1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing new wireless connection

Discussion in 'Networks & Internet Connectivity' started by Big Chris, 15 Jan 2006.

  1. Big Chris

    Soldato

    Joined: 5 Apr 2004

    Posts: 5,383

    Location: Chipping Norton

    Currently got two machines connected via a wired router, have now added a wireless access point to allow a laptop to join the network.

    At the moment it's open, and I assume anyone within range can sneak in so I need to do something about it. Using the laptop, I've found the Network Authentication settings which are set to Open at the mo. Further options are Shared, WPA or WPA-PSK. Which of these would be best to use? Can I set it so the laptop user just needs to enter a password to get on the network, and the two wired computers connect as normal?

    This networking stuff usually goes over my head pretty quickly so keep it simple if you can, thanks!
     
  2. Burbleflop

    PermaBanned

    Joined: 7 May 2003

    Posts: 4,247

    Location: Away from here

    Go for WPA-PSK with a nice long preshared key.
     
  3. tolien

    Caporegime

    Joined: 16 May 2003

    Posts: 25,368

    Location: ::1

    The WPA PSK is about as close to a password as you're going to get, though the laptop should store it once it's been entered (for one, because it should ideally be close to the maximum size you can use).
    The wired machines don't see any difference, it's purely between the wireless device(s).
     
  4. Big Chris

    Soldato

    Joined: 5 Apr 2004

    Posts: 5,383

    Location: Chipping Norton

    Hmmmm... having a little trouble.

    I went to the wireless connection settings on the laptop, and under Network Authentication selected WPA-PSK, which then gave two options for encryption: TKIP and AES. I entered and confirmed an alpha-numeric password (13 characters total) and OK'd the settings. This knocked the laptop offline immediately and the status said that it was unable to connect to the wireless network, and IE would not load. A box appeared offering to troubleshoot, then gave the option to connect again which I did, but it told me the connection was unsecured.

    I rebooted the machine to see what would happen and it connected straight away to the network, allowing IE to load web pages. I checked the settings again and everything had reverted, back to Open with no encryption. I went through the whole process again and exactly the same happened.

    Any idea where I'm going wrong?
     
  5. tolien

    Caporegime

    Joined: 16 May 2003

    Posts: 25,368

    Location: ::1

    That's normal. You should've been required to enter the PSK on the laptop though.

    The settings weren't saved?
     
  6. Big Chris

    Soldato

    Joined: 5 Apr 2004

    Posts: 5,383

    Location: Chipping Norton

    There was no option to save/apply any changes within the network settings, which I did think was a little odd, but when I OK'd it knocked the laptop offline so I assumed it had worked. No password was requested when trying to reconnect either.
     
  7. Mr Blonde

    Caporegime

    Joined: 18 Oct 2002

    Posts: 30,872

    Location: Liverpool -> London

  8. Uhtred

    Soldato

    Joined: 18 Oct 2002

    Posts: 5,906

    Location: Hertfordshire

    try setting the router up with a pc connected with a cable rather thn your laptop
     
  9. Big Chris

    Soldato

    Joined: 5 Apr 2004

    Posts: 5,383

    Location: Chipping Norton

    Ok, I'm getting a little lost here.

    I thought I was supposed to be making these changes on the wirelessly connected laptop, and not in the wired router config page? I only want the wireless laptop to have to enter a password, the two machines connected via the wired router should continue as normal.

    I'm looking in the network connection properties on the laptop, which is where it mentions the methods of Network Authentication. Is there anywhere else I should be looking to set a password? I thought it was pretty straight forward but it doesn't give me the option to apply any changes I made, and the laptop is still not prompted for a password at any stage having rebooted.

    I'm using:

    Linksys BEFSR41 wired cable router (two machines connect through this)
    Linksys WAP54G wireless access point (one machine connects through this)
     
    Last edited: 16 Jan 2006
  10. Burbleflop

    PermaBanned

    Joined: 7 May 2003

    Posts: 4,247

    Location: Away from here

    You need to make the changes on the WAP54G and to the laptop. Just changing the laptop will (as you've seen), not work. The reason you're not being prompted for the PSK on the laptop is that the WAP54G isn't set to require one to allow clients to connect.

    Easiest way is to open the web management page for the WAP54G on one of the wired machines, go to the wireless settings, enable WPA-PSK and enter a nice long preshared key. Apply the changes. The laptop will drop the wireless connection at this point as it doesn't have the PSK yet.

    Tell the laptop to scan for networks, it should find your network and prompt you for the encryption key, enter the PSK you entered into the WAP54G and you should be back up and running. I think you can either save the PSK or be asked for it each time the laptop tries to connect.

    This won't affect the wired PCs in the slighest.
     
  11. Big Chris

    Soldato

    Joined: 5 Apr 2004

    Posts: 5,383

    Location: Chipping Norton

    Thanks a lot Burbleflop, you and Tolien have been very helpful (and patient!).

    What does preshared key (PSK?) mean though, just a password?

    And lastly, will the WAP54G have it's own IP address, I just use 192.168.1.1 to get into the wired router config, not sure about the wireless one though?

    Thanks again guys, I owe a few beers at least when all this is done :).
     
  12. tolien

    Caporegime

    Joined: 16 May 2003

    Posts: 25,368

    Location: ::1

    Loosely, yes.

    They should be the same, but it's completely transparent.
     
  13. Burbleflop

    PermaBanned

    Joined: 7 May 2003

    Posts: 4,247

    Location: Away from here

    I don't think so. The first post says:

    If you don't know the IP address of the AP, then I would assume it is getting one from DHCP. Check the 'Connected Devices' (or whatever it is called on the wired router) and you may see the IP address and MAC address of the AP listed there.
     
  14. tolien

    Caporegime

    Joined: 16 May 2003

    Posts: 25,368

    Location: ::1

    What about it? :confused:
    Neither machine needs to be aware of the AP's IP address, other than to access the web interface. Ergo, it's "completely transparent".

    The addresses on the LAN and wireless sides should be the same as well.

    It is known though :p

     
  15. Burbleflop

    PermaBanned

    Joined: 7 May 2003

    Posts: 4,247

    Location: Away from here

    Unless I'm a bit confused, the OP is using a seperate router and AP. In that case the AP will have a seperate IP address to the router.

    I didn't say that the PC's needed to know the IP of the AP, but the OP (too many abbreviations!) said he accessed the wired router using 192.168.1.1 - that isn't the AP so he'll need to IP of the AP to get into the web management of it to enable WPA.
     
  16. tolien

    Caporegime

    Joined: 16 May 2003

    Posts: 25,368

    Location: ::1

    Ah, yep :o

    Yup. The answer is in the manual (192.168.1.245).
     
  17. Big Chris

    Soldato

    Joined: 5 Apr 2004

    Posts: 5,383

    Location: Chipping Norton

    Thanks again fellas, sorry for any confusion!

    Just to clarify, I have a wired router (Linksys BEFSR41) and a wireless access point (Linksys WAP54G) plugged into it.

    I access the wired router with 192.168.1.1 and you're saying I need 192.168.1.245 to access the wireless AP config? (don't have the manual to check). Is it best to make these changes from one of the wired machines and not the laptop?

    Once there, I set up WPA-PSK then get the laptop to search for networks at which point it should find ours and be prompted for the password? Do I need to run through the same settings again on the laptop in Network Properties > Network Authentication?

    Apologies for the n00bness here, I don't like playing with network stuff as it always goes wrong unless I'm under direction. This results in me taking grief from the other guys on the network, then having to call on mates to come and fix it who I have to pay in beer and food.
     
  18. Burbleflop

    PermaBanned

    Joined: 7 May 2003

    Posts: 4,247

    Location: Away from here

    What you've said is all correct. You won't need to add the same settings in Network Properties > Network Authentication on the laptop though, when you scan for networks and enter the PSK, it'll do the necessary for you.
     
  19. Big Chris

    Soldato

    Joined: 5 Apr 2004

    Posts: 5,383

    Location: Chipping Norton

    Ok, cheers. I'll give it a try when I get home and let you know how I get on.
     
  20. tolien

    Caporegime

    Joined: 16 May 2003

    Posts: 25,368

    Location: ::1

    a) the manual's on the Linksys site, and b) yes, that's what it says the default IP is.

    Yup.