Page 26 / 134 Scroll up to view Page 21 - 25
NETGEAR RangeMax™ Dual Band Wireless-N Router WNDR3300 Reference Manual
2-2
Safeguarding Your Network
v1.0, February 2008
NETGEAR recommends using WEP with Shared Key authentication. Do not run an unsecured
wireless network unless it is your intention to provide free Internet access for the public.
WEP connections can take slightly longer to establish. Also, WEP, WPA-PSK, and WPA2-PSK
encryption can consume more battery power on a notebook computer, and can cause significant
performance degradation with a slow computer.
The WNDR3300 router provides two screens for configuring the wireless settings, the basic
Wireless Settings screen, which you access under Setup in the main menu (
“Changing Basic
Wireless Settings” on page 2-5
), and the advanced Wireless Settings screen, which you access
under Advanced (
“Changing Basic Wireless Settings” on page 2-5
).
Basic security options are listed in order of increasing effectiveness in
Table 2-1
. Other features
that affect security are listed in
Table 2-2
. For more details on wireless security methods, click the
link to the online document
“Wireless Networking Basics” in Appendix B
.
Note:
NETGEAR recommends that you change the administration password of your
router. Default passwords are well known, and an intruder can use your
administrator access to read or disable your security settings. For information
about how to change the administrator password, see
“Changing the Administrator
Password” on page 2-19
.
Figure 2-1
WNDR3300
1) Open system: easy but no security
2) MAC access list: no data security
3) WEP: security but some performance
impact
4) WPA-PSK: strong security
5) WPA2-PSK: very strong security
Wireless data
security options
Range: up to 300 foot radius
Note:
Use these with other features that enhance security (
Table 2-2 on page 2-3
).
Page 27 / 134
NETGEAR RangeMax™ Dual Band Wireless-N Router WNDR3300 Reference Manual
Safeguarding Your Network
2-3
v1.0, February 2008
Table 2-1.
Wireless Security Options
Security Type
Description
None
.
No wireless security. Recommended only for
troubleshooting wireless connectivity. Do not run an
unsecured wireless network unless it is your
intention to provide free Internet access for the
public.
WEP
. Wired Equivalent Privacy.
Wired Equivalent Privacy (WEP) data encryption
provides moderate data security. WEP Shared Key
authentication and WEP data encryption can be
defeated by a determined eavesdropper using
publicly available tools.
For more information, see
“Configuring WEP
Wireless Security” on page 2-8
.
WPA-PSK (TKIP)
. WPA-PSK standard encryption
with TKIP encryption type.
WPA2-PSK (AES)
. Wi-Fi Protected Access version 2
with Pre-Shared Key; WPA2-PSK standard
encryption with the AES encryption type.
WPA-PSK (TKIP) + WPA2-PSK (AES)
. Mixed mode.
Wi-Fi Protected Access with Pre-Shared Key (WPA-
PSK and WPA2-PSK) data encryption provides
extremely strong data security, very effectively
blocking eavesdropping. Because WPA and WPA2
are relatively new standards, older wireless adapters
and devices might not support them.
For more information, see
“Configuring WPA-PSK,
WPA2-PSK, or WPA-PSK+WPA2-PSK Wireless
Security” on page 2-10
.
Table 2-2.
Other Features That Enhance Security
Security Type
Description
Disable the wireless router radio.
If you disable the wireless router radio, wireless
devices cannot communicate with the router at all.
You might disable this when you are away or when
other users of your network all use wired
connections.
For more information, see
“Viewing Advanced
Wireless Settings” on page 2-11
.
Turn off the broadcast of the wireless network
name SSID.
If you disable the broadcast of the SSID, only
devices that know the correct SSID can connect.
This nullifies the wireless network discovery feature
of some products such as Windows XP, but your data
is still fully exposed to an intruder using available
wireless eavesdropping tools.
For more information, see
“Viewing Advanced
Wireless Settings” on page 2-11
.
Page 28 / 134
NETGEAR RangeMax™ Dual Band Wireless-N Router WNDR3300 Reference Manual
2-4
Safeguarding Your Network
v1.0, February 2008
Recording Basic Wireless Settings Setup Information
Before customizing your wireless settings, print this section, and record the following information.
If you are working with an existing wireless network, the person who set up or is responsible for
the network can provide this information. Otherwise, you must choose the settings for your
wireless network. Either way, record the settings for your wireless network in the spaces provided.
11N Wireless Network Name (SSID)
.
