Linksys WRT54G wireless setup over LAN

about to setup a wireless  Linksys WRT54G router for a client only problem is they are not not on a  domain or workgroup only a LAN they share internet connections with a Efficient  ADSL router and a netgear dual speed Hub DS116 16 port. the client want me to setup this wireless router so he can go around the office with this laptop with Internet connection and also like me to setup maximum-security what is the best and easy way to do this thanks in advance

Best regards

natcom
LVL 8
natcomAsked:
Who is Participating?
 
JonShCommented:
That sounds right, but for accuracy, it should look like this:


ISP <---> Efficient ADSL Router<----->Netgear Hub<------->LAN PORT on the WRT54G

connecting to the LAN port allows the WRT54G it to work as an access point instead of as a router.

0
 
methabhayaCommented:

Setup the Wireless router with NAT translations from another set of IP's to the client's 1 Internal IP.
then enable WPA with encryption. Make sure to use the maximum password length of 32. Enable all available security on the router.

Then keep the password a secret. Give only to your client and make sure that he keeps it from other's as that is the only encryption that is needed for a hacker to get into your clients network. Wireless is still not that secure from advanced hackers.

If you have a radius server on the network use WPA with Radius. That gives added security.

1 more thing I can suggest is initially configure with basic settings and check connectivity and verify everything is okay. Then start enabling security. That way you run into little problems.
0
 
JonShCommented:
Hmmm....

Okay, step 1, replace the hub with the WRTG54G.....Then connect the hub to one of the WRT54Gs ports.
Now, for security, I usually do the following steps on the wired side.
A) Remove broadcast protocols (Turn off DHCP in the WRT54G)
B) Hardcode IP addresses on the workstations
C) pick a difficult network address/mask to guess....for example
      172.16.33.33 mask 255.255.255.224 for the router, workstations at 172.16.33.34 and up :)
      or be a real nasty guy and use 2.n.n.n on the inside (I doubt it's ever gonna be assigned again)

for the wireless side, I like what methabhaya has to say, but I'll add two items:
A) turn off the SSID broadcast once the wireless machines are up and working
B) don't use the default channel 6.....I'd move to 3 :)
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
natcomAuthor Commented:
Sorry I haven't get back to you guys  I was out of town I would like to make something clear the main Hub and router are  lock on a closet within the office I was hoping that there is it easy way so I can just plug the wireless router into any of the Wan ports within the office
And login into the router and setup the security
0
 
natcomAuthor Commented:
JonSh what do you mean by Remove broadcast protocols and about Hardcode IP addresses on the workstations is only one laptop that i need to have setup for Internet  access wirelessly
0
 
JonShCommented:
ah.  Well, I'm a believer in security.  Why bother to secure the wireless side when any yahoo with a laptop and a ethernet cable can plug into any drop in your office and jump onto your LAN?  So the first thing I do on a LAN segment where users connect is remove any protocol that helps them get onto the LAN easily.  So I turn off DHCP, NTP, RIP/OSPF/IGRP/EIGRP/ETC, CDP, basically any broadcast protocol that I don't need so packets can't be sniffed that easily on a switch.  Of course, when you turn off DHCP, you have to put static addresses on workstations.  I consider it worth it.

I mean, if your wirless network is secure but any salesman that drops by can log on with a cable, how good is that?

0
 
natcomAuthor Commented:
yes definitely  something to think about but my main problem right now is actually the physical setup I can worry about the security  part after I get everything working someone had said to me that I can connect the router into any of the available LAN ports
a cable from the wireless router Wan port to the Lan port on the wall then leave the DHCP on the wireless router and hard code the info from the main router does this make any sense ?
0
 
natcomAuthor Commented:
but if I leave the DHCP on  how can I hard code the info from the main router to the wireless router? on my wireless router at home I can only do it if I tell the router to do static ip adress
0
 
JonShCommented:
hmm....in the diagram above, you aren't using the WRT54G as a router or dhcp server, just as an access point.  Any Wireless client will get it's DHCP-provided address from the Efficient Router, not the Linksys.  In the diagram above, you turn off the Linksys DHCP service.
0
 
natcomAuthor Commented:
oh thanks you so much one more question on the router setup page where it said internet connection type do a leave it as Obtain an ip automatically and Turn off DHCP on the DHCP tab I think this all is going to work but the more clear im about it the better for me
0
 
JonShCommented:
It doesn't matter what the internet connection is set for (WAN Port) since you aren't connecting anything to it.  Leave it as obtainf via DHCP since that is it's default.

0
 
natcomAuthor Commented:
ok I go that part clear now his  laptop already come with a wireless card built in after the physical setup all I need to do is setup the SSID from the wireless router to  match the the wireless card built in on his laptop ? sorry  for all this  questions but im still kind of a newbie when it comes to wireless technology but im  learning   - :)
0
 
JonShCommented:
other way around.  Tell the card in the laptop to connect to the network with the ssid of the WRT54G.  Of course, first make the WRT54Gs SSID something unique......
0
 
natcomAuthor Commented:
Thanks JonSh he is now online with his laptop I only need to setup the security part and I can take care of that now thanks for your help  and everyone else as well. for making this the best IT site on the web
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.