Page 81 / 229 Scroll up to view Page 76 - 80
Chapter 10 WAN
NBG6716 User’s Guide
81
Figure 52
Network > WAN > Advanced
The following table describes the labels in this screen.
Table 29
Network > WAN > Advanced
LABEL
DESCRIPTION
Multicast Setup
Multicast
Select
IGMPv1/v2
to enable multicasting. This applies to traffic routed from the
WAN to the LAN.
Select
None
to disable this feature. This may cause incoming traffic to be dropped or
sent to all connected network devices.
Auto-Subnet Configuration
Enable Auto-IP-
Change mode
Select this option to have the NBG6716 change its LAN IP address to 10.0.0.1 or
192.168.1.1 accordingly when the NBG6716 gets a dynamic WAN IP address in the
same subnet as the LAN IP address 192.168.1.1 or 10.0.0.1.
The NAT, DHCP server and firewall functions on the NBG6716 are still available in this
mode.
Apply
Click
Apply
to save your changes back to the NBG6716.
Cancel
Click
Cancel
to begin configuring this screen afresh.
Page 82 / 229
NBG6716 User’s Guide
82
C
HAPTER
11
Wireless LAN
11.1
Overview
This chapter discusses how to configure the wireless network settings in your NBG6716. The
NBG6716 is able to function both 2.4GHz and 5GHz network at the same time. You can have
different wireless and wireless security settings for 2.4GHz and 5GHz wireless LANs. Click
Configuration > Network > Wireless LAN 2.4G
or
Wireless LAN 5G
to configure to do so.
See the appendices for more detailed information about wireless networks.
The following figure provides an example of a wireless network.
Figure 53
Example of a Wireless Network
The wireless network is the part in the blue circle. In this wireless network, devices
A
and
B
are
called wireless clients. The wireless clients use the access point (AP) to interact with other devices
(such as the printer) or with the Internet. Your NBG6716 is the AP.
Page 83 / 229
Chapter 11 Wireless LAN
NBG6716 User’s Guide
83
11.1.1
What You Can Do
Use the
General
screen to turn the wireless connection on or off, set up wireless security
between the NBG6716 and the wireless clients, and make other basic configuration changes
(
Section 11.2 on page 87
).
Use the
More AP
screen to set up multiple wireless networks on your NBG6716 (
Section 11.4 on
page 95
).
Use the
MAC Filter
screen to allow or deny wireless stations based on their MAC addresses from
connecting to the NBG6716 (
Section 11.5 on page 98
).
Use the
Advanced
screen to allow intra-BSS networking and set the RTS/CTS Threshold (
Section
11.6 on page 100
).
Use the
QoS
screen to ensure Quality of Service (QoS) in your wireless network (
Section 11.7 on
page 100
).
Use the
WPS
screen to quickly set up a wireless network with strong security, without having to
configure security settings manually (
Section 11.8 on page 101
).
Use the
WPS Station
screen to add a wireless station using WPS (
Section 11.9 on page 103
).
Use the
Scheduling
screen to set the times your wireless LAN is turned on and off (
Section
11.10 on page 103
).
11.1.2
What You Should Know
Every wireless network must follow these basic guidelines.
Every wireless client in the same wireless network must use the same SSID.
The SSID is the name of the wireless network. It stands for Service Set IDentity.
If two wireless networks overlap, they should use different channels.
Like radio stations or television channels, each wireless network uses a specific channel, or
frequency, to send and receive information.
Every wireless client in the same wireless network must use security compatible with the AP.
Security stops unauthorized devices from using the wireless network. It can also protect the
information that is sent in the wireless network.
Wireless Security Overview
The following sections introduce different types of wireless security you can set up in the wireless
network.
SSID
Normally, the AP acts like a beacon and regularly broadcasts the SSID in the area. You can hide the
SSID instead, in which case the AP does not broadcast the SSID. In addition, you should change
the default SSID to something that is difficult to guess.
This type of security is fairly weak, however, because there are ways for unauthorized devices to
get the SSID. In addition, unauthorized devices can still see the information that is sent in the
wireless network.
