Nintendo DS Wireless Networking Guide Version 1.3 Copyright 2005 - 2010, Tom Nardi (MS3FGX@gmail.com) For more info and the latest version of this Guide, visit www.digifail.com ================================================================================ = Contents = ================================================================================ 1. Introduction & Overview 1.1...Introduction 1.2...Why was this Guide Written? 2. DS Configuration 2.1...Introduction to WiFi Setup on the DS 2.2...Configuring a WiFi Connection on the DS 2.2.1...Step 1 2.2.2...Step 2 2.2.2.1...Automatic Configuration 2.2.2.2...Manual Configuration 2.2.2.3...AOSS Configuration 2.2.3...Step 3 2.3...Configuring a Connection with the Nintendo Wi-Fi USB Connector 2.4...Wi-Fi Connection Options Menu 2.4.1...System Information 2.4.2...Erase Nintendo WFC Configuration 2.4.3...Transfer Nintendo WFC Configuration 3. Setting Up Your Own AP (Basic) 3.1...Using a WiFi Router 3.1.1...Using a Stand-Alone AP 3.2...Using the Nintendo Wi-Fi USB Connector 3.2.1...Requirements 3.2.2...Pre-Installation 3.2.3...Installation 3.3...Nintendo Wi-Fi USB Connector Versus Wireless Router 3.3.1...Compatibility 3.3.2...Security 3.3.3...Efficiency & Convenience 3.3.4...Verdict 4. Setting Up Your Own AP (Advanced) 4.1...Configuring a Software AP in GNU/Linux 4.1.1...WiFi Options in GNU/Linux 4.1.2...Setting up the Hardware 4.1.3...Setting up the Software 4.1.3.1...IP Ranges 4.1.3.2...Routing 4.1.3.3...Static IP 4.1.3.4...DHCP 4.1.4...The Complete DS_AP Script 4.1.5...Introducing linux_ics 4.2...Configuring a Software AP in Windows 4.2.1...Supported Devices 4.2.2...RT2500 Driver Installation 4.2.3...Software Configuration 4.2.3.1...RT2500 Soft AP Setup 4.2.3.2...Configuring ICS 4.3...Configuring a Software AP in Mac OS 4.3.1...WiFi Options in Mac OS 4.3.2...Configuring Internet Sharing 4.3.3...Configuring AirPort Options 4.3.4...Connecting the DS 4.4...Hacking the Nintendo Wi-Fi USB Connector 4.4.1...Using the Nintendo Wi-Fi USB Connector with AOL 4.4.2...Nintendo Wi-Fi USB Connector Soft AP 4.4.2.1...Driver Modification and Installation 4.4.2.2...Software Modification and Installation 4.4.2.3...Soft AP Configuration 5. Network Security 5.1...WiFi Security 5.1.1...Cloaked SSID 5.1.2...MAC Filtering 5.1.3...WEP 5.1.3.1...Use a Strong Key 5.1.3.2...Use the Highest Encryption Possible 5.1.3.3...Limit your Bandwidth 5.1.3.4...Rotate your Key 5.1.3.5...Combine Forces 5.1.4...Is it Safe? 5.2...Securing your WiFi Router 5.2.1...Use a Strong Password 5.2.2...Disable Wireless Management 5.2.3...Disable Remote Management 5.2.4...Disable Remote Upgrade 5.2.5...Enable HTTPS 5.3...Nintendo Wi-Fi USB Connector 5.4...Firewalls 5.4.1...General Firewall Concepts 5.4.1.1...Inbound Firewall 5.4.1.2...Outbound Firewall 5.4.1.3...Network Segmentation 5.4.2...Types of Firewalls 5.4.2.1...Hardware Firewalls 5.4.2.2...Software Firewalls 5.4.2.2.1...GNU/Linux 5.4.2.2.2...Windows 5.4.2.2.3...Mac OS 5.4.3...Practical Application 5.4.3.1...Inbound Firewalling 5.4.3.2...Outbound Firewalling 5.4.3.3...Network Segmentation 6. FAQ & Troubleshooting 6.1...FAQ 6.1.1...Nintendo Wi-Fi Connection 6.1.2...Routers 6.1.3...Nintendo Wi-Fi USB Connector 6.1.4...GNU/Linux 6.1.5...Windows 6.1.6...Mac OS 6.2...Troubleshooting 6.2.1...Nintendo Wi-Fi Connection 6.2.1.1...Error Messages 50000 to 59999 6.2.1.2...Error Messages 80000 to 89999 6.2.2...Routers 6.2.2.1...DS Does Not Detect Router 6.2.2.2...DS Cannot Establish Link with Router 6.2.2.3...DS Connects to Router But Cannot Connect to Internet 6.2.2.4...None of that Worked! 6.2.3...Nintendo Wi-Fi USB Connector 6.2.3.1...Wi-Fi Connector Not Detected by Installer 6.2.3.2...Internet Connection Sharing Error 7. Reference 7.1...Networking Glossary 7.2...Software AP Compatible WiFi Hardware and Drivers 7.2.1...GNU/Linux 7.2.2...Windows 7.2.3...Mac OS 7.3...Finding the Current TCP/IP Information 7.3.1...Under GNU/Linux 7.3.2...Under Windows 7.3.3...Under Mac OS 7.4...Correctly Configuring a Static IP 7.5...Tips for Increasing WiFi Range 7.5.1...Transmission Rate 7.5.2...Antennas 7.5.3...Router Firmware 8. Thinking Out Loud 8.1...Rate Autonegotiation 8.2...WiFi vs. NiFi 8.3...Nintendo Wi-Fi USB Connector vs. Software AP 8.4...What Happened to WPA? 8.5...A Tale of Two Consoles 8.6...Ad-Hoc on the DS 8.7...Monkey See, Monkey Don't 8.8...Escaping Captivity 8.8.1...Nintendo Wi-Fi USB Connector 8.8.2...MAC Cloning 8.8.3...Nintendo DS Browser 9. Misc 9.1...Version Information 9.2...Future Additions 9.3...Disclaimer 9.4...Credits ================================================================================ = 1. Introduction & Overview = ================================================================================ -------------------------------------------------------------------------------- - 1.1 Introduction - -------------------------------------------------------------------------------- I welcome you to the first Guide I have ever submitted. The reasoning behind this Guide, and my goals with it, are covered elsewhere. I just thought I would start the Guide off with a little general background information about it and myself. I am a Network Administrator by profession. Some would say that networking is my life, and others would say that I have no life at all. Both parties would probably be correct. I saw the opportunity to use my knowledge to help others on a fairly large scale when the DS was announced to have WiFi capability, and this Guide is the end result. Considerable time and money has been spent researching this Guide. I have spent hundreds of dollars to buy the hardware needed to test all of the things you will read here. Hardware that I had no use for, but could not in good conscience write about unless I had in my own hands. This document was written entirely by myself, but even though I wrote this on my own, I have had support and help from others, and they are all thanked in the credits. I also encourage anyone who reads this Guide to email me with their impressions or suggestions. I am always open to new ideas for the Guide, so drop me a line if you think there is something I should cover. Even if you don't have a technical comment or idea, general feedback is always welcome as well. If you want more one-on-one help with anything I have covered in the Guide, or something is not exactly clear to you from what I have written, feel free to email me with that as well. A few people have already emailed me with the problems they were having, and we were able to work out a solution together, which is what this is all about in the first place. A word of warning though, I feel that if you chose to use a text-based method of communicating with others, you should at least form that text properly. So if you are going to email me, then make sure it is done in proper English. I hate "133t speak", and if I receive an email written in it, I assure you, I will redefine the word "unhelpful". Finally, perhaps a little technical information on this document itself. This Guide was written completely in Vim, and spell checked with Aspell. I did not use word wrap, and instead manually entered carriage returns at or before 80 characters as I wrote it. Big fun. I hope that you enjoy this Guide, and more importantly, I hope that it helps you. -------------------------------------------------------------------------------- - 1.2 Why was this Guide Written? - -------------------------------------------------------------------------------- The answer to that question is not what you might think. Prior to the opus you are currently reading, I had never written a single FAQ or Guide of any sort. This is because I never felt there was anything worth writing about, and if there was, certainly somebody else would do it. But, coming to the end of 2005, no serious WiFi Guide had been written for the DS, and even worse, there was even more confusion then usual, as Nintendo had released their own WiFi adapter, and it had gotten to the point that some people actually believed that the Nintendo Wi-Fi USB Connector was the only way to get online. At the same time, the Nintendo Wi-Fi USB Connector troubled me, as it put heavy limits on what sort of hardware and software it would work with. Limits that did not have to exist. Many people out there, including myself, do not use Windows XP, or Windows at all for that matter. Nintendo obviously did not care too much about the Linux and Mac OS users of the world, or even people running older versions of Windows itself. So, due in no small part to my own greed, my initial idea was to write a Guide that would detail how to use nearly any WiFi device as an AP for the DS in Linux. Then I realized that (other than myself) roughly 4 people would benefit from such a Guide. Then I said, "Fine, I will expand that to Mac OS as well." Alright, that gives us 10 more people. So far, I have 14 people on the edge of their seats. I was starting to figure this was useless, so I came to the conclusion that I couldn't just write about setting up a software AP in Linux, or even in Linux and Mac OS. I would need to cover everything possible. I would have to cover creating a soft AP in all 3 major operating systems. But, what good is a Guide on creating and setting up an AP, if you don't tell people how to connect their device to it? So I would also have to cover how to setup the DS with WiFi. Of course, many people just want to use their standard wireless routers, so I would have to cover that as well. While on this grand adventure of networking, I might as well document my observations and experiments too... So, from my simple initial goal, we now have the Guide you are currently reading. A document that, I hope, will help everyone who reads it, from people who just want to get their DS working with their existing router, to Linux users who want to fight the system. That is why this Guide is called the "DS Wireless Networking Guide", rather than something like "WiFi FAQ". This document is not intended to be a simple FAQ giving obvious answers to equally obvious questions. This is intended to be the Bible of the DS's WiFi abilities. It is a technical look at the DS, WiFi technology, and networking in general. ================================================================================ = 2. DS Configuration = ================================================================================ -------------------------------------------------------------------------------- - 2.1 Introduction to WiFi Setup on the DS - -------------------------------------------------------------------------------- So here is where things get murky. Because of Nintendo talking so much about their designated public APs, and the WiFi Adapter, some people have gotten the idea that the DS does not work with normal WiFi hardware, and needs to get online using special Nintendo software/hardware. This is completely untrue, and here we will talk about getting the DS online with your average home wireless router. A few details on the WiFi setup for the DS. Unlike the PSP, the DS itself has no capacity to configure it's WiFi hardware, search for APs, do a connection test, etc. This ability is added by each online game for the DS. They all contain the same identical WiFi setup and testing application, so one explanation will cover every online DS game ever released. How convenient. In addition, contrary to what many people assumed, WiFi configuration information is not saved to the game cart, but is written to free space on the firmware EEPROM inside the DS itself. This means that once you configure your DS for WiFi connectivity in one game, you don't have to do it for other games. There is enough free space on the firmware EEPROM to hold 3 separate WiFi connection profiles. An interesting note is that, unlike the PSP, you don't need to actually tell the system which profile to use, it will automatically determine which one of the connection profiles to use, without user intervention (actually, you can't manually select which profile to use even if you wanted to). So now that we know some specifics about the WiFi configuration for the DS, let's figure out how to do it. -------------------------------------------------------------------------------- - 2.2 Configuring a WiFi Connection on the DS - -------------------------------------------------------------------------------- Each game is different, so you will need to find out how to get into the WiFi configuration system by reading the manual for your game. Assuming you have found it, let's go over the basic setup. Once you get into the WiFi setup, you will be presented by a large blue button that says "Nintendo Wi-Fi Settings" and a smaller orange button that says "Options". For now, we are only interested in the Settings menus, so click on that button. From here on, the setup process is separated into 3 major parts. Let's take a look at each one individually, and cover it's use. -------------------------------------------------------------------------------- - 2.2.1 Step 1 - -------------------------------------------------------------------------------- For step one, you will chose which WiFi profile you want to work with. Again, the DS can hold 3 such profiles, so you can have one for home, work, and a spare for public APs. How you use these profiles is up to you, so chose which one you want to setup, and click it. -------------------------------------------------------------------------------- - 2.2.2 Step 2 - -------------------------------------------------------------------------------- Here you must choose how you want to configure your DS. Either Automatically, Manually, or with an AOSS device. Let's talk a bit about each one, and give an example setup. -------------------------------------------------------------------------------- - 2.2.2.1 Automatic Configuration - -------------------------------------------------------------------------------- This is the mode most people are looking for; this will enable you to get online with your DS with almost any WiFi router out there. At home or away, if you want to get online with the DS, this is the first part of the configuration you are going to be looking at. To enter this mode, click on the button, "Search for an Access Point". You should then get the message "Searching for an access point..." along with a noise. This will take a few seconds, and afterwards, you will be presented with a list of all the AP's detected (if any were found). For each AP, you will see three pieces of information: The first, and perhaps most relevant is the name of the WiFi network, or SSID. This is the name that was given to the network to help identify it. You will be using this name to figure out what device you are actually connecting to. Second is an image of a lock. Very simply, if the lock is open, there is no encryption on the network and you will be able to immediately connect to it. If the lock is closed, that means encryption is in place. The lock can be two different colors. Red indicates WEP, which means you will need the WEP key for that network if you want to connect to it. The lock could also be gray, which means the network is using WPA. At this time (more on this in my "Thinking out Loud" section), WEP is the only supported form of encryption for the DS, so if you see a gray lock, you cannot connect to that network. The last piece of information is a simple indication of signal strength. This should be pretty simple for most people to decipher, since it is very similar to the signal strength indicator on cell phones. The more bars, the better the signal. Additionally, the icon itself will be green, yellow, or red, indicating the condition of the connection. Green is obviously the best, and red is either very low, or no connection at all. You might as well ignore any APs that show up consistently as red, as it is likely the signal is not strong enough to connect. Now that we know what all that means, take a look at the list and decide which one you want to connect to. Simply click on it, and it will automatically setup the connection. If a WEP key is required, a prompt will come up asking you for it. You will then see a message confirming that the setup has been saved, and then it will ask to run a Connection Test (Step 3). Assuming everything worked and you have a good signal, you should get a message saying "Connection Successful" and it should return to the main WiFi setup menu. If you got this message, you are ready to play online. Now, this is obviously the easiest and most applicable of the connection options. However, it depends on a few things which may be a problem depending on the network setup. First, it depends that the network you are connecting to has SSID Broadcast enabled. This is not always true, as many people chose to cloak their SSID to make it less obvious to other WiFi users. Second, this depends on a DHCP server on the network. A WiFi router contains a DHCP server element (though it might not be enabled on the particular router you are connecting to), but a more advanced network, using WiFi APs and not consumer-type hardware may or may not have network-wide DHCP enabled. If you fall into a group where either of these is a problem, then the next option is for you. -------------------------------------------------------------------------------- - 2.2.2.2 Manual Configuration - -------------------------------------------------------------------------------- This mode is for more advanced setups. Probably 80% of users will not need this option, but for those of us that do, be glad it is here. To get here, get yourself to Step 2 as described earlier, and click on "Manual Setup". I assume that if you are at this screen, you already know what you are doing. You know what an IP address is, you know what a subnet mask is, and you don't need to waste time reading detailed explanations about them, and I certainly don't need to waste time writing them. If you do need a more detailed explanation about these terms than I am giving here, take a look at the "Networking Glossary". You are given the following options in the Manual Setup: +------------------------------------------------------------------------------+ | Setting | Description | +------------------------------------------------------------------------------+ | SSID | This is the name of the WiFi network you | | | want to connect to. | |------------------------------------------------------------------------------| | WEP Key | Enter the WEP key here, if WEP is enabled. | |------------------------------------------------------------------------------| | Auto-obtain IP Address | This gives you the option to disable or | | | enable DHCP. | |------------------------------------------------------------------------------| | IP Address | This allows you to manually assign an IP | | | address for the DS to use. | |------------------------------------------------------------------------------| | Subnet Mask | This allows you to manually assign the | | | subnet mask for the DS to use. | |------------------------------------------------------------------------------| | Gateway | This is the IP for whatever router you are | | | using to connect out to the internet. | |------------------------------------------------------------------------------| | Primary DNS | These options allow you to assign | | Secondary DNS | primary and backup DNS servers. | +------------------------------------------------------------------------------+ At the top there is also a button labeled "Test Connection" which you can use to make a quick check of the current settings. At the bottom there are buttons to Cancel and Save Settings. When you choose Save Settings, you will be prompted to perform a Connection Test (Step 3), let it run, and if it passes, you are ready to play online. Again, if you have gotten this far, you likely don't need any more guidance than that. The Manual mode is a nice addition for advanced users, but does lack MAC Spoofing and Proxy support, which might be a problem for some people. -------------------------------------------------------------------------------- - 2.2.2.3 AOSS Configuration - -------------------------------------------------------------------------------- AOSS (AirStation One-Touch Secure System) is a system designed by Buffalo Technology to automatically setup a secure WiFi connection. This attempts to address a major problem with WiFi technology, or perhaps more accurately, the use of WiFi technology. Due to the popularity of WiFi, it is in use by many people who do not really understand the technology and how to properly use it. This has lead to literally millions of insecure WiFi networks all over the world, posing a massive security risk for individuals, businesses, and indeed, the Internet itself. To use the AOSS feature, your router needs to support AOSS. I'll save you the time of doing the research, and tell you, it almost certainly does not support AOSS. AOSS is (at the time of this writing, and the time of the launch of Nintendo Wi-Fi Connection) a new, and fairly rare technology. Unless you have a very recent router from Buffalo Technology, you aren't going to have AOSS. But for those who do, or will in the future, here is a quick run down of the AOSS setup: Navigate to Step 2 as done before, and then click the button that says "AOSS". The DS will then begin scanning for a signal from the AOSS device. While it is doing this, go to your router and locate the AOSS button on the front panel. Hold the button down until it starts to blink, then let go. After a minute or so, the DS and the router should have worked out the proper connection settings, and the DS will inform you of this, and save the settings to the firmware. Again, like in the other modes, it will also prompt you to start a Connection Test. If the Connection Test is successful, you are ready to play online. -------------------------------------------------------------------------------- - 2.2.3 Step 3 - -------------------------------------------------------------------------------- Step 3 is simply the Connection Test that the DS WiFi setup program runs after you configure any WiFi connection. In this Step, the DS will test the WiFi connection by first associating with the AP, authenticating, and then contacting the Nintendo Wi-Fi Connection servers. You have no control over any of this, and if all goes well, Step 3 should simply say "Connection Successful", and return to the main menu. If any part of the test fails, it will give you a fairly detailed error message about what exactly it failed to do, and will also give you contact information for Nintendo of America. In addition, it may give you an error code that you can put into a form on NintendoWiFi.com and try to find a solution there. The vast array of problems that can come up with WiFi and all the error codes and messages the DS may display are well beyond the scope of this document. The only thing I can tell you is that the DS does at least tell you what it failed to do, so you at least have a place to start your troubleshooting. -------------------------------------------------------------------------------- - 2.3 Configuring a Connection with the Nintendo Wi-Fi USB Connector - -------------------------------------------------------------------------------- Nintendo realized that as common as WiFi is today, there are still many people that do not have access to it, and are intimidated by technology too much to try and setup their own router just to use the Nintendo Wi-Fi Connection. Because of this, Nintendo has developed the "Nintendo Wi-Fi USB Connector". This device is a USB WiFi adapter that can be used to get the DS (and only the DS) online without the luxury of a real WiFi router. This is great for some people, but it's relatively high price and OS requirements have left quite a few people unhappy with it. To use the Nintendo Wi-Fi USB Connector, we don't go through the usual steps to configure the WiFi. Instead, from the the WiFi setup, click the button that says "Connect to your Nintendo Wi-Fi USB Connector". You will be prompted to setup the Wi-Fi Connector on your computer, and to press A once you have done so. You should already have the Connector setup on your computer, but if you have not, then jump to Section 3.2 and read how to do so. If you have your Connector setup already, then just keep reading here. Press A on the DS to connect it to the Wi-Fi Connector. After a few seconds, you should get a pop-up on your computer saying that a user wants to connect to the Nintendo Wi-Fi Connection. Open up the Registration Tool by double clicking the WFC logo, and you will see a list of DS's that are trying to connect to your computer. To identify individual DS units, the list shows the nickname that the user entered on that DS. Simply right-click on the DS you want to manage, and either Allow or Deny access for that DS. After granting permission for the DS, you will see a message on the DS that says it has saved the configuration options, and it will ask you to run a Connection Test, as usual. If the test passes, you are ready to play online. One note on the Wi-Fi Connector, you can only have 5 people connected up to the computer at once. This is probably not a problem for most sane individuals, but it is still something that should be noted. -------------------------------------------------------------------------------- - 2.4 Wi-Fi Connection Options Menu - -------------------------------------------------------------------------------- Here I will briefly describe the functions that are available under the "Options" menu on the main screen on the "Nintendo Wi-Fi Connection Setup" program. -------------------------------------------------------------------------------- - 2.4.1 System Information - -------------------------------------------------------------------------------- On this screen, you will see both the DS's hardware MAC address, which you may need if you are using MAC filtering on your AP. Under this, you will see your DS's Nintendo Wi-Fi Connection ID, which is a unique ID created for your DS the first time it logged onto the WFC. It is what identifies your system and links it with your "My Nintendo" account for stat tracking. -------------------------------------------------------------------------------- - 2.4.2 Erase Nintendo WFC Configuration - -------------------------------------------------------------------------------- As the name implies, this option will completely erase all of the WiFi settings on your DS, as well as your WFC ID. You will only want to use this option if you are selling the DS, or want to completely start over with your WFC career. *IMPORTANT* Once deleted, there is no way to restore this information or your WFC ID. -------------------------------------------------------------------------------- - 2.4.3 Transfer Nintendo WFC Configuration - -------------------------------------------------------------------------------- Since WFC identifies users based on their WFC ID rather than the standard username and password combination, once you sign on to WFC with a DS, that must be the DS you use at all times, or else your stats will not be kept track of. This however causes a problem if you ever want to get a new DS. Thankfully, Nintendo saw ahead and added this feature, which will allow you to transfer your WFC ID and settings to another DS. Let's call your old DS with your WFC information "DS A", and the new DS that you wish to transfer the information into, "DS B". Start DS A with a WFC game, get into the "Wi-Fi Connection Option" menu, and select "Transfer Nintendo WFC Configuration". The DS will then show you some information about what you are about to do. Hit "OK" on both of these screens. Now, on DS B, start the system and go to "DS Download Play", you should see "Nintendo WFC Configuration Transfer" come up. Select it and press "Yes" to download it into your system. Back on DS A, you must select "Yes" to transfer the information into DS B. If there is already WFC information on DS B, it will warn you, and you will have to hit "OK" to overwrite it. After that, the transfer will begin. This should take around 30 seconds. After the transfer, select "OK" on both DS A and DS B, which will save the changes and shut down both systems. As far as WFC is aware, DS B has now taken the identity of DS A. Your WFC ID has been transferred, as well as your configured WiFi profiles. All of your Friend Codes will still be valid, and your new DS will also remain linked to your "My Nintendo" account. *IMPORTANT* Transferring the WFC settings from one DS to another permanently deletes the information from the old DS. Only transfer WFC settings if you are sure that is what you want. ================================================================================ = 3. Setting Up Your Own AP (Basic) = ================================================================================ For the vast majority of computer users out there, there are two main options for setting up your own AP in your home. You can either buy a wireless router (or a stand-alone AP to add to your current wired router) or buy the Nintendo Wi-Fi USB Connector. Personally, for many reasons, I would suggest the router. Not only does it add a hardware firewall to your