figure 7 1 Port Forwarding Menu Note If yo...

Page 74: ...rvice 2 Enter the IP address of the local server in the corresponding Server IP Address box 3 Click the Add button Adding a Custom Service To define a service game or application that does not appear in the Services Games list you must determine what port numbers are used by the service For this information you may need to contact the manufacturer of the program that you wish to use When you have ...

Page 75: ...siderations for this application are If your account s IP address is assigned dynamically by your ISP the IP address may change periodically as the DHCP lease expires If the IP address of the local PC is assigned by DHCP it may change when the PC is rebooted To avoid this you can manually configure the PC to use a fixed address Local PCs must access the local server using the PCs local LAN address...

Page 76: ...o respond to a Ping on the WAN port These options are discussed below Setting Up a Default DMZ Server The default DMZ server feature is helpful when using some online games and videoconferencing applications that are incompatible with NAT The router is programmed to recognize some of these applications and to work properly with them but there are other applications that may not function well In so...

Page 77: ...ternet click the Respond to Ping on Internet WAN Port check box This should only be used as a diagnostic tool since it allows your router to be discovered Don t check this box unless you have a specific reason to do so Setting the MTU Size The default MTU size is usually fine The normal MTU Maximum Transmit Unit value for most Ethernet networks is 1500 Bytes For some ISPs particularly some using P...

Page 78: ...tion of LAN IP services such as DHCP and RIP From the Main Menu of the browser interface under Advanced click on LAN IP Setup to view the LAN IP Setup menu shown below Figure 7 3 LAN IP Setup Menu Configuring LAN TCP IP Setup Parameters The router is shipped preconfigured to use private IP addresses on the LAN side and to act as a DHCP server The router s default LAN IP configuration is LAN IP add...

Page 79: ...ing information with other routers The RIP Direction selection controls how the router sends and receives RIP packets Both is the default When set to Both or Out Only the router will broadcast its routing table periodically When set to Both or In Only it will incorporate the RIP information that it receives When set to None it will not send any RIP packets and will ignore any RIP packets received ...

Page 80: ...ters clear the Use router as DHCP server check box Otherwise leave it checked Specify the pool of IP addresses to be assigned by setting the Starting IP Address and Ending IP Address These addresses should be part of the same IP address subnet as the router s LAN IP address Using the default addressing scheme you should define a range between 192 168 0 2 and 192 168 0 253 although you may wish to ...

Page 81: ...main Name Servers DNS However if your Internet account uses a dynamically assigned IP address you will not know in advance what your IP address will be and the address can change frequently In this case you can use a commercial dynamic DNS service who will allow you to register your domain to their IP address and will forward traffic directed at your domain to your frequently changing IP address T...

Page 82: ...e For example the wildcard feature will cause yourhost dyndns org to be aliased to the same IP address as yourhost dyndns org 8 Click Apply to save your configuration Configuring Static Routes Static Routes provide additional routing information to your router Under normal circumstances the router has adequate routing information after it has been configured for Internet access and you do not need...

Page 83: ...ask for this destination If the destination is a single host type 255 255 255 255 7 Type the Gateway IP Address which must be a router on the same LAN segment as the router 8 Type a number between 1 and 15 as the Metric value This represents the number of routers between your network and the destination Usually a setting of 2 or 3 works but if this is a direct connection set it to 1 9 Click Apply ...

Page 84: ...77 x x addresses The Gateway IP Address fields specifies that all traffic for these addresses should be forwarded to the ISDN router at 192 168 0 100 A Metric value of 1 will work since the ISDN router is on the LAN Private is selected only as a precautionary security measure in case RIP is activated Enabling Remote Management Access Using the Remote Management page you can allow a user or users o...

Page 85: ...n the box provided Choose a number between 1024 and 65535 but do not use the number of any common service port The default is 8080 which is a common alternate for HTTP 4 Click Apply to have your changes take effect Note When accessing your router from the Internet you will type your router s WAN IP address into your browser s Address in IE or Location in Netscape box followed by a colon and the cu...

Page 86: ...orter durations will ensure that control points have current device status at the expense of additional network traffic Longer durations may compromise the freshness of the device status but can significantly reduce network traffic Advertisement Time To Live The time to live for the advertisement is measured in hops steps for each UPnP packet sent The time to live hop count is the number of steps ...

Page 87: ... connected c The Internet port light is lit If a port s light is lit a link has been established to the connected device If a LAN port is connected to a 100 Mbps device verify that the port s light is green If the port is 10 Mbps the light will be amber If any of these conditions does not occur refer to the appropriate following section Power Light Not On If the Power and other lights are off when...

Page 88: ... Default Configuration and Password on page 8 7 If the error persists you might have a hardware problem and should contact technical support LAN or WAN Port Lights Not On If either the LAN lights or Internet light do not light when the Ethernet connection is made check the following Make sure that the Ethernet cable connections are secure at the router and at the hub or workstation Make sure that ...

Page 89: ...sses are in the range of 169 254 x x If your IP address is in this range check the connection from the computer to the router and reboot your computer If your router s IP address has been changed and you don t know the current IP address clear the router s configuration to factory defaults This will set the router s IP address to 192 168 0 1 This procedure is explained in Restoring the Default Con...

Page 90: ...ur router is unable to obtain an IP address from the ISP you may need to force your cable or DSL modem to recognize your new router by performing the following procedure 1 Turn off power to the cable or DSL modem 2 Turn off power to your router 3 Wait five minutes and reapply power to the cable or DSL modem 4 When the modem s lights indicate that it has reacquired sync with the ISP reapply power t...

Page 91: ...on page C 9 Alternatively you may configure your computer manually with DNS addresses as explained in your operating system documentation Your computer may not have the router configured as its TCP IP gateway If your computer obtains its information from the router by DHCP reboot the computer and verify the gateway address as described in Install or Verify Windows Networking Components on page C 9...

Page 92: ...software and TCP IP software are both installed and configured on your computer or workstation Verify that the IP address for your router and your workstation are correct and that the addresses are on the same subnet Testing the Path from Your Computer to a Remote Device After verifying that the LAN path works correctly test the path from your computer to a remote device From the Windows run menu ...

Page 93: ...Assistant on page 3 12 Restoring the Default Configuration and Password This section explains how to restore the factory default configuration settings changing the router s administration password to password and the IP address to 192 168 0 1 You can erase the current configuration and restore factory defaults in two ways Use the Erase function of the router see Erasing the Configuration on page ...

Page 94: ...ry in the log is stamped with the date and time of day Problems with the date and time function can include Date shown is January 1 2000 Cause The router has not yet successfully reached a Network Time Server Check that your Internet access settings are configured correctly If you have just completed configuring the router wait at least five minutes and check the date and time again Time is off by...

Page 95: ...E Power Adapter North America 120V 60 Hz input United Kingdom Australia 240V 50 Hz input Europe 230V 50 Hz input Japan 100V 50 60 Hz input All regions output 12 V DC 1 A output 20W maximum Physical Specifications Dimensions 28 x 175 x 118 mm 1 1 x 6 89 x 4 65 in Weight 0 3 kg 0 66 lb Environmental Specifications Operating temperature 0 to 40 C 32º to 104º F Operating humidity 90 maximum relative h...

Page 96: ...2 11b Operating Range Outdoor environment Indoor environment 11 Mbps 398 ft 120 m 198 ft 60 m 5 5 Mbps 561 ft 170 m 264 ft 80 m 2 Mbps 890 ft 270 m 430 ft 130 m 1 Mbps 1485 ft 450 m 660 ft 200 m Maximum Computers Per Wireless Network Limited by the amount of wireless network traffic generated by each node Typically 30 70 nodes 802 11b Operating Frequency Ranges 2 412 2 462 GHz US 2 457 2 462 GHz S...

Page 97: ...ternet can be very expensive Because of this expense Internet access is usually provided by a slower speed wide area network WAN link such as a cable or DSL modem In order to make the best use of the slower WAN link a mechanism must be in place for selecting and transmitting only the data traffic meant for the Internet The function of selecting and forwarding this data is performed by a router Wha...

Page 98: ...Internet Protocol IP uses a 32 bit address structure The address is usually written in dot notation also called dotted decimal notation in which each group of eight bits is written in decimal form separated by decimal points For example the following binary address 11000011 00100010 00001100 00000111 is normally written as 195 34 12 7 The latter version is easier to remember and easier to enter in...