Page 84 / 229
Chapter 11 Wireless LAN
NBG6716 User’s Guide
84
MAC Address Filter
Every wireless client has a unique identification number, called a MAC address.
1
A MAC address is
usually written using twelve hexadecimal characters
2
; for example, 00A0C5000002 or
00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate User’s
Guide or other documentation.
You can use the MAC address filter to tell the AP which wireless clients are allowed or not allowed to
use the wireless network. If a wireless client is allowed to use the wireless network, it still has to
have the correct settings (SSID, channel, and security). If a wireless client is not allowed to use the
wireless network, it does not matter if it has the correct settings.
This type of security does not protect the information that is sent in the wireless network.
Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized
wireless client. Then, they can use that MAC address to use the wireless network.
User Authentication
You can make every user log in to the wireless network before they can use it. This is called user
authentication. However, every wireless client in the wireless network has to support IEEE 802.1x
to do this.
For wireless networks, there are two typical places to store the user names and passwords for each
user.
In the AP: this feature is called a local user database or a local database.
In a RADIUS server: this is a server used in businesses more than in homes.
If your AP does not provide a local user database and if you do not have a RADIUS server, you
cannot set up user names and passwords for your users.
Unauthorized devices can still see the information that is sent in the wireless network, even if they
cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to
get a valid user name and password. Then, they can use that user name and password to use the
wireless network.
Local user databases also have an additional limitation that is explained in the next section.
Encryption
Wireless networks can use encryption to protect the information that is sent in the wireless
network. Encryption is like a secret code. If you do not know the secret code, you cannot
understand the message.
1.
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds
of wireless devices might not have MAC addresses.
2.
Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.
Page 85 / 229
Chapter 11 Wireless LAN
NBG6716 User’s Guide
85
The types of encryption you can choose depend on the type of user authentication. (See
page 84
for information about this.)
For example, if the wireless network has a RADIUS server, you can choose
WPA
or
WPA2
. If users
do not log in to the wireless network, you can choose no encryption,
Static WEP
,
WPA-PSK
, or
WPA2-PSK
.
Usually, you should set up the strongest encryption that every wireless client in the wireless
network supports. For example, suppose the AP does not have a local user database, and you do
not have a RADIUS server. Therefore, there is no user authentication. Suppose the wireless network
has two wireless clients. Device A only supports WEP, and device B supports WEP and WPA.
Therefore, you should set up
Static WEP
in the wireless network.
Note: It is recommended that wireless networks use
WPA-PSK
,
WPA
, or stronger
encryption. IEEE 802.1x and WEP encryption are better than none at all, but it is
still possible for unauthorized devices to figure out the original information pretty
quickly.
Note: It is not possible to use
WPA-PSK
,
WPA
or stronger encryption with a local user
database. In this case, it is better to set up stronger encryption with no
authentication than to set up weaker encryption with the local user database.
When you select
WPA2
or
WPA2-PSK
in your NBG6716, you can also select an option (
WPA
/
WPA-PSK Compatible
) to support WPA/WPA-PSK as well. In this case, if some wireless clients
support WPA and some support WPA2, you should set up
WPA2-PSK
or
WPA2
(depending on the
type of wireless network login) and select the
WPA
/
WPA-PSK Compatible
option in the
NBG6716.
Many types of encryption use a key to protect the information in the wireless network. The longer
the key, the stronger the encryption. Every wireless client in the wireless network must have the
same key.
Guest WLAN
Guest WLAN allows you to set up a wireless network where users can access to Internet via the
NBG6716 (
Z
), but not other networks connected to the
Z
. In the following figure, a guest user can
access the Internet from the guest wireless network
A
via
Z
but not the home or company network
N
.
Note: The home or company network
N
and Guest WLAN network are independent
networks.
Note: Only Router mode supports guest WLAN.
Table 30
Types of Encryption for Each Type of Authentication
NO AUTHENTICATION
RADIUS SERVER
Weakest
No Security
WPA
Static WEP
WPA-PSK
Strongest
WPA2-PSK
WPA2

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top