Security measures should be planned and configured before connecting a home wireless router to a network or an ISP. Figures 16-2 through 16-6 show Packet Tracer security settings along with a brief description of how to implement them on most wireless routers.
In the Packet Tracer screen shown in Figure 16-2, you do the following:
Figure 16-2 Basic Wireless Settings
- Change the default Service Set Identifier (SSID).
- Disable the SSID broadcast.
In the Packet Tracer screen shown in Figure 16-3, you set the security profile for each band:
Figure 16-3 Wireless Security
- Configure the security mode to use WPA2 Personal.
- Set the encryption to Advanced Encryption Standard (AES).
- Configure a passphrase.
In the Packet Tracer screen shown in Figure 16-4, you configure the MAC addresses that you want to prevent or permit on the WLAN.
Figure 16-4 MAC Address Filtering
In the Packet Tracer screen shown in Figure 16-5, you configure the ports that should be forwarded to a specific device, such as a web server in your demilitarized zone (DMZ).
Figure 16-5 Port Forwarding
In the Packet Tracer screen shown in Figure 16-6, you configure the IPv4 address for the server in the DMZ.
Figure 16-6 Demilitarized Zone (DMZ)
You will complete some of these configurations later in this chapter.
Keep in mind that no single security measure will keep your wireless network completely secure. Combining multiple techniques will strengthen the integrity of your security plan.
When you‛re configuring the clients, it is essential that the SSID matches the SSID configured on the access point (AP). SSIDs are case sensitive, so the character string must match exactly. Additionally, encryption keys and authentication keys must also match.
Video—Secure a Wireless Home Network (16.1.3)
Refer to the online course to view this video.