Page 99: ...p to 65 354 hosts on a network A Class B address uses a 16 bit network number and a 16 bit node number Class B addresses are in this range 128 1 x x to 191 254 x x Class C Class C addresses can have 254 hosts on a network Class C addresses use 24 bits for the network address and eight bits for the node They are in this range 192 0 1 x to 223 255 254 x Class D Class D addresses are used for multica...

Page 100: ...and C addresses are 255 0 0 0 255 255 0 0 and 255 255 255 0 respectively For example the address 192 168 170 237 is a Class C IP address whose network portion is the upper 24 bits When combined using an AND operator with the Class C netmask as shown here only the network portion of the address remains 11000000 10101000 10101010 11101101 192 168 170 237 combined with 11111111 11111111 11111111 0000...

Page 101: ...ending the number of addresses available subnet addressing provides other benefits Subnet addressing allows a network manager to construct an address scheme for the network by using different subnets for other geographical locations in the network or for other departments in the organization Although the preceding example uses the entire third octet for a subnet address note that you are not restr...

Page 102: ... bits the new subnet mask becomes 255 255 255 240 The following table displays several common netmask values in both the dotted decimal and the masklength formats Configure all hosts on a LAN segment to use the same netmask for the following reasons Table 8 1 Netmask Notation Translation Table for One Octet Number of Bits Dotted Decimal Value 1 128 2 192 3 224 4 240 5 248 6 252 7 254 8 255 Table 8...

Page 103: ...t create an arbitrary IP address always follow the guidelines explained here For more information about address assignment refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space The Internet Engineering Task Force IETF publishes RFCs on its web site at www ietf org Single IP Address Operation Using NAT In the past if multiple computers...

Page 104: ...b server on your local network to be accessible to outside users MAC Addresses and Address Resolution Protocol An IP address alone cannot be used to deliver data from one LAN device to another To send data between LAN devices you must convert the IP address of the destination device to its media access control MAC address Each device on an Ethernet network has a unique MAC address which is a 48 bi...

Page 105: ...the table For more information about address assignment refer to the IETF documents RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space For more information about IP address translation refer to RFC 1631 The IP Network Address Translator NAT Domain Name Server Many of the resources on the Internet can be addressed by simple descriptive names...

Page 106: ...y DHCP Internet Security and Firewalls When your LAN connects to the Internet through a router an opportunity is created for outsiders to access or disrupt your network A NAT router provides some protection because by the very nature of the process the network behind the router is shielded from access by outsiders on the Internet However there are methods by which a determined hacker can possibly ...

Page 107: ...through the firewall is analyzed against the state of these connections in order to determine whether or not it will be allowed to pass through or rejected Denial of Service Attack A hacker may be able to prevent your network from operating or communicating by launching a Denial of Service DoS attack The method used for such an attack can be as simple as merely flooding your site with more request...

Page 108: ...gory 5 Only 0 5 inch 1 5 cm of untwist in the wire pair is allowed at any termination point A twisted pair Ethernet network operating at 10 Mbits second 10BASE T will often tolerate low quality cables but at 100 Mbits second 10BASE Tx the cable must be rated as Category 5 or Cat 5 by the Electronic Industry Association EIA This rating will be printed on the cable jacket A Category 5 cable will mee...

Page 109: ...mputers and workstation adapter cards are usually media dependent interface ports called MDI or uplink ports Most repeaters and switch ports are configured as media dependent interfaces with built in crossover ports called MDI X or normal ports Auto Uplink technology automatically senses which connection MDI or MDI X is needed and makes the right connection Figure B 4 illustrates straight through ...

Page 110: ...to as Media Dependant Interface Crossover MDI X When connecting a computer to a computer or a hub port to another hub port the transmit pair must be exchanged with the receive pair This exchange is done by one of two mechanisms Most hubs provide an Uplink switch which will exchange the pairs on one port allowing that port to be connected to another hub using a normal Ethernet cable The second meth...

Page 111: ...will automatically sense whether the Ethernet cable plugged into the port should have a normal connection e g connecting to a computer or an uplink connection e g connecting to a router switch or hub That port will then configure itself to the correct configuration This feature also eliminates the need to worry about crossover cables as Auto UplinkTM will accommodate either type of cable to make t...

Page 112: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router B 16 Network Routing Firewall and Basics 202 10039 01 ...

Page 113: ...ing see Ethernet Cabling on page B 11 The cable or DSL broadband modem must provide a standard 10 Mbps 10BASE T or 100 Mbps 100BASE Tx Ethernet interface Computer Network Configuration Requirements The MR814 v3 includes a built in web Configuration Manager To access the configuration menus on the MR814 v3 your must use a Java enabled web browser program which supports HTTP uploads such as Microsof...

Page 114: ...n gather the required Internet connection information Your Internet service provides all the information needed to connect to the Internet If you cannot locate this information you can ask your Internet service to provide it or you can try one of the options below If you have a computer already connected using the Internet you can gather the configuration information from that computer For Windows...

Page 115: ...re given DNS server addresses fill in the following Primary DNS Server IP Address ______ ______ ______ ______ Secondary DNS Server IP Address ______ ______ ______ ______ Host and Domain Names Some ISPs use a specific host or domain name like CCA7324 A or home If you haven t been given host or domain names you can use the following examples as a guide If your main e mail account with your ISP is aa...

Page 116: ... TCP IP so that the PC obtains its specific network configuration information automatically from a DHCP server during bootup For a detailed explanation of the meaning and purpose of these configuration items refer to Appendix B Network Routing Firewall and Basics The MR814 v3 router is shipped preconfigured as a DHCP server The firewall assigns the following TCP IP configuration information automa...

Page 117: ...ks If you need to install a new adapter follow these steps a Click the Add button b Select Adapter and then click Add c Select the manufacturer and model of your Ethernet adapter and then click OK If you need TCP IP a Click the Add button b Select Protocol and then click Add c Select Microsoft Note It is not necessary to remove any other network components shown in the Network window in order to i...

Page 118: ...utomatically Configure TCP IP Settings in Windows 95B 98 and Me After the TCP IP protocol components are installed each PC must be assigned specific information about itself and resources that are available on its network The simplest way to configure this information is to allow the PC to obtain the information from a DHCP server in the network You will find there are many similarities in the pro...

Page 119: ...is not on the desktop Click Start on the task bar located at the bottom left of the window Choose Settings and then Control Panel Locate the Network Neighborhood icon and click on it This will open the Network panel as shown below Verify the following settings as shown Client for Microsoft Network exists Ethernet adapter is present TCP IP is present Primary Network Logon is set to Windows logon Cl...

Page 120: ...n the LAN Internet Configuration screen and click Next 6 Proceed to the end of the Wizard Verifying TCP IP Properties After your PC is configured and has rebooted you can check the TCP IP configuration using the utility winipcfg exe 1 On the Windows taskbar click the Start button and then click Run By default the IP Address tab is open on this window Verify the following Obtain an IP address autom...

Page 121: ...process you may need to install and configure TCP IP on each networked PC Before starting locate your Windows CD you may need to insert it during the TCP IP installation process Install or Verify Windows Networking Components To install or verify the necessary components for IP networking 1 On the Windows taskbar click the Start button point to Settings and then click Control Panel 2 Double click ...

Page 122: ...through the configuration process for each of these versions of Windows DHCP Configuration of TCP IP in Windows XP Locate your Network Neighborhood icon Select Control Panel from the Windows XP new Start Menu Select the Network Connections icon on the Control Panel This will take you to the next step Now the Network Connection window displays The Connections List that shows all the network connect...

Page 123: ...atus window This box displays the connection status duration speed and activity statistics Administrator logon access rights are needed to use this window Click the Properties button to view details about the connection The TCP IP details are presented on the Support tab page Select Internet Protocol and click Properties to view the configuration information ...

Page 124: ...efault and set to DHCP without your having to configure it However if there are problems follow these steps to configure TCP IP with DHCP for Windows 2000 Verify that the Obtain an IP address automatically radio button is selected Verify that Obtain DNS server address automatically radio button is selected Click the OK button This completes the DHCP configuration of TCP IP in Windows XP Repeat the...

Page 125: ... up Connections Right click on Local Area Connection and select Properties The Local Area Connection Properties dialog box appears Verify that you have the correct Ethernet card selected in the Connect using box Verify that at least the following two items are displayed and selected in the box of Components checked are used by this connection Client for Microsoft Networks and Internet Protocol TCP...