network, it is a much more capable device for the price, compared to the fairly high price of the Connector, which can't be used for anything else. Also, the router is independent of the OS on the computers it is connected to, which means people running Linux, Mac OS, and older versions of Windows, can all use the router along with your DS. But regardless, I must be objective as possible, and describe all possibilities, so in this section we will cover the two major options. -------------------------------------------------------------------------------- - 3.1 Using a WiFi Router - -------------------------------------------------------------------------------- Not to get into a rant here, but the device you know as a router isn't actually a router. The average SOHO (Small Office Home Office) "router" is a combination of 2 or more devices. In the case of a wired router, it is a combination of an actual router, and a 10/100 switch. In the case of a WiFi router, then you are talking about a device made up of a router, a 10/100 switch, and a WiFi AP. Not to shatter your world perspective there, but I wanted to at least clear up the misconception. It is just easier to market these combination devices as "routers" to the public. It is also easier to type router than to type out what it really is, so I might as well refer to it as such as well. First of all, there is no way I can adequately describe the setup of every WiFi router out there. There are just too many brands, models, and options. What I can do is point you to the official list of tested routers by Nintendo: http://nintendowifi.com/customersupport/supportedRouters.do If you don't have a WiFi router, and want to get one to use the Nintendo Wi-Fi Connection, this is a good a place as any to check for suggestions. Linksys makes the best consumer-grade routers available today, so if you are going to buy a router, do yourself a favor and get yourself the Linksys WRT54G. Yes, there are cheaper routers, and those routers are almost all of the ones with a low rating. You get what you pay for, plain and simple. As for setting up each router, Nintendo has already done that work for you as well: http://nintendowifi.com/consumerservice/routerSetup.do Beyond that, there is not much I have to say about this part. Nintendo has already done a far better job then I can testing routers and detailing their setup. Follow their guides, and you will have no problems. -------------------------------------------------------------------------------- - 3.1.1 Using a Stand-Alone AP - -------------------------------------------------------------------------------- I felt this was better suited as a note to the main router section since they are so similar in concept. As I talked about in the beginning of this section, the normal consumer grade "wireless router" is a combination of many networking devices, including a WiFi AP. So then as you may have guessed, it is possible to get a wired router, and buy an add-on AP to give the router WiFi capabilities. This is a good concept, but in the real world is not terribly practical. The problem here is that most WiFi APs worth buying (or in other words, aren't trash) easily cost as much if not more than a brand new SOHO router. In addition, Nintendo has done no testing with these devices, nor have they detailed setup guides for the different models and brands of them out there. That means that if you choose to go this route, you are not only likely to pay more than you have to, but you have no assurance the end result is going to work, and are completely alone on the setup. If you can, do yourself a favor, and buy a complete WiFi router. -------------------------------------------------------------------------------- - 3.2 Using the Nintendo Wi-Fi USB Connector - -------------------------------------------------------------------------------- The setup for the Wi-Fi Connector is pretty straight forward, there isn't a whole lot you need to do, or much that can go wrong (as long as you follow all of the directions, anyway). The most likely problem you will face is if you use a software firewall. You will need to allow the Wi-Fi Connector software though the firewall, but unfortunately some of these products do not work properly with the Wi-Fi Connector, and so that isn't always possible. Due to the amount of firewall products out there, I can't advise on how to correctly configure each one to work with the Wi-Fi Connector software. You will have to check the help files, or the developer's website, to find out how to allow programs though the firewall, and what (if any) adjustments need to be made for the Wi-Fi Connector to work with it). The Nintendowifi.com website also contains some information on software firewalls which might help you if you run into a problem. -------------------------------------------------------------------------------- - 3.2.1 Requirements - -------------------------------------------------------------------------------- There are a few requirements you need to meet to be able to use the Wi-Fi Connector. Check to make sure your setup is compatible before you purchase, or try to install, the Connector. You will need: Broadband Internet Windows XP USB 2.0 A few notes on these requirements: The source of the Internet connection does not really matter. Technically, it doesn't even have to be broadband. All that matters is you have a network interface on your machine that can connect out to the Internet in some way. This interface can also be wired or wireless. So for example, if your router is not compatible with the DS, but you have a laptop equipped with a wireless adapter and a free USB port, you could use the Connector with that to get the DS online. Windows XP is required for the Wi-Fi Connector to work. It does not work on any other version of Microsoft Windows. Be sure you understand this before you purchase it. The Wi-Fi Connector does not work with USB 1.0 or USB Hubs. Be sure you have one free USB 2.0 port before you purchase the Connector. The Connector comes with a USB extension cable, so don't worry if your only free port is in the back of the computer, you can use the extension cable to bring the actual Connector to the front of the machine. If you do not have USB 2.0 in your computer, you can purchase a USB 2.0 PCI card for around $20 - $30 at most retailers, such as Radio Shack, CompUSA, or BestBuy. -------------------------------------------------------------------------------- - 3.2.2 Pre-Installation - -------------------------------------------------------------------------------- Before you do anything, go to the Nintendowifi.com site and download the latest version of the Wi-Fi Connector software. The version on the CD that came with your Connector is likely out of date, and there are important fixes in the latest versions. The latest version of the Wi-Fi Connector software can be found at the following address: www.nintendowifi.com/consumerservice/downloads/Nintendo_WFC_USB.zip Don't insert the Wi-Fi Connector until the installation process tells you it is time to. If you plug the Connector in first, it will start the "New Hardware Wizard", and it will not be able to find the appropriate drivers. You will want to make sure ICS is not already setup and in use on your system. By default it is not, and unless you specifically setup ICS on your machine before, it will not be running, and there should be no problem. The Wi-Fi Connector documentation recommends that if your computer is connected to a router with an IP of 192.168.0.1 or 192.168.1.1, that you should change the router's IP to 192.168.2.1. Personally, I don't understand why they recommend this, since the Wi-Fi Connector sets up an IP range that isn't even in the 192.168.x.x range. When I did the research for this section of the Guide I did it with my main router at 192.168.1.1, and had no problems at all. Still, Nintendo recommends it for whatever reason, so I mention it in case anyone actually has a conflict with their router at those IPs. Now that you have checked your system to make sure it meets the requirements, and completed the pre-installation steps, you can continue on with the actual installation. -------------------------------------------------------------------------------- - 3.2.3 Installation - -------------------------------------------------------------------------------- You should have downloaded a file named "Nintendo_WFC_USB.zip". Inside this archive there will be a folder called "NintendoWFCReg", extract this to the Desktop. Open the folder you just extracted, and double click the "Setup.exe" file inside to start the installer. You will see a welcome message and a warning that firewall or anti-virus software could effect the Connector. Click OK. You will then be shown a box that contains multiple languages. Highlight the language you want the installer to continue in, and click OK. Let the installer run for a bit as the progress bar fills. After a minute or two, the installer will ask you to plug the Connector into the computer. The installer does not make a noise or have a pop-up to tell you to do this, so if you aren't paying attention, you can miss this line, and the installer will just sit there doing nothing. I know I missed it the first time I installed the software. Once you plug in the Connector, the message on the installer should change, and the progress bar will start moving again. The "Found new hardware" pop-up will also come up, as well as a few other windows that involve the installation of the drivers. You don't have to do anything with these other windows or pop-ups, the installation software will take care of it all, just ignore them. At this point, the light on the Connector should be blinking. After the windows about the new hardware, you should also see a message about the computer finding a new network device. Ignore this as well. Around this time, the installer will say it is setting up ICS. Soon after, the installation will finish, and the installer will say "Setup Complete". Click OK to exit the installer. You may now delete the "NintendoWFCReg" folder if you wish. After closing the installer, the registration tool should start in the task bar, which appears as the WFC logo. At this point, the installation of the Nintendo Wi-Fi USB Connector is complete. You will now need to setup and register your DS systems with it to play online. Read Section 2.3, "Configuring a Connection with the Nintendo Wi-Fi USB Connector" to find out how to register your DS with the Wi-Fi Connector. -------------------------------------------------------------------------------- - 3.3 Nintendo Wi-Fi USB Connector Versus Wireless Router - -------------------------------------------------------------------------------- For users who want to get online with the DS as quickly and as easily as possible, both a standard wireless router and Nintendo's proprietary soft AP are the best options. They are both priced close enough for cost not to be an issue (at the time of this writing), and they both achieve the same end goal to the user, to get the DS online within only a few minutes, and with minimal setup and technical knowledge required. But are they really so similar? While the end result of both options is the same, there is a bit more to consider in the larger picture. In this section, I am going to point out a few of the major differences between the Wi-Fi Connector and your average wireless router. While everything in this section might not be immediately obvious, it is all well worth considering when you are making a decision about which device to invest in. -------------------------------------------------------------------------------- - 3.3.1 Compatibility - -------------------------------------------------------------------------------- Device compatibility is one of the largest differences between the Wi-Fi Connector and a wireless router. For many people, this might be the deciding factor as to which device they go with. A wireless router is more compatible than the Wi-Fi Connector on multiple levels. The first, and most obvious, compatibility difference between the two is that the Wi-Fi Connector only allows Nintendo products to connect to it (DS and Wii), while a wireless router will work with any WiFi device. Now, it is possible to hack the Wi-Fi Connector (as will be explained later in this Guide), but doing so is fairly difficult, and takes a bit of time. It is much easier to just get a router in the first place, and save yourself the trouble if you want to use other WiFi devices besides the DS. The second compatibility issue is that of the operating systems required on the computers in the network. For the Wi-Fi Connector, you are limited to Windows XP to configure and run the wireless network. Not only that, but the Wi-Fi Connector also requires software to be installed on the host computer, so you can't just plug it into a random computer and get the DS online. However, if you use a wireless router, there is no OS requirement at all, in fact, you don't even need a computer beyond the initial router setup. Even then, all you need is a device with a decent browser. This is because the router works on the hardware layers of the OSI model, while the Wi-Fi Connector operates on the software OSI layers, and as such requires a computer to do much of the work for it. Any device that utilizes TCP/IP and/or WiFi can communicate and use a wireless router. So if you are running Linux or Mac OS, or you just want to get other devices online (PDA, PSP, etc), then you should get a wireless router rather than the Wi-Fi Connector. -------------------------------------------------------------------------------- - 3.3.2 Security - -------------------------------------------------------------------------------- While the wireless router clearly has the upper hand in terms of compatibility, in terms of security, it is harder to declare a clear winner. Both devices are excellent in their respective strengths, it just happens those strengths are completely different between the two. In terms of WiFi security, the Wi-Fi Connector has the router beat. While many methods of securing a WiFi network are detailed in the Network Security section, the fact remains that WEP is a fallible technology. The Wi-Fi Connector on the other hand, uses a completely proprietary and unique challenge-response system, that as of this writing, has not been exploited. The bottom line is, at this point in time, WEP can easily be cracked, but the Wi-Fi Connector's user registration system can't. However, it isn't as clean cut as all that. While the Wi-Fi Connector wins out on wireless security hands down, the wireless router has the considerable advantage of including an inbound firewall which will protect any device connected to it. This will protect your network from Internet attacks, such as worms and malicious crackers. The Wi-Fi Connector offers no firewalling ability at all. So in the end, it depends on where you think you are most likely to be attacked. If you value wireless security, get the Wi-Fi Connector, but if you are more concerned with keeping your network secure from the Internet side, get the wireless router. -------------------------------------------------------------------------------- - 3.3.3 Efficiency & Convenience - -------------------------------------------------------------------------------- Few people ever think of this aspect of the debate, but it is certainly an important one to consider. In terms of energy efficiency, the Wi-Fi Connector is terrible, as it requires a computer to operate. This means that any time you want to play online with the DS, you will have to start your computer up (or keep it running). The computer can't even be in sleep mode, as that would stop the software from functioning. Clearly, this takes a lot more energy than the wireless router would. The router is a small, efficient device, that doesn't contain any moving parts. This means that not only will it only use a fraction of the electricity of the computer, but it will also be silent as it operates. A wireless router is designed to be turned on, configured, and left to run indefinitely. This is where the issue of convenience comes in. Let's say you are laying in bed, and decide you want to play a few rounds in Metroid before falling asleep. Well, if you are using the Wi-Fi Connector, you will have to get out of bed, start up the computer, play the game, then get back out to shut the computer down. On the other hand, with the router, you can play online at anytime without prior setup. The router is always up, so you can play whenever you want without having to worry about turning anything on or off. Obviously, in terms of both energy efficiency and convenience, the wireless router is superior. Convenience especially is important in relation to the DS, since the whole point of online games on a portable system is the ability to quickly and easily get into a match. -------------------------------------------------------------------------------- - 3.3.4 Verdict - -------------------------------------------------------------------------------- In all aspects beyond wireless security, the router is ahead of the Wi-Fi Connector. If all other traits are to be considered equal, and most of them are, then the clear winner in my humble opinion is the wireless router. Affordable, efficient, and reliable, a good router will serve you and your devices for years without you having to worry about it. Just make sure you get a quality router, configure it properly, and keep up on any firmware updates it may have, and you should have no problems. ================================================================================ = 4. Setting Up Your Own AP (Advanced) = ================================================================================ First of all, if you are this far in the Guide, welcome. My goal with the Advanced Section is just that, to detail much more advanced setups than what the average computer user would ever need, or likely even understand. Specifically, I am talking about software APs, or using an existing WiFi client device (USB, PCI, or PCMCIA WiFi card) as an AP that the DS can actually use to connect to the internet. The advantage of this is obvious, not only are you free of the Windows XP limitation of the official USB Connector, you are free to pay what you feel is fair. Personally, I did most of the research and testing for this Guide using a PCMCIA 802.11b adapter that I bought for $4 from eBay. For all of these setups, you will only need three things; a WiFi device with fairly good drivers, a broadband internet connection, and an Ethernet card. I hope this section is of use to those who are advanced enough to know the official USB Connector is not some magical device, but not quite advanced enough to actually get a standard WiFi adapter working, or perhaps just don't want to have to do it without some guidance. -------------------------------------------------------------------------------- - 4.1 Configuring a Software AP in GNU/Linux - -------------------------------------------------------------------------------- There is little surprise I chose to cover GNU/Linux first. This was originally the whole goal of this document. Besides that, Linux is without a doubt the most capable OS mentioned in this document when it comes to networking. All of the following has been tested with my own hardware and on my own network. Everything I put down here has worked for me, and should work for you as well. My test setup is a laptop running Slackware 10.2 with kernel release 2.6.10, on the hardware side, I am using a PCMCIA WiFi card with an RTL8180 chipset. I am using the card with unofficial open source drivers written by Andrea Merello. Much like in the Manual Configuration Section, in the Linux Section, I am not going to go into painful detail about everything. If you have managed to install a fairly advanced Linux distribution and are reading this document from there, you probably don't need much help from me. -------------------------------------------------------------------------------- - 4.1.1 WiFi Options in GNU/Linux - -------------------------------------------------------------------------------- I also then suspect you know the situation of WiFi in Linux. Namely, the poor hardware support that comes from manufacturers not wanting to release documentation on their hardware. This leaves Linux users with 4 options when it comes to WiFi drivers. 1. Binary Linux Drivers ------------------------ These are bad because they are statically compiled against a certain kernel release and build. That might be fine if you are running that identical setup, but a lot of us are not. It is nice that the manufacturers went ahead and worked out a binary driver release for their hardware, but it is far from ideal. 2. Unofficial Open Source Drivers ---------------------------------- Now we are talking. These are drivers created by individual users or groups of users that wanted no more than to have their WiFi hardware work. These are usually not quite as stable as more "mature" projects, but are almost always better than using a binary Linux driver. These projects may or may not be part of the official kernel tree, so you might need to compile and install them yourself. 3. Official Open Source Drivers -------------------------------- These are similar to the second option, but are maintained by larger teams, or even the manufacturer of the device itself. These are usually part of the official kernel tree, so your distro might already have these installed, and if not, you can easily compile them from the official kernel tree. 4. Windows Binary Drivers through Ndiswrapper ---------------------------------------------- Ugh. This is the bottom of the barrel here. You use this right before you just run a really long network cable to your laptop. To give the developers credit, Ndiswrapper is an absolutely incredible piece of software; to be able to take drivers from Windows and use them in a completely different OS is an amazing achievement. But at the same time, it can be very unstable, and often not all features of the card are workable through Ndiswrapper. WiFi drivers in Linux are enough to write a whole other Guide on, I can't possibly go into it here. All I can say is find a card that works with either option 2 or 3. If you can't do that, or already have a card that is supported through 1 and 4, give the following a shot, but I can't make any promises. On that same note, this entire project hinges on the ability of your WiFi card's drivers to operate in Master mode. I can't speak for all cards, but most of the drivers I have used in Linux have supported this. You should check the documentation included with the drivers to find out if your setup supports it. In addition to the WiFi drivers, you are also going to need to have the Wireless Tools package installed. This will vary with distro, but nearly all distros should have this available by now. -------------------------------------------------------------------------------- - 4.1.2 Setting up the Hardware - -------------------------------------------------------------------------------- The easiest part of this process is setting up the WiFi adapter as an AP. Again, this feature depends on the driver itself, so if you get an error message when running any of these commands, you are going to want to do some research and figure out where your drivers stand on Master mode. Also, before you go any farther, if you have not already, you should really check the WiFi setup on your computer to make sure it is working properly. Connect to a known AP, do some scanning, etc. Make sure you have a stable system before you start trying to get into a more advanced setup like this. I am going to give sample commands, and then describe what each one is doing and why. At the end of this part of the Guide, I will be putting together a sample start up script that you can use on your system with a little modification. For this Guide, I will be using the most common interface names. Namely, the WiFi device will be known as wlan0, and the Ethernet device will be known as eth0. The first and most important thing you need to do is to set the WiFi device into Master mode. To do this, you are going to want to run the following command: bash# iwconfig wlan0 mode Master This will put the WiFi device at wlan0 into Master mode, or in other words, an access point. To be able to connect to this AP though, we need to give it some more information. Let's start with the SSID: bash# iwconfig wlan0 essid "LINUX_AP" The SSID can be whatever you chose. Choose something that is short and easy to remember. The DS is a bit picky as to what it wants to connect to, so the following two commands will setup the AP in a way the DS will accept. bash# iwconfig wlan0 channel 6 bash# iwconfig wlan0 rate 2M This puts the channel to 6, and the rate to 2 Mbps (more about that in "Thinking out Loud"). Channel 6 is fine for the US, but in other countries, WiFi APs run on different channels, so you may need to adjust the channel based on your region. And that's it; your hardware is now setup. Follow Section 2.2.2.1 to scan for an AP. You should see the AP you just created on the list. Click on it to connect to it. ... And then watch as it shows an error message. Why does it show an error message you ask? That is because while we have setup the hardware, we have not setup the network to actually route traffic over the connection. We have only won half the battle. But we now have an AP that the DS sees and will connect to, so we are almost there. Let's now go over your options for the software setup. -------------------------------------------------------------------------------- - 4.1.3 Setting up the Software - -------------------------------------------------------------------------------- Next, we are going to go over some of the required and optional software configurations to actually get the DS online. For the purposes of this example, we are going to assume that you already have a working internet connection in place through your Ethernet card, either by being directly connected to a wired router, a broadband modem, or some other network. -------------------------------------------------------------------------------- - 4.1.3.1 IP Ranges - -------------------------------------------------------------------------------- You will need to decide what IP range to use for your new wireless network. You will need to use an IP range that is both in the Class C range and is NOT the range your computer's Ethernet card is in. A good range that follows these rules is 192.168.2.x. Most routers are setup to use either 192.168.0.x or 192.168.1.x, so 192.168.2.x should be out of the range that any router would have assigned. So for this document, I will use 192.168.2.x as the IP range for the DS. If this does not fit your network for whatever reason, you can of course change this, but keep in mind the two rules you must follow. To setup your AP with the new IP, run the command: bash# ifconfig wlan0 up 192.168.2.1 This will now bring up TCP/IP on the AP, and give it the IP 192.168.2.1. Now that we have an IP for this device, let's get the rest of the networking sorted out. -------------------------------------------------------------------------------- - 4.1.3.2 Routing - -------------------------------------------------------------------------------- The next thing you need to get setup is a route between your Ethernet connection and the WiFi AP you just created. To do this, we will be using something called IP masquerading or NAT (Network Address Translation). This allows one computer with an internet connection (our newly created AP) to share that internet connection with many clients. To do this in Linux, you will need to use iptables. To use iptables, you will need to be running a kernel release of 2.4.x or above. Many distros are shipping with 2.6.x at this point, and all of them (that I know of) are using at least 2.4.x. So you should have no problem here. The following commands will setup NAT between eth0 and wlan0: bash# iptables --table nat --append POSTROUTING -o eth0 -j MASQUERADE bash# iptables --append FORWARD --in-interface wlan0 -j ACCEPT bash# echo 1 > /proc/sys/net/ipv4/ip_forward We now have a connection bridged between your computer's internet connection, and the WiFi AP. Next up, we need to give the DS an IP. To do this, we have two options, either setting up the DS manually, or using DHCP. As manual configuration is the quicker of the two, let's cover that first. -------------------------------------------------------------------------------- - 4.1.3.3 Static IP - -------------------------------------------------------------------------------- To setup a static IP, we will need to follow Section 2.2.2.2 of this Guide. To get the DS connected in our example setup, enter the following information: SSID LINUX_AP IP Address 192.168.2.2 Gateway 192.168.2.1 Primary DNS/Secondary DNS For these, you will need to input the IP's of your ISPs DNS servers. After entering this data, save the configuration and let it run the Connection Test. If everything has gone well so far, it will pass. Congratulations, you have just setup a basic software AP, and avoided having to buy a proprietary device! Hooray for open source! -------------------------------------------------------------------------------- - 4.1.3.4 DHCP - -------------------------------------------------------------------------------- To use DHCP, you will need to have the DHCP server installed on your machine. The easiest way to check this is to run "which dhcpd", which should give a response like: bash# which dhcpd /usr/sbin/dhcpd If you get that message, your system already has the DHCP server installed. If you get an error, then you will need to install it. The installation process will depend on what distro you are running, so consult it's documentation to find out how to install the DHCP server package. Now that we have the DHCP server, we will need to feed it a configuration file so it can setup a DHCP pool to use. Take a look at the following section to see the complete DHCP configuration file. -------------------------------------------------------------------------------- - 4.1.4 The Complete DS_AP Script - -------------------------------------------------------------------------------- So here it is, the complete script that will automatically give you a AP that you can connect to with your DS. The reason I give this last and detail everything first, is that I want you to understand what is going on here, so that you can fix any problems that may come up. I also want you to understand the requirements for this script to work (see Section 4.1.1, "WiFi Options in GNU/Linux"). If you think you have everything you need, then copy the following text to a file named "DS_AP.sh" #!/bin/sh # # DS_AP VER="Version 2.1" # A script to startup a software AP for the Nintendo DS # Written by TJ Nardi for the DS Wireless Networking Guide # Send bugs, questions, and comments to MS3FGX@gmail.com #-CHANGELOG- # v2.1, Backported features and fixes from Wii_Route # v2.0, Moved to modular design, complete code overhaul # v1.2, Checks to make sure user is root before running # v1.1, Added DHCP client support for NIC # v1.0, First Release #--------------------------User Configuration Section--------------------------# # DHCP Configuration: # Disable/enable DHCP server (0 = disable, 1 = enable) # Enable this if you want to automatically configure your DS with correct # TCP/IP information. USEDHCP=1 # DHCP configuration file # If you want DHCP support, you need this file. You need to give both the # path and file name. The default is "DS_DHCP.conf", located in the current # directory. CONFFILE=./DS_DHCP.conf # Hardware Configuration: # WiFi Interface # This is the WiFi card that you will use to share the connection to the # DS. It must be capable of going into Master mode. Use the test mode to # make sure your hardware is compatible. WLAN="wlan0" # Source Interface # This is the interface connected to the Internet. It can be any interface # on your machine, but will usually be eth0 (the primary Ethernet card). SRC="eth0" # Bring up source with DHCP before starting AP (0 = disable, 1 = enable) # Enable this if you want the source interface to be configured with DHCP # before the script runs. Usually you don't need to do this. SRCUP=0 # DHCP hostname (only used if above is enabled) # If you want DS_AP to configure your source interface with DHCP, this will # be the hostname it sends to the DHCP server. Useful if you want to see # this machine in your router's DHCP logs. DHCPHOST="LINUXAP" # WiFi Configuration: # SSID # The name that your new wireless network will go by. If you don't see this # come up when you are searching for an AP, something is probably wrong. SSID="LINUX_AP" # Channel # 6 should be a safe default, but if you get interference, you might want # to change it to something else. CHANNEL=6 # IP # This is the IP address given to the WiFi Interface. The default should be # fine, you shouldn't change this unless you know what you are doing. IPADDR="192.168.2.1" #-------------------------No need to edit past this line-----------------------# # Values for debug MODE="Master" RATE="2M" DHCPTIME=20 ErrorHandler () { # Takes two arguments. The first is the form of error, the second is # the actual error text to display to the user. # Error text must be 52 characters long. if [ $1 == ERR ]; then # This is a critical error, game over. echo "" echo "+----------------------------------------------------+" echo "| ERROR! |" echo "| |" echo "|$2|" echo "| |" echo "| This is a critical failure. The script must abort. |" echo "+----------------------------------------------------+" # Bail out exit 2 fi if [ $1 == WARN ]; then # This is only a warning, we can continue after this, but things might not # work right. echo "" echo "+----------------------------------------------------+" echo "| WARNING! |" echo "| |" echo "|$2|" echo "| |" echo "| This is a non-critical failure. The script will |" echo "| continue, but may not operate properly. |" echo "+----------------------------------------------------+" fi } VerifyCommand () { # Checks to see if given command exists # First argument determines if it will print message, second is the # command to check if which $2 > /dev/null 2>&1; then if [ $1 == 1 ];then echo "OK" fi return 1 else if [ $1 == 1 ];then echo "FAILED" fi return 0 fi } ConfigSrc () { # Bring up source interface with DHCP VerifyCommand 0 ifconfig if [ $? == 1 ];then echo "Setting up ${SRC}..." echo " Checking if DHCP is running..." # Check if PID file exists, hopefully this catches all distros if [ -f /var/run/dhcpcd-${SRC}.pid -o -f /etc/dhcpc/dhcpcd-${SRC}.pid ] then # If dhcpcd has already been run on this interface, don't run it again ErrorHandler WARN " Interface already appears to be configured! " else # If dhcpcd has not been run, then run it now echo " OK, DHCP not running on ${SRC}" VerifyCommand 0 dhcpcd if [ $? == 1 ];then echo " Starting DHCP on ${SRC}..." # Get DHCP IP dhcpcd -t ${DHCPTIME} -d -h ${DHCPHOST} ${SRC} else # If dhcpcd is not found, print error message ErrorHandler ERR " dhcpcd not found! Please install it and try again. " fi fi else ErrorHandler ERR " ifconfig not found! Make sure /sbin is in your path" fi } ConfigWiFi () { # Setup the WiFi hardware VerifyCommand 0 iwconfig if [ $? == 1 ];then echo "Setting up ${WLAN}..." echo " +---------------------+" # Set mode if iwconfig ${WLAN} mode ${MODE} > /dev/null 2>&1; then echo " | Mode | ${MODE}" # Set SSID iwconfig ${WLAN} essid ${SSID} echo " | SSID | ${SSID}" # Set channel if iwconfig ${WLAN} channel ${CHANNEL} > /dev/null 2>&1; then echo " | Channel | ${CHANNEL}" else # Show a warning if card failed to change channels ErrorHandler WARN " Failure while attempting to change WLAN channel! " fi # Set data rate if iwconfig ${WLAN} rate ${RATE} > /dev/null 2>&1; then echo " | Rate | ${RATE}" else # Show a warning if card failed to change rate ErrorHandler WARN " Failure while attempting to change WLAN rate! " fi echo " +---------------------+" # Set IP for AP echo "" echo "Configuring TCP/IP..." VerifyCommand 0 ifconfig if [ $? == 1 ];then ifconfig ${WLAN} up ${IPADDR} echo " Interface ${WLAN} given IP of ${IPADDR}" else ErrorHandler ERR " ifconfig not found! Make sure /sbin is in your path" fi else # Show an error if card failed to go into master mode ErrorHandler ERR " This WLAN device will not work with DS_AP, sorry. " fi else ErrorHandler ERR " iwconfig not found! Is wireless-tools installed? " fi } StartNAT () { # Enable NAT through IPtables VerifyCommand 0 iptables if [ $? == 1 ];then echo "Setting up Network Address Translation..." iptables --table nat --append POSTROUTING --out-interface ${SRC} -j MASQUERADE iptables --append FORWARD --in-interface ${WLAN} -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward else ErrorHandler ERR " iptables not found! Make sure /sbin is in your path" fi } StartDHCP () { # Configure and start the DHCP server, if it has been enabled by the user VerifyCommand 0 dhcpd if [ $? == 1 ];then echo "Setting up DHCP Server..." # Make sure the server isn't already running if [ -f /var/run/dhcpd.pid ]; then ErrorHandler WARN " dhcpd is already running! " else # Check that config file is where it is supposed to be if [ -f ${CONFFILE} ]; then # Start dhcpd with WLAN interface and DS config file dhcpd ${WLAN} -cf ${CONFFILE} 2> /dev/null else ErrorHandler ERR " DS_DHCP.conf not found! Cannot configure DHCP! " fi fi else ErrorHandler ERR " dhcpd not found! Please install dhcpd and try again" fi } SystemTest () { # Run some basic tests to verify and hardware capability and system sanity clear echo "DS_AP Diagnostic Mode" echo echo "Hardware Configuration" echo "---------------------------------" echo "Source Interface: ${SRC}" echo "Destination Interface: ${WLAN}" echo -n "Checking for Master mode on ${WLAN}: " if iwconfig ${WLAN} mode master > /dev/null 2>&1; then echo "OK" else ErrorHandler ERR " This WLAN device will not work with DS_AP, sorry. " fi echo echo "System Checks" echo "---------------------------------" echo -n "Checking for ifconfig: " VerifyCommand 1 ifconfig if [ $? == 0 ];then ErrorHandler ERR " ifconfig not found! Make sure /sbin is in your path" fi echo -n "Checking for iwconfig: " VerifyCommand 1 iwconfig if [ $? == 0 ];then ErrorHandler ERR " iwconfig not found! Is wireless-tools installed? " fi echo -n "Checking for iptables: " VerifyCommand 1 iptables if [ $? == 0 ];then ErrorHandler ERR " iptables not found! Make sure /sbin is in your path" fi echo -n "Checking for dhcpcd: " VerifyCommand 1 dhcpcd echo -n "Checking for dhcpd: " VerifyCommand 1 dhcpd echo -n "Checking for DHCP Configuration: " if [ -f ${CONFFILE} ]; then echo "OK" else echo "FAILED" fi } # This is where execution actually starts. # Make sure the user is running with root permissions if [ "$UID" -eq "0" ] then # OK, the user has root permissions, let's get rolling... # Determine operating mode based on the argument used to start DS_AP case "$1" in 'start') # This starts DS_AP # Print the boilerplate clear echo "Nintendo DS WiFi Access Point Script, ${VER}" echo "-----------------------------------------------------------" echo "Starting..." echo # If enabled, setup source interface if [[ ${SRCUP} = "1" ]]; then ConfigSrc else echo "Skipping Source Interface Configuration..." fi # Setup WLAN echo ConfigWiFi # Start NAT echo StartNAT # If enabled, setup DHCP echo if [[ ${USEDHCP} = "1" ]]; then StartDHCP else echo "Skipping DHCP Configuration..." fi echo echo "DS_AP Started!" exit 1 ;; 'stop') # This stops DS_AP # Print the boilerplate clear echo "Nintendo DS WiFi Access Point Script, ${VER}" echo "-----------------------------------------------------------" echo "Stopping..." echo echo "Setting ${WLAN} to sane defaults..." iwconfig ${WLAN} mode managed channel auto rate auto 2>/dev/null echo "Done!" echo echo "Shutting down ${WLAN}..." ifconfig ${WLAN} down 2>/dev/null echo "Done!" echo echo "Shutting down DHCP server..." # Kill it, then remove PID, since it doesn't seem to do so on it's own killall dhcpd 2>/dev/null rm /var/run/dhcpd.pid 2>/dev/null echo "Done!" exit 1 ;; 'test') SystemTest ;; *) echo "usage: $0 start|stop|test" esac # If the user doesn't have root permissions, they end up here else echo "Sorry, you need to have root permissions to run this script." echo "Either login as root, or run this though sudo. If using sudo," echo "make sure /sbin is in your path." fi # EOF Now, you will want to make the file executable, so run the following command in the directory where DS_AP is saved: bash# chmod +x ./DS_AP.sh Now, for the DHCP section to work, you will need to have a DHCP configuration file. Paste the following lines into a file named "DS_DHCP.conf" and save it in the same directory as DS_AP (the location of the DHCP file can be changed in DS_AP if you wish). # DS_DHCP.conf # # A simple DHCP configuration file to go # with the DS_AP script. # #-CHANGELOG- # v1.1, Changed to public DNS servers, instead of Verizon's # v1.0, First Release # # Global Options # This line defines the DNS servers the DS will use # feel free to change these to those of your ISP option domain-name-servers 4.2.2.2, 4.2.2.3; ddns-update-style none; # IP Range subnet 192.168.2.0 netmask 255.255.255.0 { # This will allow for 50 clients range 192.168.2.100 192.168.2.150; option routers 192.168.2.1; } # EOF You will want to read over the top section of DS_AP and make sure those settings are correct in relation to your hardware and LAN setup. You have to make sure the AP IP is in a different IP range than your current network. I wrote the scripts to use the 192.168.2.x network, since I know of know home router that uses this network (they mainly use 192.168.1.x, and some use 192.168.0.x). If anyone has a home router that uses the 192.168.2.x network, please send me an email so I can modify the scripts to use something else. The top section of the script also lists a few optional features that you might want to use. The comments explain them pretty well I think, so just read what I have written before each setting, and you should be able to understand everything. Generally speaking, the default settings for both the IP ranges and features should work in most situations. Also, as with most things involving system configuration in Linux, you will need to run the DS_AP script as root, or at least though sudo. The script will warn you if you don't have the proper permissions to be running it. If you are using sudo, make sure that /sbin is in your path, as most of the system configuration programs needed are in there. As for the actual operation of DS_AP, there are three arguments that it will take which make it do different things. If you run DS_AP.sh without any arguments, you will get output that looks like this: bash# usage: ./DS_AP.sh start|stop|test Going over each mode briefly: Start: This starts the software AP with the settings defined inside of the DS_AP.sh file. Stop: This will return the WiFi card to normal operating mode, turn it off, and stop the DHCP server if you enabled it in the first place. Test: Handy for troubleshooting, this will run through some basic tests to see if you have all of the required programs installed, and if your hardware is configured properly. This will also test if your WiFi card supports Master mode. After you have the files installed and you think everything is correctly setup, run "DS_AP.sh" and see if you have any errors. You should also verify that the interfaces it is using are correct. If everything looks good there, run "DS_AP.sh start" and hope for the best. -------------------------------------------------------------------------------- - 4.1.5 Introducing linux_ics - -------------------------------------------------------------------------------- Since I originally wrote the "DS Wireless Networking Guide", my skills in both Linux and Bash scripting have increased many times over. While DS_AP is functional, it leaves a lot of room for improvement and falls a bit short in terms of usability. I wanted to make this brief addition to the Guide to mention the evolution of the DS_AP concept, linux_ics. With linux_ics, I tried to simplify the entire setup as much as possible and make it a little less intimidating. I will still leave all the info for DS_AP here in the Guide, but I invite anyone reading this document for the sake of setting up a soft AP on their Linux machine to give linux_ics a try. It can be found on my new website, DigiFAIL, at the following address: http://www.digifail.com/software/linux_ics.shtml As with all of my projects, any thoughts, comments, and input is greatly appreciated. -------------------------------------------------------------------------------- - 4.2 Configuring a Software AP in Windows - -------------------------------------------------------------------------------- The Windows soft AP section has proven to be quite an adventure. Originally, I had intended to find some method of using any garden variety WiFi adapter as a soft AP under Windows, like I had worked on for Linux. But as time went on, and the more research I did, I realized this was just not going to be possible. Microsoft, in their infinite wisdom, decided that including a comprehensive system for setting up WiFi cards was not important enough to include in Windows. Windows contains no built in method to put a card into Master mode, or setup a software AP even if it let you switch modes on the card. Instead, Microsoft just let the hardware manufacturers handle advanced setup in their own drivers. Not surprisingly, most manufacturers did not bother to include advanced features, and just went with the bare minimum. Most didn't even bother to create a configuration program for the card, and instead left it all to Wireless Zero Config. So after all my searching, I present you with the soft AP Guide for Windows, such as it is. -------------------------------------------------------------------------------- - 4.2.1 Supported Devices - -------------------------------------------------------------------------------- The Windows soft AP section will focus on devices using the RT2500 chipset, which is arguably the most popular soft AP capable device on the Windows platform. I can't even say that all cards with a RT2500 chipset work out of the box with these methods. In actuality, GigaByte created some advanced drivers and configuration programs for their own line of cards, one of which happened to be based on the RT2500. It is possible to take these drivers and configuration program and use them with other cards that are based on the RT2500 chipset. To find if your card uses the RT2500 chipset, or you are looking for a model to buy which has it, take a look at this list: http://ralink.rapla.net Any card that is listed under PCI or PCMCIA should work, but not USB. Luckily, the RT2500 chipset is pretty popular, and many cards use it. It is also used in a lot of budget priced hardware, so even if you don't have one, you can get one starting at about $15. In addition, in line with my original goals for this Guide, RT2500 devices can be used on every version of Windows from 98 SE upward. This section will focus on Windows XP, but the steps to configure a Windows 98 or 2000 machine will be very similar, and you should have no problem adapting the instructions here. Even though this section is only going to be discussing a single type of device, there are a few other chipsets that can be put into Master mode under Windows. I can't give you an exact number of cards out there that can do this, nor can I give you any way to tell for sure if the card will support it before you buy it. I do at least know that there are a few popular chipsets and adapters out there that are capable of it, such as Centrino. The best way to find out is to Google the model number of the adapter, and see if any mention of it being used as a soft AP comes up. Some sites also list soft AP capability on the product page for the adapter, so you might get lucky there. As I do more research and hear from people on the Internet, I will add any more compatible devices I find to Section 7.2, "Software AP Compatible WiFi Hardware and Drivers". If you do find a generic WiFi device capable of operating as a soft AP, all you should need to do is follow Section 4.2.3.2, "Configuring ICS". -------------------------------------------------------------------------------- - 4.2.2 RT2500 Driver Installation - -------------------------------------------------------------------------------- Assuming you have already confirmed your device is using the RT2500 chipset, you can now continue on with the driver installation and system setup. The first thing you need to do is uninstall the current drivers. It doesn't matter which drivers are currently installed, you need a completely clean slate to perform the rest of the installation steps. Windows will likely ask you to restart after the installation, so go ahead and let it do so. When the machine starts back up, you need to download and install the GigaByte soft AP drivers. At the time of this writing, they can be located here: http://tw.giga-byte.com/Support/Communication/Driver_Model.aspx?ProductID=955 In the event that the above link is no longer valid, then simply search the Gigabyte website for the "GN-WPKG" adapter, and navigate to their support page for it. Inside of the zip archive you will find a directory called "WPKG vx.xx", where "x" is the current version number (at the time of this writing, it is version 1.14). Extract this directory to your desktop; open the folder, and double click the "setup.exe" file inside to start the installer. The installation is fairly straight forward, there are no special adjustments you need to make or anything, so just let it go through with the defaults. As usual, Windows will tell you to reboot after the driver installation is done. After the computer has booted back up, you should see a new icon in your system tray. It will be a blue "G" with a signal indicator underneath. There is going to be a red "X" over the icon at this point. If you see that icon and Windows does not throw up any error messages, then the hardware setup for your RT2500 device is complete. Next we will need to configure the soft AP settings (using the software from the Gigabyte drivers) and then setup ICS, which will allow devices to connect to the Internet through your computer. -------------------------------------------------------------------------------- - 4.2.3 Software Configuration - -------------------------------------------------------------------------------- There are two phases to the software configuration in the Windows soft AP setup. The first phase is actually configuring the soft AP itself so that devices can connect to it. This includes the channel, operating mode, SSID, etc. This is the most basic part of the setup, if this is not done properly, your client devices may not even be able to see the soft AP, let alone connect to it. This part of the setup is also completely focused on the RT2500 line or devices, or more accurately, the software Gigabyte provides in their drivers for those devices. If you are using another soft AP compatible chipset, then you will need to adapt the information here to work with the software provided with your drivers. The second phase of the setup is installing and starting the ICS service. This is a basic form of routing and NAT which allows your computer to host an Internet connection for other devices to use. The configuration for ICS is very simple, and will work pretty much the same way on any Windows version since Windows 98 SE. The ICS configuration is also generic in the sense that it will work with any soft AP device you are using and is not dependant on the RT2500. If you are using a different device, then the ICS configuration is probably the only really useful thing here for you. -------------------------------------------------------------------------------- - 4.2.3.1 RT2500 Soft AP Setup - -------------------------------------------------------------------------------- Again, just to be clear, this section works only for devices using Gigabyte's soft AP drivers. While the general information here will be applicable to other devices, the actual configuration options and settings will likely be totally different. To begin the soft AP setup for RT2500 devices, we start by right-clicking on the wireless device's icon in the system tray. You will be presented with a menu asking how you want to configure the device. Select "Switch to AP Mode". If you don't have that option, go back to Section 4.2.2, "RT2500 Driver Installation", and verify you performed the driver installation properly. Once you have selected "Switch to AP Mode", a new window will come up called "Gigabyte SoftAP Utility". This is the program that you will be using for the rest of this section. It is how you configure every aspect of the RT2500 soft AP setup. There are a considerable amount of options in this program, but for the purposes of this simple setup we will only be going over the minimum settings required to get a connection working. If you want to explore more advanced options such as MAC filtering, then consult the Gigabyte documentation and Section 5, "Network Security" for details and more in-depth explanations. The first option you need to configure is "Wireless Mode". You need to set this to at least "802.11 B/G Mixed" for it to work, but if your device supports it, setting it to "B Only" would be a better choice. Next you will have the option for "TX Rate". You can leave this on "Auto" if you like, but setting it to "2 Mbps" would be better for device compatibility. If you set this to "Auto" and experience problems establishing or maintaining a connection, try changing it. You then have the option "Channel", which obviously changes the channel your soft AP will operate on. For the most part this doesn't matter, as long as there isn't interference or existing WiFi traffic to congest the channel you are trying to run on. To be safe, you should set this to either channel 1 or 11. These are rarely used by other devices, and don't overlap other channels in the WiFi spectrum. The final option you need to set is "SSID". This is important, as it is the name you are going to be looking for when searching for this network to connect to. The name itself does not matter, as long as it is something you can easily remember. Once you have made these changes, click "Apply" and then "Close". That completes the basic soft AP setup for the RT2500 device. This is not a secure setup by any means, only the minimum required to get a reliable connection to your device. If you want to enable more security on your soft AP, then take a look at the Section 5, "Network Security", which gives details on the various WiFi security mechanism's available to you, and their proper implementation. -------------------------------------------------------------------------------- - 4.2.3.2 Configuring ICS - -------------------------------------------------------------------------------- If you have made it this far, you should have already installed the correct soft AP drivers for your device, and configured it properly. To begin the configuration, you need to get to the "Network Connections" screen on your computer. Click "Start" then "Control Panel". When it opens up, click on "Network and Internet Connections". Finally, click on "Network Connections" down on the bottom. Here you will see all of the networking devices on your computer. The first thing you need to figure out is which network connection you are going to setup ICS on. This connection can be anything, a NIC connected to a router, a USB modem, it could even be a dialup connection. Any interface that is able to properly connect to the Internet can be used. Once you have determined which interface you are going to use, it is helpful to rename it to something you can easily remember, but it is not required to do so. Select the device you determined to be the one connecting you to the Internet, right click on it, and click on "Properties", then click on the "Advanced" tab. On this page you should see a heading called "Internet Connection Sharing". Under it, you will want to click the box next to "Allow other network users to connect through this computer's Internet connection". There is also an option that says "Establish a dial-up connection whenever a computer on my network attempts to access the Internet". If you are sharing out a connection from a dial-up modem, you will want to enable this. It allows your computer to automatically dial out and connect to the Internet whenever a device wants to get online. If you don't have this enabled, you will need to manually connect up to the Internet on the computer running ICS before you try to get online with a device connected to the soft AP. Now click on "OK". A message should pop up telling you that the NIC will take the IP of 192.168.0.1. Just click "Yes". This completes the soft AP configuration. Assuming your hardware device is working properly and you setup ICS correctly, you should now be able to connect to the Internet through your computer with any WiFi-enabled device. -------------------------------------------------------------------------------- - 4.3 Configuring a Software AP in Mac OS - -------------------------------------------------------------------------------- You know, it is actually pretty funny now that I think about it. Prior to this Guide, I had no experience with OSX. The last version of Mac OS I had used was around 7. But as I got more serious about the Guide, I realized that I could not write about Mac OS without having some hands on time with it...so I bought a Mac. Not a brand new one, mind you, but one new enough to run OSX. Still, the machine cost me more than the DS did in the first place, ironically enough. At any rate, setting up a soft AP in Mac OS is very easy. Without a doubt the easiest of the three operating systems covered in this Guide. You literally just need to click a few mouse buttons, and you are there. Still, there are some specifics you need to be aware of. Even though it seems simple, you will want to follow this section closely. -------------------------------------------------------------------------------- - 4.3.1 WiFi Options in Mac OS - -------------------------------------------------------------------------------- Let's