Tuesday, July 15, 2008

Using a Wireless Laptop at Work and at Home

So you've got a brand new laptop at the office. Maybe you're really lucky and got a Tablet PC. Whatever model or brand you got, it almost certainly includes wireless support. Now you can work from anywhere in the office or campus without having to find an available network plug. Your IT department will handle setting up your new laptop for the work network. Make sure they show you how to connect to the network when you're on the road or outside the office. They probably have specific instructions or software you need to use to make a virtual private network (VPN) connection to the network.
But when you bring your new wireless laptop home, you're in charge of making it work with the wireless setup you have there. And if you want to work from your neighborhood coffee shop, that's up to you too. In this column, I'll help you set up that laptop so that you can easily connect your work laptop to your home network. I'll also provide some tips when using a public wireless access point (also known as a "hot spot").

Home Wireless Network Configuration
So you bring your wireless-enabled laptop home, and you want to connect it to your home wireless network and have it work without too much intervention. After you get everything set up, it should be fairly straightforward.
For the purposes of this discussion, we're going to assume some basic parameters and equipment. If your home network looks a bit different, you'll still be able to make things work, but it may not be quite as simple and straightforward. Figure 1 shows a typical home wired/wireless network that includes a cable or DSL modem, a wireless gateway that has four wired network ports, and computers for the kitchen, home office, and the kids' bedroom.

Figure 1


Our home network has a multi-mode D-Link DI-774 gateway that works with the built-in 802.11b in our new work laptop. The wireless network name we're using at home is "ExampleHome_g". This is often called the service set identifier (SSID) by wireless manufacturers and is a case-sensitive name that uniquely identifies the network. Each brand's methodology for setup is a bit different, so setting up yours may differ slightly from what I show here.

Specify the Gateway SSID
To make your home wireless network secure, you should never use the default SSID provided by the manufacturer. So one of the first things you'll want to do with a new wireless gateway is set it to something other than the defaults that it ships with. With the D-Link DI-774 gateway, I first needed to connect it to the cable modem and insert it between my home network and that cable modem, by following these steps:
• Power up the gateway device and then power down the cable modem.
• Connect the WAN port on the gateway to the Ethernet port on the cable modem, and power up the cable modem.
• Connect the LAN Port 1 of the gateway to the Ethernet port on my home office PC. This was the computer that had been plugged in to the cable modem.
• Restart PC.
Now I was able to connect my laptop directly to the DI-774 gateway using a Web browser and set the SSID for my home wireless network, as shown in Figure 2.


Figure 2


Also set your WEP or Wi-Fi Protected Access(WPA) encryption for the network at this time. For an excellent article on setting up WPA on a home network, see Barb Bowman's WPA Wireless Security for Home Networks. It includes information on how to configure your gateway device and Windows XP-based computers to use WPA.
Add the Home SSID to the Preferred Network List
After you set the SSID on your home gateway, you may need to add it to your preferred network list if Windows XP Wireless Auto Configuration is enabled. (Although automatic configuration is nice to have, your IT department may have disabled it on your laptop in order to meet their needs. If they have, you'll need to use the tool provided by your laptop or wireless manufacturer to manually configure wireless settings.) To manually add your home wireless network to the list of preferred networks when Wireless Auto Configuration is enabled, follow these steps:
• In Control Panel, click Network and Internet Connections, and then click Network Connections.
• Right-click the Wireless Network Connection, and then click Properties.
• On the Wireless Networks tab, shown in Figure 3, click Add.


Figure 3


• In the Wireless network properties dialog box, shown in Figure 4, enter the SSID you configured for your wireless gateway (ExampleHome_g in this example.)


Figure 4


Note: Figure 4 assumes you've added the Windows WPA Client Update. If you haven't downloaded and installed it, you probably should. For more on the WPA Client Update, see Overview of the WPA Wireless Security Update in Window XP.
• Fill in the rest of the fields, including the necessary authentication and encryption information based on the configuration of your wireless gateway.
• Click OK and your home network will be added to the list of preferred networks.
Now, whenever you're at home, your work laptop should automatically see your home wireless network and connect to it.

Secure Your Home Wireless Network

Although by no means foolproof, hiding your home network from the casual neighborhood wireless browser is a good idea. After you've set up your laptop to connect to your home network, go into the wireless gateway's configuration tool and disable SSID broadcast. This prevents casual snoopers from seeing your network. Since you've already configured your laptop to connect, it will be able to see the network even though you have turned off SSID broadcasting.
Another way to limit your exposure to casual snoopers of your wireless network is to configure the wireless gateway to only allow specific wireless cards to connect to it. This is done by using physical or media access control (MAC) address access control lists. Each manufacturer of wireless gateways has a slightly different way of doing it, but virtually all of them let you create a list of MAC addresses that can use your gateway. With the D-Link DI-774 software, you click the Filters button, and then click the Advanced tab, as shown in Figure 5.


Figure 5


You can find the MAC address of your network cards by looking at their label. Or in Windows XP, by following these steps:
• Click Start, click Control Panel, click Network and Internet Connections, and then click Network Connections.
• Double-click the wireless network connection from the list of available network connections. This shows you the status of the wireless network connections.
• On the Support tab, click Details to open the Network Connection Details dialog box shown in Figure 6. The Physical Address is the MAC address for that network connection.


Figure 6


Enjoy Secure Public Wireless
Virtual private networks (VPNs) allow you to connect to your work network even from a public Wi-Fi access point or hot spot. Hot spots are free or commercial access points that allow anyone to connect to the Internet if they have 802.11b wireless capability. For more information about everything Wi-Fi, see Wi-Fi Alliance and Wi-Fi Planet.
The catch with public hot spots is that they have no security at all. This means that unless you take steps to protect your laptop, anyone with a wireless card can access your computer without you even being aware of it. They can also read the actual packets that you're sending to the Internet. Not only will you want to make sure you are running Internet Connection Firewall or some other firewall on the wireless connection of your laptop, but you really don't want to do work containing sensitive information while you're connected at your local coffee shop.
I'm not going to try to cover all the aspects of wireless connectivity on the road. Barb Bowman has already done a great job on that in her On the Road Again column. It includes information on how to connect to a wireless network in a hot spot and how to configure Network Connections in Windows XP to obtain an IP address automatically or to use one that you've supplied.

By Charlie Russel, Microsoft MVP for Windows Server and Tablet PC
Previous Post
Next Post

post written by:

0 komentar: