Motorola SBG940-1 User Manual

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

4 Click Local Area Connection number. The value of number varies from system to system. The Local Area

Connection number Status window is displayed:

5 Click Properties. Information similar to the following window is displayed:

6 If Internet Protocol (TCP/IP) is in the list of components, TCP/IP is installed. You can skip to step 10.

If Internet Protocol (TCP/IP) is not in the list, click Install. The Select Network Component Type window is
displayed:

Home

X

ExitPrint

56 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

7 Click Protocol on the Select Network Component Type window and click Add. The Select Network Protocol

window is displayed:

8 Click Internet Protocol (TCP/IP).

9 Click OK. The Local Area Connection number Properties window is re-displayed.

10 Be sure the box next to Internet Protocol (TCP/IP) is selected.

Home

X

ExitPrint

57 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

11 Click Properties. The Internet Protocol (TCP/IP) Properties window is displayed:

12 Be sure Obtain IP address automatically and Obtain DNS server address automatically are selected.

13 Click OK to accept the TCP/IP settings.

14 Click Close to close the Local Area Connection number Properties window.

15 Click OK when prompted to restart the computer and click OK again.

When you complete the TCP/IP configuration, go to “Verifying the IP Address in Windows 2000 or Windows XP”.

Home

X

ExitPrint

58 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Configuring TCP/IP in Windows XP

1 On the Windows desktop, click Start to display the Start window:

2 Click Control Panel to display the Control Panel window. The display varies, depending on the Windows XP

view options. If the display is a Category view as shown below, continue with step 3. Otherwise, skip to
step 5.

Home

X

ExitPrint

59 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

3 Click Network and Internet Connections to display the Network and Internet Connections window:

4 Click Network Connections to display the LAN or High-speed Internet connections. Skip to step 7.

5 If a classic view similar to below is displayed:

6 Double-click Network Connections to display the LAN or High-speed Internet connections.

Home

X

ExitPrint

60 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

7 Right-click on the network connection. If more than one connection is displayed, be sure to select the one for

your network interface:

8 Select Properties from the pop-up menu to display the Local Area Connection Properties window:

9 On the Local Area Connection Properties window, be sure Internet Protocol (TCP/IP) is selected. If it is not

selected, select it.

Home

X

ExitPrint

61 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

10 Select Internet Protocol (TCP/IP) and click Properties to display the Internet Protocol (TCP/IP) Properties

window:

11 Verify that the settings are correct, as shown above.

12 Click OK to close the TCP/IP Properties window.

13 Click OK to close the Local Area Connection Properties window.

When you complete the TCP/IP configuration, go to “Verifying the IP Address in Windows 2000 or Windows XP”.

Home

X

ExitPrint

62 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Verifying the IP Address in Windows 95, Windows 98, or Windows Me

To check the IP address:

1 On the Windows Desktop, click Start.

2 Select Run. The Run window is displayed.

3 Typ e winipcfg.exe and click OK. The IP Configuration window is displayed. The Ethernet Adapter

Information field will vary depending on the system, as shown in the following examples:

The values for Adapter Address, IP Address, Subnet Mask, and Default Gateway on the PC will be different
than in the images.

In Windows 98, if “Autoconfiguration” is displayed before the IP Address as in the following image, call your
service provider.

4 Select the adapter name — the Ethernet card or USB device.

5 Click Renew.

6 Click OK after the system displays an IP address.

If after performing this procedure the computer cannot access the Internet, call your cable provider for help.

Home

X

ExitPrint

63 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Verifying the IP Address in Windows 2000 or Windows XP

To check the IP address:

1 On the Windows Desktop, click Start.

2 Select Run. The Run window is displayed.

3 Typ e cmd and click OK to display a command prompt window.

4 Typ e ipconfig and press ENTER to display the IP configuration. A display similar to the following indicates a

normal configuration:

If an Autoconfiguration IP Address is displayed as in the following window, there is an incorrect connection
between the PC and the SBG940 or there are cable network problems. Check the cable connections and
determine if you can view cable-TV channels on your television:

After verifying the cable connections and proper cable-TV operation, renew the IP address.

Home

X

ExitPrint

64 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

To renew the IP address:

1 Typ e ipconfig /renew and press ENTER. If a valid IP address is displayed as shown, Internet access should

be available.

2 Typ e exit and press ENTER to return to Windows.

If after performing this procedure the computer cannot access the Internet, call your cable provider for help.

Home

X

ExitPrint

65 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Setting Up Your Wireless LAN

You can use the SBG940 as an access point for a wireless LAN (WLAN) without changing its default settings.

Caution!

To prevent unauthorized eavesdropping or access to WLAN data, you must enable wireless security.
The default SBG940 settings provide no wireless security. After your WLAN is operational, be sure to
enable wireless security.

To enable security for your WLAN, you can do the following on the SBG940:

To Perform Use in Setup Program

Encrypt wireless transmissions
and restrict WLAN access

Further prevent unauthorized
WLAN intrusions

Connect at least one computer to the SBG940 Ethernet or USB port to perform configuration. Do not attempt to
configure the SBG940 over a wireless connection.

You need to configure each wireless client (station) to access the SBG940 LAN as described in “Configuring the

Wireless Clients”.

Encrypting Wireless LAN Transmissions Wireless > SECURITY — basic Page

Restricting Wireless LAN Access Wireless > SECURITY — advanced

Page

Caution!

Never provide your ESSID, WPA or WEP passphrase, or WEP key to anyone who is not authorized to
use your WLAN.

For descriptions of all wireless configuration fields, see “Configuring a Wireless Client with the Network Name

(ESSID)”.

Another common-sense step to improve wireless security is to place wireless components away from windows.
This decreases the signal strength outside the intended area.

Home

X

ExitPrint

66 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Encrypting Wireless LAN Transmissions

To prevent unauthorized viewing of data transmitted over your WLAN, you must encrypt your wireless
transmissions.

Use the Wireless > SECURITY — basic Page to encrypt your transmitted data. Choose one of:

Configure on the SBG940 Required On Each Wireless Client

If all of your wireless clients support Wi-Fi
Protected Access (WPA), we recommend

Configuring WPA on the SBG940

Otherwise, perform Configuring WEP on the

SBG940

If all of your wireless clients support WPA encryption, we recommend using WPA instead of WEP because WPA:

If you use a local pre-shared key (WPA-PSK) passphrase, you
must configure the identical passphrase to the SBG940 on each
wireless client. Home and small-office settings typically use a
local passphrase.

Configuring a RADIUS server requires specialized knowledge
that is beyond the scope of this guide. For more information,
contact your network administrator.

You must configure the identical WEP key to the SBG940 on each
wireless client.

• Provides much stronger encryption and is more secure

• Provides authentication to ensure that authorized users only can log in to your WLAN

• Is much easier to configure

• Uses a standard algorithm on all compliant products to generate a key from a textual passphrase

• Will be incorporated into the new IEEE 802.11i wireless networking standard

For new wireless LANs, we recommend purchasing client adapters that support WPA, such as the Motorola

Wireless Notebook Adapter WN825G, Wireless PCI Adapter WPCI810G, and Wireless USB Adapter WU830G.

For more information about the benefits of WPA, see the Wi-Fi Protected Access web page

http://www.wifialliance.org/OpenSection/protected_access.asp.

Home

X

ExitPrint

67 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Configuring WPA on the SBG940

To enable WPA and set the key on the SBG940:

1 On the SBG940 Setup Program left panel, click Wireless.

2 Click the SECURITY tab to display the Wireless > SECURITY — basic page:

3 In the Security Mode field, select WPA and click Apply.

4 Under WPA CONFIGURATION, choose one WPA Encryption type. Because performance may be slow with

TKIP, we recommend choosing AES if your clients support AES:

TKIP Temporal Key Integrity Protocol provides data encryption including a per-packet key mixing

function, message integrity check (MIC), initialization vector (IV) and re-keying mechanism.

AES The Advanced Encryption Standard algorithm implements symmetric key cryptography as a

block cipher using 128-bit keys. We recommend this setting if all of your wireless clients
support AES. The Motorola client adapters shown in “Optional Accessories” support AES.

Home

X

ExitPrint

68 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

5 Choose the WPA Authentication type:

Configuration: Basic Gateway TCP/IP Wireless USB

Remote
(Radius)

Local
(WPA-PSK)

If a Remote Authentication Dial-In User Service (RADIUS) server is available, you can select this
option and go to step 6. A RADIUS server is typically used in a large corporate location.

If you choose Pre-Shared Key (PSK) local authentication, if the passphrase on any client
supporting WPA matches the PSK Passphrase set on the SBG940, the client can access the
SBG940 WLAN. To set the PSK Passphrase, go to step 7. A local key is typically used in a home
or small office.

6 For Remote (Radius) authentication only, set:

Radius Port The port used for remote authentication through a RADIUS server. It can be from 0 to 65535.

Radius Key The key for remote authentication. It can be from 0 to 255 ASCII characters.

Radius Server
Typ e

Radius Server The RADIUS server IP address in dotted-decimal format (xxx.xxx.xxx.xxx).

Currently IPv4 only.

7 For Local (WPA-PSK) authentication only, set:

PSK
Passphrase

The PSK password containing from 8 to 63 ASCII characters. You must set the identical
passphrase on each WLAN client (see “Configuring a Wireless Client for WPA”).

8 Click Save Changes.

If you need to restore the wireless defaults, click Reset Wireless Defaults.

Home

X

ExitPrint

69 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Configuring WEP on the SBG940

Use Wired Equivalent Privacy (WEP) only if you have wireless clients that do not support WPA.

Caution!

If you use WEP encryption, you must configure the same WEP key on the SBG940 access point and
all wireless clients (stations). Never provide your WEP key or passphrase to anyone who is not

authorized to use your WLAN.

To enable WEP and set the key on the SBG940:

1 On the SBG940 Setup Program left panel, click Wireless.

2 Click the SECURITY tab to display the Wireless > SECURITY — basic page:

3 In the Security Mode field, select WEP and click Apply.

4 In the WEP Passphrase field, type a passphrase containing from 8 to 31 ASCII characters. For privacy, your

passphrase displays as dots.

Home

X

ExitPrint

70 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

5 Click Generate WEP Keys. The following window is displayed:

6 Click OK. The WEP CONFIGURATION fields now appear something like:

Before performing step 7, consider the following:

• If all of your wireless adapters support 128-bit encryption, you can select Enable 128 Bit. Otherwise, you

must select Enable 64 Bit.

• For a WLAN client equipped with a Motorola wireless adapter, you can enter the WEP Passphrase when

you perform Configuring a Wireless Client for WEP. For all other wireless adapters, you will probably
need to enter the generated WEP key that you designate in step 7.

7 Under WEP CONFIGURATION, set:

WEP
Authentication

Encryption Use a WEP key length that is compatible with your wireless client adapters. Choose one of:

Key 1 to Key 4 Select the active key (1 to 4). Only one key can be active. You can generate WEP keys from a

Sets whether shared key authentication is enabled to provide data privacy on the WLAN:

• Open System — Any WLAN client can transmit data to any other client without

authentication. It is the default, if the Security Mode is set to WEP.

• Shared Key — The SBG940 authenticates and transfers data to and from all clients having

shared key authentication enabled. We recommend this setting.

• Enable 64-Bit — Use only if you have wireless clients that do not support 128-bit encryption

• Enable 128-Bit — We recommend this setting for stronger encryption; it is supported by the

Motorola WN825G and WPCI810G wireless adapters and most current wireless adapters

passphrase as described in steps 4 to 6 or type non-case-sensitive hexadecimal characters 0
to 9 and A to F to define up to:

• Four 10-character long key 64-bit WEP keys

• Four 26-character long 128-bit WEP keys

We recommend changing the WEP keys frequently. Never provide the WEP key to anyone
who is not authorized to use your WLAN.

8 Click Save Changes to save your changes.

If you need to restore the wireless defaults, click Reset Wireless Defaults.

Home

X

ExitPrint

71 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Restricting Wireless LAN Access

The default SBG940 wireless settings enable any computer having a compatible wireless adapter to access your
WLAN. To protect your network from unauthorized intrusions, you can restrict access to your WLAN to a limited
number of computers on the Wireless > SECURITY — advanced Page.

