You're using "provider" in a different sense than how it's usually used.
It sounds as if you are in a community living arrangement (RV park or
apartment building, etc.) where the management provides WiFi Internet
access. Usually, in a situation like that, the owner of the router that
is actually connected to the Internet (via DSL, cable, T1, etc),
configures the router so that each individual users is isolated from the
others. That's how your typical WiFi "hotspot" at your local Starbuck's
or airport lounge works. It sounds as if your "provider" either doesn't
have equipment that can do that or doesn't know how to configure it.
I'm not sure why you are using a bridge and separate wireless router
rather than merely wirelessly connecting direct to your "provider's"
router, but there is a definite plus: because you have your own
wireless router, you can effectively isolate yourself from the other
users on your provider's router. (Presumably, you have your own
wireless router on a different channel and using a different SSID than
your provider's wireless router.)
You will have to reconfigure your wireless router.
Disconnect your router from the Bridge and connect your computer to one
of its 4 LAN ports. Access your router's configuration utility.
In the basic Setup screen, change the "Internet Connection Type" to
"Automatic Configuration - DHCP." On the same page, change your
router's Local IP address to use a different subnet. That is, assuming
that you're at the Linksys default settings, your router's Local IP will
be set to 192.168.1.1. Change the third number so that it becomes, for
example, 192.168.2.1. Re-enable your router's DHCP server.
As soon as you click the "Save Settings" button, you will lose your
connection, because your computer will now be on a different subnet.
Assuming that your computer is set to get its own IP address
automatically via DHCP, either re-boot your computer or "repair" your
LAN connection. If you use static IP addresses, you'll have to change
them to match the new subnet.
Go back to your router's configuration utility. Note that you will now
have to reach it with the new local IP address you set, so it's a good
idea to write that down and tape it to the top of the router. Confirm
that the "Starting IP address" for your router's DHCP server now has the
same first 3 blocks of numbers as the router's local IP address.
Now connect the Bridge to the router's WAN or "Internet" jack.
At this point, there will be two separate Network Address Translators
between you and the Internet: one in your router and one in your
provider's router. The second of these NATs isolates you from the
computers connected directly to your provider's router.
For another description of the foregoing procedure, including pictures,
see MVP Jack's description of "Network Segregation" -
http://www.ezlan.net/shield.html
In Jack's picture, your provider's router is the "Front router," the
other users are on the "Front Network," your wireless router is the
"Shield Router," and your computers are on the "Segregated Network."
mortini wrote:
Lem...
Thanks for the reply, most helpful.
Here's what I found out or changed.
1. Yep, it's WEP... gotta use it, cause that's what my provider uses.
2. Yep, I was not broadcasting MY SSID from my router. So, I changed
that to broadcasting per you recommendation.
3. You describe my setup correctly.... and, as it turns out, the
computer I can see is also connected either wirelessly or otherwise
to the same Local Network.
Actually, when I go to Microsoft Windows Network I have displayed 2
workgroups. One is the workgroup that I set up with a unique name for
my use, the other is called Workgroup, and inside this folder are
displayed 3 other users. Turns out, I can only go inside one of these
computers, so I'm assuming the other 2 are not sharing files. When I
return to the Status screen of my provider's Router, I actually see 4
computers that are active and many more inactive. As I stated earlier
I can see 3 of the 4 in the Workgroup. I'm assuming the other most
likely has no Workgroup assigned? Does that seem correct?
4. When I go inside My Router to the Status-DHCP Client Table, I see
nothing. Most likely it's cause I have the DHCP server function
disabled?
5. My Bridge is connected to My Router thru Port #1 on the back of
the Linksys Router.
Well... all this is quite interesting. Not as secure as I thought I
was.
Thanks again for you lengthy reply, and I await any further reply to
this message.
Rob
:
First of all, WEP encryption is close to worthless. It's like
locking your front door and leaving the key on top of the welcome mat.
Second, if by "non-broadcasting mode" you mean that you have set your
wireless router to not broadcast its SSID, that too is a bad idea.
It does not provide any security and it may cause problems, including
dropped connections.
Third, as you've discovered, Windows XP does NOT require computers to
be in the same workgroup in order to share files. The notion of
"workgroup" is merely an administrative convenience.
If you can see someone else's files as you describe, it means that
they are on the same LAN as you -- not the same ISP, the same *local*
network -- and they can see your files. The problem with this is that
even if you have a firewall, almost *all* home users have their
firewall configured to permit traffic from any local computer. In
other words, that other computer is *inside* your firewall. Until
you have corrected this situtation, be sure that you are not sharing
any files or printers.
If you are connecting to the Internet from your bridge (which is
connected to another wireless router which in turn is actually
connected to the Internet via cable, DSL, or other means), the most
likely scenario is that the other computer also is connected to that
router, either wirelessly or wired. Alternatively, someone may have
cracked the WEP encryption on your own wireless router.
Which port on your router is connected to your bridge?
Log in to your own router's configuration utility and go to
Status > Local Network
and click the "DHCP Clients Table" button. What do you see?
Do you have access to the wireless router at the other end of your
bridge? If so, log in to that router and check its DHCP Clients
Table. What do you see?
mortini wrote:
Jack.....
Thanks for your reply, but I don't believe this to be the problem.
I'm WEP enabled on my wireless router for all my LAN wireless
access( we have a wireless laptop).
and... I'm set to non-broadcasting mode as well. I don't have a
wireless connection in the PC-box itself, so I don't believe the
upgrade your referred me to would pertain to my setup.
BUT...
somehow I am seeing and having access to a neighbors computer via My
Network Places.
They are not a part of my WORKGROUP (i've changed the default
workgroup).
I'm hoping they can not view my shared folders, but am not sure.
In any case...
How is it that I can see them? And have access as well.
Could it be we are perpahs using the same Wireless ISP and this
somehow allows me to see their computer files.
thanks again for your reply.
Rob
:
Hi
If you can see another Wireless Connection it means that both yours
and the other are not encrypted.
So make sure that your Wireless security in On and problem Gone.
From the weakest to the strongest, Wireless security capacity is.
No Security
MAC______(Band Aid if nothing else is available).
WEP64____(Easy, to "Brake" by knowledgeable people).
WEP128___(A little Harder, but "Hackable" too).
WPA-PSK__(Very Hard to Brake ).
WPA-AES__(Not functionally Breakable)
WPA2____ (Not functionally Breakable).
Note 1: WPA-AES the the current entry level rendition of WPA2.
Note 2: If you use WinXP and did not updated it you would have to
download the WPA2 patch from Microsoft.
http://support.microsoft.com/kb/893357
The documentation of your Wireless devices (Wireless Router, and
Wireless Computer's Card) should state the type of security that is
available with your Wireless hardware.
All devices MUST be set to the same security level using the same
pass phrase.
Therefore the security must be set according what ever is the best
possible of one of the Wireless devices.
I.e. even if most of your system might be capable to be configured
to the max. with WPA2, but one device is only capable to be
configured to max . of WEP, to whole system must be configured to WEP.
If you need more good security and one device (like a Wireless card
that can do WEP only) is holding better security for the whole
Network, replace the device with a better one.
Setting Wireless Security -
http://www.ezlan.net/Wireless_Security.html
The Core differences between WEP, WPA, and WPA2 -
http://www.ezlan.net/wpa_wep.html
Jack (MVP-Networking).
Hello...
I am using XP-Pro with latest patches/fixes.
I am hardwired to a Linksys Wireless Router which is hardwired to
my Linksys
Bridge/Range-extender. I receive my internet connection
wirelessly thru the
Bridge.
I just noticed that there are some folders displayed in My Network
Places
that are from another computer that is not a part of my
WORKGROUP. I can
access these folders and download from them. This is a huge
security risk
for the owner of this computer.
I am wondering WHY i can see these folders, and if there is a
possibility
that others might see my shared folders as well.
I'd like to understand what's going on and inform the owner (if I
can locate
them) of this other computer of their security risk and help them
solve it.
thanks in advance
rob
--
Lem -- MS-MVP
To the moon and back with 2K words of RAM and 36K words of ROM.
http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
http://history.nasa.gov/afj/compessay.htm