Vista and wireless access

  • Thread starter Thread starter Desperate Dad!
  • Start date Start date
D

Desperate Dad!

I have a D-Link wireless router that I have three other Dell laptops
connected to without an issue. I bought my daughter a Gateway ML6720 laptop
for Christmas running Windows Vista. I do not broadcast my ssid, I use static
IP addresses on all my systems. The router uses WPA and AES for encryption.
When I put the static IP address in the wireless adapter, as I have all the
other computers, it would not allow me to access the network. I made sure the
MAC address had been added to the router to allow access. I checked the
Microsoft website and found this is a known issue and they had a hot fix for
it. The hot fix did not work, surprise. I have found several registry edits
that seem to help DHCP and wanted to know if there was something that could
help with static IP addresses. I found, while stumbling through the new OS,
that even with the wireless nic being assigned a static IP address that a
169.x.x.x address was showing up on the wireless interface as well. Is this
hard coded into the interface? Any help would be greatly appreciated. If you
have a daughter you'll understand!!!!
 
turning off SSID broadcast does not improve security and it is not
recommended.

what hotfix exactly are you referring to? what registry edits did
you make?

what router exactly? does it have the latest firmware?

please post the text output of

ipconfig /all

from a command prompt on the new computer.


I have a D-Link wireless router that I have three other Dell laptops
connected to without an issue. I bought my daughter a Gateway ML6720 laptop
for Christmas running Windows Vista. I do not broadcast my ssid, I use static
IP addresses on all my systems. The router uses WPA and AES for encryption.
When I put the static IP address in the wireless adapter, as I have all the
other computers, it would not allow me to access the network. I made sure the
MAC address had been added to the router to allow access. I checked the
Microsoft website and found this is a known issue and they had a hot fix for
it. The hot fix did not work, surprise. I have found several registry edits
that seem to help DHCP and wanted to know if there was something that could
help with static IP addresses. I found, while stumbling through the new OS,
that even with the wireless nic being assigned a static IP address that a
169.x.x.x address was showing up on the wireless interface as well. Is this
hard coded into the interface? Any help would be greatly appreciated. If you
have a daughter you'll understand!!!!
--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/
 
According to SANS.org turning off the SSID lowers your wireless exposure.

The hot fix from Microsoft is Windows6.0-KB935222-x86.msu. You can not get
to it unless you search for Vista wireless issues on the Microsoft website
and fill out a request for the hot fix. This hot fix did not correct the
issue. I made no registry edits. I said I found blogs that explained registry
edits but I did not modify any of the registry keys. KB935222 addresses
routers that use WPA and AES for encryption. The only way I was able to get
the laptop on my network was to disable all encryption. I connected the
laptop to the network then enabled encryption. The connection dropped
immediately. The odd thing is that even with the encryption enabled if I go
to Start> Help and Support and click on some of the links the Internet will
come up. There is definitely something within the OS that is blocking the
network access.

D-Link DI-624 with 2.7 version which is the only firmware update for this
unit. I have assigned all computers static IP addresses. I also have MAC
address security enabled on the router.

ipconfig/all only displays Wireless Network Adapter:

Dynamic routing enabled.

I hope I have provided enough information.
 
I don't know of any reliable authoritative source that recommends
turning SSID broadcast off.

As a test, does the issue disappear when TKIP is used?



According to SANS.org turning off the SSID lowers your wireless exposure.

The hot fix from Microsoft is Windows6.0-KB935222-x86.msu. You can not get
to it unless you search for Vista wireless issues on the Microsoft website
and fill out a request for the hot fix. This hot fix did not correct the
issue. I made no registry edits. I said I found blogs that explained registry
edits but I did not modify any of the registry keys. KB935222 addresses
routers that use WPA and AES for encryption. The only way I was able to get
the laptop on my network was to disable all encryption. I connected the
laptop to the network then enabled encryption. The connection dropped
immediately. The odd thing is that even with the encryption enabled if I go
to Start> Help and Support and click on some of the links the Internet will
come up. There is definitely something within the OS that is blocking the
network access.

D-Link DI-624 with 2.7 version which is the only firmware update for this
unit. I have assigned all computers static IP addresses. I also have MAC
address security enabled on the router.

ipconfig/all only displays Wireless Network Adapter:

Dynamic routing enabled.

I hope I have provided enough information.
--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/
 
SANS is an authoritative source. They are the source for most material on
hackering and exploits. Either way my network functions well without the SSID
being broadcast to the world. If you have ANY encryption enabled Vista just
will not connect. This is the exact reason I did not want to go to Vista
right a way. Too many bugs in the first releases.

Tonight when I get home I will try all the different encrytion options to
see if Vista favors one over the other and give you a better report. Do you
know anything about the 169.x.x.x IP address that I meantion earlier? I'll
try to find that place in Vista where I found this information and pass that
along as well.

Thanks for the suggestions though.
 
SANS is an authoritative source. They are the source for most material on
hackering and exploits. Either way my network functions well without the SSID
being broadcast to the world. If you have ANY encryption enabled Vista just
will not connect. This is the exact reason I did not want to go to Vista
right a way. Too many bugs in the first releases.

Tonight when I get home I will try all the different encrytion options to
see if Vista favors one over the other and give you a better report. Do you
know anything about the 169.x.x.x IP address that I meantion earlier? I'll
try to find that place in Vista where I found this information and pass that
along as well.

Thanks for the suggestions though.

The "169.254.x.x" address is APIPA - it's what your computer self assigns when
it can't get DHCP service. It lets your computer communicate with other
computers on the 169.254/16 subnet.
<http://nitecruzr.blogspot.com/2005/07/limited-or-no-connectivity.html>
http://nitecruzr.blogspot.com/2005/07/limited-or-no-connectivity.html

SANS is an authoritative source, and one of the best. I've seen that subject
discussed both ways - both in SANS and elsewhere. Can you provide a link to the
SANS article that you read? Here's what I have so far, which might interest
you.
<http://nitecruzr.blogspot.com/2005/05/disabling-ssid.html>
http://nitecruzr.blogspot.com/2005/05/disabling-ssid.html

And plenty of people use Vista with encrypted WiFi. Enough people have problems
with Vista in general, and post here, and make people think that Vista is a
major disaster like Windows ME. The people who are happily using their Vista
equipped computers aren't posting here, and that's a part of the perceived
problem. I personally had no problem with it, excepting that it required a lot
more resources than Windows XP, and made my laptop, originally packaged with
Windows XP, crawl.

--
Cheers,
Chuck, MS-MVP 2005-2007 [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.
 
I knew the 169.x.x.x address had been assigned to computers when an IP
address is not available but did not know it was in relation to DHCP. I
thought MS had a range assigned to them for just this reason. I wanted to
make sure my router was not refusing the connection because of IP issues. All
my systems have static IP addresses because when I was using DHCP someone
connected to my network. I use the 192.168.x.x reserved range for my home
network. Thanks for the clarification on that.

As far as SANS goes I worked in a SOC for 4 years and we used their training
material, website, and books for our resources. Several of our people were
able to complete gold certification with SANS. This is no small undertaking!!
I have a book written by one of their people on securing wireless networks
and it is what I used to secure, as much as possible, my network. That same
book is the reason I waited so long to go wireless. Since a disgruntled RSA
employee released the WEP code to the Internet community way back when I did
not want to use that as an encryption method. Once they released WPA and WPA2
I bought a router that supported it. As we say in the security community,
"Windows security is like running naked through your neighborhood." :0 )

I'm sure that Vista will have its issues just like XP did and 2000 before
it. I don't usually purchase an OS until the second release due to this very
issue. Being a security person myself I like a lot of the built in security
features. What I don't like is they have to move everything around and change
the name of things. Like Add/Remove Programs is now called something else. It
took me a while to find it in control panel. And the way they have the
networking features scattered all over the place. I'm sure once I get use to
it I'll like it just like I enjoy XP as far as Windows goes. I personally
prefer MAC/Linux, but XP is good for now.

