Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Just got a WGR614 Netgear router and need help


  • Please log in to reply

#1
brf4n

brf4n

    Member

  • Member
  • PipPip
  • 20 posts
Hello everyone,

As the topic says, I just got a WGR614 Netgear router. I'd like to know how to keep people from accessing my network.

Also, there is another router within range (the next house over), so how do I know my computer is accessing MY router and not the one across the street?

I'm really new to all of this so if I could get some help that would be great.

Thanks!
  • 0

Advertisements


#2
Kurt_Aust

Kurt_Aust

    Member

  • Member
  • PipPipPip
  • 129 posts
Of course the best security is just to use the wired portion, but failing that this is how I have mine set up, starting from the bottom.

UPnP: Disable (no point letting Trojans and others control internet access to your network)

Remote Management: Make sure it's off !!

Wireless Setup: Disable Wireless Access Point (for now)
. . . . . . . . . . . Disable SSID Broadcast
. . . . . . . . . . . Setup Wireless Access Card List
. . . . . . . . . . . Turn Access Control On
. . . . . . . . . . . Enter the MAC Addresses of every wireless interface card you intend to allow to access your network and give them a name.

LAN IP Setup: Reserve by MAC address low range IPs for your computers (192.168.0.2, 192.168.0.3, etc.)
. . . . . . . . . . Set the upper limit of the DHCP server to the highest number you have entered.

WAN Setup (these are all defaults): Auto Connect checked
. . . . . . . . . Disable SPI Firewall, DMZ Server & Respond to Ping unchecked

Port Triggering: Disable all rules (I haven't had any problems, but if you use one of these apps you may have to turn that rule on)

Port Forwarding: Add a new custom rule, "IDENT", port 113 and send it off to 192.168.0.254 (into the ether). The router responds to internet queries on port 113 as closed rather than stealth mode, this will fix it.

Set Password: Choose one for your router, NOT a real word or name.

Block Services: Add a custom service that blocks all ports (1-65534, TCP/UDP) for IP addresses outside the range you have already reserved and set it to always block. (If you want to limit users to standard internet services you can block ports 1280-65534 on their machine via assigned IP as well)

Wireless Settings: Choose a SSID, password type rules apply, for example you will encrypt the transmission so that it will be gibberish, so a password could be "G166er1sh". Do not use your workgroup name.
. . . . . . . . . . . You may need to change the wireless channel if you suffer interference
. . . . . . . . . . . Use WPA-PSK and again use password rules when selecting a keyphrase

You can turn the wireless access point back on now. Some of this is probably a bit over the top, but you asked for it.

To tell if you are accessing the right router you can look at the attached devices section. However as you should only be able to connect to a router on the same channel with the same SSID, it is more than unlikely that you'll connect to your neighbours router

Edited by Kurt_Aust, 29 October 2005 - 06:00 AM.

  • 0

#3
brf4n

brf4n

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
that's a mouthful. i just set up mac address filtering to keep other users out. everytime i set up encryption i am unable to connect though. same goes with just about every other type of filtering.
  • 0

#4
Kurt_Aust

Kurt_Aust

    Member

  • Member
  • PipPipPip
  • 129 posts
MAC address filtering will stop any of your neighbours connecting accidentally, but will not stop a determined hacker. For why this is so read the latest Security Now !

Of course if you know that your neighbours are trustworthy and/or lack advanced computer skills, that should be enough.
  • 0

#5
brf4n

brf4n

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Some questions:

When I block services, what should be the last IP? Since my computer is at 192.168.1.3, I have the blocking going from 192.168.1.4 to 192.168.1.55. Is this correct?

Should I think about WEP or WPA-PSK security?

I did everything else, so hopefully everything is secure.
  • 0

#6
brf4n

brf4n

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Crap. I have a problem. I can't access the router anymore. It gives me: (192.168.1.3) is managing this device. That is my wireless card's IP. My ethernet port is at 192.168.1.1 which is what I use to access the router...the *only* way I can access my router. But, I can't even access the router from my wireless card which is 192.168.1.3. I can only access my neighbor's router from that IP (ever since I disabled SSID broadcast).

How do I fix this? It seems like everytime I disable the SSID broadcast, I can't connect to the router through the wireless card. But now I can't even access the router period.
  • 0

#7
brf4n

brf4n

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
wait nevermind, it just started working again.

the ssid thing baffles me though. i'm going to have to turn the broadcasting on. what could be the problem there?

also, under port forwarding, i put in 192.168.1.254 instead of 192.168.0.254 for the IDENT address. it seems like all in all the ips you gave me, where there was a 0, I had a 1. does that sound like a working substitution?

thanks for help ing out.
  • 0

#8
Kurt_Aust

Kurt_Aust

    Member

  • Member
  • PipPipPip
  • 129 posts
Under my WGR614v4 all the IP addresses are in the format 192.168.0.x, I can only alter the last digit. If yours is similar but in the format 192.168.1.x, then yes, you only have to match the last digit. The discrepancy is probably due to a difference in chipset version and/or firmware.

You may as well block 192.168.1.4 - 192.168.1.255.

WEP is apparently highly flawed, you should use WPA-PSK (and it's easier to set up to boot).

If SSID is turned off, the wireless card in your laptop will not be able to detect your wireless network (and that's the point, neither can anyone else WHILE you are not acessing it). You will have to go into the network connections properties for your wireless card and enter the channel and SSID directly (or there might be some driver software installed for that model card).
  • 0

#9
brf4n

brf4n

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
thanks a lot.

i couldn't find a place anywhere in the properties window of my Atheros AR5004G Wireless Network Adapter though.
  • 0

#10
brf4n

brf4n

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
since i don't have windows xp (i use 2000) i can't use the configuration tool. i'm guessing the same place i input the ssid i could also input the WPA key...

ok, nevermind, i just found the software and got everything configured.

thanks a lot kurt!

Edited by brf4n, 31 October 2005 - 03:13 AM.

  • 0

#11
Kurt_Aust

Kurt_Aust

    Member

  • Member
  • PipPipPip
  • 129 posts
Well, the option has to be there somewhere, perhaps there are updated drivers and/or firmware on the website of the maker of your laptop.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP