Installing Exchange Server 2007

All installations reward planning; in the case of Exchange 2007, decide on the underlying operating system and then decide which Exchange roles to install.  The trickiest feature of Exchange 2007 is not the installation, but the new method of creating Mailboxes from the Exchange manager.  In Exchange 2007, creating mailboxes (mailbox enabled users) with Active Directory Users and Computers is really good.  Any objects you manage to create have no SMTP address and don’t work.  You simply must use the Exchange Management Console to create mailboxes.

Choose your Underlying Operating System

Before you install Exchange Server 2007, you need a 64-bit operating system; you can choose the Windows Server 2003 R2 rather than the minimum requirement of Windows Server 2003 with SP1.

An even better option would be to install Exchange Server 2007 SP1 on Windows Server 2008, but note those three letters: SP1.  Just to emphasise that for Server 2008 you need the later, slipstreamed SP1 DVD (or image), and not the original RTM disk.  Furthermore, you need a clean install of Windows Server 2008 on 64-bit hardware, and not an upgrade from W2K3.

It terms of tactics, Microsoft recommend that you install Exchange 2007 on member server.  Exchange on a  Domain Controller is not supported, and should only be used for testing where you only have one machine. 

Active Directory

Creating the Active Directory domain is not strictly a part of installing Exchange, a brief description of the most important features for the sake of completeness is added as below: 

Domain Functional Level

The Domain Function Level must be at least – Windows 2000 Server Native.  Fortunately, this is not a great burden as there is only one lower setting, 2000 Mixed.  This is a reminder that Exchange Server 2007 has Servered the umbilical cord to Exchange 5.5.   Thus all those old 5.5 servers must be decommissioned and removed if you are migrating an existing organization to Exchange Server 2007.

You also need to check the Forest Functional Level, particularly where you want the advanced features of Exchange 2007.  Incidentally, Functional Level is my one of my ‘Litmus tests’ for seeing if people have sufficient Active Directory knowledge to install Exchange 2007.  If someone does not know how to find and configure Function Levels, then they are likely to need help installing Exchange 2007.

Global Catalog

Every active directory site where you install Exchange Server 2007 needs at least one Global Catalog server.  As you may know, GC is a configurable role of every domain controller.

 

System Icon – DNS Domain Configuration

As with Exchange 200x, the mail server relies on Active Directory.  Therefore, it is recommended to install a Windows Server 2003 (RC2) member server then run DCPROMO.

DNS – Automatic addition of _SRV

After installing the active directory domain, the plan is to persuade DCPROMO to install DNS using the wizard to automatically add all the _SRV records. To succeed, at the menu below, select the middle (automatic) option, Install and configure DNS server on this computer.

After finishing with DCPROMO go to the Services and Stop then restart the Netlogon Service.  What will be followed is a magic moment, restarting the Netlogon Service triggered the creation of all the DNS records under _msdcs.

The bottom line is check that DNS has the ‘A’ Host record for each Exchange 2007 server.

Key preparation steps before you install Exchange 2007:

At every stage of installing Exchange 2007, kind friendly wizards guide you through the minefield.  Here is a screen shot of the wizard checking then explaining a problem with mixed mode.

Raise Domain Level
As indicated by the wizard, it is good to Raise Domain Level 2003 (2000).  You can launch the ADUC (Active Directory Users and Computers), right click on your domain and select, Raise Domain Function Level.  If you had no old domain controllers, then chose Windows Server 2003.

Global Catalog
Insure that at least one Domain Controller on the subnet where you install Exchange 2007 has Global Catalog enabled.

.Net Framework 2.0
Exchange 2007 requires .Net Framework 2.0 (or 3.0). We need to install PowerShell before the main Exchange 2007.  This is an indication of the importance of the new PowerShell / PowerShell cmdlets.

MMC v 3.0
When you install Windows Server 2003, Exchange 2007 needs
MMC v 3.0.

PowerShell
Once you start using Exchange Server 2007 it wont belong before you meet PowerShell.  If follows therefore, that you have to add it as a ‘Feature’ of Windows Server 2008, else, on Windows Server 2003 install PowerShell together with .Net Framework by downloading the files from Microsoft’s site.

64-bit Hardware
Production versions of Exchange 2007 require 64-bit hardware.  Don’t be lulled by 32-bit beta versions of Exchange 2007, they are only for testing, and for a specific preparation context.  That context is to prepare Active Directory and domains for Exchange 2007 from a computer that has a 32-bit processor.  Remember that Exchange 2007 will be the first Microsoft product which runs solely on 64-bit processors. 

Other than this processor requirement, just use common sense and provide plenty of RAM.  It’s also worth spending a few minutes thought and planning on the disks sizes and partitions, particularly servers hosting the Mailbox Role.  For larger organization, this would be a good time to review your SAN (Storage Area Network) needs.

No NNTP
Finally, avoid ‘over-think’, you do not, repeat, not need the NNTP service.  The good news is that the wizard coupled with the result pane not only alerts you to the problem, but also suggests a remedy.

Installation Switches to Prepare Active Directory

Prerequisites, you need the Exchange Server 2007 disk or image.  (SP1 would be even better)  Each command is prefaced by setup.  You could also try setup /? to see the full list of options, for example: /mode or /role.

Setup /PrepareAD  Creates the necessary global Exchange objects and universal security groups in Active Directory.  Must be run by a member of the Enterprise Admins group, run this command in both the root and current domain.  You may find that if you run this command as a Schema Admin (and Enterprise Admin), there is no need to run the other commands.

/PrepareLegacyExchangePermissions  This command is needed if your organization contains Exchange Server 2003 or 2000 computers.  It modifies the permissions assigned to the Enterprise Exchange Servers group so that the Recipient Update Service can run.  Remember to logon as a member of the Enterprise Admins group.

/PrepareSchema  This prepares the Active Directory schema so that it allows Exchange Server 2007 to install.  You must be a member of both the Schema Admins and Enterprise Admins.  You need to run this command in the root domain, or the domain which holds the Schema Master role.

/PrepareDomain /PrepareDomain domainname  This creates a new global group in the Microsoft Exchange System Objects container called Exchange.  You must be a member of both the Enterprise Admins and the Domain Admins group.

One more point, if you are using a Windows Server 2008 computer, first install the AD DS management tools.

Finalise Deployment Tab

Once the Exchange setup wizard finishes its tasks, there is yet more work for you.  Seek out the Finalize Deployment tab, and also the End-to-End Scenarios tab.

Launch the Exchange Management Console, select Microsoft Exchange in the left tree, and now you should see the ‘Finalize Deployment tab’.   Most of these configuration tasks are optional, and will vary depending on which Server Role(s) you added.

While you have the Management Console open, take the chance to investigate the End-to-End Scenarios tab.  As with the previous tab, these tasks are optional and vary depending on which Exchange 2007 features you added.

Verification Check List

·         Check the installation log at: C: \ExchangeSetupLogs.  Also check the system and application event logs.

·         Launch the Exchange Management Console and check your newly installed Exchange server.  If this is a brand new installation check that the Organization Name is the same as you planned.

·         Create a mail-enabled user and then connect to that mailbox using Outlook Web Access, or an Outlook client if you prefer.

·         Once you create a Hub Server see if you can receive email from another mail-enabled account.

·         For CAS servers make sure you check with OWA.

·         In the case of the Edge Server send email to an external internet account.

·         Check that services to see that the dozen or so Microsoft Exchange Services are running.  Note they begin with Microsoft and not Exchange. 

·         If anything seems wrong check the Exchange files underneath: C: \Program Files\Microsoft\Exchange Server. 

·         When there is no quick resolution to the problem, seek the ExBPA (Exchange Server Best Practices Analyzer), then run the Exchange 2007 Readiness check.  The best way is to launch the Exchange Management Console and open the Toolbox and there you will find the Exchange Server Best Practices Analyser.

Installing Server Components

It is important to note that before installing the Spector CNE server components, you should first review Installation Considerations for Installing Server Components. It is very important that your network be properly configured before proceeding with the Spector CNE installation.

