NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Build a LAN with a WNDR3400v2
I'm trying to make a wifi LAN with 4 devices for sharing. I don't need full time internet as it's a metered connection and I want to keep data usage down to a minimum. (It seems I need the internet connection for updating/setup for the router) All I have for internet connection is wireless hotspot on my S4.
"EVERYONE" claims I need "fulltime" internet or WAN to operate a LAN. I've seen C/NET articles that state LAN networks can be set up WITHOUT internet connection. C/NET is a well respected website with a wealth of good information about computer technology. What I can't find is HOW to set up the LAN I want.
The devices I want to share with are: HP TouchSmart IQ500 series desktop w/W10
Asus Eee PC 1005PEB netbook w/W7 Starter
Polaroid M10 2-1 tablet w/Marshmallow
Galaxy SPH1337 S4 smartphone w/KitKat 4.4.2
It's a conundrum and challenge for me and would love for a knowledgeable tech person to help me figure this out. I'm willing to email off here and will post results to this if it's solved. I admit, it's bigger than the subject line.
OH, how do I change my email address here? Nothing listed in my profile or settings.
FredReed wrote:
I forgot to mention this, I read about and watched a demonstration on "Pixiedust".
I'm not sure if it was a "brute force" attack over the internet or over the wifi signal.
Do you know? I'm sure there are newer ones since then too.
These attacks are to break into wifi. Your router is not vulnerable to Pixie Dust. I haven't seen anything specific on WPS brute force attacks. But if you simply disable WPS on your router, you won't be vulnerable to this whole class of attacks.
Passphrases (and pins) can always be attacked by brute-force (which amounts to trying all possible passphrases). There are ways to slow these attacks down - for instance, if the router is slow to respond after a couple of failed connection attempts, then the brute-force attack will take a lot longer. Even a small delay is enough to make these attacks useless (because there are so many passphrases to try).
If you are worried about this particular threat, you can reduce the risk by turning your router's wifi off when you aren't using it, and by changing the passphrase from time to time. In general, longer passphrases will be harder to discover by brute force guessing.
57 Replies
- Ok,
Just tried W7 ipconfig again...
Same results. The black window came up and disappeared right away. I don't know what to say now. - OK,
1) Yes, I was on the S4 tether at the time so, that is the S4 ipconfig, yes?
2) Did the ipconfig from W7 once, all were "Media disconnected"
Twice with router connected and I'VE was 10.0.0.4
All the rest were "Media disconnected"
3) Did ipconfig on W10, found I'VE to be 10.0.0.2
All others were "Media disconnected"
(Interesting item: W10 computer has two more wireless LAN adapter local area connections)
4) Both Android "S4 and M10" don't have CMD.EXE ipconfig functions as they are Android OS? - Ok, I think it's beginning to sink in... (making notes) What I see on the black box (name of it?) is each of the "adapter" names (the phone extension outlets) and which ones are connected and in use along with the "10.0.0.x" numbers assigned to them. Otherwise it says "Media disconnected" or NOT in use. (An extension phone is not plugged into that outlet)
I also see besides Ethernet, wifi and bluetooth adapters, others called "tunnel" adapters, isatap and another called "...Terado Tunneling Pseudo-Interface".
Both wireless LAN wifi adapters in W7 and W10 have default Gateways of 10.0.0.1 and that is the one you use on yours. Correct?
Now, how is this information seen on my Android units?
StephenB, this may be "old hat" to you but I hope you get satisfaction from teaching a NOOB. - The I'VE is supposed to IPv4 in my 10:10pm post!!! Stupid autocorrect!!!
- NO wait!... where I referred to the phone outlets and extension phones, instead, each adapter is like an additional phone LINE in each computer (multi-line extension phone). I'm remembering the phones with the 5/6 clear plastic buttons on the front that light up (assign the IPv4 number). Am I getting this?
If there is only one number assigned to that phone, only one button (IPV4 address) will work.
The rest are as I observed earlier, disconnected but available for use later. Right? - I also see "Link-Local IPv6 Addresses on W7 and W10. Much longer numbers!
As this is a dual band, how do I know which band works better, 2.4 or 5.0?
Now I'm looking up the Android "command prompt" method.
FredReed wrote:
I also see "Link-Local IPv6 Addresses on W7 and W10. Much longer numbers!
As this is a dual band, how do I know which band works better, 2.4 or 5.0?IPv6 is a different numbering scheme. There are only 4 billion IPv4 addresses - which seemed like a lot in the 1980s, but they ran out this century. There are a variety of stop-gap measures in place to keep Ipv4 running, but IPv6 is intended to be the long range solution. The very long numbers are to accomodate a lot more devices (about 3.4×1038 ).
