If I switch to static IP

[Jim Slager]

If I want to switch to static IP and I'm programming my router from a
networked computer, will I lose connection with the router at the instant
that I Save Settings? Does it make any difference whether the computer is
wireless or wired to the router?

 

[Steve Winograd [MVP]]

If I want to switch to static IP and I'm programming my router from a
networked computer, will I lose connection with the router at the instant
that I Save Settings? Does it make any difference whether the computer is
wireless or wired to the router?

If you change the router's local area network IP address, you'll lose
contact with the router at that instant. In that case, assign the
proper static configuration (IP address, subnet mask, default gateway,
DNS server) to your computer's network connection (wired or wireless)
and you'll be able to access the router again at its new address.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

Thanks, Steve. And I'll remember to disable mac filtering before changing
to static IP outside the filtering range.

 

[Steve Winograd [MVP]]

Thanks, Steve. And I'll remember to disable mac filtering before changing
to static IP outside the filtering range.

You're welcome, Jim.

I don't understand your reference to mac filtering, which creates a
list of physical network cards (based on their built-in hardware
identifying number) that can connect to a router. I don't see how
that's related to IP addresses.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

Steve, I had a misconception about mac filtering. Now I see that it
doesn't change as IPs change. So I can just leave it enabled, right?

 

[Steve Winograd [MVP]]

Steve, I had a misconception about mac filtering. Now I see that it
doesn't change as IPs change. So I can just leave it enabled, right?

Right.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

Steve, I tried switching to static IP and it was a mess. After changing
the router I could not reestablish connection to it. Also, my wireless
printer decided to also apply its new static IP to its default gateway. I
ended my resetting the router and the printer and redoing everything just to
get back to where I started. I won't try that again.

Instead the limit of my goals is just to move my Starting IP Address to some
random place in the allowable range and restrict the Max DHCP users to the
exact number I need. Question: when I change the starting address and save
settings, will the old IPs stay until (1) the computers logon again or (2)
the leases expire on the old IPs and the computers logon again?

If the answer is (2) then I guess that I'll have to have both the old and
new ranges defined in Norton Internet Security Trusted Zones until everyone
has switched to the new range.

 

[Steve Winograd [MVP]]

Steve, I tried switching to static IP and it was a mess. After changing
the router I could not reestablish connection to it. Also, my wireless
printer decided to also apply its new static IP to its default gateway. I
ended my resetting the router and the printer and redoing everything just to
get back to where I started. I won't try that again.

Instead the limit of my goals is just to move my Starting IP Address to some
random place in the allowable range and restrict the Max DHCP users to the
exact number I need. Question: when I change the starting address and save
settings, will the old IPs stay until (1) the computers logon again or (2)
the leases expire on the old IPs and the computers logon again?

The old IPs will remain until the computers renew their leases. That
will happen when they log off and back on or when the power is turned
off and back on. It will also happen at some unpredictable time
during the lease period -- they'll renew the lease before it expires.

If the answer is (2) then I guess that I'll have to have both the old and
new ranges defined in Norton Internet Security Trusted Zones until everyone
has switched to the new range.

That should work. Another possibility is to change the router
settings and then manually release and renew the lease on each
computer: ipconfig/release followed by ipconfig/renew, or
disable/enable the network connection.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

I did the change to the starting IP. I noticed that my router, Linksys
WRT54G, has 192.168.1 hardwired in and I can only change the last field.
Then I did ipconfig release and renew on each computer and it all worked. I
revised the NIS Trusted Zones. The only problem I have is that I can't
figure out any way to make my HP2510 wireless printer do a release-renew.

 

[Steve Winograd [MVP]]

I did the change to the starting IP. I noticed that my router, Linksys
WRT54G, has 192.168.1 hardwired in and I can only change the last field.
Then I did ipconfig release and renew on each computer and it all worked. I
revised the NIS Trusted Zones. The only problem I have is that I can't
figure out any way to make my HP2510 wireless printer do a release-renew.

Try turning the printer off and then turning it back on.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

That did it, Steve. Thanks for all your help.

Try turning the printer off and then turning it back on.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Steve Winograd [MVP]]

That did it, Steve. Thanks for all your help.

You're welcome, Jim.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

Steve, I thought I was in good shape for security and then I read this
http://www.sans.org/rr/papers/index.php?id=167 (Note: you may need Acrobat
6.0.1.) which says that it is easy to penetrate wifi with Net Stumbler and
wep can be cracked whether 64 or 128. Maybe no one would go to the effort
to penetrate my little network but it has me thinking harder about the whole
thing. So I listed all my security features and grouped them into good and
bad:

Things I'm happy about:
Linksys WRT54G hardware router
Operating mode set as Gateway
Firewall protection enabled
Block anonymous internet requests enabled
Remote management disabled
Password set
WEP Encription
MAC filtering with "Permit Only PCs listed to access the wireless network"
enabled
Non-standard IP starting address
Max number of DHCP users exactly matches my needs
Norton Internet Security with Trusted Zone set to exact requirements
Norton Antivirus

Things I'm not so happy about:
WEP is 64 not 128. Maybe I'll switch over to 128.
Authentication is Auto
SSID is broadcast
I'm using defaults for NIS Internet Access Control and have no idea what
most of them mean.

