1. Gather Network Information
* We need a few pieces of information from your router:
-- Default Gateway (Router's Address)
-- Subnet Mask
It's easy to get this information if you have a computer connected to the router. If you're using Windows, just drop into a command shell and type, "ipconfig"
In our case, the default gateway is 192.168.150.1 and our subnet mask is 255.255.255.0
* This means that it will send all requests for off-segment access (i.e. the Internet) to the gateway
* It also means that and device with this data will know that there are 255 usable IP addresses in its network segment (256-1)
2. Configure the Router's addressing Scheme
* We want to define the range that the DHCP (Dynamic Host Control Protocol) server built into the router can use when assigning addresses to devices that request a DHCP address.
1. Login to your router
2. Find the settings for the Network Setup
3. Look for the settings for the DHCP server
4. Look for the starting address and the maximum number of DHCP clients
-- This is what determines where in the 254 addresses availible to the router (255-1) the DHCP server will start serving out addresses.
-- It also determines how many addresses it will hand out. (It's consective)
** For example: If I set a start address of "192.168.150.50" and allow for 50 DHCP users, it will allocate all the addresses between 192.168.150.50 and 192.168.99 for DHCP requests.
5. Set a starting address and max users limit that makes sense for you. (Typically, 50 or fewer addresses.
6. This is also a good time to set your Client Lease Time.
-- The Client Lease parameter will tell clients that receive a DHCP address when they need to check back with the gateway to refresh their address.
-- Too short of a client lease, and your gateway could be getting bombarded with constant renewal requests.
-- Too long of a client lease, and you can run into issues with duplicated addresses when the router resets.
3. Configure the Router's Wireless
1. Turn of WPS
2. If you have the ability to enable a "guest" mode that is VLAN'd from the network, do it!
3. Know the difference between 2.4 and 5Ghz.
* There are 2 non-overlapping channels in 2.4Ghz WiFi (1, 6, 11)
* There are 23 non-overlapping channels in the 5Ghz WiFi band
* MANY devices operate in the 2.4Ghz spectrum (not just WiFi) and it tends to be crowded
* 5Ghz is less crowded
** 2.4Ghz tends to go longer distances, but 5Ghz tends to be faster
** Your router's "auto-configure" may choose an overlapping chan in 2.4Ghz... don't let it do that!
** Show off a wireless sniffer
4. Strong WPA2 Password
To Demo on the Synology RT2600AC
1. Show bands and SSID Selection
2. Show Transmit Power (Big Cells and Small Cells)
3. Show Channel Selection on 2.4Ghz
4. Show WPS (And Turn it off!)
5. Show Guest Network
6. Show AP Isolation (TURN THIS ON!)
7. Show "Local Network Access" (MAKE SURE THIS IS OFF!)