You can configure one or both of:

Configure on the SBG940 Required On Each Wireless Client

Perform Configuring the Wireless Network Name on the

SBG940 to disable Extended Service Set Identifier (ESSID)

broadcasting to enable closed network operation

Perform Configuring a MAC Access Control List on the

SBG940 to restrict access to wireless clients with known

MAC addresses

You must configure the identical ESSID (network
name) to the SBG940.

No configuration is required on the client.

Home

X

ExitPrint

72 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Configuring the Wireless Network Name on the SBG940

If you disable ESSID broadcasting on the SBG940, the SBG940 does not transmit the network name (ESSID).
This provides additional protection because:

• Only wireless clients configured with your network name can communicate with the SBG940

• Unauthorized individuals who scan for unsecured WLANs cannot access your WLAN

Closed network operation is an enhancement of the IEEE 802.11b and IEEE 802.11g standards.

If you select Disable ESSID Broadcast, you must perform Configuring a Wireless Client with the Network Name

(ESSID) on all WLAN clients (stations). Never provide your ESSID to anyone who is not authorized to use

your WLAN.

To configure the ESSID on the SBG940:

1 Start the SBG940 Setup Program as described in “Starting the SBG940 Setup Program”.

2 On the left panel, click Wireless.

3 Click the NETWORK tab to display:

4 In the ESSID field, type a unique name. It can be any alphanumeric, case-sensitive string up to

32 characters. The default is “Motorola.” Do not use the default ESSID.

5 Click Save Changes to save your changes.

6 To restrict WLAN access to clients configured with the same Network Name (ESSID) as the SBG940, click

the SECURITY tab.

Home

X

ExitPrint

73 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

7 Click advanced to display the Wireless > SECURITY — advanced Page:

8 Select Disable ESSID Broadcast to restrict WLAN access to clients configured with the same Network

Name (ESSID) as the SBG940.

9 Click Apply to save your changes.

Home

X

ExitPrint

74 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Configuring a MAC Access Control List on the SBG940

You can restrict wireless access to one to 32 wireless clients, based on the client MAC address.

To configure a MAC access control list:

1 On the SBG940 Setup Program left panel, click Wireless.

2 Click the SECURITY tab.

3 Click advanced to display the Wireless > SECURITY — advanced Page:

4 To restrict wireless access to systems in the MAC access control list, select Allow Only Listed Stations

Access and click Apply.

5 To add a wireless client, type its MAC address in the format xx:xx:xx:xx:xx:xx in the New Station field and

click Add Station.

You can add up to 32 wireless clients to the MAC access control list.

Home

X

ExitPrint

75 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Configuring the Wireless Clients

For each wireless client computer (station), install the wireless adapter — such as a Motorola WN825G,

WPCI810G, or WU830G — following the instructions supplied with the adapter. Be sure to:

1 Insert the CD-ROM for the adapter in the CD-ROM drive on the client.

2 Install the device software from the CD.

3 Insert the adapter in the PCMCIA or PCI slot or connect it to the USB port.

Step 1

Step 3

Configure the adapter to obtain an IP address automatically. The Motorola wireless adapters are supplied with a
client configuration program called Wireless Client Manager, which is installed in the Windows Startup group.

On a PC with Wireless Client Manager installed, the icon is displayed on the Windows task bar. Double-click
the icon to launch the utility.

You may need to do the following to use a wireless client computer to surf the Internet:

Step 2

Step 2

Step 3

Step 1

If You Performed On Each Client, You Need to Perform

Configuring WPA on the SBG940 Configuring a Wireless Client for WPA

Configuring WEP on the SBG940 Configuring a Wireless Client for WEP

Configuring the Wireless Network Name on the SBG940 Configuring a Wireless Client with the Network Name

(ESSID)

Configuring a MAC Access Control List on the SBG940 No configuration on client required

Home

X

ExitPrint

76 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Configuring a Wireless Client for WPA

If you enabled WPA and set a PSK Passphrase by Configuring WPA on the SBG940, you must configure the
same passphrase (key) on each wireless client. The SBG940 cannot authenticate a client if:

• WPA is enabled on the SBG940 but not on the client

• The client passphrase does not match the SBG940 PSK Passphrase

For information about the WPA support in Windows XP, visit:

WPA Wireless Security for Home Networks http://www.microsoft.com/WindowsXP/expertzone/columns/

bowman/03july28.asp

Overview of the WPA Wireless Security Update in
Windows XP

You can download the Microsoft Windows XP Support Patch for Wi-Fi Protected Access from

http://www.microsoft.com/downloads/details.aspx?FamilyId=009D8425-CE2B-47A4-ABEC-274845DC9E91&disp
laylang=en

http://support.microsoft.com/?kbid=815485

Caution!

Never provide the PSK Passphrase to anyone who is not authorized to use your WLAN.

Configuring a Wireless Client for WEP

If you enabled WEP and set a key by Configuring WEP on the SBG940, you must configure the same WEP key on
each wireless client. The SBG940 cannot authenticate a client if:

• Shared Key Authentication is enabled on the SBG940 but not on the client

• The client WEP key does not match the SBG940 WEP key

On a WLAN client equipped with a Motorola wireless adapter, you can enter the WEP Passphrase you set when
you configured the SBG940. For all other wireless adapters, you must enter the 64-bit or 128-bit WEP key
generated by the SBG940.

Caution!

Never provide the WEP key to anyone who is not authorized to use your WLAN.

Configuring a Wireless Client with the Network Name (ESSID)

To distinguish it from other nearby WLANs, you can identify your WLAN with a unique network name (also known
as a network identifier or ESSID). When prompted for the network identifier, network name, or ESSID, type the
name set in the ESSID field on the Wireless > NETWORK Page in the SBG940 Setup Program. For more
information, see “Configuring the Wireless Network Name on the SBG940”.

After you specify the network name, many wireless cards or adapters automatically scan for an access point such
as the SBG940 and the proper channel and data rate. If your card requires you to manually start scanning for an
access point, do so following the instructions in the documentation supplied with the card.

Never provide the ESSID to anyone who is not authorized to use your WLAN.

Home

X

ExitPrint

77 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Wireless Pages in the SBG940 Setup Program

Use the Wireless pages to control and monitor the wireless interface:

• Wireless > STATUS Page

• Wireless > NETWORK Page

• Wireless > SECURITY — basic Page

• Wireless > SECURITY — advanced Page

• Wireless > STATISTICS page

After you edit some fields and click Apply, you are warned that you must reboot for your change to take effect.
Rebooting takes 10 to 15 seconds. After rebooting, you must log in again.

Home

X

ExitPrint

78 SBG940 User Guide

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Wireless > STATUS Page

You can use this display-only page to:

• View the wireless interface status

• Help perform Troubleshooting for wireless network problems

Wireless > STATUS Page Fields

Regulatory Domain Indicates the country the SBG940 is manufactured for. The list of channels depends on the

country’s standards for operation of wireless devices. Depending on the domain set at the factory,

USA FCC, Europe, Spain, France, Japan, or some other country name is displayed.

ESSID Displays the ESSID set on the Wireless > NETWORK Page. For more information, see

“Configuring the Wireless Network Name on the SBG940”. Never provide the ESSID to anyone

who is not authorized to use your WLAN.

Channel Displays the radio channel for the access point. If you encounter interference, you can set a

different channel on the Wireless > NETWORK Page.

RTS Threshold Displays the Request to Send Threshold set on the Wireless > NETWORK Page.

Frag Threshold Displays the Fragmentation Threshold set on the Wireless > NETWORK Page.

MAC Address Displays the SBG940 MAC address.

Security Mode Displays the enabled wireless encryption type. For more information, see “Configuring WPA on

the SBG940” or “Configuring WEP on the SBG940”.

MAC Access Control Displays the MAC Access Control setting (see “Configuring a MAC Access Control List on the

SBG940”):

• Allow Listed — Only clients in the MAC access control list can access the WLAN.

• Allow Any Station Access — Any wireless client can access the WLAN.

MAC Access Control List Displays the MAC addresses of wireless clients having access (see “Configuring a MAC Access

Control List on the SBG940”).

Home

X

ExitPrint

79 SBG940 User Guide