Solved

Linksys WRT54G wireless setup over LAN

Posted on 2004-10-28
1,170 Views
Last Modified: 2013-11-30
about to setup a wireless  Linksys WRT54G router for a client only problem is they are not not on a  domain or workgroup only a LAN they share internet connections with a Efficient  ADSL router and a netgear dual speed Hub DS116 16 port. the client want me to setup this wireless router so he can go around the office with this laptop with Internet connection and also like me to setup maximum-security what is the best and easy way to do this thanks in advance

Best regards

natcom
0
Question by:natcom
    14 Comments
     
    LVL 2

    Expert Comment

    by:methabhaya

    Setup the Wireless router with NAT translations from another set of IP's to the client's 1 Internal IP.
    then enable WPA with encryption. Make sure to use the maximum password length of 32. Enable all available security on the router.

    Then keep the password a secret. Give only to your client and make sure that he keeps it from other's as that is the only encryption that is needed for a hacker to get into your clients network. Wireless is still not that secure from advanced hackers.

    If you have a radius server on the network use WPA with Radius. That gives added security.

    1 more thing I can suggest is initially configure with basic settings and check connectivity and verify everything is okay. Then start enabling security. That way you run into little problems.
    0
     
    LVL 4

    Expert Comment

    by:JonSh
    Hmmm....

    Okay, step 1, replace the hub with the WRTG54G.....Then connect the hub to one of the WRT54Gs ports.
    Now, for security, I usually do the following steps on the wired side.
    A) Remove broadcast protocols (Turn off DHCP in the WRT54G)
    B) Hardcode IP addresses on the workstations
    C) pick a difficult network address/mask to guess....for example
          172.16.33.33 mask 255.255.255.224 for the router, workstations at 172.16.33.34 and up :)
          or be a real nasty guy and use 2.n.n.n on the inside (I doubt it's ever gonna be assigned again)

    for the wireless side, I like what methabhaya has to say, but I'll add two items:
    A) turn off the SSID broadcast once the wireless machines are up and working
    B) don't use the default channel 6.....I'd move to 3 :)
    0
     
    LVL 8

    Author Comment

    by:natcom
    Sorry I haven't get back to you guys  I was out of town I would like to make something clear the main Hub and router are  lock on a closet within the office I was hoping that there is it easy way so I can just plug the wireless router into any of the Wan ports within the office
    And login into the router and setup the security
    0
     
    LVL 8

    Author Comment

    by:natcom
    JonSh what do you mean by Remove broadcast protocols and about Hardcode IP addresses on the workstations is only one laptop that i need to have setup for Internet  access wirelessly
    0
     
    LVL 4

    Expert Comment

    by:JonSh
    ah.  Well, I'm a believer in security.  Why bother to secure the wireless side when any yahoo with a laptop and a ethernet cable can plug into any drop in your office and jump onto your LAN?  So the first thing I do on a LAN segment where users connect is remove any protocol that helps them get onto the LAN easily.  So I turn off DHCP, NTP, RIP/OSPF/IGRP/EIGRP/ETC, CDP, basically any broadcast protocol that I don't need so packets can't be sniffed that easily on a switch.  Of course, when you turn off DHCP, you have to put static addresses on workstations.  I consider it worth it.

    I mean, if your wirless network is secure but any salesman that drops by can log on with a cable, how good is that?

    0
     
    LVL 8

    Author Comment

    by:natcom
    yes definitely  something to think about but my main problem right now is actually the physical setup I can worry about the security  part after I get everything working someone had said to me that I can connect the router into any of the available LAN ports
    a cable from the wireless router Wan port to the Lan port on the wall then leave the DHCP on the wireless router and hard code the info from the main router does this make any sense ?
    0
     
    LVL 4

    Accepted Solution

    by:
    That sounds right, but for accuracy, it should look like this:


    ISP <---> Efficient ADSL Router<----->Netgear Hub<------->LAN PORT on the WRT54G

    connecting to the LAN port allows the WRT54G it to work as an access point instead of as a router.

    0
     
    LVL 8

    Author Comment

    by:natcom
    but if I leave the DHCP on  how can I hard code the info from the main router to the wireless router? on my wireless router at home I can only do it if I tell the router to do static ip adress
    0
     
    LVL 4

    Expert Comment

    by:JonSh
    hmm....in the diagram above, you aren't using the WRT54G as a router or dhcp server, just as an access point.  Any Wireless client will get it's DHCP-provided address from the Efficient Router, not the Linksys.  In the diagram above, you turn off the Linksys DHCP service.
    0
     
    LVL 8

    Author Comment

    by:natcom
    oh thanks you so much one more question on the router setup page where it said internet connection type do a leave it as Obtain an ip automatically and Turn off DHCP on the DHCP tab I think this all is going to work but the more clear im about it the better for me
    0
     
    LVL 4

    Expert Comment

    by:JonSh
    It doesn't matter what the internet connection is set for (WAN Port) since you aren't connecting anything to it.  Leave it as obtainf via DHCP since that is it's default.

    0
     
    LVL 8

    Author Comment

    by:natcom
    ok I go that part clear now his  laptop already come with a wireless card built in after the physical setup all I need to do is setup the SSID from the wireless router to  match the the wireless card built in on his laptop ? sorry  for all this  questions but im still kind of a newbie when it comes to wireless technology but im  learning   - :)
    0
     
    LVL 4

    Expert Comment

    by:JonSh
    other way around.  Tell the card in the laptop to connect to the network with the ssid of the WRT54G.  Of course, first make the WRT54Gs SSID something unique......
    0
     
    LVL 8

    Author Comment

    by:natcom
    Thanks JonSh he is now online with his laptop I only need to setup the security part and I can take care of that now thanks for your help  and everyone else as well. for making this the best IT site on the web
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Lets look at the default installation and configuration of FreeProxy 4.10 REQUIREMENTS 1. FreeProxy 4.10 Application - Can be downloaded here (http://www.handcraftedsoftware.org/index.php?page=download) 2. Ensure that you disable the windows fi…
    Article by: IanTh
    Hi Guys After a whole weekend getting wake on lan over the internet working, I thought I would share the experience. Your firewall has to have a port forward for port 9 udp to your local broadcast x.x.x.255 but if that doesnt work, do it to a …
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now