Splash of Style...Macs, Photography, Design, and other Passions

Configuring a Linksys Router

April 13, 2007 by debbie T | ComputersInternetWeb DesignWirelessWordPress

(updated 2008-11-9)

My friend Jenn is having a tough time properly configuring her Linksys wireless router, so I told her I would write a tutorial. (waving to Jenn!) Hopefully this will help her, and anyone else in need. I suggest printing this tutorial to follow along easier.

First off, let me state that I am not a security expert, so please take everything in this tutorial with a grain of salt. 😉 My router is a Linksys WRT54G wireless router, and I am using Comcast for broadband internet access. If someone is using DSL or a different router model, then settings might be slightly different.

For lots more information on wireless security, I recommend the podcast “Security Now” with Steve Gibson and Leo Laporte. Along with the audio podcast, there are also text transcripts for each show. For specific wifi discussion, locate podcasts from 2005 – episodes 10 through 13.

Let’s get started

Access the Linksys Router in Your Browser

In order to access the settings of your Linksys router, click the address http://192.168.1.1/ using any web browser (Internet Explorer, Firefox, Safari.) You can copy and paste it if the link doesn’t work for you.

In the log in window, type user name “admin” and unless you previously changed the access password, the default password will be “admin”.

If you are having trouble gaining access, you may want to reset the router back to its default settings by pushing the reset button on the back of the router. Important! if the router is reset, all previous settings will be lost.

Change Your Administration Password

If you gained access to the router settings using the default password “admin” CHANGE THAT PASSWORD IMMEDIATELY!

Any stranger with access to your wireless connection can get into your settings and mess around. A malicious user can change certain settings and the password to lock you out of your own connection.

To change the admin password, click the Administration tab.

Type in a new password, then re-enter the password to confirm. Next time you log into the router using your browser, you will need to use this new password. Keep it in a safe place.

image of admin page

Make sure your password is strong. Do not use passwords that are easy to decipher. Security Stats has an easy to use password strength tool. Check out their tips for selecting a good strong password.

While you are in the admin screen, disable UNPnP (Universal Plug n Play) – UNPnP is used by certain programs to automatically open ports for communication, and can open an unwanted security hole in your router.

Click the “Save Settings” button at the bottom of the page.

Basic Wireless Settings

Click to select the Wireless tab, then Basic Wireless Settings.

Leave “mixed” for Wireless Network Mode, unless you have specific reasons to disable G or B client access. If you wish to disable wireless access altogether, choose disable from the menu.

image of basic wireless settings

It is recommended to edit the Network Name – this is the name that displays when connecting from your laptop or other wireless enabled device (if you enable SSID broadcast.)

It is up for debate whether to disable or enable SSID broadcast. Search on google for ssid broadcast and read through the advise. Most will recommend to disable. Personally, I have SSID broadcast enabled. In my opinion, it is better to use an extremely strong WPA password (more on that later), but if you feel safer keeping it disabled, then by all means, do it. Keep in mind it is not a fool-proof security.

Next, choosing a wireless channel. The support pages at Linksys.com state “Preferred channels to use are 1, 6 and 11 since they are considered non-overlapping channels.” I am using channel 11. If you have a 2.4ghz cordless phone, you might have interference problems. For more information, use google to search for choosing a router wireless channel.

Click the “Save Settings” button at the bottom of the page.

Wireless Security Settings

Click to select the Wireless Security tab.

The best mode of wireless security is WPA encryption. I use WPA Personal, because it seemed to have the least conflicts. Do not use WEP encryption, as it can be easily hacked.

Update 2008-11-9: It is now best to use WPA2 Personal, not WPA.

image of wireless security settings

For WPA Algorithms, use TKIP. According to Linksys help files, TKIP utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers.

Update: 2008-11-9: It has been now found that TKIP is not as secure as once thought. It’s best to use WPA2 and AES. Do not choose TKIP + AES. For more details on the flaw, read my newer tutorial: http://splashofstyle.com/archives/2008/11/09/change-linksys-router-wireless-security-to-wpa2/

Next is WPA Shared Key. The shared key is the password that all users will need to access your wireless network.

This is not the time to use a flimsy password. Your wireless security depends on a solid strong password. Your WPA password can be creating using up to 63 characters; think of a password using numbers, lower & upper case letters, along with special characters like & or @.

Don’t worry about having to memorize this password. In most cases, once you type it to access the wifi connection, you shouldn’t have to type it again. So, don’t skimp on the complexity of your WPA shared key. Steve Gibson offers a strong password generator on his web site. Each time the page is displayed, a new set of passwords is generated. There is a choice of three. I like the one with the ASCII characters.

Important to remember, this password should not be the same as your admin password.

Please do not lose the shared key password. Make sure to keep it in a safe place, just in case you need it in the future. A visitor to your home, a reinstalled operating system, and a new computer are all reasons that might warrant the need to access the wireless network as a new user.

Lastly, the Group Key Renewal can be left at the default. I won’t pretend that I know exactly what this setting is, but if you are curious, google will give you answers. Search for Group Key Renewal.

Click the “Save Settings” button at the bottom of the page.

The Router Firewall

Whether you enable wireless connectivity or not, the router (hardware) firewall should be enabled. A hardware firewall will protect all wired and wirelessly connected computer systems much more efficiently than a software firewall. Note: It is still advised to run a software firewall as it offers additional protection.

Click to choose the Security tab; enable the firewall, then check the boxes next to:

image for firewall settings

Click the “Save Settings” button at the bottom of the page.

Final Thoughts

Well, that should be all the major setting choices. Do some exploring on your own, such as the Parental Control and Internet Access found in the Access Restrictions section. If you find a setting that intrigues you, search for it on google.

Good luck and be safe!

There are 40 comments

  1. Very nicely written article!

    Instead of trying to type a random, 63 character password as generated on Steve Gibson’s secure site, I strongly recommend copying and pasting the file into Notepad or a similar text editor then pasting it into the WPA configuration page on the router, and the wireless cards configuration.

    It’s kind of frustrating to type 63 random characters and to try and figure out where the typo is, or which character you’re missing.

    One caveat, don’t send the key over your wireless connection to your wireless computer! This would result in your long, random pre-shared key going clear text to your other computer. Kind of defeats the purpose. Get it to the other computer by saving to a USB Drive, a Floppy, or over a wired connection.

    Again, well written article.

    Ted

    Comment by Ted on April 15th, 2007

  2. Oh Ted, excellent points!

    You are absolutely correct about the lack of security when pasting the password from Steve Gibson’s web page, and into your wireless computer!

    Plug in your computer using an ethernet cable (into the router) then copy and paste.

    If an ethernet cable is not handy, then get online using a wired computer, and copy the key to a CD or USB drive.

    Actually, if neither of these options are suitable for your situation, it is just as easy to let your own fingers generate a random key.

    In Notepad, (or any text editor) type a string consisting of numerical, lower case letters, upper case letters, along with a smidgen of special characters, and you got yourself a passkey.

    Thank you for your comments, Ted!

    Comment by debbieT on April 15th, 2007

  3. hey deb, that was great and easy to follow, and it worked! thank you so much we are now secure
    jenn

    Comment by Jen on April 15th, 2007

  4. Woo-hoo! Glad to hear it, Jenn!

    Comment by debbieT on April 15th, 2007

  5. Fantastic article,Very Very useful stuff.

    Thanks a ton.
    Yogesh

    Comment by Yogesh on April 24th, 2007

  6. I have been trying to set-up access restrictions on my Linksys router and discovered that they only work when the firewall setting is enabled. This may be common knowlege to some people but it took me hours to figure it out. I still can’t get the restricted hours setting to work correctly. No matter what hours I set, the MAC addresses I’ve entered lose their internet access immediately when I enable the policy.

    Any ideas?

    Comment by Kathie on June 2nd, 2007

  7. sorry Kathie, I don’t use any access restrictions. Have you tried calling LinkSys? I have spoken to them a couple of times, and although it appears the call center is in India, they seemed to know the answers.

    Maybe they can help you with this! Good luck!

    Comment by debbieT on June 3rd, 2007

  8. One thing I forgot, it’s also good to change your SSID from its default. It should be something hard to guess.

    Comment by Ted on June 6th, 2007

  9. If I am trying to add a wireless printer to my home, do I need to disable the linksys router firewall just to do the install? ie, Can I reactivate the firewall after everything is working and will it keep working with the firewall enabled?

    Comment by mary jean on December 29th, 2008

  10. Hello Mary Jean,
    I have no idea. Why do you have to disable the firewall? Is it in the printer instructions? I don’t use a wifi printer, so I really don’t know. Sorry.

    I wouldn’t disable the firewall, I would probably just edit the firewall settings to allow the printer to work.

    Good luck!

    Comment by debbie T on December 29th, 2008

  11. I am printing this to set up my Linksys again. I do have a question though.
    I use my work laptop and a MAC wirelessly without any problems. But when my daughter comes on with her laptop (Sony Viao) it knocks my work laptop off, kills my VPN connection etc. but the MAC is just fine. any idea?

    Comment by Dan on December 30th, 2008

  12. Hey Dan,
    The only thing I can think of (and I really am not a network expert) is that you are allowing only “so many” users…in basic setup, look for “Maximum Number of DHCP Users” – I have no idea if that has anything to do w/ your problem, but if the number is “2” perhaps that’s why.

    And what you might want to try is first back up your settings (Admin>Config Management) and then revert all settings back to factory defaults. You can easily restore your saved settings using the same tab later if necessary.

    If there is no problem with your daughter’s laptop after that, then you know it’s one of the settings you had before.

    I am sorry I can’t be more helpful. Good luck!

    Oh and come back and post the info if you figure out why the Sony was messing things up.

    Comment by debbie T on December 30th, 2008

  13. This article was easy to read, easy to follow, and extremely helpful. Thank you so much. I am so lucky I stumbled apon it. Not what I expected from the title ‘Splash of Style.’ Thanks again.

    Comment by russot1 on May 20th, 2009

  14. Thanks Russot1!

    Comment by debbie T on May 20th, 2009

  15. I am having a problem with my Linksys router. I can only use my router if I have the wireless security set to “disable.” I have tried WPA-Personal, generated a passphrase, saved the settings. However I am then unable to connect through my router. As soon as I connect my computer to the router and reverse the settings, I’m online again. I also was unable to connect using Wi-Fi at my work with my computer. I have the instructions and login id/passwords, but my computer would never connect. Is there some setting specific to my computer that could be affecting my ability to connect to secure networks? I am very “UN-knowledgeable” about how these things work. Thanks!

    Comment by amy on June 6th, 2009

  16. Hello Amy,

    Are you using WPA2? Is your computer older? Some computers don’t have the technology to connect to WPA2.

    Other than that, the only thing I can think of is that you aren’t typing in the correct passphrase when trying to connect wirelessly.

    You do get a password prompt when trying to connect the computer, right?

    And are you sure you aren’t trying to connect to another wireless network in your neighborhood? You definitely are trying to connect to yours, right?

    Sorry I can’t be more helpful, but it’s very difficult to troubleshoot when you can’t see what’s actually going on on your system.

    Good luck Amy!

    Comment by debbie T on June 6th, 2009

  17. Hi;

    Thank you for a wonderful write-up!

    Have you tried to log-onto the 192.168.1.1 site recently?

    It does not seem to work for me. Can I perform the procedure using any other site?

    Thanx.

    Comment by mal on July 7th, 2009

  18. Mal,

    I just checked and I can access 192.168.1.1 just fine, I am sorry you are having issues.

    But it sounds like your problem has happened to others.

    google “can’t connect to 192.168.1.1” and hopefully one of the listed sites will help.

    Good luck

    Comment by debbie T on July 8th, 2009

  19. Well written, pertinent and helpful. Thx

    Comment by Darrell on August 30th, 2009

  20. Thanks Darrell! Glad it helped you!

    Comment by debbie T on August 30th, 2009

  21. I’ve used this guide on two separate occasions and found it extremely helpful, thank you very much!

    Comment by Jess on November 7th, 2009

  22. Hey Jess, so happy to hear that it helped you!

    Comment by debbie T on November 9th, 2009

  23. Thank you so much for this walkthrough! You saved my wife and I from networking hell 🙂

    Thank you so very much,
    Shane & Kriss

    Comment by Shane & Kriss on December 29th, 2009

  24. Networking can be hell, can’t it? Thank you for your comment, Shane and Kriss!

    Comment by debbie T on January 5th, 2010

  25. http://192.168.1.1

    Dont forget the http:// or will not be able to connect…

    Comment by James on January 30th, 2010

  26. I found you website on the Q. Great site!

    I secured my router, but my MacBook Pro has to be added to my network. I am not sure if you have a mac laptop but if you do, could you help me with that.

    Thank you so much for the help with the linksys router

    Comment by Catherine Mortensen on April 14th, 2010

  27. I responded to your post on the other forum, but I will post here as well.

    Google is a great resource for questions:

    http://www.google.com/search?q=connecting+mac+to+wifi

    Comment by debbie T on April 15th, 2010

  28. You are the best. It worked! 100%. Now back to taking an online exam. :^)

    Comment by gabi on November 14th, 2010

  29. I have a Linksys WRT54G router. I wish to set up my laptop to work wirelessly with a Brother HL4070CDW printer. The printer setup instructions say to first deternime the following router settings:

    Comment by Paul Reeves on January 10th, 2011

  30. Sorry for the false start above. I have a Linksys WRT54G router. I wish to set up my laptop to work wirelessly with a Brother HL4070CDW printer. The printer setup instructions say to first determine the SSID, Authentication Method, Encryption Mode, and Encryption Key of the router. When I installed the router I went with the default settings. I found the SSID (linksys) on 192.168.1.1, and maybe the Authentication Method (AUTO), but the terminology on the other two don’t match up with the choices closely enough to be sure what they are.Can anyone tell me exactly how to determine the installed settings from the info in my computer, or alternatively, what the default settings from the factory are?

    Thanks

    Comment by Paul Reeves on January 10th, 2011

  31. Hey Paul,

    The Encryption Mode is what you’ve set on the router, either WEP, WPA, WPA2 or if you left it at default, no security, leaving it as an open network, which is HIGHLY not recommended (read the above article)

    and the key is the password you set for the encryption mode, again, read the article on steps to set a password/key

    Good luck!

    Comment by debbie T on January 13th, 2011

  32. thank you. I’ve used this post at least 5 times since I found it. brilliant.

    Happy New Year debbie T !!

    Comment by johnbd on January 10th, 2012

  33. THIS was so helpful! It answered every single question and was explained so nice! Thanks for doing this!

    Comment by Lindsey on January 18th, 2012

  34. thanks to Lindsey and Johnbd. I’ve used this tutorial myself over the years a few times as well.

    Comment by debbie T on January 18th, 2012

  35. Recently security researchers revealed a vulnerability in WiFi Protected Setup, an optional device configuration protocol for wireless access points.

    The only way to block the attack was to turn on Media Access Control (MAC) address filtering to block unwanted hardware.

    http://arstechnica.com/business/news/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver.ars

    Comment by johnbd on January 19th, 2012

  36. Thank you for posting this, Johnbd. Wow, this is pretty bad. Yikes, even if WPS is turned off, it doesn’t matter.

    I’m going to do some more research, thanks again!

    Comment by debbie T on January 27th, 2012

  37. Hello again, after a bit of googling, I found a google doc listing a good amount of router models, and if they are vulnerable, and more importantly if WPS can be disabled.

    Link to google doc: https://docs.google.com/spreadsheet/ccc?key=0Ags-JmeLMFP2dFp2dkhJZGIxTTFkdFpEUDNSSHZEN3c#gid=0

    It looks like a lot of Linksys/Cisco router owners are out of luck right now, as WPS cannot be disabled on most if not all of the newer models.

    I’m lucky that I have a router now that isn’t vulnerable.

    Wow, I hope it gets fixed soon. A lot of my relatives have Linksys routers.

    Comment by debbie T on January 27th, 2012

  38. It just occurred to me, that if enabling MAC filtering is effective, turning off DHCP may be just as much. Then you would have to assign static IPs; but how bad would that be on a SOHO LAN?

    Comment by johnbd on January 27th, 2012

  39. I just edited my original comment to include the link to the google doc with the list of routers and details on their vulnerability.

    Anyway, John, no I don’t think Mac filtering is going to help, mac addresses can be easily spoofed, and if someone is going to the trouble to hack into your wifi, they are going to know ALL the tricks.

    From what I’ve read, there is no easy answer right now for a lot of router brands except a firmware fix that could take months to release.

    The good news is there are many routers that are not susceptible to the hack, like apple airports and thankfully Verizon Fios routers.

    I’m waiting for the transcript for Security Now’s latest podcast, or perhaps I’ll try to listen today.

    here is the link to GRC’s main podcast page:
    http://www.grc.com/securitynow.htm

    and the link to the podcast audio/video at twit.tv:
    http://twit.tv/sn

    Comment by debbie T on January 27th, 2012

  40. Thank you I tried to use the Lynksys website and could not figure it out this was much simpler!

    Comment by Lucy on July 25th, 2012