Wireless Wiki
Register
Advertisement

Welcome! Wireless Wiki is a practical, comprehensive, and objective resource for wireless communications, particularly wireless access to the Internet, and related wireless technologies (e.g., cellular). Founded by John Navas.

Click to Search Wireless Wiki with Google

Contributions and corrections are encouraged and appreciated, but please first visit our Community Portal for Important Policies on Content, Style, What we are, What we aren't, and answers to your questions.

Collection of "How To" step-by-step recipies for making Wi-Fi work better.

Tip: See also Wi-Fi (main article) and Fast Fixes to Wi-Fi Problems


Get started

Wireless Networking Need To Know 2006

Measure wireless network performance

  • Internet speed testing (e.g., NDT) probably won't tell you anything about your wireless network performance (because wireless is normally faster than an Internet connection).
  • Instead, measure data transfer throughput between two computers on your network, using software tools such as:
  • Iperf
  • Netio
  • Wireless to wireless speed will probably be much less than wireless to wired speed, because only one wireless link in one direction can be active at any one time.
  • Always ensure that you don't have any VPN connected at the time you are measuring your wireless network performance because even the speediest VPNs usually tend to slow down your internet speed because of the encryption taking place.

Network Monitoring

Monitor network throughout, amount of data sent/received, etc.

See Network Monitors.

Why and How to do a Site Survey

See Site Survey Tools

Wireless LAN layout

Wireless LAN Channel Grid Single floor (horizontal) layout and channel assignments of multiple access points (all with the same unique SSID) for maximum coverage with minimum interference.
For multiple floors (vertical) layout, stagger the vertical arrangement. Wireless LAN Channel Grid multi floors

Use a wireless router as a wireless access point

  1. Set IP address (manually)
  2. In the same address range as your other devices
  3. That doesn't conflict with any other device (e.g., router)
  4. Disable internal DHCP server.
  5. Connect (Ethernet) cable to LAN port, not WAN/Internet port.
  6. Nothing connected to WAN/Internet port.
  7. May need to use crossover type cable.
  8. Disable any wireless-to-wired isolation feature.

WPA/WPA2

WPA (Wi-Fi Protected Access) and WPA2 are strongly preferred over WEP (Wired Equivalent Privacy) because WEP can be easily cracked. There are two forms of WPA/WPA2: Personal or PSK (Pre-Shared Key), and Enterprise (RADIUS authentication).

Use WPA Personal with Windows 98/Me/2000

Microsoft provides WPA/WPA2 support for Windows XP. For earlier versions of Windows, third-party software must be used:

Use WPA/WPA2 Enterprise

WPA Enterprise enhances security and is preferred over WPA because each client is authenticated separately. (Sharing a key is a security risk.) Practical authentication (RADIUS) solutions for small wireless networks include:

Secure a wireless network

Why to do it: Worried about Wi-Fi security?

What to do:

  1. Change the SSID to something truly unique (e.g., instead of Linksys, something like John Doe's private wireless).
  2. Use some form of WPA security with a strong passphrase. (WEP is easily and quickly cracked.)
  3. Use a personal firewall (software firewall) on all networked computers (wired or wireless).
  4. Secure all network shares
  5. Either ensure remote access to the wireless administrator interface is disabled, or set a strong wireless administrator password.
  6. For more information, see Wi-Fi Security and Wikibooks:Wifi/Security.
  7. For things not to do, see Wi-Fi Security Myths.

Secure WDS

WPA (Wi-Fi Protected Access) cannot normally be used to secure WDS (Wireless Distribution System) wireless repeating/range extension. However, according to the TechTarget Expert Answer Center, current versions of the following products support WDS with WPA (albeit likely only with products from the same vendor):

  • Apple Airport
  • Sveasoft Alchemy
  • Belkin 802.11g Wireless Network Access Point
  • 3COM OfficeConnect Wireless 108 Mbps 11g PoE Access Point
  • Corinex Wireless to Powerline Router G

Setup a hotspot

See:

Liability:

Hotspot hardware

Products that provide "captive portal" or splash page functionality:

Hotspot software

Products that provide "captive portal" or splash page functionality:

Hotspot systems

Turnkey hardware and software:

Controlling "squatters" and "leeching"

Of varying effectiveness:

  1. Password from the operator that must be entered on the initial splash or signon page, changed periodically.
  2. WEP or WPA key that changes periodically.
  3. Drastically reduced transmit power on the access point.
  4. Distance measuring devices that can tell if the client is inside or outside.
  5. Turn off wireless during off hours.
  6. Don't provide electrical power (limiting use to battery capacity).
  7. Download quotas and Quality of Service (QoS). These are rule based quotas for what an individual client may download. QoS is also good for preventing a user from hogging all your bandwidth. However, administration is tricky and there are ways around quotas.

