Installing a BEFW11S4 Router Box
by Bob Willard (with a little help from my friends)
Last updated: 24 Oct 2002
I connect my home PCs to the I-net using AT&T Broadband Interconnect (ATTBI),
formerly known as Mediaone RoadRunner. In 2001, when we signed up for the S.School
laptop program, I upgraded my connection from software routing (using Microsoft's
Internet Connection Sharing under Win9x) to hardware routing using a Linksys
BEFW11S4, since that router delivers both wireless and wired PC connectivity. Since
others may also choose to upgrade from a direct (PC-to-cable) connection to a routed
(PC-to-router and then router-to-cable) connection, here are some notes on what I
encountered.
Summary:
Before: PC-NICCableModem
After: PC-NICRouterCableModem
The network gets one more signal cable (the extra thingie), and the router
box also has a powerpack. {Editorial note: wireless is wonderful, but even
wireless things need power and, unfortunately, power wires.}
Notes:
1. I bought my BEFW11S4 in the summer of 2001 at CompUSA in Salem, NH, for
$199.99 after rebate. Update: as of 19 Oct 2002, CompUSA and BestBuy offered the
BEFW11S4 for $99.99. And, there are online vendors offering the same router for
about the same price; note that CompUSA has a decent return policy (15% restocking
fee within 14 days) and BestBuy has an even better policy (0% within 30 days), while
some online vendors can be difficult.
Update: there are two different versions of the BEFW11S4, v1 and v2. Any
BEFW11S4 that you buy today will probably be a v2 router, which should have
slightly better range, because it transmits a stronger radio signal. The tag on the
bottom of the router says BEFW11S4 v2 if it is, or simply BEFW11S4 if it is a v1 unit.
You need to know which you have when you download new firmware.
Linksys is not the only vendor of wireless routers. For one multi-vendor comparison,
see http://computers.cnet.com/hardware/0-7052-8-8715190-1.html
2. AT&T does have a little help for home networking at http://help.broadband.att.com/,
including some notes on how to setup a Linksys router. But the AT&T website does
still try to sell you the „AT&T Broadband Home Networking Solution‟ for $9.95 a
month, which is not needed if you have a (hardware or software) router -- don‟t buy
it!
3. If you have firewall software, it may be easier to temporarily turn it off while you are
inserting the router box into your network. (I run ZoneAlarm, I had some problems,
and I did turn it off; but it is not clear in hindsight that ZoneAlarm was a cause of any
of my problems.) If you use WinXP on any PCs on your home LAN, XP‟s firewall
(ICF) is turned on by default; I recommend turning it off permanently, since ICF
inhibits file and printer sharing, and since the BEFW11S4 is at least as good as ICF as
an inbound firewall. I use and recommend ZoneAlarm as an outbound firewall, in
addition to using BEFW11S4 as an inbound firewall.
4. I suggest that you backup your PC before making any hardware change, such as
adding a router box. (I did not, and I got away with it, but I generally advise backup
as a precaution.)
5. It should not be necessary to change any Windows network software to merely insert
a router box. But, if other changes are being concurrently made, then it may be
necessary to have your Windows CD at hand. Also, I suggest gathering all the
information about your existing network setup before changing it, to be prepared if
anything goes wrong. With Win9x/WinME, WINIPCFG.EXE gets most of the info
(you need to click on the MoreInfo button); with WinXP, run CMD.EXE and then
type IPCONFIG/ALL to get the same info.
6. On 8 July 2002, ATTBI updated their servers to automatically adapt to changes in the
MAC address of the device connected to a cable modem. This means that you should
be able to insert a router box between your PC‟s NIC and the cable modem without
informing ATTBI (I‟ve not tried it myself). Before this, it was necessary to call
AT&T with the old (NIC) MAC address and the new (router WAN) MAC address, so
they could update their database (or alternatively, you could have used the MAC
aliasing capability of the BEFW11S4).
7. After physically inserting and powering up the BEFW11S4, it must be configured.
Bring up a browser (e.g., IE), but don't expect it to be able to contact your normal
home page yet; enter http://192.168.1.1/ as the location -- this should access the
router box (it is a network node), and it should display a UserName/Password box.
The initial UserName is , and the initial Password is admin. For ATTBI users,
the Setup page is simple: just ensure that the WAN IP address is marked to Obtain
Address Automatically, and leave all other fields alone (Host Name and Domain
Name should be blank). Also, for ATTBI users, check that on the DHCP page, the
DHCP Server is Enabled.
8. You're done, for now. Time to reboot your PC, and see if your browser can really
find your home page, etc. It seems that, if you are successful, everything will work; if
you are not, nothing beyond the router box will be visible.
9. When the new network is working, change the password for the router box.
Remember that the router box is visible to the whole wired world, and that all
BEFW11S4s ship with the same UserName and Password, so any net-literate kiddy
can break your I-net connection unless you fix the password. These passwords are
case-sensitive, so BadGrammar ain't really badgrammar. UserName is ignored, and
can remain blank; this does make the Password even more important.
10. The firmware version of your BEFW11S4 is reported on the Setup page (the first
page shown when you log into the router), and you may need to upgrade that
firmware. As of 16 May 2002, the current firmware is 1.42.7 for both versions of the
BEFW11S4; I use that current firmware, which seems stable, as it has some useful
added features. Some prior firmware releases, including the common 1.39b, had
reported problems. To upgrade to the current firmware, point your browser to
http://www.linksys.com/download/firmware.asp, select either the BEFW11S4 or the
BEFW11S4 Version 2, and follow the directions – this will download a .ZIP file onto
your PC, which you can unzip to upgrade the firmware in your router. {To guard
against bad versions of or bad downloads of firmware, I save old versions.} If you
use AOL, read note 15 in this document.
11. Log into your router box, and go to the Setup page. Under the Wireless LAN section,
click on Enable and set SSID to APS1, the new SSID for all Andover Public School
classrooms. {The SSID is case-sensitive, so aps1 will not work}. The Channel
number does not matter for most homes; I left mine set to 6 (the default and the
middle of the frequency band). Wireless uses a radio link, and you may find radio
interference with cell phones or (possibly) microwave ovens; changing the router‟s
channel from 6 to either 1 or 11 might reduce the interference. If you change the
router‟s Channel, the laptop should adjust to it automatically; you need not match
S.School‟s choice of channel.
To my enormous surprise, the laptop worked out of the box – finding the wireless
LAN and connecting to the Internet – all on Out-Of-Box night! If yours does not
work, look carefully at the back and sides of the laptop: somewhere, there may be a
small, unlabeled switch, which must be ON to use the wireless LAN (if you read the
manual, this is called the Wi-Fi switch).
12. Wireless security is not good, but there are several low-level things you can do to
make it slightly better:
Wireless Equivalency Protocol (WEP) is not currently used in S.School, so the
laptop cannot use WEP in school. It is simplest to just keep WEP disabled at
home: disable WEP on the Setup page of the router, and leave the laptop‟s
settings the same for home and school.
If you wish to protect the wireless transmissions between the laptop and your
router from eavesdroppers, it is simple to enable WEP on the router. For the
laptop, since you need different network profiles for home (with WEP) and for
school (no WEP), you will want some software that is not built into Windows. A
program named Netswitcher is highly recommended by many users – it costs
about 15$ per laptop; see www.netswitcher.com
To make it slightly more difficult for unwanted nodes to access your wireless
network, you may disable broadcast SSIDs: in the Wireless section of the Setup
page of the router, click the No button for Allow “Broadcast” SSID.
To make it more difficult for unwanted nodes to access your wireless network, set
the number of DHCP Users, on the DHCP page of the router, to a small value.
(The default is 50). If your network is stable, set this value to the total number of
(wired and wireless) network nodes to which you expect the router to assign IP
addresses. (E.g., my home network has 4 PCs wired to the 4 downlink ports of the
router, plus one wireless laptop, so I set DHCP Users to 5). You can also change
the Starting IP Address to something other than the default (100) – particularly
useful if your home LAN has nodes using static IP; but beware that some users
have reported problems using FTP if this Starting IP Address is set to anything
less than 100.
To make it even more difficult for unwanted nodes to access your wireless
network, click on the Advanced Tab, then click on the Wireless Tab, then Edit the
MAC Filter Setting. When the MAC table appears, enter the specific MAC
address of the wireless laptop to which you want to allow access, but then do not
check the Filter box; then Apply and Continue. Then Enable the Active MAC
Table, then Apply and Continue. (MAC filtering for wireless nodes was not in
early firmware releases for the BEFW11S4, but is in 1.42.7 and, presumably, all
later versions.)
Finally, if you really need secure transmission over wireless links, you need to use
high-level end-to-end secure protocols. Secure wireless transmission is a good idea if
your 4th-grade child has a contract with the NSA, but it seems like overkill for
downloading catalogs from www.barbie.com.
13. Wireless range is not great with WiFi in the home, and you may need to experiment if
your home is large or has a non-wood structure. My house has only one Wireless
Access Point (AP), the one built into the BEFW11S4 router. My router is on the main
floor at one end of the house, and the laptop works well indoors (no packets lost at 11
Mb/s) up to about 20-25 yards from the AP. Outdoors, I get at least that range in any
direction, and roughly double that range where the laptop is most favorably arranged
w.r.t. the router‟s antennas. Houses vary, so your yardage may vary.
Moving the antennas on the BEFW11S4 does make a minor difference in usable
range, but not enough to care about. In my house, there was a clear difference in one-
way (AP-to-laptop) SNR (Signal-to-Noise Ratio) with the antennas horizontal instead
of vertical (horizontal was best with my Toshiba Saturn 1800 laptop), but very little
difference in the other direction.
14. Wireless datarates are less than you might expect. An efficient 11 Mbit/s link should
sustain over 1.3 Mbyte/s, but WiFi is not very efficient. The best WiFi links reported
deliver roughly 600-700 Kbytes/s. The best I‟ve seen, using drag‟n‟drop from
network-mapped drives (between a wireless laptop and a wired desktop, both under
Windows), is about 300-400 Kbytes/s.
If you enable WEP on the router and the laptop, your datarate will go down even
more; I don‟t currently use WEP, but I‟ve seen user comments that WEP will reduce
transfer rates by roughly 50% with this router.
15. In Sep 2002, Linksys released new firmware for the BEFW11S4 v2 (not v1!) router.
This new firmware, v1.43, supports customers using AOL Cable, AOL DSL, and
BYOA cable/DSL. This allows AOL customers to configure the router to support
Parental controls. {I don‟t use AOL, but this sounds pretty useful for those who do.}
16. Most home networks can be created with only the TCP/IP protocol, but some nets
need either IPX/SPX or NetBEUI. IPX/SPX is available with either Win2K (the
current OS for APSS laptops) or WinXP (the OS used on the current Toshiba
Recovery CD). NetBEUI is available with Win2K, but not with WinXP. So, if you
need NetBEUI with laptops purchased in 2002, but you are not using the S.School
environment, you will need to download the protocol from Toshiba‟s “WinSupp”
forum; or borrow a real (OEM or retail) WinXP CD from a friend and copy the files
from the \Valueadd\MSFT\Net\NetBEUI\ folder.
17. Some users with WinXP have reported problems with very high CPU usage while
casually using the I-net via a BEFW11S4. The solution to one cause of this problem
has been to disable the UPnP feature of the router: log into the router, then click on
the Password tab, where Linksys has cleverly hidden the UPnP switch, and click on
the Disable button.
18. If you buy a Linksys router, you are entitled to technical support from Linksys, and
they offer access by e-mail and by phone. Some users have gotten help, but others
have been very unhappy with the quality of the answers. The Linksys website (at
http://www.linksys.com/support/support.asp) does have several documents related to
the BEFW11S4, including a troubleshooting guide and a copy of the User Guide.
Linksys, like many vendors, does not always update the User Guide when they update
the product, so features of recent firmware may not be covered.
There is a very active, but unmoderated, discussion group for all Linksys products at:
http://www.dslreports.com/forum/equip,16 -- and some of the tech.support folks
from Linksys sometimes monitor that forum.
19. The Service Set ID is an access control filter mechanism for WiFi. If you need to
change the SSID (say from south4 to APS1), you must change the string at both ends:
in the router and in the laptop. To change the SSID in the router, log into your router
box; on the Setup page, under the Wireless LAN section, click on Enable and set the
SSID to APS1, then click on Apply, then click on Continue.
To change the SSID in the laptop, click on Start, then on Programs, then on Toshiba
Wireless Solution, then on Client Manager to bring up a new window. In the new
window, click on Actions, then on Add/Edit Configuration Profile to bring up another
window. In this new window, click on Edit Profile and type the new SSID string in
the box labeled Network Name; then click on the OK buttons to close those windows.
With the Client Manager window in view on the laptop, there is a bar chart showing
the Signal Strength being received by the laptop‟s WiFi radio receiver. If you change
the SSID in either the laptop or the router to a mismatch, the Signal Strength display
will change from Green to Red; make the SSIDs match to restore that good Green
(like the Boston Celtics) feeling.
Special to Andover school system parents participating in the laptop pilot program -- if
you have a question about using your laptop in a home network, send e-mail to me at:
BobwBSGS@attbi.com