1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. DGN2000
    5. /
  5. 8
Page 36 / 126 Scroll up to view Page 31 - 35
Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual
2-10
Configuring Your Wireless Network and Security Settings
v1.0, July 2008
Manually Configuring Your Wireless Security
To set up wireless security, you can either manually configure it in the Wireless Settings screen, or
you can use Wi-Fi Protected Setup (WPS) to automatically set the SSID and implement
WPA/WPA2 security (see
“Using Push 'N' Connect (WPS) to Configure Your Wireless Network
and Security” on page 2-17
).
Security Options
(continued)
WPA2-PSK
WPA Pre-Shared-Key (Wi-Fi Protected Access 2 with Pre-
Shared Key) uses a pre-shared key to perform the
authentication and generate the initial data encryption keys.
Then, it dynamically varies the encryption key. WPA2-PSK
provides the best throughput with 802.11N because the
encryption is supported in the hardware. WPA2-PSK uses
AES (Advanced Encryption Standard) data encryption,
implements the full IEEE 802.11i standard, but does not
work with some older network cards. See
“Configuring
Mixed WPA-PSK+WPA2-PSK Security
.”
Mixed WPS-PSK+
WPA2-PSK
Mixed WPA-PSK + WPA2-PSK uses both WPA-PSK +
WPA2-PSK standard encryption. A high performance client
such as the NETGEAR WN511B should connect using
WPA2-PSK in order to achieve maximum performance.
Wireless clients that connect to this router using WPA-PSK
will run at reduced performance levels. See
“Configuring
Mixed WPA-PSK+WPA2-PSK Security
.”
WPA-802.1x
In WPA-802.1x mode, user authentication is implemented
using 802.1x and RADIUS servers. See
“Configuring WPA-
802.1x
.”
Note:
If you use a wireless computer to configure wireless security settings, you will be
disconnected when you click
Apply
. Reconfigure your wireless computer to match
the new settings, or access the modem router from a wired computer to make fur-
ther changes.
Table 2-1.
Wireless Settings (continued)
Settings
Description
Page 37 / 126
Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual
Configuring Your Wireless Network and Security Settings
2-11
v1.0, July 2008
Restricting Wireless Access to Your Network
By default, any wireless PC that is configured with the correct SSID can access your wireless
network. For increased security, the modem router provides several ways to restrict wireless access
to your network. You can do the following:
Turn off wireless connectivity completely.
Restrict access based on the wireless network name (SSID).
Restrict access based on the Wireless Card Access List.
These options are discussed in the following sections.
Turning off wireless connectivity completely
You can completely turn off the wireless connectivity of the modem router by pressing the
Wireless On/Off button on the side panel of the modem router. For example, if you use your
notebook computer to wirelessly connect to your modem router and you take a business trip, you
can turn off the wireless portion of the modem router while you are traveling. Other members of
your household who use computers connected to the modem router through Ethernet cables can
still use the modem router. To do this, clear the
Enable Wireless Access Point
check box on the
Wireless Settings screen, and then click
Apply
.
Hiding your wireless network name (SSID)
By default, the modem router is set to broadcast its wireless network name (SSID). You can
restrict wireless access to your network by not broadcasting the wireless network name (SSID). To
do this, clear the
Allow Broadcast of Name (SSID)
check box on the Wireless Settings screen,
and then click
Apply
. Wireless devices will not “see” your modem router. You must configure
your wireless devices to match the wireless network name (SSID) of the modem router.
Restricting access by MAC address
For increased security, you can restrict access to the wireless network to allow only specific PCs
based on their MAC addresses. You can restrict access to only trusted PCs so that unknown PCs
cannot wirelessly connect to the Amodem router. MAC address filtering adds an obstacle against
Warning:
The SSID of any wireless access adapters must match the SSID you specify in
the modem router. If they do not match, you will not get a wireless connection
to the modem router.
Page 38 / 126
Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual
2-12
Configuring Your Wireless Network and Security Settings
v1.0, July 2008
unwanted access to your network, but the data broadcast over the wireless link is fully
exposed.The Wireless Station Access list determines which wireless hardware devices will be
allowed to connect to the modem router.
To restrict access based on MAC addresses:
1.
Log in to the modem router at its default LAN address of
with its default
user name of
admin
and default password of
password
, or using whatever LAN address and
password you have set up.
2.
In the Wireless Settings screen, under the Wireless Station Access List section, click the
Setup
Access List
button to display the list.
3.
Select the
Turn Access Control On
check box to enable the restricting of wireless computers
by their MAC addresses.
Note:
If you configure the modem router from a wireless computer, add your com-
puter’s MAC address to the access list. Otherwise you will lose your wireless
connection when you click Apply. You must then access the modem router
from a wired computer, or from a wireless computer that is on the access con-
trol list, to make any further changes.
Figure 2-3
Page 39 / 126
Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual
Configuring Your Wireless Network and Security Settings
2-13
v1.0, July 2008
4.
If the wireless station is currently connected to the network, you can select it from the
Available Wireless Stations list. Click
Add
to add the station to the Trusted Wireless Stations
list.
5.
If the wireless station is not currently connected, you can enter its address manually. Enter the
MAC address of the authorized computer. The MAC address is usually printed on the wireless
card, or it might appear in the modem router’s DHCP table. The MAC address is
12 hexadecimal digits.
Click
Add
to add your entry. You can add several stations to the list. When you are finished
adding stations, click
Apply
.
6.
Make sure the
Turn Access Control On
check box is selected, and then click
Apply
.
Now, only devices on this list will be allowed to wirelessly connect to the modem router. This
prevents unauthorized access to your network.
Configuring Mixed WPA-PSK+WPA2-PSK Security
A high-performance client such as the NETGEAR WN511B must connect to the modem router
using WPA2-PSK to achieve maximum performance. Wireless clients that connect to the modem
router using WPA-PSK run at no more than 802.11g speed. This option allows wireless clients to
use either encryption method.
Note:
You can copy and paste the MAC addresses from the modem router’s Attached
Devices screen into the MAC Address field of this screen. To do this, configure
each wireless computer to obtain a wireless link to the modem router. The
computer should then appear in the Attached Devices screen.
Note:
If you are configuring the modem router from a wireless computer whose
MAC address is not in the Trusted Wireless Stations list, and you select trusted
wireless stations only, you will lose your wireless connection when you click
Apply
. You must then access the modem router from a wired computer to
make any further changes.
Page 40 / 126
Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual
2-14
Configuring Your Wireless Network and Security Settings
v1.0, July 2008
To configure Mixed WPA-PSK+WPA2-PSK:
1.
Log in at the default LAN address of
,
with the default user name of
admin
and default password of
password
, or using whatever LAN address and password you have
set up.
2.
Select
Wireless Settings
below Setup in the main menu of the modem router.
3.
Select the
Mixed WPA-PSK+WPA2-PSK
radio button. The Wireless Settings screen
expands to include the WPA-PSK.
4.
Enter the pre-shared key in the
Network Key
field using between 8 and 63 characters.
Click
Save
to save your settings or click
Apply
to allow your changes to take effect
immediately.
For details about WPA-802.1x authentication options, see
“Configuring WPA-802.1x” on
page 2-16
.
Choosing Alternative Authentication and Encryption Methods
Restricting wireless access prevents intruders from connecting to your network. However, the
wireless data transmissions are still vulnerable to snooping. Using the data encryption settings
described in this section will prevent a determined intruder from eavesdropping on your wireless
data communications. Also, if you are using the Internet for such activities as purchases or
banking, those Internet sites use another level of highly secure encryption called SSL. You can tell
if a web site is using SSL because the Web address begins with HTTPS rather than HTTP.
Note:
Not all wireless adapters support WPA or WPA2. Furthermore, client software is
required on the client. Windows XP and Windows 2000 with Service Pack 3 do
include the client software that supports WPA. Nevertheless, the wireless adapter
hardware and driver must also support WPA. Consult the product document for
your wireless adapter and WPA client software for instructions on configuring
WPA settings.
Note:
The procedures to configure WPA-PSK and WPA2-PSK are identical to the
procedure to configure Mixed WPA-PSK+WPA2-PSK. The only difference is that
you select either the
WPA-PSK (Wi-Fi Protected Access Pre-Shared Key)
or
WPA2-PSK (Wi-Fi Protected Access 2 with Pre-Shared Key)
radio button in
step 3
.

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top