face it, you didn't buy a Mac for the plethora of hardware the OS supports. But even so, Apple always seems to have a way of providing for the needs of it's users, and this situation is no exception. To create a soft AP in Mac OS, you need a computer that is equipped with an Airport card. My thoughts are a bit mixed on this stipulation. On one hand, you can only use a single card. Even Windows manages to do better than that. But on the other hand, it seems almost every new Mac built in the last few years ships with one of them. So there is a very good chance that if you bought your Mac within the last year or two, it already contains the needed Airport card. So while I am not happy about this hardware limitation, it ends up that a good deal of the people reading this Guide may already have everything they need. So perhaps it really isn't a limitation after all. -------------------------------------------------------------------------------- - 4.3.2 Configuring Internet Sharing - -------------------------------------------------------------------------------- To enable "Internet Sharing", you first go to the "System Preferences" menu, then click on "Sharing", under "Internet & Network". You should now see a bar with three sections: "Services", "Firewall", and "Internet". For the time being, we are only interested in the "Internet" tab, so click that. You will now be on the "Internet Sharing" page. You will see a box that lists the networking devices on your Mac. You should see at least two entries here, one probably being "Built-in Ethernet", and the other should be "AirPort". You may or may not have more devices listed, but in most cases you need to have at least these two. Now, there will be a line saying "Share your connection from:", followed by a drop down box. Set this to "Built-in Ethernet" if it is not already. This is the source interface for "Internet Sharing". We assume you are connected to the network or broadband modem through Ethernet; but if you are connected to the Internet through some other device, then set that as the source instead. You will now want to click the box next to "AirPort" in the box on the bottom. This links your source interface with the AirPort card, and establishes routing between them. That is all for the "Internet Sharing" configuration. Clicking "Start" would activate "Internet Sharing", and begin routing packets between the two interfaces. However, it won't do us any good until we configure the AirPort card itself. -------------------------------------------------------------------------------- - 4.3.3 Configuring AirPort Options - -------------------------------------------------------------------------------- On the "Internet Sharing" page, click on the button "AirPort Options...". The first option you will see is going to be "Network Name". This is the SSID of the WiFi network you are about to create. Set this to whatever you like, but just make sure you remember it. Next you will see "Channel". Leaving this on "Automatic" should be fine, but if you experience problems with interference you might want to try setting the channel manually. Moving on, you will see the section dealing with encryption. If you want to enable WEP on your new soft AP, this is where you would configure it. After clicking the box next to "Enable encryption (using WEP)", you would then enter a key to use. If you are planning to use 128 bit WEP then enter in a 13 character key, and if you want to use 40 bit WEP then enter a 5 character key. If it is not obvious, you should use 128 bit encryption, but the choice is yours. After you have made these settings, click "OK". You have now configured the AirPort card. If you are following this Guide exactly, you should now be back on the "Internet Sharing" page that you started from. Everything should be setup correctly now, so click on "Start" to enable "Internet Sharing". -------------------------------------------------------------------------------- - 4.3.4 Connecting the DS - -------------------------------------------------------------------------------- Yes, I imagine you had figured the whole process had been too easy thus far. I suppose it is some sort of cosmic irony that while the soft AP setup on the MAC itself was as simple as you could possibly hope for, the DS just decides not to behave with it. The problem here is that the DS does not seem to work with the OSX DHCP server, which means it can not automatically configure itself against your newly created soft AP. I am working on a way around this problem, but for the time being, you will need to configure your DS manually. Luckily, this is not very difficult. Here is the key thing to remember though. As there are two interfaces involved in this setup (whatever you are using to connect to the Internet, and the AirPort card itself) you need to make sure you are basing the DS's static IP off of the AirPort, and not the other device. Since the DS is connecting to the AirPort directly, that is the IP scheme you need to follow. By default, the AirPort interface should have an IP address of 10.0.2.1, with the subnet mask 255.255.255.0. So the appropriate settings for the DS would be as follows: +--------------------------------------------------+ | IP Address | 10.0.2.2 | |--------------------------------------------------| | Subnet Mask | 255.255.255.0 | |--------------------------------------------------| | Default Router | 10.0.2.1 | +--------------------------------------------------+ You will still need DNS servers however, which you can find by following Section 7.3.3. If that doesn't work, then you need to manually find the AirPort's TCP/IP settings. Go to "System Preferences", click "Network", then select "AirPort" from the device listing. Click on the "TCP/IP" tab, and you will be presented with an easy to understand listing of the relevant TCP/IP information. You can then follow Section 7.4 to base a static IP configuration off of this information. Once you have determined the proper IP settings to use, follow section 2.2.2.2, "Manual Configuration". You will then enter the SSID of your AirPort card (did you remember it like I told you?), followed by the IP information you got from your system. You will also need to enter in your WEP key if you chose to enable encryption under the "AirPort Options" menu. After that, run the "Connection Test" and hope for the best. -------------------------------------------------------------------------------- - 4.4 Hacking the Nintendo Wi-Fi USB Connector - -------------------------------------------------------------------------------- While the Wi-Fi USB Connector is designed to make getting online as easy as possible for people without being too technical, there are still some advanced things you can do with it, though completely unintentional on Nintendo's part. -------------------------------------------------------------------------------- - 4.4.1 Using the Nintendo Wi-Fi USB Connector with AOL - -------------------------------------------------------------------------------- It seems like a lot of people are asking this same question, so I decided to add it to the Guide. Keep in mind, this is for AOL High Speed (with a true broadband connection), not dialup. It is possible to get on the WFC with dialup, but I do not plan to cover it in this Guide. Dialup users slow down the game for everyone else; I am sorry, but it is the 21st century, if you don't have broadband, for whatever reasons, you shouldn't be playing online with those that do. The key to using the Wi-Fi Connector (and any other soft AP) with AOL is to not use the official AOL software to connect. You must create a new connection, and use that to log in. To do this in Windows XP, you will first click "Start", then "Control Panel", then "Network and Internet Connections", finally, click on "Network Connections". You will now see a screen that shows your current Ethernet connections. On the top left hand corner of this window, you should see a small box that says "Network Tasks". Within that box there is an option that says "Create a new connection", click it to start the "New Connection Wizard". The first page of the wizard describes what it can help you do. Click "Next", and it will ask what kind of connection you want to make. Make sure the radio button next to "Connect to the Internet" is selected (by default, it is). Then click "Next". Select "Set up my connection manually", and click "Next". Select "Connect using a broadband connection that requires a username and password", and click "Next". The wizard will then prompt you for the name of this new connection. You can use anything you like, but it is probably a good idea to make it something you will remember later. Naming it "AOL WFC" would not be a bad idea. After you have entered the name, click "Next". Now you will need to enter your AOL username. Enter your username, with the aol.com suffix (I.E. username@aol.com). You can then either enter your password here to have it saved, or leave the box blank so that you will be prompted for the password every time it tries to connect. It doesn't matter either way for the purposes of the Wi-Fi USB Connector, so do whatever you feel comfortable with. After entering in your credentials, then remove the check for "Make this the default Internet connection", but leave the other two options enabled. Then click "Next". On the final screen, you will see an overview of the setup for the connection you just made. Look over it to see if it appears correct, if not, go back and check everything. There is also an option to "Add a shortcut to this connection to my desktop". Selecting this would probably save you some trouble down the line. If you are happy with everything, click "Finish". Now, when you want to use this new connection, you would either click the shortcut the wizard made, or select it from the "Network Connections" screen. After you have signed into AOL with this new connection, go ahead and install the Nintendo Wi-Fi USB Connector, and all should be well. A little note, I said to make sure to disable "Make this the default Internet connection" so that you could still use the AOL software to get on the internet normally. If you would like to bypass the AOL software completely, keeping that option enabled will make that your primary internet connection, and allow you to use the internet without the AOL software. -------------------------------------------------------------------------------- - 4.4.2 Nintendo Wi-Fi USB Connector Soft AP - -------------------------------------------------------------------------------- The Nintendo Wi-Fi USB Connector is a very strange device. It was created to make setting up a wireless network easy for users who do not have a wireless router and don't want to go through the trouble of setting one up; but at the same time imposes a number of artificial limitations that are a bit strange. First, perhaps some background information is in order. Nintendo did not design or build the Nintendo Wi-Fi USB Connector. The Wi-Fi Connector is in fact a Buffalo WLI-U2-KG54-AI adapter which simply has been branded with the Nintendo logo. The WLI-U2-KG54-AI is based on the USB version of the RT2500 chipset, which, if you have read the Windows Soft AP section, you will recognize as one of the very few devices capable of creating a true wireless network under Windows. Nintendo was only in control of the software side of the product, which is where they started making some strange decisions. First of all, Buffalo provides drivers for Windows 98, Windows ME, and Windows 2000 for the WLI-U2-KG54-AI adapter. Nintendo on the other hand, decided to limit their OS support to Windows XP only. Nobody but Nintendo will ever know why they decided to place this limit on the Wi-Fi Connector, but the best guess I could hazard would be that they didn't want to have to support users running older versions of Windows. This decision has garnered the Wi-Fi Connector considerable criticism from many on the Internet. The second, and more pressing, change to the original Buffalo installation is limiting the types of clients that can connect to the device. Using an RT2500 device in soft AP mode would normally allow all WiFi devices to connect, but Nintendo specifically limited the Wi-Fi Connector software to only communicate with Nintendo's own hardware (at the time of this writing, those devices being the DS and Wii). At least this limitation can be justified; Nintendo designed the Wi-Fi Connector software with security in mind, and indeed it does provide a very secure wireless network. Many people have heard the horror stories of improperly configured wireless networks allowing intruders access to their computer and Internet connections, and it has generated a negative predisposition in the minds of many consumers. The Wi-Fi Connector however, being limited to only Nintendo's own products, provides these gun-shy users with wireless access for their game systems while not compromising their network security. Even so, there are many people who would rather be able to use their Wi-Fi Connector with the rest of their WiFi equipment, and that is exactly what this section of the Guide will allow you to do. Be warned however, the process that is described in the following text is by no means a simple installation. If you follow this Guide exactly you should not have any problems, but if you are not an advanced computer user you may want to read the rest of this section before actually making any changes on your system, and then decide after you have read it all if you want to attempt it yourself. -------------------------------------------------------------------------------- - 4.4.2.1 Driver Modification and Installation - -------------------------------------------------------------------------------- The first phase of the installation will require you to modify the official drivers for the Buffalo WLI-U2-KG54-AI adapter to allow them to work with Nintendo's rebranded version of the device. Despite sounding a bit frightening, this is actually one of the easier steps of the installation, in the grand scheme of things. First you will need to go online and download the drivers from the Buffalo website. At the time of this writing, the required file can be downloaded at the following URL: http://www.buffalotech.com/support/getfile/?U2KG54_1-01-02-0002.zip If that link is no longer valid, you will have to manually navigate to the download page for the WLI-U2-KG54-AI and get the required file. First, go to the Buffalo website located at: www.buffalotech.com Once you have selected your region, move your mouse over "Support" and click on "Downloads". On the Download page, click on the drop-down box and select "Wireless-G Keychain USB 2.0 Adapter with Auto Installation" under "Wireless". This will then load the page for the WLI-U2-KG54-AI. Click on the "Download" link under "Drivers", the current version is 1.01.02.002. You should now have a file called "U2KG54_1-01-02-0002.zip" on your computer. Inside of this archive you will find a directory called "U2KG54", and under that, directories for the different operating systems the driver has versions for. I should say at this point that modification of the driver should work on any of the supported operating systems. However, I am personally only able to test on Windows XP. If you attempt this on an older version of Windows, I would be very interested in hearing how it works out for you. Extract the "Win2000" directory to your desktop, and open it up. Inside you should see 5 files. The only one you need to touch is "NETU2G54.INF". This file tells Windows which devices will work with the driver, and needs to be modified in order for the rest of the setup to work. Before we can make any changes to the file however, we have to make it writable. Right click on NETU2G54.INF, then click on "Properties". At the bottom of the window you should see a check in the box next to "Read-only". Click on this box to remove the read-only attribute on the file, and then click "OK". You can now open up the file in Notepad by right clicking on it, selecting "Open With...", and then choosing Notepad from the list of programs. Near the top of this file you will see a section that has the heading, [Adapters]. As you may of guessed, this is the list of devices that the driver will associate itself with. The section will look like this in the stock driver: [Adapters] ; DisplayName Section DeviceID ; ----------- ------- -------- %rt2500usb.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_005E %rt2500usb_nai.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_0066 %rt2500usb_ai.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_0067 All you need to do is add the following line: %rt2500usb.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_008B So the [Adapters] section should look like this when you are done: [Adapters] ; DisplayName Section DeviceID ; ----------- ------- -------- %rt2500usb.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_005E %rt2500usb_nai.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_0066 %rt2500usb_ai.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_0067 %rt2500usb.DeviceDesc% = rt2500usb.ndi, USB\VID_0411&PID_008B After you have added the correct line, save the file and close it. Now that you have modified the driver itself, we can proceed with the actual installation of the driver. Before attempting the next steps, make sure you have completely removed the Nintendo Wi-Fi Connector software and drivers from your system. Make sure you have restarted your computer since removing the older drivers as well, to avoid any conflict when you try and install the modified Buffalo drivers. Once you are sure your system is clean of the old drivers, plug your Wi-Fi Connector into the computer. In a second or two you should see a pop up saying that it has detected the Nintendo Wi-Fi USB Connector. The "Found New Hardware Wizard" will then start. It may ask if it can connect to the Internet to search for drivers. Select "No, not at this time", and click "Next". It will then ask where you want to install the drivers from. Select "Install from a list or a specific location (Advanced)", and click on "Next". Make sure that "Search for the best driver in these locations." is selected, and then click the box next to "Include this location in the search:". Then click on "Browse". Navigate to the directory that your modified NETU2G54.INF file is in, click "OK", then click "Next". You will get a warning about the driver having not been tested for Windows XP compatibility. Ignore it and just click "Continue Anyway". After the installation, a bubble should come up at the bottom of the screen saying that the installation was successful. You should also notice you now have a new icon down in your system tray, which will look like a computer with waves coming out of it with a red "X". This indicates that you have a new wireless network device installed that has not yet been configured. At this point, your Nintendo Wi-Fi USB Connector is operating as a standard wireless adapter. You can now use it to connect your computer to a wireless network (such as a home router, or public access point) if you wish. Read the next section to learn how to configure your modified Wi-Fi Connector installation to work as a soft AP. -------------------------------------------------------------------------------- - 4.4.2.2 Software Modification and Installation - -------------------------------------------------------------------------------- At this point, you should have your Nintendo Wi-Fi USB Connector working as a standard wireless adapter under Windows. From here, we will download the appropriate software to configure a soft AP and make the required modifications so that it will work with the Wi-Fi Connector. As covered previously in this Guide, Windows does not include any inbuilt method of configuring a soft AP like Linux and Mac OS do. Because of this, we need to rely on the hardware manufacturers to develop their own software to accomplish the task. The obvious problem there however, is that the hardware manufacturers only develop software that works with their own devices, not any hardware you pick up off the shelf. That's the issue we will be addressing in this section. We need to modify the advanced WiFi configuration software from another manufacturer's device to work with the Nintendo Wi-Fi USB Connector. This is going to be a bit more difficult than the driver modification, and will require some software you may not have on your computer. Namely, you will need a hex editor to complete this part of the setup. For those who are not familiar with the term, a hex editor allows you to modify binary files, like computer applications. If you were to attempt to open a computer application in a text editor, it would just come out as gibberish, but a hex editor knows how to handle the data and makes it editable (to an extent). If you do not already have a hex editor on your computer, I would suggest using "XVI32", which can be downloaded for free from: http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm XVI32 is nice because it is small, capable, and does not require a full installation on your computer, you just copy the folder to your computer, and run it from there. Specifically helpful to us is that XVI32 features a very advanced "Replace" function, which will make editing the files much easier. The rest of this section will be written with XVI32 in mind, in terms of the menus and options it presents. However, you should still be able to follow along with any hex editor you are comfortable using if you chose to do so. After you have gotten your hands on a hex editor, you will now need to download the software that needs to be modified. For this, we are going to be using the WiFi configuration software from the ASUS WL-167g adapter. At the time of this writing, the software could be located at the following URL: http://dlsvr01.asus.com/pub/ASUS/wireless/WL-167g/Utility_2933.zip If that is no longer valid however, you will have to manually navigate to the download page for the WL-167g. First, go to the ASUS website located at: www.asus.com Once you have selected your region, click on "Download", and in the search bar type in "WL-167g". On the resulting page you should see a link that says "WL-167g related files for download", click on it. On the next page, click on the "Utilities" tab, then click on the "Global" link to begin the download. You should now have the file "Utility_2933.zip" downloaded onto your computer. Inside of this archive there will be a directory called "Utility", extract this to your desktop. Run the "setup.exe" file inside of this directory to start the "ASUS WLAN Card Utilities Setup". You will first be asked to select your language. Make the selection and click "Next" to proceed. On the Welcome screen, click "Next" again. It will then ask where you want to install the files. The default is fine, but you can change it if you wish. After the installation, it will ask you if you want to restart your computer. There is really no reason to, since we didn't install the ASUS drivers, but you can go ahead and reboot if you like. Now comes the fun part, actually modifying the individual programs to fool them into working with the Wi-Fi Connector. Start up XVI32, and click on the "Open" icon. Now navigate to where the ASUS Utilities were installed. By default this should be: C:\Program Files\ASUS\WLAN Card Utilities\ Inside this directory you are going to see a number of files. To start, click on "AsAuthen.dll". The main window of XVI32 is going to fill with data now. Don't worry about it, you won't need to touch any of that. Click on "Search", and then "Replace...". Under "Find", make sure that "Text String" is selected, and paste the following line into the box: USB\VID_0B05&PID_1706 Then click the top "Text -> Hex" button. The text you just copied should now show up in the lower window in hex. Go down to "Replace with", again making sure that "Text String" is selected, and copy the following line into the box: USB\VID_0411&PID_008B Click on the lower "Text -> Hex" button. Again you should see the text changed into hex. Now click on "Replace All". You should get a pop up window telling you how many occurrences were replaced, just click "OK". Now click on the "Save" icon, and then "Open". You have now completed the modification on the first file. You must repeat these exact steps over for the remaining files. XVI32 will remember the text you have entered to be replaced, all you need to do is click the appropriate buttons to open the file, replace the line of text, save the file, and open the next one. You must edit the following files: AsAuthen.dll Center.exe Mobile.exe StMonitor.exe TShoot.exe Wireless.exe Wizard.exe We just edited AsAuthen.dll, so that leaves the 6 .exe files left. Once you have edited those files, there is one final step left. Open "My Computer" and navigate to the directory where the ASUS Utilities are installed, and go into the "Driver" directory. Under "Driver", go into the directory named "WinXP", and then "AP". Here you should find a single file called "rt2500usb.sys". You must copy the rt2500usb.sys file to: C:\WINDOWS\system32\drivers\ You will get a prompt asking you if you want to overwrite the file, click "Yes". Make sure the Wi-Fi Connector is plugged in, and click on "ASUS WLAN Control Center" icon on the desktop. You are likely going to get a number of error and message windows popping up, but there is only one you need to worry about. There should be a window named "Wireless Option", in this window you need to make sure that option which says "Only use our WLAN utilities..." is selected, and then click "OK". A wizard will now start, click on "Cancel", and then "OK" on the message that will result. Close any other wizards or messages that have opened themselves. You should now see the "ASUS WLAN Card Settings" window, with the Buffalo WLI-U2-KG54-AI shown as the current device. This completes the modification of the ASUS WLAN Card Utilities. You now have the required software to setup a soft AP using the Nintendo Wi-Fi USB Connector. -------------------------------------------------------------------------------- - 4.4.2.3 Soft AP Configuration - -------------------------------------------------------------------------------- In this section we will actually configure the soft AP, and get the Internet running through it. The ASUS software makes this very simple, and you should be up and running in only a few clicks. Open up the "ASUS WLAN Control Center", and click on the "Config" icon. On this page you should see a tab that says "Soft AP", click on it. Here you need to click on the bubble next to "Soft AP Mode". This will put the device into Master mode. On the bottom of this tab, you should see a diagram of a network, and on the bottom left there should be a window that says "Available Network Connections". Select which one of those connections is currently connecting you to the Internet, and drag that up to the box that is next to "Internet". Make sure the box next to "Enable ICS" is checked. Now click "Apply". After a moment you should get a warning about changing the modes of the adapter, click "Yes". A few seconds later and you should get another window popping up to tell you that enabling ICS may take awhile, click "OK" again. Then wait, like the message said, this can take awhile. You will know that it is finished when the green "Apply" icon becomes greyed out again. Once this happens, click on the "Basic" tab. On this tab you need to enter in the SSID your soft AP will use. Make sure that "Hide SSID" is not checked, or else you won't be able to find your soft AP when you search from your devices (though you could always manually configure it). Then move down to the channel selection. You can use any channel you want, but it would be a good idea to either use 1, 6, or 11. Now down on the bottom, click "Advanced". On this new tab, go to the pull down box next to "54g Mode:" and select "802.11b Only". Click "Apply", then "OK". Your Nintendo Wi-Fi USB Connector has now been converted to a standard soft AP. You may now connect your client devices to it and begin using it as you would any other WiFi access point. However, I highly suggest you look at the "Encryption" and "Access Control" tabs in the Control Center, and enable some form of security. Read Section 5, "Network Security" for a more in-depth explanation of these features. ================================================================================ = 5. Network Security = ================================================================================ -------------------------------------------------------------------------------- - 5.1 WiFi Security - -------------------------------------------------------------------------------- Wireless security is essentially a myth. The very concept of sending data over the air using hardware that any consumer can purchase cheaply and without a license makes it a dangerous technology. Of course there are many things you can do to increase the security of a wireless network. The problem is, the DS doesn't really support any of them. We will have to work around this, and do the best