background image

43

Chapter 5: Setting Up and Configuring the Router
VPN Tab - Gateway to Gateway

10/100/1000 4-Port VPN Router

processed. The hexadecimal values is acceptable, and the valid range is 100~ffffffff. Each tunnel must have a 
unique Inbound SPI and Outbound SPI. No two tunnels share the same SPI. The Incoming SPI here must match the 
Outgoing SPI value at the other end of the tunnel, and vice versa

Encryption

: There are two methods of encryption, DES and 3DES. The Encryption method determines the length 

of the key used to encrypt/decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. 3DES is 
recommended because it is more secure, and both sides must use the same Encryption method.  

Authentication

: There are two methods of authentication, MD5 and SHA. The Authentication method determines 

a method to authenticate the ESP packets. MD5 is a one-way hashing algorithm that produces a 128-bit digest. 
SHA is a one-way hashing algorithm that produces a 160-bit digest. SHA is recommended because it is more 
secure, and both sides must use the same Authentication method. 

Encryption Key

: This field specifies a key used to encrypt and decrypt IP traffic, and the Encryption Key is 

generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Encryption 
Key. If DES is selected, the Encryption Key is 16-bit. If users do not fill up to 16-bit, this field will be filled up to 
16-bit automatically by 0. If 3DES is selected, the Encryption Key is 48-bit. If users do not fill up to 48-bit, this 
field will be filled up to 48-bit automatically by 0.

Authentication Key

: This field specifies a key used to authenticate IP traffic and the Authentication Key is 

generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same 
Authentication key. If MD5 is selected, the Authentication Key is 32-bit. If users do not fill up to 32-bit, this field 
will be filled up to 32-bit automatically by 0. If SHA1 is selected, the Authentication Key is 40-bit. If users do not 
fill up to 40-bit, this field will be filled up to 40-bit automatically by 0. 

IKE with Preshared Key (automatic)

IKE is an Internet Key Exchange protocol that used to negotiate key material for SA (Security Association). IKE 
uses the Pre-shared Key field to authenticate the remote IKE peer. 

Phase 1 DH Group

: Phase 1 is used to create a security association (SA). DH (Diffie-Hellman) is a key exchange 

protocol that used during phase 1 of the authentication process to establish pre-shared keys.    There are three 
groups of different prime key lengths. Group 1 is 768 bits, Group 2 is 1,024 bits and Group 5 is 1,536 bits. If 
network speed is preferred, select Group 1. If network security is preferred, select Group 5. 

Phase 1 Encryption

: There are two methods of encryption, DES and 3DES. The Encryption method determines 

the length of the key used to encrypt/decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit 
encryption. Both sides must use the same Encryption method. 3DES is recommended because it is more secure. 

Содержание RV0041 - 10/100/1000 VPN Router

Страница 1: ...A Division of Cisco Systems Inc Model No WIRED VPN Router 10 100 1000 4 Port RV0041 User Guide ...

Страница 2: ...ed like this Also each figure diagram screenshot or other image is provided with a figure number and description like this Figure numbers and descriptions can also be found in the List of Figures section in the Table of Contents This exclamation point means there is a Caution or Warning and is something that could damage your property or the Router word definition This checkmark means there is a N...

Страница 3: ...ecting the Router 10 Overview 10 Connection Instructions 11 Chapter 5 Setting Up and Configuring the Router 12 Overview 12 How to Access the Web based Utility 15 System Summary Tab 15 Setup Tab Network 18 Setup Tab Password 20 Setup Tab Time 20 Setup Tab DMZ Host 21 Setup Tab Forwarding 21 Setup Tab UPnP Page 23 Setup Tab One to One NAT 23 Setup Tab MAC Clone 24 Setup Tab DDNS 24 Setup Tab Advance...

Страница 4: ...g Tab System Log 53 Log Tab System Statistics 54 Wizard Tab 55 Support Tab 60 Logout Tab 60 Appendix A Troubleshooting 61 Common Problems and Solutions 61 Frequently Asked Questions 71 Appendix B Finding the MAC Address and IP Address for Your Ethernet Adapter 75 Windows 98 or Me Instructions 75 Windows 2000 or XP Instructions 75 For the Router s Web based Utility 76 Appendix C Physical Setup of t...

Страница 5: ...10 100 1000 4 Port VPN Router Appendix J Regulatory Information 90 Appendix K Contact Information 91 ...

Страница 6: ...ure 5 7 WAN Connection Type Static IP 19 Figure 5 8 WAN Connection Type PPPoE 19 Figure 5 9 WAN Connection Type PPTP 19 Figure 5 10 Setup Tab Password 20 Figure 5 11 Setup Tab Time 20 Figure 5 12 Setup Tab DMZ Host 21 Figure 5 13 Setup Tab Forwarding 21 Figure 5 14 Port Range Forwarding Service Management 22 Figure 5 15 Setup Tab UPnP 23 Figure 5 16 Setup Tab One to One NAT 23 Figure 5 17 Setup Ta...

Страница 7: ...ry 38 Figure 5 37 VPN Tab Summary Detail 39 Figure 5 38 VPN tab Gateway to Gateway 40 Figure 5 39 VPN tab Gateway to Gateway Local Group Setup 40 Figure 5 40 VPN tab Gateway to Gateway Remote Group Setup 41 Figure 5 41 VPN tab Gateway to Gateway IPSec Setup 42 Figure 5 42 VPN tab Gateway to Gateway Advanced 45 Figure 5 43 VPN tab Client to Gateway 46 Figure 5 44 VPN tab Client to Gateway Local Gro...

Страница 8: ...ss Rule Wizard Select the Destination 59 Figure 5 62 Access Rule Wizard When it Works 59 Figure 5 63 Support tab 60 Figure 5 64 Access Rule Wizard When it Works 60 Figure 5 65 Save Settings 60 Figure 5 66 Settings are Successful 60 Figure 5 67 Support 60 Figure B 1 IP Configuration Screen 75 Figure B 2 MAC Address Adapter Address 75 Figure B 3 MAC Address Physical Address 76 Figure B 4 MAC Address...

Страница 9: ...has a powerful SPI firewall to protect your PCs against intruders and most known Internet attacks It can be configured to filter internal users access to the Internet and has IP address filtering so you can specify exactly who has access to your network Configuration is a snap with the web browser based configuration utility As the heart of your small office network the 10 100 1000 4 Port VPN Rout...

Страница 10: ...asked questions regarding installation and use of the 10 100 1000 4 Port VPN Router Appendix B Finding the MAC Address and IP Address for your Ethernet Adapter This appendix describes how to find the MAC address for your computer s Ethernet adapter so you can use the Router s MAC address cloning feature Appendix C Physical Setup of the Router This appendix describes the physical setup of the Route...

Страница 11: ...chnical specifications Appendix I Warranty Information This appendix supplies the Router s warranty information Appendix J Regulatory Information This appendix supplies the Router s regulatory information Appendix K Contact Information This appendix provides contact information for a variety of Linksys resources including Technical Support ...

Страница 12: ...static IP addressing ensures that the device assigned it will always have that same IP address until you change it Static IP addresses are commonly used with network devices such as server PCs or print servers If you use the Router to share your cable or DSL Internet connection contact your ISP to find out if they have assigned a static IP address to your account If so you will need that static IP...

Страница 13: ...de of your local network when e mails are sent to their destination or when you have to connect to your company s network when you are out on the road How is your data protected That is when a VPN can help VPNs are called Virtual Private Networks because they secure data moving outside of your network as if it were still within that network When data is sent out across the Internet from your compu...

Страница 14: ... long way to go for unsecured data and this is when a VPN serves its purpose What is a VPN A VPN or Virtual Private Network is a connection between two endpoints a VPN Router for instance in different networks that allows private data to be sent securely over a shared or public network such as the Internet This establishes a private network that can send data securely between these two locations o...

Страница 15: ...ttings When he connects to his office s router the two routers create a VPN tunnel encrypting and decrypting data As VPNs utilize the Internet distance is not a factor Using the VPN the telecommuter now has a secure connection to the central office s network as if he were physically connected Computer using VPN client software that supports IPSec to VPN Router The following is an example of a comp...

Страница 16: ...hes 10 100 WAN The 10 100 port connects to a cable or DSL modem SFP The SFP Small Fiber Pluggable port can be used to connect a 10 100 network through either a hub or switch LEDs Diag Orange The Diag LED lights up when the system is not ready The LED goes off when the system is ready System Green The System LED lights up when the Router is powered on If the LED is flashing the Router is running a ...

Страница 17: ...of two ways If the Router is having problems connecting to the Internet press the Reset button for just a second with a paper clip or a pencil tip This is similar to pressing the Reset button on your PC to reboot it If you are experiencing extreme problems with the Router and have tried all other troubleshooting measures press and hold in the Reset button for 30 seconds This will restore the facto...

Страница 18: ...setting then you will not need to configure your PCs Set up and configure the Router with the setting s provided by your Internet Service Provider ISP according to Chapter 5 Setting up and Configuring the Router The installation technician from your ISP should have left the setup information with you after installing your broadband connection If not you can call your ISP to request the information...

