Security related configuration for 2Wire 2701hg-b wireless router with builtin modem

This wireless router and modem works good for me. However, there are two security related issues which I would like to solve:

Router administration console ====================== When viewing the router's administration console, it already shows you what router it is, speed settings, connected computers, and other settings. While it does prompt you to enter a password before making changes, I don't want the entire world to know about this. Even though the wireless connection is currently encrypted, I believe this is a security issue, especially when the router first comes with no encryption enabled.

I had at one point a D-Link router and a Linksys router, both of which prompted the user to enter a password before displaying any information. Can this router be configured to behave in a similar manner?

MAC address filtering ================ I already see my computer on the allowed list or I can enter my MAC address manually. However, the moment I enable MAC address filtering, I can no longer access the router wirelessly, both the internet and the router itself. It seems to me that there could be two problems:

  • Something I've done in the router's MAC address filtering configuration is wrong.
  • My computer is not transmitting the MAC address (how do I find out if it does or doesn't). However, I believe this is not the case since when I add the MAC address manually, the router displays my computer's name - it seems to already know about the MAC address.
Reply to
jonathanztaub
Loading thread data ...

" snipped-for-privacy@yahoo.com" hath wroth:

You really should be reading the 2Wire FAQ or asking 2Wire Support the same questions. Support pages:

Emulator:

Management and Diagnostics Console:

Apparently you can't do that. The settings can be viewed without a password. However, editing those settings requires a password:

Note that you MUST set a password in order to edit the internet settings.

Apparently, you're trying to use MAC address filtering to filter an ethernet connected device. It's not made to do that. It only works for *WIRELESS* security.

It's also possible that you accidentally entered the wrong MAC address for your wireless adapter. Depending on your operating system, your wireless adapters MAC address is usually displayed somewhere in the configuration settings.

For example, if you have an XP box, try: Start -> run -> cmd getmac It should belch something like:

| Physical Address Transport Name | =================== ============================== | 00-D0-B7-B1-A7-14 \\Device\\Tcpip_{474E507B-4FCD-428C-A553-304B997C4D96}

You can also run: IPCONFIG /ALL to find the MAC address of your wireless device. Of course, you can always look on the box or stick on label on the card which always includes the MAC address. Some manufacturers (i.e. Dell) add a sticker on the bottom of the laptop with the wireless MAC address.

If all else fails, there's even an FAQ for finding the MAC address:

That probably came from a name cache somewhere from before you enabled MAC filtering.

Thanks for not mentioning any manufacturers, model numbers, versions, or operating systems. General answers like this require less effort to research.

Reply to
Jeff Liebermann

Note that the MAC address printed on the serial number tag is *NOT* the MAC address of the wireless device. It's close, but it's the exact same number.

Ooops. I forgot that getmac only comes with the various Windoze Resource Kits.

Download and install:

or:

Docs and details:

The install dumps the executeable into: C:\\Program Files\\Resource Kit\\ which means you have to either type the entire path to get it to run, or change directories, as in: Start -> run -> cmd cd \\Program Files\\Resource Kit\\ getmac

Reply to
Jeff Liebermann

On Thu, 14 Feb 2008 00:54:00 GMT, Jeff Liebermann wrote in :

Another approach that doesn't require a Resource Kit:

net config workstation

Reply to
John Navas

On Thu, 14 Feb 2008 01:09:30 GMT, John Navas

Nope. No MAC address found. This is from my XP SP2 palatial office desktop:

C:\\rubbish> net config workstation

Computer name \\\\DELLBERT2 Full Computer name dellbert2 User name Jeff Liebermann

Workstation active on NetbiosSmb (000000000000) NetBT_Tcpip_{3A80DB2B-ADC3-4194-8AA4-72CBEDB11B2C} (00B0D0190C99)

Software version Windows 2002

Workstation domain WORKGROUP Workstation Domain DNS Name (null) Logon domain DELLBERT2

COM Open Timeout (sec) 0 COM Send Count (byte) 16 COM Send Timeout (msec) 250 The command completed successfully.

Windoze 2002? Huh?

Wireless challenge of the day: A customer calls announcing that his new wi-fi equiped laptop no longer connects. I had set it up this weekend at his house and made sure that everything was working. That was followed by about 30 minutes of lecture, drill, and showing him how to use the wireless client manager. I was fairly sure he undestood how it worked.

After about 10 minutes of fruitless scanning, driver repair, and head scratching, I realize that he's at work, not at home, and was seriously expecting to make the wireless connection from about 10 miles away.

Sigh...

Reply to
Jeff Liebermann

^^^^^^^^^^^^_______ mac address

Argh. I missed the MAC address. I was looking for the usual seperating ":" or dashes. Sorry(tm).

Reply to
Jeff Liebermann

On Wed, 13 Feb 2008 17:50:02 -0800, Jeff Liebermann wrote in :

Yep. See below.

^^^^^^^^^^^^ That last is your MAC address. 00-B0-D0 = Dell Computer

Here's mine:

C:\\>net config workstation Computer name \\\\JOHNT41 Full Computer name JohnT41.navasgroup.com User name John Navas

Workstation active on NetbiosSmb (000000000000) NetBT_Tcpip_{93A67BDA-AE30-43EC-86B6-DEA1420F1638} (000E9BA37B51) ^^^^^^^^^^^^ Again, that last is the MAC address. 00-0E-9B = Ambit Microsystems

This is an official Microsoft method for getting the MAC address.

Not to the work wireless? ;)

Reply to
John Navas

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D

-

I have already done that and verified in multiple ways my MAC address. It does not help. I will eventually call 2Wire, though from experience, generally speaking, customer support sucks. When calling to AT&T who also support this product (they distribute it), I had to explain to the guy on the phone that MAC address has nothing to do with Macintosh and that I don't have to contact Apple and ask them about Airport eXtreme. lol

Reply to
jonathanztaub

Yep. Dell Dimentia 8100. All my Dell computer names start with "Dellbert".

Well, more than one method is useful in case there's some disagreement with the results. As I vaguely recall (and don't wanna research), some Windoze utilities read the hardware MAC address, while others read it from the registry. If the user has done some hacking to change their cards MAC address, the results of these utilities may disagree.

The office doesn't have wireless. I had him dig into his laptop bag for the CAT5 cable I gave him, and had him plug into the nearest ethernet wall jack. Unfortunately, that was across the room, so I dropped off a longer cable last night. He'll get wireless in the office as soon as someone trips over the cable. (Marketing is the art of setting up a disaster. Salemanship is being on the scene to sell the solution).

Reply to
Jeff Liebermann

It's not *YOUR* MAC address that the router wants. It's the MAC address of the wireless card interface that it wants. This is a problem with much of the older Microsoft documentation, where they declared that a *COMPUTER* has a MAC address and IP address, when it should be the network interface devices (ethernet or wireless) that have MAC addresses and IP addresses.

That hasn't been my experience with 2wire for basic problems. However, for feature requests (changes in how the password operates) and configuration beyond the initial connection (MAC filtering), most support organizations lack the experience and training. If you really want knowledgeable support, be prepared to pay for it. (I just paid $65/3yr per machine for Dell's domenstic support).

You will probably get better help from a user supported forum:

Yeah, that's pretty bad. He probably just typed in "MAC" and got MacIntosh instead. If you called Applecare and asked about an Airport, you might get flight and booking instructions. It takes a bit of skill to use a search engine or knowledge base.

Reply to
Jeff Liebermann

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.