Setting Up Your Wireless Network Card

James F. Carter, UCLA-Mathnet, 2002-12-15

Procedures are given for setting up a new wireless network card under Windows XP, older Windows versions, and Linux. At the end is an outline of issues for setting up a wireless network at home.

At present, the UCLA-MATHNET wireless network uses the 802.11b protocol in the 2.4 GHz ISM band. It covers the Applied Math suite around MSA 7619 and 7620, the Grad Lounge (MSA 6624, 6627 and adjacent areas), and the area around the Bugs Office (MS 6221). It may be used by all Math Department persons within range. The needed encryption key can be obtained at the Bugs Office.

You will need these items before you begin setting up:

The descriptions are written under the assumption that you will be doing the whole setup procedure in one sitting, within range of a working access point. In reality you likely will do it in phases, e.g. install the card and drivers at home, then bring the computer to work where the access points are.

Microsoft Windows XP

This is a generic description of the procedure typically used with hardware on Windows when using it for the first time. Read your vendor's instructions for idiosyncratic details. In particular, some vendors want you to install the driver and utilities first using their installer, before inserting the network card, so the New Hardware Wizard does not get to the driver first.

Microsoft Windows (Earlier Versions)

Network configuration is done using the vendor-provided configuration utility. Read the instructions that come with it. The issues are generally the same as with Windows XP, though the user interface will be different. You may or may not be asked about these items, depending on how smart the vendor's program is in inferring them from data provided by the access point:

ESSID
The name of the network: UCLA-MATHNET, upper case.
WEP Key
Same as for Windows XP. Some programs may not accept an ASCII string; you will also be given the hex translation to use in that case. You may be offered a choice Key is provided automatically; no, it isn't.
Mode
The choices are Managed (with access points) and Ad-Hoc (directly between client computers). Mathnet uses Managed mode.
Other
Other parameters, such as the MTU, fragmentation threshold and power-saving mode, may safely be left at their defaults.

Generally on subsequent uses it will automatically connect to the configured net. If you regularly move from one net to another, e.g. home versus work, the convenience of switching varies between vendors.

SuSE Linux 8.1

For smoothness of setup, Linux has a way to go before matching Windows XP. You should verify that these software packages are installed and functioning (you may have declined to install some of them when you initially installed Linux). The filenames shown below are appropriate for SuSE 8.1, but other distros should be the same or at least similar.

This description is oriented toward laptop machines. On a desktop machine with a wireless card, skip the steps involving PCMCIA. The descriptions are for SuSE Linux, and its setup program yast2 is described. Other distros should have analogous setup tools.

Wireless Driver
The author prefers orinoco_cs, which can handle Agere ORiNOCO cards and their clones, Intersil-based cards (Linksys, DLink, Netgear, etc.) and Symbol firmware (mainly on handheld devices). It is distributed with the standard Linux kernel. wlan-ng is the official driver for Intersil firmware, funded by Intersil. wvlan_cs is generally considered to be obsolete. host-ap is intended to turn a Linux box into a real access point, but I have seen favorable comments about it, used as a general purpose wireless driver. You can look for which drivers come with your distro in /lib/modules/$vers/kernel/drivers/net and /lib/modules/$vers/kernel/drivers/net/wireless, where $vers is the operating system version as reported by uname -r. If you want to download and compile the latest version of the orinoco driver, use this URL.

On a desktop system with a real PCI card, use the orinoco driver (not cs). If it has a PCI to PCMCIA adapter based on the PLX 9052 chip, use orinoco_plx. (The Linksys, D-Link and Netgear adapters use this chip.) If you have a USB wireless NIC... At present, there isn't any driver for wireless USB NICs. Sorry.

Wireless Tools
Do rpm -q wireless-tools or look for /usr/sbin/iwconfig. If you didn't install it, do that now. In SuSE Linux, start yast2, and under Software click on Install or Remove Software. Use the Search filter and look for wireless-tools (lower case, with a hyphen). Click the checkbox indicating that you want it, and hit Accept. It will ask for your installation media, and install the program.
PCMCIA Subsystem (not for desktop machines)
Do rpm -q pcmcia to verify that it is installed, or look for /sbin/cardmgr, the daemon responsible for loading drivers for PCMCIA cards. Make sure that cardmgr is properly started at boot time (use ps and look for the daemon by name). If your other PCMCIA cards are working, your PCMCIA subsystem is in good shape.
PCMCIA Configuration (not for desktop machines)
Verify that one of the files /etc/pcmcia/*.conf includes a correct driver assignment for your wireless card. The most complete list is in hermes.conf that comes with the orinoco driver set (see above for URL). To determine the name and manfid of your card, insert it and do cardctl ident. If you lack configuration information, it's recommended that you install hermes.conf, or else create your own file, e.g. mywlan.conf (must end in .conf). The following content is appropriate for many Agere ORiNOCO type cards; substitute the manfid of your actual card and the name and module set of the driver you intend to use.
device "orinoco_cs"
  class "network"
  module "hermes", "orinoco", "orinoco_cs"

card "Orinoco or Intersil Prism 2 Wireless"
  manfid 0x0156,0x0002
  bind "orinoco_cs"
You need to reload (HUP) cardmgr for this to be recognized: /etc/init.d/pcmcia reload.

Now that your infrastructure is ready to go, use the configuration module in yast2 to set network parameters.

Other distros, and older versions of SuSE Linux, store wireless configuration information differently, in /etc/pcmcia/wireless.opts. Also, aphunter looks for wireless keys there. If your distro does not have a wireless setup feature, you will need to edit wireless.opts. Here is a sample stanza, which would go with a cardctl scheme called "MATHNET". (Substitute the name of your preferred scheme; to determine what the current scheme is, do cardctl scheme.)

MATHNET,*,*,*)
    INFO="My card on UCLA Mathematics Wireless Net"
    ESSID="UCLA-MATHNET"
    MODE="Managed"
    KEY="s:ascii-letters"
    ;;

The key can also be given in hex, with or without hyphens. Other parameters can be set; see the file and its documentation for possibilities. If you set the MAC address in the key, e.g. MATHNET,*,*,00:02:2D:*), you can use different parameters for different wireless cards.

On a non-SuSE desktop system lacking its own wireless configuration tool, you should edit /etc/modules.conf similar to this example. The example refers to eth2; substitute the interface name actually used by your card. Specify orinoco_plx if you have a PCI-PCMCIA adapter. Since the WEP key is in the file, its mode should be 600 (read-write only by root).

alias eth2 orinoco
post-install orinoco iwconfig eth2 mode Managed essid UCLA-MATHNET \
    key 's:ascii-letters'

Do depmod -a after modifying /etc/modules.conf. While the new card can be activated without a reboot, it's easier to describe by just saying do like you would in Windows.

Network Infrastructure on Your Own Net

If your laptop has a wireless card, it also needs another computer to talk to. At work your I.T. department will provide the partner. At home you have several possibilities for partners. Because of the variety of solutions here, this discussion is only an outline, so when you choose hardware and follow the vendor's setup instructions, you will have some idea of the issues.

Ad-Hoc Mode
Your card talks directly to the other wireless computer(s) on your net. This is the simplest solution. However, I can say from experience that firmware bugs can render Ad-Hoc mode unuseable: when Intersil firmware (v1.03, in a Linksys WPC11 v2.5) talks to Lucent-Agere firmware (v6.16, in a Dell TrueMobile 1150 mini-PCI), it fails to send 802.11b ACK packets. Communication is possible, but very slowly and with showers of rejected packets. There are two Ad-Hoc modes: IBSS and Ad-Hoc Demo. They do not interoperate; IBSS is better if there's a choice. On a desktop machine the antenna of the wireless card is buried in a tangle of cables and all too often is backed up in a corner among metal furniture, reducing the signal strength.
Linux Host Access Point
There is a driver called host-ap which allows a Linux machine to act as a real access point. I have heard good comments about this driver, but have never used it myself. A desktop machine with host-ap has the same signal strength issues as with Ad-Hoc mode.
Purchased Access Point
At present, the price of a wireless access point is about the same as for a general purpose wireless adapter. Firmware testing is most aggressively done in Managed mode, and you can expect any wireless card to work with any access point. My personal experience is with the Agere AP-200; both of the cards mentioned above work fine with it. A big advantage of the access point is that you can put it on a high shelf for unobstructed transmission to your laptop. Some residential gateway products include a wireless access point.
When setting up your network, you need to choose three key items:
ESSID (Network Name)
It can be up to 31 bytes, case sensitive. Blanks are legal but inconvenient on Linux. Some people recommend that you use a ESSID that does not reveal your identity; some people say it doesn't matter.
WEP (Encryption) Key
This is a string of 104 unpredictable bits. (Older silver class cards can only do 40 bit WEP.) Use a random password generator to create it; ipsec ranbits 104 is good if you have that installed. It can be expressed as 26 hex digits, or as an ASCII string of 13 bytes (avoiding control characters). If your users may have trouble with the hex, you might prudently prefer the string despite the loss of entropy, since WEP has known exploits against it and should not be relied on for serious security protection.
Channel
In the USA, channels from 01 to 11 are allowed for wireless networking. The channel spacing was designed for 802.11 (not b) at 1 MHz. For best use of the spectrum and sharing with neighbors, 802.11b networks should use channels 01, 06 or 11. Check what your neighbors are using, by using an access point finder like aphunter, and use an unoccupied channel among these three, or the one with the lowest signal strength. If you have several access points (e.g. at work), adjacent ones should be on different channels. Note: You set the channel on the access point, not on the client machine. In Ad-Hoc mode you should set it on all partners.

Your wireless net needs four basic services. These may be provided by a Linux or Windows computer, or by a residential gateway. Some residential gateway models include an access point. While typically a single server machine provides all the services, you could also distribute them.

DHCP (IP Addresses)
The DHCP server assigns IP addresses to temporary members of your net, like wireless clients. Typically these addresses are in the citizens' band ranges of 192.168.x.x or 10.x.x.x. The DHCP server also needs to tell the clients which machine handles routing and DNS.
Routing and NAT
Most likely you will want to use your laptop to communicate with the global internet, so some partner machine needs to have the actual external connection, forward your packets, and translate between the internal IP addresses and the address(es) issued to you by your ISP. In Windows, this is called Internet Connection Sharing.
DNS
The Domain Name Service translates between alphabetic hostnames and numeric IP addresses. Typically you use the DNS provided by your ISP; you can also have a forwarding nameserver or DNS proxy on your router machine.
Firewall
Each machine on the wireless net should have a firewall configured, to keep out bad guys who sneak in wirelessly. There are known exploits against WEP, and it keeps out casual snoopers but cannot withstand a serious attack. As with any computer on the global Internet, the router machine should have a firewall to keep out the forces of evil, and particularly, to keep them off the internal network. In general, for a home or office user, outsiders should not be allowed to originate connections to your machines, though some UDP traffic like DNS has to be let through. Read the instructions that come with your firewall product and learn to use it effectively.