Author Topic: Adding a wireless Access Point to my Network Switch - Recommendations?  (Read 2838 times)

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
I have an ipcop linux machine running which is the firewall for my entire house. It feeds a Linksys 8 port ethernet switch that feeds my printer and two desktop PCs. I want to add a wireless access point to one of the 8 ports for a future laptop and my Sony PS3. The access point my be able to tranmit through walls in order to get to my farthest downstairs room from it. I think a 200 to 300 ft distance is adequate.

What is recommended? How do I keep those people outside of the house from accessing it? Any recommendations on an access point? I prefer a a linksys to match my router, but am not married to the idea. What standards should I look for in the access point?

This is my first time delving into wireless, so I am asking those who have been there before.

Thanks,

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline Buffalo2102

  • Master Poaster
  • ****
  • Posts: 1073
  • Just for Ace...
200 to 300 ft is quite a long way for curretn standards when also going through walls etc.  Whizbang should be able to tell you some things about extending a network that sort of distance.

The wireless N standard may be good for what you need as it supports more reliable connection over long distances but the standard isn't ratified yet and you may want to wait for that first.  Wireless G may be OK but there is no real way to tell until you have actually bought the kit and set it up in the environment.

If you can't wait, I owned a Linksys WAP-54G access point for quite a while and found it to be excellent.  That or a newer version should do the job.

Blocking unauthorised access is fairly simple - just set the access point to encrypt using a key of your choice.  You then setup the same key on any clients you need to access the network.  You can also setup a MAC address filter list I think.

Buff
Vista x64 Home Premium. Intel Core 2 Duo E8400 Abit IP35, 4 Gig Kingston HyperX PC8500C5 DDR2, GTX260, Creative X-Fi Extreme Gamer, Antec 900 Gaming Case.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
« Last Edit: Aug 20, 2007, 08:40 AM by Whizbang »

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
So it doesn't sound like I can connect a single wireless access point (no other hardware) in my office (upstairs on one end of house) and be able to connect from downstairs (opposite end of house, but both are on the front)??

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
« Last Edit: Aug 20, 2007, 08:44 AM by Whizbang »

Offline scuzzy

  • Forum Cop
  • Administrator
  • xTreme Poaster
  • *****
  • Posts: 4584
  • Caveat Empty: Beware of jesters
I find a wireless spider web very interesting. I can't wait to see the PBS documentary on how a spider catches its prey using a Belkin router. As Spock would say, "Fascinating."

I control which computers access my network wirelessly by using the wireles MAC filter on my Linksys router. A wireless computer with a MAC address that is not on my list is unable to access the network.

For security I use the highest settings that my router allows. I also use a strong password that would be very difficult to break, and I changed the wireless network name (SSID) from "Linksys" to something else not easily guessed.

Scuzzy; Don't use "AceBozo" since everybody knows that one.
Antec Performance TX640B Case | WinXP Pro SP3 & Win7 64-bit | Gigabyte GA-EP45-UD3R | Intel Core 2 Duo E8500 Wolfdale LGA 775 3.16GHz Dual-Core | 8GB (4x2GB) PC6400 G-Skill RAM | eVGA 7600GT 256MB PCI-E | 74GB WD Raptor SATA 16MB Cache | 74GB WD Raptor SATA 8MB Cache | 320GB Seagate Barracuda SATA 16MB Cache | External 640GB WD Caviar SATA 32MB Cache | Sony DRU-V200S DVD/RW | PC Power & Cooling Silencer 500W | Samsung SyncMaster 2494 (24") LCD Monitor | LG Flatron W2361V (23") LCD Monitor

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
Thanks, Scuzzy.  Here is a site that lists many ways of securing a network.  I am going the MAC route.  Since I live in the country, the main problem would be any bubbleheads that visit my daughter.  Call it fatherly concern or factual reality, but my observation is that many of the generations her age and younger fit my definition.  I must at least assume that they do.   

Later Edit:  I just put all three computers on the static list with cloned MAC addresses.  I also password protected the router to prevent the "Bubblehead" invasion.  I think that should be all I need.  Thanks again.  :)
« Last Edit: Aug 19, 2007, 12:27 PM by Whizbang »

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
Thanks for the information. I might try something out to see how it works.

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline scuzzy

  • Forum Cop
  • Administrator
  • xTreme Poaster
  • *****
  • Posts: 4584
  • Caveat Empty: Beware of jesters
I forgot to add that after changing the wireless network name (SSID), you must also uncheck "Broadcast SSID" (or similar wording). By doing so, your wireless router will not automatically transmit the SSID to whomever. You'll have to manually enter future wireless connections through the "New Wireless Network" wizard (in Windows XP), but this is easily done.

