Novell Home

Going Wireless in SUSE Linux 10.0

Novell Cool Solutions: Feature
By Scott M. Morris

Digg This - Slashdot This

Posted: 19 Mar 2006
 

Applies to:

  • SUSE Linux 10.0

Introduction

Quite an interest been expressed about working wirelessly on Linux. People want to be mobile. They like using their laptops on the couch while watching the latest CSI episode. Several readers have requested more information on knowing which wireless NICs to buy for their laptops and how to get them working. So, what I'd like to do is take a look at these issues from several angles. I'll describe my own hardware, some sound methodology for selecting a NIC card, how the installation of the card went, and how to implement security. Let's jump right in and take a look at the hardware.

What I Started With

I will be working with a laptop, specs as follows:

Compaq Armada m700
  • Intel Pentium III (Coppermine) 996 Mhz
  • 575 Mb RAM
  • ATI Rage Mobility P/M AGP 2x
  • 18G Hitachi HDD
  • SUSE 10.0 Eval

Full 'hwinfo' output here.

Initial Research

I had heard that wireless networking was still somewhat of a handful to do on Linux. Because of this, my first course of action was large amounts of research. Were there any wireless NICs that other people had gotten to work on SUSE without any problems? It's nice when one can just plug the card in, have YAST automatically configure it, and just work with minimal headache. Finding such a card was my goal. I wanted to provide this information for anyone interested in setting up Wireless networking in SUSE who hadn't yet purchased hardware.

After some digging, I was able to find three excellent resources, as follows:

Another excellent resource that a reader brought to my attention is Jean Tourrilhes' Wireless LAN resources for Linux page. If you would like to do some deeper research on setting up wireless in Linux, this is an excellent page that I recommend checking into.

It was very helpful to find these resources, as I could use them to cross-reference one another. I carefully compared the information available on each of these resources. I also contacted the developers in Germany about which card to get. They were gracious enough to let me know that the Atheros based cards were the recommended ones.

Eventually, I saw that the Netgear WG511T was an Atheros based card, and had a great review from a SUSE user on amazon.com. I then sought a router that would work seamlessly with that NIC. From the page on amazon.com, I saw a recommendation for the Netgear WGT624 108 Mbps Wireless Router to work with the WG511T PCMCIA card. This hardware also supports 802.11a/b/g, WEP keys, and WPA-PSK signal encryption. I wanted to learn more about switching between networks, as well. With that end in mind, I bought the Netgear WG511T wireless NIC and two of the WGT624 routers; one for home and one for work. The total for all of this was about $180.

Setting up the Netgear Wireless Router

First, I decided to get the router set up. As wireless is initially disabled, I had to connect in with a desktop using a plain old CAT5 cable. Then, I had to refresh my IP with the following command:

[1808][smorris@linux:~]$ /etc/init.d/network restart

After doing this, I tried surfing the Internet. The router, detecting that it wasn't set up yet, took me straight to a setup wizard. I went through each step mostly accepting the defaults. I eventually came to a screen that was asking me for an SSID.

I'll take a few moments here to explain a little about what I learned regarding SSIDs when researching setting up wireless connections on SUSE. First, an SSID is in some ways similar to a workgroup in Windows networking. It's just a name for a wireless router and its network of connected computers. Second, it's generally a good idea to change the default SSID. This makes it a little harder for someone to find your network. However, this is only true if you turn off SSID broadcasting, which I will explain a little later in this article.

So, I changed the default 'NETGEAR' SSID to something a little more creative: C0RND0G. I then clicked NEXT:

The setup wizard took me to a screen asking me if I wanted to enable security measures. Initially, it is easier to set up without security. I decided that I would add it later once I knew the connection was working. Please note: It is very important to set up security measures on a wireless connection. Unsecured wireless networks are a very common way for people to use a connection without authorization. However, on initial installation, it's easier without the security. So, I did not enable security at this phase of the set-up.

The router setup wizard took me to another screen, asking me if I wanted to change the default password.

I decided that this was a good idea, since at first, I would have absolutely no security on my network, whatsoever. If someone connected to my wireless network and knew my router's default username and password, they could connect into the router and wreak all kinds of havoc. This in mind, I clicked YES, where I was taken to a screen where I was able to change the password. Having entered a new password, I continued with the router setup wizard.

I was then taken to a summary screen with all of the settings I had chosen thus far. It was nice to see that they had given me the ability to print out that information had I needed to. Since I didn't, I just continued through and finished the setup of the router.

At this point, the initial setup of the router is complete. We are now going to set up the wireless NIC on the laptop. After making sure the connection is working, we will come back and implement security measures to protect the connection.

