Wi-Fi How To

From Navas Wireless Wiki

Jump to: navigation, search
(Two wireless networks on one router: edit)
(Two wireless networks on one router: edit)
Line 60: Line 60:
The following procedure is for ''two separate wireless networks'' using [http://www.dd-wrt.com DD-WRT] (on [http://www.dd-wrt.com/dd-wrtv3/dd-wrt/hardware.html supported devices]) with the web browser interface (as of v24 preSP2 Beta build 12533).
The following procedure is for ''two separate wireless networks'' using [http://www.dd-wrt.com DD-WRT] (on [http://www.dd-wrt.com/dd-wrtv3/dd-wrt/hardware.html supported devices]) with the web browser interface (as of v24 preSP2 Beta build 12533).
For ''more than two'' separate wireless networks, consult the reference above.
For ''more than two'' separate wireless networks, consult the reference above.
-
# '''''Wireless → Basic Settings''''' (configure the two wireless networks)
+
# '''Configure two wireless networks: ''Wireless → Basic Settings'''''
#*  ''Wireless Physical Interface '''wl0'''''
#*  ''Wireless Physical Interface '''wl0'''''
#** This will be the ''private'' wireless network
#** This will be the ''private'' wireless network
Line 72: Line 72:
#** For ''Subnet Mask'', enter:<br>'''255.255.255.0'''
#** For ''Subnet Mask'', enter:<br>'''255.255.255.0'''
#* Click ''Save'' (and do '''not''' click ''Apply Settings'')
#* Click ''Save'' (and do '''not''' click ''Apply Settings'')
-
# '''''Wireless &rarr; Wireless Security''''' (configure security for the two wireless networks)
+
# '''Configure wireless network security: ''Wireless &rarr; Wireless Security'''''
#* Enter desired security for each wireless network
#* Enter desired security for each wireless network
#* '''WPA2 Personal with a strong passphrase is recommended.''' (WEP and WPA-TKIP are '''not''' secure!)
#* '''WPA2 Personal with a strong passphrase is recommended.''' (WEP and WPA-TKIP are '''not''' secure!)
#* ''Note'': DD-WRT v24 preSP2 Beta build 12533 will ''not'' properly authenticate WPA Personal or WPA2 Personal after a reboot ([http://www.dd-wrt.com/dd-wrtv2/bugtracker/view.php?id=3729 bug 003729]), only WEP.
#* ''Note'': DD-WRT v24 preSP2 Beta build 12533 will ''not'' properly authenticate WPA Personal or WPA2 Personal after a reboot ([http://www.dd-wrt.com/dd-wrtv2/bugtracker/view.php?id=3729 bug 003729]), only WEP.
#* Click ''Save'' (and do '''not''' click ''Apply Settings'')
#* Click ''Save'' (and do '''not''' click ''Apply Settings'')
-
# '''''Services &rarr; Services &rarr; DNSMasq''''' (configure DHCP for public/guest wireless)
+
# '''Configure DHCP for public/guest wireless: ''Services &rarr; Services &rarr; DNSMasq'''''
#* In ''Additional DNSMasq Options'' enter:<code><br>&nbsp;&nbsp;&nbsp;interface=wl0.1<br>&nbsp;&nbsp;&nbsp;dhcp-option=wl0.1,3,192.168.2.1<br>&nbsp;&nbsp;&nbsp;dhcp-option=wl0.1,6,192.168.1.1<br>&nbsp;&nbsp;&nbsp;dhcp-range=wl0.1,192.168.2.100,192.168.2.249,255.255.255.0,1440m</code>
#* In ''Additional DNSMasq Options'' enter:<code><br>&nbsp;&nbsp;&nbsp;interface=wl0.1<br>&nbsp;&nbsp;&nbsp;dhcp-option=wl0.1,3,192.168.2.1<br>&nbsp;&nbsp;&nbsp;dhcp-option=wl0.1,6,192.168.1.1<br>&nbsp;&nbsp;&nbsp;dhcp-range=wl0.1,192.168.2.100,192.168.2.249,255.255.255.0,1440m</code>
#* Click ''Save'' (and do '''not''' click ''Apply Settings'')
#* Click ''Save'' (and do '''not''' click ''Apply Settings'')
-
# '''''Administration &rarr; Commands &rarr; Command Shell''''' (configure firewall to isolate public/guest from private)
+
# '''Configure firewall to isolate public/guest from private: ''Administration &rarr; Commands &rarr; Command Shell'''''
:* Enter the ''Commands'':<code><br>&nbsp;&nbsp;&nbsp;iptables -I INPUT -i wl0.1 -m state --state NEW -j logaccept<br>&nbsp;&nbsp;&nbsp;iptables -I FORWARD -i wl0.1 -o br0 -j logdrop<br>&nbsp;&nbsp;&nbsp;iptables -I FORWARD -i br0 -o wl0.1 -j logdrop</code>
:* Enter the ''Commands'':<code><br>&nbsp;&nbsp;&nbsp;iptables -I INPUT -i wl0.1 -m state --state NEW -j logaccept<br>&nbsp;&nbsp;&nbsp;iptables -I FORWARD -i wl0.1 -o br0 -j logdrop<br>&nbsp;&nbsp;&nbsp;iptables -I FORWARD -i br0 -o wl0.1 -j logdrop</code>
:* Click ''Save Firewall''
:* Click ''Save Firewall''
-
:* Click the ''Management'' tab
+
:* Click the '''''Management''''' tab
:* Click ''Apply Settings'' (down at the bottom)
:* Click ''Apply Settings'' (down at the bottom)

Revision as of 00:35, 18 September 2009

Personal tools