TR Forums

I just opened my new WRT54GL from Newegg and put the setup CD in the disc drive. Immediately, without me even doing anything, it changed my Internet settings in Windows' Control Panel and disconnected me from the Internet. That's not cool. The CD comes out.

So, since I don't trust this installation CD and have no prior knowledge on installing a wireless router, I need some help setting it up. Right now, here's my setup. I have OneLink DSL with VOIP from Speakeasy.

Phone box ---> DSL modem ---> VOIP device ---> 4-Port Linksys hub

The VOIP device has an additional output to my phone line.

The 4-Port Linksys hub (it's a hub, not a router) has two ports used for each of my two desktops. A third port is where the WRT54GL is connected. Is this setup okay, or should I Have the router elsewhere in the chain?

I have static IP addresses from my ISP.

Any other info you guys need? Thanks in advance for any help!

May be you can just ditch the hub and insert the router in its place? if you need more than 4 wired ports then you can stack the hub to the router.

Well, all I want to do right now is get access to the router, but 192.168.x.1 doesn't get me anywhere. What should I do?

I will probably ditch the hub in the near future, but for the time being, I just want to use the router as an accessory to put one of my laptops on wireless using one of my IP addresses, and leave my other computers connected as they are. Is it possible to set it up this way?

That doesn't sound right. I got my GL from Newegg only 2 weeks ago and the CD that came with it was essentially, IIRC, just a PDF file that told what the sequence was to plug things in.

Basically the sequence was:

1. unplug all power and data cables from everything (computer (not the power from the computer though), modem, router, anything else)

2. plug all the data cables in (modem to router, computer to router)

3. plug the power cable into the router

4. plug the power cable into the modem

5. go to 192.168.1.1 to configure the router's settings


I've never dealt much with hubs at all so I don't know what to tell you there.

What VoIP device are you using??

If you are using a "standard" VoIP device then wat you *really* want to do is:

Phone box ---> DSL modem ---> Linksys router ---> Linksys hub ---> VoIP device

You will set the VoIP device's IP address into the new Linksys router's DMZ page settings. This will forward all ports to the VoIP box, as needed. Sharing PPPoE connections with 2 MAC's (2 separate devices) as per your original hookup is really not recommended, if you can avoid it. Some ISP even either (a) ban the connection practice or (b) charge you for the second MAC address it sees on your IP.

By having the VoIP go through the 54, set in DMZ, your ISP will only see one MAC, as if one "computer" was hooked up.

Um, reading over you device sequence, I think you'll need to make the hub a "child" of the router rather than the other way around.

FireGryphon wrote:

Well, all I want to do right now is get access to the router, but 192.168.x.1 doesn't get me anywhere. What should I do?

I will probably ditch the hub in the near future, but for the time being, I just want to use the router as an accessory to put one of my laptops on wireless using one of my IP addresses, and leave my other computers connected as they are. Is it possible to set it up this way?

Best way to set up the router:

a) make sure your Windows TCP settings are back to "default" (if the CD changed them at all)

b) plug in the Linksys 54 router and then reset it (button on front / back) as per directions in the User's Manual. This is usually hold down the recessed button for 5 to 10 seconds, then release.

c) Use a standard Ethernet cable to connect your computer to the Linksys.

d) When the computer properly gets it's IP address, go to a Command Prompt and type in:

ipconfig /all

look for the entry marked

Default gateway

That is the address of the Linksys 54 router.

e) Open up your web browser and type in the IP address of the gateway that you found in (d). You will be able to log on.

f) Configure router

g) Unplug everything, then install router as needed in final location and in final configuration

Snake wrote:

Phone box ---> DSL modem ---> Linksys router ---> Linksys hub ---> VoIP device

The way VOIP works with my ISP is that I must have the DSL modem first in the chain and the VOIP device second, or the VOIP signal will not be properly split from the data signal.

Your other post sounds like a better idea to me, so I'll give it a try.

Ditch the hub. It's going to slow stuff down. I'd say do modem->router and then from the router put your VOIP and the 2 computers behind it.

Just a note, but I had a friend who got this and the cd did install some stupid software that I removed when I was fixing it (WEP...ewww)

FireGryphon wrote:

Snake wrote:

Phone box ---> DSL modem ---> Linksys router ---> Linksys hub ---> VoIP device

The way VOIP works with my ISP is that I must have the DSL modem first in the chain and the VOIP device second, or the VOIP signal will not be properly split from the data signal.

They *say* that, but they just want to make sure all the ports are open. If you put the VoIP in DMZ it will, no problem.

As Usacomp2k3 notes, put the VoIP direct to the router, it does indeed work better. I have a VoIP box in my installation at work, and the configuration is:

Phone box ---> DSL modem ---> D-Link router ---> VoIP box
.......................................................|
.......................................................---> D-Link switch ---> computers

Works like a charm, and this should be your OWN setup. That is...it depends upon the VoIP device. Let us know what it is and we'll tell you the best hookup.

There's no model number, but the manufacturer is Motorola. Doesn't help much, but there are no markings other than that on it (and s/n and such).

For the sake of setup, I'm running phone box ---> DSL modem ---> VOIP box ---> 54gl ---> single computer. Obviously, I'm on the 'net, but there's a long ways to go before this thing is setup the way I want. I'm currently trying to figure out how to get the the router to broadcast so my laptop (iBook G4) can pick up a signal from it, and I'm trying to see if I can route more than one static IP through the router.

What's the safest security authentication to setup? With WPA2, is it best to use TKIP+AES, or just AES?

I think you have the chain of devices correct now. The thing with putting the VoIP box closer to the DSL line than the router is that it then gets a chance to do the QoS and make sure that your big downloads don't interrupt your phone signal. You can get some routers that will respect the TOS bits in the IP packet header, but I'm not sure if the WRT54GL with default firmware will or not.

For wireless, I think WPA2 is good enough, it doesn't matter whether you run AES or TKIP and AES. Check on each of your wireless devices and make sure they all support the same thing - that's probably the deciding factor more than anything else. On the security front, as long as you are better than WEP, you should be OK.

Remember to leave SSID broadcast enabled, it does nothing to enhance security and it can make it hard for some devices to connect.

FireGryphon wrote:

There's no model number, but the manufacturer is Motorola. Doesn't help much, but there are no markings other than that on it (and s/n and such).

For the sake of setup, I'm running phone box ---> DSL modem ---> VOIP box ---> 54gl ---> single computer. Obviously, I'm on the 'net, but there's a long ways to go before this thing is setup the way I want. I'm currently trying to figure out how to get the the router to broadcast so my laptop (iBook G4) can pick up a signal from it, and I'm trying to see if I can route more than one static IP through the router.

What's the safest security authentication to setup? With WPA2, is it best to use TKIP+AES, or just AES?

TKIP is more compatible, AES is stronger. So therefore it depends upon the compatiblity of the clients. Macs are *usually* pretty good with WiFi so you can use AES, but YYMV and if you have problems connecting with AES you will have to drop back to TKIP.

Also, best way to do this is to connect the iBook directly to the router via wire, as per my previous post. Then, open up a document editor and type in RANDOM number/letters for the SSID, and RANDOM number/letters for the key (if you want to use hex only instead of plaintext, make sure the letters are A through F only). Then, remove excess letter/numbers until you get the right length of key (64 if hex IIRC).

Save the file on your computer as KEY but do not close the editing program.

Then, COPY-PASTE the SSID and KEY into the correct fields of the router's setup page.

Why do this? Because by doing it in a text editor first your mind is not worrying about "Can I duplicate the SSID & KEY that I type?", and you'll just hit VERY random keys. Just let your fingers fly across the keyboard, hitting just about anything. Remove any punctuation marks and shorten the SSID or KEY if they are too long. By removing the doubt of duplication question in your mind, you'll find you create a far more secure SSID and KEY because you are typing absolute JUNK instead of something you can duplicate. This will be much more secure against dictionary-based attacks.

Then, COPY-PASTE the results of your junk typing to the router setup page and off you go.

Snake wrote:

Then, open up a document editor and type in RANDOM number/letters for the SSID, and RANDOM number/letters for the key (if you want to use hex only instead of plaintext, make sure the letters are A through F only). Then, remove excess letter/numbers until you get the right length of key (64 if hex IIRC).

I don't think there is a need to randomized the SSID, it will make new client configuration overly difficult. And on the subject of generating random text, I'll just go to Gibson's password generator.

FireGryphon: if you want to make sure you can connect to the router, I would just connect one machine to the router wired and not plug into the WAN, then the router should take on 192.168.1.1 and DHCP will assign your one computer an IP. You can then make all the configuration changes before plugging the rest in.

Flying Fox wrote:

Snake wrote:

Then, open up a document editor and type in RANDOM number/letters for the SSID, and RANDOM number/letters for the key (if you want to use hex only instead of plaintext, make sure the letters are A through F only). Then, remove excess letter/numbers until you get the right length of key (64 if hex IIRC).

I don't think there is a need to randomized the SSID, it will make new client configuration overly difficult.

That's why man invented the USB flash drive Copy the KEY file to it, and if anybody needs to share your WiFi just plug in the drive and COPY-PASTE. Simple.

Thanks for all the help so far, guys. It's really appreciated. I have a few more questions, though. Right now I have the router hanging off of one of the ports on my hub. I can access its control panel from my main computer and I've had some success connecting to it wirelessly (see below).

I'm comfortable in the router's admin panel and I've customized it a bit. My first question is about connecting to it. Since my main computer (wired) connects using a static IP (and I'd rather not go through the 54GL with it), I end up having to go into the networking control panel in Windows and erase my network info every time I want to access the router's admin controls. Then when I'm done I have to re-enter my IP, gateway, DNS, etc. Is there an easier way with my setup to do this? I can't connect through the router using its DHCP and forget about the hub since I want each of my systems to have a unique static IP (I have four from my ISP) and I don't know how to do that through the router yet; I can only manage one IP to multiple computers via DHCP.

I've had mixed results getting the iBook online. At first I was having trouble with WPA authentication. No combination of settings worked. The OK button on the AirPort window was greyed out. Finally, I utilized the option whereby you hold down Option when selecting the network from the AirPort list, which forced you to enter a 64bit authentication key. Of course, this meant creating and copying a 64bit key on the router. Annoying, but it seemed to work. Is there a way I can use a passkey of arbitrary length with MacOS, or is that not possible? It only worked when I used the "force 64bit" option.

When I came home tonight and tried to log on, the iBook couldn't connect to the network. I'm sort of stuck, since I don't see any options to fool around with network settings in MacOS (even to look at the password!), and there's nothing obviously wrong with the router's settings or my wiring (since it worked earlier today, and nothing really changed since then). The whole point of this was getting the iBook online wirelessly, so any help here would be greatly appreciated.

I suppose all your machines that have ISP-supplied IPs have their firewalls enabled? All those nodes are wide open on the internet in a manner of speaking. Why not just consolidate to have one external IP with machines connected behind the router? Don't want to port forward?

That aside, here is one approach you can do what you said you want to do. If you are not using all 4 of your ISP-supplied IPs, assign that to your router, essentially treating the router as a node like any of your "directly connected" device. Turn on remote administration on the router, and then you can access the router's admin interface using that "external" IP from your other wired computers.

This is really not a recommended approach since it means every other machine on the internet can try to access your router, either by knowing or with a port+IP scan. If the router firmware has a security vulnerability it is much easier to get owned since you essentially have port 80/443 open (for the remote admin). Another issue is that your wirelessly connected computers cannot access other machines in your "network" (it's not a LAN anymore since they all have externally assigned IPs behaving like standalone boxes on the edge of the internet) using internal IPs, and vice versa. The other direction is even more scary since you will have to port forward the File Sharing port(s) in order for the wired computers to talk to the wireless ones (since they will be behind the router). Seems like more trouble than it is worth.

FireGryphon wrote:

Since my main computer (wired) connects using a static IP (and I'd rather not go through the 54GL with it), I end up having to go into the networking control panel in Windows and erase my network info every time I want to access the router's admin controls. Then when I'm done I have to re-enter my IP, gateway, DNS, etc. Is there an easier way with my setup to do this?

This should be trivial to solve by just adding another IP on the appropriate private subnet to the same network interface. I just checked in a VM, and it looks like Windows supports IP aliasing as long as all IPs are static (it should allow it with DHCP IPs too, but my XP x64 VM doesn't seem to). It's under Advanced TCP/IP settings, on the first tab.

Flying Fox wrote:

I suppose all your machines that have ISP-supplied IPs have their firewalls enabled? All those nodes are wide open on the internet in a manner of speaking. Why not just consolidate to have one external IP with machines connected behind the router? Don't want to port forward?

That aside, here is one approach you can do what you said you want to do. If you are not using all 4 of your ISP-supplied IPs, assign that to your router, essentially treating the router as a node like any of your "directly connected" device. Turn on remote administration on the router, and then you can access the router's admin interface using that "external" IP from your other wired computers.

This is really not a recommended approach since it means every other machine on the internet can try to access your router, either by knowing or with a port+IP scan. If the router firmware has a security vulnerability it is much easier to get owned since you essentially have port 80/443 open (for the remote admin). Another issue is that your wirelessly connected computers cannot access other machines in your "network" (it's not a LAN anymore since they all have externally assigned IPs behaving like standalone boxes on the edge of the internet) using internal IPs, and vice versa. The other direction is even more scary since you will have to port forward the File Sharing port(s) in order for the wired computers to talk to the wireless ones (since they will be behind the router). Seems like more trouble than it is worth.

Exactly.

If he really insists on having the VoIP box first, he should hook up:

phone box --->DSL modem --->VoIP box ---> Linksys router ---> Linksys hub (if still needed) ---> computers

He's segmented and firewalled his network, and requires 2 IP's for some functionality - all the headache, all the time, and for not much benefit at all.

I've been running my computers on static IPs without the benefit of a router since 1999 when I first got DSL from Speakeasy. All of my computers have firewalls, antivirus, etc. and are pretty secure. Whenever my friends had connection issues because they were behind NAT, I was okay because I had a static IP. I'd like to get the setup working legitimately because I might want to setup my server again and give it a static IP, too. Your suggestions would be easier, perhaps, but I'm pretty sure my setup should work.

At any rate, I still can't get the iBook online. That's really important to me. Any ideas?

Thanks again for all the help!

As noted previously, some Mac's have problems with hidden SSID's. Check to make sure yours is broadcasting to test this theory.

Delete the iBook's access point association and rebuild it.

Snake wrote:

As noted previously, some Mac's have problems with hidden SSID's. Check to make sure yours is broadcasting to test this theory.

Delete the iBook's access point association and rebuild it.

It is broadcasting, but I still can't connect to the 'net. Networking sucks. Aren't there any resources to figure this **** out? Maybe I'll have to sit all day at B&N reading books.

Disable WPA/WEP first and see if it works. Then try WEP, then WPA, to eliminate basic problems. Have a lot of SSIDs in the area? May be there is interference?

Hmm, just noticed something odd: OSX automatically concatenates a $ on the beginning of all of the passwords I put in. Could this be why it's not working? Hmm...

it shouldn't be...what version of X?

derFunk, I would appreciate knowing how to connect a macbook to a secured AP myself. I have ran into so many issues trying to do this in the past and it seems like I can never remember all of the tricks when I go to do it again.

One of the issues is the "$" that FireGryphon is talking about, some I have found require you to do it and others won't work if you use it. It seems like every time I go to set one up I run into some issue and only a certain combination of security settings will allow it to connect. I have even been able to use bootcamp to get windows to connect but could never, no matter what combination of settings I set on the router and the macbook, get it to connect within osx. When I google the issues I see a lot of people having the same kinds of problems.

I remember in one case I was copy and pasting the key into the box that would pop up when you went to connect and no matter how many times I tried it wouldn't take it. When I went into the advanced properties section after I added it as a preferred network and pasted it there it would then connect.

Are we all retarded or is there something obvious we are missing?

All I could think of was a ghost of an Apple article I read. Apparently I was wrong above and in some cases there *should* be a $ as the first character:

Hexadecimal password
If you were given a password that uses only the hexadecimal range of characters (which are: abcdef0123456789), put a dollar sign ($) before the password. These passwords are 10 characters long for 40-bit encrypted networks or 26 characters long for 128-bit encrypted networks. In a hexadecimal password, the dollar sign is called the Hex Escape. It notifies the software that the characters that follow it should be treated as a hexadecimal number. Other possible hex escapes are "0x" and "0X" (zero-x, and the "x" may be upper or lower case).

Example of 40-bit: $1234abcdef
Example of 128-bit: $12345678901234567890abcdef

http://docs.info.apple.com/article.html?artnum=106424

The screenshots are old - that looks like Jaguar (10.2.8 or earlier). That makes me wonder if maybe that wasn't changed in an Airport software update...the "only" problem with that is that the last Airport software update not bundled with a 10.4.x or 10.5.x update was for people using 10.4.2 or earlier (from what I can find online). I'm a bit stumped at the moment, but I'm going to try to keep banging on this.

You guys might wana consider: http://www.dd-wrt.com/dd-wrtv2/index.php

Love this OS for my Linksys.

Bingo, now I remember, one time I had to use the 0x escape instead. I need to write this stuff down, too much time passes between when I need to set one up. Thanks derFunkenstein.

-Chaseme, while I personally like DD-WRT, tomato is pretty good as well. Strangely I have heard that using a third party firmware cleared up some issues for people when using a macbook.

oh, awesome! Glad I could help someone, even if it wasn't the OP.