RangeMax Wireless-N DSL Gigabit Modem Router DGN3500 User Manual
2-3 Configuring Your Wireless Network and Security Settings
v1.0, November 2009
Wireless Security Options
Indoors, computers can connect over 802.11g wireless networks at a maximum range of up to
300 feet. Such distances can allow for others outside your immediate area to access your network.
Unlike wired network data, your wireless data transmissions can extend beyond your walls and
can be received by anyone with a compatible adapter. For this reason, use the security features of
your wireless equipment. The modem router provides highly effective security features, which are
covered in detail in this chapter. Deploy the security features appropriate to your needs.
There are several ways you can enhance the security of your wireless network:
There are several ways you can enhance the security of your wireless network:
• Restrict access based on MAC address. You can allow only trusted PCs to connect so that
unknown PCs cannot wirelessly connect to the modem router. Restricting access by MAC
address adds an obstacle against unwanted access to your network, but the data broadcast over
the wireless link is fully exposed (see “Restricting access by MAC address” on page 2-8).
• Turn off the broadcast of the wireless network name SSID. If you disable broadcast of the
SSID, only devices that have the correct SSID can connect. This nullifies wireless network
discovery feature of some products, such as Windows XP, but the data is still exposed (see
“Hiding your wireless network name (SSID)” on page 2-8).
• WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared
Key authentication and WEP data encryption block all but the most determined eavesdropper.
This data encryption mode has been superseded by WPA-PSK and WPA2-PSK (see
“Configuring WEP” on page 2-11).
• WPA-802.1x. Wi-Fi Protected Access (WPA) with user authentication implemented using
IEE 802.1x and RADIUS servers (see “Configuring WPA-802.1x” on page 2-12).
• WPA-PSK (TKIP) + WPA2-PSK (AES). Wi-Fi Protected Access (WPA) using a pre-shared
key to perform authentication and generate the initial data encryption keys. The very strong
authentication along with dynamic per frame re-keying of WPA makes it virtually impossible
to compromise (see “Configuring Mixed WPA-PSK+WPA2-PSK Security” on page 2-10).
For more information about wireless technology, see the link to the online document in “Virtual
Private Networking Basics” in Appendix B.