Wireless Cable Modem Gateway CGD24G User Manual

2-2

Wireless Configuration

v1.1, May 2009

•

Push 'N' Connect (WPS) automatically implements wireless security on the gateway while, at

the same time, allowing you to automatically implement wireless security on any WPS-

enabled devices (such as wireless computers and wireless adapter cards). You activate WPS by

pressing a WPS button on the gateway, clicking an onscreen WPS button, or entering a PIN

number. This generates a new SSID and implements WPA/WPA2 security.

To set up your wireless network using the WPS feature:

–

Use the WPS button on the side of the gateway (there is also an onscreen WPS button), or

enter the PIN of the wireless device.

–

Make sure that all wireless computers and wireless adapters on the network are

Wi-Fi

certified and WPA or WPA 2 capable, and that they support WPS configuration.

See

“Using Push 'N' Connect (WPS) to Configure Your Wireless Network and Security” on

page 2-10

.

Wireless Placement and Range Guidelines

The range of your wireless connection can vary significantly based on the physical placement of

the gateway. The latency, data throughput performance, and notebook power consumption of

wireless adapters also vary depending on your configuration choices.

For best results, place your gateway according to the following guidelines:

•

Near the center of the area in which your PCs will operate.

•

In an elevated location such as a high shelf where the wirelessly connected PCs have line-of-

sight access (even if through walls).

•

Away from sources of interference, such as PCs, microwave ovens, and 2.4 GHz cordless

phones.

•

Away from large metal surfaces.

•

Put the antenna in a vertical position to provide the best side-to-side coverage. Put the antenna

in a horizontal position to provide the best up-and-down coverage.

Note:

NETGEAR’s Push 'N' Connect feature is based on the Wi-Fi Protected Setup

(WPS) standard (for more information, see

). All other Wi-

Fi-certified and WPS-capable products should be compatible with NETGEAR

products that implement Push 'N' Connect.

Wireless Cable Modem Gateway CGD24G User Manual

Wireless Configuration

2-3

v1.1, May 2009

•

If using multiple access points, it is better if adjacent access points use different radio

frequency channels to reduce interference. The recommended channel spacing between

adjacent access points is 5 channels (for example, use Channels 1 and 6, or 6 and 11).

The time it takes to establish a wireless connection can vary depending on both your security

settings and placement. WEP connections can take slightly longer to establish. Also, WEP

encryption can consume more battery power on a notebook computer.

Wireless Security Options

Indoors, computers can connect over 802.11g wireless networks at a maximum range of up to 300

feet. Such distances can allow for others outside your immediate area to access your network.

Unlike wired network data, your wireless data transmissions can extend beyond your walls and

can be received by anyone with a compatible adapter. For this reason, use the security features of

your wireless equipment. The CGD24G gateway provides highly effective security features which

are covered in detail in this chapter. Deploy the security features appropriate to your needs.

There are several ways you can enhance the security of your wireless network:

•

WEP.

Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared

Key authentication and WEP data encryption block all but the most determined eavesdropper.

This data encryption mode has been superseded by WPA-PSK and WPA2-PSK.

•

WPA-PSK (TKIP), WPA2-PSK (AES)

. Wi-Fi Protected Access (WPA) using a pre-shared

key to perform authentication and generate the initial data encryption keys. The very strong

authentication along with dynamic per frame re-keying of WPA makes it virtually impossible

to compromise.

•

Restrict access to your router.

For more information about wireless technology, see the link to the online document in

“Wireless

Networking Basics” in Appendix B

.

Manually Configuring Your Wireless Settings and Security

You can view or manually configure the wireless settings for the gateway in the Wireless Settings

screen. If you want to make changes, make sure to note the current settings first.

Note:

If you use a wireless computer to change the wireless network name (SSID) or

wireless security settings, you will be disconnected when you click

Apply

. To

avoid this problem, use a computer with a wired connection to access the gateway.

Wireless Cable Modem Gateway CGD24G User Manual

2-4

Wireless Configuration

v1.1, May 2009

To view or manually configure the wireless settings:

1.

Log in to the gateway using its default address of

or at whatever IP address

the unit is currently configured.

