NETGEAR Wireless-N 300 Router WNR2000v2 User Manual

Configuring Basic Connectivity

1-13

v1.0, January 2010

6.

For Security Options, select

None

.

7.

Click

Apply

to save your changes.

8.

Select

Wireless Settings

under Advanced in the main menu of the WNR2000v2 router.

9.

Make sure that the

Enable Wireless Router Radio,

Enable SSID Broadcast,

and

Enable

WMM

check boxes are selected.

10.

Click

Setup Access List

.

11.

Make sure that the

Turn Access Control On

check box is

not

selected.

12.

Configure and test your wireless computer for wireless connectivity.

Program the wireless adapter of your computer to have the same SSID and channel that you

specified in the router, and disable encryption. Check that your computer has a wireless link

and can obtain an IP address by DHCP from the router.

Note:

If you are configuring the router from a wireless computer and you change the

router’s SSID, channel, or security settings, you will lose your wireless

connection when you click

Apply

. You must then change the wireless settings

of your computer to match the router’s new settings.

Figure 1-11

NETGEAR Wireless-N 300 Router WNR2000v2 User Manual

Configuring Basic Connectivity

1-14

v1.0, January 2010

Once your computer has basic wireless connectivity to the router, you can configure the advanced

wireless security functions of the computer and router (for more information about security and

these settings, see

Chapter 2, “Safeguarding Your Network

”).

2-1

v1.0, January 2010

Chapter 2

Safeguarding Your Network

The Wireless-N 300 Router Model WNR2000v2 provides highly effective security features, which

are covered in detail in this chapter.

This chapter includes the following sections:

•

“Choosing Appropriate Wireless Security”

•

“Recording Basic Wireless Settings Setup Information” on page 2-5

•

“Changing Wireless Security Settings” on page 2-6

•

“Viewing Advanced Wireless Settings” on page 2-12

•

“Using Push 'N' Connect (Wi-Fi Protected Setup)” on page 2-13

•

“Restricting Wireless Access by MAC Address” on page 2-19

•

“Changing the Administrator Password” on page 2-21

•

“Backing Up Your Configuration” on page 2-22

•

“Understanding Your Firewall” on page 2-23

•

“Adding Guest Networks” on page 2-23

Choosing Appropriate Wireless Security

Unlike wired networks, wireless networks allow anyone with a compatible adapter to receive your

wireless data transmissions well beyond your walls. Operating an unsecured wireless network

creates an opportunity for outsiders to eavesdrop on your network traffic or to enter your network

to access your computers and files. Indoors, computers can connect over 802.11g/n wireless

networks at ranges of up to 300 feet. Such distances can allow for others outside your immediate

area to access your network. Use the security features of your wireless equipment that are

appropriate to your needs.

The time it takes to establish a wireless connection can vary depending on both your security

settings and router placement.

NETGEAR Wireless-N 300 Router WNR2000v2 User Manual

Safeguarding Your Network

2-2

v1.0, January 2010

Stronger security methods can entail a cost in terms of throughput, latency, battery consumption,

and equipment compatibility. In choosing an appropriate security level, you can also consider the

effort compared to the reward for a hacker to break into your network. As a minimum, however,

NETGEAR recommends using WEP with Shared Key authentication. Do not run an unsecured

wireless network unless it is your intention to provide free Internet access for the public.

WEP connections can take slightly longer to establish. Also, WEP, WPA-PSK, and WPA2-PSK

encryption can consume more battery power on a notebook computer, and can cause significant

performance degradation with a slow computer.

To configure the wireless network, you can:

•

Manually specify your SSID and your wireless security settings

. The WNR2000v2 router

provides two screens for configuring the wireless settings:

Note:

NETGEAR recommends that you change the administration password of your

router. Default passwords are well known, and an intruder can use your

administrator access to read or disable your security settings. For information

about how to change the administrator password, see

“Changing the Administrator

Password” on page 2-21

.

Figure 2-1

WNR2000

1) Open system: easy but no security

2) MAC access list: no data security

3) WEP: security but some performance

impact

4) WPA-PSK: strong security

5) WPA2-PSK: very strong security

Wireless data

security options

Range: up to 300 foot radius

Note:

Use these with other features that enhance security (

Table 2-2 on page 2-4

).

NETGEAR Wireless-N 300 Router WNR2000v2 User Manual

Safeguarding Your Network

2-3

v1.0, January 2010

–

Wireless Settings

. You access these under Setup in the main menu (see

“Viewing Basic

Wireless Settings” on page 2-6

).

–

Advanced Wireless Settings

. You access these under Advanced in the main menu (see

“Viewing Advanced Wireless Settings” on page 2-12

).

•

Use Wi-Fi Protected Setup (WPS) to automatically set the SSID and implement WPA/

WPA2 security on both the router and the client device

. If the clients in your network are

WPS capable, you can use Wi-Fi Protected Setup (WPS) to automatically set the SSID and

implement WPA/WPA2 security on both the router and the client device (see

“Using Push 'N'

Connect (Wi-Fi Protected Setup)” on page 2-13

).

Basic security options are listed in order of increasing effectiveness in

Table 2-1

. Other features

that affect security are listed in

Table 2-2 on page 2-4

. For more details on wireless security

methods, click the link to the online document

“Wireless Networking Basics” in Appendix B

.

Table 2-1.

Wireless Security Options

Security Type

Description

None

.

No wireless security. Recommended only for

troubleshooting wireless connectivity. Do not run an

unsecured wireless network unless it is your

intention to provide free Internet access for the

public.

WEP

. Wired Equivalent Privacy.

Wired Equivalent Privacy (WEP) data encryption

provides moderate data security. WEP Shared Key

authentication and WEP data encryption can be

defeated by a determined eavesdropper using

publicly available tools.

For more information, see

“Configuring WEP

Wireless Security” on page 2-9

.

WPA-PSK (TKIP)

. WPA-PSK standard encryption

with TKIP encryption type.

WPA2-PSK (AES)

. Wi-Fi Protected Access version 2

with Pre-Shared Key; WPA2-PSK standard

encryption with the AES encryption type.

WPA-PSK (TKIP) + WPA2-PSK (AES)

. Mixed mode.

Wi-Fi Protected Access with Pre-Shared Key (WPA-

PSK and WPA2-PSK) data encryption provides

extremely strong data security, very effectively

blocking eavesdropping. Because WPA and WPA2

are relatively new standards, older wireless adapters

and devices might not support them.

For more information, see

“Configuring WPA-PSK

and WPA2-PSK Wireless Security” on page 2-10

.