Re: uplink newbie question

From: Robert Frost (thepineappleman_at_yahoo.co.uk)
Date: 11/12/04

Next message: Steve Winograd [MVP]: "Re: 2 of 3 Folders inaccessible to Win 98"
Previous message: jean-Pierre.hollande: "Re: Shared connection lost when PC restart."
In reply to: Chuck: "Re: uplink newbie question"
Next in thread: Chuck: "Re: uplink newbie question"
Reply: Chuck: "Re: uplink newbie question"
Messages sorted by: [ date ] [ thread ]

Date: 12 Nov 2004 02:26:17 -0800

Chuck <none@example.net> wrote in message news:<v3r7p0d7r7cltpe9eau7i6ugrpvuh5fkbb@4ax.com>...
> On 11 Nov 2004 08:59:12 -0800, *email_address_deleted* (Robert Frost) wrote:
>
> >I have 3 computers running xp networked via a netgear wireless router.
> >
> >I have a wireless laptop also running xp which connects perfectly to
> >the lan via a wireless link to the netgear router and can access files
> >on the other computers.
> >
> >I have a separate building in which there is a linksys wireless router
> >which is connected by ethernet cable to the 4th port on the netgear
> >router and is intended purely as a wireless access point. This works
> >fine for internet access but will not allow the laptop to access the
> >lan. Presumably this is because of a firewall in the linksys.
> >
> >The netgear router can see the linksys and gives it IP and MAC
> >addresses.
> >
> >How can I get into the linksys to turn the firewall off?
>
> Robert,
>
> Not all NAT routers contain firewalls. And those that do, do not firewall
> outgoing traffic. If your laptop, connected to the Linksys, needs to access the
> LAN on the Netgear, it's creating outgoing traffic thru the Linksys, which is
> not filtered.
>
> I'll bet your problem is caused by subnetting. To use the Linksys as a WAP, you
> need to:
> 1) Login to the Linksys, and disable the DHCP server.
> 2) Change the Linksys LAN port address to something on the same subnet as the
> Netgear LAN - but outside the Netgear DHCP scope.
> 3) Connect the Linksys to the Netgear thru LAN ports on both.
> 4) If the laptop is setup as a DHCP client, and the Netgear LAN is on DHCP, the
> laptop should connect, and should be able to access any of its peers on your one
> LAN. If the Netgear LAN is (hopefully) using fixed ip addresses, assign an
> appropriate address to the laptop.
>
> But please don't stop there - using DHCP on a wireless LAN exposes all the
> computers, wired and wireless.
>
> Here's a story about somebody's very stupid wireless neighbor. Don't expect all
> wireless neighbors to be this stupid.
> <http://www.canoe.ca/NewsStand/LondonFreePress/News/2003/11/22/264890.html>.
>
> The point is, you need to protect a wireless LAN with more precautions than just
> the NAT firewall.
>
> Change the router management password, and disable remote (WAN) management.
>
> Enable WEP / WPA. Use non-trivial (non-guessable) values for each. (No "My dog
> has fleas").
>
> Enable MAC filtering.
>
> Change the subnet of your LAN - don't use the default.
>
> Disable DHCP, and assign an address to each computer manually.
>
> Install a software firewall on every computer connected to a wireless LAN. Put
> manually assigned ip addresses in the Local (highly trusted) Zone. Configure
> the firewall to allow file sharing only in the Local Zone.
>
> Don't disable SSID broadcast - some configurations require the SSID broadcast.
> But change the SSID itself - to something that doesn't identify you, or the
> equipment.
>
> Enable the router activity log. Examine it regularly. Know what each
> connection listed represents - you? a neighbor?.
>
> Use non-trivial accounts and passwords on every computer connected to a wireless
> LAN. Disable or delete Guest userid, if possible (XP Home is a bad choice
> here). Rename Administrator, to a non-trivial value, and give it a non-trivial
> password. Never use the Administrator renamed account for day to day
> activities, only when intentionally doing administrative tasks.
>
> Stay educated - know what the threats are. Newsgroups alt.internet.wireless and
> microsoft.public.windows.networking,wireless are good places to start.
>
> Cheers,
> Chuck

Thanks Chuck. thats a whole heap of advice. I discovered last night
tthere is no firewall in the linksys. As you are right about that i'll
assume you are right about all the rest. many thanks.

Next message: Steve Winograd [MVP]: "Re: 2 of 3 Folders inaccessible to Win 98"
Previous message: jean-Pierre.hollande: "Re: Shared connection lost when PC restart."
In reply to: Chuck: "Re: uplink newbie question"
Next in thread: Chuck: "Re: uplink newbie question"
Reply: Chuck: "Re: uplink newbie question"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: Connect a Wireless Router to my SBS Network
... I assume your DSL modem-router is acting as a router (with a WAN and a LAN ... This setup is the Airlink wireless attached to the 5-port switch? ...
(microsoft.public.windows.server.sbs)
Re: ICS, wireless, Access point problems...big time
... If the NetGear device is a router, why not simply configure it the same ... as the Linksys and get rid of the Linksys altogether? ... LAN port to a NetGear LAN port. ... > wireless or cable high speed available. ...
(microsoft.public.windowsxp.network_web)
Re: ICS, wireless, Access point problems...big time
... Disconnect the NetGear and/or new Linksys device and manually configure ... I replaced the wireless Netgear router ...
(microsoft.public.windowsxp.network_web)
Re: Breadbored questions
... with a "Livebox" wireless router also included ... existing Netgear wireless modem/router, nor if I could still use the VoIP ... someone with enough nous to a) change the password; and b) disable the WiFi, ...
(uk.rec.sheds)
Re: shelf life on cheap wireless routers?
... Find a known working wireless router or client ... > $35 Netgear whatever. ...
(alt.internet.wireless)