______________________________ The SSID
identifies the wireless network. You can use up to 32 alphanumeric characters. The SSID
is
case-sensitive. The SSID in the wireless adapter card must match the SSID of the wireless
router. In some configuration utilities (such as in Windows XP), the term “wireless network
name” is used instead of SSID.
11G Wireless Network Name (SSID)
. ______________________________
Restrict access based on MAC address.
You can restrict access to only trusted computers so
that unknown computers cannot wirelessly connect
to the WNDR3300 router. MAC address filtering
adds an obstacle against unwanted access to your
network by the general public, but the data broadcast
over the wireless link is fully exposed. This data
includes your trusted MAC addresses, which can be
read and impersonated by a hacker.
For more information, see
“Restricting Wireless
Access by MAC Address” on page 2-17
.
Modify your firewall’s rules.
By default, the firewall allows any outbound traffic
and prohibits any inbound traffic except for
responses to your outbound traffic. However, you
can modify the firewall’s rules.
For more information, see
“Understanding Your
Firewall” on page 2-21
.
Use WPS (Wi-Fi Protected Setup).
Wi-Fi Protected Setup provides easy setup by
means of a push button. Older wireless adapters and
devices might not support this. Check whether
devices are WPS enabled.
For more information, see
“Using WPS Security (Wi-
Fi Protected Setup)” on page 2-12
.
Table 2-2.
Other Features That Enhance Security (continued)
Security Type
Description
Page 29 / 134
NETGEAR RangeMax™ Dual Band Wireless-N Router WNDR3300 Reference Manual
Safeguarding Your Network
2-5
v1.0, February 2008
If
WEP Authentication
is used, circle one:
Open System
,
Shared Key
, or
Auto
.
WEP Encryption Key Size
. Choose one:
64-bit
or
128-bit
. Again, the encryption key
size must be the same for the wireless adapters and the wireless router.
Data Encryption (WEP) Keys
. There are two methods for creating WEP data encryption
keys. Whichever method you use, record the key values in the spaces provided.
Passphrase Method
. ______________________________ These characters
are
case-sensitive. Enter a word or group of printable characters and click Generate Keys.
Not all wireless devices support the passphrase method.
Manual Method
. These values
are not
case-sensitive. For 64-bit WEP, enter 10
hexadecimal digits (any combination of 0–9, A–F, or a–f). For 128-bit WEP, enter 26
hexadecimal digits.
Key 1. ___________________________________
Key 2. ___________________________________
Key 3. ___________________________________
Key 4. ___________________________________
If WPA-PSK or WPA2-PSK authentication is used:
Passphrase
. ______________________________ These characters
are
case-sensitive.
Enter a word or group of printable characters. When you use WPA-PSK, the other devices
in the network will not connect unless they are also set to WPA-PSK and are configured
with the correct passphrase. Similarly, when you use WPA2-PSK, the other devices in the
network will not connect unless they are also set to WPA2-PSK and are configured with
the correct passphrase.
Use the procedures described in the following sections to configure the WNDR3300 router. Store
this information in a safe place.
Changing Basic Wireless Settings
This section describes the wireless settings that you can view and configure in the Wireless
Settings screen, which you access under Setup in the main menu.
Note:
If you select Shared Key, the other devices in the network will not connect
unless they are also set to Shared Key and are configured with the correct key.
Page 30 / 134
NETGEAR RangeMax™ Dual Band Wireless-N Router WNDR3300 Reference Manual
2-6
Safeguarding Your Network
v1.0, February 2008
Viewing Basic Wireless Settings
To configure the wireless security settings of your router:
1.
Log in to the router as described in
“Logging In to Your Wireless Router” on page 1-2.
2.
Select
Wireless Settings
under Setup in the main menu.
The available settings in this screen are:
Name (
11N SSID
)
or
Name (
11G SSID
)
. These are the names of the 11N and 11G
wireless networks.
The SSID is also known as the wireless network name. Enter a value of
up to 32 alphanumeric characters. When more than one wireless network is active,
different wireless network names provide a way to separate the traffic. For a wireless
device to participate in a particular wireless network, it must be configured with the SSID
for that network. The WNDR3300 router default SSID names are:
11N SSID.
NETGEAR-DualBand-N
11G SSID.
NETGEAR-2.4-G
These SSIDs are broadcast by the router so that nearby wireless devices can discover your
network. You can disable this broadcast as described in
“Viewing Advanced Wireless
Settings” on page 2-11
.
Figure 2-2

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top