How to install, configure and deploy a SOHO wireless router
The SOHO routers are now the part of everyone's daily life and one can find that these routers are being used really commonly everywhere. The SOHO routers contain some really complex settings, network selections and the configuration options. One should know about the options which include the MAC address filters, port triggering, port forwarding, SSID and wireless encryption, etc. Hence, the knowing about the SOHO routers can really bring some good work for someone if someone is thinking about installing it at his home. Here are the options and information which can be beneficial for learning about SOHO routers;
One of the configurations is about the Mac filtering. The Mac address means the media Access control and the address is of the hardware, it is the physical address. This address is present on the wireless devices which are connected to one's computer. This Mac Address can allow someone to make limitation on the access of those who can communicate through and into the wireless network. So, if one is surrounded by the people, who can be neighbours and the friends, who want to get the access to one's Wi-Fi, then using this is a very good idea to keep these people at arm's length. Actually, finding out what Mac address is being used by one is quite easy. There are some software's available at internet through which one can get all this information. These software's help those people finding out the Mac address of one's internet. Hence, they can simply copy that mac address and then put it on their own devices and through this; they can use the network by stealing it. So, many users are against it since it is completely and clearly a violation of law. Hence, even though it has some advantages but the truth is, that it doesn't provide so much security to the person. If one talks a look at the router, one could find the list of the Mac addresses that one can insert inside. So, one can simply add up all of those addresses that one want to get the access through. Also, one can check that if there is someone who is connected to the internet. Also, one can add some user into the list of allowed MAC addresses if one wants. If one is engaged in configuring the wireless settings on some router or the access point, then one should ensure that the highest encryption is used. One can find a type of encryption that is called WPA2. If selected with the AES, then it is the best encryption to be used. And one should ensure that he uses this specific encryption service. But there is one thing; one should not use the WEP. One should understand how dangerous and unsecure it is to use this encryption service. One becomes too much vulnerable and in many of the modern device, it is not even an option. One can find many good options related to WPA2 like there is WPA2 enterprise too which is very good for the large organizations. While using this router, one would find a pre shared key. It is the key which is first given to the user by default, and then the user has to change the key himself. This key gives AES the ability to encrypt the data that is being sent through the internet. There is another type of the encryption as well. It is known as the WPA-PSK. This one is for the old version of WPA. So, this one also contains almost the same vulnerabilities as the WPA did. So it is the least option that should be selected by one and it should be selected only when one is left with no other options. So whenever one is about to choose the encryption method it always should be only WPA2. But there is one problem there, not all the new devices now allow one to have the WPA2 encryption. So, in that case, one can select the WPA but should try to upgrade to the newer device as soon as possible so that the data can become secured.
Channels (1-11): A channel actually, is the list of those sets which are allowed by IEEE 802.11 protocols and they are legal to use. These channels are being sold under the trademark of the Wi-Fi.
Port Forwarding, Port Triggering:
Port Forwarding: if one is working in the office where there are the servers for the files and one wants the other people to get connected to the server and gain access to those files, then this procedure is called port forwarding. This helps on having the 27 hours a day and seven days a week access to the specific server. That server can be some gaming server or the website server. Here, in that mechanism, one would just take the external IP and when the port number. This is the number which is used in the external port and one wants to forward to that internal IP address. It happens since the network address translation doesn't allow one to access the IP address that is internal, from the outside. So the port forwardly actually makes the IP address become accessible from the outside. One doesn't even have to have the same type of port number. One can easily take the port number which has the inbound of 80 and then it can get converted into the 8080 inside the network. The reason is that it stays static all the time and doesn't change. It doesn't even go anywhere else. While using it, one actually translate the destination and the outside of the address to the inside address. This doesn't time out and has no expiry date. Hence, people can always access it all the time. The example of how this working is done, one can use the devices which are on the internet and he wants the access to the server. The server's address lets tae 192.168.3.33 and hence one would configure the network in the way that would say to the router if anyone tries to have access to 182.322.33.2 then please get them to the 192.168.33.3. Hence, the forward gets into the place and anyone can have the access to the external IP address.
Port forwarding: One might not be very happy with the fact that users can access the server all the time, without any restriction. So, there is a way through which one can set up the dynamic access. It is named as the port trigger. It means that when someone wants the others to get access to that, only then it can be accessed. The thing that happens is, that when a port trigger is configured, then when someone send internal information, it gets opened dup and then it is forwarded to the ones network. Hence, if one configures for the games, then one would configure for some file transfers. One the application is closed, the session is closed as well and the port which was opened would also get closed. Hence the port which was open for the 24.7 now would get opened only when it would be configured and triggered. As someone would do the configuration, the user who is sending the specific port numbers would be be allowed to only certain ports in the inbound of one's network. That is the easier thing to configure. Is created dynamically and it can be done for any of the port number or any of them. Hence when one is finished with the application and he closes it, then he stops using it. Hence one would stop anyone to get into the port of the network. But this one has some disadvantages as well. The thing is that only one person can utilise this at one time. Once the window is opened again, everyone would be going there with the same IP address. The second person, who wants to have that opening, won't be able to do so. Since, it can be opened only at the single time. In some cases one might need to do the port forwarding. But if one wants some more secured method is granting the access to the network. then one should be using the port trigger.
SSID Broadcast (on/off):
Another configuration that is there for the wireless network is called SSID, when someone actually opens the list of all the wireless networks which are available, their names are sown there. This is something how one recognizes a network. Hence, one might tell other to connect to some certain named network. This helps the others too, to recognize that what is the name of the network they should get connected to. One might also find the BSSID. That usually points toward the MAC address of that specific access point. Normally, the users cannot see it and the user also don't have to make any changes in the configuration. The average of SSID is that people can easily see the available networks which are there. Hence it becomes easier for them to get connected to the networks. But the disadvantage can be only when someone doesn't want his SSID to be shown in the list. One can make this SSID become restricted by making some restrictions in the broadcast. Hence the access point's configuration can be changed. This helps one disable or enable the SSID. But SSID doesn't really provide any security so just by turning if on, one shouldn't think that network is secured. It's just that the name isn't shown. If one knows that SSID is of the network, he can type it and can get connected to it.
Wireless encryption is basically the way through which the data transferred is protected. If the data isn't encrypted then anyone who gets connected to the network can access to what other person is sending and receiving the data and it can become some big problem.
Firewall is built only for the security purpose. If it is enabled, one cannot access to another one's network and the data.
This allows the networks to get the IP assigned to theme easily. The IP gets assigned automatically but this one is also not a security feature. It is just for the convenience. Turning off and turning on this feature doesn't make anyone more secure. The security done depend on the static or dynamic IPs.
DMZ is also known as the buffer zone in the world of computer. It separates the private LAN and the internet. It is also a separate network which is even more trustworthy than the internet bit it is less trust worthy than the LAN. In Microsoft, it is called as the Screened Subnet. Some SOHO vendors use the term of DMZ for their products. These products can bypass the filters and the protection of NAT when the DMZ is set up and all of the traffic is forwarded to the default host. Hence, it should not be misunderstood with the DMZ.
All of the wireless routers no matter where they are used contain something called NAT. The NAT stands for the Network Address translation. This thing is something, that is built into the routers from the start and they are sometimes often called as the NAT source. Also, someone times, people call it as the PAT. Nat is very useful since it actually takes the one and single IP address that has been provided by the ISP and then it helps many of the other devices to be put on the very same network. Hence, the all the world can get connected to one network using the single IP address. Hence one can also put so many devices on the home and office networks. All of the devices will communicate to the internet with the help of NAT. If one has a server for the files and he wants the other people to access it, then it is a good choice.
WPS is basically the Wi-Fi protected setup. This idea is simple and amazing. The idea says that there should be the push button which can be pushed in and the access to the user can be granted or one can have some unique identification hence the access can be granted to someone easily. But there has been a weakness here. It has allowed some others to easily put some force to pin the number that are on these routers.That can allow someone to have access to the encrypted network and it Is bad.
The SOHO routers also allow one to configure the Quality of Service. This feature actually allows one to prioritize the based on applications. None can prioritize based on the MAC and can do opposite as well. One would find this on some high end routers. On the low end routers, it is there but one has to be careful while din so sine it might get some wrong priorities.
Hence, one who uses the SOHO wireless routers is supposed to know about it all. He should know that how to configure it, what are the characteristics and what are the limitations of each of the benefit so one can be careful and can protect his data.