Yes Vista is a resource hog that is for sure. Thankfully Best Buy had RAM on
sale and I upgraded the laptop to 2GB. You would thing this laptop would
scream but it doesn't. It is fast but not as fast as my XP machine with 2GB.
:0 )

The strange thing about this whole blog is that I had to drop my security
completely from the router. Once down, Vista connected easily to my network.
Once I enabled security again the connection dropped. I went to Start>Help &
Support and when I clicked the link the Internet came back up. I rebooted the
laptop to see if it would stay up and it did not. I went back to Start>Help &
Support and this time the Internet did not come back up. I clicked on a link
with in this window and the Internet came back up. I rebooted the computer
several times and the laptop connects to my network. Now that it is working
my daughter won't let me play with it any more. How funny is that!!!! I have
been playing with this thing since Christmas and finally it is working. <He
says with his fingers crossed> Maybe the hot fix took a couple days to work
through the system? At list point your guess is as good as mine. Anyway I
would like to thank you both for your help in this matter. It is nice to have
people to bounce ideas off of to resolve issues.

Sincerely,

Desperate Dad. :o )

Chuck said:
SANS is an authoritative source. They are the source for most material on
hackering and exploits. Either way my network functions well without the SSID
being broadcast to the world. If you have ANY encryption enabled Vista just
will not connect. This is the exact reason I did not want to go to Vista
right a way. Too many bugs in the first releases.

Tonight when I get home I will try all the different encrytion options to
see if Vista favors one over the other and give you a better report. Do you
know anything about the 169.x.x.x IP address that I meantion earlier? I'll
try to find that place in Vista where I found this information and pass that
along as well.

Thanks for the suggestions though.

The "169.254.x.x" address is APIPA - it's what your computer self assigns when
it can't get DHCP service. It lets your computer communicate with other
computers on the 169.254/16 subnet.
<http://nitecruzr.blogspot.com/2005/07/limited-or-no-connectivity.html>
http://nitecruzr.blogspot.com/2005/07/limited-or-no-connectivity.html

SANS is an authoritative source, and one of the best. I've seen that subject
discussed both ways - both in SANS and elsewhere. Can you provide a link to the
SANS article that you read? Here's what I have so far, which might interest
you.
<http://nitecruzr.blogspot.com/2005/05/disabling-ssid.html>
http://nitecruzr.blogspot.com/2005/05/disabling-ssid.html

And plenty of people use Vista with encrypted WiFi. Enough people have problems
with Vista in general, and post here, and make people think that Vista is a
major disaster like Windows ME. The people who are happily using their Vista
equipped computers aren't posting here, and that's a part of the perceived
problem. I personally had no problem with it, excepting that it required a lot
more resources than Windows XP, and made my laptop, originally packaged with
Windows XP, crawl.

--
Cheers,
Chuck, MS-MVP 2005-2007 [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.
 
Jeiel said:
Did you figure it out yet? My Daughter has a Gateway ML6720 as well.
It was having problems connecting to my Netgear WGT624 Router. I am
using WPA Pre-Shared Key (PSK) on my router. She has also had problems
connecting to her mom's router (I am not sure of what type) and the
Orange County FL Public Library's unsecured wired network. Today I
seriously started investigating this issue. 3 hours of dedicated
investigating I decided to update the Software Driver for the wireless
NIC. I then restarted the PC and connected to Netgear Wi-Fi almost
instantly without unsecuring my router. I am still using WPA PSK and am
currently on her PC responding to your thread. By the way, go thru
device manager to do the update. 'PC Aid Florida - Welcome to PCAid'
(http://www.pcaidfl.com)


--
Jeiel
Posted via http://www.vistaheads.com

Yo have to use WPA2 to connect to your wireless. Vista also requires you to enable your SSID to broadcast. That will resolve your connection issues. Sorry for replying to late. I thought this link had been closed.
 
Back
Top