Mobile hotspot

Secure Internet access in a public hotspot

  • Wireless transmissions on a public hotspot are typically unencrypted, and thus exposed to snooping.
  • All computers on a public hotspot are typically exposed to each other, and thus vulnerable to network attacks.

Use a software firewall

Secure network shares

  • Use strong passwords on all system accounts (including Administrator) and on all user accounts.
  • Microsoft Windows
  • Use Simple File Sharing (Windows XP only); or
  • Make sure that all network shares are secured with strong passwords (all versions of Windows). Use Control PanelAdministrative ToolsComputer ManagementShared FoldersShares to review and check Properties of all network shares.

Use SSL/TLS for email access

  • Using standard POP3/SMTP email protocols for email over wireless is very dangerous because passwords aren't encrypted. Use of SSL/TLS is the best way to secure email connections.
  • Email connections can be secured by using a Web-based email (webmail) service that supports SSL/TLS connections. Make sure your browser displays a padlock icon (just below) throughout your email session. Such services include:
  • Google Mail (Gmail) (free) if you use this link after login: https://mail.google.com/
  • POP3/SMTP sessions can also be protected if the email provider supports SSL/TLS. Such providers include:
  • Google Mail (Gmail) (free) (Help available on configuring many email clients)
  • Even with SSL/TLS, email is still vulnerable to snooping on the public Internet unless individual messages are encrypted (e.g., with S/MIME or OpenPGP).

Use SSL/TLS for sensitive Web pages

  • Use of any website for sensitive information (e.g., social security number, credit card number, on-line banking, on-line investments, etc.) should always be protected by means of SSL/TLS. The URL (link) should start with https. Make sure your browser displays a padlock icon ([1]) throughout your session.

Use VPN to protect all transmissions

Give Wi-Fi preference over wired Ethernet (or vice versa)

Interface routing Metrics control which interface will be used at any given time.

Microsoft Windows

  • Automatic route Metrics:
Interface Metric
100BaseT wired Ethernet 20
802.11a/g Wi-Fi 25
10BaseT wired Ethernet 30
802.11b Wi-Fi 30
  • To display route Metrics, Run
    %COMSPEC% /K ROUTE PRINT
  • For which Interface is which IP address, Run
    %COMSPEC% /K IPCONFIG /ALL
  • Preference is given to the lowest Metric, or to the first bound Interface for equal Metrics, as shown for Default Route.
  • Route Metrics can be controlled with the Interface Metric option in Advanced TCP/IP Settings for a Connection.
  • To give Wi-Fi preference over any wired Ethernet, set the Metric of Wireless to 10.
  • To give any wired Ethernet preference over Wi-Fi, set the Metric of Wireless to 40.

Make a Wi-Fi antenna or reflector for cheap

Amount of antenna improvement:

  • Standard "rubber duck" antenna gain (effectiveness) is about 2 dBi.
  • It takes an increase of 6 dBi to double range. Thus:
 Antenna:   2 dBi    8 dBi    14 dBi    etc.  
 Range: 1x 2x 4x ...

Add additional Wi-Fi access points (to increase coverage)

Configure a Wi-Fi client bridge

For background, see Can't connect to Wi-Fi client bridge and Internet at the same time.

Problem: The NIC on a local computer needs a manually-assigned IP on the same subnet to connect to the client bridge config interface but then can't access the Internet, and when configured for DHCP through the client bridge can then talk to the Internet but not the client bridge.

Solutions:

  1. Multihoming of the NIC (single link, multiple IP addresses)
  2. For Microsoft Windows XP, see "Configuring Multiple IP Addresses on a Network Adapter" in Configuring IP Addressing and Name Resolution. Note: This only works with all manual addresses, not DHCP, which can be problematic when roaming unless managed with configuration manager software (see below)
  3. Two NICs in one computer, both connected to the client bridge:
  4. one manually configured to talk to the client bridge config
  5. the other with DHCP for the Internet
  6. Different computers for
  7. client bridge config (manually configured)
  8. Internet access (DHCP)
  9. Connection manager software for rapid changing of NIC configuration profiles
  10. Boingo Wi-Fi software (free)
  11. Mobile Net Switch
  12. NetSwitcher

Test and compare user interfaces

Product simulators:

Wireless Broadband (3G) Routers

Use 3G cellular data instead of DSL or cable modem:

Tip: Use of cellular data service as a non-mobile DSL/cable modem replacement may be against the terms of service of a given carrier (e.g., Verizon Wireless).


Make shore Wi-Fi work better on a boat

See Wi-Fi on a Boat

Share USB devices over Wi-Fi

New bi-directional USB 2.0 servers provide more functionality than older USB servers, including support for multi-function printers.

Share your Internet with a neighbor via Wi-Fi

Tip: Opening up your Internet to outsiders may violate your ISP's terms of service and can be a serious security risk.


Extend Wi-Fi through a brick wall

  • Do you really need to go through a brick wall? Try going around the wall, with a directional antenna on the router site, and a reflector, above, below, or to the side of the wall. Reflectors can be as simple as a sheet of heavy aluminum foil, or you can use a pair of directional antennas wired back-to-back if more signal is needed.
  • Run a cable from one of wireless router's antenna connectors around or (drilled) through the wall, and on the other side of the wall attach an antenna.
  • Run Cat-5 or better cable from one of wireless router's RJ45 ports around or (drilled) through the wall, and on the other side of the wall attach a wireless access point.
  • Use powerline, phoneline, or coax networking to attach a wireless access point on the other side of the wall, if any of these cables are available on both sides of the wall.

Roam seamlessly (using VPN)

Information:

Products:

To Do: Please contribute if you can, or check back later for content.

Wake on LAN

  • For Wake-on-LAN from 'outside' a router (e.g., over the Internet), what's needed is router support for directed broadcasts, which most low-end routers lack because directed-broadcasts is a security risk (e.g., Smurf attack) and isn't of much interest to the home/SOHO market in any event. Thus this is normally found only in more sophisticated products.

Make a Wi-Fi enclosure

To Do: Please contribute if you can, or check back later for content.

Microsoft Windows

File and Printer Sharing

Windows Security

Troubleshooting Resources

Configure manual IP address

  1. StartControl PanelNetwork Connections
  2. Right-click on desired network connection, and select Properties on the pop-up menu
  3. Scroll the connection item list if necessary and double-click Internet Protocol (TCP/IP)
  4. Select Use the following IP address
  5. Enter desired IP address (must be in the same subnet as other local network devices, typically something like 192.168.0.100 or 192.168.1.100, depending on whether other devices are in ".0." or ".1." etc.)
  6. Enter appropriate Subnet mask (typically 255.255.0.0)
  7. Enter Default gateway (often the address of your router, something like 192.168.0.1 or 192.168.1.1)
  8. If needed, configure DNS servers (obtained from your ISP)
  9. Click OK to close all windows

Configure automatic IP address

e.g., by DHCP

  1. StartControl PanelNetwork Connections
  2. Right-click on desired network connection, and select Properties on the pop-up menu
  3. Scroll the connection item list if necessary and double-click Internet Protocol (TCP/IP)
  4. Select Obtain an IP address automatically
  5. Select Obtain DNS server address automatically
  6. Click OK to close all windows

Reset Internet Protocol (TCP/IP) in Windows XP

Display network adapter configuration

  1. Click StartRun
  2. Type:
    %COMSPEC% /K IPCONFIG /ALL
  3. Press [Enter]

Release DHCP lease

  1. Click StartRun
  2. Type:
    %COMSPEC% /K IPCONFIG /RELEASE
  3. Press [Enter]

Renew DHCP lease

  1. Click StartRun
  2. Type:
    %COMSPEC% /K IPCONFIG /RENEW
  3. Press [Enter]

Flush DNS cache

  1. Click StartRun
  2. Type:
    %COMSPEC% /K IPCONFIG /FLUSHDNS
  3. Press [Enter]

Display ARP cache (table)

  1. Click StartRun
  2. Type:
    %COMSPEC% /K ARP -A
  3. Press [Enter]

Flush ARP cache (table)

  1. Click StartRun
  2. Type:
    %COMSPEC% /K NETSH INTERFACE IP DELETE ARPCACHE
  3. Press [Enter]

Display active network connections and listening ports

  1. Click StartRun
  2. Type:
    %COMSPEC% /K NETSTAT -A
  3. Press [Enter]

Display Ethernet statistics

  1. Click StartRun
  2. Type:
  3. %COMSPEC% /K NETSTAT -E [standard display]
  4. %COMSPEC% /K NETSTAT -E -S [detailed display]
  5. Press [Enter]
  • For a repeating display, add the repeat interval in seconds to the end of the above commands; e.g. %COMSPEC% /K NETSTAT -E 10 [repeats at 10 second intervals]
  • See also Wi-Fi Network Monitors.

Display Windows networking connections

  1. Click StartRun
  2. Type:
    %COMSPEC% /K NBTSTAT -S
  3. Press [Enter]
Advertisement