Using a router at college

[regre7]

I searched for this and tried the suggestions I found. Don't flame me yet.

I'm trying to set up a new router at college. I remember when I got here I had to go through some authorization procedure on my computer in order to access the internet through their wired network.

I have a Netgear WGR614v9. I tried connecting the wall port to both the WAN and LAN ports, but I cannot access the internet through it either way. When I connect it to the WAN port, the internet icon turns orange, which I believe means that it is connected but has no address. I've tried disabling the DHCP assignment, but it hasn't made a difference. I have not tried giving the router a static IP address yet, I'm not quite that network savvy.

I know I could jerry-rig it with two computers, but unfortunately my roommate and I both have laptops and we're in and out all day.

Has the university IT department defeated me?

 

[swiftaw]

Chances are that that authorization procedure you went through was to register your MAC address with you university. My guess is that they probably only allow access to registered MAC addresses.

Also, most universities do not allow routers in dorms.

 

[Benjamindaines]

Instead of taking the network connection in through the Internet port on the router, plug it into the first PC connection. It should then just join the network like a computer and provide a wireless access point. Make sure you set up some security on it so you don't put a gaping hole in your campus's security. I would also turn the broadcast down as low as you can while still having it useable to avoid getting caught.

 

[regre7]

Okay, I think I understand this now.

Out of curiosity, is there no way to spoof my computer's MAC address? I noticed a setting on my router where I could specify the MAC address it would use.

Alternatively (and less illicitly), is there any way for me to get the router to receive the AirPort signal I can share from my ethernet connection (System Preferences > Sharing > Internet Sharing)? I noticed that it has a feature where it can go into "repeater mode" or "base station mode", but it looks like you have to base the signal from a router of the same model/firmware. Are there any open source firmwares that I could put on it to give it this feature? All I really want it to be able to do is let my TiVo connect to the internet whenever it wishes (yes, I brought my TiVo to college). The other stuff is just icing. Before anyone suggests it, I do have a wireless bridge at home, but I won't be able to get it for three weeks.

Thanks.

 

[Benjamindaines]

is there any way for me to get the router to receive the AirPort signal I can share from my ethernet connection (System Preferences > Sharing > Internet Sharing)?

Not unless your router has 2 antennas; I'm willing to bet it doesn't, so no.

 

[regre7]

But if I had, say... the router I have at home (I believe a Linksys WRT54G, or whatever the standard G router is) which has two antennas, I could?

 

[MisterMe]

But if I had, say... the router I have at home (I believe a Linksys WRT54G, or whatever the standard G router is) which has two antennas, I could?

No, you Linksys has a dipole antenna

 

[gsahli]

I have a similar setup at school, and I have that router (but v6) - now at home. I was not able to get bridge mode to work. So I think that's your problem. I was able to use a different model Netgear and it works fine. I've also had success with the Linksys WRT54. I think you should swap the one at home and try it.
At my school, there's no problem having a router-access point, as long as DHCP server is Off.

 

[rogersmj]

Spoof the computer's MAC address in the router. I used to work at ResNet for a big 10 school and that's exactly what we told people to do in order to get online with their router after registering their computer. They even have a knowledge base article about it with general instructions, although it's geared to Windows users.

EDIT: And leave the router configured as NORMAL other than this. Leave DHCP on, don't assign a static IP, and don't put it in any goofy bridging mode or anything like that. At Purdue if you assigned yourself a static IP or plugged your router in wrong (like you did when you plugged the LAN port into the wall -- WTF!!!) your network connection would have been terminated as soon as ResNet detected it. We allowed routers, but didn't tolerate them interfering with the network. And make sure you enable wireless security so no one can just hop on and use your connection.

 

[regre7]

Thanks for your detailed reply mrogers, but it didn't work. I found my MAC address (System Preferences > Network > Ethernet (when connected to wall port) > Advanced > Ethernet > Ethernet ID) and had the router use it, but I still got the amber internet light (connected but with no address). I'm at a rather large school and I've heard the term ResNet thrown around (big school + Atlanta = hmm...), so I would think that your experience would be relevant.

Any further ideas?

 

[rogersmj]

That's pretty bizarre. If you put the computer's registered MAC address into the router, there's no way the network can distinguish between the two devices, so if the computer can get online when directly plugged in but the router doesn't then that points to some sort of configuration issue on your end.

Make sure the router WAN is still set to be configured via DHCP. There's two DHCP settings on the router -- one for the router getting configured by the Internet/WAN/ResNet, and one for its own DHCP server to configure client computers (your computer). They should both be on.

So with it set to be configured automatically, plug it in and check the status page and report back with what IP and other numbers it picks up.

 

[Benjamindaines]

Thanks for your detailed reply mrogers, but it didn't work. I found my MAC address (System Preferences > Network > Ethernet (when connected to wall port) > Advanced > Ethernet > Ethernet ID) and had the router use it, but I still got the amber internet light (connected but with no address). I'm at a rather large school and I've heard the term ResNet thrown around (big school + Atlanta = hmm...), so I would think that your experience would be relevant.

Any further ideas?

Have you tried my first suggestion, plugging the LAN cable into the first PC connection jack on the router? I did this with a Linksys and it simply adds itself to the network and creates an access point, no configuration necessary.

 

[rogersmj]

Have you tried my first suggestion, plugging the LAN cable into the first PC connection jack on the router? I did this with a Linksys and it simply adds itself to the network and creates an access point, no configuration necessary.

No, he shouldn't do that. If you plug the router into the wall via one of the LAN (PC) ports rather than the WAN port, that's effectively placing the campus network "behind" the router as a client. The router will try to be a DHCP server for the campus network and start handing out IP addresses to other students on the same subnet as him...which will kill their internet connection. People would occasionally do that when I worked at ResNet, and they got their connection suspended until they connected the router correctly or removed it completely.

There's only one way you can physically connect this router: Wall -> Router WAN | Router LAN -> computer. If your router is configured correctly and you've cloned the MAC you already registered, it will work.

One thing: if you've been switching out devices a lot *before* you cloned the MAC, there might be a hold on your port. At Purdue, if we saw a MAC address change a whole lot in a short time frame on a single port -- as if someone was plugging and unplugging different devices frequently -- a MAC freeze was set on that port for something like a few hours, allowing only the first MAC to work.

 

[Le Big Mac]

One thing: if you've been switching out devices a lot *before* you cloned the MAC, there might be a hold on your port. At Purdue, if we saw a MAC address change a whole lot in a short time frame on a single port -- as if someone was plugging and unplugging different devices frequently -- a MAC freeze was set on that port for something like a few hours, allowing only the first MAC to work.

I have to say if rooms have roommates, surely this problem would arise really frequently all over the college from exactly this--swapping computers. Perhaps the central router allows only certain MAC addresses and excludes known router brands, such as linksys (isn't part of the MAC keyed to the manufacturer). If so, cloning should solve that problem as well.

If this doesn't work, why not get a very simply 4-port wired switch and plug that in?

 

[gsahli]

No, he shouldn't do that. If you plug the router into the wall via one of the LAN (PC) ports rather than the WAN port, that's effectively placing the campus network "behind" the router as a client.

mrogers - I know you're trying to help, but what he recommended is what is recommended on manufacturers' support sites for many routers (not all). It sounds like you think your way is the only way that will work...

http://www.damnsmalllinux.org/f/topic-3-7-9990-0.html
http://www.clarkconnect.com/forums/showflat.php?Cat=0&Number=80730&Main=80711
http://kbserver.netgear.com/inquira...es/N101496.asp&answer_id=35066870#__highlight

 

[rogersmj]

I have to say if rooms have roommates, surely this problem would arise really frequently all over the college from exactly this--swapping computers. Perhaps the central router allows only certain MAC addresses and excludes known router brands, such as linksys (isn't part of the MAC keyed to the manufacturer). If so, cloning should solve that problem as well.

If this doesn't work, why not get a very simply 4-port wired switch and plug that in?

