Wired/Wireless Router Security

Discussion in 'Networking & Security' started by rpc180, Oct 1, 2004.

  1. rpc180

    rpc180 Limp Gawd

    Messages:
    175
    Joined:
    Dec 31, 2002
    The Setup: Cable Modem to a wire only Cisco-Linksys Router. To the router is a wired hub and a wired wireless Belkin router (F5D6231-4). I set the Belkin router to wireless access point mode (so wireless computers can stay on the same subnet & see their wired counterparts). As far as I can see, I have no control over the way the Belkin configures the wireless network that was created.

    The Problem: I want to secure the network, at least make it so only certain MAC addresses can use the thing. If I set the router to be a router again it lets me configure the broadcasting/filtering/wep, etc... but the wireless computers don't see the wired ones, which defeats the purpose of the network. In access point mode, its wide open (though in the basement and doesn't get too far beyond the walls of the house).

    Anyone got any ideas?
     
  2. lomn75

    lomn75 Purple Ace

    Messages:
    6,613
    Joined:
    Jun 26, 2000
    Can't you use the setup as now, with the two routers linked on the LAN side for each, and set the Belkin in normal router mode? Just rig it to the same subnet with a different DHCP range, and have it give the Wired router as the gateway address.
     
  3. rpc180

    rpc180 Limp Gawd

    Messages:
    175
    Joined:
    Dec 31, 2002
    So you say like this ?

    Linksys Router IP: 192.168.1.1
    Subnet Mask: 255.255.255.0
    DHCP Range (its currently set at): 192.168.1.150 - 200
    Gateway (whatever the cable company assigns)

    Belkin Router IP: 192.168.1.10
    Subnet Mask: 255.255.255.0
    DHCP Range (would be): 192.168.1.201 - 251
    Gateway: 192.168.1.1

    Its late, I'll try it in the morning, but that'd be kick ass if it works!
     
  4. lomn75

    lomn75 Purple Ace

    Messages:
    6,613
    Joined:
    Jun 26, 2000
    yeah, that'd be the setup. You won't use the WAN port on the wireless router, which means the firewall won't come into play -- it'll be acting as AP + Switch + DHCP.
     
  5. rpc180

    rpc180 Limp Gawd

    Messages:
    175
    Joined:
    Dec 31, 2002
    Well ... I had to give up somethings. Turns out the Belkin doesn't allow you to change the gateway that its DHCP service can assign. It constantly assigns the IP address of itself. Also, the access point only option appears to be all screwed up. It bypasses all the router settings and allows you to assign it an IP address on your network. Everytime I pushed a new one, it would revert or disappear to its default of 192.168.2.254 and in order to find it again I had to manually set my IP address for that subnet. Also, you couldn't reset anything after that point.

    So ... after 4 hours. You setup everything you want first, SSID, Broadcast no (which I don't think works because every scan still shows the SSID), and encryption. After that, THEN you configure it for Access Point Only at which point, further configuration becomes IMPOSSIBLE without hard reset. Encryption is weird because if you weren't hard wired into the router to configure it, the whole process would fail and the router would have to be hard reset.

    Long story short, don't buy a Belkin router no matter how many rebates you get!

    Final Settings:
    Use of 'uplink' port to Linksys Router
    Belkin Router IP: ??? - could be 192.168.2.254 in access point only mode (had to be in the same subnet scope to log into the damn thing)
    Firewall: Disabled by access point only mode
    NAT: Disabled by access point only mode
    WEP: 64-bit - working.
    SSID: Broadcast off, Accept Any ID off, though I'm not positive this is true because every area scan I run displays the SSID.