Connecting Multiple Computers to TWO



Summary

This document describes the items needed, and configuration of those items, for connection of TaxWise Online (TWO) workstations to the Internet. It contains the procedures for setting up the routers and connecting equipment when there is a wired connection to the Internet at your site.

If the only connection to the Internet is via a wireless connection, then you should accomplish the procedures in the document, “Using a Site’s Wireless Connection for TWO” (Appendix, Ref No. 8).

Other References

If not using a wireless printer, the workstations may also need to be networked for the purpose of printing – that procedure is described in the document, “Printer Installations for TaxWise” (Appendix, Ref No. 1). The Appendix contains a list of other documents that may assist you in the setup.

Level of Expertise Required

This procedure requires an intermediate level of expertise. The user should have at least an introductory level of knowledge of computers and routers. In addition, it is recommended that the user read through this document before starting to assure that he/she has a general understanding of the procedures and feels comfortable completing them. The procedures are not difficult, but some interpretation is required on the user’s part because it is impossible to address the procedures and terminology for each of the routers that can be used.

What You Need

1. Broadband access – Provides Internet access through a wired connection. ‏

2. Workgroup router (wired or wireless, depending on your type of LAN connection)

It’s possible to use a network switch rather than a router if your host facility already uses a router. But a router can provide a separate network from that of the host’s network, and is the preferred networking hardware for Internet sharing.

3. Network switch(es) – Provide supplemental connection ports if your router doesn’t have enough wired ports.

4. Cat 5, 5E, or 6 Ethernet cables (whichever can be purchased the cheapest), referred to as “patch cables,” to interconnect the wired equipment.

5. Microsoft Security Essentials (MSE) antivirus installed and updated.

6. Windows firewall turned on.

7. IRS depot and/or AARP laptops that have had the tune-up procedures installed (Appendix, Ref No. 4, 5, and 6) or, in lieu of running the tune-up procedures, AARP computers that have been imaged with the 2011 images (Appendix, Ref No. 9). Also, if using wireless personal, donated, or site provided computers, the computers must pass two required security scans (Appendix, Ref No. 8) and be certified by the NTC as safe for use.

8. Wireless adapters for non-wireless capable computers, if desired.

9. IT assistance – If your host site’s Internet connection is managed by an IT department, you will need to coordinate with the IT department’s engineers/technicians to connect your router to their managed network. Connecting directly to a DSL or cable network does not require this.

Router and Wireless Adapter Technical Requirements

Wireless Routers: The router must meet the 802.11g specifications – so, a router listed as 802.11g, 802.11b/g, or 802.11b/g/n will meet that specification. The router must also be capable of providing WPA/WPA-2 encryption.

Wired Routers: Virtually any router manufactured in the last 5 years will work in a wired network.

Wireless Adapters: The wireless adapters should meet the 802.11g specification and be capable of WPA/WPA-2 encryption.

802.11n equipment: It is not necessary to purchase a router or network adapters with the newer 802.11n specification – this equipment will normally be much more expensive and most of the Tax-Aide wireless-capable computers will not conform to the 802.11n specification. In addition, you will not notice a difference between g and n equipment for TWO. However, if someone is offering n router or adapters at a bargain price, they will work in a g network as long as the n equipment is listed as backward compatible with the g specification – almost all are. If you want true 802.11n capability, the router and network adapter must be paired to meet the n specification.

Router and Computer Security Policy and Configuration

The use of Wireless Networking is not permitted at any site for client/server networking of TaxWise (Desktop Version).

The security policy in this section is REQUIRED for any router used in the AARP Tax-Aide program. This section describes the setup parameters for wired and wireless routers and computers connecting to the Internet. Each of the items in this section should be changed/verified in your router and computer.

Few settings need to be made in a wired or wireless router or computer. In general, most default settings will be correct for TWO. It is the responsibility of the TCS and/or TC to ensure that Tax-Aide router security policy requirements are met.

Connecting and Configuring the Router: To make the settings in this section, first connect the router as follows. Connect a patch cable from the WAN port of the router to the facility network jack or broadband modem’s connection and power up the router. To configure the router you must connect another patch cable from a router LAN port to a computer unless connecting wirelessly. If connecting from another router (as in a Library, Senior Center, etc.), not a modem, you should coordinate with the person responsible for IT at the site prior to connecting the router.

Install the router software using the manufacturer’s DVD, accepting all defaults.

[pic]

If connecting the computer through a wired connection, open your browser and connect to the IP address of the router, e.g., 192.168.2.1. You will get a router login window. Consult your user manual for the default IP address and username/password.

If connecting the computer through a wireless connection, double-click the network management icon in the system tray in the lower right-hand corner of the screen

[pic] Windows 7

[pic] Windows XP

and click on the network name of your router – at this point the name will probably be comprised of the manufacturer’s name along with some other characters, e.g., LinksysHomeNetwork, BelkinF3400Series, etc. – you will change this name in the later procedures.

The procedures at this point differ between Windows XP and Windows 7.

Windows XP. Click the Connect button. If the network requires a passphrase (unlikely), a new window will appear where you enter the passphrase. Refer to your router documentation and enter and verify the Passphrase.

Windows 7. Click the Connect button. If the network requires a Passphrase or PIN (both unlikely), a new window will appear where you enter the Passphrase or PIN. Refer to your router documentation and enter and verify the Passphrase or PIN. The PIN is located on the router label. If this step is confusing, refer to the “Connecting the Wireless Computers” paragraph and the “Windows 7” subparagraph, below it, for a description of the situations that may occur. Then return here to continue the procedure.

Now, open your browser and connect to the IP address of the router, e.g., 192.168.2.1. You will get a router login window. Consult your user manual for the IP address and username/password.

You are now ready to configure the router using the parameters described in the following sections. At the end of this document, there is an example of configuring a Belkin router. This may help you in configuring your Tax-Aide router with the settings that follow.

A Brief Discussion of the Router DHCP Function: The Dynamic Host Configuration Protocol (DHCP) is an integral part of routers and is a required component in setting up networks. This discussion is intended to give you a short background on its function to allow you to configure your router when it is different than the example that will be shown later in this document.

DHCP Server: A DHCP server on any network assigns an Internet Protocol (IP) address to each device on the network. The IP address is composed of four octets, e.g., 128.236.124.163 – the first three octets identify the network and must be the same for all equipment on the network. The last octet is assigned, uniquely, to each network device. The address is similar to a telephone number – it uniquely identifies the device so it can communicate with other network components. Unlike a telephone number, this address can change every time the router or network devices are turned on – but, the DHCP server assures that these addresses remain unique and the router maintains a table of the current IP addresses and sends network traffic to the correct device. Your router has two IP addresses: one on the Internet side, Wide Area Network (WAN), so the router can be recognized on the WAN; the other on the Local Area Network (LAN) side which forms your Tax-Aide network. Thus, there is a separate network on each side of the router. In this way, local devices can communicate with each other more efficiently and can access the WAN (usually the Internet) through the router. The WAN side of the router (connected to the ISP) is assigned an IP address by the ISP DHCP server. The LAN side of the router comes with a default IP address that identifies the router on the LAN. That address can be changed by the router Administrator via the router configuration menu. This assures that the router, acting as a DHCP server, issues the same network address portion of the IP address plus a unique number to each device on the network.

Configuring the DHCP server. The router must be configured so the WAN side of the router receives its IP address automatically from the ISP’s DHCP server. Then, the router must provide an IP address to each of the devices on the LAN side of the router. For the LAN side, the DHCP Server must be enabled to allow the router to distribute IP addresses to LAN devices. The DHCP server in the Tax-Aide router can be configured to provide a limited range of available addresses to network equipment – for instance, the router can automatically assign 255 addresses, but you may want to limit that to, say, 120. This identified range of addresses will be assigned to network equipment that is configured to receive IP addresses automatically – – called Dynamic (sometimes, Automatic) IP addresses. Network equipment that always requires the same IP address is configured to request this address from those IP addresses outside of the limited range – called Static (sometimes, Manual) IP addresses.

Wired and Wireless Network Configuration: The following should be configured to assure your network functions properly – these are usually router defaults:

1. Router Password Protection: The default username (usually not required) and password will be changed to protect the wireless router or access point. Recommend the depot laptop password. Usually found under the heading, System Settings.

2. Internet WAN Connection Type: Dynamic (Automatic from ISP Configuration – DHCP[1])

3. LAN DHCP Server: Enabled/On

CAUTION: If connecting to another router, for instance at a computer lab, library, etc., you may need to change the IP address on your router, as the two routers must have different IP addresses, to create different subnets. You will need help from the facility Network Administrator to properly set this. The Administrator will also configure the facility network to recognize the Tax-Aide router.

Example: Library DHCP router address 192.168.2.1. Then the AARP router address could be changed to 192.168.5.1 or anything other than the library router. [Note: You only change the next to last octet. The first three octets identify the network; the last octet is assigned to the equipment on the network.] Do not use the facility DHCP server; use the Tax-Aide router as your DHCP server.

Wireless Router Security Policy and Configuration: It is required that all of the following items be configured to secure all wireless routers. If the wireless feature of the router is disabled, you can skip to the Wired-only Router Security Policy paragraph, below.

1. Network Configuration: The default Infrastructure[2] network configuration will be used and should not be changed. Ad-Hoc[3] networks (setting the router to an Access Point) are not permitted.

2. SSID: The manufacturer’s default SSID[4] must be changed to "TAV [site name]" (without quotes), e.g., TAVMainLibrary, TAVMapleCC, etc.

3. SSID Security Key: The recommended SSID Security Key (Passphrase) will be composed of [Current depot laptop password] [Last 8 digits of the WAN/LAN MAC address]. Example if the depot password is “Tiger1” and the MAC address is C0-56-34-E6-24-15, then the Passphrase would be, Tiger134E62415.

a. You may be given an option of Hex or Passphrase for the Security Key – choose Passphrase

b. Caution: The Passphrase is case sensitive, so be sure you record it correctly for future use

4. Encryption: WPA/WPA-2[5] encryption will be used.

5. OPTIONAL: MAC[6] address filtering [7] can be used and adds extra security when used in conjunction with WPA/WPA-2. This setting is configured by turning MAC address filtering on and then entering the MAC address of all equipment in your network. The MAC address is built into the hardware of all networking equipment.

6. Signal Boosters: High power antennae and/or other signal boosters will not be used.

Wired-only Router Security Policy: If you are using a wireless router but only want to use it for establishing a wired network, then disable the wireless function. The default router username (if used) and password must be changed according to the router manufacturer’s instructions.

Network Switch Policy: A router is recommended for connecting multiple computers to an Internet connection. While the use of a network switch is allowed, the router offers the most secure option for creating the local area network. Network switches used in the Tax-Aide program are not configurable.

Connecting and Configuring the Computers

Computer Security Policy: In addition to standard Tax-Aide computer security policy, “Automatically Search for Network Computers and Printers” and “Simple File Sharing” must be turned off in Windows XP. This procedure will be described later in this section. Windows 7 computer networks should be set up as Work networks, not Homegroup. The following paragraphs describe the computer connection and configuration for wired and wireless computers.

Connecting the Wired Computers. Connect one patch cable from the router’s LAN ports to each computer. If the router does not have enough ports to connect all your computers, then you will have to buy a network switch to expand the connections to the router. One port of the network switch should be connected to the router with a patch cable and the remaining computers connected by a patch cable to the switch. Network switches come with a variety of ports, e.g., 4, 5, 10, 20, etc. The switches can also be daisy-chained – that is, one switch can be connected via patch cable to another switch to provide even more ports. Remember, when you do this, there is one less available port on each of the switches – one port is used by the connection of the two switches.

You can now connect to the Internet. To verify your Internet connection, simply open ‘Internet Explorer’ and connect to a site.

Connecting the Wireless Computers: This section assumes that the computers have wireless capability. If they don’t, then PCMCIA or USB wireless adapters can be purchased and installed. Installation is a simple procedure and consists of installing the adapter’s software and drivers by following the on-screen instructions. If, during the software setup you are asked if you want the adapter utility or Windows to manage the adapter, choose Windows.

Special Situations with Third Party Wireless Adapters:

This document only provides instructions for the case where the Windows Wireless Manager is used to configure your adapter and connect to the network – this should be the case in the vast majority of computers. If you have a computer where a third party Wireless Manager is used, you will have to consult the instructions that came with your adapter to connect to the network. Or, you can change the Wireless Manager from the third party manager to the Windows Wireless Manager – this is the recommended procedure. This can be a simple or complicated procedure, depending on the adapter manufacturer’s software, with many options, as follows. These are the options that are available if you have a third party Wireless Manager (choose ONLY 1 of these 4 options).

1. Use the third party Wireless Manager: In this case, you will have to follow the below instructions, “Using the Windows Wireless Manager,” adapting them to the adapter’s Wireless Manager.

2. Change to the Windows Wireless Manager.

a. Windows XP:

i. Click Start -> Control Panel -> Performance and Maintenance -> Administrative Tools -> Computer Management.

ii. In the left-hand pane, click the + next to “Services and Applications.”

iii. Click on “Services.”

iv. In the right-hand pane, navigate to and click on Wireless Zero Configuration.

v. If the status is “Started,” then Windows is managing your adapter. If it is not started, click “Start the Service” in the upper left-hand corner of the pane.

vi. The service should then show “Started” and the Type should be “Automatic.”

vii. If it is not “Automatic,” right-click on Wireless Zero Configuration.

viii. Click on “Properties,” and set the “Startup Type” to “Automatic.”

ix. Close all open windows by clicking OK or just closing the window.

b. Windows 7:

i. Click Start and enter “Services.”

ii. Click on “Services” in the search window.

iii. Find the WLAN Auto Config service in the Services window.

iv. If it is not started, click “Start the Service” in the upper left-hand corner of the pane.

v. The service should then show “Started” and the Type should be “Automatic.”

vi. If it is not “Automatic,” right-click on WLAN Auto Config, click on “Properties,” and set the “Startup Type” to “Automatic.”

vii. Close all open windows by clicking OK or just closing the window.

Occasionally, even though you have selected the Windows Wireless Manager, the installed third party adapter Wireless Manager will interfere with the Windows Manager and you will not be able to connect. In that case, you must complete the next step.

3. Uninstall the third party Wireless Manager. Click Start and enter “Programs.” Click on “Programs and Features.” Find the third party wireless manager and uninstall it. Sometimes, this will also uninstall the adapter drivers. In that case, go to the next step.

4. Install the third party wireless adapter drivers, only: To make sure the Windows Wireless Manager will be used, instead of installing the third party adapter wireless manager, you can just install the adapter drivers by manually installing the adapter from the “Drivers” folder on the installation media. This process is beyond the scope of this document due to the numerous methods that can be used, based on the manufacturer’s design.

If you have reached this point and still have trouble connecting, contact TaxaideTech@ for assistance.

Using the Windows Wireless Manager: Follow the below instructions for either Windows 7 or Windows XP.

Windows 7:

1. Turn on the computer and login. Make sure your wireless connection is enabled.

2. Make sure that you have Windows 7 networking set to “Work” network. Do not use “Homegroup” (refer to Windows Help to verify, set, or change the type of network you are on).

a. Click Start then Help and Support

b. Search for “Home Network”

3. Double-click the Wireless Management icon in the System Tray along the right-hand side of the Task Bar

[pic]

[pic]

4. Highlight the name of your network – the SSID will be visible – and click “Connect.” Also, check the box, “Connect Automatically” – this allows you to connect to the network whenever it is available without having to type in the Passphrase. Be careful, there may be other networks listed. If any of those are not secure, you will be able to connect to them without entering a key or passphrase. DO NOT DO THIS! The connection will not be encrypted and is subject to shutting down at the user’s whim.

5. You will see one of the two following screens. The first screen allows you to manually put in the Passphrase. The second screen allows you to automatically configure the network connection by typing in a short PIN using Wi-Fi Protected Setup (WPS). Since we have already configured the network, we will always use the Passphrase entry. Thus, if you get the second screen, below, click the link, “Connect using a security key instead.”

a. Enter the Network Security Key (passphrase) that you established in the router configuration.

