Build a network at home (wireless router settings)

Building a network at home (wireless router settings)

 Setting up a router can be a bit difficult for beginners. A long time ago, you had to enter a setting command or set the IP address of the same network address on your computer and router and set it via a browser.

 Even if you are able to connect to the WAN (Internet) after a lot of effort, in terms of wireless settings, there are SSIDs, channel settings to avoid radio wave interference, encryption settings, and even more difficult firewall settings. There were a lot of things that had to be set.

 However, setting up a wireless router these days is surprisingly easy compared to a decade ago. Convenient setting software is attached, and even if you do not set it with one button, it will automatically distinguish.

WAN settings (Internet connection)

 When you become a member of an Internet provider, you will receive setting information for connecting to the provider. Enter that information into your wireless router.

The items to be set are

  • connection user name
  • connection password
  • IP address of DNS server or obtained automatically
  • Encryption during authentication

etc. will be set.

 To set up, set the same network address on the computer and the wireless router, connect the computer and the wireless router with a cross cable, specify the IP address of the wireless router at the URL of the browser, and connect. increase. Some recent wireless routers have LAN ports that support Auto-MDIX, and can be connected with a straight cable. It is a good idea to use the short LAN cable that comes with your purchase.

http://wireless router IP

to connect, the login screen will appear.

The IP address of the wireless router can be found in the attached manual or on the sticker attached to the product.

Once connected, you can finally set it by entering the administrator account and password set for the wireless router, but it is strongly recommended that you change this administrator account and password later from the security point of view. It is recommended.

SSID settings

 SSID is a wireless standard IEEE 802.11 series access point identifier, and is a name given to avoid interference. Arbitrarily set up to 32 alphanumeric characters. Depending on the product, the default SSID is already set at the time of purchase.

 You may also hear the term ESSID often. ESSID is an extended network identifier that considers networks with multiple access points.

 It's a little confusing, but the network identifier is called SSID or ESSID. Different manufacturers may have different descriptions of this network identifier, but you should expect them to be similar. Strictly speaking, the meaning is different. This identifier must be matched in order to connect with the access point.

 Since the wireless router also functions as an access point, it is necessary to set this network identifier. The SSID set for the access point must be set to the same value on the terminal side.

 If the same SSID is not set for the access point and the terminal connected to it, it will not be possible to connect. If the SSID is known in some way, there is a risk that it will be connected.

Check out the following features!

●Any connection refusal function

A function that prohibits "Any connection", which allows anyone to connect when the SSID is set to "Any".

●Wireless SSID stealth function

 In IEEE 802.11, the access point periodically broadcasts the configured SSID by beacon signal. This is convenient for public wireless LAN access, but it may not be so convenient for building a home network. This is because your neighbors will know your SSID.

 Although the name varies depending on the manufacturer, the "wireless SSID stealth function" is a function that stops the beacon signal that is sent for notification to the surrounding area, and can hide the SSID from terminals such as Windows that detect the beacon signal. increase. *However, this function is no longer effective. Some operating systems detect even if the "wireless SSID stealth function" is enabled.

Encryption settings

 A wireless connection is communication without a physical cable connection. Unlike wired LAN, you can connect even from outdoors as long as you are within the range of radio waves. Modern wireless devices can transmit radio waves over long distances. It is a good idea to adjust the output of the radio wave.

 Therefore, there is a risk of illegal intrusion by connecting to the wireless LAN from outside the home without permission, and the content of communication by connecting to the wireless LAN is monitored, and the content exchanged over the wireless LAN can be leaked to a third party. There is a risk that you may lose it.

Therefore, in order to avoid the risk of leakage, wireless communication is encrypted.

There are several encryption methods, and the encryption strength is as follows.

AES>TKIP>WEP(128bit)>WEP(64bit)

 "AES" is currently the highest level of encryption, and it is a strong encryption method for which there is no decryption method at present. However, if it is a simple password, there are tools that analyze the password, which is dangerous. Passwords must be of a certain length and complexity.

 I would like to use "AES" for wireless encryption, but the same encryption must be used for the access points and wireless terminals in the configured wireless network, so if you have old wireless devices, you should use this method. You may not be able to introduce the latest "AES". WEP is no longer secure, so don't use old equipment as an option.

Firewall settings

 A firewall mainly refers to a dedicated machine or router installed at the boundary of a network. Place it between two networks: a "trusted network" like your home (company) and an "untrusted network" like the Internet.

There are several types of firewalls.

  • Packet filter type
  • Circuit level gateway type
  • Application gateway type

 Broadband routers for home use (hereafter referred to as wireless routers) are often equipped with a "packet filter type" firewall function, and a firewall is constructed by performing packet filtering.

 A packet filter specifically refers to monitoring packets entering and exiting a firewall, and passing or discarding them based on rules such as passing or not passing.

 If you create many rules with this firewall setting, the security will be higher, but at the cost of this, you will have adverse effects such as being unable to communicate with certain applications.

 For example, as a result of increasing security, there are cases where network games cannot be played. However, if the rules of this packet filter are relaxed, the security becomes weaker, so it is very difficult to arrange the settings.

 There is also a method to loosen the firewall settings of the wireless router and install firewall software on each terminal to supplement security. The advantage of this is that you can specify the application to communicate with on each terminal individually. However, it is necessary to set security for each terminal, and it becomes difficult to manage the home network.

If you set the firewall on the wireless router side, all devices in the home will affect the policy set on the firewall.

 However, creating firewall rules (policies) requires a great deal of knowledge about networks, and setting them up is a difficult task unless you have some knowledge of networks. Therefore, there are many people who allow all communication without setting the firewall at all, but that is dangerous.

 However, recent wireless routers for home use have products that make it easy to configure this difficult firewall setting. Can be set with dedicated software. You can easily set it in your browser.

More than just a packet fill

  • Attack block function
  • SPI (stateful packet inspection) function
  • Dynamic packet filtering function

Some products implement various firewall functions to prevent unauthorized access from the Internet, such as

-Attack block function

 Detects and notifies DoS attacks, PortScans, etc. that bring down your computer. The attack received is safe because it discards the packet. They will also notify you by email.

SPI (stateful packet inspection) function

 High-level packet filtering that does not create security holes, checking packet integrity for each communication session. Since all ports are closed at the end of the session, it helps prevent unauthorized access (spoofing, etc.).

●Dynamic packet filtering function

 It creates an exit that adapts to access, and when it responds, prepares a new entry for return. At the end of communication, all entrances are closed, and even if there is no response within a certain period of time, the entrance will be closed, so the risk of unauthorized entry from the outside is extremely low.

 Setting the firewall is the most difficult setting for the wireless LAN router, so it is recommended to set it within the range you understand. It has become quite easy to set up, so let's set it up without any hassle!

DHCP server/PC network settings

 We live in an era where each household owns a device that connects to a network, such as a smartphone, rather than just one computer per household. Home appliances such as televisions are also connected to the Internet. Even home-use game machines and portable game machines are based on the assumption that they will be connected to the Internet.

 However, as more devices connect to the Internet, IP addresses must be assigned for each additional device. If there are only a few units, this allocation work is not so difficult, but if there are many units, it becomes difficult to manage. We live in an era where each individual has multiple network terminals. However, there is a rule that IP addresses must not be duplicated, making management difficult.

 According to network rules, if the same IP address is assigned to multiple terminals, communication becomes unstable. When assigning IP addresses, care must be taken to avoid duplication.

 For example, let's say you buy a new home appliance that supports two-way Internet service, or buy a smartphone or tablet for your child. Assigning an IP address each time is a little troublesome.

 In such cases, a DHCP server can help. A DHCP server is a server that automatically assigns network settings such as IP addresses, but broadband routers usually have a DHCP function. If you use that function, you don't need to manage IP addresses, so operation management becomes easier.

● DHCP settings

The setting method is slightly different depending on the product, but the setting contents are almost the same.

First, create a DHCP entry to issue.

Next, set to use the functions of the DHCP server.

● PC network settings

 On the terminal side, just by setting "Obtain an IP address automatically", the terminal will be able to automatically obtain an IP address. For example, on a Windows terminal, set TCP/IP properties to automatic. *The figure below is for Windows XP, but it is basically the same for Windows 11.

PC network settings

 However, terminals that automatically obtain an IP address take a little longer than manually assigning an IP address, so if you want to connect to the Internet immediately, you should set it manually!