Volleynerd Knowledge Base
Volleynerd's Things to Remember

.NET Nerd Blog
RealCode Blog

Hot Topics

Firefox Extensions

DVD issues (latest)
DVD issues (2)
DVD issues (intel storage driver)

New Gateway PC

Search Archives:

Front page

Site Feed (Atom)

Archives here

[Powered by Blogger]

Monday, July 05, 2004

DLink Access Point Security


This is probably (?) documented somewhere on the dlink.com website, but finally stumbled across it today. (Thanks to Bro-in-law Dann for telling me that it's possible on the DLink)

See notes below - this is what I tried, and *pretty sure* it's working how I think it is...

Set access point on wireless router to

  • only allow connections by known MAC addresses
  • do not broadcast/announce SSID
Contrary to the help docs, these "allow only MAC" settings prohibit ANY access to the device, not just "internet traffic".

Caution: make sure you add the MAC address of the machine you're using to access the AP first! I had trouble getting any response (even the result of the MAC address "add") from the device after entering the first MAC that was NOT my desktop).

  1. Assuming you've already set a SSID and enabled WEP encryption on the Home / Wireless page
  2. Advanced Tab / Filters page
  3. Select "MAC Filters"
  4. Select "only allow MAC address listed below..."
  5. Provide a name, the MAC address. (DHCP client dropdown is only populated if this device is serving up DHCP addresses, which mine is not)
  6. Repeat above steps for any other MACs. Note that VPN on a laptop sometimes has it's own unique MAC address which will need to be added to the list as well.
  7. Advanced / Performance page. Set "Authentication" to "Shared Key". (see help for details, but basically this is the setting that hides the SSID and uses the Filters list for connections validation)
  8. For my WiFi card, went to advanced settings, "configure", selected "Network Authentication (Shared Mode)".


Notes:
The WiFi card on my laptop had a cached SSID for my access point. Not until I deleted that SSID from the list, stopped and removed the card, then re-inserted it, did all this seem to work.

Until I setup "shared mode" on the WiFi card configuration, I couldn't connect -- I think this is proof that the modes are working correctly.

Only thing I did not successfully prove to myself -- I changed the allowable MAC address list to have a bogus MAC. Re-connected from the laptop, and still got success...and browse internet. Hmmm...

keywords: wifi access point shared key wep encryption ssid broadcast


Posted 5:31 PM    |    0 comments    |    Permalink   
Comments: Post a Comment

Home