Страница 19: ...re PCs or other network devices to the Router 3 Connect your cable or DSL modem s Ethernet cable to the Router s Internet port 4 Power on the cable or DSL modem and the other network device if using one 5 Connect the included power cord to the Router s Power port on the back of the Router and plug the power cord into an electrical outlet The System LED on the front panel will light up as soon as t...

Страница 20: ...ord Setup Tab From this tab you can set the basic settings on your network The screens available from this tab include Network Enter the Internet connection and network settings on this screen Password From this screen you can change the Router s password on this screen For network security you should always change the password from its default setting Time Change the time shown on the network fro...

Страница 21: ...rators with the ability to monitor the status of the Router and receive notification of any critical events as they occur on the network SNMP can be managed from this screen Diagnostic From this screen you can use the Router s two built in tools to troubleshoot network problems Factory Default The Factory Default button on this screen can be used to clear all of your configuration information and ...

Страница 22: ...ew of VPN activity and status Gateway to Gateway From this screen users can administer tunnels between two VPN devices Client to Gateway From this screen tunnels between a Local VPN device and a mobile user can be administered VPN Pass Through This tab allows you to enable or disable IPSec Pass Through PPTP Pass Through and L2TP Pass Through Log Tab System Log The System Log allows you to administ...

Страница 23: ...all other screens in the Utility will be a link to the Site Map which has links to all of the Utility s tabs Click the Site Map button to view the Site Map shown in Figure 5 4 Then click on desired tab subject System Information Serial Number The Router s serial number is displayed here Firmware version This shows the current version number of the firmware installed on this unit CPU This shows the...

Страница 24: ...d Renew Click the Release button to release the current IP Address and click the Renew button to update the DHCP Lease Time or get a new IP When the WAN port is set up with PPPoE or PPTP these two buttons will be displayed as Connect and Disconnect Mode This tells you if the Router s Working Mode is Gateway or Router hyperlinked to that section of the Setup Tab DNS All DNS Server Addresses are dis...

Страница 25: ...g Status This hyperlink will take you to the System Log page of the Log Tab If you have not set up the Log s mail server this will show E mail cannot be sent because you have not specified an outbound SMTP server address If you have set up the mail server but the log has not come out due to Log Queue Length and Log Time Threshold settings this will show E mail settings have been configured If you ...

Страница 26: ...n most cases though leaving these fields blank will work LAN Setting This shows the Router s MAC Address LAN IP Address and Subnet Mask The MAC Address is the physical address for the Router The default value is 192 168 1 1 for IP address and 255 255 255 0 for the Subnet Mask WAN Interface Setting Choose which port you wish to use the WAN port for connecting a broadband Internet connection or the ...

Страница 27: ...dle Time setting 3 By selecting the Keep Alive option the Router will keep the connection alive by sending out a few data packets at the Redial Period so your Internet service thinks that the connection is still active PPTP Point to Point Tunneling Protocol 1 Enter the WAN IP Address Subnet Mask and Default Gateway Address provided by your ISP 2 Enter the User Name and Password you use to access y...

Страница 28: ...up Tab Time Time The Router uses the time settings to time stamp log events to automatically update the Content Filter List and to synchronize time on your networked devices Set the local time with Set the local time using Network Time Protocol NTP automatically or Set the local time Manually When you choose to have the time set by using Network Time Protocol the Router will automatically connect ...

Страница 29: ...d to set up public services on your network When users outside your network i e from the Internet make certain requests on your network the Router can forward those requests to the appropriate computers equipped to handle the requests If for example you set port number 80 HTTP to be forwarded to IP Address 192 168 1 2 then all HTTP requests from outside users will be forwarded to 192 168 1 2 You m...

Страница 30: ... Some Internet applications or games use alternate ports to communicate between server and LAN host When you want to use those applications enter the triggering outgoing port and alternate incoming port in this table The Router will forward the incoming packets to the LAN host 1 Enter the application name range of port numbers and the incoming port range 2 You can click the Add to List button show...

Страница 31: ...service you ve added by clicking the Show Tables button Setup Tab One to One NAT One to One NAT opens the firewall for one network user a lot like the DMZ host feature In this feature however the network user is restricted to a single website To enable One to One NAT check the Enable box at the top of the screen To set this up you must define internal and external address ranges of equal length Se...