I'd appreciate any comments you'd like to make. I'm also going to cross
post on the Security thread (just this once.)

 

[Steve Winograd [MVP]]

Steve, I thought I was in good shape for security and then I read this
http://www.sans.org/rr/papers/index.php?id=167 (Note: you may need Acrobat
6.0.1.) which says that it is easy to penetrate wifi with Net Stumbler and
wep can be cracked whether 64 or 128. Maybe no one would go to the effort
to penetrate my little network but it has me thinking harder about the whole
thing. So I listed all my security features and grouped them into good and
bad:

Things I'm happy about:
Linksys WRT54G hardware router
Operating mode set as Gateway
Firewall protection enabled
Block anonymous internet requests enabled
Remote management disabled
Password set
WEP Encription
MAC filtering with "Permit Only PCs listed to access the wireless network"
enabled
Non-standard IP starting address
Max number of DHCP users exactly matches my needs
Norton Internet Security with Trusted Zone set to exact requirements
Norton Antivirus

Things I'm not so happy about:
WEP is 64 not 128. Maybe I'll switch over to 128.
Authentication is Auto
SSID is broadcast
I'm using defaults for NIS Internet Access Control and have no idea what
most of them mean.

I'd appreciate any comments you'd like to make. I'm also going to cross
post on the Security thread (just this once.)

I'd use the highest level of WEP encryption that your hardware and
software supports and consider changing your WEP encryption key
regularly.

You're right that your wireless network isn't 100% safe. Nothing in
life is. However, in my opinion, you've taken more than adequate
precautions to safeguard a typical home wireless network. It's
extremely unlikely that anyone will camp out within 100' or so of your
house long enough to sniff the necessary traffic, crack your
encryption, clone your MAC addresses, etc. There are so many
wide-open unencrypted networks around that it just isn't worth
someone's time and effort to break into yours.

If you had a business or government network with confidential or
classified data, I'd suggest employing industrial-strength security
measures.

I'll be interested to see what the security experts say.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

Steve, I actually did the cross post on the windows.networking.wireless
group since it seemed better after I posted to you. It was posted on 2/3 at
1:41 PM and got replies from John Archer and Jeff Durham. I'm trying to
figure out if I can upgrade to G and WPA at the same time and whether it is
worth it or not.

 

[Steve Winograd [MVP]]

Steve, I'm asking my question on this thread rather than the Can't Ping
Myself thread because I'm asking you to recommend a product which you may be
reluctant to do on an active thread. This thread is almost private between
you and me. If you're still reluctant, please reply to the email you get by
combining jslager at iname dot com.


What should I replace it with? ZA, McAfee, ????

I'm not the least bit reluctant to express my opinions, Jim, in this
thread, that thread, or anywhere.

I don't personally recommend Norton or McAfee products. I find their
interfaces intrusive, and there are lower-cost products that are just
as good.

I've installed the free version of ZoneAlarm many times and it has
always worked fine, except for sometimes leaving bits of itself behind
when it's un-installed.

These are my personal opinions. I don't speak for the MVP program,
Microsoft, or anyone else.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Jim Slager]

Well, I switched to Zone Labs. Everything fine so far except that it
immediately detected a network at 192.168.1.0. If it said 192.168.1.1 that
would be my router. But I don't have anything at the other IP. Any Ideas?

 

[Jim Slager]

Steve, one other thing. When I uninstalled NIS it took NAV with it. Do
you think that ZA antivirus is as good as Norton's? Do you use ZA antivirus
as well as Internet Security?

 

[Steve Winograd [MVP]]

Well, I switched to Zone Labs. Everything fine so far except that it
immediately detected a network at 192.168.1.0. If it said 192.168.1.1 that
would be my router. But I don't have anything at the other IP. Any Ideas?

192.168.1.0 is a shorthand representing your router and all of the
computers in your network, which can have IP addresses between
192.168.1.1 and 192.168.1.254. It's fine.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

 

[Steve Winograd [MVP]]

Steve, one other thing. When I uninstalled NIS it took NAV with it. Do
you think that ZA antivirus is as good as Norton's? Do you use ZA antivirus
as well as Internet Security?

I'm sorry, Jim, but I'm not familiar with an antivirus program from
ZoneAlarm.

I believe that you can re-install NAV without installing NIS. Check
the product documentation.

I strongly recommend dropping this thread and posting any future
messages in a new thread with a subject title that describes what
you're asking about.

Please don't think of this as a dialogue between you and me. It
includes everyone in the news group. I don't have all the answers,
and I don't have time to read or reply to every message.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com