Netgear Router

[Terry]

Hi fellow pilots,

I have had a Netgear router installed.

I have the main desktop, Netgear is matched to this computer and it is a Dell, Laptop which is sometimes plugged in with Ethernet cable and sometimes wireless, and a new Acer desktop that is plugged in.

I also have an IPAD and a Droid E-reader.

I have had an unsecured network and now want to add a password to my network, wireless, and also install the IP address where only the above mentioned devices can be on this network.

I can log in to routerlogin.net and on wireless settings under Security have

None
WEP
WPA-PSK [TKIP]
WPA2-PSK [AES]
WPA-PSK [TPIK] + WPA2-PSK [AES]

Which of the above do I check? Currently "None" is checked.

Checking one of these should give me a password required. Is this correct?

Terry

 

[Jaybird180]

Correct.

 

[mikea]

Use WPA2-PSK [AES] on both.

 

[John221us]

Hi fellow pilots,

I have had a Netgear router installed.

I have the main desktop, Netgear is matched to this computer and it is a Dell, Laptop which is sometimes plugged in with Ethernet cable and sometimes wireless, and a new Acer desktop that is plugged in.

I also have an IPAD and a Droid E-reader.

I have had an unsecured network and now want to add a password to my network, wireless, and also install the IP address where only the above mentioned devices can be on this network.

I can log in to routerlogin.net and on wireless settings under Security have

None
WEP
WPA-PSK [TKIP]
WPA2-PSK [AES]
WPA-PSK [TPIK] + WPA2-PSK [AES]

Which of the above do I check? Currently "None" is checked.

Checking one of these should give me a password required. Is this correct?

Terry

You are kind of all over the place in your request, but WPA-PSK [TKIP] should be adequate to secure your wireless. I doubt it has the capability port authentication for your wired connections, but you should be able to create a whitelist of allowed MAC addresses for your wireless device, though, I think you will get tired of administrating that and the above mentioned security should be adequate. Most will let you create a guest VLAN with a separate pass key that will isolate guest traffic to Internet only.

 

[John221us]

Use WPA2-PSK [AES] on both.

Some older devices won't support this, but if all your devices will and you aren't worried about compatibility for guests, this would be the most secure.

 

[Terry]

Okay, thanks.

I have had this router for a couple of years and it has been unsecured. My son, who is a network systems analyst jumped all over me for not securing the network.

He has an extender and has to approve each device before you can use the network. He lives in Missoula, Mt. and they have all kinds of people and problems of network intrusion.

So, I thought I could just easily add the same kind of security he had. However, I live in a small town and have no problem at all. I got to thinking though, that someone could attach to my network and slow mine down.

That is why I was all over the board on the questions. I thought by adding the MAC address I could also add the printers I have and then I would be able to print to any of my printers from any of my devices. Is this correct thinking?

Terry

 

[txshooter]

Okay, thanks.

.... So, I thought I could just easily add the same kind of security he had. However, I live in a small town and have no problem at all. I got to thinking though, that someone could attach to my network and slow mine down.

That is why I was all over the board on the questions. I thought by adding the MAC address I could also add the printers I have and then I would be able to print to any of my printers from any of my devices. Is this correct thinking?

Terry

How do you know you haven't had problems? Others could have been accessing your network all along and using your bandwidth for accessing the internet or worse.

Absolutely follow the instructions and advice the others have posted above. You should have the option on the Netgear router to disable broadcasting your SSID so that it won't appear to other computers as a wireless network. This is an option that I have used in the past/present along with MAC filtering which gives you better security from hackers just messing around.

However, like the others have already said you should be fine as long as you enable the WPA2-PSK [AES] security and give it a good 16 letter/digit password.

 

[Terry]

How do you know you haven't had problems? Others could have been accessing your network all along and using your bandwidth for accessing the internet or worse.

Exactly. That is why I decided to bring it up to date. I have suspicions that it has been happening.

What stops intruders from the "hard wire" connections? From coming through the router?

Firewall? Is it blocked at the router or the computer?

Thanks,
Terry

Absolutely follow the instructions and advice the others have posted above. You should have the option on the Netgear router to disable broadcasting your SSID so that it won't appear to other computers as a wireless network. This is an option that I have used in the past/present along with MAC filtering which gives you better security from hackers just messing around.

However, like the others have already said you should be fine as long as you enable the WPA2-PSK [AES] security and give it a good 16 letter/digit password.

Thanks for the help, guys.

 

[ron22]

Like others said Use WPA2-PSK [AES]
This should be fine as long as you do not make the password. 1234
Unless you really need it the other stuff becomes a pain to maintain.
I bet someone has been on your net work unless you live miles from your neighbors.
I have a "friend" that has been know to pull over on long trips and use people's "free" wireless. Not to hack into their system just to use the Internet.

 

[weilke]

The risk is not someone using your internet access. The risks are:

- someone using your internet access to do something illegal, e.g. build his kiddie-porn collection using an internet address that comes back to you
- someone using your wifi connection to snoop around on your computers.

 

[momalley]

I would use WPA2-PSK [AES] as others have said. You can then either set up an Access List to filter by MAC address to limit access to only your devices

 

[weilke]

I would use WPA2-PSK [AES] as others have said. You can then either set up an Access List to filter by MAC address to limit access to only your devices

If you hardwire the thing that way, you can also switch off the 'broadcast SSID' feature, that way your network doesn't show up for someone who jus scans for it (with some more sophisticated equipment it can of course be found).

Just putting encryption on it is 90% of the defense.

 

[denverpilot]

If you hardwire the thing that way, you can also switch off the 'broadcast SSID' feature, that way your network doesn't show up for someone who jus scans for it (with some more sophisticated equipment it can of course be found).

Just putting encryption on it is 90% of the defense.

Hahaha. "More sophisticated equipment" consists of putting a wireless card into promiscuous mode and listening for about 100 mS with as chatty as most OSs are these days.

Turning off SSID broadcast provides only a feeling of security and superiority. No real results against someone looking. In fact, it probably garners more attention from someone who's bored.

 

[Jaybird180]

Hahaha. "More sophisticated equipment" consists of putting a wireless card into promiscuous mode and listening for about 100 mS with as chatty as most OSs are these days.

Turning off SSID broadcast provides only a feeling of security and superiority. No real results against someone looking. In fact, it probably garners more attention from someone who's bored.

The concept is called Security through Obscurity. While it will not stop or deter a determined attacker, it is effective against those that are only interested in what they can war-drive.

 

[JGoodish]

The concept is called Security through Obscurity. While it will not stop or deter a determined attacker, it is effective against those that are only interested in what they can war-drive.

Not really. Anyone who has the interesting in gaining access to a network will find a non-broadcast SSID the smallest of hurdles to cross.

I used to not broadcast SSID, but I had some devices that would occasionally have connection issues with a non-broadcast SSID. Broadcasting it resolved those issues.


JKG

 

[Terry]

Hi everyone.

I tried adding a password and now I am unable to connect any device to my wireless network.

1. Added password and clicked Apply button. Rebooted IPAD and tried to connect. Would not connect.
2. Tried other boxes, WPA, WPA2, etc using the same Password and still wouldn't connect.
3. Removed password and tried to connect on "Unsecure" network. Will not connect. Tried Windows troubleshooting program.
4. I am hardwired into my NETGEAR router on 2 desktops and 1 laptop. The laptop will not connect to the wireless network and neither will the IPAD connect to the wireless network.
5. Tried rebooting the router. Still no luck.

Sorry guys, but I got myself into a mess. Can we just get connected on "Unsecured" again and let me start over?

Thanks,
Terry

 

[Jaybird180]

Not really. Anyone who has the interesting in gaining access to a network will find a non-broadcast SSID the smallest of hurdles to cross.

I used to not broadcast SSID, but I had some devices that would occasionally have connection issues with a non-broadcast SSID. Broadcasting it resolved those issues.


JKG

Obscuration is not intended to be an obstacle. The idea is based in the principle of least effort for the non-determined exploiter who is also non-specific in his choice of target.

For example: If I am war-driving because I'm in a strange town and I need to get online to get information in an email (and I don't have data services) then I will goto an apartment complex or set of row houses and turn on my network to see what comes up. If I get 3-5 unsecured networks, I will choose one of them and not spend time finding the one who is not broadcasting an SSID, hence obscured.

 

[Jaybird180]

Hi everyone.

I tried adding a password and now I am unable to connect any device to my wireless network.

1. Added password and clicked Apply button. Rebooted IPAD and tried to connect. Would not connect.
2. Tried other boxes, WPA, WPA2, etc using the same Password and still wouldn't connect.
3. Removed password and tried to connect on "Unsecure" network. Will not connect. Tried Windows troubleshooting program.
4. I am hardwired into my NETGEAR router on 2 desktops and 1 laptop. The laptop will not connect to the wireless network and neither will the IPAD connect to the wireless network.
5. Tried rebooting the router. Still no luck.

Sorry guys, but I got myself into a mess. Can we just get connected on "Unsecured" again and let me start over?

Thanks,
Terry

Reboot the router and try to connect (secured) first.

edit: you did that already.

Change the password to something you're sure of

Reduce the level of security, incrementally.

 

[weilke]

Hi everyone.

I tried adding a password and now I am unable to connect any device to my wireless network.

1. Added password and clicked Apply button. Rebooted IPAD and tried to connect. Would not connect.
2. Tried other boxes, WPA, WPA2, etc using the same Password and still wouldn't connect.
3. Removed password and tried to connect on "Unsecure" network. Will not connect. Tried Windows troubleshooting program.
4. I am hardwired into my NETGEAR router on 2 desktops and 1 laptop. The laptop will not connect to the wireless network and neither will the IPAD connect to the wireless network.
5. Tried rebooting the router. Still no luck.

Sorry guys, but I got myself into a mess. Can we just get connected on "Unsecured" again and let me start over?

Thanks,
Terry

Have you deleted the wireless network entry on your PC yet ? Just deleting the password doesn't tell your computer to connect using the secure alrogithm.

 

[Terry]

Okay, I rebooted the router and selected WPA2-PSK [AES]
Password and all is entered and as far as I know, working.

I then refreshed my laptop and it is now asking for a "Network Key" and not the password to connect to the NETGEAR router.

I have stopped everything until I receive a reply on what to do about the network key

 

[weilke]

Okay, I rebooted the router and selected WPA2-PSK [AES]
Password and all is entered and as far as I know, working.

I then refreshed my laptop and it is now asking for a "Network Key" and not the password to connect to the NETGEAR router.

I have stopped everything until I receive a reply on what to do about the network key

Have you entered your password at that prompt ? Sometimes they call it 'network key'.

 

[momalley]

The network key is the WiFi password you designated

 

[Terry]

All right, started from scratch and rebooted router and laptop.

The lap top shows that it recognizes the network, should connect automatically, but will never connect.

So, I am back to square 1.

Unable to correct to wireless on any device.

Gone for awhile. Be back in an hour or so.

 

[Jaybird180]

I had a router once that did funky things until I updated the firmware.
http://support.netgear.com/for_home/default.aspx

However, Terry I'm not certain I would recommend that for you, no offense intended. I would suggest that you get your son (who started all this trouble) remedy this problem for you (seriously). Then he can help explain the what and why of everything.

 

[weilke]

All right, started from scratch and rebooted router and laptop.

The lap top shows that it recognizes the network, should connect automatically, but will never connect.

Assuming that this is a PC, go to wherever you get 'view wireless networks' then go to 'change order of preferred networks' highlight the entry for your network and push the 'delete' button. Click 'ok'. Sometimes it makes sense to reboot the laptop at this point to make it forget everything it ever knew about your network. Once you have it restarted, select the network from the list of availabe networks, enter your password/network key and try to connect again.

 

[mikea]

I know something. You're running Windows.

You have to delete the device, reboot, configure, reboot, reboot, configure, verify, reboot....


...face Redmond and sacrifice a live chicken.

And the network key is the password. Make it easy at first and use a fairly simple word less than 15 characters with no spaces. I have to enter mine repeatedly anyway. It;'s hard to see when you can't see what you'e typing. Check to make sure your caps lock key of off.

Eventually it'll work.

 

[Terry]

I had a router once that did funky things until I updated the firmware.
http://support.netgear.com/for_home/default.aspx

However, Terry I'm not certain I would recommend that for you, no offense intended. I would suggest that you get your son (who started all this trouble) remedy this problem for you (seriously). Then he can help explain the what and why of everything.

I would love to. However, he is in Missoula, Montana and I am in central Kansas.

I know my son is right and I should not have let it go as long as I did. But again, I was trying to make my wireless router more secure to keep others off.

If I remember correctly, the AT&T service technician had trouble with the router and left his password on the router as he could never get it to change. (2 years ago when I was changing ISP,s.)

I may use your link and try and update the router. Worse case, I will just buy another router and set it up correctly.

On a side note, I rebooted the desktop that is linked to the router. It is a Dell desk top that used to sit on my right. Currently it sits on my left.

On the right is a new ACER. When booting up the Dell awhile ago, I received a network conflict notice. So, I shut down the ACER. As soon as I get the wireless network back, I will go and look around and see if I have an old discontinued network in the computer.

I used to have a desktop, printer, and a laptop all networked together. I could print from my wireless laptop or away from the office. I am wondering if some of the old network is causing IP conflicts.

So, back to square 1. Let me go and update the router and I will be back.

Thanks,
Terry

 

[Terry]

Okay, I went back to No Password.

My IPAD picks up the WiFi but will not connect. When I open the WiFi the IPAD asks for DHCP, BootIP, Static, and a bunch of other stuff.

The laptop picks up the WiFi, shows it is okay to connect automatically but will never connect.

Is it possible the router is bad? It was purchased in 2009 and has been working fine until I tried to secure my WiFi.

I tried to update the router through NETGEAR but it quickly became too involved and I quit.

Should I go back and try and update the router again?

Thanks,
Terry

 

[Terry]

I turned of my WiFi on my IPAD and rebooted. It found my network, shows no password required and the little wheel turns for awhile and quits and tries again but will never connect. It appears the router is NOT acknowledging the IPAD.

Does this connection work similar to a fax in that they have to "handshake" first before communicating?

Thanks,
Terry

 

[EppyGA]

I would try telling your iPad to forget the network, shut it down and power up again ans let it find it again.

 

[Terry]

I did and still the same thing.

NETGEAR is the only network showing and it trys and connect but never completes.

If I touch the arrow on NETGEAR, I get sent to a page that has a bar at the top that reads,

DHCP, BOOTP, STATIC (DHCP is highlighted)

Middle reads,

IP ADDRESS
SUBNET MASK
ROUTER
DNS
SEARCH DOMAINS
CLIENT ID

Lower Middle reads,

HTTP PROXY
OFF, MANUAL, AUTO, (Auto is highlighted)

Bottom reads,
URL

 

[EppyGA]

Almost sounds like the DHCP server on the net gear got turned off. Not sure what your network is or exactly how it is configured so it becomes hard to give more specific advice. USUALLY 192.168.1.0 is a commonly used network. If you knew for sure you could try assigning a static address of 192.168.20.1 with a mask of 254.254.254.0 and the gateway of 192.168.1.1 and you might end up connected. If not you just go back to DHCP.

 

[denverpilot]

Can you give the exact model of laptop and router?

It kinda sounds to me like something I ran into once where the old laptop I was messing with couldn't do AES but could do TKIP...

The steps that have to happen are...

- Wireless connection
- (If encryption/security are on, there's some stuff that happens here not worth mentioning.)

At this point you'd have a wireless connection but the machine can't go anywhere.

- Once connected, computer asks a DHCP server (usually the router) for a regular old IP address as if it were wired. (The machine that said it had a "conflict" was complaining that another machine had decided to use its IP address and modern OSs tend to "back off" and relinquish the address in the face of that.) ((((There's another way that can happen if there's a low layer "loop" in your network and the machines see echoes of themselves but that isn't happening here...))))

- Once any machine knows its address it also gets info on who it's router is. It sends all traffic bound for anywhere other than itself to that DHCP assigned router/gateway.

The best command to get an almost complete glimpse of what's happening on Windows is running "ipconfig /all" in a command window. But to untrained folks it looks like gobledeegook. And if the machine isn't on the network it's a little difficult to cut and paste the text so we can see it to help.

There's one other thing... A machine that can't get an address these days will assign itself one from a pool set aside for that, but your router will almost certainly ignore those packets and the machine still won't know who it's router is.

 

[Terry]

Thanks guys.

I have decided to just replace the router. My service technician tried a few years ago to change the password and wasn't able to.

It has not been updated since 2009.

They have an extended boost router that I could use since I am in a 3 story house.

So, I will be off line for awhile and will get back on and bring everyone up to date.

I will set the new router up with a secured wireless like I should have done to start with.

Thanks again for your help.

Terry

 

[Terry]

Happy Camper Terry here!

I went down to my ISP provider and purchased a new Netgear N600 Wireless Dual Band Receiver.

Was relatively easy to install and comes with wireless password already provided.

Any of you guys curious, $110 tax and everything.

One more question, Do I need to tell the router to update every week or so? When I went to router login, there was 1 update that I made. How do I know when to update the router?

Thanks
Terry

 

[EppyGA]

Happy Camper Terry here!

I went down to my ISP provider and purchased a new Netgear N600 Wireless Dual Band Receiver.

Was relatively easy to install and comes with wireless password already provided.

Any of you guys curious, $110 tax and everything.

One more question, Do I need to tell the router to update every week or so? When I went to router login, there was 1 update that I made. How do I know when to update the router?

Thanks
Terry

Reality is you could probably never upgrade and it wouldn't matter. I would say just check every once in awhile. If it's the latest greatest it might have some upgrades early on and then fade away as the software team moves on to the next latest greatest.

 

[Terry]

Why do the router's seem to be in the archaic mode of computing.

It is eerily similar to the modems of 10 years ago where you had to switch this and switch that when you were trying to just connect to the Internet.

It used to be a major undertaking to connect your email because they would ask you for port numbers, server address, and all kinds of junk the average user didn't know.

My latest Internet connection was painless but just trying to secure my wireless network was a major undertaking and cost me money. It was my fault and I am not complaining.

It just appears complicated. Does Apple have this problem?

Thanks,
Terry

 

[denverpilot]

Ooh you'll start a flame war with that question. Ha.

Apple's routers are pretty good. They don't win the speed showdowns with other manufacturers usually, although their announcement to go to the newer over the air gigabit stuff will mean they're probably the widest adoption of that tech for a little while.

The problem generally is that networking is a technology that is incremental... and layered. If one piece isn't working it can be for multiple reasons and each layer is like that.

Making a decision tree that a router could do automatically is a bit tricky.

Then there's us "power users" who call up and annoy the ISP asking if we can just put their router into bridged mode and do our own thing in our routers instead. Heh.

So the user interface on the router still has to show ALL of those features even though the majority of folks are set up the same way.

DHCP/NAT, WPA2/WPA2 Personal.

And then you get little weirdnesses like new standards that aren't standards yet (not ratified for years, including the new Apple thing) so the competitors have to implement it in their routers years before everyone has agreed on how it should work.

All to go faster... faster... faster... Or to be more secure... more secure... more secure...

It'll never really stop. Apple has pretty good user interfaces that seem slightly less confusing for some, but not all. The tech under the hood is the same.

For how fast it has all changed, it isn't that bad I suppose. I remember doing my work from home on an ISDN BRI router with a whopping 64 Kb/s channel and if I downloaded for at least 5 seconds and filled that pipe, the router would bond in a second channel. LOL.

It was an upgrade from the dial-up modem and SLIP connection to the Sun box at the office.

The vast majority of routers are using Broadcomm's chipsets. Many of the claims if differences are false since it's often identical hardware with a different colored plastic box around it.

 

[JGoodish]

Over the years, I've had multiple routers from Linksys and Netgear, and all of them have eventually exhibited sporadic reliability issues. I finally got tired of it, and a couple years ago, gave Apple a try, and... no more reliability issues. I don't like the fact that I have to use a proprietary app to modify the configuration, and Apple has removed some advanced configuration options in later versions of the software, but the hardware just works all of the time without issue. Even with my Windows systems. For me, the investment was worth it.


JKG

 

[silver-eagle]

I went with DD-WRT loaded on a linksys router. Bought flashed that way. One is the primary router and the other a bridge. I have a buffalo router with the same on it. At some time, I will replace the modem and router with the buffalo. Send the modem back to comcast for a $7 a month savings.
I really should get busy with that.
While setting up security is not as intuitive as it should be, it isn't that hard. Switching the connections, on the devices you want to delete the old connection and have it find the new one. Easier if you change the network name first.