NETGEAR GS608NA Setup Manual Download

Page: 1 / 105

December 2004

Version 1.0
December 2004

NETGEAR

, Inc.

4500 Great America Parkway
Santa Clara, CA 95054 USA

NETGEAR Wireless
Router Setup Manual

Summary of Contents for GS608NA

Page 1: ...December 2004 Version 1 0 December 2004 NETGEAR Inc 4500 Great America Parkway Santa Clara CA 95054 USA NETGEAR Wireless Router Setup Manual ...

Page 2: ...nterference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television rec...

Page 3: ...eless Router WGM124 has been suppressed in accordance with the conditions set out in the BMPT AmtsblVfg 243 1991 and Vfg 46 1992 The operation of some equipment for example test transmitters in accordance with the regulations may however be subject to certain restrictions Please refer to the notes in the operating instructions Federal Office for Telecommunications Approvals has been notified of th...

Page 4: ...mber 2004 iv Product and Publication Details Model Number WGM124 Publication Date December 2004 Product Family router Product Name Pre N Wireless Router WGM124 Home or Business Product Home Language English ...

Page 5: ...Network 3 1 Troubleshooting Tips 3 2 How to Manually Configure Your Internet Connection 3 3 NETGEAR Product Registration Support and Documentation 3 5 Chapter 4 Optimizing Wireless Connectivity and Security Observe Performance Placement and Range Guidelines 4 1 Implement Appropriate Wireless Security 4 2 Understanding Wireless Settings 4 3 Information to Gather Before Changing Basic Wireless Setti...

Page 6: ...rom Your Computer to a Remote Device 6 6 Restoring the Default Configuration and Password 6 7 Appendix A Technical Specifications Appendix B Network Routing and Firewall Basics Related Publications B 1 Basic Router Concepts B 1 What is a Router B 1 Routing Information Protocol B 2 IP Addresses and the Internet B 2 Netmask B 4 Subnet Addressing B 4 Private IP Addresses B 7 Single IP Address Operati...

Page 7: ...indows 95B 98 and Me C 6 Selecting Windows Internet Access Method C 8 Verifying TCP IP Properties C 8 Configuring Windows NT4 2000 or XP for IP Networking C 9 Install or Verify Windows Networking Components C 9 DHCP Configuration of TCP IP in Windows XP 2000 or NT4 C 10 DHCP Configuration of TCP IP in Windows XP C 10 DHCP Configuration of TCP IP in Windows 2000 C 12 DHCP Configuration of TCP IP in...

Page 8: ...ation D 7 How to Use WEP Parameters D 8 WPA Wireless Security D 8 How Does WPA Compare to WEP D 9 How Does WPA Compare to IEEE 802 11i D 10 What are the Key Features of WPA Security D 10 WPA Authentication Enterprise level User Authentication via 802 1x EAP and RADIUS D 12 WPA Data Encryption Key Management D 14 Is WPA Perfect D 16 Product Support for WPA D 16 Supporting a Mixture of WPA and WEP W...

Page 9: ...e uses the following typographical conventions This guide uses the following format to highlight special messages This manual is written for NETGEAR wireless routers Table 1 1 Typographical Conventions italics Emphasis books CDs URL names bold User input SMALL CAPS Screen text file and server names extensions commands IP addresses Note This format is used to highlight information of importance or ...

Page 10: ... or backwards through the manual one page at a time A button that displays the table of contents and an button Double click on a link in the table of contents or index to navigate directly to where the topic is described in the manual A button to access the full NETGEAR Inc online knowledge base for the product model Links to PDF versions of the full manual and individual chapters ...

Page 11: ... a browser window Note Your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files The Acrobat reader is available on the Adobe Web site at http www adobe com Click the print icon in the upper left of the window Tip If your printer supports printing two pages on a single sheet of paper you can save paper and printer ink by selecting this feature Printing th...

Page 12: ...NETGEAR Wireless Router Setup Manual 4 About This Guide December 2004 ...

Page 13: ...his chapter introduces the NETGEAR Pre N Wireless Router WGM124 Package Contents The product package should contain the following items Pre N Wireless Router WGM124 AC power adapter A Category 5 CAT5 Ethernet cable The Setup CD including This guide Application Notes and other helpful information Registration Warranty Card and Support Information Card If any of the parts are incorrect missing or da...