2.

In the main menu, under Setup, select Wireless Settings. The Wireless Settings screen

displays.

The settings for this screen are explained in

Table 2-1 on page 2-5

.

3.

If you make changes, you must click

Apply

for them to take effect.

Figure 2-1

Wireless Cable Modem Gateway CGD24G User Manual

Wireless Configuration

2-5

v1.1, May 2009

Table 2-1.

Wireless Settings

Settings

Description

Wireless Network

Name (SSID)

The SSID is also known as the wireless network name.

Enter a 32-character (maximum) name in this field. The

characters are case sensitive.

In a setting where there is more than one wireless

network, different wireless network names provide a

means for separating the traffic. Any device you want to

participate in a wireless network must use the SSID.

Channel

The wireless channel used by the gateway. The default is

channel 11.

You should not need to change the wireless channel

unless you experience interference (shown by lost

connections and/or slow data transfers). Should this

happen, you may need to experiment with different

channels to see which is the best.

Wireless Access

Point

Enable Wireless Access

Point

On by default, you can also turn off the wireless radio to

disable access through this device. This can be helpful

for configuration, network tuning, or troubleshooting

activities.

Allow Broadcast Name

(SSID)

On by default, the gateway broadcasts its SSID, allowing

wireless stations which have a “null” (blank) SSID to

adopt the correct SSID. The default SSID is NETGEAR.

If you disable broadcast of the SSID, only devices that

have the correct SSID can connect. This nullifies the

wireless network “discovery” feature of some products

such as Windows XP, but the data is still fully exposed to

a determined snoop using specialized test equipment

like wireless sniffers. For this reason NETGEAR

recommends that you also enable wireless security.

Wireless Card

Access List

Turn Access Control On

Access control is disabled by default so that any

computer that is configured with the correct SSID can

connect. For information about access control, see

“Turning on Access Control to Restrict Access by MAC

Address” on page 2-19

.

Security Options

Disable

Wireless security is disabled by default. After the

gateway is connected to the Internet, NETGEAR strongly

recommends that you implement wireless security.

Wireless Cable Modem Gateway CGD24G User Manual

2-6

Wireless Configuration

v1.1, May 2009

Configuring WEP (Wired Equivalent Privacy) Wireless Security

To configure WEP data encryption:

1.

Log in to the gateway using its default address of

or at whatever IP address

the unit is currently configured. Use the default user name of

admin

and default password of

password

, or the password you have set up.

2.

In the main menu, under Setup, select

Wireless Settings

.

Security Options

(continued)

•

WEP (Wired Equivalent

Privacy) 64-bit encryption

•

WEP (Wired Equivalent

Privacy) 128-bit encryption

WEP security uses encryption keys.

Wired Equivalent Privacy (WEP) data encryption

provides data security. WEP Shared Key authentication

and WEP data encryption will block all but the most

determined eavesdropper.

You can select 64-bit or 128-bit encryption. See

“Configuring WEP (Wired Equivalent Privacy) Wireless

Security” on page 2-6

.

• WPA

•

WPA-PSK (Wi-Fi

Protected Access Pre-

Shared Key)

• WPA2

•

WPA2-PSK (Wi-Fi

Protected Access 2 Pre-

Shared Key)

Wi-Fi Protected Access (WPA) data encryption provides

data security. The very strong authentication along with

dynamic per frame rekeying of WPA make it virtually

impossible to compromise. Because this is a new

standard, wireless device driver and software availability

may be limited.

WPA uses the TKIP encryption type and a

pre-shared key passphrase

WPA-PSK uses the TKIP encryption type with

authentication from a RADIUS server.

WPA2 uses the AES encryption type and a

pre-shared key passphrase.

WPA2-PSK uses the AES encryption type with

authentication from a RADIUS server.

For more information about WPA, see

“Configuring WPA

or WPA2 Wireless Security” on page 2-8

.

Note:

If you use a wireless computer to configure wireless security settings, you will be

disconnected when you click Apply. Reconfigure your wireless computer to match

the new settings, or access the gateway from a wired computer to make further

changes.

Table 2-1.

Wireless Settings (continued)

Settings

Description