Wireless Group Policy WLAN Radius Part 3 WLAN Radius Config WLAN Client Config Linksys BEFSR41 Firmware Linksys BEFSR41 101 Linksys WAP54G config More Linksys BEFSR config Security how-to Writing DNS Zonefiles Is ZoneAlarm Spyware? Linksys Wishlist Sendmail spamblock Bind

[netmenu.html]

Privacy Feedback

Linksys WAP54G configuration

Configuring this access point is fairly simple. The included "Quick Installation Guide" covers most of the things you need to know to get you started with the configuration wizard. However, there's a whole lot of things that's not covered by the configuration wizard, so you'll have to use a web browser to connect to the device and change some settings there.

While using the configuration wizard to set up the Access Point, there's only a few things you need to bother with: Set the IP address of the device to match your IP address scheme and change the SSID to some temporary value. Doesn't matter what you pick as SSID at first, it'll be changed later on. Finish up with the wizard, and start up your favorite browser. (Note that you should use a computer on the wired network to configure the AP). 

Note: It appears that the device will reboot itself whenever a change is applied to the configuration. That means it may take a few seconds before you're able to re-connect to the Access Point. 

Password.

Using a web browser, connect to the AP with the IP address you gave it using the wizard. The first thing you should do, is change the password to administer the device. Click on the "Password" tab, and change it to a good password (at least 8 characters long, using letters, numbers and special characters). 

SSID.

Next, go to the setup screen, and change the "SSID Broadcast" value to "disabled". Apply the change, and then change the SSID value to something else. Don't use anything easily guessed (like your dogs' name, your car model); try to be a little creative. Since you have to type this SSID into the configuration of your Wireless Networkcards, you should probably curb the creativity a little bit. And, best security practice suggests that the SSID is changed on a regular basis, so overly complicating things may discourage you from changing the SSID.

Channel number.

Change the channel number. The default is channel six, so everyone who is too eager to get things up a running are leaving all the default values. There's no need to be on channel six, and since so many others are probably on channel six, pick something else.

Encryption.

It's definately recommended that you encrypt your wireless connections. Although WEP encryption is not the best, it is still better than transmitting all your data in cleartext. Click the "Edit WEP settings" button on the "Setup" screen, select 128Bit, type in a passphrase and click the "generate" button. This is the easy way to generate encryption keys. Doing it this way will create 4 identical keys. The key actually used is the one matching the "Default Transmit Key" at the top of the "WEP Keys" page. You can manually enter 4 different keys, and then change the "Default Transmit Key" to select the one to be used. You'll have to type in the correct key into your Wireless Network card configuration as well... 

Version 1.08 of the firmware for the Linksys WAP54G supports WPA. WPA uses different encryption algorythms, including AES, which is very good. There's only two downsides: The 1.08 firmware seems to have some issues. Every time I made changes to the configuration, the device would crash, and I had to powercycle it to get it working again... The other downside is that WPA is not directly supported by the drivers for the Linksys WPC54G network cards. Windows XP users can get an upgrade from Microsoft that'll take care of it, but Windows 2000 users has to purchase a 3rd party client software to reap the benefits of WPA. Sad, but true...

UPDATE: Release 2.06 for the WAP54G resolves the crashing described above. Since it's now possible to use WPA rather than WEP for encryption, now is a good time to upgrade. Installing the newest drivers for the WPC54G card (1.30 is what I have) comes with the Odyssey client from Funk software integrated, and you can now use WPA on Windows2000 (and W98?). Unfortunately, it seems that only WPA works with this version of the drivers (for the card), so don't bother installing it if you don't have an Access Point capable of doing WPA.

MAC Address Filtering.

MAC address filtering allows you to specify which network cards are allowed to connect to your Access Point. Although it might be a hassle to type these in, this is perhaps the best way to keep snoopers out of your wireless network. Click on the "Advanced" (yellow) tab, and then on the "Filters" tab. Switch the "Filtered MAC Address" to "Enable", select "Permit", and type in the MAC address(es) of your Wireless Networkcard(s). On the WPC54G, these are printed on the underside of the cards, and looks something like "000C41xxxxxx". Once these are entered, hit "Apply", and you're done!.

Trouble connecting with your wireless card?

So did I. For some reason, I was unable to get an IP address using DHCP, so I hardcoded the IP address on my laptop. Once I did that, my connection worked just fine. 

Other things to look for: 

Upon further examination, in order for DHCP to work when WEP is enabled, the SSID Broadcast setting must be set to "enabled". 

Additional Security

You may want to consider installing a desktop firewall on your wireless computer. Set it up to be very restrictive for inbound connections, preferably block all inbound connections to your computer. If your wireless network is compromised, the hacker will be on the same LAN as you, so you can't even trust your own LAN ...

Note: The "Linksys Configuration Utility" that comes with the WPC54G cards (I assume there are similar "utilities" with their other wireless cards as well) actually generates quite some network traffic on it's own. It does a large number of DNS lookups for "www.microsoft.com", and it also attempts to connect to a number of servers on the internet using the Daytime protocol... I don't know if it's trying the set the time on the computer or what, but ... there's no way of turning it off that I've found, so I've blocked it using whichever desktop firewall I'm using at the moment...

© 1999 - 2005 Lars M. Hansen