2-1

v1.0, May 2009

Chapter 2

Safeguarding Your Network

For a wireless connection, the

SSID, also called the wireless network name, and the wireless

security setting must be the same for

the wireless router and wireless computers or wireless

adapters. NETGEAR strongly recommends that you use wireless security.

This chapter includes:

•

“Planning Your Wireless Network”

•

“Manually Configuring Your Wireless Settings” on page 2-4

•

“Using Push ‘N’ Connect to Configure Your Wireless Network” on page 2-9

•

“Adding Both WPS-Capable Clients and Non-WPS-Capable Clients” on page 2-14

•

“Restricting Access to Your Router” on page 2-15

Planning Your Wireless Network

For compliance and compatibility between similar products in your area, the operating channel

and region must be set correctly.

To configure the wireless network, you can either specify the wireless settings, or you can use Wi-

Fi Protected Setup (WPS) to automatically set the SSID and implement WPA/WPA2 security.

•

To manually configure the wireless settings, you must know the following:

–

SSID. The default SSID for the wireless router is NETGEAR.

–

The wireless mode (802.11n, 802.11g, or 802.11b) that each wireless adapter supports.

–

Wireless security option. To successfully implement wireless security, check each

wireless adapter to determine which wireless security option it supports.

See

“Manually Configuring Your Wireless Settings” on page 2-4

.

Warning:

Computers can connect wirelessly at a range of several hundred feet. This can

allow others outside of your immediate area to access your network.

NETGEAR RangeMax™ Wireless-N Gigabit Router WNR3500v2 User Manual

2-2

Safeguarding Your Network

v1.0, May 2009

•

Push 'N' Connect (WPS) automatically implements wireless security on the wireless router

while, at the same time, allowing you to automatically implement wireless security on any

WPS-enabled devices (such as wireless computers and wireless adapter cards). You activate

WPS by pressing a WPS button on the wireless router, clicking an onscreen WPS button, or

entering a PIN number. This generates a new SSID and implements WPA/WPA2 security.

To set up your wireless network using the WPS feature:

–

Use the WPS button on the side of the wireless router (there is also an onscreen WPS

button), or enter the PIN of the wireless device.

–

Make sure that all wireless computers and wireless adapters on the network are

Wi-Fi

certified and WPA or WPA 2 capable, and that they support WPS configuration.

See

“Using Push ‘N’ Connect to Configure Your Wireless Network” on page 2-9

.

Wireless Placement and Range Guidelines

The range of your wireless connection can vary significantly based on the physical placement of

the wireless router. The latency, data throughput performance, and notebook power consumption

of wireless adapters also vary depending on your configuration choices.

For best results, place your wireless router according to the following guidelines:

•

Near the center of the area in which your PCs will operate.

•

In an elevated location such as a high shelf where the wirelessly connected PCs have line-of-

sight access (even if through walls).

•

Away from sources of interference, such as PCs, microwave ovens, and 2.4 GHz cordless

phones.

•

Away from large metal surfaces.

•

If using multiple access points, it is better if adjacent access points use different radio

frequency channels to reduce interference. The recommended channel spacing between

adjacent access points is 5 channels (for example, use Channels 1 and 6, or 6 and 11).

The time it takes to establish a wireless connection can vary depending on both your security

settings and placement.

Note:

NETGEAR’s Push 'N' Connect feature is based on the Wi-Fi Protected Setup

(WPS) standard (for more information, see

). All other Wi-

Fi-certified and WPS-capable products should be compatible with NETGEAR

products that implement Push 'N' Connect.

NETGEAR RangeMax™ Wireless-N Gigabit Router WNR3500v2 User Manual

Safeguarding Your Network

2-3

v1.0, May 2009

Wireless Security Options

Computers can connect over a 802.11g or 802.11n network at a range of up to 300 feet. Such

distances can allow for others outside your immediate area to access your network.

Unlike wired network data, your wireless data transmissions can extend beyond your walls and

can be received by anyone with a compatible adapter. For this reason, use the security features of

your wireless equipment. The WNR3500v2 router provides highly effective security features

which are covered in detail in this chapter. Deploy the security features appropriate to your needs.

There are several ways you can enhance the security of your wireless network:

•

WEP.

Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared

Key authentication and WEP data encryption block all but the most determined eavesdropper.

This data encryption mode has been superseded by WPA-PSK and WPA2-PSK.

•

WPA-PSK (TKIP), WPA2-PSK (AES)

. Wi-Fi Protected Access (WPA) using a pre-shared

key to perform authentication and generate the initial data encryption keys. The very strong

authentication along with dynamic per frame re-keying of WPA makes it virtually impossible

to compromise.

For more information about wireless technology, see the link to the online document in

“Wireless

Networking Basics” in Appendix B

.

Figure 2-1

Wireless data

security options

Range: up to 300 foot radius

1)

Open system:

easy but no security

2) WEP: security but some

performance impact

3) WPA-PSK: strong security

4) WPA2-PSK: very strong securi

t

y

NETGEAR RangeMax™ Wireless-N Gigabit Router WNR3500v2 User Manual

2-4

Safeguarding Your Network

v1.0, May 2009

Manually Configuring Your Wireless Settings

You can view or manually configure the wireless settings for the wireless router in the Wireless

Settings screen. If you want to make changes, make sure to note the current settings first.

To view or manually configure the wireless settings:

1.

Log in to the wireless router at its default LAN address of

with

its default user name of

admin

, and default password of

password

, or using whatever user

name, password, and LAN address you have chosen for the wireless router.

2.

Select Wireless Settings from the main menu to display the Wireless Settings screen:

The settings for this screen are explained in

Table 2-1

.

3.

Select the region in which the wireless router will operate.

4.

For initial configuration and test, leave the other settings unchanged.

5.

To save your changes, click

Apply

.

Note:

If you use a wireless computer to change the wireless network name (SSID) or

wireless security settings, you will be disconnected when you click

Apply

. To

avoid this problem, use a computer with a wired connection to access the wireless

router.

Figure 2-2

NETGEAR RangeMax™ Wireless-N Gigabit Router WNR3500v2 User Manual

Safeguarding Your Network

2-5

v1.0, May 2009

6.

Configure and test your computers for wireless connectivity.

Program the wireless adapter of your computers to have the same SSID and wireless security

settings as your wireless router. Check that they have a wireless link and are able to obtain an

IP address by DHCP from the wireless router. If there is interference, adjust the channel.

Table 2-1. Wireless Settings

Settings

Description

Wireless

Network

Name (SSID):

The SSID is also known as the wireless network name. Enter a 32-

character (maximum) name in this field. This field is case-sensitive.

In a setting where there is more than one wireless network, different wireless network

names provide a means for separating the traffic. Any device you want to participate

in a wireless network must use the SSID.

Region:

The location where the router is used.

Channel:

The wireless channel used by the gateway. The default is Auto.

Do not change the wireless channel unless you experience interference (shown by

lost connections or slow data transfers). If this happens, you might need to

experiment with different channels to see which is the best.

Mode:

The default is up to 145 Mbps, which allows 802.11n, 802.11g, and 802.11b

wireless stations access.

Security Options

•

None

. You can use this setting to establish wireless connectivity before

implementing wireless security. NETGEAR strongly recommends that you

implement wireless security.

•

WEP (Wired Equivalent Privacy)

. Use encryption keys and data encryption for

data security. You can select 64-bit or 128-bit encryption.

See

“Configuring WEP Wireless Security”

.

•

WPA-PSK [TKIP] (WiFi Protected Access Pre-Shared Key).

Allow only

computers configured with WPA to connect to the wireless router.

See

“Configuring WPA, WPA2, or WPA/WPA2 Wireless Security”

.

•

WPA2-PSK [AES] (Wi-Fi Protected Access with 2 Pre-Shared Keys)

. Allow only

computers configured with WPA2 to connect to the wireless router.

See

“Configuring WPA, WPA2, or WPA/WPA2 Wireless Security”

.

•

WPA-PSK [TKIP] + WPA2-PSK [AES]

. Allow computers configured with either

WPA-PSK or WPA2-PSK security to connect to the wireless router.

See

“Configuring WPA, WPA2, or WPA/WPA2 Wireless Security”

.