Страница 32: ...P IP server in your LAN Before configuring DDNS you need to visit www dyndns org and register a domain name The DDNS service is provided by DynDNS org DDNS Service The DDNS feature is disabled by default To enable this feature just select DynDNS org or 3322 org from the pull down menu and enter the User name Password and Host Name of the account you set up with the DDNS service Your IP Address The...

Страница 33: ...Router is hosting your network s connection to the Internet Select Router mode if the Router exists on a network with other routers including a separate network gateway that handles the Internet connection When this Router is in Router Mode you must have another router function as the gateway in order for any computer connected to the Router to be able to connect to the Internet RIP Routing Inform...

Страница 34: ...ateway IP is the Router s IP Address If you have another router handling your network s Internet connection enter the IP Address of that router instead 4 Hop Count max 15 This value gives the number of nodes that a data packet passes through before reaching its destination A node is any device on the network such as switches PCs etc 5 Interface LAN WAN This setting directs where the static route i...

Страница 35: ...s 5 43 200 Minutes Dynamic IP Range Start End Enter a starting IP address and ending IP address to make a range to assign dynamic IPs The default range is 100 149 Static IP The Static IP section of this screen is provided in the event you want the IP Addresses of certain PCs on your network to remain static In this event enter the Static IP Address in the space provided along with that PC s MAC Ad...

Страница 36: ...To disable the SNMP agent click this box to remove the check mark System Name Set the hostname far the Router System Contact Enter the name of the network administrator who can be contacted with updates about the Router System Location The network administrator s contact information is placed into this field Enter an E mail address telephone number or pager number Get Community Name Create a name ...

Страница 37: ...ows if the Router is able to contact the remote host If users on the network are having problems accessing services on the Internet try pinging the DNS server or another machine at the ISP s location If this test is successful try pinging other IP Addresses This will show if the problem lies with the ISP s connection or the other IP Address Enter the IP address being pinged and click the Go button...

Страница 38: ...Another screen will then appear to show that the system is rebooting System Management Tab Firmware Upgrade Firmware Upgrade Use this function to upgrade the Router s firmware to the newest version If you have already downloaded the firmware into your computer then click the Browse button to look for the file Then click the Firmware Upgrade Right Now button Firmware Download Click the Firmware Dow...

Страница 39: ... Router s Preferences Import Configuration File You will need to specify where your Preferences file is located Click the Browse button and select a Preferences file This should have been previously saved using the Export button After you select the file click the Import button This process may take up to a minute You will then need to restart the Router in order for the changes to take effect Exp...

Страница 40: ... will disable the corresponding port Priority Select High or Normal for Port based QoS Quality of Service Port based QoS is used to maximize network performance and this setting allows you to prioritize performance on four LAN ports VLAN For each LAN port a VLAN a Virtual LAN or network within your network can be established Up to four VLANs can be established WAN Port ID This signifies which port...

Страница 41: ...ncel Changes button to undo your changes Port Management Tab Port Status Users can choose the port number from the pull down menu to see the status of the selected port The Summary table will show the settings for the selected port such as Type Link Status up or down Port Activity Enabled or Disabled Priority High or Normal Speed Status 10Mbps 100Mbps or 1000Mbps Duplex Status Half or Full Auto ne...

Страница 42: ... Denial of Service Protect internal networks from Internet attacks such as SYN Flooding Smurf LAND Ping of Death IP Spoofing and reassembly attacks Block WAN Request This feature is designed to prevent attacks through the Internet When it is enabled the Router will drop both the unaccepted TCP request and ICMP packets from the WAN side The hacker will not find the Router by pinging the WAN IP addr...

Страница 43: ...N to the LAN is denied Jump to Select from this pull down menu which page of Rules you wish to display Entries Per Page From this pull down menu you can select how many entries will be displayed per page The Network Access Rules are broken into a table with these features Priority This shows from the number of Rules entered the order of Rules having higher or lower priority Enable Enable or disabl...

Страница 44: ...Wizard see Figure 5 65 Action Select Allow or Deny from the pull down menu depending on if you d like to allow or deny access Service Select the service from the Service pull down menu If the service you need is not listed in the menu click the Service Management button to add a new Service Enter the Service Name Protocol and Port Range and then click Add to list Source Interface Select the source...

Страница 45: ... settings are successful Click the Return button to return to the previous screen Firewall Tab Content Filter Forbidden Domains This allows to you increase network security by blocking websites those in your network can access Click the Block Forbidden Domains box to enable this function Then enter in the IP Address es for those websites you wish to restrict clicking the Add to List button after y...

