How do I implement wireless security on my Wireless ADSL Router?
Security can be implemented into 4 categories:
- None – Wireless network is wide open for anyone to access the internet through your ADSL connection.
- Basic – This is where the SSID (Service Set Identifier) has been changed from the default, the SSID Broadcast is disabled and MAC filtering has been used to restrict access to your wireless network. Because it is the easiest to setup, it's generally recommended for Home networks to stop unwanted access.
- Very Good – The WEP (Wired Equivalent Privacy) has been used to encrypt the data to make it hard for intruders to decipher the data. Security is greatly improved when the SSID broadcast is disabled and MAC filtering is also used. Recommended for Home and Business networks.
- Excellent – WPA (Wi-Fi Protected Access) is a new standard that offers better encryption policies than WEP. There are actually two implementations of WPA; one for "enterprise" users using 802.1x and Extensible Authentication Protocol (EAP) protection, and another for home users using a Pre-Shared Key (PSK) method. Added protection is gained when the SSID broadcast is disabled and MAC filtering is also used. Recommended for Home and Business networks.
Note: Security is never perfect but you can make it extremely difficult for intruders and would-be hackers.
What Do You Need To Do?
- Decide what level of security you want and what level your wireless network card supports.
- Download the most recent firmware for your Wireless ADSL Router and install it on your router using the Easy Configurator or through the Tools menu in the Wireless ADSL Router Web interface.
- Download the latest drivers for your wireless network card from the manufacturer's Website. Most 802.11G 54Mbps wireless cards support WPA but it may require a later driver than what was supplied on the Driver CD. Refer to your wireless card technical support for details.
- Make sure your Microsoft Windows Operating system has had all of the updates installed. Microsoft regularly releases fixes including better Wi-Fi support.
Note: It is recommended that you configure your Wireless ADSL Router with an Ethernet cable connected directly to your computer.
Note: These examples use Windows Zero Configuration tool for the wireless card. Refer to the documentation supplied and the technical support in regard to configuring your own wireless card or adapter.
Configuring the Wireless ADSL Router for Basic Wireless Protection
This level of security is very easy to implement. It restricts access to the Internet and your LAN (Local Area Network) by only allowing the wireless cards with MAC addresses you have specified. Also the SSID Broadcast is disabled to make it harder for intruders to discover your network. Your traffic over the wireless connection is not encrypted.
The basic steps are:
- Change the default Wireless network name (SSID) from "USR9108”, "USR9113”, or "USR9114” to another name.
- Scan for available networks and add your router as a preferred network.
- Implement MAC filtering to limit Wireless Access.
- Disable SSID Broadcast.
Apply Basic protection on the Wireless Router.
- Open your Web Browser and enter 192.168.1.1 into the address bar. Login using your username and password (Default user is admin and the default password is admin). Select Wireless and then Setup from the menu.
- Change the SSID from the default "USR####” to another name. This is the name that will identify your wireless network when you search for available networks.
- Click Apply.
Apply Basic protection on the Wireless card.
- Click on the Wireless Network Connection icon located in the lower right corner of your computer’s screen. Most utilities, for example Windows Zero Configuration, have a scan option which will find the Wireless ADSL2+ router wireless network. Select your network and click Connect.
- Since this basic level of security doesn’t require any additional parameters, the Wireless Network Connection icon in the system tray should indicate that the wireless connection to the router has been established successfully.
Implement MAC filtering to limit Wireless Access & Disable SSID Broadcast on the router.
- In the Wireless ADSL Router Web interface, click Wireless and then Client List. Verify that the MAC address of your wireless card is in the list.
Note: If you have only one wireless card, only one MAC address should be displayed in the Client MAC address list. If you have more, identify which wireless cards are not yours and click Disable and Apply.
- Select MAC filter from the Security menu and click Allow Current Clients. All wireless cards associated with your router should show up in the list. Only clients with addresses in the list can now connect to the Wireless ADSL Router.
Note: If you want to add additional wireless cards, click Add.
Type in the MAC address and click Apply.
- Select Wireless and then Setup from the menu. Uncheck Broadcast Network Name, click Apply to finish.
Configuring the Wireless ADSL Router for Very Good Wireless Protection
This level implements the security that the basic level offers as well as using WEP to provide encryption of the data while being transmitted over the wireless link.
If you are unsure how to create WEP keys, you can find many random WEP key generators on the Web. You can then copy and paste the generated key into the WEP setup on the wireless card and on the Wireless ADSL Router. Just type WEP Key Generator in your search engine.
Steps for Configuring for Very Good Wireless Protection:
- Configure the Wireless ADSL Router as per the Basic Protection procedure.
- Apply WEP encryption on the Wireless ADSL Router.
- Apply WEP encryption on the Wireless card.
Configure and apply WEP encryption on the Wireless ADSL Router.
- Follow instructions for Basic Wireless Protection
- From the Security menu, select Wireless. Select WEP Data Encryption, with Open or Shared Authentication and the Key type that your wireless card can support. Enter your WEP keys which can be in 26 characters HEX or 13 characters ASCII. You can copy and paste the HEX or ASCII string directly from the WEP Key Generator. You can enter up to 4 keys (if 2 or more are entered, you must remember the order the keys have been entered).
Note: Do not use the key listed below.
- Click Apply to finish.
Apply WEP encryption on the Wireless card.
- Open the configuration utility for your wireless card. For example, if you are using Wireless Zero Configuration utility, right-click on the Wireless Network Connection icon in the system tray and select View Available Wireless Networks. Select Change Advance Settings from the menu on the left, and then click the Wireless Network tab.
- Select your wireless network from the Preferred networks list and click Properties. If your wireless network is not shown click Add and enter Network name (SSID) to match the SSID of your router.
- Select Open or Shared from Network Authentication and WEP from Data encryption to match your router settings.
- Uncheck The key is provided to me automatically and enter the same Network key you have used to configure the router. Retype the key.
- Press OK.
The Wireless Network Connection icon in the system tray should indicate that wireless connection has been established successfully.
Configuring the Wireless ADSL Router for Excellent Wireless Protection
This level implements the security that the basic level offers as well as using WPA to provide strong encryption of the data while is transmitted over the wireless link.
Most users don't have a Radius server for authentication so WPA-PSK is most commonly used. A "passphrase” is used to establish authentication. WPA-PSK is very easy to setup as all it requires is a word or short sentence to be entered. The pre shared key can be anywhere from eight to sixty-three characters in length; i.e. a sentence like "its a secret password” can be your Pre-Shared Key.
Steps for Configuring for Excellent Wireless Protection:
- Configure the Wireless ADSL Router as per the Basic Protection procedure.
- Apply WPA encryption on the Wireless ADSL Router.
- Apply WPA encryption on the wireless card.
Apply WPA encryption on the Wireless ADSL Router.
- Follow instructions for Basic Wireless Protection
- From the Security menu, select Wireless. From the Network Authentication pull-down box, select WPA2 and WPA (PSK). Enter in a passphrase into the WPA pass phrase and select your Data Encryption; TKIP and AES is recomomended. Click Apply when finished.
Apply WPA encryption on the Wireless card.
- Open the configuration utility for your wireless card as described in the previous section.
- Select your wireless network from the Preferred networks list and click Properties. If your wireless network is not shown click Add and enter Network name (SSID) to match the SSID of your router.
- Select WPA_PSK from Network Authentication and AES or TKIP from Data encryption to match your router settings.
- Uncheck The key is provided to me automatically and enter the same Network key you have used to configure the router. Retype the key.
- Press OK.
The Wireless Network Connection icon in the system tray should indicate that wireless connection has been established successfully.
|