Setting up the Netgear Wireless NIC

Our next task becomes setting up the wireless NIC in the laptop itself. To do this, I just plugged the Netgear WG511T card into a free PCMCIA slot in the side of the laptop. In a few seconds, SUSE recognized that a card had been plugged in, and asked me if I wanted to configure it:

Obviously, the answer was YES, so that's what I clicked on. I was prompted for my root password, which I entered. I was then taken to the NETWORK CARD CONFIGURATION OVERVIEW screen. I selected the new card from the list, and then clicked on the EDIT button:

I was taken to the NETWORK ADDRESS SETUP screen. This is to tell the system that we're using wireless and we want to get an IP address from a DHCP server. If you need to change anything here, you'll know what to set it to. I don't need to change anything, so I'll just click NEXT:

Another screen appeared, the WIRELESS NETWORK CARD CONFIGURATION screen. That's good, because that's what we want to do: configure our wireless card:

We'll leave the operating mode set to MANAGED. The NETWORK NAME (ESSID) will be C0RND0G, as I set the router to, above. Just for now, the AUTHENTICATION MODE will be OPEN. This basically means that we are not authenticating users, and that anyone can connect. We'll be sure and come back to implement some security for our wireless network. Just for now, click NEXT. Good old SUSE tells us that not using any encryption is a security risk, asking if we really want to continue. For the moment, it's ok to click YES.

We come back to the NETWORK CARD CONFIGURATION OVERVIEW screen, where we can just click NEXT. YAST saves settings and exits.

At this point, we definitely do not need the CAT5 cable anymore, so I unplugged it from my laptop and router. This ensures that any network traffic we send or receive uses the wireless connection.

In my case, I had to manually restart the network (done as root):

[1808][smorris@linux:~]$ /etc/init.d/network restart

This gave me a lot of output, which we don't need to go into, here. However, we do want to make sure we got an IP address for the card. We'll do this with the following command:

[1808][smorris@linux:~]$ /sbin/ifconfig
ath0      Link encap:Ethernet  HWaddr 00:14:6C:06:73:D2  
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::214:6cff:fe06:73d2/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:10 errors:1688 dropped:0 overruns:0 frame:1688
          TX packets:30 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:200 
          RX bytes:2196 (2.1 Kb)  TX bytes:4221 (4.1 Kb)
          Interrupt:11 Memory:e5280000-e5290000 

eth0      Link encap:Ethernet  HWaddr 00:D0:59:38:10:B4  
          inet6 addr: fe80::2d0:59ff:fe38:10b4/64 Scope:Link
          UP BROADCAST NOTRAILERS MULTICAST  MTU:1500  Metric:1
          RX packets:4608 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3053 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1229720 (1.1 Mb)  TX bytes:549404 (536.5 Kb)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:229 errors:0 dropped:0 overruns:0 frame:0
          TX packets:229 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:17514 (17.1 Kb)  TX bytes:17514 (17.1 Kb)

[1808][smorris@linux:~]$

If we look, the number highlighted in green is the IP address of my new wireless card. Great, I have an IP address. To test our connection, let's ping an outside server like google.com:

[1808][smorris@linux:~]$ ping google.com
PING google.com (64.233.167.99) 56(84) bytes of data.
64 bytes from 64.233.167.99: icmp_seq=1 ttl=240 time=54.7 ms
64 bytes from 64.233.167.99: icmp_seq=2 ttl=240 time=54.7 ms
64 bytes from 64.233.167.99: icmp_seq=3 ttl=240 time=57.3 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2009ms
rtt min/avg/max/mdev = 54.757/55.615/57.301/1.192 ms
[1808][smorris@linux:~]$  

Note: to discontinue pinging, press CTRL+C.

Looks like our connection is up and working. Let's try and browse the Internet, just to make sure. Open a browser and go to your favorite page:

Everything appears to be in order. Our wireless connection is working.

Securing the Wireless Connection

Before we do anything else, let's make sure we secure the connection. To do this, we'll disable the broadcasting of our SSID and enable some encryption in our router. The two most common types of encryption are as follows:

  • WEP Key - Older technology. Can be cracked within a few minutes by a skilled cracker. Better than nothing, however.
  • WPA - Newer technology. Very difficult to crack. The encryption of choice if available.

While I was looking for a wireless card to use with SUSE, I also searched for something that would support the WPA encryption. The one I finally bought does, indeed, support this. So, I'm going to go in and enable it.

On most routers, to connect in, you just browse to http://192.168.1.1 or http://192.168.0.1/ . Generally, somewhere in your router's documentation it will tell you how to connect to the administration panel for the router. Once logged into the router, went to disable SSID broadcasting. This, by itself, is not a very strong security measure. It makes your wireless network less visible, however. Low-key networks are less likely to become a target. So, I recommend doing this.

Next, I headed into the Wireless Settings to enable encryption. This particular router supports several types of WPA encryption. My NIC supports WPA-PSK, so I enabled that one in the router. I then go down and put in a passphrase. I will put this same passphrase into my laptop's configuration.

I then went back over to the laptop, and loaded up the wireless nic configuration once again. I needed to put my passphrase into my wireless NIC's configuration.

To do this, we'll open YAST, select NETWORK DEVICES from the left, and then NETWORK CARD from the right:

The NETWORK CARD CONFIGURATION OVERVIEW window comes up. We just select the wireless card from the list, and click on EDIT:

The NETWORK ADDRESS SETUP window appears. We just click NEXT here:

On the next page, we need to change the authentication mode to WPA-PSK and then input the WPA passphrase. When this is done, click NEXT:

We go back to the NETWORK CARD CONFIGURATION OVERVIEW, where we just click NEXT. YAST saves the configuration and exits.

Again, let's restart the network (as root):

[1808][smorris@linux:~]$ /etc/init.d/network restart

check for an IP address:

[1808][smorris@linux:~]$ /sbin/ifconfig
ath0      Link encap:Ethernet  HWaddr 00:14:6C:06:73:D2  
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::214:6cff:fe06:73d2/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:10 errors:1688 dropped:0 overruns:0 frame:1688
          TX packets:30 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:200 
          RX bytes:2196 (2.1 Kb)  TX bytes:4221 (4.1 Kb)
          Interrupt:11 Memory:e5280000-e5290000 

eth0      Link encap:Ethernet  HWaddr 00:D0:59:38:10:B4  
          inet6 addr: fe80::2d0:59ff:fe38:10b4/64 Scope:Link
          UP BROADCAST NOTRAILERS MULTICAST  MTU:1500  Metric:1
          RX packets:4608 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3053 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1229720 (1.1 Mb)  TX bytes:549404 (536.5 Kb)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:229 errors:0 dropped:0 overruns:0 frame:0
          TX packets:229 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:17514 (17.1 Kb)  TX bytes:17514 (17.1 Kb)

[1808][smorris@linux:~]$

and ping google.com:

[1808][smorris@linux:~]$ ping google.com
PING google.com (64.233.167.99) 56(84) bytes of data.
64 bytes from 64.233.167.99: icmp_seq=1 ttl=240 time=54.7 ms
64 bytes from 64.233.167.99: icmp_seq=2 ttl=240 time=54.7 ms
64 bytes from 64.233.167.99: icmp_seq=3 ttl=240 time=57.3 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2009ms
rtt min/avg/max/mdev = 54.757/55.615/57.301/1.192 ms
[1808][smorris@linux:~]$  

Open a browser and hit a website to make that last check.

If everything goes according to plan, you should be surfing away.

Conclusion

So far, we've looked at how to select a good wireless card and router. We've discussed how to set them both up without encryption just to make sure they're working. Then, we went through enabling the encryption. If your router does not offer WPA, WEP is better than nothing, and is very similar to the WPA setup. This should demonstrate how painless it is to set up a wireless connection using SUSE Linux 10.0 as the client(s).

In a future article, I will discuss methods of transporting the laptop between two different wireless networks. This will be useful for people who have one network at home, one at school, and one at work. Until then, hopefully, this will help get started with integrating wireless with the SUSE Linux 10.0 platform.

UPDATE (2006-03-28): A reader, Gary, wrote in to point out the following:

    "I read your article about setting up a wireless LAN connection. The article was very well written and understandable."

    "I think that you left out one detail which I've found to be the primary problem with getting wireless NICs to work with linux: All of the NIC manufacturers change chipsets on their NICs without changing the NIC model number. As a result, by the time someone buys the specific NIC mentioned in your article, Netgear may have switched from Atheros to something else. Even a card that's had a good review by a linux user can be a total failure for another user, since the same card might come in 2 or even 3 hardware revisions."

    "Purchasing LAN hardware for linux is difficult, too, since few NIC technical descriptions specify the chipset used."

Thanks for the heads-up. I noticed this, also. The hardware vendors sure don't make it easy, do they? After discovering this phenomenon, it became obvious that I may just have to ask the SUSE project managers, which is what I ended up doing, just to be safe. Thanks again for the comments.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell