Problems setting up security on a wireless network

I am having terrible trouble getting a wireless network set up at home. A few weeks ago our old wireless router (which was a NetGear DLink supplied by the ISP) broke down. We bought a brand new LinkSys WRT610N router. We “think” this is broken because every time we plug it into our splitter, it shuts our telephone line down (this is before we have connected it to any computer) and during setup, says that we have no internet.

We then spent 2 weeks assuming there was some fault on the line until BT (the telephone company) decided they couldn’t detect a fault. We then bought a brand new NetGear router. This time we could connect to the internet. However, I've had terrible problems attempting to secure the network

We have a laptop PC (running Windows XP) and a MacBook (both about 3.5 years old and with 802.11a/b/g) and my iPhone (almost new), all of which connected with no problems to our old router (before it broke) using WPA (or WPA2) encryption with an ASCII password. Before that, at our old house, the laptop and Mac used WEP encryption (with Hex password), also with no issues. They have also connected to other secured wireless networks with no issues, as has the iPhone.

If I set up WEP security on router, the Mac connects but the iPhone and PC do not. They indicate that they have successfully connected but nothing is pingable and using ipconfig /all (on the laptop) it doesn’t have a network address.
If I set up WPA2 security on router, the Mac connects, as does the iPhone but the PC does not again. Attempting to connect the PC appears to “kick off” the other devices from the network. The network shows up as a computer-to-computer network (rather than a wireless network) on both Mac and PC network listings.
If I set up WPA security on router, the PC connects but the Mac/iPhone do not. Network appears in mac listings as computer-to-computer still.
If I setup “Mixed WPA and WPA2” it behaves just as with WPA (i.e. laptop connects, PC does not)

The latest thing I think may be affecting this is that the new router has something called “WPS” (Wifi Protected Setup) which appears to be something to do with wishing to share a network in a public space (like Starbucks) without giving out your password. Idon't know whether this is the cause of the problem, whether the original problems with a broken router and a cutting phone-line are connected etc. Maybe we have just been stunningly unlucky to have 3 broken routers (all for slightly different reasons).

Does anyone have any clues as to what I might try next? It goes without saying that I have tried different splitters (4), ethernet cables (3), phone cables (4), clearing out the saved network passwords using the Advanced Wireless Settings dialog etc.

UPDATE: Thanks for some really detailed help here, it's been great! I went and bought yet another router (this time a Belkin) and attempted WPA2 on that, which didn't agree with the Mac and iPhone. I then attempted WEP, which was fine with the Mac/iPhone but the PC failed with some cryptic error about "not being provided with a certificate". Thanks to the suggestions below this seems to be because of my settings specifying that the key was being provided for me. A quick change of them and chocks away: I have the internets! Yay!

oxbow_lakes

Posted 2009-12-22T13:14:16.260

Reputation: 113

Answers

Check the security settings on the router versus what is being used on the computer. The routers I have seen typically allow you secure your network with AES, TKIP or AES+TKIP encryption. In Windows, you can select which encryption method is being used for each connection. I don't have a router available right now to take a screenshot, but here's a shot from Windows XP.

To get to these settings, go to Network Connections -> Right click your wireless connection and go to Properties -> Wireless Networks tab -> Under Preferred Networks select your SSID and click the Properties button -> Association tab

Win XP Wireless Connection Encryption Settings

rodey

Posted 2009-12-22T13:14:16.260

Reputation: 1 802

Thankyou so much for this! I don't have the options above on my PC I have either "disabled" or "WEP". What I did have though, was the "This key is provided for me" setting checked. I unchecked it and, although my PC now says I am not connected to the network, I do appear to be! – oxbow_lakes – 2009-12-22T23:02:05.233

I knew it didn't make sense ;) – rodey – 2009-12-23T13:18:49.133

I was a supervisor at Bellsouth tech support a while back, let me see how much I can help you.

First things i can detect here : -Phone needs to be clear- Your DSL internet connection uses the same copper wire for your internet and voice. The frequencies used by both are different, so ideally they wouldn't disturb each other(but they can, which means you need to take precautions). To prevent this from happening you need to use a filter(not a regular splitter, that splits the line into two) - the filter looks like a splitter but actually does the job of blocking the phone signals on the DSL side and the DSL signals on the phone side. This filter will keep the signals in discipline on modem side(and the phone that is connected to that filter).

Once you do this, you either need to disconnect all the phones and devices connected to this phone number(faxes, tivo boxes..anything) that does not have a filter attached to it. All devices connected to this phone number need to have an appropriate filter, so the signals are not interrupted. (A lot of people will be able to work without filters but its like having sex without protection - you never know)

Typically the problems you will face if you don't have filters is : 1) Phone line gets noise(you'll hear cracking noises). 2) Internet connection drops intermittently - Most of the times your link/sync signal will be lost, This should always be solid - if it even drops for a second and comes back(other than during boot) its a problem. - In rare cases, you may not lose the sync/link signal but the connection will drop.

its a good idea to check the status log on your router and see where the fault is regarding your internet connection.

I am not sure what you network is upto. If I was on one of the PC's I would love to turn all the firewalls off and then check if the network is okay. You can also work with safe mode with networking(this will help you eliminate software issues).

Do not confuse your internet connection and your LAN connection. Get your LAN working first -- check pc's are on LAN by pinging to each other(disabling firewalls during troubleshooting) and checking the ip addresses or just pinging the default gateway(your modem) or by going to the modem/router interface page - all are signals that, that particular machine is on the network. Make sure none have the IPs forced. You can use the following commands to refresh the TCP/IP stack and winsock on your windows machine :

Netsh int ip reset resetlog.txt

Netsh winsock reset (requires a windows restart)

This fixes a lot of network issues. You can also right click on the network icon and use the repair option.

The authentication(connecting to the internet) is done by your router so if any pc can connect to the internet you know your internet is okay and you don't need to meddle with your internet connection(just fix your LAN).

--Alternate solution-- there is one secure option that you can utilise -- not sure how you will do it in your particular router, but you can setup a network to work without authentication. For protection you can make a list of allowed mac address that can connect to this network(no other mac addresses can). Then connect all the devices to this network. once connected - disable the broadcasting from the router(so it's a hidden network). Not sure if this is more/less secure than others, but its a solution.

Sorry don't mean to write a huge post or be repetitive but tried to cover it all.

DMin

Posted 2009-12-22T13:14:16.260

Reputation: 131

Thanks for your suggestion to use MAC filtering on an unsecured network to "protect" it! As for your other suggestions, we've tried 4 separate splitters and unplugged everything else from phone sockets (our ISP suggested this). What with the latest issue seeming to be around enabling security, I am thinking that we have just been incredibly unlucky with routers! – oxbow_lakes – 2009-12-22T15:16:06.360

1The main difference between using the allowed-MAC addresses on an unsecured network, of course, meaning that people copuld still sniff your traffic. – oxbow_lakes – 2009-12-22T15:34:36.760

What I've seen is wireless routers add one more variable to the troubleshooting. You first want to connect and setup your network with wires. If the computer is far away from the router -- disconnect the phone wire from the router and just take the router with the power supply to the computer and try connecting with and Ethernet cable. if you can get an ip and go to the interface, your PC's networking components are working okay(even individual ports on router can go bad - try different ones). After making sure all pcs are okay, you can begin troubleshooting the wireless issue separately. – DMin – 2009-12-22T15:36:19.300

You've got a point, about the sniffing. - Wireless troubleshooting can sometimes take a while and be very frustrating. Best of luck, keep us updated about what happens. – DMin – 2009-12-22T15:39:36.750

No offense, but what you're describing doesn't make any sense. Especially because you have eliminated the router as the issue.

From the router, plug both laptops in with a cable and confirm you can access the Internet. Once you have confirmed wired access then work on the wireless issue. You should be able to disable the WiFi Protected Setup. After disabled, create rename your wireless network to something strange and something you've never used before (how about COOKIEMONSTER?) with no security settings and make sure MAC filtering is disabled.

Once confirmed the wireless works without security settings then work on applying the security. Once again, rename your network to something you haven't used before (DIGGLER) and then apply WPA2 security.

If all goes well, you should now be able to connect all of your devices wired and wirelessly.

rodey

Posted 2009-12-22T13:14:16.260

Reputation: 1 802

No (well, maybe some) offence taken. I quite agree, it seems really odd - I've been working in software development for almost 15 years so think I've taken a methodical approach to all this. I have already tried all your suggestions (except with more, ahem, robust names) and it's had affect (MAC filtering was disabled throughout). As I said, the internet works and connecting the computers directly to the router with ethernet cables works as well. It's purely an issue of adding wireless security – oxbow_lakes – 2009-12-22T14:18:12.903

I meant "had no effect" of course. – oxbow_lakes – 2009-12-22T14:19:08.080

So you can or cannot connect wirelessly when there are no security settings applied? – rodey – 2009-12-22T14:23:57.230

Sorry if it wasn't clear. With the latest router, we can connect to the internet (both via ethernet cable and wirelessly - but only wirelessly if we leave the network unsecured). – oxbow_lakes – 2009-12-22T15:09:12.100

there are some other things that you may want to look into.

1- some wireless drivers don't play well with newer routers, download and install the newest driver for you windows pc. sorry can't give much advice on the mac. I had one of these the other day. The Wifi driver was 2 years old, I updated it and no problems since.

2- WPA-PSk with AES and a non dictionary key is pretty secure and has been very compatible with a variety of devices for me.

3- I've seen missed typos in the SSID drive people crazy in this same manner. It say's you're connected but notta internet. It can be as simple as a missing capital letter

4- I never use a facyory firmware router. I've installed over 50 routers with third party firmware and since you're using dsl, Tomato firmware would be the one for you. You can get a WRT54GL from newegg-dot-com, flash it and be good to go.

5- as far as windows WiFi you don't have to set up all the info, just delete the existing WiFi SSID in windows WiFi list, and tell it to connect to the new one and give it the key.

river100

Posted 2009-12-22T13:14:16.260

Reputation: