NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

Safeguarding Your Network

2-11

v2.1, July 2007

configuring the Wireless Card Access List, see

“Restricting Wireless Access by MAC

Address” on page 2-11

To configure security in the Advanced Wireless Settings menu:

From the main menu of the browser interface, under Advanced, click Wireless Settings. The

Advanced Wireless Settings menu appears..

Restricting Wireless Access by MAC Address

By enabling a wireless card access control list, you can restrict access to only trusted computers so

that unknown computers cannot wirelessly connect to the WNR834B.

The Wireless Card Access List displays a list of wireless computers that you will allow to connect

to the router based on their MAC addresses. These wireless computers must also have the correct

SSID and wireless security settings to access the wireless router.

The MAC address is a network device’s unique twelve-character physical address, containing the

hexadecimal characters 0–9 or A–F only, and separated by colons (for example,

00:09:AB:CD:EF:01

). It can usually be found on the bottom of the wireless card or network

interface device. If you do not have access to the physical label, you can display the MAC address

using the network configuration utilities of the computer. In WindowsXP, for example, typing the

ipconfig/all

command in an MSDOS Command Prompt window will display the MAC address as

Physical Address. You may also find the MAC addresses in the router’s Attached Devices menu.

Figure 2-5

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

2-12

Safeguarding Your Network

v2.1, July 2007

To restrict access based on MAC addresses, follow these steps:

1.

In the Advanced section of the main menu, click Wireless Settings

2.

From the Wireless Settings menu, click Setup Access List to display the Wireless Card Access

List.

3.

Click Add to add a wireless device to the wireless access control list. The Wireless Card

Access Setup dialog opens and displays a list of currently active wireless cards and their

Ethernet MAC addresses.

Figure 2-6

Figure 2-7

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

Safeguarding Your Network

2-13

v2.1, July 2007

4.

If the desired computer appears in the Available Wireless Cards list, you can click the radio

button of that computer to capture its MAC address; otherwise, you can manually enter a name

and the MAC address of the authorized computer. You can usually find the MAC address on

the bottom of the wireless device.

5.

Click Add to add this wireless device to the Wireless Card Access List. The screen changes

back to the list screen.

6.

Repeat

step 3

through

step 5

for each additional device you want to add to the list.

7.

Select the checkbox to Turn Access Control On..

8.

Click Apply to save your Wireless Card Access List settings.

Now, only devices on this list are allowed to wirelessly connect to the WNR834B.

Tip:

You can copy and paste the MAC addresses from the router’s Attached Devices

menu into the MAC Address box of this menu. To do this, configure each

wireless computer to obtain a wireless link to the router. The computer should

then appear in the Attached Devices menu.

Note:

When configuring the router from a wireless computer whose MAC address is

not in the Trusted PC list, if you select Turn Access Control On, you will lose

your wireless connection when you click Apply. You must then access the

wireless router from a wired computer or from a wireless computer which is on

the access control list to make any further changes.

Warning:

MAC address filtering adds an obstacle against unwanted access to your

network by the general public. However, because your trusted MAC

addresses appear in your wireless transmissions, an intruder can read them

and impersonate them. Do not rely on MAC address filtering alone to secure

your network.

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

2-14

Safeguarding Your Network

v2.1, July 2007

Changing the Administrator Password

The default password for the router’s Web Configuration Manager is

password

. NETGEAR

recommends that you change this password to a more secure password.

To change the Administrator password:

1.

From the main menu of the browser interface, under the Maintenance heading, select Set

Password to display the Set Password menu.

2.

To change the password, first enter the old password, then enter the new password twice.

3.

Click Apply.

Backing Up Your Configuration

The configuration settings of the WNR834B are stored within the router in a configuration file.

You can back up (save) this file and retrieve it later. NETGEAR recommends that you save your

Tip:

Before changing the router password, use the router backup utility to save your

configuration settings with the default password of

password

. If you save the

settings with a new password, and you later forget the new password, you will have

to reset the router back to the factory defaults and log in using the default password

of

password

. This means you will have to re-enter all the router configuration

settings.

Figure 2-8

NETGEAR RangeMax™ NEXT Wireless Router WNR834B User Manual

Safeguarding Your Network

2-15

v2.1, July 2007

configuration file after you complete the configuration. In the event of router failure or corruption,

or a lost administrator password, you can easily recreate your configuration by restoring the

configuration file.

For instructions on saving and restoring your configuration file, see

“Managing the Configuration

File” on page 6-6

.

Understanding Your Firewall

Your RangeMax NEXT Wireless Router WNR834B contains a true firewall to protect your

network from attacks and intrusions. A firewall is a device that protects one network from another,

while allowing communication between the two. Using a process called stateful packet inspection,

the firewall analyzes all inbound and outbound traffic to determine whether or not it will be

allowed to pass through.

By default, the firewall allows any outbound traffic and prohibits any inbound traffic except for

responses to your outbound traffic. However, you can modify the firewall’s rules to achieve the

following behavior:

•

Blocking sites

. Block access from your network to certain Web locations based on Web

addresses and Web address keywords. This feature is described in

“Blocking Access to

Internet Sites” on page 3-1

.

•

Blocking services

. Block the use of certain Internet services by specific computers on your

network. This feature is described in

“Blocking Access to Internet Services” on page 3-3

.

•

Scheduled blocking

. Block sites and services according to a daily schedule. This feature is

described in

“Scheduling Blocking” on page 3-5

.

•

Allow inbound access to your server

. To allow inbound access to resources on your local

network (for example, a Web server or remote desktop program), you can open the needed

services by configuring port forwarding as described in

“Allowing Inbound Connections To

Your Network” on page 5-1

.

Tip:

Before saving your configuration file, change the administrator password to the

default,

password

. Then change it again after you have saved the configuration file.

If you save the file with a new password, and you later forget the new password, you

will have to reset the router back to the factory defaults and log in using the default

password of

password

. This means you will have to re-enter all the router

configuration settings.