Netgear WGXB102 connection problems when using WEP

"Peter" hath wroth:

Easy. Don't use the ASCII WEP key. Use the longer Hex key instead. There are incompatibities in the ASCII to Hex conversion with different makers and models of wireless hardware. Details if you want them.

Incidentally, you really should be using WPA or WPA2 if possible instead of WEP. WEP is fairly easily cracked.

Thanks Jeff ... yeah, I know about poor WEP encryption. I haven't got around to switching to WPA, so I generally resort to much poorer layered security measures (ie SSID broadcasting turned off, don't use DHCP, don't use an 'easily' guessed sub net (e.g. 192.168.1.x, MAC address filtering on everything). I know, all of these are easily circumvented if someone actively monitors my network traffic ... gosh, I'm losing track of what I want to solve here ;)

I did enter the hex key for both my dlink and WGX, but I'm embarrassed to say I haven't figure out how to enter the HEX key on my XP clients. When I just had my Dlink, the window's managed wireless network key entry field accepted my ASCII string just fine. Can I just slam in the HEX string in the same place?

Thanks,

P.

"Peter" hath wroth:

I use an outline program to keep my things to do list organized. Hierarchial organization is much better than a "flat" list. For example, this would look like:

I don't have a specific program to recommend. I just use the outline features in MS Word (various versions) which is fairly portable. This allows me to update my things to do list while at customers. It also works on my PDA (Verizon XV6700).

Just enter the value in Hex without any 0x or such prefix. Windoze Wireless Zero Config uses the tried and true "trial and error" approach to key management. It just goes through and tries all the various combination and conversions that might be applicable. It determines if it's Hex or ASCII by the key length. 64bit 128bit ASCII 5 10 ascii chars Hex 13 26 hex chars Anything that's not 5, 10, 13, or 26 characters long, is rejected.

For Windoze Wireless Zero Config, yes. It's smart enough to figure out the type of key and the required length.

For additional entertainment value, download the Perl script at:

If you have Perl installed, you will see 3 different ASCII to Hex conversions found in various wireless managers. I think there's one more, but I don't wanna burn the time finding it. MS only supports one of these (and I forgot which one).

So, using the HEX key worked (for one laptop). My other laptop connected okay (verified in the WGX connection screen), but I still couldn't access any network/internet resources. I validated the key in the client was the same in the second laptop. MAC filtering is my other thing to validate, but again, it works fine when I connect to my Dlink and have the WGX unplugged and there is no MAC filtering on the WGX. I guess WPA is my next step.

On 13 Mar 2007 08:32:34 -0700, "Peter" wrote in :

Use "IPCONFIG /ALL" in a command window once connected to verify settings. If you want help, post the _exact_ output here.

"Peter" hath wroth:

See, that was easy.

Nope. You get a connection even with a bad WEP key. In order to exchange encryption keys, the client must first connect to the access point. Just because it shows a connection, doesn't mean that the key exchange was successful. However, it's not like this on all routers. Most of the older ones would show attempted connections, failed connections, dubious connections, and just plain garbage connections. These would eventually expire and disappear. On later models, such as my Buffalo WHR-HP-G54, it appears momentarily, and then disappears if it fails. I'm not sure I like it either way (clutter versus obscurity).

Pardon me for being suspicious. I lost count of the number of times I managed to mangle characters in an encryption key, especially when typing bling.

WPA should have been your *FIRST* step. WEP is simply not secure enough to be considered useful. It also suffers from some implimentation oddities, one of which you're currently experiencing. Give up on WEP and switch to WPA please.

Yeah, I saw that 'winking out' behaviour too during one test.

I cut'n'pasted the HEX straight from my Dlink config window (twice) so I think I've got that covered, but it'll be in my test cases tonight.

Oh I will, after I give WEP just _one_ more try ... thanks for your efforts to date. Your advice has been 100% responsible for the success I've had to date.

Will do ... I checked that the 'support' view of my wireless connections matched my intended network settings, but I realize you'll probably want to see my other network connections in case there are other problems.

On 13 Mar 2007 11:35:51 -0700, "Peter" wrote in :

Why waste time on something that's not useful?!

On 13 Mar 2007 11:35:51 -0700, "Peter" wrote in :

Fair enough -- I won't waste any more of my time.

Thanks for your help. I'll upload my IPCONFIG results all the same

Because it _is_ partially useful. As I said, one laptop does work, the other doesn't. I haven't suffered any security issues (yet) so I have some time to see if I can get WEP working then go with a WPA solution when I have more time. Also, going with WPA assumes I won't run into yet other issues.

You're certainly within your right to ignore the rest of the thread, but I would be interested in hearing your and Jeff's comments, once I'm back at home and have chance to try out the various scenarios and provide the rest of the information you've asked for.

On 13 Mar 2007 13:11:22 -0700, "Peter" wrote in :

Read my lips: WEP _isn't_ useful.

I changed my network to use WPA-PK and everything seems to work for both my laptops. Thanks for the suggestions, Jeff, John. As I mentioned, part of my heistancy from using WPA related to the fact one laptop I have (a lenova no less) has been extremely finicky in accessing network resources, so I have a tendency to stick with something once it (sort of) works.

Anyways, thanks again.

P.

Here's the latest: Still running with WPA, connection is generally fine. However, periodically, I loose the connection to the internet/ LAN *except* for the WGX102 (the wireless AP). These connection dropoffs resolve themselves instantly when I disconnect the unit. I wonder if it is due to one of the following:

The fact I can still connec to the AP tends to argue it is probably power interference. Does this seem like a reasonable analysis? Anything else I can try? The two AP's are also running on channel 1 and 11.

On 4 Apr 2007 19:09:50 -0700, "Peter" wrote in :

Do all wireless units have the latest firmware/drivers?

Sorry, things got a little hectic and I had to put this on the shelf for a while... I upgraded the firmware on my Dlink AP and now, one laptop (which has a Dlink wireless card) connects fine through both AP's. The other laptop (LG with internal wireless connection) cannot connect at all to either AP unless I unplug the powerline AP. I haven't tried the wireless card in the LG laptop, yet. Stay tuned.

P.