NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

Safeguarding Your Network

3-3

v1.2, January 2007

The time it takes to establish a wireless connection can vary depending on both your security

settings and router placement. WEP connections can take slightly longer to establish. Also, WEP,

WPA-PSK and WPA2-PSK encryption can consume more battery power on a notebook computer,

and can cause significant performance degradation with a slow computer. For more details on

wireless security methods, please see

“Wireless Communications” in Appendix B

.

Recommended Security Settings

Stronger security methods can entail a cost in terms of throughput, latency, battery consumption,

and equipment compatibility. In choosing an appropriate security level, you can also consider the

effort versus the reward for a hacker to break into your network. As a minimum, however,

NETGEAR recommends using WEP with Shared Key authentication. Do not run an unsecured

wireless network unless it is your intention to provide free Internet access for the public.

In addition, be sure to change the administration password of your router. Default passwords are

well-known, and an intruder can use your administrator access to read or disable your security

settings. To change the administrator password, see

“Changing the Administrator Password” on

page 3-14

.

Changing Wireless Security Settings

This section describes the security-related wireless settings. For details on the configuration of the

general wireless settings, see

“Configuring Wireless Settings” on page 2-10

.

To configure the wireless security settings of your router:

1.

Log in to the WNR834B router at its default LAN address of

www.routerlogin.net

(or

192.168.1.1

) with its default user name of

admin

and default password of

password

, or

using whatever LAN IP address and password you have set up.

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

3-4

Safeguarding Your Network

v1.2, January 2007

2.

From the main menu of the browser interface, under Setup, click Wireless Settings. The

Wireless Settings menu appears.

The available settings in this menu are:

•

Name (SSID)

The SSID, also known as the wireless network name, is broadcast by the wireless router so

that nearby wireless devices can discover your network. You can disable this broadcast as

described in

“Configuring Security in the Advanced Wireless Settings Menu” on page 3-6

.

•

Region

This field identifies the region where the WNR834B can be used.

•

Channel

This field determines which operating frequency is used.

•

Mode

This field determines which 802.11 data communications protocol is used.

Figure 3-2

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

Safeguarding Your Network

3-5

v1.2, January 2007

•

Security Options

These options are the wireless security features you can enable.

Table 3-1

identifies the basic

wireless security options. For a detailed explanation of these standards, see

“Wireless

Communications” in Appendix B

.

Balancing performance factors (throughput, latency, battery consumption, and equipment

compatibility) against the value of information on your network, select an appropriate security

level. As a minimum, NETGEAR recommends using WEP with Shared Key authentication.

Note:

The Security Options displayed in this menu may change depending on the current

selection of Wireless Mode.

Table 3-1.

Basic Wireless Security Options

Field

Description

None

No wireless security. Only recommended for troubleshooting wireless connectivity.

WEP

WEP offers the following options:

•

Open System

With Open Network authentication and 64- or 128-bit WEP Data Encryption, the WNR834B

does

perform data encryption but

does not

perform any authentication. Anyone can join the

network. This setting provides very little practical wireless security.

•

Shared Key

With Shared Key authentication, a wireless device must know the WEP key in order to join

the network. Choose the Encryption Strength (64- or 128-bit data encryption). Manually

enter the key values or enter a word or group of printable characters in the Passphrase box.

Manually entered keys

are not

case sensitive but passphrase characters

are

case sensitive.

Note

: Not all wireless adapter configuration utilities support passphrase key generation.

• Auto

The wireless router automatically detects whether Open System or Shared Key is used.

WPA-PSK

WPA2-PSK

WPA-Pre-shared Key

does

perform authentication. WPA-PSK uses TKIP (Temporal Key

Integrity Protocol) data encryption and WPA2-PSK uses AES (Advanced Encryption Standard)

data encryption. Both methods dynamically change the encryption keys making them nearly

impossible to circumvent.

Enter a word or group of printable characters in the Password Phrase box. These characters

are

case sensitive.

Note

: Not all wireless adapter configuration utilities support WPA-PSK and WPA2-PSK.

Furthermore, client software is required on the client. Windows XP Service Pack 2 and

Windows XP Service Pack 1 with WPA patch do include the client software that supports WPA.

However, the wireless adapter hardware and driver must also support WPA.

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

3-6

Safeguarding Your Network

v1.2, January 2007

Configuring Security in the Advanced Wireless Settings Menu

To configure security in the Advanced Wireless Settings menu:

1.

From the main menu of the browser interface, under Advanced, click Wireless Settings. The

Advanced Wireless Settings menu appears.

The security-related wireless settings are described below. For details on the configuration of the

general wireless settings, see

“Configuring Wireless Settings” on page 2-10

.

•

Enable Wireless Router Radio

If you disable the wireless router radio, wireless devices cannot connect to the WNR834B. If

you will not be using your wireless network for a period of time, you can deselect this

checkbox and disable all wireless connectivity.

•

Enable SSID Broadcast

Deselect this checkbox to disable broadcast of the SSID, so that only devices that know the

correct SSID can connect. Disabling SSID broadcast nullifies the wireless network ‘discovery’

feature of some products such as Windows XP.

•

Wireless Card Access List

When a Wireless Card Access List is configured and enabled, the WNR834B checks the MAC

address of any wireless device attempting a connection, and only allows connections to

computers identified on the trusted computers list. For instructions on configuring the

Wireless Card Access List, see

“Restricting Wireless Access by MAC Address” on page 3-12

.

Figure 3-3

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

Safeguarding Your Network

3-7

v1.2, January 2007

Information to Gather Before Changing Basic Wireless Settings

Before customizing your wireless settings, print this form and record the following information. If

you are working with an existing wireless network, the person who set up or is responsible for the

network will be able to provide this information. Otherwise, you must choose the settings for your

wireless network. Either way, record the settings for your wireless network in the spaces below.

•

Wireless Network Name (SSID)

:

______________________________

The SSID identifies

the wireless network. You can use up to 32 alphanumeric characters. The SSID

is

case

sensitive. The SSID in the wireless adapter card must match the SSID of the wireless router. In

some configuration utilities (such as in Windows XP), the term “wireless network name” is

used instead of SSID.

•

If

WEP Authentication

is used, circle one:

Open System

,

Shared Key, or Auto

.

–

WEP Encryption Key Size

. Choose one:

64-bit

or

128-bit

. Again, the encryption key

size must be the same for the wireless adapters and the wireless router.

–

Data Encryption (WEP) Keys

. There are two methods for creating WEP data encryption

keys. Whichever method you use, record the key values in the spaces below.

•

Passphrase Method

. ______________________________

These characters

are

case

sensitive. Enter a word or group of printable characters and click Generate Keys. Not

all wireless devices support the passphrase method.

•

Manual Method

. These values

are not

case sensitive. For 64-bit WEP, enter 10

hexadecimal digits (any combination of 0–9 or a–f). For 128-bit WEP, enter 26

hexadecimal digits.

Key 1: ___________________________________

Key 2: ___________________________________

Key 3: ___________________________________

Key 4: ___________________________________

Note:

If you select Shared Key, the other devices in the network will not connect

unless they are also set to Shared Key and are configured with the correct key.