[pic]

b. Click the link, “Connect using a security key instead. You will get the above window. Enter the Passphrase.

[pic]

6. The computer will connect to the router and be assigned an IP address.

7. This ends the configuration for Windows 7.

You can now connect to the internet. To verify your Internet connection, simply open ‘Internet Explorer’ and navigate to a site. From now on, when you restart your computer, it will automatically connect to the Tax-Aide wireless network. Skip the next section on Windows XP and go to the section, Example Router Configuration.

Windows XP:

1. Turn on the computers and login. Make sure your wireless connection is enabled.

2. Double-click the Wireless management icon in the System Tray along the right-hand side of the Task Bar

[pic]

a. Click on “View wireless networks”

b. Highlight the name of your network – the SSID will be visible – and click “Connect.” Be careful, there may be other networks listed. If any of those are not secure, you will be able to connect to them without entering a key or passphrase. DO NOT DO THIS! The connection will not be encrypted and is subject to shutting down at the user’s whim.

[pic]

a. You will be asked to provide the network key or passphrase – enter and verify it.

[pic]

b. The window will now show progress and will say, “Acquiring network address.” Once this is completed, the status will say “Connected.”

[pic]

Configuring Your Computers (Windows XP – not required for Windows 7 configured as a Work network)

1. Windows ‘as installed’ will have all the settings already enabled for connecting to the Internet

2. The following three changes should be made for Tax-Aide computers. Refer to the below figure:

a. Show Common Tasks

• Open any folder, such as ‘My Documents’

• From the ‘Tools’ menu select: ‘Folder Options’

• Click the “General” tab and check “Show common tasks in folders”

[pic]

b. Automatically Search for network folders and printers and Use Simple File Sharing:

• From the same ‘Folder Options’ window, select the ‘View’ Tab

• The first item in the list, Automatically search..., should be disabled (un-checked)‏

• The last item in the list, Use simple file...,” should be disabled (un-checked)‏

• Click "Apply" and then "OK"

[pic][pic]

3. You have now configured Windows XP.

You can now connect to the internet. To verify your Internet connection, simply open ‘Internet Explorer’ and navigate to a site. From now on, when you restart your computer, it will automatically connect to the Tax-Aide wireless network.

EXAMPLE ROUTER CONFIGURATION

NOTE: The terminology and configuration menu structure is not standard among router manufacturers. Consequently, it is not possible to describe the exact procedures for configuring all routers. Therefore, while the below example configuration is illustrative of making the required settings, the menu and nomenclature may be different in your router. If confused, refer to the product manual or request help from taxaidetech@.

The following example is written around the Belkin Model F5D7230-4 Wireless G router. For other makes and models refer to the product manual.

1. If the computer that you connect directly to the router with an Ethernet cable has built-in wireless capability, then turn off the wireless feature - example: Push the wireless radio button on the laptops, or, right-click on the wireless connection icon in the System Tray on the right-hand side of the Task Bar and select Disable (see below figure).

Caution: DO NOT use the WAN port on the router to connect your computer. The WAN port is usually clearly identified, and it is used ONLY to connect to your ISP.

[pic] Windows 7

[pic] Windows XP

2. Install the router software using the manufacturer’s DVD. Accept all the defaults.

3. Using your web browser, access the router by going to its IP address, 192.168.2.1 (some routers may use a different address, e.g., 192.168.1.1 is also a popular address – see your router documentation). Below is the configuration menu for the Belkin router.

[pic]

4. Click on Utilities – System Settings. The current password for the router access is blank (some routers come with a password – that password will be identified in the product documentation and must be changed).

5. Enter a new password, and confirm it. No other changes are necessary on this screen. Scroll to the bottom of the screen and click “Apply” – you will need to log back into the router after this change.

6. Login in to the router using the password just assigned.

7. Click on “Wireless – Channel and SSID”

a. Change the SSID from its default to TAV[site name], e.g., TAVLIBRARY

b. Click “Apply changes” and connect to the router again.