 1.      Run the cne42setup.exe installation file on the Windows NT 4.0, Windows 2000, Windows XP Professional or Windows XP Server computer on which you want to install the Spector CNE software components.  You must have Administrator privileges for this computer

2.      Read the License Agreement and select Yes to agree to its terms

3.      Enter the Spector CNE serial number, which is provided in your email receipt at the time of purchase or is available on the back of the CD you are using for installation (if applicable)

4.      Continue the installation by clicking on the OK button

5.      Select the folder to which the Spector CNE software components should be installed

Control center

The Control Center software component will install a program, which will be used as the interface for managing the recorded computers on the network. In addition, a Windows service called Spector CNE Console Server will be installed, which provides background updating of the status of network stations being managed by the Control Center.

In order to install the Console Server service, you must provide a user account that has Administrator privileges on the computer to which you are installing the service. In addition, this Administrator account should have Administrator privileges for accessing all network computers to be managed by the Control Center. For this reason, a Domain Administrator account credentials should be provided.

·         If you are working in a Windows Workgroup, you should provide a local Administrator account for installing the service. In addition, the account should be an Administrator account with the same credentials for all managed Workgroup computers

·         If you do not have an Administrator account that will have privileges to all managed computers, provide the Administrator account for the local computer, which will allow the Console Server service to be installed

Spector CNE does not store the Administrator credentials that are supplied for this service. They are simply passed on to the Windows Service Control Manager, which assigns them to the service for its execution.
In order to complete the installation of the Primary Server you will be required to register your Spector CNE serial number with SpectorSoft by submitting a Registration Code from the Primary Server and receiving an Unlock Code from SpectorSoft. The Unlock Code will be submitted to the Primary Server and it will be enabled for the number of licenses purchased.

If the Primary Server component is selected for installation during Setup, you will be prompted for the location to which the Primary Server is to be installed.

·         Install on this Computer  This response will be used most often, especially for initial installations. This installs the Primary Server component on the computer from which the Setup is being run. It is probably the same computer from which you are installing the other server components

·         Install on another Computer  This response allows the Primary Server component to be installed on another network server. This is an advanced installation. It is used when you have a specific reason to install the Primary Server on a different computer than the other server components

·         Primary Server is already installed  This response is used when you do not want the current Primary Server installation to be changed. You are installing the Control Center and you need to define the Primary Server computer being used for the Spector CNE installation

If you are installing the Primary Server component on a remote computer (a computer other than the one from which the installation is being made), the C$ Administrator share must be enabled on the remote computer specified for the Primary Server installation or the Primary Server service cannot be installed.

Upon completion of the Setup, you will be presented with instructions for registering your Spector CNE serial number within the Primary Server, unless the Primary Server is already installed and the serial number is registered.

The Spector CNE product serial number and a registration code generated by the Primary Server must be submitted to SpectorSoft. This submission can be done by:

1.      Clicking on the Register Now button, which will open a Web page, and submit the registration information

a.      You will be emailed an Unlock Code to the email address used for purchasing your product

b.      If your product was not purchased directly from SpectorSoft, you will be prompted to register your customer information in order to email your serial number Unlock Code

 2.      When you receive your serial number Unlock Code, copy/paste it into the input box and select Unlock serial Number. The Primary Server will then have the CNE serial number enabled for the number of licenses purchased

If you wish to complete your Spector CNE Setup without registering your serial number, select Close to complete the installation. Your Spector CNE installation will complete, but you will not be able to install the Client component to record computers until the Primary Server has registered the serial number.

 3.      Select the Primary Server icon in the system tray and press the Register SN button to register and unlock the serial number.

 When installing Spector CNE you must decide whether you would like the recorded events to remain on the individual computers being monitored or whether you would like all events to be communicated to a data vault.