we can with the limited abilities of the DS. The following sections will give some tactics that can be used to make the best of the limited security options Nintendo decided to arm the DS with. I will explain what each security measure does, why it works, and at the same time, why it doesn't. -------------------------------------------------------------------------------- - 5.1.1 Cloaked SSID - -------------------------------------------------------------------------------- Cloaking simply means that your WiFi device does not publicly broadcast the SSID. This will cause general purpose WiFi devices and software to not list it, essentially hiding it from people who did not know the network was there. The problem with this feature is that it can make setting up new devices difficult. The DS does not list networks unless their SSID is being broadcast; so to configure it with such a network, you would either need to manually set it up, or temporarily enable SSID broadcasting. So how effective is this in the real world? Well, not very, unfortunately. It doesn't do a whole lot more than make configuring your own devices a bit more complicated. If your goal is to block your neighbor from casually connecting up to your network (perhaps by mistake), a cloaked SSID would have the same effect on them, their hardware would not show the network. If you are dealing with a person that is not actually trying to access your network, but perhaps just doesn't know any better, this would deter them. But to anyone more advanced, it is nothing more than a parlor trick. The flaw with cloaked SSIDs is that every time a client device authenticates or deauthenticates, the SSID is sent out in the 802.11 frames. Good software like Kismet can pick up on this, and find the SSID even if you have enabled cloaking. If an attacker is running Kismet and you are not actively using the network, it will still show up, but simply will have no name. This alone is all it takes to confirm a network is there, and will draw the attacker's attention. This makes cloaked SSIDs all but completely useless as a serious security device. But hey, it sounds cool, right? -------------------------------------------------------------------------------- - 5.1.2 MAC Filtering - -------------------------------------------------------------------------------- MAC stands for Media Access Control, it is a unique identity that all network devices must have. MAC addresses are part of the second level of the OSI Model, and are mapped to IP addresses on the third layer of the OSI Model via ARP. MAC addresses are an essential element to TCP/IP, and it is vital that both the MAC addresses and ARP tables are valid for TCP/IP to function properly. By design, there can never be two devices with the same MAC address (though as with everything, accidents do happen, I have heard about NICs shipping from the factory with identical MACs in the past), so they can be used as a form of physical security. Locking out all but specific MAC addresses can secure a network from unauthorized access. Well...in theory, anyway. In concept, MAC filtering is a bulletproof approach to wireless security. In the real world however, it is possible to "spoof" (fake) the MAC address of the network card in a computer. That means an attacker can gain access to a MAC filtered AP simply by sniffing the network traffic for an allowed MAC and cloning it to his own network card. To the AP, the attacker's computer would appear to be one of those allowed to access the network, and therefore get full access. At first glance, it would appear that MAC filtering is almost completely useless against a knowledgeable attacker. But, not all is lost. As TCP relies on sane MAC addresses to function properly, two MAC addresses cannot exist on the same network without serious problems coming up. Because of this, a MAC can only be reliably spoofed when the card that actually owns that MAC address is not active. This obviously limits the attacker's access, and needs to be circumvented if their goal is to setup a long-term connection to the network. To do this, the attacker would either have to disable MAC filtering, or add the real MAC of his network card to the list of authorized devices. Either action will not only make his presence known, but would also require the attacker to get access to your router or AP's configuration (more on that in Section 5.2, "Securing your WiFi Router"). Also, if the only WiFi device accessing your MAC filtered router is the DS, you are in a bit better shape, since you won't be authenticated with the AP nearly as much with the DS as you would be with a computer. The attacker would have to get lucky enough to be sniffing your AP at the same time you were playing a game, to be able to get the MAC of your DS. If the attacker can't sniff a MAC that is authorized to connect to the AP, there is no way they can get though the MAC filtering. So with the proper application, you can see a realistic benefit from MAC filtering. Just make sure to keep an eye on the MAC filtering configuration on the router, and limit the amount of time you spend authenticated to the AP, if possible. -------------------------------------------------------------------------------- - 5.1.3 WEP - -------------------------------------------------------------------------------- WEP stands for Wired Equivalent Privacy, which is a form of hardware based encryption that is defined in the 802.11b standard. WEP operates on the MAC layer of the OSI network model. WEP uses a 40 bit RC4 PRNG shared key created by RSA. The key is combined with a 24 bit random number known as the "Initialization Vector" (IV). This yields an apparent 64 bits of encryption. Manufacturers later amended more features to WEP, including 104 bit keys. This combined with the 24 bit IV, gives us what people refer to as 128 bit WEP. It is important to remember, as these features were added after the 802.11b standard was created, it is not mandatory for devices to support them. For a client to connect to a WEP protected AP, they must have the encryption key. However, any WiFi device in range can sniff the packets as they go though the air. But the packets are encrypted, so the data itself is not visible without first decrypting it. WEP was the first attempt at adding security to WiFi technology. As common with first attempts, WEP was not nearly as effective as was originally intended. A number of weaknesses were eventually found, and WEP is today viewed very negatively by many users. The primary shortcoming of WEP is that the IV is sent in the clear. An attacker can sniff the wireless traffic and analyze the IVs to eventually find the original key. Once the key has been found, the attacker then has complete access to the wireless network. To capture enough IVs to crack a WEP network takes time, and a considerable amount of data transferred over the network (usually 500+ MB). Even so, it is now well within the reach of a moderately skilled user to crack even a strong WEP key in a matter of hours given the proper conditions. But every cloud has a silver lining. Knowing the faults of WEP is the best defense against having those faults exploited at your expense. While nothing will ever make WEP as a secure as a wired network, or even WPA for that matter, the following tips can greatly reduce the risk of a successful attack on your AP. -------------------------------------------------------------------------------- - 5.1.3.1 Use a Strong Key - -------------------------------------------------------------------------------- A universal truth with all passwords or keys is that anything in the dictionary is inherently insecure. Such passwords can be quickly cracked with so called "dictionary attacks", which (as the name implies) go though all of the words in a predetermined dictionary file to attempt to guess the correct password. Dictionary attacks are many many times faster than actually cracking the key by decrypting it. If you can successfully protect yourself from such attacks, you will instantly make your network more difficult to compromise. There are a number of tips to protect yourself from dictionary attacks: Be sure to never use a word that can be found in the dictionary. This includes names of people or places. Obfuscate your key with alternating capital letters and numbers. To really create a secure key, add in some symbols or even non-printable Hex characters. Using these tips will help you create a key that is much more secure than just plain text. For example, rather than using "password", you could use "\[P4$5W@r|)]/". Try finding that in Webster's. -------------------------------------------------------------------------------- - 5.1.3.2 Use the Highest Encryption Possible - -------------------------------------------------------------------------------- This one is fairly obvious. Use the highest encryption that your hardware supports. If you are using 64 bit WEP, you are a much easier target for an attacker, as it can be cracked in literally minutes. But as I mentioned before, since 128 bit WEP is not actually in the 802.11b specification, support for it is completely optional. So be sure that any hardware you are buying actually has support for it. The DS itself supports 128 bit WEP, so just be sure your router, AP, or soft AP device supports it as well. -------------------------------------------------------------------------------- - 5.1.3.3 Limit your Bandwidth - -------------------------------------------------------------------------------- As covered previously, a lot of data needs to be sniffed out of the air to successfully crack WEP. If you can limit the amount of data you transfer, you can make it that much more difficult to crack the encryption. Unless your devices really need to be wireless, connect them via Ethernet. If you can get it down so that only your DS is connected to your AP, then you will sharply reduce the amount of data you are sending though the air. Consider this, if the only device that ever uses your WEP protected AP is a single Nintendo DS playing WFC games, it would take a very, very long time to generate a significant amount of data. How long? Well, let's see: On average, it takes about 700 MB worth of sniffed traffic to crack a 128 bit WEP key. Meanwhile, Tetris DS with 2 players generates about 6 MB (3 up, 3 down) per hour of actual time spent in a match. Doing some simple math, you would have to play Tetris DS for about 117 hours, or just shy of 5 days, to generate 700 MB of traffic. If you play for a half hour a day, then it would take about 233 days for you to pull 700 MB though that AP. Even if you played for 3 hours a day, every day, it would still take over a month to generate enough traffic to crack the key. Clearly, no casual attacker is going to sniff your connection for months just to get online. After a day or two, he is going to move on to an easier target. -------------------------------------------------------------------------------- - 5.1.3.4 Rotate your Key - -------------------------------------------------------------------------------- As covered in the previous section, cracking a WEP key requires significant data to be transferred over the network for the attacker to sniff and analyze. Because of this, the process of cracking the key can take a long time, depending on the rate of data being transferred over your network. Therefore, you can conceivably change the key often enough that it isn't possible to generate sufficient IVs to successfully crack it before it is changed again. Going back again to the previous section, we know it could take the better part of a month to send the required amount of data over the wireless link, even with a considerable amount of WFC gaming. If you were to change out your WEP key every 25 days or so, by the time an attacker had collected an appreciable amount of data, you would already be using a new key, making his collected data completely useless. -------------------------------------------------------------------------------- - 5.1.3.5 Combine Forces - -------------------------------------------------------------------------------- Even with the steps above, WEP can still be a liability. That is why you should not rely on it as the only method of security for your network. You need to have a comprehensive plan that covers multiple vectors. It is important to pair smart WEP practices with other techniques, such as MAC filtering, cloaked SSIDs, and firewalls. By combining all of these security features, you can create a network that is simply not going to be worth the effort for a casual attacker. No WiFi network is completely safe from attack, and if there is an attacker that has for whatever reason specifically targeted you, with enough effort, they will get in. But if the only threat to your network are leachers and WarDrivers, 9 times out of 10, if they see a network that is using multiple security measures, they will simply move on a bit down the street to the next network, which will almost certainly have little to no protection. -------------------------------------------------------------------------------- - 5.1.4 Is it Safe? - -------------------------------------------------------------------------------- While I have outlined some tactics that will make breaking into your wireless network harder, by no means will they make your network invulnerable. At the end of the day, WEP is very exploitable, and the software and information to do so is easily available. I have also neglected to mention a serious threat to WEP, one which completely undermines any attempts to make it more difficult to crack. Up until now, we have assumed that to capture enough data to crack WEP, the attacker must sit and wait for data to literally float past him. While this is true, it is also possible for an attacker to use a technique called "replaying", which forces the AP to send out data by replaying recorded data transmissions back to it. Using this technique, it is possible to force an AP to send out hundreds of megabytes of data in only a matter of minutes, speeding up the cracking process exponentially. With replaying, it is now possible for and experienced attacker to crack a 128 bit key in as little as 10 minutes. There is essentially nothing you can do to stop such an attack. However, there is one glimmer of hope. While many WiFi cards are capable of sniffing data, relatively few are capable of the packet injection that is required for a replay attack. Unless the attacker is fairly serious about breaking into other people's networks, there is a good chance he only has sniffing capability, and has not spent the time and money to track down a card that can handle injection. I know that is not exactly comforting, but it's the only positive thing I can say, really. It essentially comes down to the skill and determination of the attacker. If your biggest threat is your next door neighbor jumping on your network to download porn, then I can tell you with confidence that following the advice in this Guide will keep him out. However, if you are dealing with an experienced cracker that has specifically targeted you, with enough time and equipment, your network will be compromised. Sorry. -------------------------------------------------------------------------------- - 5.2 Securing your WiFi Router - -------------------------------------------------------------------------------- An important aspect of wireless security, one which many people forget, is properly securing the wireless router itself. If you are using a soft AP, including the Nintendo Wi-Fi USB Connector, there is not much to worry about. Granted the security of your computer is very important, but you are not going to have a browser-based configuration system just sitting out in the open on your computer, like you do on a standard WiFi router. Though this configuration page on your router, it is possible to do all sorts of nasty things, including locking you out of your own router, and even destroying it by doing an improper firmware flash on it. Also, as mentioned in Section 5.1.2, "MAC Filtering", the router configuration also holds the MAC filtering information, and can be used to allow an attacker to add his MAC to your router's authorized list, and get full access to the network. It is vitally important to lock down your router to prevent anyone else but yourself from accessing it. There are number of things you can do to secure your router, but not all hardware will support all features, so just do the best you can with whatever the router supports. -------------------------------------------------------------------------------- - 5.2.1 Use a Strong Password - -------------------------------------------------------------------------------- The same rules for password creation apply as they did in Section 5.1.3.1, "Use a Strong Key", except here, the risks are even higher. It is much easier to guess, brute force, or dictionary crack the password on a router than a WEP encrypted network. It is possible to detect the manufacturer of your router by it's MAC OUI, and many sniffing programs will automatically show the attacker what brand router you are using. From there, it is a simple Google search to find the default username and password that company uses. If you never changed your password from the default one, you have just been compromised in a matter of seconds. If you changed your password, but made it something simple, like "secret"; you aren't in much better shape. The web authentication that most home routers use can be dictionary cracked very rapidly. Running tests on my own routers, it only took a few minutes for a dictionary cracking program to run though a list of over 3000 common passwords, and find the simple password I had set for the test. Again, it was very easy, and very quick, to get into the router. Now, let's say that you follow the guidelines I talked about in Section 5.1.3.1, "Use a Strong Key". Such a password would not be discovered with a dictionary attack, so the only option for the attacker would be to attempt a brute force attack. In a brute force attack, the software is set with the minimum and maximum length of the password, and what characters to use (for example, numbers only, alphanumeric, capital letters only, etc), the software will then attempt every possible password combination within the given parameters. As you could imagine, this would take a massive amount of time to complete. Take for example the password I gave in that section, "\[P4$5W@r|)]/". To have a 100% chance of cracking the password, the brute force software would need to be configured to go up to 13 characters, and use full ASCII key-space. That gives us 2,812,901,617,993,870,347 possible combinations. Go back and read that again. At best, you are only going to be able to try 5 passwords per second or so against the router, given the speed of the connection and the response time of the router itself. As if it had to be said, that would take many, many, many, many, years to complete. But to be precise, it would take about 17,839,305,000 years to crack that password using a brute force attack. -------------------------------------------------------------------------------- - 5.2.2 Disable Wireless Management - -------------------------------------------------------------------------------- Wireless Management allows users connected to the router via WiFi to access the router's web configuration. This is almost certainly not what you want to do. If your computer is connected to the router over Ethernet, then you will absolutely want to disable this option. All this does it makes it possible for an attacker to get into your router configuration from outside of your home. If your router supports it, and it won't effect your usage of the device, then disable this immediately. -------------------------------------------------------------------------------- - 5.2.3 Disable Remote Management - -------------------------------------------------------------------------------- Remote Management is a feature on some routers that allow the web configuration page to be accessed over the Internet, with the idea that you could manage your router from anywhere on the planet. Obviously, this is almost completely useless in every way, and should be disabled. There are few good reasons you would ever need to access your router from outside your home, and they certainly don't outweigh the considerable risk of having your configuration open up to all of the Internet to see. -------------------------------------------------------------------------------- - 5.2.4 Disable Remote Upgrade - -------------------------------------------------------------------------------- Remote Upgrade allows your router to be flashed with a firmware sent to it over the Internet. This is a disastrously stupid option, and should be disabled and completely forgotten about. -------------------------------------------------------------------------------- - 5.2.5 Enable HTTPS - -------------------------------------------------------------------------------- Some routers will allow you to chose HTTP or HTTPS for the web administration page. HTTPS is more secure than HTTP as it encrypts data sent to and from the site. In this case, the data you want to secure is your password. If you are using just HTTP, it would be possible for a attacker connected to your network to sniff your router password as you login. If this happens, it doesn't matter how good your password is, he will have it. -------------------------------------------------------------------------------- - 5.3 Nintendo Wi-Fi USB Connector - -------------------------------------------------------------------------------- While it might not have been Nintendo's initial goal when creating the Wi-Fi Connector, the device does manage to offer considerable security. As I have covered, pretty much every security technology the DS supports can be easily overcome by a moderately skilled attacker. The Wi-Fi Connector, on the other hand, offers a security model that is not only the highest available to the DS, but perhaps on any WiFi device. Each DS is identified by the Connector though the player's nickname, rather than the MAC address of the device. While it is very easy to sniff the MAC of the DS with even the most basic software, capturing the nickname is another story entirely. It is possible, but well out of the realm of standard WiFi cracking. Not only that, but each DS needs to be interactively authenticated by the user from the computer with the Wi-Fi Connector. There is no way for a device to sneak onto the Wi-Fi Connector. In fact, the Wi-Fi connector doesn't even show up as a standard WiFi network to standard computer hardware. Bottom line is, there is currently no known way to spoof an authenticated DS and connect up to a Wi-Fi Connector. It is the best security you can get with the DS, given the lack of WPA encryption. -------------------------------------------------------------------------------- - 5.4 Firewalls - -------------------------------------------------------------------------------- The firewall is the key element in network security. Essentially, a firewall is anything that blocks incoming or outgoing traffic to a computer or network based on a set of predefined rules. Firewalls can protect your internal network from attacks from the Internet, or keep users from sending out information that they are not allowed to. On the same note, firewalls also tend to be a big source of trouble for non-technical users. The same protection that keeps attackers from accessing your computer from the Internet can also block your computer games from connecting to other players, or your file transfers from completing. A common, and very unfortunate, mistake that many users make is to simply disable the firewall if it blocks a protocol they are trying to use. This is a very bad idea, you should never disable your firewall. Instead, make the effort to find out what ports and protocols your program needs, and allow them in the router configuration. This way your software will continue to work, and you will still be protected. In the following sections, I will cover some general firewalling principles, and then the different types of firewalls available; both hardware firewalls, and software firewalls in Linux, Windows, and Mac OS. -------------------------------------------------------------------------------- - 5.4.1 General Firewall Concepts - -------------------------------------------------------------------------------- Firewalls can be deployed in many different ways and configurations. Certainly more than I could possibly cover here. I will simply cover the most common forms of firewalling, which is enough for the purposes of this Guide. -------------------------------------------------------------------------------- - 5.4.1.1 Inbound Firewalling - -------------------------------------------------------------------------------- In this configuration, the firewall filters inbound traffic based on rules the user sets up. This is often required to play online games, use Bittorrent, and other services that require traffic to be able to reach your computer. An inbound firewall will also allow traffic in that was requested by a machine from within the protected zone. For example: when you perform a FTP download, you first would connect out to the server though the firewall, then when the download actually starts, the traffic would come back in though the firewall. This works without the user having to explicitly allow the FTP protocol, because the firewall knows a machine within the protected zone initiated this connection, and therefore traffic should be allowed back in though the firewall to the machine that requested it. This form of firewalling will protect a home user from most threats on the Internet. It will block any attackers that attempt to connect to your computer, as well as automated attacks like worms and viruses. However, an inbound firewall is only effective if it's rules are correctly configured. If you have not made sure all protocols that you don't need are blocked, the protective capability of the firewall will be negated. -------------------------------------------------------------------------------- - 5.4.1.2 Outbound Firewalling - -------------------------------------------------------------------------------- Outbound firewalling filters traffic that is coming out of the protected zone. This type of firewalling addresses the primary weakness of inbound firewalling, which is that any communication that was initiated from inside the protection of the firewall is assumed to be safe. Under normal circumstances, this is a perfectly acceptable assumption. However, in the event that a rogue connection is made out to a waiting server without the user's knowledge, the inbound firewall will do nothing to stop it. This can happen if the computer is infected with a virus, or more accurately, a Trojan horse. In the case of a large network, this could also be the result of an attacker connecting his own computer up to the network and connecting out. By connecting out though the firewall to a waiting server, an attacker can create an open path into the target network or machine, and through this get control of the target. This is where the concept of outbound firewalling comes in. An outbound firewall is able to block connections out to the Internet based on the protocol being used or the software program that initiates the connection. For example: an outbound firewall could be configured to block all outgoing instant messenger protocols, to keep users of the network from chatting online instead of doing their work. As you can imagine, an outbound firewall takes a lot more configuration to effectively protect the network while not impeding the use of it. While an inbound firewall only needs to know what protocols to always allow through and then allow everything else the user actually requests for, an outbound firewall will block everything going out by default, and needs to know exactly what you expect to be sending out when you are using the computer. -------------------------------------------------------------------------------- - 5.4.1.3 Network Segmentation - -------------------------------------------------------------------------------- While the home user can get all the protection they need from an inbound and outbound firewall, more complicated networks demand a more robust system of protection. Enter the concept of segmentation. Basically, this is the process of separating a network into multiple segments, each with their own firewalls and rules for filtering traffic. For example: in a corporate network, the servers may be allowed full access out to the Internet, while the staff's machines could be configured to only allow connections out. Obviously, such a setup can be very difficult to configure, and hard to manage if something goes wrong. But for maximum security in an environment with multiple computers, the importance of keeping traffic separate demands it. -------------------------------------------------------------------------------- - 5.4.2 Types of Firewalls - -------------------------------------------------------------------------------- There are many