Страница 46: ...ifferent pages of tunnels and also select how many tunnels you would like listed per page These tunnels will then be displayed here with the following information about each tunnel No As the tunnels are listed here they are put in order 1 50 Name This is the Tunnel Name or Group ID Name that you entered when creating the tunnel Status This will show the status of the tunnel whether it is Connected...

Страница 47: ...ng the Client to Gateway tunnel Connected Tunnels This will show the number of users logged in to the Group VPN Phase2 Enc Auth Grp This will show the Encryption DES 3DES Authentication MD5 SHA1 and Group 1 2 5 selected from the IPSec Setup sections of the Gateway to Gateway and Client to Gateway screens Local Group This will show the IP address and Subnet Mask of the Local Group set up Remote Cli...

Страница 48: ...unnel The first three options are easier to use because the IP Addresses are static and do not change IP Only If you select IP Only only the specific IP Address set will be able to access the tunnel The Router s WAN IP address set above will automatically appear in this field IP Domain Name FQDN Authentication This selection affords a greater amount of security because each side of the tunnel must...

Страница 49: ...tion The type of Remote Security Gateway Type must match the Local Security Gateway Type of VPN devices in the other end of tunnel The first three options are easier to use because the IP Addresses are static and do not change IP Only If you select IP Only only the specific IP Address that you enter will be able to access the tunnel It s the IP Address of the remote VPN Router or device which you ...

Страница 50: ...s Only one email address can be used for one tunnel and may not be applied to another tunnel These settings must match the Remote Group Setup on the other end of the tunnel Remote Security Group Type Select the local LAN user s that can use this VPN tunnel Remote Security Group Type may be a single IP address a Subnet or an IP address range The Remote Secure Group must match the Local Secure Group...

Страница 51: ...bit automatically by 0 If 3DES is selected the Encryption Key is 48 bit If users do not fill up to 48 bit this field will be filled up to 48 bit automatically by 0 Authentication Key This field specifies a key used to authenticate IP traffic and the Authentication Key is generated yourself The hexadecimal value is acceptable in this field Both sides must use the same Authentication key If MD5 is s...

Страница 52: ...and the key of Phase 2 will be same with the key in Phase 1 Phase 2 Encryption Phase 2 is used to create one or more IPSec SAs which are then used to key IPSec sessions There are two methods of encryption DES and 3DES The Encryption method determines the length of the key used to encrypt decrypt ESP packets DES is 56 bit encryption and 3DES is 168 bit encryption Both sides must use the same Encryp...

Страница 53: ...nnection If the responders reject this propose the Router will not implement the compression When the Router works as a responder the Router will always accept compression even without enabling compression Keep Alive This mechanism helps to keep up the connection of IPSec tunnels Whenever a connection is dropped and detected it will be re established immediately AH Hash Algorithm AH Authentication...

Страница 54: ...tication The type of Local Security Gateway Type must match the Remote Security Gateway Type of VPN devices in the other end of tunnel The first three options are easier to use because the IP Addresses are static and do not change IP Only If you select IP Only only the specific IP Address set will be able to access the tunnel The Router s WAN IP address set above will automatically appear in this ...

Страница 55: ...ay be a single IP address a Subnet or an IP address range The Local Secure Group must match the Remote Secure Group on the other end of the tunnel Selecting IP Address allows only one computer with the specific IP Address access to the tunnel The default IP is 192 168 1 0 If you select Subnet all computers on the local subnet can access the tunnel The default IP is 192 168 1 0 and default Subnet M...

Страница 56: ...age Then enter E mail Address as an ID Dynamic IP Domain Name FQDN Authentication This setting uses a dynamic IP address which is constantly changing In addition the tunnel is confirmed through use of a domain name Only one domain name can be used for one tunnel and may not be applied to another tunnel These settings must match the Remote Group Setup on the other end of the tunnel Dynamic IP E mai...

Страница 57: ...If you select Manual you generate the key yourself and no key negotiation is needed Basically manual key management is used in small static environments or for troubleshooting purposes Both sides must use the same Key Management method Incoming Outgoing SPI Security Parameter Index SPI is carried in the ESP Encapsulating Security Payload Protocol header and enables the receiver and sender to selec...

Страница 58: ... Phase 1 is used to create a security association SA DH Diffie Hellman is a key exchange protocol that is used during phase 1 of the authentication process to establish pre shared keys There are three groups of different prime key lengths Group 1 is 768 bits Group 2 is 1 024 bits and Group 5 is 1 536 bits If network speed is preferred select Group 1 If network security is preferred select Group 5 ...

Страница 59: ...one way hashing algorithm that produces a 128 bit digest If users enable the AH Hash Algorithm in Advanced then it is recommended to select Null to disable authenticating ESP packets in Phase 2 but both sides of the tunnel must use the same setting Phase 2 SA Life Time This field allows you to configure the length of time a VPN tunnel is active The default value is 3 600 seconds Preshared Key Char...

Страница 60: ...header in the hashing process There are two algorithms MD5 and SHA1 MD5 produces a 128 bit digest to authenticate packet data and SHA1 produces a 160 bit digest to authenticate packet data NetBIOS broadcast Check the box to enable NetBIOS traffic to pass through the VPN tunnel By default RV0041 blocks these broadcasts Click the Save Settings button when you finish the settings or click the Cancel ...

Страница 61: ... Alert which are emailed log entries and alerts Mail Server If you wish to have any log or alert information E mailed to you then you must enter the name or numerical IP address of your SMTP server Your Internet Service Provider can provide you with this information Send E mail To This is the E mail address where the log files will be sent Log Queue Length entries This instructs the Router how oft...

Страница 62: ...VPN Log Outgoing Log Table Click this button to view information about the outgoing logs LAN IP Destination URL IP and Service Port number Incoming Log Table Click this button to view information about the incoming logs Source IP and Destination Port number Clear Log Now This button will clear out your log without e mailing it Clicking this button will delete all log information Log Tab System Sta...

Страница 63: ...Internet 2 From the first screen a WAN interface Select RJ 45 10 100 to use the port as a WAN port or select SFP MiniGBIC to use the port for 10 100 networking Click Next to continue Click Exit if you want to exit the wizard 3 The information on the next screen is used if your Internet Service Provider ISP requires a host and domain name Complete this information if required by your ISP and click ...

Страница 64: ...to exit the wizard If you chose Static IP enter the Static IP Subnet Mask and Default Gateway provided by your ISP Click Next to continue Click Previous if you want to return to the previous screen Click Exit if you want to exit the wizard If you chose PPPoE enter the User Name and Password provided by your ISP Click Next to continue Click Previous if you want to return to the previous screen Clic...

Страница 65: ... Wizard to help you easily set up the Firewall security policy for the Router 2 The first screen to appear explains the Access Rules Click Next to continue Click Exit if you want to exit the wizard 3 From the next screen choose if you d like to Allow or Deny the action you ll be choosing for the rule Click Next to continue Click Previous if you want to return to the previous screen Click Exit if y...

Страница 66: ...ant to return to the previous screen Click Exit if you want to exit the wizard 5 From the next screen select the Source from the Ethernet drop down menu Then select the users from the drop down menu Any single or Range Click Next to continue Click Previous if you want to return to the previous screen Click Exit if you want to exit the wizard Figure 5 60 Access Rule Wizard Select the Source Figure ...

Страница 67: ...g for the rule Always if the Rule is always in effect or Scheduling if you want to define a range for a specific time and day of the week Click Next to continue Click Previous if you want to return to the previous screen Click Exit if you want to exit the wizard 8 At the final screen if you don t need to make any changes click Save Settings Click Previous if you want to return to the previous scre...

Страница 68: ...em then click Downloads for this Product Click User Guide Linksys Web Site Click the Linksys Web Site button and it will link to the Support page of the Linksys Web Site www linksys com Logout Tab The Logout tab is located on the upper left corner of the Web Interface Clicking this tab will terminate the management session After you click the Logout tab you will be asked to confirm that you want t...

Страница 69: ...wing network components are installed box select the TCP IP associated with your Ethernet adapter If you only have one Ethernet adapter installed you will only see one TCP IP line with no association to an Ethernet adapter Highlight it and click the Properties button C In the TCP IP properties window select the IP address tab and select Specify an IP address Enter a unique IP address that is not u...

Страница 70: ...ction Properties window I Restart the computer if asked For Windows XP The following instructions assume you are running Windows XP with the default interface If you are using the Classic interface where the icons and menus look like previous Windows versions please follow the instructions for Windows 2000 A Click Start and Control Panel B Click the Network and Internet Connections icon and then t...

Страница 71: ...es window 5 Restart the computer if asked 6 Click the OK button in the Internet Protocol TCP IP Properties window and click the OK button in the Local Area Connection Properties window 7 Restart the computer if asked For Windows XP The following instructions assume you are running Windows XP with the default interface If you are using the Classic interface where the icons and menus look like previ...

Страница 72: ...be a problem with the connection Try the ping command from a different computer to verify that your original computer is not the cause of the problem 3 I am not getting an IP address on the Internet with my Internet connection A Refer to Problem 2 I want to test my Internet connection to verify that you have connectivity B If you need to register the MAC address of your Ethernet adapter with your ...

Страница 73: ... limitations due to occasional incompatibility with the NAT standard Change the IP address for the Router to another subnet to avoid a conflict between the VPN IP address and your local IP address For example if your VPN server assigns an IP address 192 168 1 X X is a number from 1 to 254 and your local LAN IP address is 192 168 1 X X is the same number used in the VPN IP address the Router will h...

Страница 74: ...as many entries as you like When you have completed the configuration click the Save Settings button 7 I need to set up online game hosting or use other Internet applications If you want to play online games or use Internet applications most will work without doing any port forwarding or DMZ hosting There may be cases when you want to host an online game or Internet application This would require ...

Страница 75: ... disable all the forwarding entries if you want to successfully use DMZ hosting since forwarding has priority over DMZ hosting In other words data that enters the Router will be checked first by the forwarding settings If the port number that the data enters from does not have port forwarding then the Router will send the data to whichever PC or network device you set for DMZ hosting Follow these ...

Страница 76: ...to gain access Please follow these directions to verify that you do not have any proxy settings and that the browser you use is set to connect directly to the LAN For Microsoft Internet Explorer 5 0 or higher A Click Start Settings and Control Panel Double click Internet Options B Click the Connections tab C Click the LAN settings button and remove anything that is checked D Click the OK button to...

Страница 77: ...s 192 168 1 50 Subnet Mask 255 255 255 0 Gateway 192 168 1 1 D Perform the upgrade using the Router s Web based Utility through its System Management Firmware Upgrade tab If the firmware upgrade failed the Router will still work using its current firmware If you want to use a backup firmware version go to System Management Restart Select Backup Firmware Version Click the Restart Router button to r...

Страница 78: ... Settings button to continue If your difficulties continue change the Size to different values Try this list of values one value at a time in this order until your problem is solved 1462 1400 1362 1300 16 I need to use port triggering Port triggering looks at the outgoing port services used and will trigger the Router to open a specific port depending on which port an Internet application uses Fol...

Страница 79: ...tions What is the maximum number of IP addresses that the Router will support The Router will support up to 253 IP addresses Is IPSec Passthrough supported by the Router Yes enable or disable IPSec Passthrough on the VPN VPN Pass Through tab Where is the Router installed on the network In a typical environment the Router is installed between the cable DSL modem and the LAN Plug the Router into the...

Страница 80: ...SP Can multiple gamers on the LAN get on one game server and play simultaneously with just one public IP address It depends on which network game or what kind of game server you are using For example Unreal Tournament supports multi login with one public IP How do I get Half Life Team Fortress to work with the Router The default client port for Half Life is 27005 The computers on your LAN need to ...

Страница 81: ...figuration screen for the Router What can I do You may have to remove the proxy settings on your Internet browser e g Netscape Navigator or Internet Explorer Or remove the dial up settings on your browser Check with your browser documentation and make sure that your browser is set to connect directly and that any dial up is disabled Make sure that your browser is set to connect directly and that a...

Страница 82: ... The Router is compatible with virtually any cable or DSL modem that supports Ethernet What is the maximum number of VPN sessions allowed by the Router The maximum number depends on many factors At least one IPSec session will work through the Router however simultaneous IPSec sessions may be possible depending on the specifics of your VPNs How can I check whether I have static or DHCP IP addresse...

Страница 83: ...inipcfg Then press the Enter key or the OK button 2 When the IP Configuration screen appears select the Ethernet adapter you have connected to the Router via a CAT 5 Ethernet network cable 3 Write down the Adapter Address as shown on your computer screen This is the MAC address for your Ethernet adapter and is shown as a series of numbers and letters The MAC address Adapter Address is what you wil...

Страница 84: ...at you will use for MAC address cloning or MAC filtering The example in Figure C 3 shows the Ethernet adapter s IP address as 192 168 1 100 Your computer may show something different For the Router s Web based Utility For MAC address cloning enter the MAC Address in the User Defined WAN MAC Address field or select MAC Address from this PC Click Save Settings to save the MAC Cloning settings or cli...

Страница 85: ...g brackets Setting up the Router You can set the Router on a desktop install it in a rack with attached brackets or mount it on the wall Placement of the Router Set the Router on a desktop or other flat secure surface Do not place excessive weight on top of the Router that could damage the Router Rack Mounting the Router The Router comes with two brackets and eight screws for mounting on a 19 inch...

Страница 86: ...t holes with the holes in the Router and attach with the screws using four on each side of the Router After the brackets are attached to the Router by screws you can rack mount it Attach the Router to the rack with two screws on each side Figure C 2 Attaching the Brackets to the Router and Rack Mounting the Router ...

Страница 87: ... bottom for wall mounting The horizontal distant between the two holes is 3 701 in 94mm Install two screws or nails into the wall 3 701 in 94 mm apart After the nails are secured on the wall line up the Router s holes with the screws on the wall to wall mount it The suggested mounting hardware is shown in Figure D 4 Figure C 3 Wall Mounting the Router ...

Страница 88: ...80 Appendix C Physical Setup of the Router Setting up the Router 10 100 1000 4 Port VPN Router Figure C 4 Wall Mounting Hardware ...

Страница 89: ...charge the Router cannot update the correct time except when connected to the NTP Server Do not attempt to replace this battery yourself You must call Linksys Technical Support to replace the battery Danger of explosion exists if the lithium battery is incorrectly replaced The battery can only be replaced with the same or equivalent type of CR2032 lithium battery WARNING The lithium battery can ex...

Страница 90: ... file from the Linksys website www linksys com or click the Firmware Download from Linksys Web Site button Select the Router from the pull down menu and choose the firmware from the options 2 Extract the file on your computer 3 Click the System Management Tab and then the Firmware Upgrade page 4 On the Firmware Upgrade screen enter the location of the extracted firmware upgrade file or click the B...

Страница 91: ... of instructions or protocol all PCs follow to communicate over a wired or wireless network Your PCs will not be able to utilize networking without having TCP IP enabled Windows Help provides complete instructions on enabling TCP IP Shared Resources If you wish to share printers folders or files over your network Windows Help provides complete instructions on utilizing shared resources Network Nei...

Страница 92: ...P or e mail server with a dynamic IP address use a fixed domain name Default Gateway A device that forwards Internet traffic from your local area network DHCP Dynamic Host Configuration Protocol A protocol that lets one device on a local network known as a DHCP server assign temporary IP addresses to the other network devices typically computers DMZ Demilitarized Zone Removes the Router s firewall...

Страница 93: ...ion that can occur in two directions over a single line but only one direction at a time Hardware The physical aspect of computers telecommunications and other information technology devices HTTP HyperText Transport Protocol The communications protocol used to connect to servers on the World Wide Web IP Internet Protocol A protocol used to send data over a network IP Address The address used to id...

Страница 94: ...r Ethernet A type of broadband connection that provides authentication username and password in addition to data transport PPTP Point to Point Tunneling Protocol A VPN protocol that allows the Point to Point Protocol PPP to be tunneled through an IP network This protocol is also used as a type of broadband connection in Europe Router A networking device that connects multiple networks together suc...

Страница 95: ...ol used for accessing remote PCs TFTP Trivial File Transfer Protocol A version of the TCP IP FTP protocol that uses UDP and has no directory or password capability Topology The physical layout of a network TX Rate Transmission Rate Upgrade To replace existing software or firmware with a newer version Upload To transmit a file over a network URL Uniform Resource Locator The address of a file locate...

Страница 96: ...et SFP Diag 1 4 UPnP able cert Yes Security Features SPI Firewall DES and 3DES Encryption for IPSec VPN Tunnel Dimensions 11 x 1 75 x 9 50 W x H x D 279 4 mm x 44 45 mm x 241 3 mm Unit Weight 52 oz 1 47 kg Power Input AC100 240V 0 8A Output DC 3 3A 5A Certifications FCC Class B CE Class B Operating Temp 0ºC to 40ºC 32ºF to 104ºF Storage Temp 0ºC to 70ºC 32ºF to 158ºF Operating Humidity 10 to 85 No...

Страница 97: ...g and handling charges ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE LIMITED TO THE DURATION OF THE WARRANTY PERIOD ALL OTHER EXPRESS OR IMPLIED CONDITIONS REPRESENTATIONS AND WARRANTIES INCLUDING ANY IMPLIED WARRANTY OF NON INFRINGEMENT ARE DISCLAIMED Some jurisdictions do not allow limitations on how long an implied warranty lasts so the above l...

Страница 98: ... does cause harmful interference to radio or television reception which is found by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment or devices Connect the equipment to an outlet other than the receiver s Consult a dealer or an ...

Страница 99: ...orking with Linksys products Give our advice line a call at 800 546 5797 LINKSYS Or fax your request in to 949 261 8868 If you experience problems with any Linksys product you can call us at 800 326 7114 Don t wish to call You can e mail us at support linksys com If any Linksys product proves defective during its warranty period you can call the Linksys Return Merchandise Authorization department ...

Отзывы: