User Manual
WiFi 6 AX1800 Dual Band
Wireless Access Point
Model WAX204
NETGEAR, Inc.
350 E. Plumeria DriveNovember 2020
San Jose, CA 95134, USA202-12147-01
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Support and Community
Visit netgear.com/support to get your questions answered and access the latest
downloads.
You can also check out our NETGEAR Community for helpful advice at
community.netgear.com.
Regulatory and Legal
Si ce produit est vendu au Canada, vous pouvez accéder à ce document en français
canadien à https://www.netgear.com/support/download/.
(If this product is sold in Canada, you can access this document in Canadian French at
https://www.netgear.com/support/download/.)
For regulatory compliance information including the EU Declaration of Conformity, visit
https://www.netgear.com/about/regulatory/.
See the regulatory compliance document before connecting the power supply.
For NETGEAR’s Privacy Policy, visit https://www.netgear.com/about/privacy-policy.
By using this device, you are agreeing to NETGEAR’s Terms and Conditions at
https://www.netgear.com/about/terms-and-conditions. If you do not agree, return the
device to your place of purchase within your return period.
Trademarks
© NETGEAR, Inc., NETGEAR, and the NETGEAR Logo are trademarks of NETGEAR, Inc.
Any non-NETGEAR trademarks are used for reference purposes only.
Revision History
CommentsPublish DatePublication Part
Number
First publication.November 2020202-12147-01
2
Contents
Chapter 1 Hardware Overview
Top panel with LEDs...........................................................................11
Back panel with ports, buttons, and a power connector...............13
Position the antennas for best WiFi performance..........................14
Access point label..............................................................................14
Chapter 2 Installation and Initial Log-in
About router mode and access point mode...................................16
Routing features enabled only in router mode..............................16
Set up the access point and complete the initial log-in process...17
Connect the access point to a modem and log in for the first
time..................................................................................................18
Connect the access point to a router and log in for the first
time..................................................................................................22
Get a registration key.........................................................................26
Find the IP address of the access point when you cannot use
routerlogin.net....................................................................................27
Find the IP address of the access point with the NETGEAR Insight
mobile app..........................................................................................29
Log in to the access point after initial setup....................................30
Change the language........................................................................31
Connect a wired or WiFi device to the access point’s network after
installation...........................................................................................32
Connect to the access point through an Ethernet cable..........32
Use Wi-Fi Protected Setup to join the WiFi network.................33
Manually join the WiFi network....................................................33
Chapter 3 Manually Set Up Internet Settings
Use the Setup Wizard.........................................................................36
Manually set up the access point Internet connection [router
mode]...................................................................................................37
Specify a dynamic or fixed WAN IP address Internet connection
without a login [router mode]......................................................37
Specify a PPPoE Internet connection that uses a login [router
mode]..............................................................................................39
3
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Specify a PPTP or L2TP Internet connection that uses a login
[router mode].................................................................................41
IPv6 Internet connections and IPv6 addresses [router mode]......43
Use Auto Detect for an IPv6 Internet connection [router
mode]..............................................................................................44
Use Auto Config for an IPv6 Internet connection [router
mode]..............................................................................................46
Set up an IPv6 6to4 tunnel Internet connection [router mode].48
Set up an IPv6 6rd Internet connection [router mode].............49
Set up an IPv6 passthrough Internet connection [router
mode]..............................................................................................51
Set up an IPv6 fixed Internet connection [router mode]...........52
Set up an IPv6 DHCP Internet connection [router mode].........54
Set up an IPv6 PPPoE Internet connection [router mode]........56
Chapter 4 Basic WiFi and Radio Features
Set up or change an open or secure WiFi network........................59
Configure WPA and WPA2 Enterprise WiFi security with a RADIUS
server....................................................................................................63
Enable or disable a WiFi network.....................................................65
Hide or broadcast the SSID for a WiFi network..............................66
Manage client isolation for clients of the Wireless 2 or Wireless 3
network................................................................................................67
Manage access to LAN ports for clients of the Wireless 2 or Wireless
3 network.............................................................................................68
Manage SSID isolation for all WiFi networks...................................69
Enable or disable a WiFi radio..........................................................70
Use WPS to connect to the WiFi network........................................72
Use WPS with the push button method......................................72
Use WPS with the PIN method.....................................................73
Chapter 5 Security, Firewall, and Access Rules
Firewall WAN settings [router mode]..............................................76
Manage port scan protection and denial of service protection
[router mode].................................................................................76
Set up a default DMZ server [router mode]................................77
Manage IGMP proxying [router mode].......................................78
Manage NAT filtering [router mode]...........................................79
Manage the SIP application-level gateway [router mode].......80
Network access control lists..............................................................81
Enable and manage network access control..............................81
Add, remove or change a device on the the allowed list.........83
Add, remove or change a device on the blocked list...............84
Block specific Internet sites [router mode]......................................86
4
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Set up keyword and domain blocking [router mode]...............86
Remove a keyword or domain from the blocked list [router
mode]..............................................................................................88
Remove all keywords and domains from the blocked list [router
mode]..............................................................................................89
Block specific applications and services from the Internet [router
mode]...................................................................................................89
Add a service blocking rule for a predefined service or application
[router mode].................................................................................90
Add a service blocking rule for a custom service or application
[router mode].................................................................................91
Change a service blocking rule [router mode]..........................93
Remove a service blocking rule [router mode]..........................94
Assign a trusted device [router mode]............................................95
Schedule blocking [router mode]....................................................96
Set up security event email notifications.........................................97
Chapter 6 Optimize Performance
Enable QoS and automatically set the Internet bandwidth........100
Enable QoS and manually set the Internet bandwidth................101
Enable or disable the automatic update of the Performance
Optimization Database....................................................................102
Manage WiFi Multimedia (WMM) for a radio...............................103
Improve network connections with Universal Plug and Play [router
mode].................................................................................................105
Change the priority for a connected device [router mode]........106
Chapter 7 Network Settings
LAN IP address settings [router mode].........................................109
Change the LAN IP address and subnet settings [router
mode]............................................................................................109
Manage the DHCP server address pool [router mode]..........110
Disable the DHCP server [router mode]...................................112
Manage the Router Information Protocol settings [router
mode]............................................................................................113
Change the access point network device name..........................114
Reserved LAN IP addresses [router mode]...................................115
Reserve a LAN IP address [router mode]..................................115
Change a reserved LAN IP address [router mode].................116
Remove a reserved LAN IP address entry [router mode].......117
Static routes.......................................................................................118
Add an IPv4 static route..............................................................118
Change an IPv4 static route........................................................120
Remove an IPv4 static route.......................................................121
5
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Bridge port and VLAN tag groups [router mode]........................121
Set up a bridge for a port group [router mode]......................122
Set up a bridge for a VLAN tag group [router mode].............123
Change the MTU size [router mode].............................................125
Chapter 8 Maintain and Monitor
Update the firmware........................................................................129
Let the access point check for new firmware and update the
firmware........................................................................................129
Manually check for new firmware and update the firmware...131
Back up or restore the settings.......................................................133
Back up the access point settings..............................................133
Restore the access point settings..............................................134
Change the local device password................................................135
Change the password recovery questions for the local device
password...........................................................................................136
Recover the local device admin password....................................137
Factory default settings...................................................................138
Use the dual-function Reset button to return to factory
defaults..........................................................................................138
Use the local browser UI to return to factory defaults.............140
Time and Network Time Protocol server.......................................142
Manually set the time zone and adjust the daylight saving
time................................................................................................142
Change the Network Time Protocol server..............................143
Logs....................................................................................................144
Specify which activities the access point logs..........................144
View, send, or clear the logs......................................................145
Status and statistics..........................................................................146
Display information about the Internet port, access point, and
WiFi settings [router mode]........................................................146
Display information about the LAN port, access point, and WiFi
settings [access point mode]......................................................149
Check the Internet connection status........................................151
Display the Internet port statistics.............................................153
Display the devices currently on the access point network and
change device information.........................................................154
Traffic meter [router mode].............................................................157
Start the traffic meter without traffic restrictions [router mode].158
Restrict Internet traffic by volume [router mode].....................159
Restrict Internet traffic by connection time [router mode].....160
View the Internet traffic volume and statistics [router mode].162
Unblock the traffic meter after the traffic limit is reached [router
mode]............................................................................................163
6
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Change the system mode to access point mode or to router
mode..................................................................................................164
Disable LED blinking or turn off LEDs............................................166
Chapter 9 Dynamic DNS [Router Mode]
About Dynamic DNS [router mode]...............................................168
Set up a new Dynamic DNS account [router mode]....................168
Use an existing Dynamic DNS account [router mode]................169
Change the Dynamic DNS account settings [router mode].......171
Chapter 10 VPN Client [Router Mode]
About setting up the access point as a VPN client [router mode].173
Enable the VPN client in the access point and connect to a VPN
server [router mode]........................................................................174
Disconnect the access point from the VPN server [router mode].176
Chapter 11 VPN Server and Service with OpenVPN[Router Mode]
Enable and configure OpenVPN and VPN client access on the access
point [router mode]..........................................................................178
OpenVPN client utility and VPN configuration files [router
mode].................................................................................................179
Install OpenVPN on a Windows-based computer [router
mode]............................................................................................180
Install OpenVPN on a Mac [router mode]................................181
Install OpenVPN on an iOS device [router mode]...................182
Install OpenVPN on an Android device [router mode]..........183
About setting up an OpenVPN connection [router mode].........184
About VPN access to your network or Internet service at your office
or home [router mode]....................................................................185
Use a VPN tunnel to remotely access your Internet service [router
mode].................................................................................................186
Chapter 12 Advanced WiFi and Radio Features
Change the region of operation.....................................................188
Manage 802.11ax and enable or disable OFDMA for a radio....189
Enable or disable smart connect for the access point.................190
Enable or disable 20/40 MHz coexistence for the 2.4 GHz radio.192
Change the channel for a radio......................................................193
Change the WiFi throughput mode for a radio............................194
Change the transmission output power for a radio.....................196
Add a WiFi schedule for a radio.....................................................197
Enable or disable MU-MIMO..........................................................199
Enable or disable explicit beamforming.......................................200
Enable or disable PMF.....................................................................201
7
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Set up access point as a WiFi Bridge to another device.............202
Change the CTS/RTS threshold and preamble mode for a radio.205
Chapter 13 Port Forwarding and Port Triggering [Router Mode]
Port forwarding to a local server for services and applications [router
mode].................................................................................................208
Forward incoming traffic for a default service or application
[router mode]...............................................................................208
Add a port forwarding rule for a custom service or application
[router mode]...............................................................................209
Change a port forwarding rule [router mode].........................211
Remove a port forwarding rule [router mode].........................212
How the access point implements a port forwarding rule [router
mode]............................................................................................213
Application example: Make a local web server public [router
mode]............................................................................................213
Port triggering for services and applications [router mode]......214
Add a port triggering rule [router mode].................................214
Change a port triggering rule [router mode]...........................216
Remove a port triggering rule [router mode]..........................217
Specify the time-out for port triggering [router mode]..........218
Disable port triggering [router mode]......................................219
Application example: Port triggering for Internet Relay Chat
[router mode]...............................................................................220
Chapter 14 Diagnostics and Troubleshooting
Reboot the access point from the local browser UI.....................222
Quick tips for troubleshooting.......................................................223
Restart your access point network if in router mode...............223
Restart your access point when in access point mode...........223
Check the Ethernet cable connections.....................................223
Check the WiFi settings of your computer or mobile device..223
Check the DHCP network settings of your computer or mobile
device............................................................................................224
Standard LED behavior when the access point is powered on...225
Troubleshoot with the LEDs............................................................225
Power LED is off...........................................................................225
Power LED does not turn green.................................................226
Internet LED is solid amber or off [router mode].....................226
Internet LED is solid amber or off [access point mode]..........227
WiFi LED is Off..............................................................................227
The LAN LED is off while a device is connected......................228
You cannot log in to the access point............................................228
You cannot log in to the access point [router mode]..............228
8
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
You cannot log in to the access point [access point mode]....229
You cannot access the Internet [router mode].............................231
Check the Internet WAN IP address [router mode]................231
Check or manually start the PPPoE connection [router mode].233
Troubleshoot Internet browsing.....................................................234
Troubleshoot the WiFi connectivity...............................................235
Changes are not saved....................................................................236
Troubleshoot your network using the ping utility of your computer
or mobile device...............................................................................236
Test the LAN path from a Windows-based computer to the access
point..............................................................................................237
Test the path from a Windows-based computer to a remote
device [router mode]...................................................................238
Appendix A Factory Default Settings and Technical Specifications
Factory default settings...................................................................240
Technical specifications...................................................................242
Appendix B Positioning and Wall-Mounting
Position the access point.................................................................245
Wall-mount the access point...........................................................246
9
1
Hardware Overview
The WiFi 6 AX1800 Dual Band Wireless Access Point Model WAX204, in this manual
referred to as the access point, supports 802.11ax high performance WiFi connectivity
and dual-band concurrent operation at 2.4 GHz and 5 GHz with a combined throughput
of 1.8 Gbps (600 Mbps at 2.4 GHz and 1200 Mbps at 5 GHz). The access point is designed
to function standalone in a small office network or home network.
You can use the access point in its default router mode with its router features enabled,
directly connected to the Internet, for example through a modem. You can also use the
access point in access point mode with its router features disabled, connected to an
existing router in your network.
The chapter contains the following sections:
• Top panel with LEDs
• Back panel with ports, buttons, and a power connector
• Position the antennas for best WiFi performance
• Access point label
Note: For more information about the topics that are covered in this manual, visit the
support website at netgear.com/support/.
Note: Firmware updates with new features and bug fixes are made available from time
to time at netgear.com/support/download/. You can check for and download new
firmware manually. If the features or behavior of your product does not match what is
described in this manual, you might need to update the firmware.
10
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Top panel with LEDs
The five status LEDs are located on the top panel of the access point. From left to right,
the top panel contains the Power LED, Internet LED, WiFi LED, LAN LED, and WPS LED.
Figure 1. Top panel with LEDs
User Manual11Hardware Overview
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Table 1. LED descriptions
DescriptionLED
Power
Internet
WiFi
LAN
Solid green. The access point is ready.
Solid amber. The access point is starting or upgrading firmware.
Blinking amber. The access point was reset to factory default settings and is restarting.
For more information about resetting the access point to factory default settings, see
Factory default settings on page 138.
Blinking red. The firmware is corrupted and the access point cannot start. For more
information, see Power LED does not turn green on page 226.
Off. Power is not supplied to the access point.
Solid green. An Internet connection is established.
Blinking green. The Internet port is sending or receiving traffic.
Solid amber. The access point cannot get an Internet connection. For more information,
see Internet LED is solid amber or off [router mode] on page 226 (router mode is the
default system mode) or Internet LED is solid amber or off [access point mode] on page
227.
Blinking alternating green and amber. If the traffic meter is enabled, the traffic limit
is reached. Fore more information, see Unblock the traffic meter after the traffic limit is
reached [router mode] on page 163.
Off. No Internet connection exists, for example, because no cable is inserted in the
Internet port.
Solid green. One or both WiFi radios are operating.
Blinking green. One or both WiFi radios are sending or receiving traffic.
Off. Both WiFi radios are off. For more information, see WiFi LED is Off on page 227.
Solid green. One or more LAN ports are connected to powered-up devices.
Blinking green. One or more LAN ports are sending or receiving traffic.
Solid amber. One or more LAN ports function at 10 or 100 Mbps speed and are
connected to powered-up devices.
Blinking amber. One or more LAN ports are sending or receiving traffic at 10 or 100
Mbps speed.
Off. None of the LAN ports is connected to a device.
WPS
Solid green. WPS is available.
Blinking green. The WPS button was pressed. For two minutes, the access point
attempts to find the WiFi device (that is, the client) that can join the access point Wireless
1 network. For more information, see Use Wi-Fi Protected Setup to join the WiFi network
on page 33.
Off. WPS is disabled.
User Manual12Hardware Overview
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Back panel with ports, buttons, and a power connector
The back panel of the access point provides ports, buttons, and a DC power connector.
Figure 2. Back panel
Viewed from left to right, the back panel contains the following components:
WPS button. Press the WPS button to join the access point’s WiFi network without
•
typing the WiFi password. For more information, see Use Wi-Fi Protected Setup to
join the WiFi network on page 33.
Internet port. One Internet (WAN) port (yellow) to connect the access point to a
•
modem or existing router in your network:
- Connect to a modem. Connect the Internet port directly to a modem. The modem
must provide an Internet connection to the access point. For more information
about this setup, in which the access point must function in its default router
mode, see Connect the access point to a modem and log in for the first time on
page 18.
- Connect to a router. Connect the Internet port directly to a router in your network,
or to a switch or hub that is connected to the router. For more information about
this setup, in which the access point must function in access point mode, see
Connect the access point to a router and log in for the first time on page 22.
User Manual13Hardware Overview
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
LAN ports 1 through 4. Four Gigabit Ethernet RJ-45 LAN ports numbered LAN 1
•
through LAN 4 to connect the access point to Ethernet devices such as a computer
and a switch.
Reset button. Press the Reset button to reset the access point to factory default
•
settings. For more information, see Use the dual-function Reset button to return to
factory defaults on page 138.
DC power connector. Connect the power adapter that came in the product package
•
to the DC power connector.
Position the antennas for best WiFi performance
You can swivel the three access point antennas in any direction. For best WiFi
performance, we recommend that you experiment with various antenna positions. For
example, you could position the center antenna vertically and aim the other two antennas
outward at 45-degree angles.
Access point label
The access point label on the bottom panel of the access point shows the default login
information, default WiFi network name (SSID), default WiFi passphrase, serial number
and MAC address of the access point, and other information.
Figure 3. Access point label
User Manual14Hardware Overview
2
Installation and Initial Log-in
This chapter describes how you can install and access the access point in your network
and go through the initial log-in process. By default, the access point is in router mode.
You can also change the mode to access point mode.
IMPORTANT: To obtain full and unlimited access to access point, you must register
the access point. You can do so by accessing your NETGEAR account and obtaining a
registration key. However, the easiest way to register your access point is to connect it
to the Internet, go though the initial log-in process, also referred to as single sign-on
(SSO), and log in with a NETGEAR account. (You can create an account during the log-in
process.)
Note: When you log in to the access point, you connect to the local browser user
interface (UI).
The chapter contains the following sections:
• About router mode and access point mode
• Routing features enabled only in router mode
• Set up the access point and complete the initial log-in process
• Get a registration key
• Find the IP address of the access point when you cannot use routerlogin.net
• Find the IP address of the access point with the NETGEAR Insight mobile app
• Log in to the access point after initial setup
• Change the language
• Connect a wired or WiFi device to the access point’s network after installation
15
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
About router mode and access point mode
Before you set up the access point, decide whether you will use the access point in its
default router mode or in access point mode:
Router mode. By default, the access point is in router mode so that you can connect
•
it directly to a modem such as a cable or DSL modem. In router mode, the access
point functions as both a router for Internet access and a WiFi access point. The
access point receives its IP address settings from your Internet service provider (ISP)
and delivers IP address settings to its WiFi and LAN clients.
Access point mode. You can also connect the access point to an existing router in
•
your network and, after you log in, change the system mode to access point mode.
The router must support a DHCP server, or another DHCP server must be present
in the network, so that an IP address is assigned to the access point and its clients
and Internet access is provided. Another option is to assign the access point and its
clients static IP addresses, but using DHCP is easier.
In access point mode, the access point functions as a WiFi access point only and its
router functions are disabled. For example, routing services such as NAT and the
DHCP server are disabled.
For more information about the routing features, see Routing features enabled only in
router mode on page 16.
Routing features enabled only in router mode
The access point can function in router mode (its default system mode) or in access
point mode.
The following routing features are enabled in router mode but disabled in access point
mode:
Internet settings, including an IP address issued through dynamic DHCP (the default
•
setting), a manually specified static IP address, an IP address issued through PPPoE,
L2TP, or PPTP, and various ways to implement an IPv6 address.
WAN settings, including routing services such as NAT.
•
LAN settings, including a DHCP server.
•
QoS settings.
•
User Manual16Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Internet security settings, including the option to block sites and services, and the
•
option to set up port forwarding and port triggering rules.
VPN service and VPN client.
•
Internet traffic meter.
•
Bridge port and VLAN tag groups.
•
Changing the priority for an attached device.
•
For information about changing the system mode after initial setup, Change the system
mode to access point mode or to router mode on page 164.
The system mode affects how you can reach the access point local browser UI:
Router mode. Enter http://www.routerlogin.net in the address field of your
•
browser.
In router mode, you always connect directly to the access point.
Access point mode. The method to reach the local browser UI depends on how
•
you connect to the access point:
-
Directly connected. Enter http://www.routerlogin.net in the address field of
your browser.
One exception exists: If you assigned a static IP address to the access point, you
must use that IP address to reach the local browser UI.
-
Connected over your network. In the address field of your browser, enter the
IP address that your existing router or DHCP server assigned to the access point.
For more information, see Find the IP address of the access point when you
cannot use routerlogin.net on page 27.
Set up the access point and complete the initial log-in process
When you connect the access point to the Internet and complete the initial log-in process,
also referred to as single sign-on (SSO), the following are required in most situations:
Default router mode. The access point must be in its default router mode.
•
Internet connection. The access point must connect to the Internet through a modem
•
or through an existing router in your network.
Registration. To get full and unlimited access to the local browser UI, you must log
•
in with either a NETGEAR account or a registration key. If you do not have a NETGEAR
account, you can create one during the initial log-in process. For information about
getting a registration key, see Get a registration key on page 26.
User Manual17Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Before you register the access point, you can access the local browser UI of the access
point by using your new local device password (you must specify it during the initial
log-in process), for either restricted access or full access for a limited time. Before you
register the switch with your NETGEAR account, you can use one of the following options:
Access limited features. Select the option to access a restricted menu of the local
•
browser UI without time limitations. You can do so by using the local device password
to get access to limited features such updating the firmware, uploading or
downloading the configuration file, and restarting the access point.
Temporarily access all features. Select the option to temporarily access the full
•
menu of the local browser UI. You can do so by using the local device password,
but you get full access three times only. During a temporary full access session, you
can configure and manage all features and settings in the local browser UI.
Note: During a temporary access session, if the session is inactive for 60 minutes,
you are automatically logged out from the local browser UI. However, the session
still counts as one of three temporary access sessions.
For more information about connecting the access point to the Internet and completing
the initial log-in process, see one of the following sections:
Connect the access point to a modem and log in for the first time on page 18
•
Connect the access point to a router and log in for the first time on page 22
•
Connect the access point to a modem and log in for the first time
When you set up the access point and connect it to your modem, the following applies,
depending on the type of WAN connection your modem uses:
Dynamic DHCP. If the type of WAN connection is dynamic DHCP, the access point
•
automatically receives an IP address from your Internet service provider (ISP) and
you do need to provide any IP address information. This type of WAN connection
is the most common.
PPPoE, L2TP, or PPTP, or static IP address. If the type of WAN connection is PPPoE,
•
L2TP, or PPTP, or your Internet connection requires a static IP address, you must
follow the prompts during the setup process and provide the required information
for the Internet connection.
Note: If you are not sure which type of WAN connection your Internet service uses,
contact your ISP before you start the following procedure.
User Manual18Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Figure 4. Connect the access point in default router mode to your modem
To connect the access point to a modem and log in to the local browser UI for the
first time:
1.
Unplug your modem’s power, leaving the modem connected to the wall jack for
your Internet service.
2.
If the modem uses a battery backup, remove the battery.
3. Connect the Ethernet cable to the yellow Internet port on the access point.
4.
Connect the other end of the cable to a LAN port on your modem.
5.
If the modem uses a battery backup, put the battery back in.
6. Plug in and turn on the modem.
7. Power on the access point and check to see that the LEDs light.
DescriptionLED
Power
Internet
When you turn on the access point, the Power LED lights solid red for about five seconds
and then turns solid amber. After about 90 seconds, the Power LED lights solid green.
The Internet LED lights solid green or blinks green when the Internet connection is
established.
Note: The Internet connection is established after you access the local browser UI during
the Setup Wizard process. If the Internet LED remains off or solid amber and does not
turn solid green or blinking green, see Internet LED is solid amber or off [router mode]
on page 226.
The WiFi LED lights solid green or blinks green.WiFi
User Manual19Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
8.
Log in to the access point by using one of the following methods:
Connect over WiFi. On a WiFi-enabled computer or mobile device, find and
•
connect to the access point’s WiFi network (SSID).
The default SSID and WiFi password (network key) are printed on the access
point label.
Connect over Ethernet directly to the access point. Using an Ethernet cable,
•
connect the LAN port on your computer directly to any of the four LANs port on
the access point.
9.
Launch a web browser and enter http://www.routerlogin.net in the address field.
The Setup Wizard starts.
If the Setup Wizard does not start, see You cannot log in to the access point [router
mode] on page 228.
10. Follow the prompts.
Note the following:
Trouble connecting to the Internet? If the access point does not connect to the
•
Internet, see Troubleshoot Internet browsing on page 234.
WAN connection type. If the WAN connection is PPPoE, L2TP, or PPTP, or your
•
Internet connection requires a static IP address, during the Setup Wizard Process,
provide the required information for the Internet connection when the Smart
Setup Wizard prompts you for the information.
New admin password. During the Setup Wizard process, you must specify a
•
new admin password (the local device password) and specify answers to two
security questions (you can choose the questions).
Firmware update. During the Setup Wizard process, you can update the firmware
•
(if new firmware is available). Depending on the configuration, the access point
might need to restart, you might need to log in again to continue the Setup
Wizard process, or you might need to do both.
Browser security message. During the Setup Wizard process, your browser will
•
most likely display a security message. You can either ignore this message or
install the security certificate. Consider the following examples:
-
Google Chrome. If Google Chrome displays a Your connection is not private
message, click the ADVANCED link. Then, click the Proceed to x.x.x.x
(unsafe) link, in which x.x.x.x represents the IP address of the switch.
-
Apple Safari. If Apple Safari displays a This connection is not private message,
click the Show Details button. Then, click the visit this website link. If a
warning pop-up window displays, click the Visit Website button. If another
pop-up window displays to let you confirm changes to your certificate trust
User Manual20Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
settings, enter your Mac user name and password and click the Update Setting
button.
-
Mozilla Firefox. If Mozilla Firefox displays a Your connection is not secure
message, click the ADVANCED button. Then, click the Add Exception button.
In the pop-up window that displays, click the Confirm Security Exception
button.
-
Microsoft Internet Explore. If Microsoft Internet Explorer displays a There is
a problem with this website’s security certificate message, click the Continue
to this website (not recommended) link.
-
Microsoft Edge. If Microsoft Edge displays a There is a problem with this
website’s security certificate message or a similar warning, select Details >
Go on to the webpage.
When the Setup Wizard is finished, the Register to unlock all features page displays.
11.
Register the access point or select either restricted access or full access for a limited
time to the local browser UI:
Register with a NETGEAR account. Click the Login In with Netgear account
•
button and follow the prompts. Either use your existing NETGEAR account or
create a new free NETGEAR account.
Register with a registration key. If you have a registration key (see Get a
•
registration key on page 26), click the Enter Registration Key and enter the key.
Access limited features. Click the Skip Registration and Access Limited
•
Features button to get access to a restricted menu of the local browser UI without
time limitations. (For more information, see Set up the access point and complete
the initial log-in process on page 17.) The password that you must enter is your
new local device password.
Temporarily access all features. Click the Skip Registration and Temporarily
•
Access All Features button to get access to the full menu of the local browser
UI, but you get this access three times only. (For more information, see Set up
the access point and complete the initial log-in process on page 17.) The password
that you must enter is your new local device password.
12. Log in again to the local browser UI by entering your new local device password.
This is the password that you specified during the Setup Wizard process.
The BASIC Home page displays.
The Home page displays various panes that let you see the status of your access
point at a glance. You can now configure and monitor the access point.
User Manual21Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Connect the access point to a router and log in for the first time
The easiest way to use the access point in access point mode is to connect it to an
existing router in your network, either directly, or through a switch or hub (almost any
router functions as a DHCP server). If your network includes an independent DHCP
server, connect the access point to a switch or hub that is connected to the DHCP server.
Only after you complete the initial log-in process, can you change the system mode to
access point mode.
Figure 5. Connect the access point to an existing router in your network
To connect the access point directly to an existing router in your network and log
in to the local browser UI for the first time:
1. Connect an Ethernet cable to the yellow Internet port on the access point.
2.
Connect the other end of the cable to a LAN port on your network router.
Your network router must support a DHCP server so that it assigns an IP address to
the access pointand its clients and provides Internet access.
3. Power on the access point and check to see that the LEDs light.
User Manual22Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
DescriptionLED
Power
Internet
4.
Log in to the access point by using one of the following methods:
Connect over WiFi. On a WiFi-enabled computer or mobile device, find and
•
When you turn on the access point, the Power LED lights solid red for about five seconds
and then turns solid amber. After about 90 seconds, the Power LED lights solid green.
The Internet LED lights solid green or blinks green when the Internet connection is
established.
Note: The Internet connection is established after you access the local browser UI during
the Setup Wizard process. If the Internet LED remains off or solid amber and does not
turn solid green or blinking green, see Internet LED is solid amber or off [access point
mode] on page 227.
The WiFi LED lights solid green or blinks green.WiFi
connect to the access point’s WiFi network (SSID).
The default SSID and WiFi password (network key) are printed on the access
point label.
Connect over Ethernet directly to the access point. Using an Ethernet cable,
•
connect the LAN port on your computer directly to any of the four LANs port on
the access point.
5.
Launch a web browser and enter http://www.routerlogin.net in the address field.
The Setup Wizard starts.
If the Setup Wizard does not start, see You cannot log in to the access point [access
point mode] on page 229.
6. Follow the prompts.
Note the following:
Trouble connecting to the Internet? If the access point does not connect to the
•
Internet, see Troubleshoot Internet browsing on page 234.
WAN connection type. If the WAN connection is PPPoE, L2TP, or PPTP, or your
•
Internet connection requires a static IP address, during the Setup Wizard Process,
provide the required information for the Internet connection when the Smart
Setup Wizard prompts you for the information.
New admin password. During the Setup Wizard process, you must specify a
•
new admin password (the local device password) and specify answers to two
security questions (you can choose the questions).
User Manual23Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Firmware update. During the Setup Wizard process, you can update the firmware
•
(if new firmware is available). Depending on the configuration, the access point
might need to restart, you might need to log in again to continue the Setup
Wizard process, or you might need to do both.
Browser security message. During the Setup Wizard process, your browser will
•
most likely display a security message. You can either ignore this message or
install the security certificate. Consider the following examples:
-
Google Chrome. If Google Chrome displays a Your connection is not private
message, click the ADVANCED link. Then, click the Proceed to x.x.x.x
(unsafe) link, in which x.x.x.x represents the IP address of the switch.
-
Apple Safari. If Apple Safari displays a This connection is not private message,
click the Show Details button. Then, click the visit this website link. If a
warning pop-up window displays, click the Visit Website button. If another
pop-up window displays to let you confirm changes to your certificate trust
settings, enter your Mac user name and password and click the Update Setting
button.
-
Mozilla Firefox. If Mozilla Firefox displays a Your connection is not secure
message, click the ADVANCED button. Then, click the Add Exception button.
In the pop-up window that displays, click the Confirm Security Exception
button.
-
Microsoft Internet Explore. If Microsoft Internet Explorer displays a There is
a problem with this website’s security certificate message, click the Continue
to this website (not recommended) link.
-
Microsoft Edge. If Microsoft Edge displays a There is a problem with this
website’s security certificate message or a similar warning, select Details >
Go on to the webpage.
When the Setup Wizard is finished, the Register to unlock all features page displays.
7.
Register the access point or select either restricted access or full access for a limited
time to the local browser UI:
Register with a NETGEAR account. Click the Login In with Netgear account
•
button and follow the prompts. Either use your existing NETGEAR account or
create a new free NETGEAR account.
Register with a registration key. If you have a registration key (see Get a
•
registration key on page 26), click the Enter Registration Key and enter the key.
Access limited features. Click the Skip Registration and Access Limited
•
Features button to get access to a restricted menu of the local browser UI without
time limitations. (For more information, see Set up the access point and complete
User Manual24Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
the initial log-in process on page 17.) The password that you must enter is your
new local device password.
Temporarily access all features. Click the Skip Registration and Temporarily
•
Access All Features button to get access to the full menu of the local browser
UI, but you get this access three times only. (For more information, see Set up
the access point and complete the initial log-in process on page 17.) The password
that you must enter is your new local device password.
8. Log in to the local browser UI again by entering your new local device password.
This is the password that you specified during the Setup Wizard process.
The BASIC Home page displays.
9. To change the system mode to access point mode, select ADVANCED > Advanced
Setup > Router / AP / Bridge Mode, and continue with the following steps.
The Router / AP / Bridge Mode page displays.
10. Select the AP Mode radio button.
We recommend that you leave the Get dynamically from existing access
point/router button selected to let the access point get an IP address dynamically
from the existing router in your network.
11. Click the Apply button, and in the pop-up window that displays, click the OK button.
Your settings are saved and the access point is reconfigured in access point mode.
The routing functions of the access point are disabled. Do not close the browser
page.
12. Log back in to the access point.
For more information, see Step 4.
If your browser web page does not show the login window, you might need to enter
the new IP address of the access point in the address field. For more information,
see Find the IP address of the access point when you cannot use routerlogin.net on
page 27.
13.
If your browser displays a security message again, see the information in Step 6.
14.
Find the new IP address of the access point in the local browser UI by doing the
following:
a. Select ADVANCED > ADVANCED Home.
The ADVANCED Home page of the access point displays. The LAN Port pane
shows the IP address that is now assigned to the access point.
b.
Save the LAN IP address of the access point for later use.
User Manual25Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
You must use this IP address if you plan to connect to the same network as the
access point but not directly to the access point network. If you are directly
connected to the access point network, you can use http://www.routerlogin.net.
15.
Clear the cache of your browser.
In access point mode, the access point functions with different IP address settings
than in router mode. Clearing the cache of your browser might prevent website
connectivity problems.
If you experience connectivity problems, see one of the following sections:
You cannot log in to the access point [access point mode] on page 229
•
Troubleshoot Internet browsing on page 234
•
Get a registration key
After you register the access point with NETGEAR, you can get a registration key to
unlock full access to the local browser UI. When you enter the registration key to access
the local browser UI, the access point can be connected to the Internet but does not
need to be for you to configure the features.
This procedure describes how you can visit my.netgear.com, log in to your NETGEAR
account, register the access point using its serial number, and get a registration key. If
you do not have a free NETGEAR account, you can create one.
Note: You can also use the NETGEAR Insight app to get a registration key. For more
information, visit
kb.netgear.com/000061819/How-do-I-find-my-NETGEAR-registration-key.
To get a registration key:
1. From a computer or mobile device that is connected to the Internet, visit
my.netgear.com.
2. Log in to your NETGEAR account.
If you do not have a free NETGEAR account, you can create one.
The My Products page displays.
3.
From the menu on the left, select Register a Product.
The Register a Product page displays.
4.
In the Serial Number field, enter the serial number of the access point.
User Manual26Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
The serial number consists of 13 digits. The serial number is printed on the access
point label.
5.
From the Date Of Purchase menu, select the date that you purchased the access
point.
6. Click the REGISTER button.
The access point is registered with NETGEAR.
An confirmation email that includes the registration key is sent to your NETGEAR
account email address.
7.
If the My Products page does not display, click My Product from the menu.
8.
Select the radio button for the newly registered access point.
9. Scroll down and click the VIEW REGISTRATION KEY button.
A pop-up window with the registration key displays.
Find the IP address of the access point when you cannot use routerlogin.net
Under the following circumstances, when the access point is in access point mode, you
cannot use http://www.routerlogin.net to log in to the access point:
Your computer or mobile device is not directly connected to the access point network
•
even it is on the same network as the access point.
Your computer or mobile device is directly connected to the access point, but the
•
access point is using a static IP address.
Note: If the access point can reach its DNS server only over the Internet (for example,
the IP address of the DNS server is 8.8.8.8), you cannot use
http://www.routerlogin.net. However, if the DNS server is the IP address of the
router to which the access point connects but the router’s Internet connection is
down, you can use http://www.routerlogin.net because the access point can still
reach the router.
Your network includes another NETGEAR device that is also accessible by using
•
http://www.routerlogin.net. In such a situation, if you use
http://www.routerlogin.net, you might log in to the access point or you might log
in to the other NETGEAR device, depending on your network situation.
User Manual27Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
In these situations, use the IP address that was assigned to the access point by your
existing router during the setup process (see Connect the access point to a router and
log in for the first time on page 22) to log in to the local browser UI of the access point.
If you do not know the IP address that was assigned to the access point, use one of the
following options to find the IP address of the access point:
Only if the access point is connected to the Internet, do one of the following:
•
- Option 1. Temporarily connect directly and log in. Temporarily connect a
computer directly either through an Ethernet cable or over WiFi or a mobile
device over WiFi to the access point and do the following:
1.
Open a web browser from a computer or mobile device that is directly
connected to the access point network.
2.
Enter http://www.routerlogin.net in the address field.
3. Click the Login button.
The NETGEAR Account Login page displays.
4. Enter your registered email address and password and click the Login button.
The BASIC Home page displays.
5. Select ADVANCED.
The ADVANCED Home page displays
6. In the LAN Port pane, click the CONNECTION STATUS button.
The IP Address field displays the IP address that is assigned to the access
point.
- Option 2. Temporarily connect directly and ping the access point. Temporarily
connect a computer or mobile device directly through an Ethernet cable or over
WiFi to the access point and send a ping to http://www.routerlogin.net.
How to send a ping depends on your computer or mobile device.
On your computer or mobile device, the field with the ping results displays the
IP address that is assigned to the access point.
Regardless of whether the access point is connected to the Internet, do one of the
•
following:
- Option 1. Use the NETGEAR Insight mobile app. To use the NETGEAR Insight
mobile app to discover the IP address of the access point in your network, do
the following:
1.
On your iOS or Android mobile device, go to the app store, search for
NETGEAR Insight, and download and install the app.
2. Connect your mobile device to the access point WiFi network.
User Manual28Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
3. Open the NETGEAR Insight mobile app.
4. Tap LOG IN to log in to your NETGEAR account, which is the same account
that you logged into or created during the initial log-in process.
After you log in to your account, the IP address of the access point displays
in the device list.
- Option 2. Access your modem or existing router. Access the DHCP server
information of your modem or existing router to see the devices that are
connected to it, including the access point. The IP address that is assigned to the
access point is listed.
- Option 3. Use an IP scanner. Use an IP scanner application (they are available
free of charge on the Internet) in the network of your existing router. The IP
scanner results include the IP address that is assigned to the access point.
If you made a direct connection to the access point, you can now terminate that
connection. Connect your computer or mobile device to the same network as the access
point, and use the discovered IP address to log in to the access point.
Find the IP address of the access point with the NETGEAR Insight mobile app
The NETGEAR Insight mobile app lets you discover the access point in your network.
Note: Although you can use the NETGEAR Insight mobile app to register the access
point, the access point is already registered automatically after the initial log-in process.
To use the NETGEAR Insight mobile app to discover the access point in your
network:
1.
On your iOS or Android mobile device, go to the app store, search for NETGEAR
Insight, and download and install the app.
2. Connect your mobile device to the access point WiFi network.
3. Open the NETGEAR Insight mobile app.
4. Tap LOG IN to log in to your existing NETGEAR account, which is the same account
that you logged into or created during the initial log-in process.
After you log in to your account, the IP address of the access point displays in the
device list.
5.
Save the IP address for future use.
User Manual29Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Log in to the access point after initial setup
After initial setup, the access point is ready for use and you can change the settings and
monitor the traffic.
When you enter the IP address that is assigned to the access point and you use http,
the browser automatically redirects your request to https. If you did not yet install the
access point’s security certificate, your browser might display a security message. You
can either ignore this message or install the security certificate. Consider the following
examples:
Google Chrome. If Google Chrome displays a Your connection is not private
•
message, click the ADVANCED link. Then, click the Proceed to x.x.x.x (unsafe)
link, in which x.x.x.x represents the IP address of the switch.
Apple Safari. If Apple Safari displays a This connection is not private message, click
•
the Show Details button. Then, click the visit this website link. If a warning pop-up
window displays, click the Visit Website button. If another pop-up window displays
to let you confirm changes to your certificate trust settings, enter your Mac user name
and password and click the Update Setting button.
Mozilla Firefox. If Mozilla Firefox displays a Your connection is not secure message,
•
click the ADVANCED button. Then, click the Add Exception button. In the pop-up
window that displays, click the Confirm Security Exception button.
Microsoft Internet Explore. If Microsoft Internet Explorer displays a There is a
•
problem with this website’s security certificate message, click the Continue to this
website (not recommended) link.
Microsoft Edge. If Microsoft Edge displays a There is a problem with this website’s
•
security certificate message or a similar warning, select Details > Go on to the
webpage.
To log in to the access point’s local browser UI after initial setup:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
A direct connection to the access point network, which is the most common type of
setup, can be through WiFi or over Ethernet:
WiFi. A connection from a computer or mobile device to a WiFi network on the
•
access point.
Ethernet. A connection from a computer over an Ethernet cable to one of the
•
LAN ports on the access point, either with or without a switch or hub between
the computer and the access point.
2.
Enter http://www.routerlogin.net in the address field.
User Manual30Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message,
see the information in the introduction to this task.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
The Home page displays various panes that let you see the status of your access point
at a glance. You can now configure and monitor the access point.
Change the language
By default, the language of the local browser UI is set as Auto. You can change the
language.
To change the language:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4.
In the upper right corner, select a language from the menu.
User Manual31Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
The page refreshes with the language that you selected.
Connect a wired or WiFi device to the access point’s network after installation
After you install the access point in your network (see Set up the access point and
complete the initial log-in process on page 17), you can connect devices to the access
point’s LAN through Ethernet cables or to the access point’s WiFi network over a WiFi
connection.
If the device that you are trying to connect is set up to use a static IP address, change
the settings of your device so that it uses Dynamic Host Configuration Protocol (DHCP)
and can receive an IP address through or from the access point.
Note: Connecting to the access point’s network is not the same as connecting to the
local browser UI to view or manage the access point’s settings. For information about
logging in to the access point local browser UI, see Log in to the access point after initial
setup on page 30.
Connect to the access point through an Ethernet cable
You can connect a computer or other LAN device to the access point using an Ethernet
cable and join the access point’s local area network (LAN).
To connect a computer or LAN device to the access point with an Ethernet cable:
1. Make sure that the access point is receiving power and is connected to the Internet
(both its Power LED and Internet LED are lit).
2. Connect an Ethernet cable to an Ethernet port on the computer or LAN device.
3.
Connect the other end of the Ethernet cable to one of the LAN ports on the access
point.
You can use any of the four LAN ports on the access point.
Note: You can also connect the computer to a switch or hub that is connected to
one of the LAN ports on the access point.
Your computer or LAN device connects to the local area network (LAN). A message
might display on your computer screen to notify you that an Ethernet cable is
connected.
User Manual32Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Use Wi-Fi Protected Setup to join the WiFi network
You can use Wi-Fi Protected Setup (WPS) to add a WiFi device such as a WiFi-enabled
computer, tablet, or smartphone to the WiFi network of the access point.
WPS is a standard for easily adding computers and other devices to a home network
while maintaining security. To use WPS (Push 'N' Connect), make sure that all WiFi
devices to be connected to the network are Wi-Fi certified and support WPS. During
the connection process, the client device gets the security settings from the access point
so that every device in the network supports the same security settings.
To use WPS to connect a device to the WiFi network of the access point:
1. Make sure that the access point is receiving power (its Power LED is lit) and is
connected to the Internet (its Internet LED is lit), and that the WiFi radios are on (its
WiFi LED is lit).
2.
Check the WPS instructions for your computer or WiFi device.
3.
Press the WPS button on the access point for three seconds.
For more information, see Back panel with ports, buttons, and a power connector
on page 13.
4.
Within two minutes, press the WPS button on your WiFi device, or follow the WPS
instructions that came with the device.
The WPS process automatically sets up the device with the WiFi passphrase and
connects the device to the WiFi network of the access point.
Manually join the WiFi network
You can manually add a WiFi device such as a WiFi-enabled computer, tablet, or
smartphone to the WiFi network of the access point.
On the WiFi device that you want to connect to the access point, use the software
application that manages your WiFi connections.
Note: By default, the access point’s second and third WiFi network are disabled.
To connect a device manually to the WiFi network:
1. Make sure that the access point is receiving power (its Power LED is lit) and is
connected to the Internet (its Internet LED is lit), and that the WiFi radios are on (its
WiFi LED is lit).
2.
On the WiFi device, open the software application that manages your WiFi
connections.
This application scans for all WiFi networks in your area.
User Manual33Installation and Initial Log-in
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
3.
Look for the access point’s network and select it.
If you did not change the default SSID, the default SSID is printed on the access point
label. Otherwise, the SSID is the one that you specified during the initial log-in
process.
For security, we recommend that you change the name of the default SSID.
4.
Enter the WiFi password for WiFi access.
If you did not change the WiFi password (network key), the default WiFi password
is printed on the access point label. Otherwise, the WiFi password is the one that
you specified during the initial log-in process.
For security, we recommend that you change the default WiFi password.
5. Click the Connect button.
The device connects to the WiFi network of the access point.
User Manual34Installation and Initial Log-in
3
Manually Set Up Internet Settings
Usually, the quickest way to set up the Internet connection is to allow the Setup Wizard
to detect the Internet connection when go through the initial log-in procedure. After
initial setup, you can use the Setup Wizard at any time.
If the access point is in router mode, you can specify the WAN (Internet) settings manually,
including IPv6 settings. For information about changing the LAN settings if the access
point is in router mode, see LAN IP address settings [router mode] on page 109.
This chapter contains the following sections:
• Use the Setup Wizard
• Manually set up the access point Internet connection [router mode]
• IPv6 Internet connections and IPv6 addresses [router mode]
35
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Use the Setup Wizard
If the access point is in router mode, you can use the Setup Wizard to detect the WAN
IP address that is issued by your Internet service provider (ISP) or an existing router in
your network and automatically set up your access point. Unlike the Setup Wizard that
runs when you go through the initial log-in procedure, you can start the Setup Wizard
in the local browser UI any time.
For the Setup Wizard to detect the WAN IP address that is issued by your ISP, the access
point must be connected to your modem with an Internet connection. You can also
connect the access point to an existing router in your network and let the router assign
an IP address to the access point.
To use the Setup Wizard:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Setup Wizard.
The Setup Wizard page displays.
5. Select the Yes radio button.
If you select the No radio button, you are taken to the WAN Setup page when you
click the Next button. You can then set up the Internet connection manually. For
more information, see Manually set up the access point Internet connection [router
mode] on page 37.
6. Click the Next button.
User Manual36Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
The Setup Wizard searches your Internet connection for servers and protocols to
determine your Internet configuration. When the access point connects to the Internet,
you are prompted to change the local device password (also referred to as the admin
password).
Manually set up the access point Internet connection [router mode]
If the access point is in router mode, you can view or change the access point’s Internet
connection settings.
Note: The information in this section and subsections does not apply if the access point
is in access point mode.
Specify a dynamic or fixed WAN IP address Internet connection without a login [router mode]
To specify or view the settings for a WAN Internet connection that uses a dynamic
or fixed IP address and that does not require a login:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Internet.
The Internet Setup page displays.
User Manual37Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
5. Select the No radio button.
This is the default setting.
6.
If your Internet connection requires an account name (sometimes referred to as a
host name), enter it in the Account Name field.
The account name is the same as the device name, which, by default, is WAX204.
7.
If your Internet connection requires a domain name, enter it in the Domain Name
(if Required) field.
For the other sections on this page, the default settings usually work, but you can
change them.
8. Select an Internet IP Address radio button:
• Get Dynamically. Your ISP uses DHCP to automatically assign an IP address and
related settings to the access point.
• Use Static IP Address. Enter the static IP address, IP subnet mask, and gateway
IP address that your ISP assigned to the access point. The gateway is the ISP router
to which the access point connects.
9. Select a Domain Name Server (DNS) Address radio button:
•
Get Automatically from ISP. Your ISP uses DHCP to assign DNS servers to the
access point.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
10. Select a Router MAC Address radio button:
•
Use Default Address. Use the default access point MAC address that displays
on the Dashboard page and is on the access point label.
• Use Computer MAC Address. The access point captures and uses the MAC
address of the computer that you are now using to change the settings. Sometimes
an ISP allows the MAC address of a particular computer only.
• Use This MAC Address. Enter a MAC address that must be used. Sometimes an
ISP allows the MAC address of a particular computer only.
11.
If your ISP gave you a vendor class identifier (VCI) string, enter it in the Vendor Class
Identifier String (option 60) field.
If your ISP did not give you a VCI string, leave this field blank.
12.
If your ISP gave you a client identifier (client ID) string, enter it in the Client Identifier
String (option 61) field.
If your ISP did not give you a client ID string, leave this field blank.
User Manual38Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
13.
If your Internet configuration requires a specific VLAN ID, click the VLAN/Bridge
Settings link.
For more information, see Bridge port and VLAN tag groups [router mode] on page
121.
14. Click the Apply button.
Your settings are saved.
15. Click the Test button to test your Internet connection.
If the NETGEAR website does not display within one minute, see one of the following
sections:
You cannot access the Internet [router mode] on page 231
•
Troubleshoot Internet browsing on page 234
•
Specify a PPPoE Internet connection that uses a login [router mode]
To specify or view the settings for an ISP Internet connection that uses PPPoE and
that requires a login:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Internet.
The Internet Setup page displays.
User Manual39Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
5. Select the Yes radio button.
The settings on the page change.
6. From the Internet Service Provider menu, select PPPoE as the encapsulation
method.
7.
In the Login field, enter the login name that your ISP gave you.
This login name is often an email address.
8.
In the Password field, enter the password that you use to log in to your Internet
service.
9.
If your ISP requires a service name, type it in the Service Name (if Required) field.
10. From the Connection Mode menu, select Always On, Dial on Demand, or Manually
Connect.
11.
If you select Dial on Demand from the Connection Mode menu, in the Idle Timeout
field, enter the number of minutes until the Internet login times out
This is how long the access point keeps the Internet connection active when no one
on the network is using the Internet connection. A value of 0 (zero) means never log
out. The default is 5 minutes.
12. Select an Internet IP Address radio button:
• Get Dynamically. Your ISP uses DHCP to automatically assign an IP address and
related settings to the access point.
• Use Static IP Address. Enter the static IP address, IP subnet mask, and gateway
IP address that your ISP assigned to the access point. The gateway is the ISP router
to which the access point connects.
13. Select a Domain Name Server (DNS) Address radio button:
•
Get Automatically from ISP. Your ISP uses DHCP to assign DNS servers to the
access point.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
14. Select a Router MAC Address radio button:
•
Use Default Address. Use the default access point MAC address that displays
on the Dashboard page and is on the access point label.
• Use Computer MAC Address. The access point captures and uses the MAC
address of the computer that you are now using to change the settings. Sometimes
an ISP allows the MAC address of a particular computer only.
• Use This MAC Address. Enter a MAC address that must be used. Sometimes an
ISP allows the MAC address of a particular computer only.
User Manual40Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
15.
If your Internet configuration requires a specific VLAN ID, click the VLAN/Bridge
Settings link.
For more information, see Bridge port and VLAN tag groups [router mode] on page
121.
16. Click the Apply button.
Your settings are saved.
17. Click the Test button to test your Internet connection.
If the NETGEAR website does not display within one minute, see one of the following
sections:
You cannot access the Internet [router mode] on page 231
•
Troubleshoot Internet browsing on page 234
•
Specify a PPTP or L2TP Internet connection that uses a login [router mode]
To specify or view the settings for an ISP Internet connection that uses PPTP or
L2TP and that requires a login:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Internet.
The Internet Setup page displays.
User Manual41Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
5. Select the Yes radio button.
The settings on the page change.
6. From the Internet Service Provider menu, select PPTP or L2TP as the encapsulation
method.
7.
In the Login field, enter the login name that your ISP gave you.
This login name is often an email address.
8.
In the Password field, enter the password that you use to log in to your Internet
service.
9.
If your ISP requires a service name, type it in the Service Name field.
10. From the Connection Mode menu, select Always On, Dial on Demand, or Manually
Connect.
11.
If you select Dial on Demand from the Connection Mode menu, in the Idle Timeout
field, enter the number of minutes until the Internet login times out
This is how long the router keeps the Internet connection active when no one on the
network is using the Internet connection. A value of 0 (zero) means never log out.
The default is 5 minutes.
12.
If your ISP gave you fixed IP addresses and a connection ID or name, enter them in
the My IP Address, Subnet Mask, Server Address, Gateway IP Address, and
Connection ID/Name fields.
If your ISP did not give you an IP addresses, a connection ID, or name, leave these
fields blank. The connection ID or name applies to a PPTP service only.
13. Select a Domain Name Server (DNS) Address radio button:
•
Get Automatically from ISP. Your ISP uses DHCP to assign DNS servers to the
access point.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
14. Select a Router MAC Address radio button:
•
Use Default Address. Use the default access point MAC address that displays
on the Dashboard page and is on the access point label.
• Use Computer MAC Address. The access point captures and uses the MAC
address of the computer that you are now using to change the settings. Sometimes
an ISP allows the MAC address of a particular computer only.
• Use This MAC Address. Enter a MAC address that must be used. Sometimes an
ISP allows the MAC address of a particular computer only.
Settings
User Manual42Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
15. Click the Apply button.
Your settings are saved.
16. Click the Test button to test your Internet connection.
If the NETGEAR website does not display within one minute, see one of the following
sections:
You cannot access the Internet [router mode] on page 231
•
Troubleshoot Internet browsing on page 234
•
IPv6 Internet connections and IPv6 addresses [router mode]
The access point supports multiple types of IPv6 Internet connections. Which connection
type you must use depends on your IPv6 ISP. Follow the directions that your IPv6 ISP
gave you.
If your ISP did not provide details, use the 6to4 tunnel connection type (see Set up
•
an IPv6 6to4 tunnel Internet connection [router mode] on page 48).
If you are not sure what type of IPv6 connection the access point uses, use the Auto
•
Detect connection type, which lets the access point detect the IPv6 type that is in
use (see Use Auto Detect for an IPv6 Internet connection [router mode] on page 44).
If your Internet connection does not use pass-through, a fixed IP address, DHCP,
•
6rd, or PPPoE but is IPv6, use the Auto Config connection type, which lets the access
point autoconfigure its IPv6 connection (see Use Auto Config for an IPv6 Internet
connection [router mode] on page 46).
The access point supports the following IPv6 connection types:
Auto Detect. For more information, see Use Auto Detect for an IPv6 Internet
•
connection [router mode] on page 44.
Auto Config. For more information, see Use Auto Config for an IPv6 Internet
•
connection [router mode] on page 46.
6to4 tunnel. For more information, see Set up an IPv6 6to4 tunnel Internet connection
•
[router mode] on page 48.
Pass-through. For more information, see Set up an IPv6 passthrough Internet
•
connection [router mode] on page 51.
Fixed. For more information, see Set up an IPv6 fixed Internet connection [router
•
mode] on page 52.
User Manual43Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
DHCP. For more information, see Set up an IPv6 DHCP Internet connection [router
•
mode] on page 54.
6rd. For more information, see Set up an IPv6 6rd Internet connection [router mode]
•
on page 49.
PPPoE. For more information, see Set up an IPv6 PPPoE Internet connection [router
•
mode] on page 56.
When you enable IPv6 and select any connection type other than IPv6 pass-through,
the access point starts the stateful packet inspection (SPI) firewall function on the WAN
interface. This process is referred to as IPv6 filtering. The access point creates connection
records and checks every inbound IPv6 packet. If the inbound packet is not destined
for the access point itself and the access point does not expect to receive such a packet,
or the packet is not in the connection record, the access point blocks this packet. This
function works either in secured more or in open mode. In secured mode, the access
point inspects both TCP and UDP packets. In open mode, the access point inspects
UDP packets only.
IPv6 addresses are denoted by eight groups of hexadecimal quartets that are separated
by colons. You can reduce any four-digit group of zeros within an IPv6 address to a
single zero or omit it. The following errors invalidate an IPv6 address:
More than eight groups of hexadecimal quartets
•
More than four hexadecimal characters in a quartet
•
More than two colons in a row
•
Use Auto Detect for an IPv6 Internet connection [router mode]
To set up an IPv6 Internet connection through autodetection:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
User Manual44Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5. From the Internet Connection Type menu, select Auto Detect.
The page adjusts. The access point automatically detects the information in the
following fields:
Connection Type. This field indicates the connection type that is detected.
•
Router’s IPv6 Address on WAN. This field shows the IPv6 address that is acquired
•
for the access point’s WAN (or Internet) interface. The number after the slash (/)
is the length of the prefix, which is also indicated by the underline (_) under the
IPv6 address. If no address is acquired, the field displays Not Available.
Router’s IPv6 Address on LAN. This field shows the IPv6 address that is acquired
•
for the access point’s LAN interface. The number after the slash (/) is the length
of the prefix, which is also indicated by the underline (_) under the IPv6 address.
If no address is acquired, the field displays Not Available.
6. In the LAN Setup section, select an IP Address Assignment radio button:
•
Use DHCP Server. This method passes more information to LAN devices but
some IPv6 systems might not support the DHCPv6 client function.
•
Auto Config. This is the default setting.
This setting specifies how the access point assigns IPv6 addresses to the devices on
your home network (the LAN).
7.
(Optional) In the LAN Setup section, select the Use This Interface ID check box and
specify the interface ID to be used for the IPv6 address of the access point’s LAN
interface.
If you do not specify an ID here, the access point generates one automatically from
its MAC address.
8. Select an IPv6 Filtering radio button:
•
Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.
9. Click the Apply button.
Settings
User Manual45Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Your settings are saved.
Use Auto Config for an IPv6 Internet connection [router mode]
To set up an IPv6 Internet connection through autoconfiguration:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5.
From the Internet Connection Type menu, select Auto Config.
The page adjusts. The access point automatically detects the information in the
following fields:
Router’s IPv6 Address on WAN. This field shows the IPv6 address that is acquired
•
for the access point’s WAN (or Internet) interface. The number after the slash (/)
is the length of the prefix, which is also indicated by the underline (_) under the
IPv6 address. If no address is acquired, the field displays Not Available.
Router’s IPv6 Address on LAN. This field shows the IPv6 address that is acquired
•
for the access point’s LAN interface. The number after the slash (/) is the length
of the prefix, which is also indicated by the underline (_) under the IPv6 address.
If no address is acquired, the field displays Not Available.
6.
(Optional) In the DHCP User Class (if Required) field, enter a host name.
Settings
User Manual46Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Most people can leave this field blank, but if your ISP gave you a specific host name,
enter it here.
7.
(Optional) In the DHCP Domain Name (if Required) field, enter a domain name.
You can type the domain name of your IPv6 ISP. Do not enter the domain name for
the IPv4 ISP here. For example, if your ISP’s mail server is mail.xxx.yyy.zzz, type
xxx.yyy.zzz as the domain name. If your ISP provided a domain name, type it in this
field. For example, Earthlink Cable might require a host name of home, and Comcast
sometimes supplies a domain name.
8. Select an IPv6 Domain Name Server (DNS) Address radio button:
•
Get Automatically from ISP. Your ISP uses DHCP to assign your DNS servers.
Your ISP automatically assigns these addresses.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IPv6 address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
9. In the LAN Setup section, select an IP Address Assignment radio button:
•
Use DHCP Server. This method passes more information to LAN devices but
some IPv6 systems might not support the DHCPv6 client function.
•
Auto Config. This is the default setting.
This setting specifies how the access point assigns IPv6 addresses to the devices on
your home network (the LAN).
10.
(Optional) In the LAN Setup section, select the Use This Interface ID check box and
specify the interface ID to be used for the IPv6 address of the access point’s LAN
interface.
If you do not specify an ID here, the access point generates one automatically from
its MAC address.
11. Select an IPv6 Filtering radio button:
•
Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.
12. Click the Apply button.
Your settings are saved.
Settings
User Manual47Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Set up an IPv6 6to4 tunnel Internet connection [router mode]
The remote relay router is the router to which your router creates a 6to4 tunnel. Make
sure that the IPv4 Internet connection is working before you apply the 6to4 tunnel
settings for the IPv6 connection.
To set up an IPv6 Internet connection by using a 6to4 tunnel:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5. From the Internet Connection Type menu, select 6to4 Tunnel.
The page adjusts. The access point automatically detects the information in the
Router’s IPv6 Address on LAN field. This field shows the IPv6 address that is acquired
for the access point’s LAN interface. The number after the slash (/) is the length of
the prefix, which is also indicated by the underline (_) under the IPv6 address. If no
address is acquired, the field displays Not Available.
6. Select a Remote 6to4 Relay Router radio button:
• Auto. Your access point uses any remote relay router that is available on the
Internet. This is the default setting.
•
Static IP Address. Enter the static IPv4 address of the remote relay router. Your
IPv6 ISP usually provides this address.
7. Select an IPv6 Domain Name Server (DNS) Address radio button:
Settings
User Manual48Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
•
Get Automatically from ISP. Your ISP uses DHCP to assign your DNS servers.
Your ISP automatically assigns these addresses.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
8. In the LAN Setup section, select an IP Address Assignment radio button:
•
Use DHCP Server. This method passes more information to LAN devices but
some IPv6 systems might not support the DHCPv6 client function.
•
Auto Config. This is the default setting.
This setting specifies how the access point assigns IPv6 addresses to the devices on
your home network (the LAN).
9.
(Optional) In the LAN Setup section, select the Use This Interface ID check box and
specify the interface ID to be used for the IPv6 address of the access point’s LAN
interface.
If you do not specify an ID here, the access point generates one automatically from
its MAC address.
10. Select an IPv6 Filtering radio button:
•
Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.
11. Click the Apply button.
Your settings are saved.
Set up an IPv6 6rd Internet connection [router mode]
The 6rd protocol makes it possible to deploy IPv6 to sites using a service provider’s
IPv4 network. 6rd (also referred to as IPv6 rapid deployment) uses the service provider’s
own IPv6 address prefix. This limits the operational domain of 6rd to the service provider’s
network and is under direct control of the service provider. The IPv6 service provided
is equivalent to native IPv6. The 6rd mechanism relies on an algorithmic mapping
between the IPv6 and IPv4 addresses that are assigned for use within the service
provider’s network. This mapping allows for automatic determination of IPv4 tunnel
endpoints from IPv6 prefixes, allowing stateless operation of 6rd.
With a 6rd tunnel configuration, the access point follows the RFC5969 standard,
supporting two ways to establish a 6rd tunnel IPv6 WAN connection:
Auto Detect mode. In IPv6 Auto Detect mode, when the access point receives option
•
212 from the DHCPv4 option, autodetect selects the IPv6 as 6rd tunnel setting (see
User Manual49Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Use Auto Detect for an IPv6 Internet connection [router mode] on page 44). The
access point uses the 6rd option information to establish the 6rd connection.
Manual mode. Select 6rd Tunnel. If the access point receives option 212, the fields
•
are automatically completed. Otherwise, you must enter the 6rd settings.
To set up an IPv6 6rd Internet connection:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5. From the Internet Connection Type menu, select 6rd Tunnel.
The page adjusts. The access point automatically detects the information in the
following sections:
•
6rd (IPv6 Rapid Development) Configuration. The access point detects the
service provider’s IPv4 network and attempts to establish an IPv6 6rd tunnel
connection. If the IPv4 network returns 6rd parameters to the access point, the
page adjusts to display the correct settings in this section.
Note: If the access point does not automatically receive the 6rd parameters, you
might need to enter them manually.
•
Settings
Router’s IPv6 Address on LAN. This field shows the IPv6 address that is acquired
for the access point’s LAN interface. The number after the slash (/) is the length
of the prefix, which is also indicated by the underline (_) under the IPv6 address.
If no address is acquired, the field displays Not Available.
User Manual50Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
6. Select an IPv6 Domain Name Server (DNS) Address radio button:
•
Get Automatically from ISP. Your ISP uses DHCP to assign your DNS servers.
Your ISP automatically assigns these addresses.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
7. In the LAN Setup section, select an IP Address Assignment radio button:
•
Use DHCP Server. This method passes more information to devices on your LAN
than the Auto Config method, but some IPv6 systems might not support the
DHCPv6 client function.
•
Auto Config. This method lets the access point assign IPv6 addresses to the
devices on your the LAN. This is the default setting.
This setting specifies how the access point assigns IPv6 addresses to the devices on
your home network (the LAN).
8.
(Optional) In the LAN Setup section, select the Use This Interface ID check box and
specify the interface ID to be used for the IPv6 address of the access point’s LAN
interface.
If you do not specify an ID here, the access point generates one automatically from
its MAC address.
9. Select an IPv6 Filtering radio button:
•
Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.
10. Click the Apply button.
Your settings are saved.
Set up an IPv6 passthrough Internet connection [router mode]
In pass-through mode, the router works as a Layer 2 Ethernet switch with two ports (LAN
and WAN Ethernet ports) for IPv6 packets. The access point does not process any IPv6
header packets.
Settings
User Manual51Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
To set up a pass-through IPv6 Internet connection:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5. From the Internet Connection Type menu, select Pass Through.
The page adjusts, but no additional fields display.
6. Click the Apply button.
Your settings are saved.
Set up an IPv6 fixed Internet connection [router mode]
To set up a fixed IPv6 Internet connection:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
Settings
User Manual52Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5. From the Internet Connection Type menu, select Fixed.
The page adjusts.
6.
In the WAN Setup section, specify the fixed IPv6 addresses for the WAN connection:
IPv6 Address/Prefix Length. The IPv6 address and prefix length of the access
•
point’s Internet (WAN) port.
Default IPv6 Gateway. The IPv6 address of the default IPv6 gateway for the
•
access point’s Internet (WAN) port.
Primary DNS Server. The primary DNS server that resolves IPv6 domain name
•
records for the access point.
Secondary DNS Server. The secondary DNS server that resolves IPv6 domain
•
name records for the access point.
Note: If you do not specify the DNS servers, the access point uses the DNS servers
that are configured for the IPv4 Internet connection on the WAN Setup page. (See
Manually set up the access point Internet connection [router mode] on page 37.)
7. In the LAN Setup section, select an IP Address Assignment radio button:
•
Use DHCP Server. This method passes more information to LAN devices but
some IPv6 systems might not support the DHCPv6 client function.
•
Auto Config. This is the default setting.
This setting specifies how the access point assigns IPv6 addresses to the devices on
your home network (the LAN).
8.
In the LAN Setup section, in the IPv6 Address/Prefix Length fields, specify the static
IPv6 address and prefix length of the access point’s LAN interface.
9. Select an IPv6 Filtering radio button:
User Manual53Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
•
Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.
10. Click the Apply button.
Your settings are saved.
Set up an IPv6 DHCP Internet connection [router mode]
To set up an IPv6 Internet connection with a DHCP server:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5. From the Internet Connection Type menu, select DHCP.
The page adjusts. The access point automatically detects the information in the
following fields:
Router’s IPv6 Address on WAN. This field shows the IPv6 address that is acquired
•
for the access point’s WAN (or Internet) interface. The number after the slash (/)
is the length of the prefix, which is also indicated by the underline (_) under the
IPv6 address. If no address is acquired, the field displays Not Available.
•
Settings
Router’s IPv6 Address on LAN. This field shows the IPv6 address that is acquired
for the access point’s LAN interface. The number after the slash (/) is the length
User Manual54Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
of the prefix, which is also indicated by the underline (_) under the IPv6 address.
If no address is acquired, the field displays Not Available.
6.
(Optional) In the User Class (if Required) field, enter a host name.
Most people can leave this field blank, but if your ISP gave you a specific host name,
enter it here.
7.
(Optional) In the Domain Name (if Required) field, enter a domain name.
You can type the domain name of your IPv6 ISP. Do not enter the domain name for
the IPv4 ISP here. For example, if your ISP’s mail server is mail.xxx.yyy.zzz, type
xxx.yyy.zzz as the domain name. If your ISP provided a domain name, type it in this
field. For example, Earthlink Cable might require a host name of home, and Comcast
sometimes supplies a domain name.
8. Select an IPv6 Domain Name Server (DNS) Address radio button:
•
Get Automatically from ISP. Your ISP uses DHCP to assign your DNS servers.
Your ISP automatically assigns these addresses.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
9. In the LAN Setup section, select an IP Address Assignment radio button:
•
Use DHCP Server. This method passes more information to LAN devices but
some IPv6 systems might not support the DHCPv6 client function.
•
Auto Config. This is the default setting.
This setting specifies how the access point assigns IPv6 addresses to the devices on
your home network (the LAN).
10.
(Optional) In the LAN Setup section, select the Use This Interface ID check box and
specify the interface ID to be used for the IPv6 address of the access point’s LAN
interface.
If you do not specify an ID here, the access point generates one automatically from
its MAC address.
11. Select an IPv6 Filtering radio button:
•
Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.
12. Click the Apply button.
Your settings are saved.
Settings
User Manual55Manually Set Up Internet
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Set up an IPv6 PPPoE Internet connection [router mode]
To set up a PPPoE IPv6 Internet connection:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > IPv6.
The IPv6 page displays.
5. From the Internet Connection Type menu, select PPPoE.
The page adjusts. The access point automatically detects the information in the
following fields:
Router’s IPv6 Address on WAN. This field shows the IPv6 address that is acquired
•
for the access point’s WAN (or Internet) interface. The number after the slash (/)
is the length of the prefix, which is also indicated by the underline (_) under the
IPv6 address. If no address is acquired, the field displays Not Available.
Router’s IPv6 Address on LAN. This field shows the IPv6 address that is acquired
•
for the access point’s LAN interface. The number after the slash (/) is the length
of the prefix, which is also indicated by the underline (_) under the IPv6 address.
If no address is acquired, the field displays Not Available.
6.
If already you set up your IPv4 ISP connection for PPPoE and want to use the same
login information for IPv6, select the Use the same Login information as IPv4
PPPoE check box and go to Step 8.
User Manual56Manually Set Up Internet
Settings
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
7.
To manually configure the PPPoE settings for IPv6, specify the following settings:
Login. Enter the login name that your ISP gave you.
•
Password. Enter the password for the ISP connection.
•
Service Name (if Required). Enter a service name. If your ISP did not provide a
•
service name, leave this field blank.
Note: The default setting of the Connection Mode menu is Always On to provide
a steady IPv6 connection. The access point never terminates the connection. If the
connection is terminated, for example, when the modem is turned off, the access
point attempts to reestablish the connection immediately after the PPPoE connection
becomes available again.
8. Select an IPv6 Domain Name Server (DNS) Address radio button:
•
Get Automatically from ISP. Your ISP uses DHCP to assign your DNS servers.
Your ISP automatically assigns these addresses.
•
Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
9. In the LAN Setup section, select an IP Address Assignment radio button:
•
Use DHCP Server. This method passes more information to LAN devices but
some IPv6 systems might not support the DHCv6 client function.
•
Auto Config. This is the default setting.
This setting specifies how the access point assigns IPv6 addresses to the devices on
your home network (the LAN).
10.
(Optional) In the LAN Setup section, select the Use This Interface ID check box and
specify the interface ID to be used for the IPv6 address of the access point’s LAN
interface.
If you do not specify an ID here, the access point generates one automatically from
its MAC address.
11. Select an IPv6 Filtering radio button:
•
Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.
12. Click the Apply button.
Your settings are saved.
Settings
User Manual57Manually Set Up Internet
4
Basic WiFi and Radio Features
This chapter describes how you can manage the basic WiFi and radio settings of the
access point. For information about the advanced WiFi and radio settings, see Advanced
WiFi and Radio Features on page 187.
Tip: If you want to change the WiFi network settings, use a wired connection to avoid
being disconnected when the new WiFi settings take effect.
The chapter includes the following sections:
• Set up or change an open or secure WiFi network
• Configure WPA and WPA2 Enterprise WiFi security with a RADIUS server
• Enable or disable a WiFi network
• Hide or broadcast the SSID for a WiFi network
• Manage client isolation for clients of the Wireless 2 or Wireless 3 network
• Manage access to LAN ports for clients of the Wireless 2 or Wireless 3 network
• Manage SSID isolation for all WiFi networks
• Enable or disable a WiFi radio
• Use WPS to connect to the WiFi network
58
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Set up or change an open or secure WiFi network
The access point provides three WiFi networks (Wireless 1, Wireless 2, and Wireless 3).
By default, the Wireless 1 network is enabled and the other two WiFi networks are
disabled. The default security is WPA2-Personal [AES].
Table 2. WiFi networks
Default WiFi passwordDefault SSIDDefault statusWiFi network
Unique, see label.NETGEARXXXXXXEnabledWireless 1
sharedsecretNETGEARXXXXXX-2DisabledWireless 2
sharedsecretNETGEARXXXXXX-3DisabledWireless 3
In the previous table, XXXXXX represents the last six digits of the MAC address of the
access point. The default SSID and WiFi password (network key) for the Wireless 1
network are printed on the access point label. If you changed the default SSID or WiFi
password for the Wireless 1 network, use the ones that you specified.
Note: For security, we recommend that you do change the names of the default SSIDs
and the default WiFi passwords.
For each WiFi network, the access point simultaneously supports the 2.4 GHz band for
802.11b/g/n/ax devices and the 5 GHz band for 802.11a/n/ac/ax devices. For the 2.4
GHz band, the default WiFi throughput mode is 600 Mbps. For the 5 GHz band, it is
1200 Mbps. You can change (lower) the WiFi throughput mode (see Change the WiFi
throughput mode for a radio on page 194).
You can view or change the WiFi settings and WiFi security for the Wireless 1 network,
and you can enable and set up the Wireless 2 and Wireless 3 networks.
To set up or change an open or secure WiFi network:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
User Manual59Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Wireless.
The Wireless Network page displays.
For information about SSID isolation, see Manage SSID isolation for all WiFi networks
on page 69.
5. Select the WiFi network (Wireless 1, Wireless 2, or Wireless 3).
6.
To enable the selected WiFi network and set up or change the settings, configure
the options that are described in the following table.
(For information about the WiFi security options, see Step 7.)
DescriptionSetting
Wireless Network
Name (SSID)
Band
Select the Enable radio button to enable the WiFi network or the Disable radio
button to disable the WiFi network. By default, the Wireless 1 network is enabled
and the other two WiFi networks are disabled.
The SSID (service set identifier) is the WiFi network name. If you do not change the
SSID, the default SSID displays, in which XXXXXX represents the last six digits of the
MAC address of the access point:
Wireless 1. NETGEARXXXXXX
Wireless 2. NETGEARXXXXXX-2
Wireless 3. NETGEARXXXXXX-3
The default SSID (for the Wireless 1 network) is also printed on the access point label
(see Access point label on page 14).
If you change the SSID, enter a 32-character (maximum), case-sensitive name in this
field.
Select a radio button for a single band (2.4 GHz or 5 GHz) or keep the default
selection, which is the Both radio button, to enable the WiFi network to broadcast
on both radio bands.
User Manual60Basic WiFi and Radio Features
(Continued)
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
DescriptionSetting
Enable SSID Broadcast
Client isolation
Allow access to wired
ports
7.
To set up or change the access point WiFi security for selected WiFi network, select
By default, the access point broadcasts its SSID so that WiFi clients can detect the
WiFi name (SSID) in their scanned network lists. To turn off the SSID broadcast, clear
the Enable SSID Broadcast check box. Turning off the SSID broadcast provides
additional WiFi security, but users must know the SSID to be able to join the WiFi
network.
You cannot configure this setting for the Wireless 1 network.
By default, client isolation is enabled for the WiFi network, and the Enable radio
button is selected. To allow communication between WiFi clients that are associated
with the same SSID or different SSIDs on the access point, select the Disable radio
button.
You cannot configure this setting for the Wireless 1 network.
By default, WiFi clients cannot reach devices that are connected to the wired ports
(LAN ports) of the access point, and the Disable radio button is selected. To allow
communication between WiFi clients and devices that are connected to the wired
ports, select the Enable radio button.
and configure one of the options that are described in the following table.
None
WPA2 Personal
[AES]
DescriptionSetting
An open WiFi network does not provide any security. Any WiFi device can join the
network. We recommend that you do not use an open WiFi network but configure
WiFi security. However, an open network might be appropriate for a WiFi hotspot.
Note: If you change the Wireless 1 network to an open network, WPS is disabled and
the WPS LED turns off.
This option, which is the same as WPA2-PSK, is the default setting and uses AES
encryption. This type of security enables only WiFi devices that support WPA2 to join
the WiFi network.
WPA2 provides a secure connection but some legacy WiFi devices do not detect
WPA2 and support only WPA. If your network includes such older devices, select
WPA-Personal [TKIP] + WPA2-Personal [AES] authentication.
In the Password (Network Key) field, enter a phrase of 8 to 63 characters or 64
hexadecimal digits. To join the WiFi network, a user must enter this password. To
view the password in clear text, click the eye icon.
User Manual61Basic WiFi and Radio Features
(Continued)
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
DescriptionSetting
WPA-Personal
[TKIP] +
WPA2-Personal
[AES]
WPA/WPA2
Enterprise
WPA3- Personal
This option, which is the same as WPA2-PSK/WPA-PSK, enables WiFi devices that
support either WPA2 or WPA to join the WiFi network. This option uses AES and TKIP
encryption.
WPA-PSK (which uses TKIP) is less secure than WPA2-PSK (which uses AES) and limits
the speed of WiFi devices to 54 Mbps.
In the Password (Network Key) field, enter a phrase of 8 to 63 characters or 64
hexadecimal digits. To join the WiFi network, a user must enter this password. To
view the password in clear text, click the eye icon.
This enterprise-level security uses RADIUS for centralized Authentication,
Authorization, and Accounting (AAA) management. For more information, see
Configure WPA and WPA2 Enterprise WiFi security with a RADIUS server on page
63).
This option, which is the same as WPA3, is most secure personal authentication
option. WPA3 uses SAE encryption and enables only WiFi devices that support WPA3
to join the WiFi network.
WPA3 provides a secure connection but some legacy WiFi devices do not detect
WPA3 and support only WPA2. If your network also includes WPA2 devices, select
WPA2 Personal [AES] authentication.
In the Password (Network Key) field, enter a phrase of 8 to 127 characters or 128
hexadecimal digits. To join the WiFi network, a user must enter this password. To
view the password in clear text, click the eye icon.
8. Click the Apply button.
Your settings are saved.
If you connected over WiFi to the network and you changed the SSID, you are
disconnected from the network.
9. Make sure that you can reconnect over WiFi to the network with its new settings.
If you cannot connect over WiFi, check the following:
•
If your computer or device is connected to another WiFi network in your area,
disconnect it from that WiFi network and connect it to the WiFi network that the
access point provides. Some WiFi devices automatically connect to the first open
network without WiFi security that they discover.
•
If your computer or device is trying to connect to your network with its old settings
(before you changed the settings), update the WiFi network selection in your
WiFi-enabled computer or mobile device to match the current settings for your
network.
User Manual62Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
• Does your computer or device display as an attached device? (See Display the
devices currently on the access point network and change device information on
page 154.) If it does, it is connected to the network.
• Are you using the correct network name (SSID) and password?
Configure WPA and WPA2 Enterprise WiFi security with a RADIUS server
Remote Authentication Dial In User Service (RADIUS) is an enterprise-level method for
centralized Authentication, Authorization, and Accounting (AAA) management. To
enable the access point to provide WPA and WPA2 enterprise WiFi security, the WiFi
network must be able to reach a RADIUS server.
To configure WPA and WPA2 enterprise security:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Wireless.
The Wireless Network page displays.
5. Select the WiFi network (Wireless 1, Wireless 2, or Wireless 3).
6.
In the Security Options section, select the WPA/WPA2 Enterprise radio button.
The WPA and WPA2 Enterprise settings display.
User Manual63Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
7. From the WPA Mode menu, select the enterprise mode:
WPA2 [AES]. WPA2 provides a secure connection but some older WiFi devices
•
do not detect WPA2 and support only WPA. If your WiFi network includes such
older devices, select WPA [TKIP] + WPA2 [AES] security.
WPA [TKIP] +WPA2 [AES]. This type of security enables WiFi devices that support
•
either WPA or WPA2 to join the WiFi network. This is the default mode.
8.
In the RADIUS Server IP Address field, enter the IPv4 address of the RADIUS server
to which the WiFi network can connect.
9.
In the RADIUS Server Port field, enter the number of the port on the that is used to
access the RADIUS server for authentication.
The default port number is 1812.
10.
In the RADIUS Sever Shared Secret field, enter the RADIUS password that is used
between the access point and the RADIUS server during authentication of a WiFi
client.
To view the RADIUS password in clear text, click the eye icon.
11. Click the Apply button.
Your settings are saved.
12. Make sure that you can reconnect over WiFi to the network with its new security
settings.
If you cannot connect over WiFi, check the following:
•
If your computer or device is connected to another WiFi network in your area,
disconnect it from that WiFi network and connect it to the WiFi network that the
access point provides. Some WiFi devices automatically connect to the first open
network without WiFi security that they discover.
•
If your computer or device is trying to connect to your network with its old settings
(before you changed the settings), update the WiFi network selection in your
WiFi-enabled computer or mobile device to match the current settings for your
network.
• Does your computer or device display as an attached device? (See Display the
devices currently on the access point network and change device information on
page 154.) If it does, it is connected to the network.
• Are you using the correct network name (SSID) and password?
User Manual64Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Enable or disable a WiFi network
You can temporarily disable a WiFi network (that is, an SSID) and you can reenable the
WiFi network.
Note: For information about setting up a WiFi schedule that temporarily turns off a
radio band (and, therefore, all WiFi networks that are active on that band), see Add a
WiFi schedule for a radio on page 197. For information about turning off the radios
entirely (and, therefore, all WiFi networks), see Enable or disable a WiFi radio on page
70.
To disable or enable a WiFi network:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Wireless.
The Wireless Network page displays.
5. Select the WiFi network (Wireless 1, Wireless 2, or Wireless 3).
6.
Select one of following VAP radio buttons:
Enable. Enables the WiFi network.
•
By default, the Wireless 2 and Wireless 3 networks are disabled, but you can
enable them.
Disable. Disables the WiFi network. By default, the Wireless 1 network is enabled,
•
but you can disable it.
User Manual65Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
7. Click the Apply button.
Your settings are saved.
Hide or broadcast the SSID for a WiFi network
By default, a WiFi network (SSID) broadcasts its network name (also referred to as the
SSID) so that WiFi clients can detect the SSID in their scanned network lists. For additional
security, you can turn off the SSID broadcast and hide the SSID so that users must know
the SSID to be able to join the WiFi network.
To hide or broadcast the network name for a WiFi network:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Wireless.
The Wireless Network page displays.
5. Select the WiFi network (Wireless 1, Wireless 2, or Wireless 3).
6. Select or clear the Enable SSID Broadcast check box.
When you select the check box, the WiFi network broadcasts the SSID.
When you clear the check box, the WiFi network hides the SSID.
7. Click the Apply button.
Your settings are saved.
User Manual66Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Manage client isolation for clients of the Wireless 2 or Wireless 3 network
If client isolation is disabled for a WiFi network (SSID) on the access point, WiFi clients
that are associated with that WiFi network can communicate with each other. This is the
default setting for the Wireless 1 network and you cannot change the setting for the
Wireless 1 network.
As an added security measure for the Wireless 2 and Wireless 3 networks, you can
enable client isolation for all WiFi clients on the same WiFi network, preventing
communication between WiFi clients that are associated with that WiFi network. Those
WiFi clients can still communicate with each other over the Internet. This is the default
setting for the Wireless 2 and Wireless 3 networks.
To manage client isolation for the Wireless 2 or Wireless 3 network:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Wireless.
The Wireless Network page displays.
5. Select the WiFi network (Wireless 2 or Wireless 3).
User Manual67Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
6. Select a Client Isolation radio button:
Enable. All WiFi clients are isolated. That is, WiFi clients that are connected to
•
the same WiFi network are prevented from communicating with each other.
(Communication over the Internet remains possible.)
Disable. WiFi clients that are connected to the same WiFi network are allowed
•
to communicate with each other.
7. Click the Apply button.
Your settings are saved.
Manage access to LAN ports for clients of the Wireless 2 or Wireless 3 network
You can manage whether WiFi clients can directly access devices that are connected
to LAN ports of the access point. For example, if you connect a printer to LAN port 3
and a server to LAN port 4, WiFi clients might be able to access the printer and the
server.
Access to LAN ports depends on the WiFi network that the clients are connected to and
whether you enabled such access:
Wireless 1. By default, WiFi clients that are connected to the Wireless 1 network
•
can access devices that are connected to the LAN ports of the access point. For the
Wireless 1 network, you cannot disable this type of access.
Wireless 2 or Wireless 3. For the Wireless 2 and Wireless 3 networks independently,
•
you can configure whether WiFi clients can access devices that are connected to the
LAN ports. By default, such access is disabled. (If devices that are connected to the
LAN ports are set up for communication over the Internet, WiFi clients of the Wireless
2 or Wireless 3 network might still be able to reach these devices.)
To specify whether WiFi clients of the Wireless 2 or Wireless 3 network can access
devices that are connected to the LAN ports:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
User Manual68Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Wireless.
The Wireless Network page displays.
5. Select the Wireless 2 or Wireless 3 button.
The settings for the Wireless 2 or Wireless 3 network display.
6. Scroll down to Allow access to wired ports and select a radio button:
Enable. WiFi clients that are connected to the selected network can access devices
•
that are connected to the LAN ports.
Disable. WiFi clients that are connected to the selected network cannot access
•
devices that are connected to the LAN ports. (If devices that are connected to
the LAN ports are set up for communication over the Internet, WiFi clients might
still be able to reach these devices.)
7. Click the Apply button.
Your settings are saved.
Manage SSID isolation for all WiFi networks
By default, as an added security measure, SSID isolation is enabled for all WiFi networks
(SSIDs) on the access point, preventing communication between WiFi clients that are
associated with different WiFi networks on the access point. Those WiFi clients can still
communicate with each other over the Internet.
You can disable SSID isolation so that clients that are associated with different WiFi
networks on the access point can communicate with each other.
To manage SSID isolation for all WiFi networks:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
User Manual69Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select BASIC > Wireless.
The Wireless Network page displays.
5. Select an SSID Isolation radio button:
Enable. All SSIDs are isolated. That is, WiFi clients that are connected to different
•
SSIDs are prevented from communicating with each other. This is the default
setting. (Communication over the Internet remains possible.)
Disable. WiFi clients that are connected to different SSIDs can communicate with
•
each other.
6. Click the Apply button.
Your settings are saved.
Enable or disable a WiFi radio
The access point has internal WiFi radios that broadcast signals in the 2.4 GHz and
5 GHz bands. By default, they are on so that you can connect over WiFi to the access
point. When both WiFi radios are off, you can still use an Ethernet cable for a LAN
connection to the access point. If you turn both WiFi radios off, WPS is also disabled.
You can also turn a WiFi radio on and off based on a schedule. (See Add a WiFi schedule
for a radio on page 197.)
IMPORTANT: If the smart connect feature is enabled (which it is by default), you can
only enable or disable both radios simultaneously. That means that you cannot enable
or disable each radio individually.
User Manual70Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
To enable or disable a WiFi radio:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Advanced Setup > Wireless Settings.
The Wireless Settings page displays. The lower part of the page is called the
Advanced Wireless Settings page. (As you scroll down on the page, the page name
changes.)
5.
Do one of the following:
2.4 GHz radio. To change the settings for the 2.4 GHz radio, scroll down to the
•
Advanced Wireless Settings (2.4 GHz/b/g/n/ax) section.
5 GHz radio. To change the settings for the 5 GHz radio, scroll down to the
•
Advanced Wireless Settings (5 GHz 802.11a/n/ac/ax) section.
Note: If the smart connect feature is enabled (which it is by default), the page
presents a single option in the Advanced Wireless Settings (2.4 GHz/b/g/n/ax & 5
GHz 802.11a/n/ac/ax) section. In that situation, enabling or disabling applies to both
radios simultaneously. If the smart connect feature is disabled, you can enable or
disable each radio individually.
6.
Turn off or turn on the radio:
Turn off the radio. Clear the Enable Wireless Router Radio check box.
•
Turn on the radio. Select the Enable Wireless Router Radio check box.
•
7. Click the Apply button.
User Manual71Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Your settings are saved.
If you turn off both radios, the WiFi LED turns off.
Use WPS to connect to the WiFi network
WPS (Wi-Fi Protected Setup) lets you connect a computer or mobile device to the access
point’s network without entering the WiFi network passphrase or key. Instead, you use
a WPS button or enter a PIN to connect.
If you use the push button method, the computer or device that you are trying to connect
must provide either a physical button or a software button. If you use the PIN method,
you must know the PIN of the computer or device that you are trying to connect.
WPS supports WPA and WPA2 WiFi security. If your WiFi network is open (no WiFi
security is set, which is not the default setting), connecting with WPS automatically sets
WPA + WPA2 WiFi security on the WiFi network and generates a random passphrase.
You can view this passphrase (see Set up or change an open or secure WiFi network
on page 59).
Use WPS with the push button method
For you to use the push button method to connect a WiFi device to the access point’s
WiFi network, the WiFi device that you are trying to connect must provide either a
physical button or a software button. You can use the physical button and software
button to let a WiFi device join only the main WiFi network, not the guest WiFi network.
To join the access point’s main WiFi network using WPS with the push button
method:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
User Manual72Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > WPS Wizard.
The Add WPS Client page displays and shows a description of the WPS method.
5. Click the Next button.
By default, the Push Button (recommended) radio button is selected.
6.
Either click the button onscreen or press the WPS button on the rear panel of the
access point.
For two minutes, the access point attempts to find the WiFi device (that is, the client)
that you want to join the access point’s main WiFi network.
During this time, the WPS LED on the top panel of the access point blinks slowly.
7. Within two minutes, go to the WiFi device and press its WPS button to join the access
point’s main WiFi network without entering a password.
After the access point establishes a WPS connection, the WiFi LED lights and the
Add WPS Client page displays a confirmation message.
8.
To verify that the WiFi device is connected to the access point’s WiFi network, select
BASIC > Attached Devices.
The WiFi device displays onscreen.
Use WPS with the PIN method
To use the PIN method to connect a WiFi device to the access point’s WiFi network, you
must know the PIN of the WiFi device that you are trying to connect.
To join the access point’s WiFi network using WPS with the PIN method:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
User Manual73Basic WiFi and Radio Features
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > WPS Wizard.
The Add WPS Client page displays and shows a description of the WPS method.
5. Click the Next button.
The Add WPS Client page adjusts.
The Push Button (recommended) radio button is selected by default.
6. Select the PIN Number radio button.
7.
In the Enter Clients' PIN field, enter the PIN number of the WiFi device.
8. Click the Next button.
For four minutes, the access point attempts to find the WiFi device (that is, the client)
that you want to join the access point’s main WiFi network.
During this time, the WPS LED on the top panel of the access point blinks.
9.
Within four minutes, go to the WiFi device and use its WPS software to join the
network without entering a password.
After the access point establishes a WPS connection, the WiFi LED lights and the
Add WPS Client page displays a confirmation message.
10.
To verify that the WiFi device is connected to the access point’s WiFi network, select
BASIC > Attached Devices.
The WiFi device displays on the page.
User Manual74Basic WiFi and Radio Features
5
Security, Firewall, and Access Rules
The access point comes with a built-in firewall that helps to protect your network from
unwanted intrusions from the Internet and lets you control access to the Internet.
This chapter includes the following sections:
• Firewall WAN settings [router mode]
• Network access control lists
• Block specific Internet sites [router mode]
• Block specific applications and services from the Internet [router mode]
• Assign a trusted device [router mode]
• Schedule blocking [router mode]
• Set up security event email notifications
75
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Firewall WAN settings [router mode]
If the access point is in router mode, the basic firewall settings let you manage port scan
protection and denial of service (DoS) protection, specify whether the access point can
respond to a ping from the Internet (WAN) port, set up a DMZ server, and manage IGMP
proxying, NAT filtering, and the application-level gateway (ALG) for the Session Initiation
Protocol (SIP).
For information about the MTU size, which is another basic firewall setting, see Change
the MTU size [router mode] on page 125.
Note: The information in this section and subsections does not apply if the access point
is in access point mode.
Manage port scan protection and denial of service protection [router mode]
Port scan protection and denial of service (DoS) protection can protect your LAN against
attacks such as Syn flood, Smurf Attack, Ping of Death, and many others. By default,
DoS protection is enabled and a port scan is rejected.
You can also enable the access point to respond to a ping to its Internet (WAN) port.
This feature allows your access point to be discovered. Enable this feature only as a
diagnostic tool or if a specific reason exists.
To change the default WAN security settings:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
User Manual76Security, Firewall, and Access
Rules
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
4. Select ADVANCED > Setup > WAN Setup.
The WAN Setup page displays.
5. To enable a port scan and disable DoS protection, select the Disable Port Scan and
DoS Protection check box.
6. To enable the access point to respond to a ping on its Internet (WAN) port, select
the Respond to Ping on Internet Port check box.
7. Click the Apply button.
Your settings are saved.
Set up a default DMZ server [router mode]
A default DMZ server is helpful when you are using some Internet services and
videoconferencing applications that are incompatible with Network Address Translation
(NAT). The access point is programmed to recognize some of these applications and
to work correctly with them, but other applications might not function well. In some
cases, one local computer can run the application correctly if the IP address for that
computer is entered as the default DMZ server.
WARNING: DMZ servers pose a security risk. A computer designated as the default
DMZ server loses much of the protection of the firewall and is exposed to exploits from
the Internet. If compromised, the DMZ server computer can be used to attack other
computers on your network.
The access point usually detects and discards incoming traffic from the Internet that is
not a response to one of your local computers or a service or application for which you
set up a port forwarding or port triggering rule (see Port Forwarding and Port Triggering
[Router Mode] on page 207). Instead of discarding this traffic, you can direct the access
point to forward the traffic to one computer on your network. This computer is called
the default DMZ server.
To set up a default DMZ server:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
Rules
User Manual77Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Setup > WAN Setup.
The WAN Setup page displays.
5.
Select the Default DMZ Server check box.
6.
Enter the LAN IP address of the computer that must function as the DMZ server.
7. Click the Apply button.
Your settings are saved.
Manage IGMP proxying [router mode]
IGMP proxying allows a computer or mobile device on the access point network to
receive multicast traffic from the Internet. If you do not need this feature, leave it disabled,
which is the default setting.
To enable IGMP proxying:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
User Manual78Security, Firewall, and Access
Rules
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
4. Select ADVANCED > Setup > WAN Setup.
The WAN Setup page displays.
5. Clear the Disable IGMP Proxying check box.
By default, this check box is selected and IGMP proxying is disabled.
6. Click the Apply button.
Your settings are saved.
Manage NAT filtering [router mode]
Network Address Translation (NAT) determines how the access point processes inbound
traffic. Secured NAT protects computers on the LAN from attacks from the Internet but
might prevent some Internet services, point-to-point applications, or multimedia
applications from working. Open NAT provides a much less secured firewall but allows
almost all Internet applications to work. Secured NAT is the default setting.
To change the default NAT filtering settings:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Setup > WAN Setup.
The WAN Setup page displays.
5. Select a NAT Filtering radio button:
•
Secured. Provides a secured firewall to protect the computers on the LAN from
attacks from the Internet but might prevent some Internet services, point-to-point
Rules
User Manual79Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
applications, or multimedia applications from functioning. By default, the Secured
radio button is selected.
•
Open. Provides a much less secured firewall but allows almost all Internet
applications to function.
6. Click the Apply button.
Your settings are saved.
Manage the SIP application-level gateway [router mode]
The application-level gateway (ALG) for the Session Initiation Protocol (SIP) is enabled
by default for enhanced address and port translation. However, some types of VoIP and
video traffic might not work well when the SIP ALG is enabled. For this reason, the access
point provides the option to disable the SIP ALG.
To change the default SIP ALG setting:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Setup > WAN Setup.
The WAN Setup page displays.
5. To disable the SIP ALG, select the Disable SIP ALG check box.
The SIP ALG is enabled by default.
6. Click the Apply button.
Your settings are saved.
Rules
User Manual80Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Network access control lists
You can use access control to block or allow device access to your network. An access
control list (ACL) functions with the MAC addresses of wired and WiFi devices that can
either access your entire network or are blocked from accessing your entire network.
The access point can detect the MAC addresses of devices that are connected to the
network and list the MAC addresses of devices that were connected to the network.
Each network device owns a MAC address, which is a unique 12-character physical
address, containing the hexadecimal characters 0–9, a–f, or A–F (uppercase or lowercase)
only, and separated by colons (for example, 00:09:AB:CD:EF:01). Typically, the MAC
address is on the label of a device. If you cannot see the label, you can display the MAC
address using the network configuration utilities of the computer. You might also find
the MAC addresses of devices that are connected to the access point on the Access
Control page of the local browser UI (see Enable and manage network access control
on page 81).
Enable and manage network access control
When you enable access control, you must select whether new devices are allowed to
access the access point network or are blocked from accessing the network. By default,
currently connected devices are allowed to access the network, but you can also block
these devices from accessing the network. You can also view information about
connected devices.
To set up network access control and view information about connected devices:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
Rules
User Manual81Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Access Control.
The Access Control page displays.
5. Select the Turn on Access Control check box.
You must select this check box before you can specify an access rule and use the
Allow all new devices to connect and Block all new devices from connecting
buttons. When the Turn on Access Control check box is cleared, all devices are
allowed to connect, even if a device is in the list of blocked devices.
6. Click the Apply button.
Your settings are saved.
7.
Select an access rule for new devices that are not currently connected:
•
Allow all new devices to connect. With this setting, if you add a new device, it
can access your network. You do not need to enter its MAC address on this page.
We recommend that you leave this radio button selected.
•
Block all new devices from connecting. With this setting, if you add a new device,
before it can access your network, you must enter its MAC address in the allowed
list. For more information, see Network access control lists on page 81.
The access rule does not affect previously blocked or allowed devices. It applies
only to devices joining your network in the future after you apply these settings.
8.
To manage access for currently connected devices, do the following:
Allow your current device. If you blocked all new devices, you can allow the
•
device that you are currently using to continue to access the network. Select the
check box next to your device in the table, and click the Allow button.
Allow or block a device. To change the allow or block settings for a device that
•
is currently connected, select the check box next to the device in the table, and
click either the Allow button or the Block button.
Change the device name that is displayed. To change the displayed name for
•
a device that is currently connected, do the following::, and click either the Allow
button or the Block button.
Rules
a. Select the check box next to the device in the table.
b. Click the Edit button.
The Edit Allowed Device or Edit Blocked Device page displays.
User Manual82Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
c.
In the Device Name field, change the name.
d. Click the Apply button.
The Access Control page displays again.
9. Click the Apply button.
Your settings are saved.
10.
To refresh the information in the table with currently connected devices, click the
Refresh button.
The table shows the status of the device (allowed or blocked from future sessions),
device name, IP address, MAC address, and type of connection to the access point.
Add, remove or change a device on the the allowed list
If you set up an access list that blocks all new devices from accessing your network, you
must set up an allowed list that defines which WiFi and wired devices are allowed to
access your entire network. You do so by adding the MAC addresses of these devices
to the allowed list. You can also change or remove a device from the allowed list.
To add, remove, or change a device on the allowed list:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Access Control.
The Access Control page displays.
Rules
User Manual83Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
5.
Click the View list of allowed devices not currently connected to the network
link.
A table displays the detected device name, MAC address, and connection type of
the devices that are not connected but allowed to access the network.
6.
To add a device to the allowed list, do the following:
a. Click the Add button.
The Add Allowed Device page displays.
b.
Enter the MAC address and device name for the device that you want to allow.
c. Click the Apply button.
The device is added to the allowed list. The Access Control page displays again.
7.
To remove a device from the allowed list, do the following:
a.
Select the check box for the device.
b.
Click the Remove from the list button.
The device is removed from the allowed list.
8.
To change the MAC address or device for a device on the allowed list, do the
following:
a.
Select the check box for the device.
b. Click the Edit button.
The Edited Allowed Device page displays.
c. Change the MAC address, device name, or both.
d. Click the Apply button.
The Access Control page displays again.
9. Click the Apply button.
Your settings are saved.
Add, remove or change a device on the blocked list
If you set up an access list that allows all new devices from accessing your network but
you want to block some devices, you must set up a blocked list that defines which WiFi
and wired devices are blocked from accessing your network. You do so by adding the
User Manual84Security, Firewall, and Access
Rules
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
MAC addresses of these devices to the blocked list. You can also change or remove a
device from the allowed list.
To add, remove, or change a device on the blocked list:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Access Control.
The Access Control page displays.
5.
Click the View list of blocked devices not currently connected to the network
link.
A table displays the detected device name, MAC address, and connection type of
the devices that are not connected and are blocked from accessing the network.
6.
To add a device to the blocked list, do the following:
a. Click the Add button.
The Add Blocked Device page displays.
b.
Enter the MAC address and device name for the device that you want to block.
c. Click the Apply button.
The device is added to the blocked list. The Access Control page displays again.
7.
To remove a device from the blocked list, do the following:
a.
Select the check box for the device.
b.
Click the Remove from the list button.
The device is removed from the blocked list.
Rules
User Manual85Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
8.
To change the MAC address or device for a device on the blocked list, do the
following:
a.
Select the check box for the device.
b. Click the Edit button.
The Edited Blocked Device page displays.
c. Change the MAC address, device name, or both.
d. Click the Apply button.
The Access Control page displays again.
9. Click the Apply button.
Your settings are saved.
Block specific Internet sites [router mode]
If the access point is in router mode, you can block keywords and domains (websites)
to prevent certain types of HTTP traffic from accessing your network. Keyword and
domain blocking does not work for HTTPS traffic.
By default, keyword blocking is disabled and no domains are blocked.
Note: The information in this section and subsections does not apply if the access point
is in access point mode.
Set up keyword and domain blocking [router mode]
You can set up blocking of specific keywords and domains to occur continuously or
according to a schedule.
To set up keyword and domain blocking:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
User Manual86Security, Firewall, and Access
Rules
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Sites.
The Block Sites page displays.
5.
Specify a keyword blocking option:
• Per Schedule. Use keyword blocking according to a schedule that you set.
For more information, see Schedule blocking [router mode] on page 96.
• Always. Use keyword blocking continuously.
6.
In the Type keyword or domain name here field, enter a keyword or domain.
Here are some sample entries:
Specify XXX to block http://www.badstuff.com/xxx.html.
•
Specify the domain suffix (for example, .com) if you want to block only sites with
•
a domain suffix such as .com. In such a situation, sites with domain suffixes such
as .edu and .gov are still allowed.
Enter a period (.) to block all Internet browsing access.
•
7. Click the Add Keyword button.
The keyword or domain is added to the Block sites containing these keywords
or domain names field (which is also referred to as the blocked list).
8. To add more keywords or domains, repeat the previous two steps.
The keyword list supports up to 32 entries.
9. Click the Apply button.
Your settings are saved.
Rules
User Manual87Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Remove a keyword or domain from the blocked list [router mode]
If you no longer need a keyword or domain on the blocked list, you can remove the
keyword or domain.
To remove a keyword or domain from the blocked list:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Sites.
The Block Sites page displays.
5.
In the Block sites containing these keywords or domain names field, select the
keyword or domain.
6. Click the Delete Keyword button.
The keyword or domain is removed from the blocked list.
7. Click the Apply button.
Your settings are saved.
Rules
User Manual88Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Remove all keywords and domains from the blocked list [router mode]
You can simultaneously remove all keywords and domains from the blocked list.
To remove all keywords and domains from the blocked list:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Sites.
The Block Sites page displays.
5. Click the Clear List button.
All keywords and domains are removed from the blocked list.
6. Click the Apply button.
Your settings are saved.
Block specific applications and services from the Internet [router mode]
If the access point is in router mode, you can add service blocking rules to prevent
access from your LAN to specific services and applications on the Internet. In addition,
you can specify if a blocking rule applies to one user, a range of users, or all users on
your LAN. The access point lists many default services and applications that you can
User Manual89Security, Firewall, and Access
Rules
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
use in blocking rules. You can also add a service blocking rule for a custom service or
application.
Note: The information in this section and subsections does not apply if the access point
is in access point mode.
Add a service blocking rule for a predefined service or application [router mode]
If the access point is in router mode, it lists many predefined services and applications
that you can use in outbound rules.
You can add a service blocking rule to prevent access to a specific predefined service
or application on the Internet.
To add a service blocking rule:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Services.
The Block Services page displays.
5.
In the Services Blocking section, specify how the access point applies outbound
rules:
• Per Schedule. Use service blocking according to a schedule that you set.
For more information, see Schedule blocking [router mode] on page 96.
• Always. Use service blocking continuously.
Rules
User Manual90Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
6. Click the Add button.
The Block Services Setup page displays.
7. From the Service Type menu, select the service or application to be covered by this
rule.
The Protocol, Starting Port, and Ending Port fields are automatically populated
when you select the service or application.
Note: If the service or application does not display in the list, you can add it by
selecting User Defined from the Service Type menu (see Add a service blocking
rule for a custom service or application [router mode] on page 91).
8.
Specify which devices on your LAN are affected by the rule, based on their IP
addresses:
•
Only This IP Address. Enter the required IP address in the fields to apply the rule
to a single device on your LAN.
•
IP Address Range. Enter the required start and end IP addresses in the fields to
apply the rule to a range of devices.
• All IP Addresses. All computers and devices on your LAN are covered by this
rule.
By default, the All IP Addresses radio button is selected.
9. Click the Add button.
The new rule is added to the Service Table on the Block Services page.
Add a service blocking rule for a custom service or application [router mode]
If the access point is in router mode, it lists many predefined services and applications
that you can use in outbound rules.
If a service or application is not predefined, you can add a service blocking rule for a
custom service or application.
To add service blocking rule for a custom service or application:
1.
Find out which protocol and port number or range of numbers the service or
application uses.
You can usually find this information by contacting the publisher of the service or
application or through online user or news groups.
2.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
Rules
User Manual91Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
3.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
4. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
5. Select ADVANCED > Security > Block Services.
The Block Services page displays.
6.
The first time that you add an outbound firewall rule, in the Services Blocking section,
specify how the access point applies outbound rules:
• Per Schedule. Use keyword blocking according to a schedule that you set.
For more information, see Schedule blocking [router mode] on page 96.
• Always. Use keyword blocking continuously.
7. Click the Add button.
The Blocking Services Setup page displays.
8.
From the Service Type menu, select User Defined.
9.
Specify a new service blocking rule by selecting a protocol, defining the ports, and
defining a name:
Protocol. From the menu, select the protocol (TCP or UDP) that is associated
•
with the service or application. If you are unsure, select TCP/UDP.
Starting Port. In the field, enter the start port in the range from 1 to 65535 for
•
the service or application.
Rules
Ending Port. In the field, enter the end port in the range from 1 to 65535 for the
•
service or application.
Service Type/User Defined. In the field, enter the name of the custom service
•
or application.
User Manual92Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
10.
Specify which devices on your LAN are affected by the rule, based on their IP
addresses:
•
Only This IP Address. Enter the required address in the fields to apply the rule
to a single device on your LAN.
•
IP Address Range. Enter the required addresses in the start and end fields to
apply the rule to a range of devices.
• All IP Addresses. All computers and devices on your LAN are covered by this
rule.
By default, the All IP Addresses radio button is selected.
11. Click the Add button.
The new rule is added to the Service Table on the Block Services page.
Change a service blocking rule [router mode]
If the access point is in router mode, you can change an existing service blocking rule.
To change a service blocking rule:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Services.
The Block Services page displays.
5.
In the Service Table, select the radio button for the rule.
6. Click the Edit button.
The Block Services Setup page displays.
Rules
User Manual93Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
7. Change the settings.
For more information about the settings, see Add a service blocking rule for a custom
service or application [router mode] on page 91.
8. Click the Apply button.
Your settings are saved. The modified rule displays in the Service Table on the Block
Services page.
Remove a service blocking rule [router mode]
If the access point is in router mode, you can remove a service blocking rule that you
no longer need.
To remove a service blocking rule:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Services.
The Block Services page displays.
5.
In the Service Table, select the radio button for the rule.
6. Click the Delete button.
The rule is removed from the Service Table. Custom rules are deleted.
Rules
User Manual94Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Assign a trusted device [router mode]
If the access point is in router mode, you can exempt one trusted device from blocking
and logging.
The device that you exempt must be assigned a fixed (static) IP address.
To assign a trusted device:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Sites.
The Block Sites page displays.
5. Scroll down and select the Allow trusted IP address to visit blocked sites check
box.
6.
In the Trusted IP Address field, enter the IP address of the trusted device.
The first three octets of the IP address (by default, 192.168.1) are automatically
populated and depend on the IP address that is assigned to the DHCP server of the
access point. For more information, see Manage the DHCP server address pool
[router mode] on page 110.
7. Click the Apply button.
Your settings are saved.
Rules
User Manual95Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Schedule blocking [router mode]
If the access point is in router mode, you can set up a schedule that you can apply to
keyword and domain blocking, Internet service and application blocking, or both.
The schedule can specify the days and times that these features are active. After you
set up the schedule, if you want it to become active, you must apply it to keyword and
domain blocking (see Set up keyword and domain blocking [router mode] on page 86),
Internet service and application blocking (see Block specific applications and services
from the Internet [router mode] on page 89), or both. Without a schedule, you can only
enable or disable these features. By default, no schedule is set.
To set up a schedule:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Schedule.
The Schedule page displays.
5.
Set up the schedule for blocking:
Days to Block. Select the check box for each day that you want to block access
•
or specify that blocking occurs on every day by selecting the Every Day check
box.
By default, the Every Day check box is selected.
Rules
Time of Day to Block. Select a start and end time for blocking in 24-hour format
•
or select the All Day check box for 24-hour blocking.
By default, the All Day check box is selected.
User Manual96Security, Firewall, and Access
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
6. Click the Apply button.
Your settings are saved.
Set up security event email notifications
If the access point is in router mode, the access point can email you its logs of router
activity. The log records activity and security events such as attempts to access blocked
sites or services.
To set up email notifications:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > E-mail.
The E-mail page displays.
5.
Select the Turn E-mail Notification On check box.
6.
In the Primary E-mail Address field, type the email address to which logs and alerts
are to be sent.
This email address is also used for the From address. If this field is blank, log and
alert messages are not sent.
7.
In the Your Outgoing Mail Server field, enter the name of your ISP outgoing (SMTP)
mail server (such as mail.myISP.com).
User Manual97Security, Firewall, and Access
Rules
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
You might be able to find this information in the configuration window of your email
program. If you leave this field blank, log and alert messages are not sent.
8.
In the Outgoing Mail Server Port Number field, enter the port number that the
mail server uses.
If you do not know the port number, leave the default port number, which is 25.
9. To send email alerts over a secure connection, select the Secure connection (use
SSL) check box.
10.
If your outgoing email server requires authentication, select the My Mail Server
requires authentication check box, and do the following:
a.
In the User Name field, type the user name for the outgoing email server.
b.
In the Password field, type the password for the outgoing email server.
11. To send alerts when someone attempts to visit a blocked site, select the Send Alerts
Immediately check box.
Email alerts are sent immediately when someone attempts to visit a blocked site.
12.
To send logs based on a schedule, from the Send logs according to this schedule
menu, select the schedule type and specify the associated settings if applicable:
When log is full. The access point sends log messages when the log is full.
•
Hourly. The access point sends log messages hourly.
•
Daily. The access point sends log messages daily at the time that you specify.
•
From the Time menu, select the time, and select the AM or PM radio button.
Weekly. The access point sends log messages weekly at the day and time that
•
you specify. From the Day menu, select the day of the week. From the Time
menu, select the time, and select the AM or PM radio button.
The default selection from the menu is None.
13. Click the Apply button.
Your settings are saved.
Logs are sent automatically according to the schedule that you set. If the log fills
before the specified time, it is sent. After the log is sent, it is cleared from the access
point memory. If the access point cannot email the log and the log buffer fills, the
access point overwrites the log.
Rules
User Manual98Security, Firewall, and Access
6
Optimize Performance
This chapter describes how you can optimize the access point’s performance and
manage the traffic flows through the access point.
The chapter contains the following sections:
• Enable QoS and automatically set the Internet bandwidth
• Enable QoS and manually set the Internet bandwidth
• Enable or disable the automatic update of the Performance Optimization Database
• Manage WiFi Multimedia (WMM) for a radio
• Improve network connections with Universal Plug and Play [router mode]
• Change the priority for a connected device [router mode]
99
WiFi 6 AX1800 Dual Band Wireless Access Point WAX204
Enable QoS and automatically set the Internet bandwidth
You can enable QoS and let the access point automatically set its Internet download
and upload bandwidth based on an automated speedtest. Although can you manually
set the download and upload speed (see Enable QoS and manually set the Internet
bandwidth on page 101), we recommend that use the automatic method that is described
in the following procedure.
To enable QoS and set the Internet download and upload bandwidth based on a
speedtest:
1.
Launch a web browser from a computer or mobile device that is connected to the
access point network.
2.
Enter http//www.routerlogin.net in the address field.
If you are not connected to the access point network but to the same network as the
access point, enter the IP address that is assigned to the access point. If you do not
know the IP address, see Find the IP address of the access point when you cannot
use routerlogin.net on page 27.
A login window displays.
If your browser does not display the login window but displays a security message
and does not let you proceed, see Log in to the access point after initial setup on
page 30.
3. Enter the access point local device password.
The local device password is the one that you specified. The local device password
is case-sensitive.
The BASIC Home page displays.
4.
Select BASIC > Quality of Service.
The QoS Setup page displays. By default, Quality of Service (QoS) is enabled, and
the Enable QoS check box is selected.
5. Click the Take A Speedtest button.
The speed test checks the access point download and uplink bandwidth, sets the
detected bandwidths, and displays the results on the page.
6. Click the Apply button.
Your settings are saved.
User Manual100Optimize Performance
Loading...