types of firewalls available, each with it's own strengths and weaknesses. It is up to the user to decide which one is right for them, based on their needs and budget. Here I will cover the two main types of firewalls, hardware firewalls, and software firewalls. -------------------------------------------------------------------------------- - 5.4.2.1 Hardware Firewalls - -------------------------------------------------------------------------------- A hardware firewall is any dedicated device that filters traffic into a network. I say network, rather than computer, because hardware firewalls are almost always used when there is more than a single client to protect (though hardware firewalls designed to be used with a single computer do exist). When talking about hardware firewalls for the home user, you are going to be dealing with SOHO routers, which almost all include a basic firewall. These small firewalls are almost all inbound firewalls. I know of no consumer router that offers outbound firewalling from the factory. Though more advanced hardware firewalls are capable of it, however. Hardware firewalls are a good deal for the user that has their own small LAN they want to protect, as they can protect all of the machines equally. However, they are likely overkill for a user that simply has one computer connected up to the Internet. To allow traffic into a network, hardware firewalls will generally have multiple rules which you can configure to forward specific traffic to a predetermined IP address within the network. Most consumer hardware firewalls also include a DMZ function, which allows all traffic from the Internet to access the IP address specified. While it is never a good idea to place your personal computer in the DMZ, it is occasionally necessary to place a device there that needs access to multiple ports at once, like a game console. As hardware firewalls work on the physical layer (meaning, the computers it protects are physically plugged into it), hardware firewalls have the advantage of working seamlessly with any operating system or device capable of connecting to it. -------------------------------------------------------------------------------- - 5.4.2.2 Software Firewalls - -------------------------------------------------------------------------------- A software firewall is actually a program that runs on the computer it is protecting, and actively monitors and filters all traffic on that computer. Software firewalls can act as both inbound and outbound firewalls. Outbound firewalling is easy to do in a software firewall, since the firewall is running on the computer right along side the programs that need to access the Internet. Some software firewalls will interactively notify the user when an inbound connection has been blocked, or when a program is requesting an outbound connection. While helpful, these messages and requests for confirmation tend to annoy some users. The exact opposite of a hardware firewall, the software firewall is a good choice for protecting a single computer, but is not suitable to protect an entire network. Software firewalls also tend to require more configuration than their hardware counterparts. Since a software firewall is just that, a piece of software, each operating system uses a different software firewall program. Some operating systems include this ability, while others might require the user to install their own software firewall. -------------------------------------------------------------------------------- - 5.4.2.2.1 GNU/Linux - -------------------------------------------------------------------------------- Linux includes it's own firewall system built into the kernel. In 2.2 kernels, it uses IPChains, and in 2.4+ kernels, IPTables is used. As every standard distribution is using at least a 2.4 kernel, you only need to worry about IPTables. IPTables is capable of nearly any form of firewalling or NAT possible, so the sky is the limit when it comes to configuration. IPTables is generally configured from he command line, or more accurately, by putting commands into a script, and having that run at boot time. If a GUI is your thing, there are some good front-ends for IPTables, such as Firestarter, Guarddog, Firewall Builder, and Knetfilter. -------------------------------------------------------------------------------- - 5.4.2.2.2 Windows - -------------------------------------------------------------------------------- Windows has not had a built-in firewall included until very recently, not until Windows XP Service Pack 2, to be specific. Also, not surprisingly, the Windows firewall is not very advanced, and can only do inbound firewalling, not outbound firewalling (very unusual for a software firewall). This limitation is due to Microsoft's concept of computer security, and that the firewall's only duty is to protect a computer from infection, not protect a computer that is already infected with a trojan. Right or wrong, this behavior is confirmed to be in the Vista as well. Configuration of the Windows firewall is essentially selecting which services will be open on a specific interface, and which ones will be blocked. As the Windows firewall is very basic, it is advised to download and install an alternate software firewall (if you don't already have a hardware firewall upstream, that is). I would recommend Kerio Personal Firewall 2.1.5 (the last freeware version of Kerio's firewall product). Besides being free and more advanced than the Windows firewall, Kerio PF also has the advantage of working on Windows 98/ME/2000. -------------------------------------------------------------------------------- - 5.4.2.2.3 Mac OS - -------------------------------------------------------------------------------- OSX includes a fairly complete firewall that is built into the kernel, not unlike IPTables in Linux, known as ipfw. IPTables and ipfw are pretty similar in their operation. They both use individual rules to build the firewall, can be setup though scripts, and support detailed logging. Like IPTables, ipfw does not have any GUI in and of itself, but OSX does include a GUI for it by default. However, ipfw is capable of much more than it's fairly simplistic GUI can present to the user. Many of the more advanced capabilities of the OSX firewall cannot even be accessed from it's GUI, they need to be enabled from the Terminal. This includes the ability to block outbound traffic, as by default, the OSX firewall only blocks inbound traffic like the Windows firewall. Having to use the Terminal to configure the more advanced aspects of ipfw has always been a criticism of the OSX firewall system. However, even when limited to only the GUI interface, the OSX firewall is still more capable than the Windows firewall. The GUI attempts to be a balance between the most commonly used features, and ease of use. At least you are always open to using those advanced features if you feel you need them, while the Windows firewall just isn't capable of them in the first place. An interesting note about the OSX firewall, it cannot be turned off. This is part of Apple's security model, to help protect their machines by having the firewall active from the very first time the computer is setup. -------------------------------------------------------------------------------- - 5.4.3 Practical Application - -------------------------------------------------------------------------------- All the information in the world is useless if you don't have a way to practically apply it to your situation. In the following sections, I will cover how you the user can implement some of the firewall technology previously covered to help protect your network when opening it up to wireless access. -------------------------------------------------------------------------------- - 5.4.3.1 Inbound Firewalling - -------------------------------------------------------------------------------- The easiest and most reliable way to setup inbound firewalling for your network is though the use of a hardware firewall. As mentioned before, the primary form of hardware firewall for the average consumer is a home router. This device will include a inbound firewall capable of blocking all unsolicited requests to the machines on your network, wired and wireless. The firewall contained in the average home router is enabled by default, and does not require any setup from the user. The moment you connect your computer to it, you are under it's protection. This makes the hardware firewall the easiest to deploy out of all the options available. The only configuration you may need to do on your hardware firewall is allowing traffic into your network that you specifically want. For example, if you want to run an FTP server from your computer, you would need to forward that traffic to the IP of your computer. As I mentioned before, all of the software firewalls are also capable of inbound firewalling. It is important to remember though, that this will only protect the computer it is running on, and not the rest of the network. These also will involve a bit more setup than the hardware firewall. Speaking about the DS specifically, you generally will not have to make any adjustments to an inbound firewall to get online and in a game. However, on some routers there are bugs or inconsistencies in the way it handles NAT and forwarding, and it might be necessary to do some additional setup for you to connect to the WFC service. If you are getting errors when connecting to the WFC though a router, check the error number online to see if it is a firewall error. If so, you might want to setup port forwarding to the DS, or place it in the DMZ. In either event, it would help if you setup the DS with a static IP to make the configuration easier. If your DS is connecting to the Internet though your computer, either via the Wi-Fi Connector or other soft AP, the incoming firewall may need to be adjusted to allow all traffic into the DS if you are experiencing errors while playing. -------------------------------------------------------------------------------- - 5.4.3.2 Outbound Firewalling - -------------------------------------------------------------------------------- As I mentioned previously, consumer hardware firewalls generally do not posses any outbound firewalling capability. For that reason, they will not be mentioned in this particular section. This section is only concerning software firewall products. I won't go into a lot of detail here. As the software firewall setup is going to be completely different for every platform, it is better than I go into specifics in each operating system's individual section. I am just going to give a brief overview of how you can deploy an outbound firewall in relation to the Nintendo DS and WFC games. The concept here is that you can limit how a device can connect out to the Internet, in an effort to only allow legitimate traffic through. Speaking about the DS specifically, you can use outbound firewalling on the computer that is sharing it's Internet connection to the system. This has a very real benefit, especially if you are running a standard soft AP that any device can connect to. You can limit outbound connections from the wireless side to only connect to Nintendo's WFC servers, blocking everything else. This will prevent somebody from connecting up to your soft AP and using your Internet connection. Unless of course they were connecting up with a DS and were looking to play WFC games...well, nothing is perfect. Again, I will go into more detail on this method elsewhere; but the basic idea is to allow outgoing traffic to Nintendo's servers, which are located at "nintendowifi.net". The destination URL is always going to contain this bit of information, for example, Tetris DS will attempt to connect out to "tetrisds.master.gs.nintendowifi.net". So if you block any URL that doesn't contain "nintendowifi.net", it should allow your games to work properly while blocking all other traffic. -------------------------------------------------------------------------------- - 5.4.3.3 Network Segmentation - -------------------------------------------------------------------------------- While this is certainly the most effective way to make sure people connecting to your wireless access point don't get full access to the network, it is without a doubt the most difficult to implement. For this to work, you need to have a machine that is more or less dedicated to being an access point. Not only should traffic from this machine be limited as to what it can connect to on the Internet (see the previous section), it should also be limited in it's connectivity to computers on the LAN. In short, this computer should ONLY be able to connect out to Nintendo's WFC servers and nothing else. Clearly, this is not practical for the average person. Still, I will attempt to cover this at a later date. A lot of the information in this Guide is of limited use to the average person anyway, so I guess that shouldn't be a reason to stop me now. ================================================================================ = 6. FAQ & Troubleshooting = ================================================================================ This Guide covers a lot of ground. From the basic functions of the DS, all the way to doing NAT in the Linux kernel. At the same time, finding answers in a large document like this can be difficult, especially if you have a very specific bit of information you are looking for. This section of the Guide aims to address that exact situation. Here I will break down information into smaller sections, to answer specific questions or detail the resolutions to common problems. Obviously, this section will be in a constant state of revision, as more problems are sent into me, or more resolutions are found. To that end, if there is a specific problem or question that you don't see answered here, contact me so that I can work on adding it in. -------------------------------------------------------------------------------- - 6.1 FAQ - -------------------------------------------------------------------------------- This section will try and answer some common questions that I get emailed, or I see being asked on the boards. -------------------------------------------------------------------------------- - 6.1.1 Nintendo Wi-Fi Connection - -------------------------------------------------------------------------------- These are some common questions about the Nintendo Wi-Fi Connection in general. -------------------------------------------------------------------------------- - 6.1.1.1 Transferring WFC ID - -------------------------------------------------------------------------------- There is a lot of confusion about the WFC ID, so I hope to clear it up here. The WFC identifies you by a unique ID that is created the first time you sign in with an online game. If you get a new DS, or want to play an online game in a different DS than the one it was originally played in, you are supposed to transfer the WFC ID to the new DS. If you don't, you will lose both your old Friend Code, and any Friend Codes that were given to you from anyone else. Some games will also wipe your online record. You would also need to link your DS with your "My Nintendo" account again. However, it is not required for the games to operate, so if you are unable to transfer your ID from the old DS to the new one, you shouldn't worry about it too much. For instructions on transferring your WFC ID, see Section 2.4.3, "Transfer Nintendo WFC Configuration". -------------------------------------------------------------------------------- - 6.1.2 Routers - -------------------------------------------------------------------------------- There are a lot of questions about the use of the DS with standard WiFi routers. Here are some of the most common questions going around out there. -------------------------------------------------------------------------------- - 6.1.2.1 Will My Router Work? - -------------------------------------------------------------------------------- The best answer I can give is, "probably". While it is true that there are a few routers that simply do not work at all with the DS, the majority should either work out of the box, or in the worst case, with need a few adjustments. Take a look at Section 6.2.2, "Routers" for some tips on getting your router to work if you are having a problem connecting up to it. -------------------------------------------------------------------------------- - 6.1.2.2 Suggested Routers - -------------------------------------------------------------------------------- A lot of people ask me if there is a particular brand or model they should look for when going out to buy a new wireless router. I always suggest the Linksys WRT54G, as it is easily the best consumer router on the market today. However, it isn't quite as easy as all of that. Linksys recently decided to fork the WRT54G product line; as of version 5 of the WRT54G, the hardware and software have been changed radically. By all accounts, these routers are simply not nearly as capable as the original versions. The pre-version 5 WRT54G was rebranded as the WRT54GL (the "L" standing for "Linux", which is what the original WRT54Gs run), and sold primarily online (and at a slightly higher price tag). So if you want to buy the best, look for a pre-version 5 WRT54G, or go online and buy a WRT54GL. It is definitely worth the trouble to get the real deal rather than the imitation. That said, the limited version of the WRT54G is still better than most of the low-end routers on the market. If you can't, or don't want, to go through the trouble to find the Linux version, you could still do a lot worse than the current WRT54G. Speaking of a lot worse, definitely stay away from all D-Link hardware. Not only are they poor products, but the company as a whole has been known for some very shady business practices in the past. As for the rest, you get what you pay for. If you don't want to spend the money for a good router, at least go online and checkout the router compatibility list on nintendowifi.com before you buy it. -------------------------------------------------------------------------------- - 6.1.3 Nintendo Wi-Fi USB Connector - -------------------------------------------------------------------------------- The Nintendo Wi-Fi USB Connector is a device surrounded by confusion. I have seen more questions about the Connector than any other aspect of the DS's WiFi capabilities. Maybe this section will help that. Probably not though. -------------------------------------------------------------------------------- - 6.1.3.1 Does the Wi-Fi Connector Only Work with the DS? - -------------------------------------------------------------------------------- Yes, using the standard drivers, the Nintendo Wi-Fi USB Connector only works with the Nintendo DS. *NOTE* Nintendo has also confirmed that the Wi-Fi USB Connector will work with the upcoming Wii console as well. -------------------------------------------------------------------------------- - 6.1.3.2 How Many Consoles Can Play on the Wi-Fi Connector? - -------------------------------------------------------------------------------- The Nintendo Wi-Fi USB Connector can support up to five Nintendo DS units connected to it at once. Presumably it is limited to five Wii consoles as well. It is worth mentioning, however, that with that many players connected, lag can become a problem if you don't have a fairly fast Internet connection. -------------------------------------------------------------------------------- - 6.1.3.3 What is Needed to Run the Wi-Fi Connector? - -------------------------------------------------------------------------------- You will need a computer that has at least one free USB 2.0 port and is running Windows XP, and an Internet connection. The USB Connector does not work with other versions of Windows, such as Windows 98, Windows ME, or Windows 2000. See Section 3.2, "Using the Nintendo Wi-Fi USB Connector" for all of the details. -------------------------------------------------------------------------------- - 6.1.3.4 Will the Wi-Fi Connector Work with Dial-Up? - -------------------------------------------------------------------------------- Yes While not officially supported by Nintendo, the Wi-Fi Connector (as well as any soft AP setup, for that matter) will work with a dial-up connection. However, due to the high latency of dial-up, you are likely going to experience considerable lag in most games. If you can only use dial-up, I would suggest you stick to games that do not require fast action or a lot of data to be transfered. For example, Animal Crossing or Tetris DS. -------------------------------------------------------------------------------- - 6.1.3.5 Is the Wi-Fi Connector a Good Value? - -------------------------------------------------------------------------------- Personally, I would say no. At the time of this writing, the USB Connector costs $40. For that much money, you could get a complete wireless router that is much more capable. -------------------------------------------------------------------------------- - 6.1.4 GNU/Linux - -------------------------------------------------------------------------------- This section will cover questions on the setup and use of a soft AP under GNU/Linux. -------------------------------------------------------------------------------- - 6.1.4.1 Will Any WiFi Adapter Work? - -------------------------------------------------------------------------------- No, not all cards will work with DS_AP. While many native Linux drivers support Master mode, not all of them do. In addition, cards that are being used though Ndiswrapper will not support Master mode. The web page for your card's driver should tell you if the card supports Master mode or not, as open source driver projects tend to be pretty descriptive on their pages. -------------------------------------------------------------------------------- - 6.1.4.2 How Can You Test If an Adapter will Work? - -------------------------------------------------------------------------------- An easy way to test if your card supports Master mode is to run the following command as root (Assuming wlan0 is your WiFi card): bash# iwconfig wlan0 mode Master If you get an error along the lines of "Operation not supported", then your drivers don't support Master mode. If you get nothing back, and it just returns to a new line on the console, then your card is now in Master mode, and DS_AP should work fine for you. DS_AP can also test the capabilities of your your wireless card by running it's testing mode. Check Section 4.1.4, "The Complete DS_AP Script" for more information. -------------------------------------------------------------------------------- - 6.1.4.3 Can You Use the Wi-Fi Connector Under Linux? - -------------------------------------------------------------------------------- The answer to this is: "eventually". Currently, the Linux drivers for the RT2570 devices (of which the Wi-Fi Connector is), don't support Master mode. However, I have spoken with the developers directly about the issue, and it is planned for the future. So right now, the Wi-Fi Connector cannot be used to share an Internet connection with the DS, though it will be possible to do so at some point in the future. However, that doesn't mean the Wi-Fi Connector is without use under Linux. It can be used as a standard WLAN device to get your computer online, and it can also be used for WMB/WiFiMe. WMB lets you broadcast official DS demos with your computer, and WiFiMe lets you send DS homebrew programs. If you are interested in DS development, then WiFiMe may interest you, as you can send software you are working on right to the device, rather than having to put it onto a flash card first. The official Linux drivers for the Wi-Fi Connector can be found here: http://rt2x00.serialmonkey.com If you are looking to do WMB/WiFiMe, you will need the hacked version of the above drivers written by masscat: http://masscat.afraid.org/ninds/rt2570.php -------------------------------------------------------------------------------- - 6.1.5 Windows - -------------------------------------------------------------------------------- There are a lot of Windows questions, so I will probably be adding to this one constantly, but for now, I will just cover the basic points. -------------------------------------------------------------------------------- - 6.1.5.1 Will Any WiFi Adapter Work? - -------------------------------------------------------------------------------- No, not even close. Only a fraction of the WiFi cards available in Windows will be able to go into Master mode with their standard drivers. For the most part, if you don't know if your card is capable of Master mode, you should just assume it isn't. -------------------------------------------------------------------------------- - 6.1.5.2 How Can You Test If an Adapter will Work? - -------------------------------------------------------------------------------- If your adapter actually supports Master mode, then you should be able to set it as such under the "Device Manager". -------------------------------------------------------------------------------- - 6.1.6 Mac OS - -------------------------------------------------------------------------------- I have received very little email about OSX, or have seen many questions asked about it, so I will just put questions that seem logical. -------------------------------------------------------------------------------- - 6.1.6.1 Will Any WiFi Adapter Work? - -------------------------------------------------------------------------------- At this time, the only type of wireless adapter I can confirm working on OSX is the AirPort line. It is unfortunate that only this one type of adapter appears to work, but on the bright side, many Macs ship with the AirPort installed, so if you have a new Mac you likely have the required equipment. -------------------------------------------------------------------------------- - 6.2 Troubleshooting - -------------------------------------------------------------------------------- Problems, problems, problems. It seems like half the people talking about the WFC are having some problems with the service, or the act of connecting up to it. I rather think that covering all problems is impossible; but there are certainly a couple of very definite trends that I can follow, which should cover the most common of the problems at least. -------------------------------------------------------------------------------- - 6.2.1 Nintendo Wi-Fi Connection - -------------------------------------------------------------------------------- The WFC itself is pretty stable. There isn't a whole lot that can go wrong with it, but there are a few sticky subjects which should be addressed. -------------------------------------------------------------------------------- - 6.2.1.1 Error Messages 50000 to 59999 - -------------------------------------------------------------------------------- These error messages indicate that the DS was not able to connect to the Nintendo Wi-Fi Connection service. This is generally caused by a software firewall running on the computer hosting the Wi-Fi Connector. You will want to allow the Wi-Fi Connector software in your firewall's configuration, or disable the software firewall while you are playing. You usually won't see this error when connecting to a router, as the router shouldn't be blocking any outbound connections. But if you do see this message when using a router, then read Section 6.2.2.3, "DS Connects to Router But Cannot Connect to Internet". -------------------------------------------------------------------------------- - 6.2.1.2 Error Messages 80000 to 89999 - -------------------------------------------------------------------------------- These error messages indicate that the DS was able to connect to the Nintendo Wi-Fi Connection service, but was able to make or maintain a connection with other players. If you find you are never able to connect to a full game, or get these errors once you connect up to the other players, you might want to look into putting your DS into your router's DMZ. If you are using the Wi-Fi Connector, this problem is probably caused by a software firewall on the computer that is sharing it's Internet connection. You need to allow the Wi-Fi Connector software or forward the required ports. If all else fails, you can just disable the software firewall on the computer when you want to play online. -------------------------------------------------------------------------------- - 6.2.2 Routers - -------------------------------------------------------------------------------- As there are a number of compatibility issues with some standard routers, this issue comes up quite a bit. A lot of people have problems initiating or maintaining a connection with their wireless routers, so this section will address ways to work around the hardware incompatibilities and get you online. Luckily, in the majority of cases, router incompatibility can be overcome with adjustments to the settings and configuration options. It is rare that a router is completely incompatible with the DS, though it is