Increase Security on Your MN-500 Wireless Base Station (823257)
The information in this article applies to:
- Microsoft Broadband Networking Wireless Base Station MN500
SUMMARYMicrosoft Broadband Networking hardware provides technology
to help you improve the security of your wireless network. To benefit
from these technologies, you must configure them.MORE INFORMATIONThe following are procedures that you can use to help
provide increased security on your wireless network. Each procedure can help
to provide an increased layer of security and help to protect against a malicious
user who may try to access your network by using wireless technology. These
procedures can be implemented individually; you can use some or all of
them. Method 1: Enable Wireless Security (WEP) To enable wireless security (also known as Wired Equivalent Privacy, or WEP) for your MN-500 base station,
follow these steps:
- Open the Base Station Management Tool, and then click
Security.
- On the Security menu, click
Wireless Security.
- Click Enable wireless security.
- In the Encryption strength drop-down list,
click 128-bit or leave the default setting of
64-bit.
- If you select 128-bit encryption, in the first
Key box, type a wireless security (WEP) key.
If you select
64-bit encryption, you can type up to four WEP keys in the Key
boxes. - If you selected 64-bit encryption, in the Key
index drop-down list, click a key index.
The key index number
indicates the WEP key that will be activated on the network. (There are four WEP keys.)
- To save the wireless encryption, click
Apply.
- Update the WEP keys that are stored on each wireless device on your
network.
Method 2: Media Access Control (MAC) FilterWhen you deny unspecified clients permission to connect to the
base station, only the clients who you specifically grant permission to in
the MAC Address table can connect to the base station and use your network
resources. This is a good option if you want to enforce the highest security
level on your network because it helps to prevent unknown wireless clients from
being able to join your network. However, you must make sure to not
prevent your own computer from connecting to the base station. If you deny
unspecified MAC addresses from connecting, make sure that you type the MAC address of
each of your network adapters in the MAC Address table, and then click to select the
Allow connection check box. If you do block your own access to the
base station, you must restore the factory default settings by using the Reset
button on the physical device, and then reconfigure the base station.
To deny unspecified clients connection permission, follow these steps:
- Open the Base Station Management Tool, and then click
Security.
- On the Security menu, click MAC
Filtering.
- Click to select the Enable connection control check box.
- If you do not want unspecified clients to connect to the
base station, in the drop-down list, click Deny.
In this scenario,
any client whose MAC address is not listed in the MAC Address table and granted
permission to connect will not be able to connect to the base station or access
the Internet. - If you clicked Deny in step 4, in the
MAC Address table, specify the MAC address of any clients who
you want to be able to connect to the base station, and then click to select the
Allow Connection check box.
- To save your changes, click Apply.
To allow specified clients connection permission, follow these steps:
- Open the Base Station Management Tool, and then click
Security.
- On the Security menu, click MAC Filtering.
- In the MAC Address table, specify the MAC address of the
client who you want to grant connection permission to, and then click to select the
Allow Connection check box.
- Repeat this step for any additional clients for whom you
want to grant connection permission.
- Make sure that you include the MAC address of your adapter in the
MAC address table so that you can access the network.
- To save your changes, click Apply.
Note Only grant connection permission to specific clients
if you have enabled connection control and denied connection permission to all
unspecified clients. If you have not denied connection permission to
unspecified clients, any client that has the correct wireless security (WEP)
information or wired connection can connect to the base station and access
network resources. Method 3: Limit Domain
Host Connection Protocol (DHCP) Clients to the Actual Number of Clients You can limit the number of DHCP addresses that your base station uses to the number of actual computers on your network. If all available
DHCP addresses are being used by the computers on your network, no DHCP
addresses are available to an unwanted user. To limit the Internet Protocol (IP) addresses
that are available to the DHCP server, follow these steps:
- Open the Base Station Management Tool, and then click
Local Area Network.
- Click to select the Enabled check box (if it is not
already selected) to enable the DHCP server on the base station.
- Type a starting IP address and an ending IP address for the
pool. Do not include the base station IP address in the IP address pool.
For example, if you are using the default base station IP address
(192.168.2.1), and you have five computers on your network, type an address range
of 192.168.2.2 through 192.168.2.6. - Select a lease time for the assigned IP addresses.
The
default time is two hours. - Type a local domain name, if your Internet service provider (ISP) provided one for you.
- To save the new IP address range, click
Apply.
Method 4: Change the Wireless Channel To set wireless channel for base station, follow these steps:
- Open the Base Station Management Tool, and then click
Wireless.
- Click to select the Enable wireless access check
box if it is not already selected.
- Click to the channel number that you want in the
Wireless channel number drop-down list.
- To save the new wireless channel setting, click
Apply.
Modification Type: | Minor | Last Reviewed: | 7/28/2003 |
---|
Keywords: | kbHardware kbinfo KB823257 kbAudEndUser |
---|
|