Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: T.s.1990
T.s.1990 Author
User level: Level 1
13 points

Setting up time capsule in Bridge mode, security?

Hi,


may someone could help me out. I'm a little bit worried about the security of my network.

I bought a Time Capsule, in first place to make back-up's. At home there is already an exciting network. We have a router of the provider wich only can run in router mode (NAT) and has a firewall, wich is a good thing. There is no option to change these settings of the main router.


Because the router of the provider can't be changed, I setup the Time Capsule in "Bridge mode" and created a new network. When i'm connected to the TC-network, every device is getting a own IP-adress, the internet is running fine and fast, it seems even better than when i'm connected to the main router. So i turned off the wireless of the main router (wich is running in router mode).


Now i'm always connected to the "Bridged" Time Capsule. It works fint but i heard there's no firewall in bridge mode. So now i'm a little bit worried the TC-network isn't secure. What are the best options:

- Are these "Bridge" settings ok, when there is a main router in the existing network? (So is the firewall of the main router working to my TC-network?)

- Or is it better to use the wireless of the main router, and to turn-off the wireless mode of my TC?


It may a dumb question but i don't really understand much of Bridge- and router-modes 😉.


Kind regards and thanks advance

Airport Time Capsule 802.11ac, OS X Yosemite (10.10.4), Time Capsule, Airpot

Posted on Aug 13, 2015 12:47 AM

Reply
Question marked as Best reply
User profile for user: LaPastenague
LaPastenague
User level: Level 9
67,208 points

Posted on Aug 13, 2015 2:51 AM

Bridge is no problem at all.. the existing NAT router is still fully functional as firewall for the network.


The only concern I would have is the wireless is properly password protected..


So in the wireless tab of the airport utility.. did you set a suitable password and WPA2 personal security. Use nothing less.


User uploaded file


I always recommend short names. No spaces pure alphanumerics.. that is up to you however.


Password should be 8-20 characters mixed case and numbers..


It is also good if there are people you don't trust to change the base station password if you didn't set it to the one password when you setup .. mostly apple setup wizard now simply sets the password for both wireless and base station the same. Which is fine.


If you have done that your security is fine.

View in context
5 replies
Question marked as Best reply
User profile for user: LaPastenague
LaPastenague
User level: Level 9
67,208 points

Aug 13, 2015 2:51 AM in response to T.s.1990

Bridge is no problem at all.. the existing NAT router is still fully functional as firewall for the network.


The only concern I would have is the wireless is properly password protected..


So in the wireless tab of the airport utility.. did you set a suitable password and WPA2 personal security. Use nothing less.


User uploaded file


I always recommend short names. No spaces pure alphanumerics.. that is up to you however.


Password should be 8-20 characters mixed case and numbers..


It is also good if there are people you don't trust to change the base station password if you didn't set it to the one password when you setup .. mostly apple setup wizard now simply sets the password for both wireless and base station the same. Which is fine.


If you have done that your security is fine.

Reply
User profile for user: LaPastenague
LaPastenague
User level: Level 9
67,208 points

Sep 3, 2015 3:59 AM in response to T.s.1990

It is due to the fact that the name is translated to network compliance.


In other words.. let's say you named the TC..


Fred Blog's Airport Time Capsule


That is not a valid network name.


The airport firmware will actually translate that name to


fred-blogs-airport-time-capsule


Now another factor pops into play.. that name is 31 characters by my count.. more or less.. that exceeds the recommend name length.


See pondini here. http://pondini.org/TM/C9.html

He says 25 characters.


You will find it very hard to find apple make clear statements about name length..


Most of them have to do with the OS.. but networking has much greater restrictions.


OS X: Cross-platform filename best practices and conventions - Apple Support


I am not sure if you are aware but since Mavericks.. Apple now defaults to windows networking.. hard to believe but true.


SMB has restrictions more severe than Apple commonly reveals.

How to connect with File Sharing on your Mac - Apple Support


Plus to add the fun.. Apple broke the SMB rules in Mavericks.


This issue went on and on.. smb fix mavericks 10.9.5 breaks SMB connectivity to my Windows 8.1 PC


http://www.zdnet.com/article/mavericks-smb2-problem-and-fixes/



So I have encouraged people to use the smallest lowest common denominator subset of standard rules..


Short.. no spaces.. pure alphanumerics.


I am not saying it won't work with spaces.. or special characters.. I am saying it can lead to issues.


Long names are certainly to be avoided.. as Pondini states.. keep them under 25.. which I rounded down to 20. And full marks for less than 10.


It is also kind of nice when the name and network name.. are identical..


ie I name the TC.. tcgen4

and guess what name that is translated to.. tcgen4

Makes life easier to know that the name and network name actually match.


wireless name tc24ghz is translated to tc24ghz for wireless.. aint that a lot easier???

Reply

Setting up time capsule in Bridge mode, security?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up