BT Home Hub

the home of hassle hub

Roaming around :: Go Wireless

Always think about the security when setting up a Wireless Access Point (AP). Don’t make yourself a victim; protect your wireless zone first. First thing you need to do is to change the default SSID and give a name that’s meaningful to your network. Next, stop broadcasting the Network Name (SSID) and choose WPA-PSK (known as SOHO -small office/home office) encryption as standard for extra security. WPA (WiFi Protected Access) delivers a level of security way beyond anything that WEP can offer. WPA uses Temporal Key Integrity Protocol (TKIP), which is designed to allow WEP to be upgraded. This means that all the main building blocks of WEP are present, but corrective measures have been added to address security problems. Select Interface type as 802.11g but if your wireless network consist a mix of 11g and 11b card, then use 802.11b only.

Assuming you are connected to the hub using one of the ethernet ports, go to:

Advance > Home Network > .Interface > WLAN > Configure

and set all the parameters described above. It’s easy to do form the Web Interface. Apply the settings and lets check if you can access the internet wirelessly.

Next thing to do is restrict the home hub to talk to a number of know computers. We call it “Wireless Access Control” and to do that we register the MAC (Media Access Control) addresses of your wireless adapter to the hub and then tell the hub not to grant access to others those who are not on the list. We will go back to telnet again, to do that. The previously open telnet session is already dead now (time out), so initiate a new one as user “admin”. First view the present settings:

{admin}=>:wireless ifconfig

State : enabled

Network name (SSID) : LittleHome

Public network (any) : disabled

Channel : 7 [manual]

RTS Threshold : 2347

Short Retry Limit : 7

Long Retry Limit : 4

Beacon Period : 100

Rate : 54 Mbps

Interoperability : 802.11g

Protection : never

Protection Mode : rtscts

Protection Trigger : local&overlap

Shortslot : always

Framebursting : disabled

Regulatory Domain : Europe

Rate Set : 1(b) 2(b) 5.5(b) 6(b) 9 11(b) 12(b) 18 24(b) 36 48 54

Dtim interval : 3 (every 300 msec)

You may suffer from occasional or kinda frequent connection cut-off when you start using the wireless connection. Enabling the Framebrusting will improve the situation.

{admin}=>:wireless ifconfig frameburst = enabled

Framebursting offers greater throughput for data transmitted over the Wireless LAN.

It may degrade performance for some users sharing the LAN (due to incompatible wireless client cards).

Warning current associated stations might lost connectivity.

Next the Access Control. Before doing that, we will add the host names of the computers that we are planning to use with the home hub. Lets have a look if we already have any thing added there. This is what I had sometimes ago.

{admin}=>hostmgr list

MAC-address IP-address Flags Type Intf Hw Intf Hostname

----------- ---------- ----- ---- ---- ------- --------

00:03:93:xx:yy:zz 10.0.11.100 CD Generic Device LocalNetwork wlif1 maci

00:07:e9:xx:yy:zz 10.0.11.5 C Generic Device LocalNetwork ethif2 biggirl

00:11:24:xx:yy:zz 10.0.11.101 D Generic Device LocalNetwork wlif1 macm

00:14:7f:xx:yy: zz 10.0.11.1 T SpeedTouch - - api

00:16:cb:xx:yy: zz 10.0.11.102 Generic Device LocalNetwork wlif1 macmini

00:d0:b7:xx:yy: zz 10.0.11.20 C Desktop Computer LocalNetwork ethif1 baba

To add a host, you need to know the MAC address first, and as soon as you know.........

{admin}=>hostmgr add

mac_addr = <hardware-address> #MAC address of the HOST

ip_addr = <ip-address> #IP address [optional]

name = <string> #host name [optional]

type = <{generic_device|desktop_computer|laptop_computer|set_top_box|pda|

gaming_console|phone|mobile_phone|printer|mass_storage_device}>]

[ipintf = <{Internet|LocalNetwork}> #Name of interface the IP assign to [optional]

ethintf = <{bridge|RELAY}> #Ethernet interface name [optional]

physintf = <{ethif1|ethif2|usbif1|wlif1|ethif3}>

and then add the MAC address(es) to the control list to give the access.

{admin}=>wireless macacl add

hwaddr = 00:03:93:xx:yy:zz

permission = allow

name = <host_name>

{admin}=>wireless macacl list

Station Name Hardware address Permission

macm 00:11:24:xx:yy:zz accept

maci 00:03:93: xx:yy:zz accept

macmini 00:16:cb: xx:yy:zz accept

When you done with all of your wireless adapters, you gotta tell the home hub to activate the list:

{admin}=>wireless macacl config control = register

{admin}=>wireless macacl config

Access Control : register

Save the new configuration to the default config file, as we did before (I found that Web Interface cannot perform this part efficiently and that’s why Access control doesn’t work if you do that from there).

{admin}=>config save filename = user

:config save filename=user

So you done. Have a cup of tea, go grab your favourite corner of the room and lets see if you can read this. Next we will modify our DHCP server, if you think that you wanna do it.

This time :: Time Config

Before doing any thing else, first set the date and time if haven’t done that yet. Only option is using NTP (Network Time Protocol) at the moment. It’s very easy doing it from the web interface.

Go to Advance > .Configuration > Configure to set a time server. If you clicked “automatic update” before setting the date manually, it’s not set and will show the stupid default start date. Uncheck the “automatic update” check box and you will get the option to change date and time. When you done, you can switch back to your NTP with a proper time server. Always use two or three different time servers from different subnets. The good one to use is one from your Windows machine and another one, e.g. time.euro.apple.com or maybe something else.

Page :: Two