2
I'm trying to get my NetGear WNDR3300 wireless access point to do the following:
basically be secure as possible; WPA2-PSK security level with a long passphrase, hiding the custom SSID (not the default "netgear") and so forth (even thinking about filtering by MAC address)
but also allow some kind of a "guest" access for when a friend is here and would like to use the WLAN - without divulging the actual passphrase for accessing the WLAN as such
Is that even possible? If so: how? I'm a programmer - not a sys admin - so this stuff is all a tad foreign to me :-) Any thoughts, ideas, approaches are most welcome !
1MAC address filtering does nothing; just sayin'. – squircle – 2010-07-24T21:33:19.703
5Filtering by mac is more security by obscurity. Same with hiding the ssid. Mac addresses can be spoofed easily. As to the guest network thing. There are 2 basic options. Buy a new router that has guest network capabilities or find a crappy old router set it as a ap with an easy to remember password for guests and just turn it on when they are over. – Unfundednut – 2010-07-24T21:50:02.587
1>
1This doesn't do exactly what you want, but if your router supports it, you can connect computers to the router using Wi-Fi Protected Setup. Basically, you just tell the guest computer to connect to the WAP, and then push the button on the router, so you don't have to type in a long passphrase. (However, by the nature of WPA2, it shares your passphrase with the computers that connect.) Re: hidden SSID and MAC filtering, I'm not an expert but from what I've heard they're not more secure and just make it more difficult for you/guests to connect. WPA2 + good passphrase is sufficient. – Stacey Hanson – 2010-07-24T22:07:00.907
Yeah this router does have an implementation of WPS they call Push-N-Connect. But your buddy could fish up your password later on with Nirsoft's Wirelesskeyview.
– hyperslug – 2010-07-24T22:34:59.2631SSID hiding is useless and just annoying. We have AirSnort for that. As for MAC filtering, thats a little more secure but for a dedicated person its easy. @Wil 's idea is pretty good – TheLQ – 2010-07-25T06:11:17.410