8. Click on “Wireless – security”.

a. Scroll to select a security mode of WPA (may be WPA-2 or WPA2-Personal)

b. Enter the WPA key (also called Passphrase). The passphrase recommended form is, “[standard IRS depot laptop password for the year] [last 8 digits of the MAC address].” For example, assuming the depot laptop password is, “EXAMPLE” and the MAC address is, 56-24-04-23-C8-F0, then the passphrase would be: EXAMPLE0423C8F0.

c. Remember the passphrase – you will need it to connect equipment to the network.

d. Click “Apply Changes.”

e. Connect to the router again.

9. OPTIONAL – [This procedure is not required but does provide a higher level of security. It is also labor intensive as it requires that you get the MAC addresses of all equipment on the network and enter them into the router tables. However, once established, no one can enter your network, even if the passphrase is known, unless their MAC address is in the router tables.] Log in to the router again and access “Firewall – MAC address filtering.”

a. Check the “Enable MAC address filtering” box.

b. Enter the MAC address of each of the devices that will be allowed to connect to the wireless network. You can add, delete, and modify these addresses as it becomes necessary.

c. Click “Apply Changes”

The router is now configured for secure access!

Assistance with any of the above procedures is available from AARP Tax-Aide - email taxaidetech@.

Appendix

Reference Documents Available On the Extranet



|Ref | |Technology Tab/Group | |

|No. |Document | |Description |

|1 |Printer Installations for TaxWise |Hardware/Networking |Procedures for networking printers for all TaxWise or |

| | | |TWO configurations. |

|2 |TWO - Suggested User Settings |Software/TaxWise Online |Provides NTC suggested settings for TWO, excluding |

| | | |template defaults. |

|3 |Suggested Default Template For TWO |Software/TaxWise Online |Provides NTC suggested template defaults. |

|4 |IRS Depot Laptop Tune-up TY2010 |Hardware/Images & Tune-ups |Procedures for tune-up of all IRS depot model laptops. |

|5 |AARP HP Laptop Tune-up TY 2010 |Hardware/Images & Tune-ups |Procedures for tune-up of all AARP HP model laptops. |

|6 |AARP HP Dell Vostro 1520 Tune-up TY 2010 |Hardware/Images & Tune-ups |Procedures for tune-up of the AARP Dell Vostro model |

| | | |laptops. |

|7 |Using a Site’s Wireless Connection for TWO |Software/TaxWise Online |Procedures for establishing a network when the only |

| | | |connection to the Internet is via wireless. |

|8 |Computer Security Scanning Procedure |Hardware/Security |Procedures for running two security scans on home |

| | | |and/or host provided computers for certification as TWO|

| | | |workstations. |

|9 |AARP Computer image downloads (website, not a |N/A |The download site for all computer images is: |

| |document) | | |

|10 |Networking TaxWise for AARP Tax-Aide |Hardware/Networking |Procedures for setting up a TaxWise client/server |

| | | |network. A comprehensive document on networking that |

| | | |may help if you are having trouble understanding |

| | | |concepts. |

-----------------------

[1] DHCP---------------- Dynamic Host Configuration Protocol is a protocol for assigning dynamic IP addresses to devices on a network.

[2] Infrastructure A wireless network centered about an access point. In this environment, the access point not only provides communication with a wired network but also mediates wireless network traffic in the immediate neighborhood.

[3] Ad-Hoc Computers communicate directly with one another without using an access point (AP) or any connection to a wired network.

[4] SSID The SSID is a sequence of up to 32 letters or numbers that is the ID, or name, of a wireless local area network. An open network broadcasts the SSID so people wanting to connect can see it in a network list. A closed network hides the SSID so the user must know the SSID before they can connect. The SSID is established by the person setting up the router.

[5] WPA/WPA-2 Short for Wi-Fi Protected Access and it provides strong encryption for Wi-Fi networks.

[6] MAC------------------ Media Access Control address, a hardware address that uniquely identifies each node of a network.

[7] Address Filtering---- Address filtering is a router configuration option that only allows connection to the router from equipment whose MAC address is identified in the router tables.

-----------------------

NOTE: The cost of network adapters is not reimbursable from AARP Tax-Aide for non-Tax-Aide equipment, but donated funds can be used.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download