So those addresses are not about dual band.
But your router does support dual-band. You should see two different WiFi network names for it - the 5G one likely has -5G at the end of its name. It's possible that your PCs won't see this network (they might only use 2.4 ghz). But your S4 should be seeing it. 5G will give you better performance. The signal doesn't travel as far, so there will be less competition from your neighbors.
You'll still only have one private network btw - you just have three different ways to connect to it (ethernet, 2.4 ghz, 5 ghz). All will use the same ipv4 address range.
1) Yes, I was on the S4 tether at the time so, that is the S4 ipconfig, yes?
Yes.
4) Both Android "S4 and M10" don't have CMD.EXE ipconfig functions as they are Android OS?Yes. There are ways to see the addresses there too, but they are different and I thought the PCs would be enough. If you go into the settings of the phone, you can access the wifi settings (on nougat that's under "connections", I don't recall the marshmallow or kitkat organization). You can tap on the network name, and it will show you the IP address (and the encryption method and some indication of signal strength).
There are also some Android apps that let you run ping.
BTW, I just call the black window the "CMD Box".
2) Did the ipconfig from W7 once, all were "Media disconnected"
Twice with router connected and I'VE was 10.0.0.4
All the rest were "Media disconnected"
3) Did ipconfig on W10, found I'VE to be 10.0.0.2
All others were "Media disconnected"
(Interesting item: W10 computer has two more wireless LAN adapter local area connections)This is great (and a bit unexpected). Netgear routers use 192.168.1.x addresses out-of-the-box. Yours is using 10.0.0.x (just like mine is).
So if you are untethered on the PCs, you should be able to run CMD and enter ping 10.0.0.2 on the W7 PC, and you should get responses from the W10 PC. You should also be able to ping 10.0.0.4 on the W10 PC and get responses from the W7
And the way to reach your router is to enter http://10.0.0.1 in your browser's address bar. Again, you need to be untethered for this to work.
If you don't know the router's admin password, you might need to do a factory reset on the router. That will reset the router's password to password. It will also switch you back to 192.168.1.x addresses. But let's cross that bridge when we get there.
All the rest were "Media disconnected"That is usual. For instance, you don't have ethernet connected, but you have an ethernet port. You likely also see several adapters that start with "tunnel". those aren't real devices, they are virtual. All that clutter does make ipconfig a bit messy to look through.
(Interesting item: W10 computer has two more wireless LAN adapter local area connections)That is interesting and we should look into it after we get through the basic connectivity and get you into your router setup.
I realize this is slow-going but you are getting very close.
- I just wrote a comprehensive post to send here after logging into the router. I turned on wifi on my S4 to find the numbers the router assigned and forgot to shut off wifi. Lost the entire post.
AH... I'll learn, wifi and tether DON'T work together.
Would be cool if they did.
I did learn a lot going through the settings pages on the router. I probably will have questions later as I use this setup. - I do wonder, I blocked "intruder" users but should I change the admin and password as there's no WAN connection?
- Interesting confusing W10 network error box.
It says there is another computer with the same IP address. Contact system admin. Details in Windows system event log. Looking there now... If I can find it. - Hmmm,
W10 Cortana won't let me open CMD. Did yesterday.OK, got W10 command prompt to work. Now I forget why I wanted to use it.
FredReed wrote:
OK, got W10 command prompt to work. Now I forget why I wanted to use it.
To check the IP address and try pinging the W7 system??? Not sure, as I'm not 100% sure where you are at right now.
The main thing is that you were able to get into the settings pages for the router. That's great. BTW you can also see the attached devices from the router, so that will simplify the CMD and ipconfig stuff. We shouldn't need it much now, if at all.
FredReed wrote:
I blocked "intruder" users but should I change the admin and password as there's no WAN connection?
I'm not completely sure I understand what you blocked.
No one can get into your router from the internet, since there is no internet connection. If someone were to connect to your wifi network (guessing the wifi passphrase), they could access the router itself if they also guess the admin password. The risk in your case is pretty low, there's not that much they could do from the router. The bigger risk is that they'd get into one of your windows PCs.
So getting the WiFi security right is more important than the admin password in your case. The default WPA2-PSK (AES) security is what you want. The built-in network passphrase should be pretty good, I suggest you use it (or something similarly structured). The network name is up to you, but you probably shouldn't use a network name that lets people identify you. Again, the default on the label is fine.
That said, you shouldn't use the default password. But you don't need to go too crazy over picking something. 8-10 characters, with a capital letter, a number, and punctuation symbol should be strong enough. You could write it down and tape it to the router if you have trouble remembering it. If a bad guy's in your apartment, the router password is the least of your worries.