Page 126: ...nternet Protocol TCP IP Properties dialogue box Verify that Obtain an IP address automatically is selected Obtain DNS server address automatically is selected Click OK to return to Local Area Connection Properties Click OK again to complete the configuration process for Windows 2000 Restart the PC Repeat these steps for each PC with this version of Windows on your network ...

Page 127: ...etwork card you need to configure the TCP IP environment for Windows NT 4 0 Follow this procedure to configure TCP IP with DHCP in Windows NT 4 0 Choose Settings from the Start Menu and then select Control Panel This will display Control Panel window Double click the Network icon in the Control Panel window The Network panel will display Select the Protocols tab to continue ...

Page 128: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router C 16 Preparing Your Network 202 10039 01 Highlight the TCP IP Protocol in the Network Protocols box and click on the Properties button ...

Page 129: ...iguration information will be listed and should match the values below if you are using the default TCP IP settings that NETGEAR recommends for connecting through a router or gateway The IP address is between 192 168 0 2 and 192 168 0 254 The subnet mask is 255 255 255 0 The TCP IP Properties dialog box now displays Click the IP Address tab Select the radio button marked Obtain an IP address from ...

Page 130: ... each networked Macintosh you will need to configure TCP IP to use DHCP MacOS 8 6 or 9 x 1 From the Apple menu select Control Panels then TCP IP The TCP IP Control Panel opens 2 From the Connect via box select your Macintosh s Ethernet interface 3 From the Configure box select Using DHCP Server You can leave the DHCP Client ID box empty 4 Close the TCP IP Control Panel 5 Repeat this for each Macin...

Page 131: ... the TCP IP configuration by returning to the TCP IP Control Panel From the Apple menu select Control Panels then TCP IP The panel is updated to show your settings which should match the values below if you are using the default TCP IP settings that NETGEAR recommends The IP Address is between 192 168 0 2 and 192 168 0 254 The Subnet mask is 255 255 255 0 The Router address is 192 168 0 1 If you d...

Page 132: ...ernet port is connected to the broadband modem the firewall appears to be a single PC to the ISP The firewall then allows the PCs on the local network to masquerade as the single PC to access the Internet through the broadband modem The method used by the firewall to accomplish this is called Network Address Translation NAT or IP masquerading Are Login Protocols Used Some ISPs require a special lo...

Page 133: ...l These procedures are described next Obtaining ISP Configuration Information for Windows Computers As mentioned above you may need to collect configuration information from your PC so that you can use this information when you configure the MR814 v3 router Following this procedure is only necessary when your ISP does not dynamically supply the account information To get the information you need t...

Page 134: ...ur Macintosh so that you can use this information when you configure the MR814 v3 router Following this procedure is only necessary when your ISP does not dynamically supply the account information To get the information you need to configure the firewall for Internet access 1 From the Apple menu select Control Panels then TCP IP The TCP IP Control Panel opens which displays a list of configuratio...

Page 135: ... to work with the firewall you must reset the network for the devices to be able to communicate correctly Restart any computer that is connected to the firewall After configuring all of your computers for TCP IP networking and restarting them and connecting them to the local network of your MR814 v3 router you are ready to access and configure the firewall ...

Page 136: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router C 24 Preparing Your Network 202 10039 01 ...

Page 137: ... wi fi net an industry standard group promoting interoperability among 802 11b devices The 802 11b standard offers two methods for configuring a wireless network ad hoc and infrastructure Infrastructure Mode With a wireless Access Point you can operate the wireless LAN in the infrastructure mode This mode provides wireless connectivity to multiple wireless network devices within a fixed range or a...

Page 138: ... hoc wireless network with no access points the Basic Service Set Identification BSSID is used In an infrastructure wireless network that includes an access point the ESSID is used but may still be referred to as SSID An SSID is a thirty two character maximum alphanumeric key identifying the name of the wireless local area network Some vendors refer to the SSID as network name For the wireless dev...

Page 139: ...eless channels in the United States It is recommended that you start using channel 1 and grow to use channel 6 and 11 when necessary as these three channels do not overlap Table 8 3 802 11 Radio Frequency Channels Channel Center Frequency Frequency Spread 1 2412 MHz 2399 5 MHz 2424 5 MHz 2 2417 MHz 2404 5 MHz 2429 5 MHz 3 2422 MHz 2409 5 MHz 2434 5 MHz 4 2427 MHz 2414 5 MHz 2439 5 MHz 5 2432 MHz 2...

Page 140: ...fines several services that govern how two 802 11b devices communicate The following events must occur before an 802 11b Station can communicate with an Ethernet network through an access point such as the one built in to the MR814 v3 1 Turn on the wireless station 2 The station listens for messages from any access points that are in range 3 The station finds a message from an access point that ha...

Page 141: ...ation sends an authentication request to the access point 2 The access point sends challenge text to the station 3 The station uses its configured 64 bit or 128 bit default key to encrypt the challenge text and sends the encrypted text to the access point 4 The access point decrypts the encrypted text using its configured WEP Key that corresponds to the station s default key The access point compa...

Page 142: ...EP Encryption options available for 802 11b products 1 Do Not Use WEP The 802 11b network does not encrypt data For authentication purposes the network uses Open System Authentication 2 Use WEP for Encryption A transmitting 802 11b device encrypts the data portion of every packet it sends using a configured WEP Key The receiving 802 11b device decrypts the data using the same WEP Key For authentic...

Page 143: ...nfigurable portion of the encryption key is 40 bits wide The 128 bit WEP data encryption method consists of 104 user configurable bits Similar to the forty bit WEP data encryption method the remaining 24 bits are factory set and not user configurable Some vendors allow passphrases to be entered instead of the cryptic hexadecimal characters to ease encryption key entry 128 bit encryption is stronge...

Page 144: ...lient adapter can use WEP key 3 as its default key to transmit The two devices will communicate as long as the AP s WEP key 2 is the same as the client s WEP key 2 and the AP s WEP key 3 is the same as the client s WEP key 3 WPA Wireless Security Wi Fi Protected Access WPA is a specification of standards based interoperable security enhancements that increase the level of data protection and acces...

Page 145: ...A In the 802 11 standard 802 1x authentication was optional For details on EAP specifically refer to IETF s RFC 2284 With 802 11 WEP all access points and client wireless adapters on a particular wireless LAN must use the same encryption key A major problem with the 802 11 standard is that the keys are cumbersome to change If you don t update the WEP keys often an unauthorized person with a sniffi...

Page 146: ...Integrity Protocol TKIP Michael message integrity code MIC AES Support Support for a Mixture of WPA and WEP Wireless Clients These features are discussed below WPA addresses most of the known WEP vulnerabilities and is primarily intended for wireless infrastructure networks as found in the enterprise This infrastructure includes stations access points and authentication servers typically RADIUS se...

Page 147: ...ations successfully authenticated The supplicant in the station uses the authentication and cipher suite information contained in the information elements to decide which authentication method and cipher suite to use For example if the access point is using the Pre shared key method then the supplicant need not authenticate using full blown 802 1X Rather the supplicant must simply prove to the acc...

Page 148: ... EAP type such as Transport Layer Security EAP TLS or EAP Tunneled Transport Layer Security EAP TTLS defines how the authentication takes place Note For environments with a Remote Authentication Dial In User Service RADIUS infrastructure WPA supports Extensible Authentication Protocol EAP For environments without a RADIUS infrastructure WPA supports the use of a preshared key Together these techno...

Page 149: ...ponses AP to station and Association Requests station to AP also contain WPA information elements 1 Initial 802 1x communications begin with an unauthenticated supplicant i e client device attempting to connect with an authenticator i e 802 11 access point The client sends an EAP start message This begins a series of message exchanges to authenticate the client 2 The access point replies with an E...

Page 150: ...ny EAP type without needing to upgrade an 802 1x compliant access point As a result you can update the EAP authentication type to such devices as token cards Smart Cards Kerberos one time passwords certificates and public key authentication or as newer types become available and your requirements for security change WPA Data Encryption Key Management With 802 1x the rekeying of unicast encryption ...

Page 151: ...encrypted payload and update the encrypted ICV without being detected by the receiver With WPA a method known as Michael specifies a new algorithm that calculates an 8 byte message integrity code MIC using the calculation facilities available on existing wireless devices The MIC is placed between the data portion of the IEEE 802 11 frame and the 4 byte ICV The MIC field is encrypted together with ...

Page 152: ...Inc wireless Wi Fi certified products will support the WPA standard NETGEAR Inc wireless products that had their Wi Fi certification approved before August 2003 will have one year to add WPA so as to maintain their Wi Fi certification WPA requires software changes to the following Wireless access points Wireless network adapters Wireless client programs Supporting a Mixture of WPA and WEP Wireless...

Page 153: ...nformation element and respond with a specific security configuration The WPA two phase authentication Open system then 802 1x EAP or preshared key TKIP Michael AES optional To upgrade your wireless network adapters to support WPA obtain a WPA update from your wireless network adapter vendor and update the wireless network adapter driver For Windows wireless clients you must obtain an updated netw...

Page 154: ...01 Changes to Wireless Client Programs Wireless client programs must be updated to permit the configuration of WPA authentication and preshared key and the new WPA encryption algorithms TKIP and the optional AES component To obtain the Microsoft WPA client program visit the following Microsoft Web site ...

Page 155: ...el suffixes such as com edu uk etc For example in the address mail NETGEAR com mail is a server name and NETGEAR com is the domain Domain Name Server A Domain Name Server DNS resolves descriptive names of network resources such as www NETGEAR com to numeric IP addresses Dynamic Host Configuration Protocol DHCP An Ethernet protocol specifying how a centralized DHCP server can assign network configu...

Page 156: ...ket that can be sent or received NAT See Network Address Translation netmask A number that explains which part of an IP address comprises the network address and which part is the host address on that network It can be expressed in dotted decimal notation or as a number appended to the IP address For example a 28 bit mask starting from the MSB can be shown as 255 255 255 192 or as 28 appended to t...

Page 157: ... peripherals of the 400 vendors that are part of the Universal Plug and Play Forum UPnP compliant routers provide broadband users at home and small businesses with a seamless way to participate in online games videoconferencing and other peer to peer services UTP Unshielded twisted pair The cable used by 10BASE T and 100BASE Tx Ethernet networks WAN See wide area network WEP Wired Equivalent Priva...

Page 158: ...Reference Manual for the MR814 v3 Cable DSL Wireless Router 4 Glossary 202 10039 01 ...

Page 159: ...tions typography 1 1 crossover cable 2 3 8 2 B 14 B 15 customer support 1 iii D date and time 8 8 Daylight Savings Time 8 8 daylight savings time 5 8 Default DMZ Server 7 4 Denial of Service DoS protection 2 2 denial of service attack B 11 DHCP 2 4 B 10 DHCP Client ID C 18 DMZ 2 3 7 2 7 5 DMZ Server 7 4 DNS Proxy 2 4 DNS server C 22 DNS dynamic 7 9 domain C 22 Domain Name 3 14 domain name server D...

Page 160: ... C 18 for Windows C 4 C 9 K KALI 7 3 L LAN IP Setup Menu 7 6 LEDs troubleshooting 8 2 log sending 5 7 log entries 5 6 Logout 3 11 3 12 M MAC address 8 7 B 8 spoofing 3 14 8 5 Macintosh C 21 configuring for IP networking C 18 DHCP Client ID C 18 Obtaining ISP Configuration Information C 22 masquerading C 20 MDI MDI X B 15 MDI MDI X wiring B 14 metric 7 11 N NAT C 20 NAT See Network Address Translat...

Page 161: ...P Router Information Protocol 7 7 router concepts B 1 Router Status 6 1 Routing Information Protocol 2 3 B 2 S Scope of Document 1 1 Secondary DNS Server 3 14 security 2 1 2 3 service numbers 5 4 Setup Wizard 3 1 Shared Key authentication D 4 SMTP 5 8 spoof MAC address 8 5 SSID 2 8 4 4 4 9 D 2 Start Port 7 2 stateful packet inspection 2 2 B 11 Static Routes 7 9 Status Light 2 6 subnet addressing B...

Page 162: ...uivalent Privacy See WEP Wireless Access C 3 Wireless Ethernet D 1 wireless network name 2 8 Wireless Performance 4 1 Wireless Range Guidelines 4 1 Wireless Security 4 2 World Wide Web 1 iii WPA PSK 4 5 WPA PSK Password Phrase 4 5 ...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands