To the right you see my second WLAN access point (AP in short) that I ran. Actually it was my third:
- A Draytek Vigor WLAN DSL router, used as a switch with WLAN activated
- A Fonera
- TP Link WA501G
- Longshine LCS WA5-45
- Longshine LCS WA3-50
The Draytek setup worked. No problem whatsoever. But why keep a power hungry router working, when a Fonera
will do the same? So the Fonera replaced the Vigor. Now, this was a mixed success experience. The general idea
of the Fonera is nice. Share the LAN. Still, the Fonera was
- Overpriced
- Overrated
- Overheating
- Unreliable
- Wall mountable
That's a 4 : 1 reason for not buying one. I had to reset it at least once every two weeks. With the default
cooling vents, it ran bloody hot. It's price was €40. You could run two access points, but no more than
that. Especially the frequent reboots were a pain. So I started looking for a new AP. An affordable AP that
is. I ended up with the WA501G which never let me down so far (running over three years now).
Below is a list of the features and menues of the TP Link WA501G. The box itself looks like it was mae in the
DDR (German Democaric Republic. East Germany). But what's under the hood is one of the finest.
After logging on to the WA501G, this is what you see on screen: a full status overview. It is refreshed every
20 seconds. In it you see:
-
In the Wired section you find the parameters that are essential for a proper data flow
- The MAC address of the TP Link
- The IP address of the TP Link
- The subnet mask of the TP Link (and the rest of the LAN I am running)
-
In the Wireless section you get an overview of how the wireless system is running
-
The operating mode is one of
- Access point server
- Access point client
- Repeater
- Bridge (Point to point)
- Bridge (Point to multi point)
In this case it is set to Access point server
- SSID : the name of the WLAN system that is being broadcasted
- The channel on which Krypton is now working
- Mode is the data rate
- The MAC address of the TP Link (also referred to as the BSSID)
- The IP address of the TP Link
-
In the Traffic section
- Bytes received and sent
- TCP/IP frames (packets) received and sent
since the last time the AP was given a power cycle
-
The uptime is the time since the last powercyle. In this case, the TP Link has been running for over 126 days.
By this time you may think: thanks for explaining, but the nice feature of the TP Links is: all the
explanations are ALWAYS on screen as well. Below is a compresed screenshot of the full screen:
Each and every screen, always has
- A nice and colourful header frame
- A narrow frame containing the current menue
- A wide frame containing the parameters
- A wide frame containing context sensitive help
The border between the parameter section and the context sensitive help section can be shifted left or right.
Now, this is a great issue that the Longshine engineers should pay attention to, and have themselves
influenced... :o)
What need I say here?
On the left is the concise and clear main menue. On the right is the context sensitive help screen. And even
here, where a user cannot enter or change data, the context sensitive help screen is packed with data.
There's only one flaw here: the context sensitive help has more explanations and references to buttons than
there were in the actual status screen.... So either the help system is a remnant of a previous modfel or it
was borrowed from a more feature rich model.
Still, at €35 this was a steal at the time of buying.
In this section you can set
-
The way in which the TP Link gets an IP address on the wired side. If you grew up with Windows, you will be
tempted to use dynamic IP adresses all over your world. Still, it is far better to have fixed IP addresses
for everything that is not a PC. So in my world, you need to have static IP's here. It will make the
maintenance on the parts a lot easier.
-
If you have a fixed IP address for your AP, then these fields need to be filled in:
-
The IP address on whihc the AP will be listening and talking to the router and other peripherals. Choose
an IP address that is outside the DHCP range of your router. Say, above 200. Or, if you are 'on a
mission', like I am: use a magic number that is immediately clear for you. I named the device Krypton (a
noble gas since it works in the 'ether') and its atomic number is 36. Hence the IP address...
-
The subnet mask is dependent on the class of the network segment you have. I run with a class C network
and then the subnet mask is 255.255.255.000
- The gateway address is the IP address of the router, your gateway to the (unsafe) WAN called 'Internet'
- The MAC address is fixed here so it cannot be edited or manipulated
There is one major reason for running with a dynamic IP address: when you connected your AP directly to a
cable modem, it is best to
- use dynamic IP on the wired side
- enable the DHCP server on the wireless side
- be VERY careful
A router will filter WAN sided traffic through its firewall. The AP will not, so you are bare backing on the
net. There's a chance that, if you run with Linux or FreeBSD machines, it won't be a major problem.
Another reason for you to run with a dynamic IP setting in this section is when you have instructed the router
to assign a fixed IP address to the MAC address of the AP. OK, this is cheating, but it does have its
benefits. Especially if you operate the AP in different LAN's, But the TP Link is too bulky for that kind of
operation. Contrary to the Longshine WA3-50 which will happily do its duty powered from a USB port..
The topmost field is filled with the name of the wireless signal that is broadcasted. Your wirless client will
detect all the ESSID's and if you recognize yours, you can log on. Or, when you use a logon manager it will
log on to the ESSID it logged on last time.
The channel on the WA3-50 can be set to 'Auto' so the WA3-50 chooses the channel that is least used in your
neighborhood. Here, on the TP Link, you need to set it manually. In order to set a nice value:
- Have the TP Link do a Site Survey
- Check the generated table for channels in use by others
A free channel should be located at least two channel numbers away from the one nearest to you. The one
nearest to you is the one with the strongest signal.
The mode. Select between 11 and 54 Mbps. In my case: I have a 6 Mbps ISP connection so either speed would
suffice. Only for intenal traffic (when two Linux machines are exchanging data) the 54 Mbps makes sense.
The region. Just about any country, ranging from North Korea to Zimbabwe via the United States are listed
here. Unbelievable.
When leaving for a holidy you might want to disable the wireless. Or for making life harder on passers by,
signing in to your open network. Anyway, the radio button can switch off the wireless section.
But I wanted an access point, so I put a mark in the next spot. And since I want to see my network on network
scans, I enbled the beaconing of the ESSID.
Further options on this page, and their explanation
The online help describes things quite well. The only thing to tell here is the Site Survey button. A very
handy feature found on TP Link and Longshine access points. Just click the button and hold on to your horses.
To the right you see a site survey of the networks that are on the air right now. In client mode, you can
press the Connect buttons on the far right side of each line.
For some silly reason, all networks seem to be on channel 11. But I think this is a bug in the TP Link. On the
left is (part of) a site survey by the WA3-50 AP. For some silly reason, only the AP's broadcasting on channel
11 are detected by the TP Link...
You can choose from many protection schemes here. I would favor the open access AP. The ether is for
everybody. I will grant all passers by the right to access my LAN and process their E-mail on their portable
devices, free of charge. I hope they will behave.
If you want symbolic security, check WEP. It will protect for 10 minutes against attackers. So if you need to
choose between open AP and WEP secured AP, choose the former.
The WPA/WPA2 option is meant to be used with a RADIUS server. I do not use such a computer. But your milage
may vary.
The most sensible security is WPA-PSK/WPA2-PSK. It is secure enough. And it is supported by all major computer
operating systems, even the ones from Redmond. Although these tend to automatically log on to all open AP's,
without asking permission from the owner of the computer or the LAN owner.
The PSK Passphrase is not the one that I assigned to Krypton. So there is no need to try this one out. It
would be a waste of time. When choosing an appropriate PSK Passphrase keep in mind:
- longer is better (where have we heared this before... ;0)
- keep it simple; you need to memorize it
- keep it unpredictable for others
Some nice examples:
| abcdefghijklmnopqrsSRQPONMLKJIHGFEDCBA |
REPEAT
- type a letter
- press shift and retype the same letter
- press arrow left
UNTIL long enough
|
| 0119021803170416051506140713081209111010 |
Two digits form a number. Two adjacent numbers add up to a constant number. For example: 01 + 19 = 20 |
| hOttEntOttEntEntEntEntOOnstEllIng |
A dutch word with all the vowels capitalized. To make it harder: replace all capital O's by zeroes. |
| oBerSTuRMBaHNFueHReRDieNSTSTeLLeNLeiTeR |
Nonsensical German word with all consonants capitalized |
| OIstERwiJK19^& |
The village and year where and when I was born, with some SHIFT presses |
Choose a word, remember the encryption.
You may run an open access AP but allow only a small range or set of MAC addresses access to your system. Or
the reverse: everyone, except the neighbours with their noidy and nosy children.
Make a gues what this does.
Don't tell me. I already know. :o)
Read them
Study them
And keep your fingers off them!
The beacon interval and the power settings can be changed without much harm.
Page created on 23 October 2010 and
Page equipped with FroogleBuster technology
