Netgear Router WGR614v9 User Manual
Have a look at the manual Netgear Router WGR614v9 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Wireless-G Router WGR614v9 Reference Manual Safeguarding Your Network 2-7 v1.1, May 2008 •Channel. This field determines which operating frequency is used. It should not be necessary to change the wireless channel unless you notice interference problems with another nearby wireless network. The wireless router uses channel bonding technology to extend the bandwidth for data transmission. For more information about the wireless channel frequencies, see the online document that you can access from “Wireless Networking Basics” in Appendix B. •Mode. This field determines which data communications protocol is used. You can choose from: b and g; or g only. •Security Options. The selection of wireless security options can significantly affect your network performance. The time it takes to establish a wireless connection can vary depending on both your security settings and router placement. WEP connections can take slightly longer to establish. Also, WEP, WPA-PSK, and WPA2- PSK encryption can consume more battery power on a notebook computer, and can cause significant performance degradation with a slow computer. Instructions for configuring the security options can be found in “Choosing Appropriate Wireless Security” on page 2-1. A full explanation of wireless security standards is available in the online document that you can access from “Wireless Networking Basics” in Appendix B. 3.Click Apply to save your settings. Configuring WEP Wireless Security WEP Shared Key authentication and WEP data encryption can be defeated by a determined eavesdropper using publicly available tools. WEP offers the following options: •Open System. With Open System authentication and 64 or 128 bit WEP data encryption, the Wireless-G Router does perform data encryption but does not perform any authentication. Anyone can join the network. This setting provides very little practical wireless security. •Shared Key. With Shared Key authentication, a wireless device must know the WEP key to join the network. Select the encryption strength (64 or 128 bit data encryption). Manually enter the key values, or enter a word or group of printable characters in the Passphrase field. Manually entered keys are not case-sensitive, but passphrase characters are case-sensitive.
Wireless-G Router WGR614v9 Reference Manual 2-8 Safeguarding Your Network v1.1, May 2008 To configure WEP data encryption: 1.Select Wireless Settings under Setup in the main menu. 2.In the Security Options section, select WEP. The WEP options display. . 3.Select the authentication type and encryption strength. 4.You can manually or automatically program the four data encryption keys. These values must be identical on all computers and access points in your network. •Automatic. In the Passphrase field, enter a word or group of printable characters, and click Generate. The passphrase is case-sensitive. For example, NETGEAR is not the same as nETgear. The four key fields are automatically populated with key values. •Manual. Enter 10 hexadecimal digits (any combination of 0–9, a–f, or A–F). These entries are not case-sensitive. For example, AA is the same as aa. Select which of the four keys to activate. 5.Click Apply to save your settings. Note: If you use a wireless computer to configure WEP settings, you will be disconnected when you click Apply. You must then either configure your wireless adapter to match the wireless router WEP settings or access the wireless router from a wired computer to make any further changes. Not all wireless adapter configuration utilities support passphrase key generation. Figure 2-3
Wireless-G Router WGR614v9 Reference Manual Safeguarding Your Network 2-9 v1.1, May 2008 Configuring WPA-PSK and WPA2-PSK Wireless Security Wi-Fi Protected Access with Pre-Shared Key (WPA-PSK and WPA2-PSK) data encryption provides extremely strong data security, very effectively blocking eavesdropping. Because WPA and WPA2 are relatively new standards, older wireless adapters and devices might not support them. Check whether newer drivers are available from the manufacturer. Also, you might be able to use the Push N Connect feature to configure this type of security if it is supported by your wireless clients. See “Restricting Wireless Access by MAC Address” on page 2-11. WPA–Pre-Shared Key does perform authentication. WPA-PSK uses TKIP (Temporal Key Integrity Protocol) data encryption, and WPA2-PSK uses AES (Advanced Encryption Standard) data encryption. Both methods dynamically change the encryption keys making them nearly impossible to circumvent. Mixed mode allows clients using either WPA-PSK (TKIP) or WPA2-PSK (AES). This provides the most reliable security, and is easiest to implement, but it might not be compatible with older adapters. To configure WPA-PSK, WPA2-PSK, or WPA-PSK+WPA2-PSK: 1.Select Wireless Settings under Setup in the main menu. 2.Select one of the WPA-PSK or WPA2-PSK options for the security type. The third option (WPA-PSK [TKIP] + WP2-PSK [AES]) is the most flexible, since it allows clients using either WPA-PSK or WPA2-PSK. 3.In the Passphrase field, enter a word or group of 8–63 printable characters. The passphrase is case-sensitive. Note: Not all wireless adapters support WPA. Furthermore, client software is also required. Windows XP with Service Pack 2 does include WPA support. Nevertheless, the wireless adapter hardware and driver must also support WPA. For instructions on configuring wireless computers or PDAs (personal digital assistants) for WPA-PSK security, consult the documentation for the product you are using.
Wireless-G Router WGR614v9 Reference Manual 2-10 Safeguarding Your Network v1.1, May 2008 4.Click Apply to save your settings. Viewing Advanced Wireless Settings This section describes the wireless settings that you can view and specify in the Advanced Wireless Settings screen, which you access under Advanced in the main menu. To configure the advanced wireless security settings of your router: 1.Log in to the router as described in “Logging In to Your Wireless Router” on page 1-2. 2.Select Wireless Settings under Advanced in the main menu. Figure 2-4 Figure 2-5
Wireless-G Router WGR614v9 Reference Manual Safeguarding Your Network 2-11 v1.1, May 2008 The available settings in this screen are: •Enable SSID Broadcast. Clear this check box to disable broadcast of the SSID, so that only devices that know the correct SSID can connect. Disabling SSID broadcast nullifies the wireless network discovery feature of some products such as Windows XP. •Enable Wireless Router Radio. If you disable the wireless router radio, wireless devices cannot connect to the Wireless-G Router. If you will not be using your wireless network for a period of time, you can clear this check box and disable all wireless connectivity. •Enable WMM. Clear this check box to disable WMM. Disabling WMM turns off the wireless prioritization scheme. Note that wireless clients must also support WMM to take advantage of this feature. •Wireless Card Access List. For information about this list, see “Restricting Wireless Access by MAC Address” on page 2-11. . Restricting Wireless Access by MAC Address When a Wireless Card Access List is configured and enabled, the router checks the MAC address of any wireless device attempting a connection and allows only connections to computers identified on the trusted computers list. The Wireless Card Access List displays a list of wireless computers that you allow to connect to the router based on their MAC addresses. These wireless computers must also have the correct SSID and wireless security settings to access the wireless router. The MAC address is a network device’s unique 12-character physical address, containing the hexadecimal characters 0–9, a–f, or A–F only, and separated by colons (for example, 00:09:AB:CD:EF:01). It can usually be found on the bottom of the wireless card or network interface device. If you do not have access to the physical label, you can display the MAC address using the network configuration utilities of the computer. In WindowsXP, for example, typing the ipconfig/all command in an MSDOS command prompt window displays the MAC address as Physical Address. You might also find the MAC addresses in the router’s Attached Devices screen. To restrict access based on MAC addresses: 1.Select Wireless Settings under Advanced in the main menu. Note: The Fragmentation Threshold, CTS/RTS Threshold, and Preamble Mode options are reserved for wireless testing and advanced configuration only. Do not change these settings.
Wireless-G Router WGR614v9 Reference Manual 2-12 Safeguarding Your Network v1.1, May 2008 2.In the Advanced Wireless Settings screen, click Setup Access List to display the Wireless Card Access List. 3.Click Add to add a wireless device to the wireless access control list. The Wireless Card Access Setup screen opens and displays a list of currently active wireless cards and their Ethernet MAC addresses. Figure 2-6 Figure 2-7
Wireless-G Router WGR614v9 Reference Manual Safeguarding Your Network 2-13 v1.1, May 2008 4.If the computer you want appears in the Available Wireless Cards list, you can select the radio button of that computer to capture its MAC address; otherwise, you can manually enter a name and the MAC address of the authorized computer. You can usually find the MAC address on the bottom of the wireless device. 5.Click Add to add this wireless device to the Wireless Card Access List. The screen changes back to the list screen. 6.Repeat step 3 through step 5 for each additional device you want to add to the list. 7.Select the Turn Access Control On check box. 8.Click Apply to save your Wireless Card Access List settings. Now, only devices on this list can wirelessly connect to the Wireless-G Router. Tip: You can copy and paste the MAC addresses from the router’s Attached Devices screen into the MAC Address field of this screen. To do this, configure each wireless computer to obtain a wireless link to the router. The computer should then appear in the Attached Devices screen. Note: When configuring the router from a wireless computer whose MAC address is not in the Trusted PC list, if you select Turn Access Control On, you lose your wireless connection when you click Apply. You must then access the wireless router from a wired computer or from a wireless computer that is on the access control list to make any further changes. Wa r n i n g : MAC address filtering adds an obstacle against unwanted access to your network by the general public. However, because your trusted MAC addresses appear in your wireless transmissions, an intruder can read them and impersonate them. Do not rely on MAC address filtering alone to secure your network.
Wireless-G Router WGR614v9 Reference Manual 2-14 Safeguarding Your Network v1.1, May 2008 Changing the Administrator Password The default password for the router’s Web Configuration Manager is password. NETGEAR recommends that you change this password to a more secure password. To change the administrator password: 1.On the main menu, under Maintenance, select Set Password to display the Set Password screen. 2.To change the password, first enter the old password, then enter the new password twice. 3.Click Apply. Tip: Before changing the router password, back up your configuration settings with the default password of password. If you save the settings with a new password, and then you later forget the new password, you will have to reset the router back to the factory defaults, and log in using the default password of password. This means you will have to re-enter all the router configuration settings. For information about how to back up your settings, see “Backing Up and Restoring the Configuration” on page 6-6. Figure 2-8
Wireless-G Router WGR614v9 Reference Manual Safeguarding Your Network 2-15 v1.1, May 2008 Backing Up Your Configuration The configuration settings of the Wireless-G Router are stored within the router in a configuration file. You can back up (save) this file and retrieve it later. NETGEAR recommends that you save your configuration file after you complete the configuration. If the router fails or becomes corrupted, or an administrator password is lost, you can easily re-create your configuration by restoring the configuration file. For instructions on saving and restoring your configuration file, see “Managing the Configuration File” on page 6-6. Understanding Your Firewall Your Wireless-G Router Model WGR614v9 contains a true firewall to protect your network from attacks and intrusions. A firewall is a device that protects one network from another while allowing communication between the two. Using a process called Stateful Packet Inspection, the firewall analyzes all inbound and outbound traffic to determine whether or not it will be allowed to pass through. By default, the firewall allows any outbound traffic and prohibits any inbound traffic except for responses to your outbound traffic. However, you can modify the firewall’s rules to achieve the following behavior: •Blocking sites. Block access from your network to certain Web locations based on Web addresses and Web address keywords. This feature is described in “Blocking Access to Internet Sites” on page 3-1. •Blocking services. Block the use of certain Internet services by specific computers on your network. This feature is described in “Blocking Access to Internet Services” on page 3-3. •Scheduled blocking. Block sites and services according to a daily schedule. This feature is described in “Scheduling Blocking” on page 3-5. Tip: Before saving your configuration file, change the administrator password to the default, password. Then change it again after you have saved the configuration file. If you save the file with a new password, and then you later forget the new password, you will have to reset the router back to the factory defaults and log in using the default password of password. This means you will have to re-enter all the router configuration settings.
Wireless-G Router WGR614v9 Reference Manual 2-16 Safeguarding Your Network v1.1, May 2008 •Allow inbound access to your server. To allow inbound access to resources on your local network (for example, a Web server or remote desktop program), you can open the needed services by configuring port forwarding as described in “Allowing Inbound Connections to Your Network” on page 5-1. •Allow certain games and applications to function correctly. Some games and applications need to allow additional inbound traffic in order to function. Port triggering can dynamically allow additional service connections, as described in “Allowing Inbound Connections to Your Network” on page 5-1. Another feature to solve application conflicts with the firewall is Universal Plug and Play (UPnP), described in “Using Universal Plug and Play” on page 5-12.