What's new

I’ve Got a New Router—Hurrah! Oh Crap! (1 Viewer)

BobO'Link

Senior HTF Member
Joined
May 3, 2008
Messages
11,707
Location
Mid-South
Real Name
Howie
If you need to force connection to a specific band you have to have a unique SSID for each. I keep separate SSIDs to force connection to the band I want. If I'm on 5G and start having distance issues I'll manually switch to the 2.4G band. I have a couple of locations in my house that are a bit flaky for 5G but I don't want an automatic switch to 2.4G. I've also seen some lesser radios not switch well and get stuck on 2.4G even if they support 5G. That's really not too common these days so really shouldn't be much of an issue but it can happen.

For most people a single SSID is best as it reduces confusion.

*Do* enable Guest SSID (if available) with its own password to keep visitors off your main network. If you don't manage their device(s) and don't know how well they guard against virus/malware you don't want their devices to see yours.
 

BobO'Link

Senior HTF Member
Joined
May 3, 2008
Messages
11,707
Location
Mid-South
Real Name
Howie
I should really mention I have three boxes: a modem, a router, and an OOMA box for VOIP. They all seem to play nice together.

I like having different names available for the different bands. What's even stranger is the WIFI support for Win 10. It displays all of the received channels in the neighborhood, which helps when you want to hack into a neighbor's system. :emoji_smiling_imp:
AT&T keeps trying to sell me VOIP services (I have POTS). When I tell them POTS is superior because it doesn't go out during a power failure unless you have a UPS and even then it's only good until the UPS dies they reluctantly say "Yes, that's right." I then ask if they provide a free UPS with their VOIP service. Of course not - that's on you! I finally told one of the salespeople to mark on my account that I had absolutely no interest in VOIP and to not call again with that offer. AFAIK they've not called again.

All computing devices (computers/phones/tablets/printers/etc.) will show you all SSIDs in an area if the routers are set to broadcast that information. You should really turn off SSID broadcast on your private network and possibly only enable that on your guest network. That's another reason I own my equipment - to make that type of change. You typically can't manage that stuff with the cable/phone co. owned stuff. The cable company here doesn't even allow you to set your own SSID name/password on their equipment.
 

Johnny Angell

Played With Dinosaurs Member
Senior HTF Member
Deceased Member
Joined
Dec 13, 1998
Messages
14,905
Location
Central Arkansas
Real Name
Johnny Angell
AT&T keeps trying to sell me VOIP services (I have POTS). When I tell them POTS is superior because it doesn't go out during a power failure unless you have a UPS and even then it's only good until the UPS dies they reluctantly say "Yes, that's right." I then ask if they provide a free UPS with their VOIP service. Of course not - that's on you! I finally told one of the salespeople to mark on my account that I had absolutely no interest in VOIP and to not call again with that offer. AFAIK they've not called again.

All computing devices (computers/phones/tablets/printers/etc.) will show you all SSIDs in an area if the routers are set to broadcast that information. You should really turn off SSID broadcast on your private network and possibly only enable that on your guest network. That's another reason I own my equipment - to make that type of change. You typically can't manage that stuff with the cable/phone co. owned stuff. The cable company here doesn't even allow you to set your own SSID name/password on their equipment.
If I don’t broadcast the SSID how do I see to have a device join it? Do I use the “Other SSID” and type in the name? what is the purpose of a guest network?
 

Rodney

Premium
Senior HTF Member
Joined
Jan 12, 2001
Messages
2,448
There are pros and cons on the SSID issue. Some say by disabling it they reduce the chance of someone hacking into their network (security through obscurity), others say since it is easy for someone to unmask a hidden network (and it may even raise a hackers interest since they are now wondering what you have to hide) that it isn't worth the effort. It's not going to stop someone using a wireless network analyzer from seeing the hidden SSID.
In my opinion it just gives someone a false sense of security, but it cannot hurt, so do what makes you feel good.
 

Dennis Nicholls

Senior HTF Member
Joined
Oct 5, 1998
Messages
11,429
Location
Boise, ID
Real Name
Dennis
The main advantage to POTS is the ability to use heritage analog fax machines. They won't work with VOIP. The cheap backup for power outages when using VOIP is your cheap cellphone. I bought a cheap Android 7 phone for $25.

The advantage with using an OOMA box is that you can plug it into your house phone wiring and all of your wired phones now go active on VOIP. When the phone rings I can just pick up the phone in whatever room I'm in. POTS here was over $70/month so the savings is tremendous.
 

xx Brian xx

Second Unit
Joined
Dec 18, 2017
Messages
285
Real Name
Brian
I should really mention I have three boxes: a modem, a router, and an OOMA box for VOIP. They all seem to play nice together.

I like having different names available for the different bands. What's even stranger is the WIFI support for Win 10. It displays all of the received channels in the neighborhood, which helps when you want to hack into a neighbor's system. :emoji_smiling_imp:

You can see most SSIDs unless the are set to be invisible. They still have passwords on them so I doubt very much you could "hack" into them. If they don't have passwords, then you would just be logging into their network, not hacking into it.

With today's technology on devices it is not really necessary to have separate names on the bands and only makes things convoluted. Use the same name and password for 2.4 and 5 and be done with it. Many devices can switch back and forth without you even noticing. If you have areas where the signal is weak and you have issues getting the 5Ghz, then the network is not set up right. You need to either move the router to a more central location or add access points. I don't recommend wifi extenders because they will cut the speed in half with each hop. If a house is so big that one router will not cover it you would want to either install a mesh network or add access points.

I agree with using a guest network for guests so they don't have access to the main network. When I have someone coming to visit, I create a guest network specifically for them and then wipe it when they leave. It can all be done in a minute using my phone.

Brian
 

xx Brian xx

Second Unit
Joined
Dec 18, 2017
Messages
285
Real Name
Brian
Everyone keeps trying to justify "their" setup and why they want separate names. But they are not responding to the OP's setup. A network with one name and password will be fine for the OP.
Also make sure to setup the guest network if you have visitors. Most routers will allow you you to turn it on and off as needed.

Brian
 

John Dirk

Premium
Ambassador
HW Reviewer
Senior HTF Member
Joined
May 7, 2000
Messages
6,812
Location
ATL
Real Name
JOHN
Yes, Apple routers don’t create separate names for the 2.4 and 5 bands. It’s been that way for ... 10+ years

they're managed with desktop or mobile apps.

I’m surprised this is unique. It’s obviously how it should be done from a UX perspective for normal users.

And for network nerds, the info is in there if you needed to connected explicitly to a band, I think.
View attachment 72121

So you create a name [say for the 2.4G band] and the router automatically replicates it for the 5G band? That's normal enough but not having the ability to modify one without affecting the other isn't.

Apple has always taken the approach of elegance and simplicity over flexibility so I guess this follows in that trend and you're correct, it should be suitable for probably 90% of their user base.
 
Last edited:

John Dirk

Premium
Ambassador
HW Reviewer
Senior HTF Member
Joined
May 7, 2000
Messages
6,812
Location
ATL
Real Name
JOHN
I should really mention I have three boxes: a modem, a router, and an OOMA box for VOIP. They all seem to play nice together.

I like having different names available for the different bands. What's even stranger is the WIFI support for Win 10. It displays all of the received channels in the neighborhood, which helps when you want to hack into a neighbor's system. :emoji_smiling_imp:

Most operating systems do that as the OS has no real way of knowing which SSID actually belongs to you. The problem is people are allowing their SSID's to be broadcast, which is a security risk if you don't take other precautions to secure your network.
 

John Dirk

Premium
Ambassador
HW Reviewer
Senior HTF Member
Joined
May 7, 2000
Messages
6,812
Location
ATL
Real Name
JOHN
The combo cable modem / router I have from Comcast does this, as well. I decided to rent from them instead of buying my own, as I had some bad luck owning routers for a few years. It seemed like I was replacing my router every year or so due to one issue or another. The combo unit I have sells for about $180 (I needed voice connection support), so at $10 per month to rent the payback is just not quick enough for me to own one and risk needing a replacement.

Comcast routers [and a lot of others] do this by default but you should have the ability to change it if you prefer. Most modern Comcast routers are built by Netgear.
 

John Dirk

Premium
Ambassador
HW Reviewer
Senior HTF Member
Joined
May 7, 2000
Messages
6,812
Location
ATL
Real Name
JOHN
Everyone keeps trying to justify "their" setup and why they want separate names. But they are not responding to the OP's setup. A network with one name and password will be fine for the OP.
Also make sure to setup the guest network if you have visitors. Most routers will allow you you to turn it on and off as needed.

Brian

Actually, you answered his question perfectly in post #16 but I am guilty as charged. Got carried away. :D
 

BobO'Link

Senior HTF Member
Joined
May 3, 2008
Messages
11,707
Location
Mid-South
Real Name
Howie
Yes, Apple routers don’t create separate names for the 2.4 and 5 bands. It’s been that way for ... 10+ years

they're managed with desktop or mobile apps.

I’m surprised this is unique. It’s obviously how it should be done from a UX perspective for normal users.

And for network nerds, the info is in there if you needed to connected explicitly to a band, I think.
View attachment 72121
The Airport Extreme supports different SSID names on the two bands but comes defaulted with both on the same SSID.
 

John Dirk

Premium
Ambassador
HW Reviewer
Senior HTF Member
Joined
May 7, 2000
Messages
6,812
Location
ATL
Real Name
JOHN
If I don’t broadcast the SSID how do I see to have a device join it?
@Johnny Angell - The first time you add a device you can either manually enter the network information or use a protocol called WPS [Wireless Protected Setup] which securely and automatically transfers the information from the router to the device if both support it.

As others have stated, hiding your SSID's is not really great security anyway as it is easily defeated by a determined "hacker." A much better approach is to use MAC address filtering but that is a somewhat advanced topic.
 

BobO'Link

Senior HTF Member
Joined
May 3, 2008
Messages
11,707
Location
Mid-South
Real Name
Howie
If I don’t broadcast the SSID how do I see to have a device join it? Do I use the “Other SSID” and type in the name? what is the purpose of a guest network?
Yes, you would select "Other SSID" and then type in the name of your SSID. It's can be more troublesome to connect initially but you'll only do it once and have your device remember the connection.

As John said you can also use WPS. I'm not that trusting and have that disabled on my router. Having it disabled prevents unauthorized persons from making a connection. The other possible negative is that once you press that button on your router to initiate the connection you typically have a limited amount of time to complete the process. If the device you're attempting to connect isn't in the same room, or at least close, you may not have enough time to do the connection that way.

The guest network keeps visitors off of your network and helps improve security. If they bring in an infected device it significantly reduces the chance it could stealthily impact any of yours. It keeps them off of your connected printer(s) and away from your other connected devices. Essentially it acts as a firewall between them and you. It allows you to set an "easy" password for it (different from your main wifi) that you can change regularly without effecting your main network, or disable the guest wifi if no one's at your house to use it. Turn it on when a guest arrives, turn it off when they leave. You'd normally broadcast this SSID for guest ease of use.

Here's what's configurable on mine. It allows segmentation between guests *and* my local network. I can easily enable that transparency if needed. It takes about 10 seconds for me to log into my router and change these settings.

1588520024310.png
 

DaveF

Moderator
Senior HTF Member
Joined
Mar 4, 2001
Messages
29,280
Location
Catfisch Cinema
Real Name
Dave
*Do* enable Guest SSID (if available) with its own password to keep visitors off your main network. If you don't manage their device(s) and don't know how well they guard against virus/malware you don't want their devices to see yours.
Also make sure to setup the guest network if you have visitors. Most routers will allow you you to turn it on and off as needed.

Having tried to use "guest" networks, I don't think they're worth recommending to most people as the baseline approach. It's one more step to deal with. You've got to remember to turn it on and off when guests come and go. If you're using a third party wifi router on top of your ISP's router, you've got Double NAT annoyances to fight.

Just give trusted, regular friends and family your network password. Anyone infrequent visitor is fine using their mobile data plan. Practically iPhone and Android phones and iPads are of no real risk of spreading malware to your home devices on your LAN.

The exception is if you know your friends or family are bringing laptops that are malware Petri dishes. I had a coworker who's mom and brother were like that. He said anytime they connected their laptop to the network, all the adware nd malware they'd downloaded to get free discount coupons shopping web tools and etc were running amok trying to connect to his computers. So, sure if you know this is your family, have a guest network. Or even no network at all, if they're that dangerous.


So you create a name [say for the 2.4G band] and the router automatically replicates it for the 5G band? That's normal enough but not having the ability to modify one without affecting the other isn't.

Apple has always taken the approach of elegance and simplicity over flexibility so I guess this follows in that trend and you're correct, it should be suitable for probably 90% of their user base.
From the user experience: You turn on the router, give it a network name and password, and you're done. You're not dealing with 2.4GHz expecting that to be duplicated to 5GHz. You're just setting up a wifi network and all the technical stuff is behind the scenes.

Now, Apple quick the network hardware business. I'm assuming / hoping that current, user-friendly mesh hardware like Eero and Orbi are basically the same in their implementation. But that's an upgrade I'm still pending on, so don't know for sure.
 

xx Brian xx

Second Unit
Joined
Dec 18, 2017
Messages
285
Real Name
Brian
Isn't that the whole purpose of an internet forum?

It depends. OP wanted to know about setting up a new network that seemed pretty basic. I don't see the point of talking about why I use static IPs vs dynamic IPs or why I use IP control on certain components. All it does is confuse the situation. Basic question, basic answer.

If the question was "How do you have your network setup?" then I could see going into more detail. Which actually sounds like a cool question to post with all the amazing people on this forum.

Brian
 

BobO'Link

Senior HTF Member
Joined
May 3, 2008
Messages
11,707
Location
Mid-South
Real Name
Howie
Having tried to use "guest" networks, I don't think they're worth recommending to most people as the baseline approach. It's one more step to deal with. You've got to remember to turn it on and off when guests come and go. If you're using a third party wifi router on top of your ISP's router, you've got Double NAT annoyances to fight.

Just give trusted, regular friends and family your network password. Anyone infrequent visitor is fine using their mobile data plan. Practically iPhone and Android phones and iPads are of no real risk of spreading malware to your home devices on your LAN.

The exception is if you know your friends or family are bringing laptops that are malware Petri dishes. I had a coworker who's mom and brother were like that. He said anytime they connected their laptop to the network, all the adware nd malware they'd downloaded to get free discount coupons shopping web tools and etc were running amok trying to connect to his computers. So, sure if you know this is your family, have a guest network. Or even no network at all, if they're that dangerous.



From the user experience: You turn on the router, give it a network name and password, and you're done. You're not dealing with 2.4GHz expecting that to be duplicated to 5GHz. You're just setting up a wifi network and all the technical stuff is behind the scenes.

Now, Apple quick the network hardware business. I'm assuming / hoping that current, user-friendly mesh hardware like Eero and Orbi are basically the same in their implementation. But that's an upgrade I'm still pending on, so don't know for sure.
I normally leave my guest network on - mainly because my grandkids use it with their devices and they're here almost every day. The only devices I allow on my main network are those I own or have control over. That's as much as anything so my wife only has to keep up with *one* password and not have to decide who's OK and who's not (her friends will come over and want to use our wifi because their data plan is about topped out or their connection is bad). The downside to that is she's occasionally "lost" connection with her laptop and reconnects to the guest wifi and tries to print. It won't work and I spend time debugging to discover that, for some unknown reason, she told her laptop to "forget" the main network and connected to what she has the password for.

As far as having a separate router behind an ISP's router - if you do have double-NAT issues just disable the NAT on your router and use pass through IP assignment so devices will get their IP from the ISP router instead. The biggest issue with doing that is it often disables parental and other "security/monitoring" controls as it puts your router in "AP mode". It's also just one more reason to own your own modem and router. That way you're in control.
 

DaveF

Moderator
Senior HTF Member
Joined
Mar 4, 2001
Messages
29,280
Location
Catfisch Cinema
Real Name
Dave
As far as having a separate router behind an ISP's router - if you do have double-NAT issues just disable the NAT on your router and use pass through IP assignment so devices will get their IP from the ISP router instead. The biggest issue with doing that is it often disables parental and other "security/monitoring" controls as it puts your router in "AP mode". It's also just one more reason to own your own modem and router. That way you're in control.

So yes. There was no way to have my wifi and FIOS router and use guest mode without issue.

Because I've got FIOS, I couldn't just use any old router / modem the way you can with cable modem. I eventually eliminated the FIOS router first with a borrowed MOCA bridge from a network engineer friend. Then last Summer I got the motivation to run ethernet from the ground-to-home terminal (FIOS ONT) into the house and to my "home run" to have straight ethernet to my own router.

At this point, for me, it's easier to not have guest network. It only added an extra obstacle without benefit. And to your wife's issue: I have my home wifi password thumbtacked onto the kitchen bulletin board. It's no secret to anyone invited in. And if someone breaks in to steal it, changing the wifi password is the least of my concerns. :)

But I don't have a constant stream of random people showing up to use my wifi. So, use guest network according to one's solution. But I think there's a lot of simplicity and no real risk to just giving friends and family your network password.
 

Users who are viewing this thread

Top