PDA

View Full Version : New user, connection success through WEP but not through WPA



lordhong
2005-12-16, 06:17
Received my wireless SB3 yesterday, fairly impressed with it up to now.

Router is a Linksys WRT54G v3.1. Signal strenght, if it's a factor in WPA connections, is roughly 70-80%.

I have a friend who is a freak on network security, so he had in his mind to convince me that WPA was the way to go and that any hacker could crack WEP in 30 minutes. Anyway, I listened to him, he always have good advice beside being paranoid.

I connected first the SB3 through WPA (and a MAC filtering too). The SB3 would connect to the network (SSID) but when getting an IP through DHCP, it would get a funky one like 169.224.xxx.xxx. After that, it wouldn't connect to the slimserver.

We backtracked, tried first without any encryption and no MAC address filtering and the SB3 would connect fine, and get a standard IP (192.168.1.103). Same with WEP. We added MAC filtering, and it's also working fine. Music was playing perfectly.

However, WPA (and WPA2, and all TKIP, AES and TKIP+AES encryption combination) is no go. I updated the firmware on the router, and when I connected then SB3 properly, it updated (I would think it's firmware is up to date). I still get the funky adresses through DHCP.

So basically 2 questions:

- Any idea what is wrong with my WPA setup that would give me this?

- Is WEP enough? I mean, I have 2 home PC, both are used as entertainment PCs (ie, browsing, gaming, music, very basic applications like Word, Excel, Quicken and the occasional Photoshop to retouch pictures).

Thanks in advance for the answers. :)

ceejay
2005-12-16, 06:38
- Is WEP enough? I mean, I have 2 home PC, both are used as entertainment PCs (ie, browsing, gaming, music, very basic applications like Word, Excel, Quicken and the occasional Photoshop to retouch pictures).

Well, your security friend will certainly say that it isn't, because its pretty easy to hack.

Personally I'd take a pragmatic view: what risks are you trying to protect against, and what is their likelihood?

If you live in a densely populated area, eg a shared building where many of your neighbours can "see" your network, then I'd call that a high risk: there is an excellent chance that some day one of them will hunt out your network and abuse it. Try to get WPA working.

If on the other hand you live in an isolated area where any potential hacker would have to be sitting in their car (visibly!) deliberately targetting your house, I'd say that was a low risk and would settle for whatever simple precautions didn't get in the way. Unless of course you are a public figure and WILL be targetted!!

Just a thought...

Ceejay

lordhong
2005-12-16, 07:05
I live in a densely populated area (for the time being, that'll change next year but that's another subject all by itself ;)).

I guess I'm clueless on how encryption/wireless networking works.

Wouldn't someone have to find my SSID (I don't broadcast), then figure out the key and then clone the MAC address? My friend has a slight tendency to exagerate numbers and timeframe...

MrC
2005-12-16, 08:34
Your SSID and MAC address are transmited in clear text. There is publically available software that can be installed on a PC that will configure a wireless card to listen for, and detect SSIDs, WEP keys, regardless of your APs settings. WEP is trivial to crack today, and is considered obsolete.

Ceejay gave you a correct risk/reward eval. If you have immediate neighbors, or are worried about your security, use WPA. If you're the only person out in the country somewhere, you can judge the risk to be reduced.

lordhong
2005-12-16, 09:08
OK, WPA it is then.

But how to get it working? :) Any idea what the problem could be? What causes the DHCP server to assign a "wrong" IP address while in WPA and not in WEP / no encryption?

MrC
2005-12-16, 09:17
A number of folks have had trouble connecting with one form of encryption or another, and with various APs.

Try powering off your SB3. Set your AP to use WPA-TKIP and allow the SSID to broadcast, save the settings, and then power cycle it. One it is up and running, then power on the SB3 and reconfigure the network settings. You should see your SSID, and should be able to configure the WPA key. Be certain there are no spaces at the end of your WPA key (hit the Add button on the remote until everything is cleared). See if this works. If so, you can re-disable SSID broadcast if you like.

Khuli
2005-12-16, 09:25
Windows does not come with WPA support as standard..

If you have WinXP you might find this article useful
http://support.microsoft.com/default.aspx?scid=kb;en-us;815485

lordhong
2005-12-16, 11:18
I'm at work currently so I can't test the solutions.


Changes required to support WPA
WPA requires software changes to the following:
Wireless access points
Wireless network adapters
Wireless client programs

Router firmware is up to date and supposed to support WPA, and I assume that SB3 is up to date too. My 2 PCs are not wireless; they are connected with standard ethernet cables as they sit 2 feet from the router.

Router IP is 192.168.1.1
PC1 is 192.168.1.100
PC2 is 192.168.1.101
SB3 is 192.168.1.103 (with WEP / no encryption)
---
SB3 is 169.224.xxx.xxx when trying to connect with WPA (it's also not listed on the DHCP client list on the router).

lordhong
2005-12-16, 17:20
Well, I tried WPA and TKIP and it works now. /boggle

Thanks for the help, everything works fine now, can't complain! ;)

MrC
2005-12-16, 17:33
Well, I tried WPA and TKIP and it works now. /boggle

Thanks for the help, everything works fine now, can't complain! ;)
Excellent! Now get on over to that Wiki page I just created and post your results! :-)

lordhong
2005-12-16, 18:53
Done sir! :)