1. Home
    2. /
  2. Manuals
    3. /
  3. Linksys
    4. /
  4. WAG54GP2
    5. /
  5. 21
Page 101 / 128 Scroll up to view Page 96 - 100
92
Appendix B:
Security Threats Facing Wireless Networks
Wireless-G ADSL Gateway with 2 Phone Ports
SSID.
There are several things to keep in mind about the SSID:
1.
Disable Broadcast
2.
Make it unique
3.
Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be
more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast
the SSID.
Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.)
Hackers know these defaults and can check these against your network. Change your SSID to something unique
and not something related to your company or the networking products you use.
Change your SSID regularly so that any hackers who have gained access to your wireless network will have to
start from the beginning in trying to break in.
MAC Addresses.
Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only
those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with
a random MAC Address.
WEP Encryption.
Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security
concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job
more difficult.
There are several ways that WEP can be maximized:
1.
Use the highest level of encryption possible
2.
Use “Shared Key” authentication
3.
Change your WEP key regularly
WPA.
Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are
available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP
(Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message
Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes
a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a
RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.
Important:
Always remember that each
device in your wireless network MUST use
the same encryption method and encryption
key or your wireless network will not function
properly.
Downloaded from
www.Manualslib.com
manuals search engine
Page 102 / 128
93
Appendix B:
Security Threats Facing Wireless Networks
Wireless-G ADSL Gateway with 2 Phone Ports
WPA Pre-Shared Key
. If you do not have a RADIUS server, select the type of algorithm, TKIP or AES, enter a
password in the Pre-Shared key field of 8-64 characters, and enter a Group Key Renewal period time between
0 and 99,999 seconds, which instructs the Router or other device how often it should change the encryption
keys.
WPA RADIUS
. WPA used in coordination with a RADIUS server. (This should only be used when a RADIUS
server is connected to the Router or other device.) First, select the type of WPA algorithm,
TKIP
or
AES
. Enter
the RADIUS server’s IP Address and port number, along with a key shared between the device and the server.
Last, enter a Group Key Renewal period, which instructs the device how often it should change the encryption
keys.
RADIUS
. WEP used in coordination with a RADIUS server. (This should only be used when a RADIUS server is
connected to the Router or other device.) First, enter the RADIUS server’s IP Address and port number, along
with a key shared between the device and the server. Then, select a WEP key and a level of WEP encryption,
and either generate a WEP key through the Passphrase or enter the WEP key manually.
Implementing encryption may have a negative impact on your network’s performance, but if you are transmitting
sensitive data over your network, encryption should be used.
These security recommendations should help keep your mind at ease while you are enjoying the most flexible
and convenient technology Linksys has to offer.
Downloaded from
www.Manualslib.com
manuals search engine
Page 103 / 128
94
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
Introduction
Wireless-G ADSL Gateway with 2 Phone Ports
Appendix C: Configuring IPSec between a Windows 2000
or XP Computer and the Gateway
Introduction
This document demonstrates how to establish a secure IPSec tunnel using preshared keys to join a private
network inside the Gateway and a Windows 2000 or XP computer. You can find detailed information on
configuring the Windows 2000 server at the Microsoft website:
Microsoft KB Q252735 - How to Configure IPSec Tunneling in Windows 2000
Microsoft KB Q257225 - Basic IPSec Troubleshooting in Windows 2000
Environment
The IP addresses and other specifics mentioned in this appendix are for illustration purposes only.
Windows 2000 or Windows XP
IP Address: 140.111.1.2 <= User ISP provides IP Address; this is only an example.
Subnet Mask: 255.255.255.0
WAG54G
WAN IP Address: 140.111.1.1 <= User ISP provides IP Address; this is only an example.
Subnet Mask: 255.255.255.0
LAN IP Address: 192.168.1.1
Subnet Mask: 255.255.255.0
NOTE:
Keep a record of any changes you make. Those
changes will be identical in the Windows “secpol”
application and the Gateway’s Web-Based Utility.
NOTE:
This section’s instructions and figures refer to
the Gateway. Substitute “Gateway” for “Router”. Also,
the text on your screen may differ from the text in your
instructions for “OK or Close”; click the appropriate
button on your screen.
Downloaded from
www.Manualslib.com
manuals search engine
Page 104 / 128
95
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
How to Establish a Secure IPSec Tunnel
Wireless-G ADSL Gateway with 2 Phone Ports
How to Establish a Secure IPSec Tunnel
Step 1: Create an IPSec Policy
1.
Click the
Start
button, select
Run
, and type
secpol.msc
in the
Open
field.
The
Local Security Setting
screen
will appear.
2.
Right-click
IP Security Policies on Local Computer
(Win XP) or
IP Security Policies on Local Machine
(Win 2000), and click
Create IP Security Policy
.
3.
Click the
Next
button, and then enter a name for your policy (for example, to_Router). Then, click
Next
.
4.
Deselect the
Activate the default response rule
check box, and then click the
Next
button.
5.
Click the
Finish
button, making sure the
Edit
check box is checked.
Step 2: Build Filter Lists
Filter List 1: win->Router
1.
In the new policy’s properties screen, verify that the
Rules
tab is selected. Deselect the
Use Add Wizard
check box, and click the
Add
button to create a new rule.
2.
Make sure the
IP Filter List
tab is selected, and click the
Add
button. The
IP Filter List
screen should appear.
Enter an appropriate name, such as win->Router, for the filter list, and de-select the
Use Add
Wizard
check
box. Then, click the
Add
button.
NOTE:
The references in this section to “win” are
references to Windows 2000 and XP. Substitute the
references to “Router” with “Gateway”. Also, the text
on your screen may differ from the text in your
instructions for “OK or Close”; click the appropriate
button on your screen.
Figure C-1: Local Security Screen
Figure C-2: Rules Tab
Figure C-3: IP Filter List Tab
Downloaded from
www.Manualslib.com
manuals search engine
Page 105 / 128
96
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
How to Establish a Secure IPSec Tunnel
Wireless-G ADSL Gateway with 2 Phone Ports
3.
The
Filters Properties
screen will appear. Select the
Addressing
tab. In the
Source address
field, select
My IP
Address
. In the
Destination address
field, select
A specific IP Subnet
, and fill in the IP Address: 192.168.1.0
and Subnet mask: 255.255.255.0. (These are the Gateway’s default settings. If you have changed these
settings, enter your new values.)
4.
If you want to enter a description for your filter, click the
Description
tab and enter the description there.
5.
Click the
OK
button. Then, click the
OK
or
Close
button on the
IP Filter List
window.
Filter List 2: Router ->win
6.
The
New Rule Properties
screen will appear. Select the
IP Filter List
tab, and make sure that
win -> Router
is highlighted. Then, click the
Add
button.
Figure C-4: IP Filter LIst
Figure C-5: Filters Properties
Figure C-6: New Rule Properties
Downloaded from
www.Manualslib.com
manuals search engine

Rate

3.5 / 5 based on 2 votes.

Popular Linksys Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top