SpectorSoft does NOT recommend leaving stored events on each individual computer. Leaving the events on the individual computers means that a remote connection to each computer:

·         Will be required to review the events

·         The security of the events could be compromised

·         The ability to backup and archive the events is diminished

·         You will not have access to the events if the computer is turned off or taken off the network

SpectorSoft recommends configuring the Data Vault. The Data Vault is a Windows service that runs on a server. It receives all recorded events from the monitored network computers. When the recorded events are sent to the Data Vault:

·         They are removed from the computer on which the event was recorded

·         These events will be stored in proprietary files in a root folder configured for the Data Vault

·         There will be a sub-folder for each monitored computer containing all of the events for the computer with that sub-folder name

By default, the Data Vault will keep the events received from the computer for a period of 10 days. After 10 days, the events will be deleted. If you wish to keep the recorded events from the Clients for a longer period, increase this setting from within the Control Center Properties or implement an archival procedure for the backup of the files stored in the Data Vault.

To install the Data vault: 

1.      When the CNE setup prompts for the Data Vault configuration, select Spector clients recorded data stored to network Data Vault

2.      Select Continue

3.      You will be prompted for the location to install the Data Vault:

·         Install on this Computer  This response will be used most often, especially for initial installations. This installs the Data Vault component on the computer from which the Setup is being run. It is probably the same computer from which you are installing the other server components

·         Install on another Computer  This response allows the Data Vault component to be installed on another network server. This is an advanced installation. It is used when you have a specific reason to install the Data Vault on a different computer than the other server components.

·         Data Vault is already Installed  This response is used when you do not want the current Data Vault installation to be changed. You are installing the Control Center, and you need to define the Data Vault computer being used for the Spector CNE installation

 4.      Select Continue

5.      Specify the folder in which to store all the recorded events that the Data Vault is to receive. There will be a sub-folder for each recorded computer. The default is c:\spectordata

6.      Select Continue

 If you are installing the Data Vault component on a computer other than the computer from which the installation is being made, the C$ Administrator share must be enabled on the remote computer specified for the Data Vault installation or the Data Vault service cannot be installed.
 

Windows XP – Install a wired network adapter

To connect to a network, your computer needs a network adapter. Fortunately, most computer manufacturers know that connecting to the Internet or other computers is important to computer users, and they include a network adapter with your computer. If you’re not sure if you have a network adapter, you can find out in a few quick steps.

 

If you need to add a network adapter, first choose which method you want to use to install it. Most people prefer to use a USB (Universal Serial Bus) network adapter, because it’s easy to install. If you have a portable computer, you might find a CardBus (also known as PCMCIA or PC Card) or CF network adapter better meets your needs. If you have a desktop computer with the proper amount of available space, you may also have the option of adding an internal network adapter.

The instructions you follow to install a network adapter depend on how you connect it:

How to determine if you have a network adapter

Many newer computers have a network adapter built in that you can use to connect to a wired network. If you want to install a wired network adapter and aren’t sure whether your computer already has one, look for a network port on the back of the computer. Network ports resemble phone jacks, but they are slightly larger and have eight pins inside.

To see what kind of network adapters may already be installed in your computer.

  • Click Start, and then
  • click Control Panel.
  • Click Network and Internet Connections.
  • Under or pick a Control Panel icon,
  • click Network Connections.

·         Microsoft Windows XP displays your network adapters. If an adapter has a red X over it, it is disconnected. If the Network Connections window is blank, your computer doesn’t have a network adapter

 

If you already have a network adapter, you are ready to configure your network.

 

How to install a wired USB network adapter

Connecting a USB network adapter is as easy as plugging in headphones.

Once you have the adapter

  • If your USB network adapter came with software, insert the CD or floppy disk into your computer, and follow the manufacturer’s instructions to install the software.
  • Find an available USB port on your computer.
  • If you need to move your computer to reach the USB ports, you should shut down Windows to avoid damaging your computer. If you can easily reach a USB port, you do not need to shut down your computer.
  • If you do not have an unused USB port, connect a USB hub to add additional ports. Then connect your USB network adapter to the unused USB port.
  • Connect the network cable to the network adapter.
  • Connect the other end of the network cable to your networking equipment.

If you had to shut down your computer to get to the USB port, you can now turn on your computer. Windows detects and installs the new hardware, and then displays a notification informing you that the hardware has been successfully installed.

 

How to install a wired CardBus or CF network adapter

Most portable computers have either a CardBus or CF card slot. CardBus and CF cards are more convenient than USB network adapters for portable computers because they are stored within your computer. However, some network adapters stick out from your CardBus slot.

Before installing, you need to buy a wired CardBus or CF network adapter.

Once you have the adapter

  • If your network adapter came with software, insert the floppy disk or CD into your computer, and follow the manufacturer’s instructions to install the software.
  • Insert your network adapter into the slot on your computer.
  • Connect the network cable to the network adapter.
  • Connect the other end of the network cable to your networking equipment.

Within a minute or so, Windows detects and installs the new hardware, and then displays a notification informing you that the hardware has been successfully installed.

 

How to install a wired internal network adapter

Internal network adapters can be more complicated to install than USB network adapters, and they can only be installed in desktop computers that have a space (generally called a slot) available for you to add the card.

If you are not comfortable opening your computer’s case, you should have internal hardware installed by a professional.

 

Once you have the adapter

  • Open the packaging and read the instructions.
  • If the network adapter came with a CD or floppy disk, you should insert the CD or floppy disk into your computer, and install the software prior to connecting the hardware.
  • Shut down your computer by clicking Start and then clicking Turn Off Computer. Then click Turn Off.
  • After your computer shuts down, make note of where each cable is connected to the back of your computer. It’s handy to tape a small note on each cable with a number or letter, and put a matching note next to the spot on your computer where the cable was plugged in. Then unplug all cables from your computer.
  • Lay your computer on a flat surface, like a desk or table. Remove the side panel from your computer’s case. Depending on the case, you may need to remove screws at the back of your computer.
  • With the side panel removed, you can see the inside of your computer. Identify an available slot that fits your card. If necessary, remove the small metal panel protecting the opening for the slot at the back of your computer, and save the screw.
  • Touch an unpainted portion of your computer’s case to discharge any static electricity. Then carefully insert the network adapter into the open slot. Gently wiggle the card back and forth until it rests firmly in the slot.
  • Replace the screw that you removed in step 6, which will help hold the card in place.
  • Replace the side panel to your computers case.
  • Connect the network cable to the network adapter.
  • Connect the other end of the network cable to your networking equipment.

Reconnect all cables to your computer, start your computer, and log on to Windows. Windows detects and installs the new hardware, and then displays a notification informing you that the hardware has been successfully installed.

 

How to install a wireless network

A basic wireless network needs just two things: a wireless gateway and a wireless network adapter card in each computer.DSL modem and communicates via radio with your PCs. Gateways go by many names, and although there are technical differences between those names, many products use the terms interchangeably.DSL connection, choose a gateway with an Ethernet port to connect to the cable modem. Popular models include the Linksys WRT54G and the NetGear DG834G.

Step 1: Choose A Wireless GatewayThe heart of a wireless network is the gateway, a device that connects to your cable or

If you’ll be using the access point along with your cable modem or

Some models, such as the Linksys WCG200 Cable Gateway, can replace your cable modem too. Instead of connecting the gateway to your cable modem, you plug your cable Internet line directly into the gateway. If you’re renting a cable modem from your cable company, this option can save you money over time, but make sure the access point and the cable company support the same cable communication standard. (DOCSIS [Data Over Cable Service Interface Specification] is the most common.)ISP‘s dial-up connection to be shared amongst the PCs on your network.

If you don’t have a broadband connection, choose an access point with a built-in modem. It will allow your

You also need to decide which wireless protocol you want to use. The two main choices for homes and small offices are 802.11b and 802.11g. 802.11b is a slower, older technology, so consequently the hardware is less expensive. 802.11g is about five times faster than 802.11b. Although hardware prices have fallen considerably, 802.11g hardware still costs a few dollars more than 802.11b-compatible hardware. Unless you are on a tight budget, 802.11g is worth the extra expense. It is backward-compatible with 802.11b, so that if a houseguest wants to surf the Internet using his 802.11b card, he’ll be able to do so with your 802.11g network.

There is yet another protocol called 802.11a, but it is generally used in corporate networks, not in the home. Because it uses a different part of the spectrum, it isn’t compatible with 802.11a or 802.11g. Access points that support these two are available, but unless you have a special need for 802.11a in your home, the extra protocol isn’t worth the extra money.

Step 2: Choose Wireless Network Adapters

You’ve chosen an access point, but don’t check out at the computer store just yet. Each computer or other device that you want to access the wireless network will need a network adapter, the transceiver that talks to the gateway.USB (Universal Serial Bus) port, or Ethernet port.USB adapter. For a desktop PC, a PCI adapter will provide a fast, inexpensive wireless upgrade. CompactFlash and Secure Digital adapters are available for PocketPC and PalmOS PDAs.

Many new laptop computers have one already built-in. If yours does, you won’t need to add any equipment to it. If it doesn’t, there are a myriad of ways to add one: Network adapters are available that plug into the computer’s PC Card slot, PCI (Peripheral Component Interconnect) slot,

If your notebook has a free PC Card slot, a PC Card adapter is the best way to go. Otherwise, opt for a

It isn’t vital that the network adapter that you choose is the same brand as the access point. Because 802.11b and 802.11g are standards, you can mix and match hardware from different companies to create your network. You may be able to save cash by choosing the cheapest access point and network adapters without regard to brand.

On the other hand, there are advantages to choosing hardware from the same manufacturer. First, the configuration software will have similar interfaces, which can make setup go more smoothly. Secondly, some manufacturers offer hardware that can transmit data much faster than the 802.11g protocol officially supports. However, these performance enhancements can only be realized when you use hardware from the same manufacturer. Linksys hardware with SpeedBooster technology can run significantly faster than standard 802.11g. Similarly, D-Link’s XtremeG protocol runs twice as fast as 802.11g. But both speed-ups only work with hardware from the same company, so if you’re looking for the ultimate in wireless networking speed, it pays to be loyal to one brand.DSL modem or phone line, the access point’s location will be dictated by the location of cable or phone jacks. Stake out the jacks in your home and choose the one that is both central to where you want wireless broadband access and located near a power outlet.DSL modem, use an Ethernet cable (which will be included with the gateway) to connect the gateway’s Internet or WAN (wide-area network) port to your cable/DSL modem’s PC Ethernet port. Plug the access point into the power outlet and turn it on. Turn your cable/DSL modem off, wait a few seconds, and turn it back on: This will force the modem to recognize its connection to the new access point.ISP, along with your account username and password. Although you’re probably used to your PC’s modem dialing in to connect to the Internet, from now on the access point’s built-in modem will make the connection.USB port. After configuration, you can disconnect the cable and move the PC farther away for wireless access.United States, 11 wireless channels are available. In isolated areas without many other wireless networks nearby, it doesn’t matter much which channel you use. But in an office building or apartment with a lot of other wireless activity, there may be more interference on one channel than another. Cordless phones, baby monitors, and microwave ovens can create interference, so if your wireless connection seems slow or unreliable later, try changing the channel.

Step 3: Choose A Location For The Wireless Access PointThe location of your access point is important: It will affect the quality of the wireless network through the rest of your home.

A wireless access point can typically interact with computers in a 200- to 300-foot radius, more or less, depending on obstructions. As you move farther away from the access point, the connection will become slower. Walls and other obstructions, especially concrete and steel beams, further limit wireless range. So it’s best to position the access point centrally in your home.

If you install the access point in the office on the east side of the house, the signal may not reach all the way to the living room on the west side. However, the same access point located somewhere in the middle could serve both rooms. Because it connects to your cable/

Step 4: Install The GatewayNow you’re ready to install the wireless gateway. The procedure will vary from product to product, so follow the instructions specific to your model.

If you have a cable or

If you use a dial-up modem connection, use a standard phone cable to connect the access point’s modem jack to the phone line. You’ll have to configure the access point with the phone number of your

If the access point came with PC software, install it on the computer that you want to configure the access point from. The first time you configure it, you may have to connect the access point to the PC’s Ethernet or

Step 5: Configure The GatewayNow you need to configure the gateway. Again, read the manual to find out how. On some models, the configuration interface is accessed through your Web browser; others use special configuration software on the PC. The configuration software will walk you through the steps of setting up the wireless network.

You’ll be asked to choose a channel for your wireless connection. In the

One of the steps will ask if you want to use DHCP (Dynamic Host Configuration Protocol), which makes network management easier by letting the access point dole out IP (Internet Protocol) addresses, domain name server information, and other network information to the computers on the LAN (local-area network). This allows the networking details to be managed from a central point. If your ISP‘s domain name server needs to be changed, for instance, the router will feed the new information to each computer so you won’t have to update the network settings on each PC manually. In a home environment with even a couple of networked PCs, DHCP can make life much easier.DSL connection, it is essential to enable your access point’s firewall function. The firewall is typically enabled by default; be sure to leave it activated.USB and PC Card adapters, this simply means plugging in the card. If you’ll be installing a PCI card on a desktop PC, you need to unplug the computer, remove the side panel, and install the card into an empty PCI slot. It’s a simple process that will take five to 10 minutes.DWL-G810 to your game console’s Ethernet port. The console will see that it’s connected to a network and let you play. It won’t know or care that it’s not a wired network.

The access point does another important job: It is also a firewall. A firewall isolates your PC from incoming connections by unauthorized computers on the Internet—such as crackers and your service providers’ other customers—while still allowing you to access the Internet. For users with a cable modem or

A firewall can conflict with certain software on your PC, preventing it from accessing the Internet. This is common with networked games, file-sharing applications such as BitTorrent and servers. If the firewall blocks your legitimate traffic, you can configure the gateway to allow incoming traffic for specific applications on specific PCs. Don’t disable the firewall entirely.

Step 6: Choose Wireless SecurityBecause wireless networking transmits your information over radio waves, anyone within range of your hardware’s antennas could snoop on your network. Don’t worry, though. Every access point includes encryption protocols that can keep your private data private. However, encryption is usually disabled by default and the vast majority of access point owners don’t bother to turn it on.

That means, potentially, a nosy neighbour could use his PC to surf the Web using your Internet connection, read the private email that you send and receive, monitor the Web sites that you visit, snoop around the files on your computer, or send spam from your network. It seems that most people don’t understand these risks, so they don’t bother to turn on their access point’s encryption.

That said, some people do intentionally leave their wireless networks unencrypted in order to share Internet access with nearby neighbours and passersby. It can be a friendly gesture, but anyone who intentionally leaves her network unencrypted needs to take strong precautions to protect the files on her computers, keep email private, and so on. Unless you’re committed to learning how to batten down the hatches on your PCs, protect yourself by enabling encryption.

Two types of encryption can protect the data on your wireless network. The older system, WEP (Wireless Encryption Protocol), is supported by all wireless equipment. A newer system, WPA (Wireless Protected Access), is available on more recently released hardware. WPA provides stronger encryption: If all of your hardware and operating systems support it, use it. If your access point or any of your network adapters don’t support WPA, use WEP instead. WEP doesn’t provide total security, but it is good enough to keep out casual snoops.

All of your wireless hardware needs to support the encryption protocol that you choose, so if you have one older wireless card that doesn’t do WPA, all of your equipment will need to use WEP. However, a firmware upgrade (see below) could add WPA encryption to an access point that doesn’t have it now.

The procedure for enabling encryption varies from product to product, so follow the manufacturer’s instructions. You’ll find a security menu in the access point’s configuration software. Generally, you’ll pick or be assigned a password in the access point software. The password may be a long series of hex digits, such as 35BBD4F1C73CFC40A42382077C. Later, you’ll enter that password in the wireless security configuration window of each PC.

Step 7: Install & Configure The Network AdaptersNow that the access point is humming, it’s time to get each of your notebooks and desktop PCs on the wireless network. You might have just one PC or a whole gaggle of them: Either way, every machine that you want to use away from the access point needs a wireless card. You should have no problem installing wireless access on any version of Windows, from Windows 95 though Windows XP. You’re not limited to just Windows: Computers running Linux, Mac OS, and other operating systems can be members of your network, too.

It’s a good idea to install and configure network adapters one at a time. Get one computer online before moving on to the next machine.

The installation procedure is different from product to product, so read the manual for each network adapter. The usual procedure is to install the software for the adapter and then install the card itself. For

If a computer is permanently located in the same room as your access point, it doesn’t need a wireless card. Most access points offer bridging functionality, which means they can connect two networks—in this case, the wireless network and a wired one. So you can connect a computer (or several—usually up to four, depending on the access point) to the access point with an Ethernet cable.

Step 8: Upgrade The Access Point’s FirmwareChances are the access point you just bought was sitting on a store or warehouse shelf for some time, so it’s possible that the manufacturer released a new version of the access point’s firmware during that time. Now is a good time to check for a firmware upgrade and, if there is one, install it.

Firmware is the software that’s built into hardware, like any software, you can upgrade it. Manufacturers release firmware upgrades to patch security holes, increase compatibility with other products, and add features.

Look at the status page of the access point’s configuration interface to find out what firmware version it is currently running. Then check the manufacturer’s Web site to see if a newer version is available.

If there is, follow the manual’s directions to upgrade it. This is usually simply a matter of downloading a file to the PC and then running it. The program will write the new firmware to the access point’s permanent memory. The program may take several minutes to do the job. Do not turn off the computer or access point until the program says that the new firmware is installed. Interrupting the process could leave your access point comatose, with partially installed firmware. When the firmware upgrade is done, you can delete the installer program from the PC.

Step 9: Enjoy Your Wireless Internet ConnectionNow that the network and each computer are configured, enjoy your fast, wireless Internet connection. Roam with the notebook from room to room as you read your favourite blogs or send files effortlessly from one PC to another.

Step 10: Consider Connecting Other DevicesYou also might want to consider ways you can expand your network; it doesn’t have to be limited to computers. You can add your Sony PlayStation 2 or Xbox to the wireless network, which will let the kids (and you) play networked games without having an Ethernet wire trip- hazard running from the computer room to the living room.

Just connect an Ethernet-to-wireless bridge, such as the Linksys WET54G Wireless-G Ethernet Bridge or D-Link

In the same way, you can add any other device with an Ethernet port to your wireless network. If there’s a printer taking up space on your desk (marooned there because it’s within a cable’s reach of your PC) you could move that printer virtually anywhere—to a closet, perhaps—as long as there’s a power source in the new location. As a bonus, you may be able to share that printer with every computer on the network, so you can print from the notebook and the PC in the kids’ room.

Many digital video recorders, such as Series 2 TiVo and ReplayTV, can download program guide information over the wireless connection instead of over the phone. TiVo officially recommends using the Linksys WUSB11 adapter for this, although other adapters may work.

Step 11: Expand The Reach Of Your NetworkIf you find that your access point doesn’t reach the far-flung nooks and crannies of your home, there are a number of ways to expand the reach of your wireless network. You don’t need to live in a mansion to have this problem: Too many walls can prevent the signal from reaching the den, or you may want Internet access out on the porch.

If your access point has an external antenna jack, attaching a new antenna to it can boost its signal. Built-in antennas are typically adequate, but an add-on antenna can boost the power by double or more.


But there’s a problem, a super-powerful antenna on the access point may make its signal reach the next city, but your notebook’s little antenna isn’t powerful enough to transmit its signal back. For regular use around the house, a better solution could be to add a wireless bridge, which is a second wireless access point that retransmits everything it receives back to the main access point, thus expanding the range of wireless access in your home. The bridge doesn’t need to be connected to a cable/
DSL modem—all it needs is power.

Bridging isn’t limited to just two access points: You can create a complex network of bridges that cover a large area. Many bridges use a technology called WDS (Wireless Distribution System). The WDS implementation from one manufacturer may not be compatible with another manufacturer’s version, so choose a bridge from the same company that made your main access point.

There is a downside to bridging. The extra “hop” it takes for your data to be received and retransmitted by the bridge adds to the latency of your network connection, so your data will move a bit more slowly.

Yet another option is to run an Ethernet cable from the main access point to a bridge located in the far-flung section of the house. Although this means stringing a wire through the attic or other equally inaccessible areas (something you were trying to avoid, right?) it can allow you to place a bridge that isn’t within radio range of the main access point. So, you could have the access point at the east side of the house and a bridge at the west: Together they will cover the whole house and the patio, too. There’s no additional latency as there is with the wireless bridge.