Reference Manual for the 54 Mbps Wireless Powerline Access Point WGX102 v2 NETGEAR, Inc.
Regulatory Approvals FCC Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
© 2004 by NETGEAR, Inc. All rights reserved. July 2004. Trademarks NETGEAR is a trademark of Netgear, Inc. Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation.Other brand and product names are registered trademarks or trademarks of their respective holders. Statement of Conditions In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice.
FCC Caution 1. FCC RF Radiation Exposure Statement: The equipment complies wiht FCC RF radiation exposure limits set forth for an uncontrolled environmnet. This equipment should be installed and operated with a minimum distance of 20 centimeters between the radiator and your body. 2. This Transmitter must not be co-located or oeprating in conjunction wiht any other antenna or transmitter. 3.
Declaration of Conformity in Languages of the European Community Finnish: Valmistaja NETGEAR, Inc. vakuuttaa täten että Radio LAN device tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen. Dutch: Hierbij verklaart NETGEAR, Inc. dat het toestel Radio LAN device in overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG. French: Par la présente NETGEAR, Inc.
Contents Chapter 1 About This Manual Audience, Scope, Conventions, and Formats ................................................................1-1 How to Use This Manual ................................................................................................1-2 How to Print this Manual .................................................................................................1-3 Chapter 2 Introduction Key Features ...............................................................................
Using the Smart Setup Wizard .....................................................................................3-15 NETGEAR Product Registration, Support, and Documentation ...................................3-16 Chapter 4 Wireless Configuration Observe Performance, Placement, and Range Guidelines ............................................4-1 Implement Appropriate Wireless Security ......................................................................4-2 Understanding Wireless Settings ................
Adding a Custom Service .........................................................................................7-5 Editing or Deleting a Port Forwarding Entry .............................................................7-5 Local Web and FTP Server Example .......................................................................7-6 Multiple Computers for Half Life, KALI or Quake III Example ..................................7-6 Configuring the WAN Setup Options ..............................................
Appendix A Technical Specifications Appendix B Network, Routing, Firewall, and Basics Related Publications ...................................................................................................... B-1 Basic Router Concepts .................................................................................................. B-1 What is a Router? ................................................................................................... B-1 Routing Information Protocol ......................
Install or Verify Windows Networking Components ................................................. C-4 Enabling DHCP to Automatically Configure TCP/IP Settings in Windows 95B, 98, and Me C-6 Selecting Windows’ Internet Access Method .......................................................... C-8 Verifying TCP/IP Properties .................................................................................... C-8 Configuring Windows NT4, 2000 or XP for IP Networking ............................................
How Does WPA Compare to WEP? ........................................................................ D-9 How Does WPA Compare to IEEE 802.11i? ........................................................ D-10 What are the Key Features of WPA Security? ...................................................... D-10 WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS .................................................. D-12 WPA Data Encryption Key Management .............................
Chapter 1 About This Manual This chapter describes the intended audience, scope, conventions, and formats of this manual. Audience, Scope, Conventions, and Formats This reference manual assumes that the reader has basic to intermediate computer and Internet skills. However, basic computer network, Internet, firewall, and VPN technologies tutorial information is provided in the Appendices and on the Netgear Web site. This guide uses the following typographical conventions: Table 1-1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How to Use This Manual The HTML version of this manual includes a variety of navigation features as well as links to PDF versions of the full manual and individual chapters. 2 1 3 Figure 1 -1: HTML version of this manual 1. Left pane. Use the left pane to view the Contents, Index, Search, and Favorites tabs. To view the HTML version of the manual, you must have a version 4 or later browser with JavaScript enabled. 2. Toolbar buttons.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How to Print this Manual To print this manual you can choose one of the following several options, according to your needs. • Printing a “How To” Sequence of Steps in the HTML View. Use the Print button on the upper right of the toolbar to print the currently displayed topic. Use this button when a step-by-step procedure is displayed to send the entire procedure to your printer.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 4 About This Manual July 2004 202-10036-01
Chapter 2 Introduction Congratulations on your purchase of the NETGEAR® 54 Mbps Wall-Plugged Router WGX102. The WGX102 router provides connection for multiple computers to the Internet through an external broadband access device (such as a cable modem or DSL modem) that is normally intended for use by a single computer. This chapter describes the features of the NETGEAR 54 Mbps Wall-Plugged Router WGX102.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • • • • • Ethernet connection to a wide area network (WAN) device, such as a cable modem or DSL modem. Extensive Protocol Support. Login capability. Front panel LEDs for easy monitoring of status and activity. Flash memory for firmware upgrades. 802.11g Wireless Networking The WGX102 router includes an 802.11g wireless access point, providing continuous, high-speed 54 Mbps access between your wireless and wall-plugged devices.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The WGX102 will log security events such as blocked incoming traffic, port scans, attacks, and administrator logins. You can configure the router to E-mail the log to you at specified intervals. You can also configure the router to send immediate alert messages to your E-mail address or E-mail pager whenever a significant event occurs. • The WGX102 prevents objectionable content from reaching your computers.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Automatic Configuration of Attached computers by DHCP The WGX102 router dynamically assigns network configuration information, including IP, gateway, and domain name server (DNS) addresses, to attached computers on the LAN using the Dynamic Host Configuration Protocol (DHCP). This feature greatly simplifies configuration of computers on your local network.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Flash memory for firmware upgrades. • Free technical support seven days a week, twenty-four hours a day, for 90 days from the date of purchase. Package Contents The product package should contain the following items: • • 54 Mbps Wall-Plugged Router WGX102. NETGEAR 54 Mbps Wall-Plugged Router WGX102 Resource CD (230-10091-01), including: — This guide. — The Installation Guide. — Application Notes and other helpful information.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The Router’s Front Panel The front panel of the WGX102 router contains the status lights described below. Figure 2-1: WGX102 Front Panel You can use the status lights to verify connections. Viewed from left to right, the table below describes the lights on the front panel of the router. Table 2-1. Status Light Descriptions Label Activity Description Power On Green Solid Off Power is supplied and the router.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The Router’s Label on the Rear Panel The label on the rear panel of the WGX102 router contains the items listed below.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The Router’s Bottom Panel The Factory Default Reset push button on the bottom panel is for Restoring the Default Configuration and Password. A Road Map for ‘How to Get There From Here’ The introduction and adoption of any new technology can be a difficult process. Broadband Internet service is considered so useful that more and more people want to set up networks in their home to share a broadband connection.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Table 2-1. A Road Map for How to Get There From Here If I Want To? What Do I Do? What’s Needed? Protect my wireless connection from snooping, hacking, or information theft. 1. Assure that the wireless network has security features enabled. • A wireless network WEP or To learn about wireless WPA security enabled. networking security, see “Wireless Networking Basics” on • Wireless networking page D-1. equipment that supports 2.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Table 2-1. If I Want To? A Road Map for How to Get There From Here What Do I Do? What’s Needed? Share Windows PC files and printers at home in a combined wireless and wired network. • Windows computers (wired 1. Use the Windows and wireless) I am using to Printers and Fax connect to the network features to locate need to be configured with available printers in the Windows Client and the combined File and Print Sharing.
