1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS318N
    5. /
  5. 22
Page 106 / 414 Scroll up to view Page 101 - 105
Wireless Configuration and Security
106
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Mode
Specify the wireless mode in the 2.4-GHz band by making a selection from the
drop-down list:
g and b
. In addition to 802.11b- and 802.11g-compliant devices,
802.11n-compliant devices can connect to the wireless access point because
they are backward compatible.
g only
. 802.11g- and 802.11n-compliant devices can connect to the wireless
access point, but 802.11n-compliant devices function below their capacity in
802.11g mode. 802.11b-compliant devices cannot connect.
ng
. This is the default setting for most countries. 802.11g- and
802.11n-compliant devices can connect to the wireless access point.
802.11b-compliant devices cannot connect.
n only
. Only 802.11n-compliant devices can connect to the wireless access
point.
Channel Spacing
For the ng and n only modes, specify the channel spacing by making a selection
from the drop-down list:
20/40MHz
. Select this option to improve the performance. Some legacy
devices (that is, devices that function only in b or g mode) can operate only in
20 MHz.
20MHz
. Select this option if your network includes legacy devices. This is the
default setting.
Note:
The channel spacing is fixed at 20 MHz for the g and b and g only modes.
Current Channel
This is a nonconfigurable field that shows the current channel if you have
selected Auto from the Channel drop-down list.
Channel
Specify the channel you wish to use on your wireless LAN by making a selection
from the drop-down list. The wireless channels and frequencies depend on the
country and wireless mode. The default setting is Auto.
Note:
It should not be necessary to change the wireless channel unless you
notice interference in the network (indicated by lost connections or slow data
transfers). If this happens, you might want to experiment with different channels
to see which is the best. For more information, see
Operating Frequency
(Channel) Guidelines
following this table.
Note:
For more information about available channels and frequencies, see
Physical and Technical Specifications
on page 385.
Default Transmit Power
From the drop-down list, select the default transmit power:
Full
. This is the default setting.
Half
.
Quarter
.
Eighth
.
Minimum
.
If the country regulation does not allow the transmit power that you select, the
power is automatically adjusted to the legally allowed power, which is then
displayed in the Transmit Power field.
Table 26.
Radio Settings screen settings (continued)
Setting
Descriptions
Page 107 / 414
Wireless Configuration and Security
107
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
WARNING:
When you have changed the country settings, the wireless VPN
firewall will reboot when you click Apply.
3.
Click
Apply
to save your settings.
Operating Frequency (Channel) Guidelines
You should not need to change the operating frequency (channel) unless you notice
interference problems, or are setting up the wireless VPN firewall near another wireless
access point. Observe the following guidelines:
Wireless access points use a fixed channel. You can select a channel that provides the
least interference and best performance. In the United States and Canada, 11 channels
are available.
If you are using multiple wireless access points, it is better if adjacent wireless access
points use different channels to reduce interference. The recommended channel spacing
between adjacent wireless access points is 5 channels (for example, use channels 1 and
6, or 6 and 11).
In infrastructure mode, wireless devices normally scan all channels, looking for a wireless
access point. If more than one wireless access point can be used, the one with the
strongest signal is used. This can happen only when the wireless access points use the
same SSID. The FVS318N wireless VPN firewall functions in infrastructure mode by
default.
Wireless Data Security Options
Indoors, computers can connect over 802.11n wireless networks at a maximum range of
300 feet. Typically, a wireless VPN firewall inside a building works best with devices within a
100 foot radius. Such distances can allow for others outside your immediate area to access
your network.
Unlike wired network data, your wireless data transmissions can extend beyond your walls
and can be received by anyone with a compatible adapter. For this reason, use the security
features of your wireless equipment. The wireless VPN firewall provides highly effective
Transmit Power
This is a nonconfigurable field that shows the actual transmit power in dBm.
Transmission rate
Specify the transmission data rate by making a selection from the drop-down list.
The default setting is Best (Automatic).
Note:
For information about the available MCS indexes and transmission data
rates, see
Physical and Technical Specifications
on page 385.
Table 26.
Radio Settings screen settings (continued)
Setting
Descriptions
Page 108 / 414
Wireless Configuration and Security
108
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
security features that are covered in detail in this chapter. Deploy the security features
appropriate to your needs.
Figure 53.
There are several ways you can enhance the security of your wireless network:
Restrict access based by MAC address
. You can allow only trusted computers to
connect so that unknown computers cannot wirelessly connect to the wireless VPN
firewall. Restricting access by MAC address adds an obstacle against unwanted access
to your network, but the data broadcast over the wireless link is fully exposed. For
information about how to restrict access by MAC address, see
Restrict Wireless Access
by MAC Address
on page 117.
Turn off the broadcast of the wireless network name (SSID)
. If you disable broadcast
of the SSID, only devices that have the correct SSID can connect. This nullifies the
wireless network discovery feature of some products, such as Windows XP, but the data
is still exposed. For information about how to turn of broadcast of the SSID, see
Configure and Enable Wireless Profiles
on page 112.
WEP
. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP
shared key authentication and WEP data encryption block all but the most determined
eavesdropper. This data encryption mode has been superseded by WPA-PSK and
WPA2-PSK.
For information about how to configure WEP, see
Configure and Enable Wireless Profiles
on page 112.
WPA
.
Wi-Fi Protected Access (WPA) data encryption provides strong data security with
Temporal Key Integrity Protocol (TKIP) or a combination of TKIP and Counter Mode with
Cipher Block Chaining Message Authentication Code Protocol (CCMP) encryption. The
very strong authentication along with dynamic per frame rekeying of WPA make it virtually
impossible to compromise. The wireless VPN firewall supports WPA with a pre-shared
key (PSK), RADIUS, or a combination of PSK and RADIUS.
For more information about how to configure WPA, see
Configure and Enable Wireless
Profiles
on page 112.
WPA2
. Wi-Fi Protected Access version 2 (WPA2) data encryption provides strong data
security with CCMP encryption or a combination of TKIP and CCMP encryption. WPA2
Page 109 / 414
Wireless Configuration and Security
109
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
provides the most reliable security. Use WPA2 only if all clients in your network support
WPA2. The wireless VPN firewall supports WPA2 with PSK, RADIUS, or a combination of
PSK and RADIUS.
For more information about how to configure WPA2, see
Configure and Enable Wireless
Profiles
on page 112.
WPA+WPA2 mixed mode
. This mode supports data encryption with a combination of
TKIP and CCMP for both WPA and WPA2 clients. The very strong authentication along
with dynamic per frame rekeying of WPA2 make it virtually impossible to compromise.
The wireless VPN firewall supports WPA+WPA2 with PSK, RADIUS, or a combination of
PSK and RADIUS.
For more information about how to configure WPA+WPA2 mixed mode, see
Configure
and Enable Wireless Profiles
on page 112.
Note:
TKIP provides only legacy (slower) rates of operation. NETGEAR
recommends WPA2 with CCMP to make use of 802.11n rates and
speed.
Wireless Security Profiles
This section consists of the following subsections:
Before You Change the SSID, WEP, and WPA Settings
Configure and Enable Wireless Profiles
Restrict Wireless Access by MAC Address
View the Status of a Wireless Profile
Configure Wi-Fi Protected Setup
Wireless security profiles, hereafter referred to as wireless profiles, let you configure unique
security settings for each SSID on the wireless VPN firewall. The wireless VPN firewall
supports up to four wireless profiles (BSSIDs) that you can configure from the Wireless
Profiles screen (see
Configure and Enable Wireless Profiles
on page 112).
Each wireless profile provides the following features:
Capability to turn off the wireless profile during scheduled vacations and office
shutdowns, on evenings, or on weekends. This a green feature that allows you to save
energy.
WLAN partitioning to prevent associated wireless clients (using the same wireless profile)
from communicating with each other. This feature is useful for hotspots and other public
access situations.
MAC address access control list that lets you add another level of security.
Capability to monitor the clients that are connected to the SSID of the wireless profile.
Page 110 / 414
Wireless Configuration and Security
110
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
To set up a wireless profile, specify a name for the profile and the SSID, type of security with
authentication and data encryption, and whether or not the SSID is broadcast.
Network authentication
The wireless VPN firewall is set by default as an open system with no authentication.
When you configure network authentication, bear in mind that older wireless adapters
might not support WPA or WPA2. Windows XP, Windows 2000 with Service Pack 3,
Windows Vista, and Windows 7 do include the client software that supports WPA.
However, client software is required on the client. Consult the product documentation for
your wireless adapter and WPA or WPA2 client software for instructions on configuring
WPA2 settings.
For information about the types of network authentication that the wireless VPN firewall
supports, see
Configure and Enable Wireless Profiles
on page 112.
Data encryption
Select the data encryption that you want to use. The available options depend on the
network authentication setting described earlier (otherwise, the default is None). The data
encryption settings are explained in
Configure and Enable Wireless Profiles
on page 112.
Some concepts and guidelines regarding the SSID are:
A basic service set (BSS) is a group of wireless devices and a single wireless access
point, all using the same wireless profile or service set identifier (BSSID). The actual
identifier in the BSSID is the MAC address of the wireless radio. (A wireless radio can
have multiple MAC addresses, one for each wireless profile.)
An extended service set (ESS) is a group of wireless devices, all using the same identifier
(ESSID).
Different devices within an ESS can use different channels. To reduce interference,
adjacent devices should use different channels.
Roaming is the ability of wireless devices to connect wirelessly when they physically
move from one BSS to another one within the same ESS. The wireless device
automatically changes to the wireless access point with the least interference or best
performance.
Before You Change the SSID, WEP, and WPA Settings
For a new wireless network, print or copy the following form and fill in the settings. For an
existing wireless network, the network administrator can provide this information. Be sure to
set the Country/Region correctly as the first step.

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top