Page 14: ...Default Configuration and Password One red status LED which blinks when the default reset button is pushed Three wireless antennae Table 2 1 Status Light Descriptions Label Activity Description Power On Green Solid Amber Blink Off Power is supplied to the router Power is supplied to the router and it is performing its diagnostic test Power is not supplied to the router WLAN On The WLAN wireless in...

Page 15: ...rm the wireless router setup steps be sure to use the computer you first registered with your cable ISP For DSL Service You may need information such as the DSL login name e mail address and password in order to complete the wireless router setup Before proceeding with the wireless router installation familiarize yourself with the contents of the Setup CD especially this manual and the tutorials f...

Page 16: ...urity settings of the router and wireless computer must match exactly Make sure the network settings of the computer are correct LAN and wirelessly connected computers must be configured to obtain an IP address automatically via DHCP Please see Appendix C Preparing Your Network or the animated tutorials on the CD for help with this Some cable modem ISPs require you to use the MAC address of the co...

Page 17: ...in the address field of your browser then click Enter 2 For security reasons the wireless router has its own user name and password When prompted enter admin for the router user name and password for the router password both in lower case letters 3 Click Basic Settings on the Setup menu 4 If your Internet connection does not require a login click No at the top of the Basic Settings menu and fill i...

Page 18: ... will register the Ethernet MAC address of the network interface card in your computer when your account is first opened They will then only accept traffic from the MAC address of that computer This feature allows your router to masquerade as that computer by cloning its MAC address To change the MAC address select Use this Computer s MAC address The router will then capture and use the MAC addres...

Page 19: ...ck Apply to save your settings Click the Test button to verify you have Internet access NETGEAR Product Registration Support and Documentation Register your product at http www NETGEAR com register Registration is required before you can use our telephone support service Product updates and Web support are always available by going to http kbserver netgear com When the wireless router is connected...

Page 20: ...NETGEAR Wireless Router Setup Manual 3 6 Connecting the Router to the Internet December 2004 ...

Page 21: ...nt of the wireless firewall The latency data throughput performance and notebook power consumption of wireless adapters also vary depending on your configuration choices For best results place your firewall Near the center of the area in which your computers will operate In an elevated location such as a high shelf where the wirelessly connected computers have line of sight access even if through ...

Page 22: ...twork Name SSID If you disable broadcast of the SSID only devices that have the correct SSID can connect This nullifies the wireless network discovery feature of some products such as Windows XP but the data is still fully exposed to a determined snoop using specialized test equipment like wireless sniffers WEP Wired Equivalent Privacy WEP data encryption provides data security WEP Shared Key auth...

Page 23: ... in this field Channel This field determines which operating frequency will be used It should not be necessary to change the wireless channel unless you notice interference problems with another nearby access point Mode This field determines which data communications protocol will be used Security Options These options are the wireless security features you can enable The table below identifies th...

Page 24: ...ntable characters in the Passphrase box Manually entered keys are case sensitive but passphrase characters are not case sensitive Note Not all wireless adapter configuration utilities support passphrase key generation Auto WPA PSK WPA Pre shared Key does perform authentication uses 128 bit data encryption and dynamically changes the encryption keys making it nearly impossible to circumvent Enter a...

Page 25: ... and the wireless router Data Encryption WEP Keys There are two methods for creating WEP data encryption keys Whichever method you use record the key values in the spaces below Passphrase method ______________________________ These characters are case sensitive Enter a word or group of printable characters and click the Generate Keys button Not all wireless devices support the passphrase method Ma...

Page 26: ...on on the rear panel After you install the wireless router use the procedures below to customize any of the settings to better meet your networking needs Warning The Network Name SSID and passphrase are case sensitive Typing nETgear_11a for the 802 11a SSID will not work WIRELESS FEATURE DEFAULT SETTING Wireless Access Point Enabled Wireless Access List MAC Filtering All wireless stations allowed ...

Page 27: ...iguration Manager is password Change this password to a more secure password From the Main Menu of the browser interface under the Maintenance heading select Set Password to bring up the menu shown below Figure 5 1 Set Password menu Note Before changing the wireless router password follow the instructions under Configuration File Management on page 5 2 to save your configuration settings If you fo...

Page 28: ...he browser interface under the Maintenance heading select the Settings Backup heading to bring up the menu shown below Figure 5 2 Settings Backup menu Three options are available and are described in the following sections Restoring and Backing Up the Configuration The Restore and Backup options in the Settings Backup menu allow you to save and retrieve a file containing your wireless router s con...

Page 29: ... Reset button on the rear panel of the wireless router See Restoring the Default Configuration and Password on page 6 7 Upgrading the Wireless Router Software The routing software of the wireless router is stored in FLASH memory and can be upgraded as new software is released by NETGEAR Upgrade files can be downloaded from the NETGEAR Web site If the upgrade file is compressed ZIP file you must fi...

Page 30: ...cation of the upgrade file 3 Click Upload Note When uploading software to the wireless router it is important not to interrupt the Web browser by closing the window clicking a link or loading a new page If the browser is interrupted it may corrupt the software When the upload is complete your wireless router will automatically restart The upgrade process will typically take about one minute In som...

Page 31: ...he power light is solid green b The LAN port lights are lit for any local ports that are connected c The Link ACT light is lit If a port s light is lit a link has been established to the connected device If any of these conditions does not occur refer to the appropriate following section Power Light Not On If the Power and other lights are off when your router is turned on Make sure that the power...

Page 32: ... Internet WAN Port Lights Not On If either the LAN lights or Internet light do not light when the Ethernet connection is made check the following Make sure that the Ethernet cable connections are secure at the router and at the hub or workstation Make sure that power is turned on to the connected hub or workstation Be sure you are using the correct cable When connecting the router s Internet port ...

Page 33: ... loaded Try quitting the browser and launching it again Make sure you are using the correct login information The URL for the router is http www routerlogin net or http www routerlogin com The factory default login name is admin and the password is password both in lower case letters Make sure that CAPS LOCK is off when entering this information If the router does not save changes you have made in...

Page 34: ...e to obtain an IP address from the ISP the problem may be one of the following Your ISP may require a login program Ask your ISP whether they require PPP over Ethernet PPPoE or some other type of login If your ISP requires a login you may have incorrectly set the login name and password in the router Your ISP may check for your computer s host name Assign the computer Host Name of your ISP account...

Page 35: ...l or Verify Windows Networking Components on page C 9 Troubleshooting a TCP IP Network Using a Ping Utility Most TCP IP terminal devices and routers contain a ping utility that sends an echo request packet to the designated device The device then responds with an echo reply Troubleshooting a TCP IP network is made very easy by using the ping utility in your computer or workstation Testing the LAN ...

Page 36: ...path works correctly test the path from your computer to a remote device From the Windows run menu type PING n 10 IP address where IP address is the IP address of a remote device such as your ISP s DNS server If the path is functioning correctly replies as in the previous section are displayed If you do not receive replies Check that your computer has the IP address of your router listed as the de...

Page 37: ...gs changing the router s administration password to password You can erase the current configuration and restore factory defaults in two ways Use the Erase function of the router Use the Default Reset button on the rear panel of the router Use this method for cases when the administration password or IP address is not known To restore the factory default configuration settings without knowing the ...

Page 38: ...NETGEAR Wireless Router Setup Manual 6 8 Troubleshooting Common Problems December 2004 ...

Page 39: ...ut 5V DC 2 8A output Physical Specifications Dimensions 33 x 235 x 148 mm 1 3 x 9 25 x 5 83 in Weight 1 083 kg 2 38 lb Environmental Specifications Operating temperature 0 to 40 C 32º to 104º F Operating humidity 90 maximum relative humidity noncondensing Electromagnetic Emissions Meets requirements of FCC Part 15 Class B Interface Specifications The router incorporates Auto UplinkTM technology wh...

Page 40: ...a Encoding 802 11b g2 4GHz to 2 5GHz CCK and OFDM Modulation Maximum Computers Per Wireless Network Limited by the amount of wireless network traffic generated by each node Typically up to 30 nodes Operating Frequency Ranges 2 412 2 462 GHz US 2 457 2 462 GHz Spain 2 412 2 484 GHz Japan 2 457 2 472 GHz France 2 412 2 472 GHz Europe ETSI 802 11 Security 40 bits also called 64 bits and 128 bits WEP ...

Page 41: ...e Internet can be very expensive Because of this expense Internet access is usually provided by a slower speed wide area network WAN link such as a cable or DSL modem In order to make the best use of the slower WAN link a mechanism must be in place for selecting and transmitting only the data traffic meant for the Internet The function of selecting and forwarding this data is performed by a router...

Page 42: ...otocol IP uses a 32 bit address structure The address is usually written in dot notation also called dotted decimal notation in which each group of eight bits is written in decimal form separated by decimal points For example the following binary address 11000011 00100010 00001100 00000111 is normally written as 195 34 12 7 The latter version is easier to remember and easier to enter into your com...

Page 43: ... hosts on a network A Class B address uses a 16 bit network number and a 16 bit node number Class B addresses are in this range 128 1 x x to 191 254 x x Class C Class C addresses can have 254 hosts on a network Class C addresses use 24 bits for the network address and eight bits for the node They are in this range 192 0 1 x to 223 255 254 x Class D Class D addresses are used for multicasts message...

Page 44: ...sses are 255 0 0 0 255 255 0 0 and 255 255 255 0 respectively For example the address 192 168 170 237 is a Class C IP address whose network portion is the upper 24 bits When combined using an AND operator with the Class C netmask as shown here only the network portion of the address remains 11000000 10101000 10101010 11101101 192 168 170 237 combined with 11111111 11111111 11111111 00000000 255 25...

Page 45: ...number of addresses available subnet addressing provides other benefits Subnet addressing allows a network manager to construct an address scheme for the network by using different subnets for other geographical locations in the network or for other departments in the organization Although the preceding example uses the entire third octet for a subnet address note that you are not restricted to oc...

Page 46: ...ew subnet mask becomes 255 255 255 240 The following table displays several common netmask values in both the dotted decimal and the masklength formats Configure all hosts on a LAN segment to use the same netmask for the following reasons Table 6 1 Netmask Notation Translation Table for One Octet Number of Bits Dotted Decimal Value 1 128 2 192 3 224 4 240 5 248 6 252 7 254 8 255 Table 6 2 Netmask ...

Page 47: ... arbitrary IP address always follow the guidelines explained here For more information about address assignment refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space The Internet Engineering Task Force IETF publishes RFCs on its Web site at www ietf org Single IP Address Operation Using NAT In the past if multiple computers on a LAN n...

Page 48: ... your local network to be accessible to outside users MAC Addresses and Address Resolution Protocol An IP address alone cannot be used to deliver data from one LAN device to another To send data between LAN devices you must convert the IP address of the destination device to its media access control MAC address Each device on an Ethernet network has a unique MAC address which is a 48 bit number as...

Page 49: ...or more information about address assignment refer to the IETF documents RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space For more information about IP address translation refer to RFC 1631 The IP Network Address Translator NAT Domain Name Server Many of the resources on the Internet can be addressed by simple descriptive names such as ww...

Page 50: ...rnet Security and Firewalls When your LAN connects to the Internet through a router an opportunity is created for outsiders to access or disrupt your network A NAT router provides some protection because by the very nature of the process the network behind the router is shielded from access by outsiders on the Internet However there are methods by which a determined hacker can possibly obtain info...

Page 51: ... firewall is analyzed against the state of these connections in order to determine whether or not it will be allowed to pass through or rejected Denial of Service Attack A hacker may be able to prevent your network from operating or communicating by launching a Denial of Service DoS attack The method used for such an attack can be as simple as merely flooding your site with more requests than it c...

Page 52: ... 0 5 inch 1 5 cm of untwist in the wire pair is allowed at any termination point A twisted pair Ethernet network operating at 10 Mbits second 10BASE T will often tolerate low quality cables but at 100 Mbits second 10BASE Tx the cable must be rated as Category 5 or Cat 5 by the Electronic Industry Association EIA This rating will be printed on the cable jacket A Category 5 cable will meet specified...

Page 53: ... workstation adapter cards are usually media dependent interface ports called MDI or uplink ports Most repeaters and switch ports are configured as media dependent interfaces with built in crossover ports called MDI X or normal ports Auto Uplink technology automatically senses which connection MDI or MDI X is needed and makes the right connection Figure B 4 illustrates straight through twisted pai...

Page 54: ...Dependant Interface Crossover MDI X When connecting a computer to a computer or a hub port to another hub port the transmit pair must be exchanged with the receive pair This exchange is done by one of two mechanisms Most hubs provide an Uplink switch which will exchange the pairs on one port allowing that port to be connected to another hub using a normal Ethernet cable The second method is to use...

Page 55: ...tically sense whether the Ethernet cable plugged into the port should have a normal connection e g connecting to a computer or an uplink connection e g connecting to a router switch or hub That port will then configure itself to the correct configuration This feature also eliminates the need to worry about crossover cables as Auto UplinkTM will accommodate either type of cable to make the right co...

Page 56: ...NETGEAR Wireless Router Setup Manual B 16 Network Routing and Firewall Basics December 2004 ...

Page 57: ...ng see Ethernet Cabling on page B 11 The cable or DSL broadband modem must provide a standard 10 Mbps 10BASE T or 100 Mbps 100BASE Tx Ethernet interface Computer Network Configuration Requirements The WGM124 includes a built in Web Configuration Manager To access the configuration menus on the WGM124 your must use a Java enabled Web browser program which supports HTTP uploads such as Microsoft Int...

Page 58: ...e required Internet connection information Your Internet service provides all the information needed to connect to the Internet If you cannot locate this information you can ask your Internet service to provide it or you can try one of the options below If you have a computer already connected using the Internet you can gather the configuration information from that computer For Windows 95 98 ME o...

Page 59: ...erver addresses fill in the following Primary DNS Server IP Address ______ ______ ______ ______ Secondary DNS Server IP Address ______ ______ ______ ______ Host and Domain Names Some ISPs use a specific host or domain name like CCA7324 A or home If you haven t been given host or domain names you can use the following examples as a guide If your main e mail account with your ISP is aaa yyy com then...

Page 60: ... install TCP IP so that the computer obtains its specific network configuration information automatically from a DHCP server during bootup For a detailed explanation of the meaning and purpose of these configuration items refer to Appendix B Network Routing and Firewall Basics The wireless router is shipped preconfigured as a DHCP server The firewall assigns the following TCP IP configuration info...

Page 61: ...crosoft Networks If you need to install a new adapter follow these steps a Click the Add button b Select Adapter and then click Add c Select the manufacturer and model of your Ethernet adapter and then click OK If you need TCP IP a Click the Add button b Select Protocol and then click Add Note It is not necessary to remove any other network components shown in the Network window in order to instal...

Page 62: ...omatically Configure TCP IP Settings in Windows 95B 98 and Me After the TCP IP protocol components are installed each PC must be assigned specific information about itself and resources that are available on its network The simplest way to configure this information is to allow the PC to obtain the information from a DHCP server in the network You will find there are many similarities in the proce...

Page 63: ...he desktop Click Start on the task bar located at the bottom left of the window Choose Settings and then Control Panel Locate the Network Neighborhood icon and click on it This will open the Network panel as shown below Verify the following settings as shown Client for Microsoft Network exists Ethernet adapter is present TCP IP is present Primary Network Logon is set to Windows logon Click on the ...

Page 64: ...nternet Configuration screen and click Next 6 Proceed to the end of the Wizard Verifying TCP IP Properties After your PC is configured and has rebooted you can check the TCP IP configuration using the utility winipcfg exe 1 On the Windows taskbar click the Start button and then click Run By default the IP Address tab is open on this window Verify the following Obtain an IP address automatically is...

Page 65: ... may need to install and configure TCP IP on each networked PC Before starting locate your Windows CD you may need to insert it during the TCP IP installation process Install or Verify Windows Networking Components To install or verify the necessary components for IP networking 1 On the Windows taskbar click the Start button point to Settings and then click Control Panel 2 Double click the Network...

Page 66: ... configuration process for each of these versions of Windows DHCP Configuration of TCP IP in Windows XP Locate your Network Neighborhood icon Select Control Panel from the Windows XP new Start Menu Select the Network Connections icon on the Control Panel This will take you to the next step Now the Network Connection window displays The Connections List that shows all the network connections set up...

Page 67: ... This box displays the connection status duration speed and activity statistics Administrator logon access rights are needed to use this window Click the Properties button to view details about the connection The TCP IP details are presented on the Support tab page Select Internet Protocol and click Properties to view the configuration information ...

Page 68: ...set to DHCP without your having to configure it However if there are problems follow these steps to configure TCP IP with DHCP for Windows 2000 Verify that the Obtain an IP address automatically radio button is selected Verify that Obtain DNS server address automatically radio button is selected Click the OK button This completes the DHCP configuration of TCP IP in Windows XP Repeat these steps fo...

Page 69: ...ions Right click on Local Area Connection and select Properties The Local Area Connection Properties dialog box appears Verify that you have the correct Ethernet card selected in the Connect using box Verify that at least the following two items are displayed and selected in the box of Components checked are used by this connection Client for Microsoft Networks and Internet Protocol TCP IP Click O...

Page 70: ...tocol TCP IP Properties dialogue box Verify that Obtain an IP address automatically is selected Obtain DNS server address automatically is selected Click OK to return to Local Area Connection Properties Click OK again to complete the configuration process for Windows 2000 Restart the PC Repeat these steps for each PC with this version of Windows on your network ...

Page 71: ... you need to configure the TCP IP environment for Windows NT 4 0 Follow this procedure to configure TCP IP with DHCP in Windows NT 4 0 Choose Settings from the Start Menu and then select Control Panel This will display Control Panel window Double click the Network icon in the Control Panel window The Network panel will display Select the Protocols tab to continue ...

Page 72: ...NETGEAR Wireless Router Setup Manual C 16 Preparing Your Network December 2004 Highlight the TCP IP Protocol in the Network Protocols box and click on the Properties button ...

Page 73: ...nformation will be listed and should match the values below if you are using the default TCP IP settings that NETGEAR recommends for connecting through a router or gateway The IP address is between 192 168 1 2 and 192 168 1 254 The subnet mask is 255 255 255 0 The TCP IP Properties dialog box now displays Click the IP Address tab Select the radio button marked Obtain an IP address from a DHCP serv...

Page 74: ...rked Macintosh you will need to configure TCP IP to use DHCP MacOS 8 6 or 9 x 1 From the Apple menu select Control Panels then TCP IP The TCP IP Control Panel opens 2 From the Connect via box select your Macintosh s Ethernet interface 3 From the Configure box select Using DHCP Server You can leave the DHCP Client ID box empty 4 Close the TCP IP Control Panel 5 Repeat this for each Macintosh on you...

Page 75: ... configuration by returning to the TCP IP Control Panel From the Apple menu select Control Panels then TCP IP The panel is updated to show your settings which should match the values below if you are using the default TCP IP settings that NETGEAR recommends The IP Address is between 192 168 1 2 and 192 168 1 254 The Subnet mask is 255 255 255 0 The Router address is 192 168 1 1 If you do not see t...

Page 76: ...is connected to the broadband modem the firewall appears to be a single PC to the ISP The firewall then allows the PCs on the local network to masquerade as the single PC to access the Internet through the broadband modem The method used by the firewall to accomplish this is called Network Address Translation NAT or IP masquerading Are Login Protocols Used Some ISPs require a special login protoco...

Page 77: ...cedures are described next Obtaining ISP Configuration Information for Windows Computers As mentioned above you may need to collect configuration information from your PC so that you can use this information when you configure the wireless router Following this procedure is only necessary when your ISP does not dynamically supply the account information To get the information you need to configure...

Page 78: ...h so that you can use this information when you configure the wireless router Following this procedure is only necessary when your ISP does not dynamically supply the account information To get the information you need to configure the firewall for Internet access 1 From the Apple menu select Control Panels then TCP IP The TCP IP Control Panel opens which displays a list of configuration settings ...

Page 79: ...th the firewall you must reset the network for the devices to be able to communicate correctly Restart any computer that is connected to the firewall After configuring all of your computers for TCP IP networking and restarting them and connecting them to the local network of your wireless router you are ready to access and configure the firewall ...

Page 80: ...NETGEAR Wireless Router Setup Manual C 24 Preparing Your Network December 2004 ...

Page 81: ...oup promoting interoperability among 802 11 devices The 802 11 standard offers two methods for configuring a wireless network ad hoc and infrastructure Infrastructure Mode With a wireless access point you can operate the wireless LAN in the infrastructure mode This mode provides wireless connectivity to multiple wireless network devices within a fixed range or area of coverage interacting with wir...

Page 82: ... network with no access points the Basic Service Set Identification BSSID is used In an infrastructure wireless network that includes an access point the ESSID is used but may still be referred to as SSID An SSID is a thirty two character maximum alphanumeric key identifying the name of the wireless local area network Some vendors refer to the SSID as network name For the wireless devices in a net...

Page 83: ...ls in the United States It is recommended that you start using channel 1 and grow to use channel 6 and 11 when necessary as these three channels do not overlap Table D 1 802 11g Radio Frequency Channels Channel Center Frequency Frequency Spread 1 2412 MHz 2399 5 MHz 2424 5 MHz 2 2417 MHz 2404 5 MHz 2429 5 MHz 3 2422 MHz 2409 5 MHz 2434 5 MHz 4 2427 MHz 2414 5 MHz 2439 5 MHz 5 2432 MHz 2419 5 MHz 2...

Page 84: ... services that govern how two 802 11 devices communicate The following events must occur before an 802 11 Station can communicate with an Ethernet network through an access point such as the one built in to the WGM124 1 Turn on the wireless station 2 The station listens for messages from any access points that are in range 3 The station finds a message from an access point that has a matching SSID...

Page 85: ...llowing steps occur when two devices use Open System Authentication 1 The station sends an authentication request to the access point 2 The access point authenticates the station 3 The station associates with the access point and joins the network IN TER N ET LO CA L ACT 1 2 3 4 5 6 7 8 LNK LNK ACT 100 Cable DSL ProSafeWirelessVPNSecurityFirewall MODEL FVM318 PWR TEST W LA N Enable Access Point 1 ...

Page 86: ...xt If the decrypted text matches the original challenge text then the access point and the station share the same WEP Key and the access point authenticates the station 5 The station connects to the network If the decrypted text does not match the original challenge text i e the access point and station do not share the same WEP Key then the access point will refuse to authenticate the station and...

Page 87: ...40 bit encryption 802 11 products typically support up to four WEP Keys Each 40 bit WEP Key is expressed as 5 sets of two hexadecimal digits 0 9 and A F For example 12 34 56 78 90 is a 40 bit WEP Key When configured for 128 bit encryption 802 11g products typically support four WEP Keys but some manufacturers support only one 128 bit key The 128 bit WEP Key is expressed as 13 sets of two hexadecim...

Page 88: ...cation and Encryption A transmitting 802 11 device encrypts the data portion of every packet it sends using a configured WEP Key The receiving 802 11 device decrypts the data using the same WEP Key For authentication purposes the 802 11 network uses Shared Key Authentication Note Some 802 11 access points also support Use WEP for Authentication Only Shared Key Authentication without data encryptio...

Page 89: ...02 1x authentication is required in WPA In the 802 11 standard 802 1x authentication was optional For details on EAP specifically refer to IETF s RFC 2284 With 802 11 WEP all access points and client wireless adapters on a particular wireless LAN must use the same encryption key A major problem with the 802 11 standard is that the keys are cumbersome to change If you don t update the WEP keys ofte...

Page 90: ...rotocol TKIP Michael message integrity code MIC AES Support Support for a Mixture of WPA and WEP Wireless Clients These features are discussed below WPA addresses most of the known WEP vulnerabilities and is primarily intended for wireless infrastructure networks as found in the enterprise This infrastructure includes stations access points and authentication servers typically RADIUS servers The R...

Page 91: ...essfully authenticated The supplicant in the station uses the authentication and cipher suite information contained in the information elements to decide which authentication method and cipher suite to use For example if the access point is using the Pre shared key method then the supplicant need not authenticate using full blown 802 1X Rather the supplicant must simply prove to the access point t...

Page 92: ...uch as Transport Layer Security EAP TLS or EAP Tunneled Transport Layer Security EAP TTLS defines how the authentication takes place Note For environments with a Remote Authentication Dial In User Service RADIUS infrastructure WPA supports Extensible Authentication Protocol EAP For environments without a RADIUS infrastructure WPA supports the use of a preshared key Together these technologies prov...

Page 93: ...o station and Association Requests station to AP also contain WPA information elements 1 Initial 802 1x communications begin with an unauthenticated supplicant i e client device attempting to connect with an authenticator i e 802 11 access point The client sends an EAP start message This begins a series of message exchanges to authenticate the client 2 The access point replies with an EAP request ...

Page 94: ... without needing to upgrade an 802 1x compliant access point As a result you can update the EAP authentication type to such devices as token cards Smart Cards Kerberos one time passwords certificates and public key authentication or as newer types become available and your requirements for security change WPA Data Encryption Key Management With 802 1x the rekeying of unicast encryption keys is opt...

Page 95: ...ayload and update the encrypted ICV without being detected by the receiver With WPA a method known as Michael specifies a new algorithm that calculates an 8 byte message integrity code MIC using the calculation facilities available on existing wireless devices The MIC is placed between the data portion of the IEEE 802 11 frame and the 4 byte ICV The MIC field is encrypted together with the frame d...

Page 96: ...s Wi Fi certified products will support the WPA standard NETGEAR Inc wireless products that had their Wi Fi certification approved before August 2003 will have one year to add WPA so as to maintain their Wi Fi certification WPA requires software changes to the following Wireless access points Wireless network adapters Wireless client programs Supporting a Mixture of WPA and WEP Wireless Clients To...

Page 97: ...element and respond with a specific security configuration The WPA two phase authentication Open system then 802 1x EAP or preshared key TKIP Michael AES optional To upgrade your wireless network adapters to support WPA obtain a WPA update from your wireless network adapter vendor and update the wireless network adapter driver For Windows wireless clients you must obtain an updated network adapter...

Page 98: ...to Wireless Client Programs Wireless client programs must be updated to permit the configuration of WPA authentication and preshared key and the new WPA encryption algorithms TKIP and the optional AES component To obtain the Microsoft WPA client program visit the following Microsoft Web site ...

Page 99: ...n the cable jacket Cat 5 cable contains eight conductors arranged in four twisted pairs and terminated with an RJ45 type connector In addition there are restrictions on maximum cable length for both 10 and 100 Mbits second networks DHCP An Ethernet protocol specifying how a centralized DHCP server can assign network configuration information to multiple DHCP clients The assigned information includ...

Page 100: ...ion information to multiple DHCP clients The assigned information includes IP addresses DNS addresses and gateway router addresses Gateway A local device usually a router that connects hosts on a local network to other networks IP Internet Protocol is the main internetworking protocol used in the Internet Used in conjunction with the Transfer Control Protocol TCP to form TCP IP IP Address A four b...

Page 101: ...bedding Microsoft s network protocol into Internet packets router A device that forwards data between networks An IP router forwards data based on IP source and destination addresses SSID A Service Set Identification is a thirty two character maximum alphanumeric key identifying a wireless local area network For the wireless devices in a network to communicate with each other all devices must be c...

Page 102: ...ubnet Mask 255 255 240 000 11111111 11111111 11110000 00000000 IP Address 150 215 017 009 10010110 11010111 00010001 00001001 Subnet Address 150 215 016 000 10010110 11010111 00010000 00000000 The subnet address therefore is 150 215 016 000 TCP IP The main internetworking protocols used in the Internet The Internet Protocol IP used in conjunction with the Transfer Control Protocol TCP form TCP IP ...

Page 103: ...vice attack B 11 DHCP B 10 DHCP Client ID C 18 DNS server C 22 domain C 22 Domain Name 3 3 domain name server DNS B 9 DoS attack B 11 E EnterNet C 20 erase configuration 5 3 ESSID D 2 Ethernet cable B 11 F factory settings restoring 5 3 fully qualified domain name FQDN 4 4 G gateway address C 22 H host name 3 3 I IANA contacting B 2 IETF B 1 Web site address B 7 infrastructure mode D 2 Internet ac...

Page 104: ...ing 6 7 PC using to configure C 23 placement 4 1 port forwarding behind NAT B 8 PPP over Ethernet C 20 PPPoE C 20 Primary DNS Server 3 4 protocols Address Resolution B 8 DHCP B 10 Routing Information B 2 publications related B 1 R range 4 1 restore configuration 5 1 restore factory settings 5 3 RFC 1466 B 7 B 9 1597 B 7 B 9 1631 B 7 B 9 finding B 7 router concepts B 1 Routing Information Protocol ...

Page 105: ...guring for IP routing C 4 C 9 winipcfg utility C 8 WinPOET C 20 Wired Equivalent Privacy See WEP Wireless Access C 3 Wireless Ethernet D 1 Wireless Performance 4 1 Wireless Range Guidelines 4 1 Wireless Security 4 2 World Wide Web 1 iii WPA PSK 4 4 WPA PSK Password Phrase 4 4 ...

Search results

Summary of Contents for GS608NA

Reviews:

Related manuals for GS608NA

Brands by name

Popular brands

NETGEAR GS608NA, Setup Manual

Search results

Summary of Contents for GS608NA

Reviews:

Related manuals for GS608NA

Brands by name

Popular brands