To further enhance wireless security, choose WAP2 (AES) over WAP or WEP. Also, set the router so that the settings can only be accessed by hardwire, not by wireless. (For Linksys, this setting is under Administration>>Management>>"Web Utility Access via Wireless")

Combined with a strong password, these settings will prevent all but the most absolute, determined hacker from cracking into your wireless network.

Scuzzy; "BoneheadedAceBozo" isn't a good password either, since everybody also knows that one.
Antec Performance TX640B Case | WinXP Pro SP3 & Win7 64-bit | Gigabyte GA-EP45-UD3R | Intel Core 2 Duo E8500 Wolfdale LGA 775 3.16GHz Dual-Core | 8GB (4x2GB) PC6400 G-Skill RAM | eVGA 7600GT 256MB PCI-E | 74GB WD Raptor SATA 16MB Cache | 74GB WD Raptor SATA 8MB Cache | 320GB Seagate Barracuda SATA 16MB Cache | External 640GB WD Caviar SATA 32MB Cache | Sony DRU-V200S DVD/RW | PC Power & Cooling Silencer 500W | Samsung SyncMaster 2494 (24") LCD Monitor | LG Flatron W2361V (23") LCD Monitor

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
We bought my wife an HP laptop and I bought us a Netgear RangeMax Next Wireless-N router that I plugged into our switch. I have the router configured with a wireless encryption password and have it set up to only allow my PS3 and laptop to connect to it. It works all over the house and I even get a great strong signal downstairs.

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
"N" routers are reportedly much better than "G" and certainly better than "B."  Seems that you made a potentially challenging job easy.   8)

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
"N" routers are reportedly much better than "G" and certainly better than "B."  Seems that you made a potentially challenging job easy.   8)

The laptop has a "N" capability and found I found that "N" was much faster than "G" and had better range. No more getting PS3 updates onto a thumb drive and then putting the thumb drive into my PS3. I can do it direct now. Also, no more wife working in the computer room when I am watching football downstairs. She can now be downstairs too (she likes to be together).

We also have a laptop for taking on vacation.  ;D

Thanks for all of the help. At the farthest place in the house from the router, we still get "very good" to "excellent" reception. The PS3 is only a "G" device, but it still sees around 50% signal.

Mark H; Internet has gone portable and it isn't my cell phone this time.
Enjoy the nature that is around you rather than destroying it.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
My daughter's "G" card is my main problem.  It got "sick."  I keep having to restart it, not good.  I am going to have to replace it and have decided on a brand matched D-Link "G."

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
Keep us poasted. This could be a good learning  thread for wireless newbies! I have quickly come to be a fairly advanced user with it since it isn't too difficult.

I can see that my neighbor has a wireless network and someone else has a linksys network. As a result, I'm sure they can see mine, which is why I wanted more security.

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline scuzzy

  • Forum Cop
  • Administrator
  • xTreme Poaster
  • *****
  • Posts: 4584
  • Caveat Empty: Beware of jesters
Mark,

Once you have everything set up and working properly, you should immediately disable SSID broadcasting. This will greatly reduce the possibility of your neighbors attempting to hack your wireless network.
Antec Performance TX640B Case | WinXP Pro SP3 & Win7 64-bit | Gigabyte GA-EP45-UD3R | Intel Core 2 Duo E8500 Wolfdale LGA 775 3.16GHz Dual-Core | 8GB (4x2GB) PC6400 G-Skill RAM | eVGA 7600GT 256MB PCI-E | 74GB WD Raptor SATA 16MB Cache | 74GB WD Raptor SATA 8MB Cache | 320GB Seagate Barracuda SATA 16MB Cache | External 640GB WD Caviar SATA 32MB Cache | Sony DRU-V200S DVD/RW | PC Power & Cooling Silencer 500W | Samsung SyncMaster 2494 (24") LCD Monitor | LG Flatron W2361V (23") LCD Monitor

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
Mark,

Once you have everything set up and working properly, you should immediately disable SSID broadcasting. This will greatly reduce the possibility of your neighbors attempting to hack your wireless network.

Actually, I already did that. The neighbors will only see an unnamed wireless network. As a result, they will need to meet the three criteria to get in:

  • Know the wireless network name (case sensitive)
  • Know the network password (case sensitive)
  • Have their MAC address listed in the router allowable MAC address list

My neighbor has a wireless network in which I know the network name and it is unsecured. I could break into it easily if I wanted. I know who it is, so I am going to give him some tips when I see him.

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
The Belkin PCI NIC was bad on my wireless setup.  I replaced it with a D-Link WDA-2320 IEEE 802.11b/g PCI Rangebooster "G."  Forget the Rangebooster part.  My old Belkin actually had more zap while it was working.  The D-Link is ok, but I am a bit concerned about a lingering residual Linksys network.  I removed the Linksys Access point and never installed any software.  It was basically just plug and play once the access point values were entered into the Linksys.  Here is the picture of the problem.  I have submitted the same to Broadband Reports D-Link Forum but have received no response.


The old Linksys name is correct but the MAC values and actual network name are baloney just to protect my network (compliments of Windows Paint retouch).  As you can see, the Linksys network is showing a 22% contribution to an essentially non-existent service.  My first reaction was that I was tapping into another unprotected network, but there are no houses nearby, and certainly not any that have any interest in networking. 

My antennas are highly directional,
Wireless SSID name is changed,
SSID Broadcasting is off,
MAC Addresses are cloned and set as filters,
Static IPs are assigned to all three computers,
Router is set with password that is not stored on wireless unit.

There is no listing of any other network in hardware devices in daughter's computer, only the D-Link.  I have tried setting the channels manually because the ghost Linksys always appears on channel 6, but I cannot get an Internet connection on manual setting, even though I set the "hondo29" (fake name) as the active network.  I tried tapping the Linksys entry, but the actual network was dead to any Internet reception, even with a 22% signal showing.  I am also wondering if this ghost reception is also responsible for the 21% to 22% drop from my initial network readings when I first set it all up two years ago. Any takers here?  I see potential doctoral theses written all over this.    ;D

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
My wife came downstairs to tell me she couldn't print. I came up and found no network printer connection. I then rebooted everything and still no printer connection. I turned on the laptop with the same results. I could not see the print server. I went out today and bought another one and presto, I now have a printer again (after setting everything up on three PCs and one print server).

Whizbang, you should try the wireless router I bought. It has a very strong signal once you get everything set up.

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
The idea is inviting, but that would require another access point or PCI NIC at daughter's house that is compatible with "N" series.  I do have the old Channel Master parabolic antenna that I may tinker with when we finally get some cool weather.  I had to cut down a flowering crabapple today that was growing up around the main Windstream telephone cable.  After about 30 minutes of fighting with the chainsaw, I was drained from the heat.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
A bit disconcerting, but the other network apparently is another network from a neighbor's system.  That would have to be a very good transmitter for me to be able to detect it because it would have to be from the other side of my house and about 1/4 mile away.  I guess I am not as "in the sticks" as I thought.  Out of curiosity, I tried connecting; but the network, if real, must have at least some security measures in place because it comes up nil on an internet try.  The "G" card indicates connectivity, but there is no ability to tap into the internet.  If this failed Belkin "G" card event had not occurred, I would have been vulnerable because I had no idea that a signal could be detected at that distance.  Since the antenna from my daughter's house is beamed in that direction, albeit shielded by my house, I was shooting a concentrated "invitation" right at him.  If this is the neighbor I am thinking it is, he is as trustworthy as a rattlesnake.

Offline Buffalo2102

  • Master Poaster
  • ****
  • Posts: 1073
  • Just for Ace...
Well, in that case it is a good thing that he has his own network then!  He is not likely to try to tap into yours now.
Vista x64 Home Premium. Intel Core 2 Duo E8400 Abit IP35, 4 Gig Kingston HyperX PC8500C5 DDR2, GTX260, Creative X-Fi Extreme Gamer, Antec 900 Gaming Case.

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
I find that when downstairs and sometimes in the same room as my wireless router, I have to reboot the router before the laptop or the PS3 can see the wireless network. Does the router go to a lower power when idle???

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
Does the router go to a lower power when idle???

Mark H
  Not to my knowledge.  I would check with the manufacturer tech support.  D-Link gives excellent email help.  Linksys has live online help.  D-Link may, but I never really checked.

Offline Buffalo2102

  • Master Poaster
  • ****
  • Posts: 1073
  • Just for Ace...
I don't think that the router goes into a lower power state but laptop network adapters definitely do, depending on the chosen power-saving scheme.

I had the same issue with my Gateway laptop.  My desktop was always fine but the laptop would lose connection if I left it idle for a time and wouldn't reconnect without rebooting the router.  I tried a different router but that was the same.  I tried different power-saving settings, different/newer chipset and network adapter drivers, everything I could think of - no improvement.  I have now replaced the Gateway with a HP Pavillion dv6599ea (special edition!) and I don't get any dropouts at all so I can only assume that the problem was to do with the Intel wireless chipset on the Gateway.

I hope yours is easier to solve!
Vista x64 Home Premium. Intel Core 2 Duo E8400 Abit IP35, 4 Gig Kingston HyperX PC8500C5 DDR2, GTX260, Creative X-Fi Extreme Gamer, Antec 900 Gaming Case.

Offline scuzzy

  • Forum Cop
  • Administrator
  • xTreme Poaster
  • *****
  • Posts: 4584
  • Caveat Empty: Beware of jesters
I resolved this problem on my Toshiba laptop as follows:

1. Go to Device Manager
2. Select and expand Network adapters
3. Right-click on your adapter and select Properties
4. Select Power Management tab
5. Un-check Allow the computer to turn off this device to save power, then click OK
Antec Performance TX640B Case | WinXP Pro SP3 & Win7 64-bit | Gigabyte GA-EP45-UD3R | Intel Core 2 Duo E8500 Wolfdale LGA 775 3.16GHz Dual-Core | 8GB (4x2GB) PC6400 G-Skill RAM | eVGA 7600GT 256MB PCI-E | 74GB WD Raptor SATA 16MB Cache | 74GB WD Raptor SATA 8MB Cache | 320GB Seagate Barracuda SATA 16MB Cache | External 640GB WD Caviar SATA 32MB Cache | Sony DRU-V200S DVD/RW | PC Power & Cooling Silencer 500W | Samsung SyncMaster 2494 (24") LCD Monitor | LG Flatron W2361V (23") LCD Monitor

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
I resolved this problem on my Toshiba laptop as follows:

1. Go to Device Manager
2. Select and expand Network adapters
3. Right-click on your adapter and select Properties
4. Select Power Management tab
5. Un-check Allow the computer to turn off this device to save power, then click OK

That is how mine is set up. The PS3 has no such setting and it has the same problem. My laptop is an HP Pavillion dv 6xxx and it has the problem unlike Buffalo's HP.  ???
Enjoy the nature that is around you rather than destroying it.

Offline scuzzy

  • Forum Cop
  • Administrator
  • xTreme Poaster
  • *****
  • Posts: 4584
  • Caveat Empty: Beware of jesters
Here's another possibility:

On my Linksys Router, I have the option to adjust the "Client Lease Time", which is "the amount of time a network user will be allowed connection to the Router with their current dynamic IP address."

By default, this is set to "0" minutes on my router, which translates to 1 day (Linksys does some weird math). I changed my setting to the highest allowed, which in my case is 9,999 minutes. That extends the lease time to about 1 week.
Antec Performance TX640B Case | WinXP Pro SP3 & Win7 64-bit | Gigabyte GA-EP45-UD3R | Intel Core 2 Duo E8500 Wolfdale LGA 775 3.16GHz Dual-Core | 8GB (4x2GB) PC6400 G-Skill RAM | eVGA 7600GT 256MB PCI-E | 74GB WD Raptor SATA 16MB Cache | 74GB WD Raptor SATA 8MB Cache | 320GB Seagate Barracuda SATA 16MB Cache | External 640GB WD Caviar SATA 32MB Cache | Sony DRU-V200S DVD/RW | PC Power & Cooling Silencer 500W | Samsung SyncMaster 2494 (24") LCD Monitor | LG Flatron W2361V (23") LCD Monitor

Offline Buffalo2102

  • Master Poaster
  • ****
  • Posts: 1073
  • Just for Ace...
I tried Scuzzy's suggestion quite early on in my diagnostics but it didn't work.

The lease time doesn't apply either because I use static IP addresses and don't use the router as a DHCP server.

Buff
Vista x64 Home Premium. Intel Core 2 Duo E8400 Abit IP35, 4 Gig Kingston HyperX PC8500C5 DDR2, GTX260, Creative X-Fi Extreme Gamer, Antec 900 Gaming Case.

Offline Mark H

  • "H" is for handy
  • xTreme Poaster
  • *****
  • Posts: 3098
I have static IP addresses on all PCs and the router that are made by my ipcop firewall machine in the corner.

Mark H
Enjoy the nature that is around you rather than destroying it.

Offline Whizbang

  • xTreme Poaster
  • *****
  • Posts: 4576
  • "Canna" help you?
I love to go to Shields Up site when I have a live Linux booted up.  It is virtually the only time I can feel invulnerable.