possible. -------------------------------------------------------------------------------- - 6.2.2.1 DS Does Not Detect Router - -------------------------------------------------------------------------------- If your DS doesn't detect the presence of your router, there are a number of things you will want to check. First of all, verify that the wireless functionality of the router is switched on. Most routers have an option to disable their wireless access point, and it is possible that yours has simply been switched off. Though it is unlikely that this is the default setting, if your router was configured by someone else, it might be worth checking. If the wireless function of the router is indeed on, then the second thing you should check (if possible) is if other devices can detect the router. If they can, then you know that the problem is DS-specific, and you will need to continue on with the troubleshooting process. If the other device cannot see the router either, you might want to check that "SSID Broadcast" is not turned off. Now, if we are sure that the router is actually broadcasting and other devices can see it; we need to figure out why the DS can't. A number of routers have had firmware updates since the release of the DS to enable them to properly communicate with it. As such, the first thing you should check is if there is a firmware update available. Running the latest firmware is always a good idea. The issue could also be due to interference with other nearby devices. This is unlikely if other WiFi devices are able to connect alright, but it is worth a shot to change the channel your router is running on to see if that helps any. Lastly, you want to make sure you are in range of the router. The best way to test connectivity with the DS is by attempting to connect when you are only a few feet away from it, then move on from there. In addition, some of the tips in the next section will also resolve this issue, to take a look at those as well if you are still having problems. -------------------------------------------------------------------------------- - 6.2.2.2 DS Cannot Establish Link with Router - -------------------------------------------------------------------------------- If your DS was able to detect the router, but just not connect, then there is a whole other set of configuration options you will want to check. The first thing you want to check is the most obvious, the security settings. Is the router using MAC filtering? If so, you need to add the DS's MAC to the allowed list. If you are using WEP, have you entered the key correctly? The DS can't use WPA, so make sure you don't have that enabled. If the problem isn't something obvious, then you will want to move on to some more advanced troubleshooting. You should check to make sure you are running the most recent firmware on your router, as that is a very common cause for incompatibilities. If that doesn't help, then drop the TX rate of the router down to 2 Mbps. The DS only works at 2 Mbps, and some routers have problems automatically setting their speed. Setting it manually can help if this is the case. While in the wireless settings, you should also set the transmit mode to "B Only", if you are using a 802.11g router. Try switching the channels if you think you might be getting interference from other devices or WiFi networks. -------------------------------------------------------------------------------- - 6.2.2.3 DS Connects to Router But Cannot Connect to Internet - -------------------------------------------------------------------------------- There are two main causes for this situation. Most likely, the issue is a DHCP failure. The DS's TCP/IP stack has problems getting an IP from many DHCP servers. To resolve this issue, you will want to setup your DS with a static IP and DNS settings, as described in Section 7.4, "Correctly Configuring a Static IP". It could also be a firewall problem, where the firewall is blocking the DS from connecting out to the Internet. This doesn't happen too often, as the firewall in the router should be smart enough to allow the WFC traffic. But if not, you can get around this by putting your DS's IP into the router's DMZ. This will allow all traffic though the firewall, and should resolve the problem. It is much easier to put the DS into the DMZ when it is setup with a static IP, so these two solutions are very complementary to each other. -------------------------------------------------------------------------------- - 6.2.2.4 None of that Worked! - -------------------------------------------------------------------------------- If you are in the relatively unlikely situation in which none of the previous tips worked, you might just have yourself an incompatible router. This is rare, but it is within the realm of conceivability. You only have a few options at this point. You can either get a new router or setup a soft AP (either with the Wi-Fi Connector or something else). Beyond that, the only thing you can hope for is that an updated firmware is released to resolve the issue. But I wouldn't put too much faith in it at this point in time. -------------------------------------------------------------------------------- - 6.2.3 Nintendo Wi-Fi USB Connector - -------------------------------------------------------------------------------- The Wi-Fi Connector is a very problematic device. Not necessarily because it is poorly designed, but because of the wealth of configuration options it needs to contend with on the average computer. Each computer has a different network configuration, and writing software that can anticipate all possible situations is simply not possible. Here are a few common problems, and their respective solutions. Keep in mind that even here, these solutions may or may not resolve the issue, depending on your unique system configuration. One final note, before you do any troubleshooting, make sure you are using the very latest Wi-Fi Connector software. Nintendo does fix bugs in the software occasionally, and there is a fair chance that the problem you are having might have been resolved in a newer version of the software if you are using the version that came on the CD. -------------------------------------------------------------------------------- - 6.2.3.1 Wi-Fi Connector Not Detected by Installer - -------------------------------------------------------------------------------- If the installer is unable to detect the Wi-Fi Connector, the most common problem is that you plugged it in before you were told to by the software. If you plugged the Wi-Fi Connector in before you were instructed to, Windows will attempt to install it's own device drivers for it. These drivers will not work with Nintendo's software, and you will be unable to complete the installation. To resolve this, go under the "Device Manager" and make sure all drivers Windows has installed for the actual Wi-Fi Connector device have been removed, then reboot your computer and start the installer again. This time, make sure to only plug the Wi-Fi Connector into the machine when the installer tells you to. Occasionally you will get this error even if you didn't plug the Wi-Fi Connector in too early. It is unclear why this happens, but the following seems to help some people who are receiving this error. Open "Network Connections" and select the interface you are currently using to connect to the Internet (for example, "Local Area Connection 1"), right click on it and select "Properties". In the middle window, under "This connection uses the following items:", see if you have "QoS Packet Scheduler" enabled. If it is, remove it by first clicking on it to select it (a blue bar will appear) and then clicking on the "Uninstall" button below it. Restart the Wi-Fi Connector installation software, and see if it works. For some people, removing the QoS Packet Scheduler is enough to get the installer working, though there is no guarantee it will do anything. After the installation works (or fails, depending on your luck) you can either leave the QoS Packet Scheduler disabled (most people will not need it) or reinstall it if you want to be safe. -------------------------------------------------------------------------------- - 6.2.3.2 Internet Connection Sharing Error - -------------------------------------------------------------------------------- The "Internet Connection Sharing" (ICS) error is very common, easily the most common problem people have in setting up the Wi-Fi Connector. The most common resolution to this issue (but not the only possible one) is that ICS has already been enabled on one of the other network devices. Since Windows can only handle ICS on one device at once, this prevents the Nintendo software from initializing it's own ICS setup. To resolve this, you need to disable ICS on whatever device is currently using it. Open up the "Control Panel", and click on "Network Connections". Here you will see the list of network devices in your computer, you will need to make sure ICS is disabled on every device besides the Wi-Fi Connector itself. To do this, right click on the device and select "Properties". Then go to the "Advanced" tab. Make sure that every option under the ICS section is disabled here. Repeat those steps for every other network device you have installed beyond the Wi-Fi Connector. After you have disabled ICS, uninstall the Wi-Fi Connector software and drivers, and reboot the computer. Once the computer starts back up, try the Wi-Fi Connector installation again from the beginning. ================================================================================ = 7. Reference = ================================================================================ Here is some general information that may be of use to people reading this Guide, I will add more to this as the Guide expands. -------------------------------------------------------------------------------- - 7.1 Networking Glossary - -------------------------------------------------------------------------------- These are simple definitions for some of the terms used in this document. Access Point An Access Point (often referred to simply as an "AP") is the central hub in a WiFi network. All devices connect through the AP to reach the Internet, each other, etc. For most people, the AP will be contained in their wireless router, though stand-alone APs are also available for those who have existing wired networks. DHCP DHCP is system that allows the automatic assignment of IP addresses to devices on a network. Almost all home routers have a DHCP server, and the majority of people connected to home routers, wired or wireless, are using DHCP. DHCP is advantageous as it makes adding new devices to the network very simple. DNS If the IP address is to be compared to a phone number, then DNS could be compared to the phone book. A DNS server holds records that equate hostnames to IP addresses. This is used to convert human-friendly addresses, like Nintendo.com, to IP addresses. A device is generally configured with the addresses for two different DNS servers, a primary and a secondary. This allows for a backup in the event the primary DNS server is not responding. Gateway A gateway is another term for a router. In this case, the gateway is generally a home router of some sort, though in the case of one of the advanced connections, the gateway is actually the computer sharing out the Internet connection. ICS ICS stands for "Internet Connection Sharing". This is Microsoft's term for NAT, and while it is fairly limited in scope and capability (as are most Microsoft products), it is effective enough for the home user. IP Address An IP address is the human-readable address used to define a device on the network. The easiest way to think of an IP address is like a phone number. Everyone with a phone has a phone number and that number is unique to that person but not necessarily to that phone. A phone can have it's number changed, just as a device on the network can have it's IP changed. MAC Address The MAC address of a device is built into it's networking hardware. Every network-enabled device has a unique MAC address that can be used to identify it. NAT NAT stands for "Network Address Translation". It is the method in which an Internet connection can be shared to other devices. This allows you to connect multiple devices to the Internet without each device needing a dedicated connection. Proxy A proxy is best described as an intermediary between two networks. A client connects to the proxy server, and then the proxy connects to the destination server or network on the client's behalf. This is used for a number of things, such as making your Internet activity anonymous or connecting through a encrypted tunnel rather than on the open network. This is not something the average home user needs, or even understands, but may be required on more advanced networks. SSID "Service Set Identifier", or SSID, is the method by which wireless networks are identified by users. The SSID is embedded in every packet transfered by the wireless network. Every device that wishes to be part of the network must know the proper SSID. The SSID can contain 32 alphanumeric characters, and can usually be "hidden" or "cloaked" to provide a minimal level of security for your network. WEP WEP is an outdated method of WiFi encryption. It contains numerous vulnerabilities which allow it to be circumvented very rapidly. Whenever possible, a higher form of encryption than WEP should be used. This is not always possible however, as not all devices support higher forms of encryption, such as the Nintendo DS. WPA WPA was designed to replace the flawed WEP encryption system. While WPA is certainly not without it's faults, it offers much more secure operation. At this time, circumvention of a WPA network is not enough of a threat for the average person to even consider. -------------------------------------------------------------------------------- - 7.2 Software AP Compatible WiFi Hardware and Drivers - -------------------------------------------------------------------------------- The following lists hardware and drivers that either I have personally verified to be working, or at least have on good authority should work, with a software AP setup. -------------------------------------------------------------------------------- - 7.2.1 GNU/Linux - -------------------------------------------------------------------------------- +-------------------------------------------------+ | Device | Interface | Driver | +-------------------------------------------------+ | Realtek RTL8180 | PCMCIA | rtl8180 + sa2400 | | Linksys WM11 | PCMCIA | HostAP | | AmbiCom WL1100C | CF Card | HostAP | | Centrino | Mini-PCI | IPW2100 | +-------------------------------------------------+ -------------------------------------------------------------------------------- - 7.2.2 Windows - -------------------------------------------------------------------------------- +-------------------------------------------------+ | Device | Interface | Driver | +-------------------------------------------------+ | Centrino | Mini-PCI | Offcial Drivers | | RT2500 | PCI | Gigabyte SoftAP | | ASUS WL-167g | USB | Official Drivers | +-------------------------------------------------+ -------------------------------------------------------------------------------- - 7.2.3 Mac OS - -------------------------------------------------------------------------------- +-------------------------------------------------+ | Device | Interface | Driver | +-------------------------------------------------+ | AirPort | PCI | AirPort Drivers | | AirPort Extreme | PCI | AirPort Drivers | +-------------------------------------------------+ -------------------------------------------------------------------------------- - 7.3 Finding the Current TCP/IP Information - -------------------------------------------------------------------------------- I have noticed that many people seem confused as to how to check their current TCP/IP information in order to input manual settings into the DS. The following sections will cover how to find your current TCP/IP information (IP, subnet, gateway, and DNS servers) in Windows, Linux, and Mac OS. Do note, that for all of the operating systems listed, the first DNS server listed is always the primary, and the next server listed is the secondary. In reality, the order that the DNS servers are queried does not really matter for most home users, so don't worry too much about the order in which you enter them on the DS. In fact, some users might find they don't even have a secondary server listed. If you are unclear as to the meaning of any of the information below, consult Section 7.1 "Networking Glossary". -------------------------------------------------------------------------------- - 7.3.1 Under GNU/Linux - -------------------------------------------------------------------------------- Under Linux, there are a few commands you will want to run to get all of the TCP/IP information. The first command we will look at is "ifconfig", which will show you the IP settings for any interface on the system. The output of "ifconfig" will look something like this: bash# ifconfig eth0 Link encap:Ethernet HWaddr 00:0A:E6:D0:17:93 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2763 errors:0 dropped:0 overruns:0 frame:0 TX packets:2986 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1543179 (1.4 MiB) TX bytes:390496 (381.3 KiB) Interrupt:11 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:61 errors:0 dropped:0 overruns:0 frame:0 TX packets:61 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6708 (6.5 KiB) TX bytes:6708 (6.5 KiB) Your system may have more interfaces than this, but the one you are most likely going to want to look at is eth0, your primary Ethernet adapter. The entry for "inet addr" is your machine's IP, and the entry for "Mask" is your subnet. Now that we have the IP information, we will now look for our default gateway. To find the default gateway, run the command "route". The output of "route" will look something like this: bash# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 loopback * 255.0.0.0 U 0 0 0 lo default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 Here, the last line is the important one. This shows the default router your machine is using to connect out to the internet. Finally, we will find the DNS servers the machine is using to resolve hostnames to IP addresses. To find the current DNS servers, we will look in the file "/etc/resolv.conf". To read the file, we will use the command "cat /etc/resolv.conf". The contents of the resolv.conf file will look similar to this: bash# cat /etc/resolv.conf # Generated by dhcpcd for interface eth0 nameserver 151.204.0.84 nameserver 151.197.0.39 -------------------------------------------------------------------------------- - 7.3.2 Under Windows - -------------------------------------------------------------------------------- Under Windows, there is really only one command you need to know to find out the current TCP/IP information for your machine. First, you will want to open up the command interpreter. To do this, click the "Start" button, then click on "Run" and in the dialog box, type in "cmd". Then hit enter. You will be presented with the command interpreter window, in this window, you will type the command "ipconfig /all". The output will look similar to this: Windows IP Configuration Host Name . . . . . . . . . . . . : MyComputer Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Generic Ethernet Controller Physical Address. . . . . . . . . : 00-XX-00-XX-00-XX Dhcp Enabled. . . . . . . . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 151.204.0.84 151.197.0.39 This command shows all of the information you should need to fill in the IP information on your DS. -------------------------------------------------------------------------------- - 7.3.3 Under Mac OS - -------------------------------------------------------------------------------- Like Linux, Mac OS uses the "ifconfig" tool to set and view TCP/IP options. The output of "ifconfig" will look something like this: lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 gif0: flags=8010 mtu 1280 stf0: flags=0<> mtu 1280 en0: flags=8863 mtu 1500 inet6 fe80::20a:95ff:fed4:3456%en0 prefixlen 64 scopeid 0x4 inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255 ether 00:0a:95:d4:34:56 media: autoselect (10baseT/UTP ) status: active supported media: autoselect fw0: flags=8822 mtu 2030 lladdr 00:0a:95:ff:fe:d4:34:56 media: autoselect status: inactive supported media: autoselect Here, the primary Ethernet adapter is "en0". The entry after "inet" is the IP for the machine. Again, as in Linux, you will view the contents of /etc/resolv.conf to see the DNS servers: To read the file, we will use the command "cat /etc/resolv.conf". The contents of the resolv.conf file will look similar to this: nameserver 151.204.0.84 nameserver 151.197.0.39 The method to view the default gateway is different in Mac OS than Linux. To find the default gateway under Mac OS, run the command "netstat -m". The output of "netstat -r" will look something like this: Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.1.1 UGSc 17 35 en0 127 127.0.0.1 UCS 0 0 lo0 127.0.0.1 127.0.0.1 UH 12 323181 lo0 192.168.1 link#4 UCS 1 0 en0 192.168.1.1 0:20:78:ce:c0:ec UHLW 16 0 en0 1158 192.168.1.100 127.0.0.1 UHS 0 10 lo0 Here, the top line is the important one. This shows the default router your machine is using to connect out to the internet. -------------------------------------------------------------------------------- - 7.4 Correctly Configuring a Static IP - -------------------------------------------------------------------------------- I think that given my profession and general interest in the subject, I tend to take some things for granted. Specifically, I just assumed that people were aware how to properly configure a device to use a static IP without causing an IP conflict or other such problem. But looking at user's comments on the Internet, I can see that is clearly not the case. So in this section I am going to cover the proper way, or at least the easiest way, to give a device a static IP address. The first thing you need is the current configuration from one of the devices already connected to the network, namely your computer. To find the relevant information on your computer, consult section 7.3, "Finding the Current TCP/IP Information". Once you have taken note of all the information, proceed on. Most of the information should be directly copied into the DS's static IP configuration. This includes the subnet mask, gateway, and both the primary and secondary DNS servers. The only thing that needs to be changed is the IP. Two devices cannot have the same IP address, so you have to make sure that the IP you set for the DS is not currently in use, or will be in the future. The problem here is that if the computers on your network are using DHCP, it could eventually cause a conflict if the IP you have setup for the DS is pulled from the DHCP server. Thankfully, most routers will assign a specific DHCP range, allowing for many IP addresses that can be used without fear of the DHCP server ever trying to give it out. These are generally the lower IPs, so we will continue on with that assumption. Let's say that the IP address of your router is 192.168.1.1, and your computer is 192.168.1.100. Now, if you were to give the DS the static IP of 192.168.1.101, there could be a conflict if another computer using DHCP came onto the network To avoid this, we are going to use an IP address that is lower than the DHCP server is going to use. Taking again the example router IP of 192.168.1.1, we can assume that the IP 192.168.1.10 would be safe to use for the DS. It is low, so DHCP probably won't use it, and it is high enough that you could still add other static devices below it. Of course, this is going to change depending on your network setup, which is going to be determined by your router. But the concept is simple. You take the IP of your router, and increase the last digit by about 10. So if the router is 192.168.0.1, then use 192.168.0.11. The important thing to remember, aside from making sure the IP you chose is not already in use, is to make sure you change only the last digit. If you change any of the other ones, you will put your DS out of the network, and you won't be able to establish a connection. -------------------------------------------------------------------------------- - 7.5 Tips for Increasing WiFi Range - -------------------------------------------------------------------------------- A common complaint of WiFi technology is the relatively short useful range. The DS is especially susceptible to this fault due to the extremely simplistic antenna it employs (imagine a one inch strip of tin foil on a bit of plastic, that should give you a pretty good idea of what we are dealing with). Luckily, there are quite a few things you can do to increase the useful range of your WiFi hardware. Note that none of these tips are DS-specific. These will work with any WiFi devices you might have. -------------------------------------------------------------------------------- - 7.5.1 Transmission Rate - -------------------------------------------------------------------------------- The easiest way to improve signal strength in fringe areas is to decrease the tranmission rate of the hardware. This seems counter-intuitive at first, to slow down the link in order to increase it's performance. To understand this concept, you first have to understand how radio's communicate with each other. To put it simply, the worse the signal is between two radios, the slower data has to be transmitted to ensure it is properly transferred. Because of this, WiFi hardware automatically changes the transmission rate as the signal strength goes up and down. However, this can be a problem in some situations. Let's say that the WiFi card you are using is designed to go from 11 Mbps to 5.5 Mbps when the signal drops below 50%. Now, what happens when you are using this device in an area where the signal strength wavers between 45% and 55%? Every time the signal drops below the specified rate, the card will request that the AP communicate with it slower, and when the signal goes back up, it will then request that the AP speeds up again. If you are in an area where the signal is constantly shifting around, the devices can spend a good deal of their time just trying to decide how fast they should be communicating. In the process, data can be needlessly lost, requiring it to be retransmitted, bringing down the overall speed of the link even more. Clearly, this is a vicious and pointless cycle. The design of the hardware itself will slow down communication more than the low signal will. Luckily, the solution is very simple. Just manually lock the sync rate of your hardware to a low speed if you do not have a strong signal. While you will be taking the hit in bandwidth, you will be making up for it in the long run by not having to deal with the problems associated with rate autonegotiation. -------------------------------------------------------------------------------- - 7.5.2 Antennas - -------------------------------------------------------------------------------- While the weak antenna on the DS is a constant (well, technically it could be modified with an external antenna connector, but that is a bit out of the scope of this document), the antennas on your WiFi router can usually be changed out for ones of higher gain. Linksys, for example, makes a set of 7 dB high-gain omnidirectional antennas that connect right up to many of their routers. You can also fit your router (or even some PCI and PCMCIA cards) with directional antennas. These can dramatically increase range, and can be purchased inexpensively (in fact, you can even build your own). However, the problem with directional antennas is just that, they focus the signal from the device's transceiver in a single direction, rather than equally spreading it around as an omnidirectional antenna does. Unfortunately, to see any benefit from a directional antenna, you would need to always keep the client device in-line with the antenna. For a mobile device like the DS, this is obviously not what you want. So, try to find some high-gain omnidirectional antennas for your hardware, either official products from the manufacturer, or a third party product. -------------------------------------------------------------------------------- - 7.5.3 Router Firmware - -------------------------------------------------------------------------------- Not only will the latest official firmware for a router often fix problems you might be having and increase performance, some routers have third party firmwares available that radically change the abilities and performance of the router. Namely, it is possible to increase the radio power much higher than it's stock configuration allows When talking about third party firmware for routers, you are mainly going to be dealing with the Linksys WRT54G. The WRT54G is not only considered the best consumer router available, but it is also easily the most flexible router on the market, as it runs the Linux operating system. Since Linux is licensed under the GPL, Linksys had to make public their version of Linux built for the WRT54G. This allowed other developers to build their own customized versions of the operating system. It is important to note however, that as of version 5 of the WRT54G, it no longer runs Linux, and instead uses a simplified firmware, along with less powerful hardware. Linksys has forked the development of the WRT54G, there is now the standard consumer version, and the WRT54GL, which is the Linux version. If you want to experiment with alternate firmwares, you need either a pre-5 WRT54G, or the WRT54GL. In fact, many people have been reporting problems with the v5 WRT54Gs, so you might be better off getting a WRT54GL even if you never plan on hacking it. There are many replacement firmware's for the WRT54G, many more than I can cover here, but you may want to check out HyperWRT or DD-WRT to start with. Likewise, the installation of third party firmware is out of the scope of this document, so you will have to look on the website for the firmware you are looking to install. Take a look at the Wikipedia page on the WRT54G to get more information on it's hardware revisions and third party firmware. http://en.wikipedia.org/wiki/WRT54G ================================================================================ = 8. Thinking Out Loud = ================================================================================ In this section, I will share my observations, thoughts, and experiments in reference to the Nintendo DS and it's WiFi capabilities. -------------------------------------------------------------------------------- - 8.1 Rate Autonegotiation - -------------------------------------------------------------------------------- Rate autonegotiation is probably one of the biggest faults with the Nintendo DS, and is the cause of many (if not most) of it's hardware incompatibilities. To understand the problem, you first need to understand what rate negotiation means. When two network devices (wired or wireless) first begin to communicate, they complete what is known as a "handshake". This process allows the two devices to learn a bit about each other so that they can reliably establish communication. One of the most important details that is conveyed in the handshake process is the maximum rate at which both of the devices can communicate. The speed at which the devices are to communicate is then set to the highest supported speed between them, or in other words, the network can only go as fast as the slowest device that is currently connected. Unfortunately, unlike essentially every other modern WiFi device released, the DS supports a maximum transmission rate of 2 Mbps. This is rather unusual in itself, as even 802.11B devices will generally transmit at their maximum of 11 Mbps, and only fall back to 2 Mbps if there is a bad connection. But, this is what Nintendo gave us, so this is what we need to deal with. Now, the principle problem here is not that the DS can only communicate at 2 Mbps (for the purposes of the DS, this is more than enough bandwidth) but the fact that the DS seems largely incapable of properly negotiating this fact with the access point it is connecting to. This can cause significant problems in some cases. For example, the first time I played Mario Kart online I noticed differences when setting the DS up against my Linksys WRT54G and BEFW11S4. When connecting to the routers, the time taken for both the connection test and the actual login to the Nintendo Wi-Fi Connection took considerably longer when authenticating against the WRT54G than the BEFW11S4. Looking at the setup for both routers, the WRT54G's rate was set as Auto, while the BEFW11S4 was locked at 2 Mbps. Setting the rate on the WRT54G to 2 Mbps cleared up the problem, and my login times were the same on both routers. This was a relatively minor problem, but on some hardware autonegotiation doesn't just take longer, it completely fails. D-Link and Belkin routers, for example, often fail when trying to autonegotiate with the DS. This can be a difficult problem to diagnose if you don't already know about the issue, as there is no error message that will directly blame a failed connection on the transmission rate of the router. It will just cause a general error message about not being able to connect. Because of the delays involved in autonegotation and the possible connectivity failures on some hardware, I strongly suggest everyone sets their router's TX rate to 2 Mbps from the start if at all possible. Many complain that doing this would cause the other wireless devices on the network to slow down to 2 Mbps as well, which is completely true. But on the other hand, the same thing will happen whenever you allow the DS to automatically configure the router's speed anyway. If you use the Wi-Fi Connection often, there is functionality no difference between setting the rate to Auto and manually capping it at 2 Mbps. -------------------------------------------------------------------------------- - 8.2 WiFi vs. NiFi - -------------------------------------------------------------------------------- Here is the first thing you need to know; every wireless function on the DS uses WiFi. This alone confuses many people, as local wireless multiplayer is neither online nor easily tunneled (unlike the PSP), which would seem to indicate it is using some different wireless technology, but that just isn't the case. WiFi is a standard for wireless networking defined by the IEEE 802.11 specification. That means that WiFi is a general term for many different products and technologies. For it's local multiplayer, the DS uses WiFi only as a transport medium. The OSI Network model defines 7 layers of network connectivity. Without getting into very technical detail, the IEEE 802.11 specification only defines layers 1 and 2. TCP/IP (what people commonly use WiFi for) does not start to emerge until layer 3, where IPv4/IPv6 are defined, and then TCP/UDP on layer 4. Instead of using TCP/IP over WiFi for local multiplayer, Nintendo has developed their own communication protocol that is specifically designed for gaming. It is faster, more efficient, and much simpler than TCP/IP or UDP. This protocol doesn't come into play (like TCP/IP) until after layer 2. So while it is not TCP/IP, what we all associate WiFi with, it is certainly still within the IEEE 802.11 specification, and therefore, is WiFi. Think of the DS's WiFi hardware as a blank sheet of paper. It lays down all the rules for WiFi connectivity, but it is up to individual developers to decide what that WiFi hardware is going to be used for. Nintendo's proprietary protocol for local wireless, or TCP/IP for online games. For games using the Nintendo Wi-Fi Connection, a TCP/IP stack is included in the game software itself. So with a designated game, the DS can work with normal WiFi networks. This is in contrast with the PSP, which uses TCP/IP over WiFi for both it's online and local multiplayer games. It uses Infrastructure mode for online games, and Ad-Hoc mode for local multiplayer games. This is an easy way to go, but does lack the advantage of being specifically designed for games. Perhaps this is why we have not seen the local multiplayer features of the PSP used as well as they have been on the DS (Download Play, 10 player single card multi, Download Stations, etc). So, what is this protocol that Nintendo created called? Thankfully for me, as I have no creativity, somebody has already named it for us. The usual term for the DS to DS protocol in the homebrew world is NiFi, a play on Nintendo and WiFi. I hope that clears up some of the confusion as to what NiFi refers to, and why it is really WiFi, just in an unusual form. -------------------------------------------------------------------------------- - 8.3 Nintendo Wi-Fi USB Connector vs. Software AP - -------------------------------------------------------------------------------- The point of this Guide, at least originally, was covering the setup of software APs in Linux and Mac OS, since Nintendo had already provided a method to do so for Windows users. However, many people are unhappy with the official Nintendo option, and wish to create their own software AP in Windows. So the question is, which is the better option? Personally, I would have to advise most Windows users to just get the Nintendo Wi-Fi Connector and be done with it, unless you already have a soft AP capable WiFi device. Make no mistake, it is certainly possible to create a software AP in Windows. But due to the needlessly restrictive nature of the Windows OS, and it's drivers, it is frustratingly difficult. Both because of how poorly implemented the feature is in Windows, and because of the poor hardware support. But if we assume that you already own a compatible WiFi device, and have the ability to configure a soft AP, then we can at least make a fair comparison with the Wi-Fi Connector. The Wi-Fi Connector does have the advantage of per-device access restrictions out of the box, which improves the security of the installation a great deal. With a soft AP you are limited to MAC filtering and WEP, neither of which are considered secure at this point. In favor of the soft AP, you can support many more devices, both in terms of the amount of devices (the Wi-Fi Connector is limited to 5 concurrent connections) and the variety of devices (any WiFi device for soft AP, only the Wii and DS for Wi-Fi Connector). This is usually the deciding factor for most people, as you will probably want to use some non-Nintendo devices at some point. Beyond that, there is little difference. Price does come up, since you can get a compatible card for less than the Wi-Fi Connector. Though most of the compatible cards are PCI or PCMCIA, so that may be an issue for you if you want a USB solution. The soft AP should also work on any OS supported by the device's drivers, something that cannot be said for the Windows XP only Wi-Fi Connector. Of course, now that the Wi-Fi Connector itself can be used as a standard soft AP, most of this is moot. If you want the Wi-Fi Connector functionality, use the original software; if you want soft AP functionality, follow Section 4.4.2. It is really the best of both worlds. -------------------------------------------------------------------------------- - 8.4 What Happened to WPA? - -------------------------------------------------------------------------------- A major complaint about the DS's WiFi implementation is the lack of WPA support. While this is minor or non-existent to some users, others value the security of their wireless network and would rather not compromise it. To those who value their "security" I would have to point out that WiFi, by design, is an insecure system in the first place. Even WPA can be cracked with relative ease with current software. If you are that concerned with network security, I would advise you to stop using WiFi completely. But regardless, there is hope. As the TCP/IP implementation and WLAN API is included in each game card, and not on the system itself, it is completely possible for Nintendo to add WPA support in software with later game releases. It would not be possible to add WPA support to existing WFC games, however. The problem is, the DS is probably not powerful enough to handle the overhead that would be involved in handling WPA in software without an unacceptable drop in performance. For this reason alone, I would not put too much hope in an eventual update to support WPA. -------------------------------------------------------------------------------- - 8.5 A Tale of Two Consoles - -------------------------------------------------------------------------------- While researching the for the Guide, I noticed a odd behavior when two systems connected to the same AP and played on the WFC. Testing with Animal Crossing: Wild World, I would connect my DS (DS A) to a friend's DS (DS B) though local wireless, and begin wandering around his town. If I then took a second DS (DS C) and connected to DS A though WFC, I would start to have problems. It would work fine for the first few minutes, but invariably, within the first 10 minutes, all of the systems would crash, and give various error messages about losing contact with the host, or problems with lag. I can confirm this behavior on the Linksys WRT54G 100% of the time during my tests. I also tested the same situation with my soft AP created for this Guide, and while it lasted longer than the WRT54G, it too would crash after awhile. I have not found an exact cause for this, I will have to take a look at the network traffic going between the 3 with a sniffer to find out what is actually happening. One theoretical solution (I have not tested this) is to use static IP on one of the two systems connecting to the same AP, and putting that static IP in the DMZ of the router. This would ensure there is no collisions at the router when it tries to route packets to the same devices on the same ports (one theory I have as to why they crash). I'll update this section as I learn more, and hopefully find a fix. -------------------------------------------------------------------------------- - 8.6 Ad-Hoc on the DS - -------------------------------------------------------------------------------- One of the very first things I looked into when starting this Guide, and really, even before I started the Guide, was getting the DS online though an Ad-Hoc connection. Normally, the DS (as do most devices) connects to the internet in Infrastructure mode. That is, there is a single dedicated access point, which serves as the gateway between the local network and the internet. I was looking into the exact opposite, getting the DS online by connecting to an Ad-Hoc network. In this situation, there would be no dedicated access point, and instead, all of the devices connect to each other on a peer to peer basis. The reason getting the DS online though Ad-Hoc would be advantageous is because almost every WiFi device on the market can operate in Ad-Hoc mode, while only some can operate in Master mode (which is required for it to act as an access point to facilitate Infrastructure mode). This would allow you to use almost every WiFi adapter ever made as a soft AP, under every OS. So the very first experiments I did with my Linux test setup was to create some Ad-Hoc networks, and try to connect to them. When doing "Search for an Access Point", The DS showed the Ad-Hoc networks with full signal and unlocked but when trying to connect to them, the signal indicator on the "Connection Test" would stay at red, and I would eventually get the error 51302 (can't connect to AP). Despite my best efforts, I am always stalled at this error. Unfortunately, at this point, it seems like it is just not possible for the DS to connect to an Ad-Hoc network. I will continue experimenting with it, and update if I make any progress. -------------------------------------------------------------------------------- - 8.7 Monkey See, Monkey Don't - -------------------------------------------------------------------------------- One of the most interesting things I have noted about the WFC setup utility, and the most aggravating thing as well, is the unreliability of the "Search for Access Points" function (Section 2.2.2.1, "Automatic Configuration"). The utility will show networks that the DS cannot even connect to, such as Ad-Hoc networks, G-Only networks, and WPA encrypted networks (though at least for WPA, it indicates right off the bat that it can't connect to it). You can usually tell when it has listed an incompatible network, since when you try to connect to it, the signal indicator will immediately go to red, with no signal bars, even though it probably showed full signal a split second ago. It also has a tendency to show APs that have low signal as having full signal strength. This can cause a very confusing situation, in which the DS will show an AP will a good signal, but every time you connect, you will get an error message. So, just because the DS shows it listed under "Search for Access Points", don't assume you can actually do anything with it. -------------------------------------------------------------------------------- - 8.8 Escaping Captivity - -------------------------------------------------------------------------------- The DS has no problem connecting to open WiFi APs that are scattered around in stores, libraries, malls, etc. However, it is increasingly common for APs to be locked down with what is known as a "captive portal". A captive portal is a proxy system that does not let client systems inside the network connect out to the Internet until they have been authenticated. These systems are often found in schools or coffee shops. The goal of the captive portal is to keep people from using the wireless network without authorization, or often more accurately, without paying. The mechanism though which the captive portal works is fairly simple. When the client connects to the network and tries to access the Internet, traffic must go though the proxy server on the network. This proxy server will put up a login screen in the client's web browser when they attempt to access a website. The user must put in their login information, or (in the case of a pay AP) their payment information, to continue. Once the proxy server has accepted the information they have entered, the MAC address of the machine the user logged in from is then allowed full access to the Internet. In the case of the DS, there are a few ways around this. -------------------------------------------------------------------------------- - 8.8.1 Nintendo Wi-Fi USB Connector - -------------------------------------------------------------------------------- The first, and most troublesome, is to bring a laptop and the Nintendo Wi-Fi USB Connector to the AP. You can then login with the laptop, and share that connection out to the DS though the Connector as described in Section 3.2, "Using the Nintendo Wi-Fi USB Connector". This is the method Nintendo suggests, but is obviously not ideal for a number of reasons. You may not have a laptop capable of operating with the Wi-Fi Connector, and even if you do, you probably don't want to be carrying it around all the time just to play online with the DS. However, if you already have a laptop with WiFi capabilities, there is a less convoluted way to get through. -------------------------------------------------------------------------------- - 8.8.2 MAC Cloning - -------------------------------------------------------------------------------- While the MAC address of the DS cannot be changed by the user, the MAC address of the wireless card in your laptop generally can be (not all drivers support this, but it is usually a good bet that they do). You can use this to your advantage to get the DS online though a captive portal. The first thing you need to do is check the MAC address of your DS. Take a look at Section 2.4, "Wi-Fi Connection Options Menu" for information about how to find it on your system. Once you have the MAC address of the DS, set it as MAC of your laptop's wireless card. To the network, your laptop and DS will now appear to be the same device. After you have cloned the MAC of the DS, connect to the wireless network with your laptop, and login though the captive portal system. Then, turn off the wireless card in your laptop, and configure your DS with the AP using "Automatic Configuration" (see Section 2.2.2.1). If done correctly, the DS should be able to connect to the Internet successfully. -------------------------------------------------------------------------------- - 8.8.3 Nintendo DS Browser - -------------------------------------------------------------------------------- With the release of the Nintendo DS Browser, it is now very easy to get though captive portal systems with just the DS itself. Of course, you will need to purchase the DS Browser, which is an added expense, but if you were interested in the Browser in the first place, then it isn't really a big deal. All you need to do is to use the "Automatic Configuration" to setup the DS with the AP, then start up the Browser. You will then be presented with the captive portal login, at which point you would proceed as you would on your laptop. When you are logged in and can access the Internet normally, turn off the DS, put in the game you want to play online, and start it up. The proxy should still have your DS's MAC authenticated, so the game will be able to get though without any problem. ================================================================================ = 9. Misc. = ================================================================================ -------------------------------------------------------------------------------- - 9.1 Version Information - -------------------------------------------------------------------------------- Changes for 1.3: Updated licensing info Added DigiFAIL link Added Section 4.1.5, Introducing linux_ics -Evolution of DS_AP Changes for 1.2: Rewrote Section 8.1, "Rate Autonegotiation" -This needed updating badly Updated Section 8.9.3, "Nintendo DS Browser" -Browser is released in US now Removed Section 8.8, "The Cisco Kid" -Nothing useful. Was a good name though... Updated Section 8.3, "Nintendo Wi-Fi vs. Software AP" -Almost total rewrite Renamed Section 7.5.1, "Sync Rate" to "Transmission Rate" -Continuity Changed all instances of "guide" to "Guide" - I demand capitalization Updated Section 7.1, "Networking Glossary" -New entries added, now alphabetical Fixed typo in Section 5.4.2.2.3, "Mac OS" -Thanks, David Removed Section 4.4.3, "Wi-Fi Connector on Vista" -Official drivers now out Fixed typo in Section 5.1.3, "WEP" -Thanks, Rob Changes for 1.1: Fixed typo in Section 4.4.2.2, "Software Modification..." -Missing \ Updated Section 6.2.3.1, "Wi-Fi Connector Not..." -Added QoS Scheduler fix Updated Section 7.1, "Networking Glossary" -Added SSID, should have had this... Updated Section 4.3.4, "Automatic Configuration?..." -Added default TCP/IP info Renamed Section 4.3.4, "Automatic Configuration?..." to "Connecting the DS" Updated Section 7.4, "Correctly Configuring a Static IP" -Lots of little fixes Updated Section 6.2.2.3, "DS Connects to Router But" -Added Sect. 7.4 reference Updated Section 6.2.1.1, "Error Messages 50000 to 59999" -Sounds better now Added Section 4.4.3, "Using the Nintendo Wi-Fi USB Connector with Vista" Changes for 1.0: Updated Section 7.2 -New hardware for Windows/Mac Completed Section 4.2, "Configuring a Software AP in Windows" -Finally! Added Section 9.3, "Disclaimer" -I probably should have this... Updated Section 9.2, "Future Additions" -Reflect new long-term goals Completed Section 4.4.2, "Nintendo Wi-Fi USB Connector Soft AP" -Finally! Changes for 0.63: Added driver URLs to Section 6.1.4.3. Updated Section 9.2, "Future Additions" -Reflect new long-term goals Removed Section 9.3, "Help Wanted" -Well, that was totally useless Updated Section 4.2, "Configuring a Software AP in Windows" -Match Wii Guide Changes for 0.62: Added Wi-Fi Connector software download URL Fixed typo in Section 2.2.2.1. Thanks, Grant. Updated Section 4.3.1, "WiFi Options in Mac OS" -Looks like all AirPorts work Fixed typo in Section 7.3.3. Thanks, Nick. Changes for 0.61: Added "bash#" prefix to all Linux commands Fixed typos in Section 4.1, only took 8 months to catch them. Fixed spacing in title of first section "Introduction". Wow, I missed that too. Updated DS_AP to v2.1, a backport of features from Wii_Route Changes for 0.60: Added Section 7.4, "Correctly Configuring a Static IP" Completed (for now) Section 5, "Network Security" Fixed heading for Section 7.2.3/7.3.3 Made additions to Section 9.4, "Credits" Changed name of Section 2 from "Setting up your DS" to "DS Configuration" Completed (for now, anyway) Section 4.3, "Configuring a Software AP in Mac OS" Updated DS_AP to v2.0, a total rewrite and redesign of the entire script Updated Section 6, "FAQ & Troubleshooting" Changes for 0.43: Fixed capitalization of Section names Clarified Section 8.8, "Monkey See, Monkey Don't" Clarified Section 7.3, "Finding the Current TCP/IP Information" Cleaned up Section 7.2, "Software AP Compatible WiFi Hardware and Drivers" Fixed up text in Section 2.2.2.1, "Automatic Configuration" Fixed up text in Section 8.2, "WiFi vs. NiFi" Rewrote much of Section 8.1, "Rate Autonegotiation" Added Section 7.4, "Tips for Increasing WiFi Range" Cleaned up Section 4.1.1, "WiFi Options in GNU/Linux" Replaced "WMB/WiFiMe" with "FAQ & Troubleshooting", as it is more important Added Section 3.3, "Nintendo Wi-Fi USB Connector Versus Wireless Router" Rewrote Section 2.3, "Configuring a Connection with...Wi-Fi USB Connector" Added Section 3.2, "Using the Nintendo Wi-Fi USB Connector" Updated the current status of soft AP research for Windows and Mac OS Removed Section 8.4, "Network Security", replaced by Section 5 Added Section 8.9, "Escaping Captivity" Updated DS_AP to Version 1.2 Changed DNS servers in DS_DHCP.conf Changes for 0.42: Many small fixes, spelling, capitalization, etc Extensive minor edits and changes Created new framework for future sections, sections above 4 increased by 2 Created new Sections, "Network Security" and "WMB/WiFiMe" Changed copyright in DS_AP (since Guide is not hosted only on GameFAQs) Updated the current status of soft AP research for Windows and Mac OS Updated Section 8.4, "Network Security" Renamed Section 8.1, "Rate Autonegotiation" Moved Section 1.2 to Section 8.2, since 1.2 made no sense where it was Rewrote Section 1.2 to become "Why was this Guide Written?" Rewrote Section 1.1 Rewrote intro to Section 4 Added Section 4.4, "Hacking the Nintendo Wi-Fi USB Connector" Added Section 4.4.1, "Using the Nintendo Wi-Fi USB Connector with AOL" Added Section 9.2, "Future Additions" Edited Section 4.1 so I don't sound like a total tool Added Section 8.7, "Ad-Hoc on the DS" Added Section 9.3, "Help Wanted" Added Section 8.8, "Monkey See, Monkey Don't" Added Section 8.9, "The Cisco Kid" Updated DS_AP to Version 1.1 Expanded Section 2.4.3, "Transfer Nintendo WFC Configuration" Changes for 0.41: Fixed incorrect DHCP configuration file Reordered Section 7 Moved Section 5.2 to 5.3 Added Section 5.2, "Software AP Compatible WiFi Hardware and Drivers" Changed order of 5.3 Sections Changed information in Section 5.3 so IP setup is the same in each OS Added note about running DS_AP as root Swapped 4.2 and 4.3 to reflect OS order used though the rest of the Guide 0.40: Second release. Changes for 0.40: Completed Section 4.1 "Configuring a Software AP in GNU/Linux" Added Section 2.4, "Wi-Fi Connection Options Menu" Added Section 5.2, "Finding the Current TCP/IP Information" Added Section 6.6, "A Tale of Two Consoles" 0.20: First release. Covers most of soft AP in Linux, and majority of DS configuration. -------------------------------------------------------------------------------- - 9.2 Future Additions - -------------------------------------------------------------------------------- I feel this Guide is fairly unique, as it can never really be complete. There will always be new ideas to cover, and more observations to note. But even so, here is a brief list of things I am working on, both in the short and long term. Long Term: Complete side investigations for "Thinking Out Loud" Short Term: Add new features to DS_AP -------------------------------------------------------------------------------- - 9.3 Disclaimer - -------------------------------------------------------------------------------- Due to the nature of this Guide, or more specifically, some of the particular sections of it, there is a high chance that you may encounter unexpected problems with your setup that are not addressed in this document. Please be aware that while all of the things in this document have worked for me in my own testing, that they may or may not work as well in your environment. While I will try and help if there is a problem, I cannot be held responsible for said problems. This Guide is provided for educational use only, and any changes you make to your network or computer are done so at your own risk. -------------------------------------------------------------------------------- - 9.4 Credits - -------------------------------------------------------------------------------- Thanks to: My Wife, for supporting my madness wherever it may take me. Phillip Sanders, for allowing me to use his general document format and ASCII appearance Linus Torvalds, for creating the Linux kernel, and making the world happy Patrick Volkerding, for creating Slackware, and making me happy Andrea Merello, for writing the RTL8180 driver I use for my WiFi hardware Christian Maas, for writing the excellent XVI32. www.chmaas.handshake.de RGCDude, for doing an infinitely better job editing this than he did testing DW Maxx, for guidance on submitting materials ravuya, for general OSX information and screen shots. www.rav.efbnet.com Ectospheno, for his invaluable experience, and assistance with the OSX section NikeXTC, for confirming that standard AirPort cards are soft AP capable. Prince_Valmont, for information on using the Wi-Fi Connector under Vista All of the sites that graciously host this document. Everyone I don't hate. # EOF