Linksys WRT54GS with WRE54G Extender.....MAC address block questions

Hi. I have my WRT54GS locked down by MAC address. My neighbor has assured me he can access my wireless connection and get to the Internet. Running latest Firmware for version 4 and also running Windows XP SP2. Of course I changed the password on the router and range extender.

I do not have WAP or WEP enabled since my friend comes over and uses her laptop (IBOOK) which has a problem with Airport recognizing WEP or WPA. Thus I locked things down my MAC address (prevent only these IP addresses...)

****How is it that my neighbor can even access my connection for normal web surfing? He is not spoofing anything or trying anything funky.

Thanks for educating me.

Sincerely Patty

Reply to
pattyjamas
Loading thread data ...

snipped-for-privacy@hotmail.com hath wroth:

Bingo. Not "prevent". Use "permit" instead. Install the MAC addresses in the table that want to allow to connect. Don't include your neighbors radio. That should keep them out. |

formatting link

Also, verify that your neighbor is connecting to your WRT54G and not someone elses.

Reply to
Jeff Liebermann

disabled the SSID broadcast. With my Wi-Fi checker, it shows the SSID is cloaked.

I had the SPI firewall turned on on the WRT54G and could not access the Range Extender WRE54G via 192.168.1.240 (even with a hard reset) so I had to turn that SPI off.

Perhaps the cloaking will help since the MAC address filtering did not seem to be preventing my neighbor from getting internet access to my wireless network.

Patty

Reply to
pattyjamas
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

That should be easily fixable.

MAC filtering is easily spoofed.

Reply to
John Navas

Sorry, Yes I had "Permit only these IP addresses....." and the neighbors was not one of them. What I did was to disable SSID broadcast and that seems to have helped.

I need neighbor to somehow duplicate access to my WIFI network to see if what he is saying is true. With MAC address PERMIT ONLY I do not see how he can access anything unless the repeater does not carry prevention of MAC addresses. However the repeater should pass traffic to the Router and all should be fine.

We shall see.

Thanks Patty

Reply to
pattyjamas

Once your neighbor's computer has connected to your computer... turning off SSID will not help as the neighbor's computer has already "learned" your SSID. You must change the SSID to something else.

Reply to
DanR

snipped-for-privacy@hotmail.com hath wroth:

Won't work. If you have the MAC address of the repeater in the permit list, anything that goes through the repeater will successfully connect to your access point. Your WRT54G is authenticating the MAC address of the repeater, not the clients.

Also, turn SSID broadcast back on or you'll probably find your neighbors networks running on your channel because he won't know that you're already there.

Reply to
Jeff Liebermann

Thanks. So take the repeater out of the PERMIT THESE mac addresses......?

Why enable SSID broadcast?

Thanks so much. I do appreciate it.

Sincerely Patty

Reply to
pattyjamas

snipped-for-privacy@hotmail.com hath wroth:

Nope. Then nobody will be able to connect to your router through the repeater. The only way to make this work and still retain the repeater is to forget about MAC address filtering and fix the stupid Apple problem. My guess is the usual ASCII to Hex WEP key conversion problem. Use the Hex key or better yet, switch to WPA-PSK which should work.

If that's not the problem, there's a chance you have a WRT4GS version

5, which has problems. You state that you have the latest firmware so that's not it. (Assumption: The mother of all screwups). Would you mind checking if you really do have the latest firmware?

The other possibility is that the repeater is a problem for the iBook. Try removing the repeater (i.e. turn it off) and see if things work a bit better. Note that the WRE54G needs to have the same encryption type and key as the WRT54GS. See under "wireless security"

formatting link

So your neighbors know that you're there. If they can't see you, they'll probably put their wireless systems on the same channel you're using. The both of you can complain about how "unreliable" the wireless seems to be, when in reality, you're just dealing with mutual interference.

Also, some wireless clients just can't seem to function correctly without seeing an SSID broadcast. Actually, these are few and far between and can probably be ignored. However, I keep running into problems that are magically fixed by turning on SSID broadcast.

Reply to
Jeff Liebermann

Because it adds nothing to security (all the common sniffing tools find it anyway), not all clients work with hidden SSID, and it causes interference when your neighbors can't tell it's there and put their AP on the same channel.

Reply to
William P.N. Smith

Most folks use WinXP. How do they determine which channel their neighbor is using?

Reply to
DanR

Beats me, I use NetStumbler, WiSpy, or a client that shows channels.

Reply to
William P.N. Smith

"DanR" hath wroth:

I usually bang on my neighbors door and ask them what channel they're using. This also gets me a few repair jobs.

For sniffing, I prefer Kismet using a Knoppix based LiveCD. It shows systems that don't broadcast their SSID. I've tried to get Kismet (and KisWin) to work under Cygwin on W2K and failed:

formatting link
formatting link
?PID=65I should probably try again.

If all else fails, there's always Netstumbler.

Reply to
Jeff Liebermann

Actually my question was a bit rhetorical. One reason many give for broadcasting the SSID is so the neighbors can see you and avoid your channel. They may see other "available wireless networks" with their WinXP utility but they don't see channels and therefore the typical wi-fi neighbor can't avoid busy channels using SSID data.

Reply to
DanR

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.