Most rooms have more than one PIC wired to them, so the MAC freeze wouldn't happen very often. And as for switches, others may be different but our network wouldn't allow them -- only one MAC per room port at a time.

mrogers - I know you're trying to help, but what he recommended is what is recommended on manufacturers' support sites for many routers (not all). It sounds like you think your way is the only way that will work...

http://www.damnsmalllinux.org/f/topic-3-7-9990-0.html
http://www.clarkconnect.com/forums/showflat.php?Cat=0&Number=80730&Main=80711
http://kbserver.netgear.com/inquira...es/N101496.asp&answer_id=35066870#__highlight

Well yes, that's just turning it into a bridge and that would work...but he didn't include those steps before (like the all-important deactivation of the router's DHCP server). He just told him to plug it into a LAN port, which without the proper configuration is a big no-no, so my answer stands. That bridge method requires more configuration and is of limited utility since the network is likely only going to allow one MAC at a time, meaning you won't be able to connect other machines to it.

 

[regre7]

Thank you all for your replies.

mrogers- Going along with the MAC freeze idea (initially I was switching out devices like crazy), I'll wait until tonight and try your idea again.

Otherwise, I'd be happy to have this router function as a wired switch. I'm not terribly concerned with the wireless function at this point. Could someone walk me through the steps to do this? I caught something about disabling DHCP and connecting the wall port to a LAN port on the router.

 

[billspat]

just did this an hour ago with a Linksys

there are a couple ways to do this, so at least two answers are correct. Both BenjamineDaines and MRogers are correct.

You CAN get it to work if you connect the routers to the wall via a PC port, not the "internet" port. But you MUST turn off the DHCP for this to work. That essentially turns the router into an Access Point. Do this before you connect it to the wall, otherwise the U might disconnect your room as you'll be running a rogue DHCP server since you'll be doling out IP address to the rest of the building, just as MRogers says. This works with Linksys and Apple routers but I've not had much luck with Netgear routers with this - many simply can't turn that feature off.

The idea is you'll use your router as a dumb switch /access point and rely on the the campus DHCP servers. Works great for wired connections and for wireless if the router will pass DHCP traffic through it's switch. I connect to my router's wireless but the campus DHCP server responds to my request since the router passes that through.

You don't need to spoof your mac or what ever to get a legal DHCP IP address for the router. On our campus assigns crippled IPs for unregistered DHCP devices, but since the router is just a switch, that's all it needs.

but step one is you must be able to turn off the DHCP

* reset the router to factory
* set your machine to use DHCP
* connect to the router using a wire for more assured connection
* don't connect the router to the wall
* connect your machine to it and get a new IP address from it
* in the web interface (192.168.1.1 or whatever) turn off the dhcp server
[ On linksys routers this is on the first page - set the DHCP server to "disabled". For an Airport Extreme (2007 +), in the "Internet" section, set the "connection sharing" to "bridge mode" ]
* don't renew your IP address - you won't get one from the router any more
* set the wireless security and admin password etc
* dont' spoof the MAC address - use the routers default MAC.

Note that turning off the DHCP server for the router doesn't mean use a static IP for the device. you can use still a dhcp ip (e.g. factory settings).

if there is no way to turn off the DHCP server, then this method won't work - Netgear users - can you tell him where to look?

Now when you connect the router to the wall via a PC port, you can renew your DHCP stuff and you should get campus settings. If you don't, the router is not suitable for campus use

The problem is that you can no longer connect to the admin interface since the dhcp address assigned to your comuter by the U is on a different subnet than the router address. I don't have good advice for that (for now), other than disconnecting from the wall and trying static IPs in the routers default subnet (e.g 192.168.x.101). I've had luck assigning static IPs to my routers and access points (IPs that I get assigned to them) . I'm lucky in that I"m and IP admin for my building. Note that this isn't problem for Apple Wireless as they use the Airport utility to auto discover base stations. There may be a utility you can use to discover and connect to the router - but disconnect from the wall first.

All this said, this is not what your campus wants you to do - it's risky and they are constantly hunting down rogue DHCP servers. If you just want to use it as a wired switch, then do your campus a favor, get $25 together from your roommates and get a switch!

http://tinyurl.com/4fnnog

Hope that helps.

 

[msprouls]

Maybe I am missing something here; a lot of info for what seems to be a common issue.

If your campus requires you to register a MAC address.

1. Connect your PC to the wall jack and register your MAC and make sure you have connectivity to the network.

2. Remove your PC's ethernet cable from the wall jack.

3. The Router should not be connected to anything at this point.

4. Power up the router give it a little time to boot. Now plug your PC's ethernet cable into one of the LAN ports of the router. You should get an IP via the routers internal DHCP server.

5. Open your web browser and connect to your router. Most likely 192.168.1.1 or 192.168.0.1 check your routers documentation to verify.

6. Depending on your router you need to set your routers WAN port to use the MAC address that you registered. Some routers have a clone button but some I have used required them to be manually entered.

7. Once your WAN port on the router is setup to use the registered MAC you can plug it into the wall jack and get an IP from the Campus network.

This will allow you to still get some protection via NAT and any firewall services that your router may support.

 

[VoR]

Accidentally read this post and just wanted to help by saying that you should do exactly what this guy just said.
Resetting the router back to factory settings before you start would be a good idea too

 

[msprouls]

Accidentally read this post and just wanted to help by saying that you should do exactly what this guy just said.
Resetting the router back to factory settings before you start would be a good idea too

Good point, after all the attempts at getting it to work no telling what might have been changed.

Thanks

 

[billspat]

listen to msprouls

the last method will also work, and probably better, and more clearly described than mine! My setup works for me since I need to support static IP addresses, servers, etc, but it really requires a static IP for the router. Students are not given static IP addresses

also, in case it's not clear, be sure to plug in the "internet /WAN" port to the wall jack in this case, NOT a PC port (which is what MRogers was warning about).

Some notes with the method above
- search google for finding your Mac address, but you could do start | run | cmd | ipconfig / all and search for the wireless or wired ethernet
- which ever MAC you use, make sure you've registered with the U first (you have to register both the wired and the wireless)
- all traffic coming in and out of your room will be attributed to you. Years ago, I have been served with an email from the U saying that some user in my building has downloaded movies and this is the IP address and who it's registered to. Go find them and delete the movies etc. Or I've been contacted about virus behavior, or suspicious packets, rogue DHCP servers, totally hacked systems etc.
- for this reason, most U's frown on using home routers in the dorms
- I also agree that you'll get better protection from the router with this method
- I still maintain that if you are just using wired connections, just get a switch (and keep your system patched!). Makes for happier network admins

good luck!

 

[regre7]

I think I'm going to go with the wired switch (does it make a difference whether i get a switch or hub? i seem to remember a difference from my LAN gaming days...). I wanted to initially, but it pisses me off that I wasted that cash on a wireless router. Oh well.

Thank you all so much for your effort!

 

[VoR]

Your router has a switch built in that you can use.

If you followed the advice you should take the router back, it's not working.

 

[msprouls]

I think I'm going to go with the wired switch (does it make a difference whether i get a switch or hub? i seem to remember a difference from my LAN gaming days...). I wanted to initially, but it pisses me off that I wasted that cash on a wireless router. Oh well.

Thank you all so much for your effort!

I think you are going in the wrong direction.

When you connect to an "Open" network like the Internet you are basically looking for your firewall to provide a layer of security that will either prevent or slow down someone from gaining access to your intranet. I know OS X has a firewall built into the OS but again look at this as another layer instead of that is all I need.

If you go with connecting a switch/hub to the provided network connection of the campus you are directly connecting to the campus intranet that although may be a safer environment than the internet (I would argue not) you are still exposing yourself to that campus environment .

Using the router you have already purchased you are gaining a couple of layers of protection. Network Address Translation (NAT) provides you some protection by allowing multiple internal private addresses to access the outside network using the single address provided by the campus DHCP server, by default it will not let anything come back unless a previous session has been established. If your router supports it (Most modern router/firewalls do) Statefull Packet Inspection (SPI) will give you another layer of protection by looking deeper into the packet to insure that return packets match the entries in the state table to make sure that they match the original outgoing session.

For the Geeks in the crowd I know I used some loose terms but I just wanted the original poster to understand that taking the time to setup the router will give a much more secure connection to the network.

As to the question of the difference between a switch and hub check out this link. http://www.duxcw.com/faq/network/hubsw.htm

Best Regards,
Mustard