Wireless Configuration

4-1

M-10153-01

Chapter 4

Wireless Configuration

This chapter describes how to configure the wireless features of your WGT624 v2 wireless router.

In planning your wireless network, you should consider the level of security required. You should

also select the physical placement of your firewall in order to maximize the network speed. For

further information on wireless networking, refer to in

Appendix D, “Wireless Networking Basics

.

Observe Performance, Placement, and Range Guidelines

The operating distance or range of your wireless connection can vary significantly based on the

physical placement of the wireless firewall. The latency, data throughput performance, and

notebook power consumption of wireless adapters also vary depending on your configuration

choices.

For best results, place your firewall:

•

Near the center of the area in which your PCs will operate.

•

In an elevated location such as a high shelf where the wirelessly connected PCs have

line-of-sight access (even if through walls).

•

Away from sources of interference, such as PCs, microwaves, and 2.4 GHz cordless phones.

•

Away from large metal surfaces.

The time it takes to establish a wireless connection can vary depending on both your security

settings and placement. WEP connections can take slightly longer to establish. Also, WEP

encryption can consume more battery power on a notebook PC.

Note:

Failure to follow these guidelines can result in significant performance

degradation or inability to wirelessly connect to the router. For complete range/

performance specifications, please see

Appendix A, “Technical Specifications

.”

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v2

4-2

Wireless Configuration

M-10153-01

Implement Appropriate Wireless Security

Unlike wired network data, your wireless data transmissions can be received well beyond your

walls by anyone with a compatible adapter. For this reason, use the security features of your

wireless equipment. The WGT624 v2 wireless router provides highly effective security features

which are covered in detail in this chapter. Deploy the security features appropriate to your needs.

Figure 4-1:

WGT624 v2 wireless data security options

There are several ways you can enhance the security of you wireless network.

•

Restrict Access Based on MAC address.

You can restrict access to only trusted PCs o that

unknown PCs cannot wirelessly connect to the WGT624 v2. MAC address filtering adds an

obstacle against unwanted access to your network, but the data broadcast over the wireless link

is fully exposed.

•

Turn Off the Broadcast of the Wireless Network Name SSID.

If you disable broadcast of

the SSID, only devices that have the correct SSID can connect. This nullifies the wireless

network ‘discovery’ feature of some products such as Windows XP, but the data is still fully

exposed to a determined snoop using specialized test equipment like wireless sniffers.

•

WEP.

Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared

Key authentication and WEP data encryption will block all but the most determined

eavesdropper.

Note:

Indoors, computers can connect over 802.11b/g wireless networks at

ranges of up to 500 feet.

Such distances can allow for others outside of your

immediate area to access your network.

1) Open System: Easy but no security

2) MAC Access List: No data security

3) WEP: Security but some performance impact

Wireless Data

Security Options

Range: Up to 300 Foot Radius

WGT624 v2

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v2

Wireless Configuration

4-3

M-10153-01

•

Turn Off the Wired LAN.

If you disable the wireless LAN, wireless devices cannot

communicate with the router at all. You might choose to turn off the wireless the LAN when

you are away and the others in the household all use wired connections.

Understanding Wireless Settings

To configure the Wireless settings of your firewall, click the Wireless link in the main menu of the

browser interface. The Wireless Settings menu will appear, as shown below.

Figure 4-2:

Wireless Settings menu

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v2

4-4

Wireless Configuration

M-10153-01

The 802.11b and 802.11g wireless networking protocols are configured in exactly the same

fashion.

•

Name (SSID).

The SSID is also known as the wireless network name. Enter a value of up to

32 alphanumeric characters. In a setting where there is more than one wireless network,

different wireless network names provide a means for separating the traffic. Any device you

want to participate in a particular wireless network will need to use this SSID for that network.

The WGT624 v2 default SSID is:

NETGEAR

.

•

Region.

This field identifies the region where the WGT624 v2 can be used. It may not be legal

to operate the wireless features of the wireless router in a region other than one of those

identified in this field.

•

Channel.

This field determines which operating frequency will be used. It should not be

necessary to change the wireless channel unless you notice interference problems with another

nearby access point. For more information on the wireless channel frequencies please refer to

“Wireless Channels” on page D-7

.

•

Mode.

This field determines which data communications protocol will be used. You can select

“g only,” 108 Mbps Turbo g only, or “g and b.” “g only” dedicates the WGT624 v2 to

communicating with the higher bandwidth 802.11g wireless devices exclusively. The “g and

b” mode provides backward compatibility with the slower 802.11b wireless devices while still

enabling 802.11g communications. The 108 Mbps Turbo mode only works with other 802.11g

turbo devices that support this turbo mode.

•

Allow Broadcast of Name (SSID).

If you disable broadcast of the SSID, only devices that

have the correct SSID can connect. Disabling SSID broadcast nullifies the wireless network

‘discovery’ feature of some products such as Windows XP.

•

Enable Wireless Access Point.

If you disable the wireless access point, wireless devices

cannot connect to the WGT624 v2.

•

Wireless Card Access List.

When the Trusted PCs Only radio button is selected, the WGT624

v2 checks the MAC address of the wireless station and only allows connections to PCs

identified on the trusted PCs list.

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v2

Wireless Configuration

4-5

M-10153-01

Understanding WEP Authentication and Encryption

Restricting wireless access to your network prevents intruders from connecting to your network.

However, the wireless data transmissions are still vulnerable to snooping. Using the WEB data

encryption settings described below will prevent a determined intruder from eavesdropping on

your wireless data communications. Also, if you are using the Internet for such activities as

purchases or banking, those Internet sites use another level of highly secure encryption called SSL.

You can tell if a web site is using SSL because the web address begins with HTTPS rather than

HTTP.

Authentication Scheme Selection

Figure 4-3:

Encryption Strength

The WGT624 v2 lets you select the following wireless authentication schemes.

•

Automatic.

•

Open System.

•

Shared key.

Be sure to set your wireless adapter according to the authentication scheme you choose for the

WGT624 v2 wireless router. Please refer to

“Authentication and WEP” on page D-3

for a full

explanation of each of these options, as defined by the IEEE 802.11 wireless communication

standard.

Note:

The authentication scheme is separate from the data encryption. You can

choose an authentication scheme which requires a shared key but still leave the

data transmissions unencrypted. If you require strong security, use both the

Shared Key and WEP encryption settings

.