Securing your wireless network is a
simple process, which generally does not require a lot of time. Please
follow these instructions to secure your wireless network.
WRT54G
Before you begin, please try to
configure the WRT54G from a hardwired PC for simplicity. Whenever
security is changed you’ll need to change the settings on all wireless units so
it’s a good rule of thumb to do security changes from a hardwired PC if
possible.
Accessing the Router
1. Go to your desktop and double click
on Internet Explorer (Located on the Start Menu in Windows XP)
2. When "Internet Explorer"
opens type the routers IP address into the "Address" bar and hit the
[Enter] key (The Wireless routers default IP address is http://192.168.1.1)
3. The "Enter Network
Password" window will appear.
4. Skip user name and type in
your password (admin is the default password), and click OK
Setup Page Security
Options
When you arrive at the Setup page,
you'll see the bulk of your wireless security features. There are three
things you're going to want to set on this page:
1. SSID
a) Delete linksys from the
"SSID" field
b) Input your own unique SSID.
We general recommend something easy to remember, but secure enough to where
people would not be able to guess it easily. Sometimes your best bet is
to use your last name and add some numbers, in this example we’re using linksys12345678910.
c) Click Apply then Continue
2. SSID Broadcast
SSID broadcasts allows other 802.11b
and 802.11g users to see your Access Points SSID, by disabling this option is
similar to closing your binds and not letting people see through. If you
have Windows XP computer(s), do this step last.
a) Select Disable on the “SSID
Broadcast”.
b) Click Apply then Continue
3. WEP
a) Set “Wireless Security” to Enable.
b) Click the Edit Security Settings
button.
c) A window will appear prompting you
“Do you want to enable the Security Encryption?” click OK.
d) When the "Security
Settings" Window appears, set the “Security Mode” to WEP*.
Then set the “WEP Encryption” to the 128 bits 26 hex digits option.
NOTE: 128 bit WEP may not work on
non-Linksys products due to its lack of an IEEE standard
e) Enter a passphrase** that is
different from the SSID. Try to make it alphanumeric; instead of just security,
use security12345, then click the Generate button.
f) After the key has been generated
copy the key into a notepad document and copy that file onto a floppy.
*NOTE: There are other security options, which the WRT54G uses,
however, not all wireless adapter currently support security implementations
such WPA and 802.1x. Most wireless adapters support either 64-bit WEP or
128-bit WEP, so Linksys recommends using WEP unless you know that all of your
wireless adapters support WPA.
**NOTE:
The passphrase will not work with non-Linksys products, so you will need to use
the 1st key that you copied onto floppy. You will also need
the key, not the passphrase for using Linksys products under Windows XP
g) Click Apply then Continue
h) Close the window
i) Click Apply then Continue
on the setup page.
Note: If you need help setting up
WEP on your wireless NIC’s, please see Answer
ID 749
Setting up Wireless MAC
Filtering
The Wireless MAC Filtering option is
a very good security feature. This option either allows or denies access
to all wireless clients that are listed. The best security is for you to
only allow those whom are listed. To setup Wireless MAC Filtering, have
all of your wireless PC’s online wirelessly and follow these instructions:
1. From the "Setup" page, click
the Advanced tab.
2. When you arrive at the “Advanced
Wireless” section, set the “Wireless MAC Filter” option to Enable.
3. Set the option under “Wireless MAC
Filter to Permit only, then click the Edit MAC Filter List
button.
4. When the “MAC Address Filter List”
window appears, click the Wireless MAC List button.
5. The “Wireless Active Client MAC
List” window will open, when it does check the box under Enable MAC Filter
for each of your PC’s that are listed under “Active PC”. After you do
this, click the Update Filter List button.
6. After you click the “Update Filter
List” button, you should be back at the “MAC Address Filter List” window, and
each of the MAC Addresses will be input into their own space. Scroll to
the bottom of the list and click the Apply button.
7. If the “MAC Address Filter List”
window is still active, close it and click the Apply button on the
“Advanced Wireless” page.
BEFW11S4
Before
you begin, please try to configure the BEFW11S4 from a hardwired PC for
simplicity. Whenever security is changed you’ll need to change the
settings on all wireless units so it’s a good rule of thumb to do security
changes from a hardwired PC if possible.
Accessing the Router
- Go to your desktop and double click on Internet
Explorer (Located on the Start Menu in Windows XP)
- When "Internet Explorer" opens type the
routers IP address into the "Address" bar and hit the [Enter]
key (The Wireless routers default IP address is http://192.168.1.1)
- The "Enter Network Password" window will
appear.
- Skip user name and type in your password (admin
is the default password), and click OK
Setup Page Security
Options
When you arrive at the Setup page,
you'll see the bulk of your wireless security features. There are three
things you're going to want to set on this page:
1. SSID
d) Delete linksys from the
"SSID" field
e) Input your own unique SSID.
We general recommend something easy to remember, but secure enough to where
people would not be able to guess it easily. Sometimes your best bet is
to use your last name and add some numbers, however for this example we’re
using KB1234.
f) Click Apply then Continue
- SSID Broadcast (Firmware 1.42.7 and above
only)
SSID broadcasts allows other 802.11b
and 802.11g users to see your Access Points SSID, by disabling this option is
similar to closing your binds and not letting people see through.
c) Click No on the Allow
"Broadcast" SSID to associate?
d) Click Apply then Continue
- WEP
b) Click Mandatory for the
"WEP" Option
j) Click the WEP Key Settings
button
k) A window will appear prompting you
to change “WEP to Mandatory”, click Yes.
l) When the "Wep Key
Settings" Window appears, change the option from 64 to 128*
NOTE: 128 bit
WEP may not work on non-Linksys products due to its lack of an IEEE standard
m) Enter a passphrase** that is
different from the SSID. Try to make it alphanumeric; instead of
password, use password5532, then click Generate.
n) After the key has been Generated
copy the key into a notepad document and copy that file onto a floppy.
**NOTE:
The passphrase will not work with non-Linksys products, so you will need to use
the passphrase that you copied onto floppy. 
o) Click Apply then Continue
p) Close the window
q) Click Apply then Continue
on the setup page.
Note: If you need help setting up
WEP on your NIC, please see Answer
ID 749
Setting up Station MAC
Filter
The Station MAC Filter option is a
very good security feature that has been added to Firmware 1.42.7 and
above. This option denies all wireless clients except those listed.
To implement this feature please follow these instructions:
8. From the "Setup"
page, click Advanced
9. When the "Filters" page
opens, click on the Wireless tab
10. Make sure all wireless computers are setup to the router, and are
currently able to access the internet. Once this is done, click on the Active
MAC Table button.
11. Move the "Wireless Active MAC Table" window and click on Edit
MAC Filter Settings on the main window.
12. When the "Wireless Group MAC Table" opens, go to the task
bar and click on the Wireless Active MAC Table so that window appears.
13. With the two windows side by side enter the MAC Addresses from the
"Wireless Active MAC Table" window into the Wireless Group MAC
Table.
- NOTE: When you
enter the MAC Addresses do not include the dashes, and do not click
"Filter"
14. Click Apply then Continue in the "Wireless Group
MAC Table" window.
15. Close the "Wireless Group MAC Table" window and the
"Wireless Active MAC Table" window
16. On the Main window Enable the “Station MAC Filter setting”.
WAP11
Before you begin, please try to
configure the WAP11 from a hardwired PC for simplicity. Whenever security
is changed you’ll need to change the settings on all wireless units so it’s a
good rule of thumb to do security changes from a hardwired PC if possible.
Accessing the WAP11’s
Configuration
1. Go to your desktop and double click
on Internet Explorer (Located on the Start Menu in Windows XP)
2. When "Internet Explorer"
opens type the WAP11’s IP address into the "Address" bar and hit the
[Enter] key (Note: The WAP11’s default IP address is http://192.168.1.251)
3. The "Enter Network
Password" window will appear.
4. Skip user name and type in
your password (admin is the default password), and click OK
Setting up MAC Filtering
The Station MAC Filter option is a
very good security feature. This option denies all wireless clients
except those listed. To implement this feature please follow these
instructions:
Before proceeding, please make sure
that all the wireless computers are turned off.
1. From the "Setup" page, on
the Log tab.
2. When the “Log” area loads, make
sure that the “Access Log” is set to Enable, if it is not, then click on
Enable, then click Apply.
3. Click on the View Log
button, and a new window, “View Log”, will appear. Click on the Clear
Log button, then turn on all the wireless PC’s.
4. After the Wireless PC’s have
started and are logged onto the WAP11, click on the Refresh
button. You should see all your wireless stations under the “Message”
column. Leave this window open and proceed step.
5. Click on the Advanced Tab.
6. After the “Filters” area loads, set
the “Filtered MAC Address” option to Enable, then make sure the option
for “Only allow PCs with MAC listed below to access device” is selected.
7. After doing that input the numbers
after “Wireless PC connected” from the “View Log” window, however do not put
the dashes. After you do that your window should look similar to this:
8. Click Apply then Continue.
Disabling SSID Broadcast
SSID broadcasts allows other 802.11b
and 802.11g users to see your Access Points SSID, by disabling this option is
similar to closing your binds and not letting people see through.
1. From the “Filters” tab in the
“Advanced” section of the WAP11’s setup, click on the Wireless tab.
2. When you arrive at the “Wireless”
tab, you’ll notice the last option is called “SSID Broadcast”, by default the
option is set to Enable, however to secure your network, click on the Disable
option, then click Apply, then Continue.
Setup Page Security
Options
These are basic functions found
under the “Setup” tab. It’s recommended to utilize the features here
after you’ve secured your network by filtering MAC Addresses and disabling the
SSID Broadcast.
1. SSID
a) Delete linksys from the
"SSID" field
b) Input your own unique SSID.
We general recommend something easy to remember, but secure enough to where
people would not be able to guess it easily. Sometimes your best bet is
to use your last name and add some numbers, however for this example we’re
using KB1234.
2. WEP
a) Click Mandatory for the
"WEP" Option
b) Click the WEP Key Settings
button
c) When the "Wep Key
Settings" Window appears, change the option from 64 to 128*
NOTE: 128 bit
WEP may not work on non-Linksys products due to its lack of an IEEE standard
d) Enter a passphrase** that is
different from the SSID. Try to make it alphanumeric; for example instead
of just password, use password5532, then click Generate.
e) After the key has been Generated
copy the key into a notepad document and copy that file onto a floppy.
Make sure to copy the keys side by side.
**NOTE:
The passphrase will not work with non-Linksys products, so you will need to use
the passphrase that you copied onto floppy.
f) Click Apply then close the
window
g) Click Apply then Continue
on the “Setup” page.
Note: If you need help setting up
WEP on your NIC, please see Answer
ID 749