Linksys (and other vendors) carry a wide variety of wireless networking products. You can choose from simple access points like the WAP 11 which connect as many wireless network cards as you like to a LAN, to fancier versions that include hubs or switches, or simply get another wireless PCI or PC Card for another computer on your lan to run in peer-to-peer mode. Since I already had an existing switch, and no good candidate for a peer-to-peer setup, I selected the cheaper model without the integrated switch.

In the Box

Installation

I must admit, I cannot be 100% sure that the WAP11 can be entirely configured using just OS/2. When I was setting it up, I initially ran their Windows utility to set up the hardware under Windows XP (insert the CD, wait a moment, then answer some questions.) However, for someone who doesn't have access to a Windows machine, the WAP11 is entirely web browser configurable, so I think if you knew the IP address of the WAP11 ahead of time (it defaults to 192.168.1.251 but you can set it to whatever you like) that you could use Mozilla to configure it right from the start. Don't email me and tell me I caused you to spend a bunch of money if this doesn't work.

One problem I found was that the web browser could not reach it without some changes to my IP settings. My lan is in the 192.168.0.0 block and uses a 255.255.255.0 netmask. Attempting to connect to the WAP11 resulted in nothing happening. Changing the netmask to 255.255.0.0 allowed a connection.

Browser Based Configuration

The first thing to do is enter a name for your access point. This is only really important if you have more than one, as this is the name you will see in the Linksys Windows setup utility.

Next you have to enter an SSID, or the name your wireless network will use. Note that if you have any DOS clients, the SSID should be all capitals. Changing the SSID is also important for security, since network stumblers (http://www.netstumbler.com/) can tell what sort of AP you have by the default SSID.

Next you select a channel, only 1, 6 and 11 are entirely free of interference from other electronic devices in the wireless band used by 802.11b, so the manufacturer recommends those are the ones you use. If you find these channels are already in use (http://seattletimes.nwsource.com/html/businesstechnology/134522484_wifi27.html) where you are, you can select any of the 11 available.

Next is the WEP (Wired Equivalence Protocol) setting, even though WEP is a flawed protocol and you shouldn't rely on it for anything that is even moderately sensitive, if you aren't going to be using other security software such as a VPN (http://www.fx.dk/injoy/ipsec.html) or OpenSSH (http://devcenter.os2.ru/openssh/), then you should turn it on. Note that by using WEP you will pay a performance penalty of about 25%. If you choose to use WEP, you'll need to go to the Key Setting page which allows you to enter a password which the AP uses to generate the hexadecimal key you will provide to any wireless card that you want to be able to access your wireless LAN.

Last is the mode setting. The Linksys WAP11 can be used to bridge networks wirelessly so you can have it talk to another WAP11 on a different LAN to connect the two. Since we just want to use it to provide wireless connectivity for PC's, we set it to Access Point mode.

You'll notice at the top of the screenshot a tab called Password. This is the next place you should go to replace the default linksys password of admin with something a little harder to guess. This password should be at least 8 characters long, should include letters and numbers, and shouldn't be an English word or the same as the SSID of the AP. If you leave the default password, any wardriver will be able to take over the AP and even lock YOU out of it.

The status page offers a variety of useful information about the AP and the dropped packets numbers will give you a good indication of if you are getting any interference from other devices.

The log is another important feature for the security conscious. It displays a log of all AP activity including all the wireless cards that have connected to the AP as well as their MAC addresses (I've edited those out in the screenshots.)

The WAP11 also allows you to allow or deny access to the AP using the MAC address of the cards that are trying to connect to it. This prevents unauthorized cards from being able to connect to your wireless LAN without going to some extreme measures. Each wireless LAN card has its MAC address printed on it, and all you need to do is enter it here.

Note that this security measure is not foolproof either, Linux systems allow their users to spoof MAC addresses, so if someone is willing to listen to several hundred MB of data going across your wireless LAN, they can pull both a valid MAC address and the WEP encryption key you are using out of that data.

The Wireless tab in the Advanced menus allows the adjustment of an assortment of advanced features. The only one we're interested in is SSID Broadcast. If you are running a small LAN where you know what cards are going to connect to it, then you should turn this off. What SSID Broadcast does is intermittently transmit the SSID (or name) of your network so that any new wireless LAN card that comes into range will get the name of your LAN as one of the choices of which LAN to connect to. Of course, that means that anyone can get this information, including some cracker driving by outside the building. With this turned off, you need to know the SSID of the LAN before you can connect to it (crackers can get around this too, but don't make it too easy for them.)

Documentation

Summary

This article is courtesy of www.os2ezine.com. You can view it online at http://www.os2ezine.com/20021016/page_5.html.