Chapter 3 Connecting the Router to the Internet This chapter describes how to set up the router on your local area network (LAN) and connect to the Internet. You will find out how to configure your 54 Mbps Wall-Plugged Router WGX102 for Internet access using the Setup Wizard, or how to manually configure your Internet connection. Follow these instructions to set up your router.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. RESTART YOUR NETWORK IN THE CORRECT SEQUENCE Warning: Failure to restart your network in the correct sequence could prevent you from connecting to the Internet. a. First, turn on the broadband modem and wait 2 minutes. b. Now, turn on your computer. Note: For DSL customers, if software logs you in to the Internet, do not run that software.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • • Wireless: The Wireless light should be lit. If the Wireless light is not lit, see “Troubleshooting Tips” on page 3-8. LAN: A LAN light should be lit. Green indicates your computer is communicating at 100 Mbps; yellow indicates 10 Mbps. If a LAN light is not lit, check that the Ethernet cable from the computer to the router is securely attached at both ends, and that the computer is turned on. Connect the Wireless Router to the Internet 1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 B ,QWHUQHW ,QWHUQHW SRUW PRGHP URXWHU &DEOH Figure 3-3: Connect the wireless router to the modem e. Note: Place the WGX102 router in a location which conforms to the “Observe Performance, Placement, and Range Guidelines” on page 4-1. The stand provided with the wireless router provides a convenient, space-saving way of installing the wireless router. Avoid stacking it on other electronic equipment.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 a. From the Ethernet connected PC you just set up, open a browser such as Internet Explorer or Netscape® Navigator. In its factory default state, the wireless router will automatically display the NETGEAR Smart Wizard configuration assistant welcome page.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 b. Click OK. Follow the prompts to proceed with the Smart Wizard configuration assistant to connect to the Internet. c. Follow the instructions on the screen to enable the wireless feature. Figure 3-6: Enable the wireless feature d. Enable your wireless network, click Next to proceed, then click Done to finish. If you have trouble connecting to the Internet, see “Troubleshooting Tips” on page 3-8 to correct basic problems.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Now, Set Up a Computer for Wireless Connectivity You are now connected to the Internet and the wireless feature of the wireless router is enabled! Next, configure your wireless computer. 1. CONFIGURE THE COMPUTER’S WIRELESS ADAPTER SETTINGS :LUHOHVV $GDSWHU LQ D 1RWHERRN &RPSXWHU Figure 3-7: Configure wireless computer NETGEAR, Inc.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Troubleshooting Tips Here are some tips for correcting simple problems you may have. Be sure to restart your network in this sequence: 1) Turn off the modem, wireless router, and computer; 2) Turn on the modem, wait two minutes; 3) Turn on the wireless router and wait 1 minute; 4) Turn on the computer. Make sure the Ethernet cables are securely plugged in.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Overview of How to Access the Wireless Router The table below describes how you access the wireless router, depending on the state of the wireless router. Table 3-1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How to Log On to the Wireless Router After Configuration Settings Have Been Applied 1. Connect to the wireless router by typing http://www.routerlogin.net in the address field of your browser, then click Enter. Figure 3-8: Login address 2. For security reasons, the router has its own user name and password. When prompted, enter admin for the router user name and password for the router password, both in lower case letters.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Figure 3-10: Login result: WGX102 home page The browser will then display the WGX102 settings home page. When the wireless router is connected to the Internet, click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the wireless router. If you do not click Logout, the wireless router will wait 5 minutes after there is no activity before it automatically logs you out.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How to Bypass the Configuration Assistant 1. When the wireless router is in the factory default state, type http://www.routerlogin.net/basicsetting.htm in the address field of your browser, then click Enter. When the wireless router is in the factory default state, a user name and password are not required. 2. The browser will then display the WGX102 settings home page shown in “Login result: WGX102 home page” on page 3-11.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How to Manually Configure Your Internet Connection You can manually configure your router using the menu below, or you can allow the Setup Wizard to determine your configuration as described in the previous section. ISP Does Not Require Login ISP Does Require Login Figure 3-11: Browser-based configuration Basic Settings menus You can manually configure the router using the Basic Settings menu shown in Figure 3-11 using these steps: 1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. For security reasons, the wireless router has its own user name and password. When prompted, enter admin for the router user name and password for the router password, both in lower case letters. 3. Click Basic Settings on the Setup menu. 4. If your Internet connection does not require a login, click No at the top of the Basic Settings menu and fill in the settings according to the instructions below.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Note: After you finish setting up your router, you will no longer need to launch the ISP’s login program on your computer in order to access the Internet. When you start an Internet application, your router will automatically log you in. a. Select your Internet service provider from the drop-down list. Figure 3-12: Basic Settings ISP list Note: Not all ISPs are listed here. The ones on this list have special requirements. b.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. For security reasons, the router has its own user name and password. When prompted, enter admin for the router user name and password for the router password, both in lower case letters. To change the password, see “Changing the Administrator Password” on page 6-8. Note: The router user name and password are not the same as any user name or password you may use to log in to your Internet connection.
Chapter 4 Wireless Configuration This chapter describes how to configure the wireless features of your WGX102 router. In planning your wireless network, you should consider the level of security required. You should also select the physical placement of your firewall in order to maximize the network speed. For further information on wireless networking, refer to Appendix D, “Wireless Networking Basics.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Implement Appropriate Wireless Security Note: Indoors, computers can connect over 802.11b/g wireless networks at ranges of up to 300 feet. Such distances can allow for others outside of your immediate area to access your network. Unlike wired network data, your wireless data transmissions can be received well beyond your walls by anyone with a compatible adapter. For this reason, use the security features of your wireless equipment.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • WPA-PSK. Wi-Fi Protected Access (WPA) data encryption provides strong data security. WPA-PSK will block eavesdropping. Because this is a new standard, wireless device driver and software availability may be limited. Understanding Wireless Settings To configure the Wireless settings of your firewall, click the Wireless link in the main menu of the browser interface. The Wireless Settings menu will appear, as shown below.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Mode. This field determines which data communications protocol will be used. You can select “g only,” “b only,” or “g and b.” “g only” dedicates the WGX102 to communicating with the higher bandwidth 802.11g wireless devices exclusively. “b only” dedicates the WGX102 to communicating with the higher bandwidth 802.11b wireless devices exclusively. The “g and b” mode provides backward compatibility with the slower 802.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 To configure the advanced wireless settings of your firewall, click the Wireless Setup link in the Advanced section of the main menu of the browser interface. The Wireless Settings menu will appear, as shown below. Figure 4-3: Advanced Wireless Settings menu • Allow Broadcast of Name (SSID). If you disable broadcast of the SSID, only devices that have the correct SSID can connect.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Information to Gather Before Changing Basic Wireless Settings Before customizing your wireless settings, print this form and record the following information. If you are working with an existing wireless network, the person who set up or is responsible for the network will be able to provide this information. Otherwise, you will choose the settings for your wireless network.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Default Factory Settings When you first receive your WGX102, the default factory settings are shown below. You can restore these defaults with the Factory Default Restore button on the rear panel. After you install the WGX102 router, use the procedures below to customize any of the settings to better meet your networking needs.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. Click Wireless Settings in the main menu of the WGX102 firewall. Figure 4-4: Wireless Settings menu 3. Choose a suitable descriptive name for the wireless network name (SSID). In the SSID box, enter a value of up to 32 alphanumeric characters. The default SSID is NETGEAR. Note: The SSID is case sensitive; NETGEAR is not the same as nETgear.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Note: If you are configuring the firewall from a wireless computer and you change the firewall’s SSID, channel, or security settings, you will lose your wireless connection when you click on Apply. You must then change the wireless settings of your computer to match the firewall’s new settings. 8. Configure and test your computers for wireless connectivity.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 4. Select the Authentication Type and Encryptions strength from the drop-down lists. Figure 4-5. Wireless Settings encryption menu You can manually or automatically program the four data encryption keys. These values must be identical on all computers and Access Points in your network. • Automatic - Enter a word or group of printable characters in the Passphrase box and click the Generate button.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How to Configure WPA-PSK Wireless Security Note: Not all wireless adapters support WPA. Furthermore, client software is also required. Windows XP and Windows 2000 with service pack 3 do include WPA support. Nevertheless, the wireless adapter hardware and driver must also support WPA. For instructions on configuring wireless computers or PDAs for WPA-PSK security, consult the documentation for the product you are using.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 1. Log in to the WGX102 firewall at its default LAN address of http://www.routerlogin.net with its default user name of admin and default password of password, or using whatever LAN address and password you have set up. Note: When configuring the firewall from a wireless computer whose MAC address is not in the Trusted PC list, if you select Turn Access Control On, you will lose your wireless connection when you click on Apply.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 5. Click the Turn Access Control On check box. 6. Then, either select from the list of available wireless cards the WGX102 has found in your area, or enter the MAC address and device name for a device you plan to use. You can usually find the MAC address printed on the wireless adapter. Note: You can copy and paste the MAC addresses from the firewall’s Attached Devices menu into the MAC Address box of this menu.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 4-14 Wireless Configuration July 2004 202-10036-01
Chapter 5 Content Filtering This chapter describes how to use the content filtering features of the 54 Mbps Wall-Plugged Router WGX102 to protect your network. These features can be found by clicking on the Content Filtering heading in the Main Menu of the browser interface. Content Filtering Overview The 54 Mbps Wall-Plugged Router WGX102 provides you with Web content filtering options, plus browsing activity reporting and instant alerts via e-mail.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Blocking Access to Internet Sites The WGX102 router allows you to restrict access based on Web addresses and Web address keywords. Up to 255 entries are supported in the Keyword list. The Block Sites menu is shown in Figure 5-1 below: Figure 5-1: Block Sites menu To enable keyword blocking, select either “Per Schedule” or “Always”, then click Apply. If you want to block by schedule, be sure that a time period is specified in the Schedule menu.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • If the keyword “.com” is specified, only Web sites with other domain suffixes (such as .edu or .gov) can be viewed. • If you wish to block all Internet browsing access during a scheduled period, enter the keyword “.” and set the schedule in the Schedule menu. To specify a Trusted User, enter that PC’s IP address in the Trusted User box and click Apply.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 To specify a service for blocking, click Add. The Add Services menu will appear, as shown below: Figure 5-3: Add Services menu From the Service Type list, select the application or service to be allowed or blocked. The list already displays several common services, but you are not limited to these choices. To add any additional services or applications that do not already appear, select User Defined.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Configuring Services Blocking by IP Address Range Under “Filter Services For”, you can block the specified service for a single computer, a range of computers (having consecutive IP addresses), or all computers on your network. Scheduling When Blocking Will Be Enforced The WGX102 router allows you to specify when blocking will be enforced. The Schedule menu is shown below: Figure 5-4: Schedule menu • Use this schedule for blocking content.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Viewing Logs of Web Access or Attempted Web Access The log is a detailed record of what Web sites you have accessed or attempted to access. Up to 128 entries are stored in the log. Log entries will only appear when keyword blocking is enabled, and no log entries will be made for the Trusted User. An example is shown below: Figure 5-5: Logs menu Log entries are described in Table 5-1 Table 5-1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Log action buttons are described in Table 5-2 Table 5-2. Log action buttons Field Description Refresh Click this button to refresh the log screen. Clear Log Click this button to clear the log entries. Send Log Click this button to E-mail the log immediately.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Turn e-mail notification on Check this box if you wish to receive e-mail logs and alerts from the router. • Your outgoing mail server Enter the name of your ISP’s outgoing (SMTP) mail server (such as mail.myISP.com). You may be able to find this information in the configuration menu of your e-mail program. If you leave this box blank, log and alert messages will not be sent via e-mail.
Chapter 6 Maintenance This chapter describes how to use the maintenance features of your 54 Mbps Wall-Plugged Router WGX102. These features can be found by clicking on the Maintenance heading in the Main Menu of the browser interface. Viewing Wireless Router Status Information The Router Status menu provides status and usage information. From the Main Menu of the browser interface, click on Maintenance, then select Router Status to view the System Status screen, shown below.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 This screen shows the following parameters: Table 6-1. Wireless Router Status Fields Field Description Account Name This field displays the Host Name assigned to the router. Firmware Version This field displays the router firmware version. Internet Port These parameters apply to the Internet (WAN) port of the router. MAC Address This field displays the Media Access Control address being used by the Internet (WAN) port of the router.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Table 6-1. Wireless Router Status Fields Field Description Wireless Port These parameters apply to the Wireless port of the router. MAC Address This field displays the Media Access Control address being used by the Wireless port of the router. Name (SSID) This field displays the wireless network name (SSID) being used by the wireless port of the router. The default is NETGEAR.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Table 6-2: Connection Status Items Item Description Default Gateway The WAN (Internet) default gateway the router communicates with. DHCP Server The IP address of the DHCP server which provided the IP configuration addresses. DNS Server The IP address of the DNS server which provides network name to IP address translation. Lease Obtained When the DHCP lease was obtained. Lease Expires When the DHCP lease was expires.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Table 6-3: Item Router Statistics Items Description Rx B/s The current reception (inbound) bandwidth used on the WAN and LAN ports. Up Time The amount of time since the router was last restarted. Up Time The time elapsed since this port acquired the link. Poll Interval Specifies the intervals at which the statistics are updated in this window. Click on Stop to freeze the display.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 From the Main Menu of the browser interface, under the Maintenance heading, select the Settings Backup heading to bring up the menu shown below. Figure 6-5: Settings Backup menu Three options are available, and are described in the following sections. Restoring and Backing Up the Configuration The Restore and Backup options in the Settings Backup menu allow you to save and retrieve a file containing your router’s configuration settings.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Erasing the Configuration It is sometimes desirable to restore the router to original default settings. This can be done by using the Erase function, which will restore all factory settings. After an erase, the router's password will be password, the LAN IP address will be 192.168.0.1, and the router's DHCP client will be enabled. To erase the configuration, click the Erase button.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Figure 6-6: Router Upgrade menu To upload new firmware: 1. Download and unzip the new software file from NETGEAR. In the Router Upgrade menu, click the Browse button and browse to the location of the upgrade file 3. Click Upload. Note: When uploading software to the WGX102 router, it is important not to interrupt the Web browser by closing the window, clicking a link, or loading a new page.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Figure 6-7: Set Password menu To change the password, first enter the old password, then enter the new password twice. Click Apply.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 6-10 Maintenance July 2004 202-10036-01
Chapter 7 Advanced Configuration of the Router This chapter describes how to configure the advanced features of your 54 Mbps Wall-Plugged Router WGX102. These features can be found under the Advanced heading in the Main Menu of the browser interface. . Note: If you are unfamiliar with networking and routing, refer to Appendix B, “Network, Routing, Firewall, and Basics,” to become more familiar with the terms and procedures used in this chapter.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 port triggering will only allow request from Internet after a designated port is 'triggered'. Port triggering applies to chat and Internet games. Figure 7-1: Port Triggering Menu Note: If Disable Port Triggering box is checked after configuring port triggering, port triggering will be disabled but any port triggering configuration information you added to the router will be retained even though it will not be used.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Follow these steps to set up a computer to play Internet games or use Internet applications: 1. Click Add. Figure 7-2: Add Port Trigger Menu 2. Enter a service name in the Service Name box. 3. Under Service User, selecting Any (default) will allow this service to be used by everyone in your network. Otherwise, select Single address and enter the IP address of one computer to restrict the service to a particular computer. 4.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 interface, under Advanced, click on Port Forwarding to view the port forwarding menu, shown below. Figure 7-3: Port Forwarding Menu Use the Port Forwarding menu to configure the router to forward incoming protocols to computers on your local network. In addition to servers for specific applications, you can also specify a Default DMZ Server to which all other incoming protocols are forwarded.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Adding a Custom Service To define a service, game or application that does not appear in the Services & Games list, you must determine what port numbers are used by the service. For this information, you may need to contact the manufacturer of the program that you wish to use. When you have the port number information, follow these steps: 1. Click the Add Custom Service button. Figure 7-4: Ports - Custom Services Menu 2.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. Click Edit or Delete. Local Web and FTP Server Example If a local computer with a private IP address of 192.168.0.33 acts as a Web and FTP server, configure the Ports menu to forward HTTP (port 80) and FTP (port 21) to local address 192.168.0.33 In order for a remote user to access this server from the Internet, the remote user must know the IP address that has been assigned by your ISP. If this address is 172.16.1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Some online games and videoconferencing applications are incompatible with NAT. The WGX102 router is programmed to recognize some of these applications and to work properly with them, but there are other applications that may not function well. In some cases, one local computer can run the application properly if that computer’s IP address is entered as the default in the PORTS Menu.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Disabling the SPI Firewall The SPI (Stateful Inspection) Firewall protects your LAN against Denial of Service attacks. This should only be disabled in special circumstances. Setting Up a Default DMZ Server The default DMZ server feature is helpful when using some online games and videoconferencing applications that are incompatible with NAT.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Setting the MTU Size The normal MTU (Maximum Transmit Unit) value for most Ethernet networks is 1500 Bytes, 1492 Bytes for PPPoE connections, or 1436 for PPTP connections. For some ISPs you may need to reduce the MTU. But this is rarely required, and should not be done unless you are sure it is necessary for your ISP connection.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Using the LAN IP Setup Options The second feature category under the Advanced heading is LAN IP Setup. This menu allows configuration of LAN IP services such as DHCP and RIP. From the Main Menu of the browser interface, under Advanced, click on LAN IP Setup to view the LAN IP Setup menu, shown below.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 These addresses are part of the IETF-designated private address range for use in private networks, and should be suitable in most applications. If your network has a requirement to use a different IP addressing scheme, you can make those changes in this menu. The LAN IP parameters are: • IP Address This is the LAN IP address of the router. • IP Subnet Mask This is the LAN Subnet Mask of the router.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Using the Router as a DHCP server By default, the router will function as a DHCP (Dynamic Host Configuration Protocol) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to the router's LAN. The assigned default gateway address is the LAN address of the router. IP addresses will be assigned to the attached computers from a pool of addresses specified in this menu.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. In the IP Address box, type the IP address to assign to the computer or server. (choose an IP address from the router’s LAN subnet, such as 192.168.0.X) 3. Type the MAC Address of the computer or server. (Tip: If the computer is already present on your network, you can copy its MAC address from the Attached Devices menu and paste it here.) 4. Click Apply to enter the reserved address into the table.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 1. Register for an account with one of the dynamic DNS service providers whose names appear in the ‘Select Service Provider’ box. For example, for dyndns.org, go to www.dyndns.org. 2. Select the Use a dynamic DNS service check box. 3. Select the name of your dynamic DNS Service Provider. 4. Type the Host Name (or domain name) that your dynamic DNS service provider gave you. 5. Type the User Name for your dynamic DNS account. 6.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 To add or edit a Static Route: 1. Click the Add button to open the Add/Edit Menu, shown below. Figure 7-8. Static Route Entry and Edit Menu 2. Type a route name for this static route in the Route Name box under the table. (This is for identification purposes only.) 3. Select Private if you want to limit access to the LAN only. The static route will not be reported in RIP. 4. Select Active to make this route effective. 5.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 When you first configured your router, two implicit static routes were created. A default route was created with your ISP as the gateway, and a second static route was created to your local network for all 192.168.0.x addresses. With this configuration, if you attempt to access a device on the 134.177.0.0 network, your router will forward your request to the ISP.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 3. b. To allow access from a range of IP addresses on the Internet, select IP address range. Enter a beginning and ending IP address to define the allowed range. c. To allow access from a single IP address on the Internet, select Only this computer. Enter the IP address that will be allowed access. Specify the Port Number that will be used for accessing the management interface.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 From the Main Menu of the browser interface, under Advanced, click on UPnP. Set up UPnP according to the guidelines below. Turn UPnP On: UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP is disabled. If disabled, the router will not allow any device to automatically control the resources, such as port forwarding (mapping), of the router.
Chapter 8 Troubleshooting This chapter gives information about troubleshooting your 54 Mbps Wall-Plugged Router WGX102. After each problem description, instructions are provided to help you diagnose and solve the problem. Basic Functioning After you turn on power to the router, the following sequence of events should occur: 1. When power is first applied, verify that the Power light 2. After approximately 10 seconds, verify that: is on. a. The power light is solid green. b.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Lights Never Turn Off When the router is turned on, the lights turns on for about 10 seconds and then turn off. If all the lights stay on, there is a fault within the router. If all lights are still on one minute after power up: • Cycle the power to see if the router recovers. • Clear the router’s configuration to factory defaults. This will set the router’s IP address to 192.168.0.1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Troubleshooting the Web Configuration Interface If you are unable to access the router’s Web Configuration interface from a computer on your local network, check the following: • Check the Ethernet connection between the computer and the router as described in the previous section. • Make sure your computer’s IP address is on the same subnet as the router.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Troubleshooting the ISP Connection If your router is unable to access the Internet, you should first determine whether the router is able to obtain a WAN IP address from the ISP. Unless you have been assigned a static IP address, your router must request an IP address from the ISP. You can determine whether the request was successful using the Web Configuration Manager. To check the WAN IP address: 1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Inform your ISP that you have bought a new network device, and ask them to use the router’s MAC address. OR Configure your router to spoof your computer’s MAC address. This can be done in the Basic Settings menu. Refer to “How to Bypass the Configuration Assistant” on page 3-12. If your router can obtain an IP address, but your computer is unable to load any Web pages from the Internet: • Your computer may not recognize any DNS server addresses.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 3. Click on OK. You should see a message like this one: Pinging with 32 bytes of data If the path is working, you see this message: Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see this message: Request timed out If the path is not functioning correctly, you could have one of the following problems: • Wrong physical connections — Make sure the LAN port LED is on.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 — Check to see that the network address of your computer (the portion of the IP address specified by the netmask) is different from the network address of the remote device. — Check that your cable or DSL modem is connected and functioning. — If your ISP assigned a host name to your computer, enter that host name as the Account Name in the Basic Settings menu.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Problems with Date and Time The E-Mail menu in the Content Filtering section displays the current date and time of day. The WGX102 router uses the Network Time Protocol (NTP) to obtain the current time from one of several Network Time Servers on the Internet. Each entry in the log is stamped with the date and time of day. Problems with the date and time function can include: • Date shown is January 1, 2000.
Appendix A Technical Specifications This appendix provides technical specifications for the 54 Mbps Wall-Plugged Router WGX102.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Wireless Radio Data Rates 1, 2, 5.5, 6, 9, 12, 18, 24, 36, 48, and 54 Mbps Auto Rate Sensing Frequency 2.4-2.5Ghz Data Encoding: 802.11b: Direct Sequence Spread Spectrum (DSSS) 802.11g: Orthogonal Frequency Division Multiplexing (OFDM) Maximum Computers Per Wireless Network: Limited by the amount of wireless network traffic generated by each node. Typically 30-70 nodes. Operating Frequency Ranges: 2.412~2.462 GHz (US) 2.457~2.
Appendix B Network, Routing, Firewall, and Basics This chapter provides an overview of IP networks, routing, and networking. Related Publications As you read this document, you may be directed to various RFC documents for further information. An RFC is a Request For Comment (RFC) published by the Internet Engineering Task Force (IETF), an open organization that defines the architecture and operation of the Internet.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Routing Information Protocol One of the protocols used by a router to build and maintain a picture of the network is the Routing Information Protocol (RIP). Using RIP, routers periodically update one another and check for changes to add to the routing table. The WGX102 router supports both the older RIP-1 and the newer RIP-2 protocols. Among other improvements, RIP-2 supports subnet and multicast protocols.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Class A Network Node Class B Network Node Class C Network Node 7261 Figure B-1: Three Main Address Classes The five address classes are: • Class A Class A addresses can have up to 16,777,214 hosts on a single network. They use an eight-bit network number and a 24-bit node number. Class A addresses are in this range: 1.x.x.x to 126.x.x.x. • Class B Class B addresses can have up to 65,354 hosts on a network.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 This addressing structure allows IP addresses to uniquely identify each physical network and each node on each physical network. For each unique value of the network portion of the address, the base address of the range (host address of all zeros) is known as the network address and is not usually assigned to a host.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Subnet addressing allows us to split one IP network address into smaller multiple physical networks known as subnetworks. Some of the node numbers are used as a subnet number instead. A Class B address gives us 16 bits of node numbers translating to 64,000 nodes. Most organizations do not use 64,000 nodes, so there are free bits that can be reassigned. Subnet addressing makes use of those bits that are free, as shown below.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The following table lists the additional subnet mask bits in dotted-decimal notation. To use the table, write down the original class netmask and replace the 0 value octets with the dotted-decimal value of the additional subnet bits. For example, to partition your Class C network with subnet mask 255.255.255.0 into 16 subnets (4 bits), the new subnet mask becomes 255.255.255.240. Table 8-1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • So that hosts recognize local IP broadcast packets When a device broadcasts to its segment neighbors, it uses a destination address of the local network address with all ones for the host address. In order for this scheme to work, all devices on the segment must agree on which bits comprise the host address.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The following figure illustrates a single IP address operation. Private IP addresses assigned by user IP addresses assigned by ISP 192.168.0.2 192.168.0.3 192.168.0.1 172.21.15.105 Internet 192.168.0.4 192.168.0.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 If a device sends data to another station on the network and the destination MAC address is not yet recorded, ARP is used. An ARP request is broadcast onto the network. All stations on the network receive and read the request. The destination IP address for the chosen station is included as part of the message so that only the station with this IP address responds to the ARP request. All other stations discard the request.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 IP Configuration by DHCP When an IP-based local area network is installed, each computer must be configured with an IP address. If the computers need to access the Internet, they should also be configured with a gateway address and one or more DNS server addresses. As an alternative to manual configuration, there is a method by which each computer on the network can automatically obtain this configuration information.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Stateful Packet Inspection Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to ensure secure firewall filtering to protect your network from attacks and intrusions. Since user-level applications such as FTP and Web browsers can create complex patterns of network traffic, it is necessary for the firewall to analyze groups of network connection states.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Table B-1. UTP Ethernet cable wiring, straight-through Pin Wire color Signal 1 Orange/White Transmit (Tx) + 2 Orange Transmit (Tx) - 3 Green/White Receive (Rx) + 4 Blue 5 Blue/White 6 Green 7 Brown/White 8 Brown Receive (Rx) - Category 5 Cable Quality Category 5 distributed cable that meets ANSI/EIA/TIA-568-A building wiring standards can be a maximum of 328 feet (ft.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Inside Twisted Pair Cables For two devices to communicate, the transmitter of each device must be connected to the receiver of the other device. The crossover function is usually implemented internally as part of the circuitry in the device. Computers and workstation adapter cards are usually media-dependent interface ports, called MDI or uplink ports.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Figure B-6: Category 5 UTP Cable with Male RJ-45 Plug at Each End Note: Flat “silver satin” telephone cable may have the same RJ-45 plug. However, using telephone cable results in excessive collisions, causing the attached port to be partitioned or disconnected from the network.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The WGX102 router incorporates Auto UplinkTM technology (also called MDI/MDIX). Each LOCAL Ethernet port will automatically sense whether the Ethernet cable plugged into the port should have a normal connection (e.g. connecting to a computer) or an uplink connection (e.g. connecting to a router, switch, or hub). That port will then configure itself to the correct configuration.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 B-16 Network, Routing, Firewall, and Basics July 2004 202-10036-01
Appendix C Preparing Your Network This appendix describes how to prepare your network to connect to the Internet through the 54 Mbps Wall-Plugged Router WGX102 and how to verify the readiness of broadband Internet service from an Internet service provider (ISP).
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 For the initial setup of your router, you will need to connect a computer to the router. This computer has to be set to automatically get its TCP/IP configuration from the router via DHCP. Note: For help with DHCP configuration, please use the Windows TCP/IP Configuration Tutorials on the NETGEAR 54 Mbps Wall-Plugged Router WGX102 Resource CD (230-10091-01), or in this appendix.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Record Your Internet Connection Information Print this page. Fill in the configuration parameters from your Internet Service Provider (ISP). ISP Login Name: The login name and password are case sensitive and must be entered exactly as given by your ISP. Some ISPs use your full e-mail address as the login name. The Service Name is not required by all ISPs.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Most operating systems include the software components you need for networking with TCP/IP: • Windows® 95 or later includes the software components for establishing a TCP/IP network. • Windows 3.1 does not include a TCP/IP component. You need to purchase a third-party TCP/ IP application package such as NetManage Chameleon. • Macintosh Operating System 7 or later includes the software components for establishing a TCP/IP network.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. Double-click the Network icon. The Network window opens, which displays a list of installed components: You must have an Ethernet adapter, the TCP/IP protocol, and Client for Microsoft Networks. Note: It is not necessary to remove any other network components shown in the Network window in order to install the adapter, TCP/IP, or Client for Microsoft Networks. If you need to install a new adapter, follow these steps: a.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 c. Select Microsoft. d. Select TCP/IP, and then click OK. If you need Client for Microsoft Networks: 3. a. Click the Add button. b. Select Client, and then click Add. c. Select Microsoft. d. Select Client for Microsoft Networks, and then click OK. Restart your PC for the changes to take effect.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Locate your Network Neighborhood icon. • If the Network Neighborhood icon is on the Windows desktop, position your mouse pointer over it and right-click your mouse button. • If the icon is not on the desktop, • Click Start on the task bar located at the bottom left of the window. • Choose Settings, and then Control Panel. • Locate the Network Neighborhood icon and click on it. This will open the Network panel as shown below.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • By default, the IP Address tab is open on this window. • Verify the following: Obtain an IP address automatically is selected. If not selected, click in the radio button to the left of it to select it. This setting is required to enable the DHCP server to automatically assign an IP address. • Click OK to continue. Restart the PC. Repeat these steps for each PC with this version of Windows on your network.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. Type winipcfg, and then click OK. The IP Configuration window opens, which lists (among other things), your IP address, subnet mask, and default gateway. 3. From the drop-down box, select your Ethernet adapter. The window is updated to show your settings, which should match the values below if you are using the default TCP/IP settings that NETGEAR recommends for connecting through a router or gateway: • The IP address is between 192.168.0.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 DHCP Configuration of TCP/IP in Windows XP, 2000, or NT4 You will find there are many similarities in the procedures for different Windows systems when using DHCP to configure TCP/IP. The following steps will walk you through the configuration process for each of these versions of Windows. DHCP Configuration of TCP/IP in Windows XP Locate your Network Neighborhood icon. • Select Control Panel from the Windows XP new Start Menu.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Now you should be at the Local Area Network Connection Status window. This box displays the connection status, duration, speed, and activity statistics. • Administrator logon access rights are needed to use this window. • Click the Properties button to view details about the connection. • The TCP/IP details are presented on the Support tab page. • Select Internet Protocol, and click Properties to view the configuration information.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Verify that the Obtain an IP address automatically radio button is selected. • Verify that Obtain DNS server address automatically radio button is selected. • Click the OK button. This completes the DHCP configuration of TCP/ IP in Windows XP. Repeat these steps for each PC with this version of Windows on your network.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Click on the My Network Places icon on the Windows desktop. This will bring up a window called Network and Dial-up Connections. • Right click on Local Area Connection and select Properties. • The Local Area Connection Properties dialog box appears. • Verify that you have the correct Ethernet card selected in the Connect using: box.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • With Internet Protocol (TCP/IP) selected, click on Properties to open the Internet Protocol (TCP/IP) Properties dialogue box. • Verify that • Obtain an IP address automatically is selected. • Obtain DNS server address automatically is selected. • Click OK to return to Local Area Connection Properties. • Click OK again to complete the configuration process for Windows 2000. Restart the PC.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 DHCP Configuration of TCP/IP in Windows NT4 Once you have installed the network card, you need to configure the TCP/IP environment for Windows NT 4.0. Follow this procedure to configure TCP/IP with DHCP in Windows NT 4.0. • Choose Settings from the Start Menu, and then select Control Panel. This will display Control Panel window. • Double-click the Network icon in the Control Panel window. The Network panel will display.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Highlight the TCP/IP Protocol in the Network Protocols box, and click on the Properties button.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • The TCP/IP Properties dialog box now displays. • Click the IP Address tab. • Select the radio button marked Obtain an IP address from a DHCP server. • Click OK. This completes the configuration of TCP/IP in Windows NT. Restart the PC. Repeat these steps for each PC with this version of Windows on your network. Verifying TCP/IP Properties for Windows XP, 2000, and NT4 To check your PC’s TCP/IP configuration: 1.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • 4. The default gateway is 192.168.0.1 Type exit Configuring the Macintosh for TCP/IP Networking Beginning with Macintosh Operating System 7, TCP/IP is already installed on the Macintosh. On each networked Macintosh, you will need to configure TCP/IP to use DHCP. MacOS 8.6 or 9.x 1. From the Apple menu, select Control Panels, then TCP/IP. The TCP/IP Control Panel opens: 2.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 2. If not already selected, select Built-in Ethernet in the Configure list. 3. If not already selected, Select Using DHCP in the TCP/IP tab. 4. Click Save. Verifying TCP/IP Properties for Macintosh Computers After your Macintosh is configured and has rebooted, you can check the TCP/IP configuration by returning to the TCP/IP Control Panel. From the Apple menu, select Control Panels, then TCP/IP.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Verifying the Readiness of Your Internet Account For broadband access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using a cable modem or DSL modem. This modem must be a separate physical box (not a card) and must provide an Ethernet port intended for connection to a Network Interface Card (NIC) in a computer. Your firewall does not support a USB-connected broadband modem.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • An IP address and subnet mask • A gateway IP address, which is the address of the ISP’s router • One or more domain name server (DNS) IP addresses • Host name and domain suffix For example, your account’s full server names may look like this: mail.xxx.yyy.com In this example, the domain suffix is xxx.yyy.com. If any of these items are dynamically supplied by the ISP, your firewall automatically acquires them.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 If an IP address appears under Installed Gateways, write down the address. This is the ISP’s gateway address. Select the address and then click Remove to remove the gateway address. 6. Select the DNS Configuration tab. If any DNS server addresses are shown, write down the addresses. If any information appears in the Host or Domain information box, write it down. Click Disable DNS. 7.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Restarting the Network Once you’ve set up your computers to work with the firewall, you must reset the network for the devices to be able to communicate correctly. Restart any computer that is connected to the firewall. After configuring all of your computers for TCP/IP networking and restarting them, and connecting them to the local network of your WGX102 router, you are ready to access and configure the firewall.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 C-24 Preparing Your Network July 2004 202-10036-01
Appendix D Wireless Networking Basics Wireless Networking Overview The WGX102 router conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.11g standard for wireless LANs (WLANs). On an 802.11 wireless link, data is encoded using direct-sequence spread-spectrum (DSSS) technology and is transmitted in the unlicensed radio spectrum at 2.5GHz. The maximum data rate for the 802.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Ad Hoc Mode (Peer-to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can generally communicate with any other node. There is no access point involved in this configuration.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The radio frequency channels used are listed in Table D-1: Table D-1. 802.11g Radio Frequency Channels Channel Center Frequency Frequency Spread 1 2412 MHz 2399.5 MHz - 2424.5 MHz 2 2417 MHz 2404.5 MHz - 2429.5 MHz 3 2422 MHz 2409.5 MHz - 2434.5 MHz 4 2427 MHz 2414.5 MHz - 2439.5 MHz 5 2432 MHz 2419.5 MHz - 2444.5 MHz 6 2437 MHz 2424.5 MHz - 2449.5 MHz 7 2442 MHz 2429.5 MHz - 2454.5 MHz 8 2447 MHz 2434.5 MHz - 2459.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 WEP Wireless Security The absence of a physical connection between nodes makes the wireless links vulnerable to eavesdropping and information theft. To provide a certain level of security, the IEEE 802.11 standard has defined two types of authentication methods, Open System and Shared Key. With Open System authentication, a wireless computer can join any network and receive any messages that are not encrypted.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • Shared Key Authentication requires that the station and the access point have the same WEP Key to authenticate. These two authentication procedures are described below. WEP Open System Authentication This process is illustrated in below. Figure D-1: 802.11 open system authentication The following steps occur when two devices use Open System Authentication: 1. The station sends an authentication request to the access point. 2.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 WEP Shared Key Authentication This process is illustrated in below. Figure D-2: 802.11 shared key authentication The following steps occur when two devices use Shared Key Authentication: 1. The station sends an authentication request to the access point. 2. The access point sends challenge text to the station. 3.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Key Size and Configuration The IEEE 802.11 standard supports two types of WEP encryption: 40-bit and 128-bit. The 64-bit WEP data encryption method, allows for a five-character (40-bit) input. Additionally, 24 factory-set bits are added to the forty-bit input to generate a 64-bit encryption key. (The 24 factory-set bits are not user-configurable). This encryption key will be used to encrypt/decrypt all data transmitted via the wireless interface.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How to Use WEP Parameters Wired Equivalent Privacy (WEP) data encryption is used when the wireless devices are configured to operate in Shared Key authentication mode. There are two shared key methods implemented in most commercially available products, 64-bit and 128-bit WEP data encryption. Before enabling WEP on an 802.11 network, you must first consider what type of encryption you require and the key size you want to use.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • • • • Enhanced data privacy Robust key management Data origin authentication Data integrity protection The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected Access products. Starting August of 2003, all new Wi-Fi certified products will have to support WPA. NETGEAR will implement WPA on client and access point products and make this available in the second half of 2003.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 How Does WPA Compare to IEEE 802.11i? WPA will be forward compatible with the IEEE 802.11i security specification currently under development. WPA is a subset of the current 802.11i draft and uses certain pieces of the 802.11i draft that are ready to bring to market today, such as 802.1x and TKIP. The main pieces of the 802.11i draft that are not included in WPA are secure IBSS (Ad-Hoc mode), secure fast handoff (for specialized 802.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared key is an authentication method that uses a statically configured pass phrase on both the stations and the access point. This obviates the need for an authentication server, which in many home and small office environments will not be available nor desirable.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS Wired Network with Optional 802.1x Port Based Network Access Control Wireless LAN WPA enabled wireless client with “supplicant” WPA enabled Access Point using pre-shared key or 802.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Client with a WPAenabled wireless adapter and supplicant (Win XP, Funk, Meetinghouse, etc.) For example, a RADIUS server For example, a WPA-enabled AP 1 2 3 4 6 5 7 Figure D-4: 802.1x Authentication Sequence The AP sends Beacon Frames with WPA information element to the stations in the service set. Information elements include the required authentication method (802.1x or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES).
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 3. The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (e.g., RADIUS). 4.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Temporal Key Integrity Protocol (TKIP) WPA uses TKIP to provide important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. TKIP also provides for the following: • • • The verification of the security configuration after the encryption keys are determined.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Is WPA Perfect? WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the Message Integrity Code (MIC) check within 60 seconds of each other then the network is under an active attack, and as a result, the access point employs counter measures, which includes disassociating each station using the access point.
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 • • • • • The new WPA information element To advertise their support of WPA, wireless APs send the beacon frame with a new 802.11 WPA information element that contains the wireless AP's security configuration (encryption algorithms and wireless security configuration information). The WPA two-phase authentication Open system, then 802.1x (EAP with RADIUS or preshared key).
Reference Manual for the 54 Mbps Wall-Plugged Router WGX102 Changes to Wireless Client Programs Wireless client programs must be updated to permit the configuration of WPA authentication (and preshared key) and the new WPA encryption algorithms (TKIP and the optional AES component). To obtain the Microsoft WPA client program, visit the following Microsoft Web site.
Glossary Use the list below to find definitions for technical terms used in this manual. List of Glossary Terms 10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring. 100BASE-Tx IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring. 802.1x 802.1x defines port-based, network access control used to provide authenticated network access and automated data encryption key management. The IEEE 802.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 ADSL requires a special ADSL modem. ADSL is growing in popularity as more areas around the world gain access. AES Advanced Encryption Standard, a symmetric 128-bit block data encryption technique. It is an iterated block cipher with a variable block length and a variable key length. The block length and the key length can be independently specified to 128, 192 or 256 bits.The U.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 The DMZ sits between the Internet and an internal network's line of defense, usually some combination of firewalls and bastion hosts. Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP) servers, FTP servers, SMTP (e-mail) servers and DNS servers. DNS Short for Domain Name System (or Service), an Internet service that translates domain names into IP addresses.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 transmits that identity to an authentication server such as RADIUS. The server asks the AP for proof of identity, which the AP gets from the user and then sends back to the server to complete the authentication. EAP is defined by RFC 2284. ESP Encapsulating Security Payload. ESSID The Extended Service Set Identification (ESSID) is a thirty-two character (maximum) alphanumeric key identifying the wireless local area network.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 LDAP A set of protocols for accessing information directories. Lightweight Directory Access Protocol LDAP. A set of protocols for accessing information directories. LDAP is based on the standards contained within the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it's a simpler version of X.500, LDAP is sometimes called X.500-lite.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 MTU The size in bytes of the largest packet that can be sent or received. NAT A technique by which several hosts share a single IP address for access to the Internet. NetBIOS The Network Basic Input Output System is an application programming interface (API) for sharing services and information on local-area networks (LANs). Provides for communication between stations of a network where each station is given a name.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 PPPoE PPPoE. PPP over Ethernet is a protocol for connecting remote hosts to the Internet over an always-on connection by simulating a dial-up connection. PPP over ATM PPPoA. PPP over ATM is a protocol for connecting remote hosts to the Internet over an always-on connection by simulating a dial-up connection. PPP over Ethernet PPPoE.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 SSID A Service Set Identification is a thirty-two character (maximum) alphanumeric key identifying a wireless local area network. For the wireless devices in a network to communicate with each other, all devices must be configured with the same SSID. This is typically the configuration parameter for a wireless PC card. It corresponds to the ESSID in the wireless Access Point and to the wireless network name.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 an encryption algorithm and cryptographic keys before data is transmitted or received. Based on Netscape’s SSL 3.0, TLS supercedes and is an extension of SSL. TLS and SSL are not interoperable. Universal Plug and Play UPnP. A networking architecture that provides compatibility among networking technology.
Reference Manual for the 54 Mbps Wireless Router WGR614 v5 WINS WINS. Windows Internet Naming Service is a server process for resolving Windows-based computer names to IP addresses. Wireless Network Name (SSID) Wireless Network Name (SSID) is the name assigned to a wireless network. This is the same as the SSID or ESSID configuration parameter.
Index Numerics D 802.
fully qualified domain name (FQDN) 4-5 log entries 5-6 Logout 3-11, 3-12 G gateway address C-22 H M MAC address 8-7, B-8 spoofing 3-14, 8-5 host name 3-14 Macintosh C-21 configuring for IP networking C-18 DHCP Client ID C-18 Obtaining ISP Configuration Information C-22 I masquerading C-20 IANA contacting B-2 MDI/MDI-X B-15, G-2 IETF B-1 Web site address B-7 metric 7-15 infrastructure mode D-2 N Half Life 7-6 installation 2-4 Internet account address information C-20 establishing C-20 MDI/MD
port forwarding behind NAT B-8 Setup Wizard 3-1 Port Forwarding Menu 7-2, 7-3, 7-4, 7-5 Shared Key authentication D-4 port numbers 5-3 SMTP 5-8 PPP over Ethernet 2-4, C-20 spoof MAC address 8-5 PPPoE C-20 SSID 2-8, 4-3, 4-8, 4-9, D-2 Primary DNS Server 3-14 stateful packet inspection 2-2, B-11 protocols Address Resolution B-8 DHCP B-10 Routing Information 2-3, B-2 support 2-2 Static Routes 7-13 Status Light 2-6 subnet addressing B-4 subnet mask B-5, C-21, C-22 publications, related B-1 T Q Qu
wireless network name 2-8 Wireless Performance 4-1 Wireless Range Guidelines 4-1 Wireless Security 4-2 World Wide Web 1-ii WPA-PSK 4-4 WPA-PSK Password Phrase 4-4 4 Index