SMC Networks SMCWBR14T-G User's Manual
Contents
1. 72 96 or a combination of both 4 55 CONFIGURING THE BARRICADE 4 56 Popular applications requiring multiple ports are listed in the Popular Applications field From the drop down list choose the application and then choose a row number to copy this data into Setup Wizard rr Home Network Settings Security Q TCP 3 TCP m Advanced Settings SDR U e tcp Es Tcp m C upp C upp 9 C TC 3 E TCP UDRBattle net C upp 10 7 GrTcRICUN e TCP UDHMSN Gaming Zone C upp Quick Time 4 Popular applications select one x Copy to SAVE SETTINGS CANCEL Note Choosing a row that already contains data will overwrite the current settings For a full list of ports and the services that run on them see www lana org assignments port numbers ADVANCED SETTINGS NAT Mapping Table This page displays the current NAPT Network Address Port Translation address mappings Setup Wizard NAT Mapping Table Home Network NAT Mapping Table displays the current NAPT address mappings index Protocol Local 1P Local Port Pseudo IP Pseudo Port Peer IP Peer Port Refresh Advanced Settings The NAT address mappings are listed 20 lines per page click the control buttons to move forwards and backwards As the NAT mapping is dynamic a Refresh button is provided to refresh the NAT Mapping Table with the most updated values The content of the NAT Mapping Table is d2. Address SMTP Server Enter your SMTP server address usually the part Address of the email address following the sign POP3 Server Enter your POP3 server address usually the part Address of the email address following the sign User Name Enter your email account user name 4 38 Parameter Password Defaults SECURITY Description Enter your email account password Connection Policy Fragmentation 10 secs Configures the number of seconds that a packet half open wait state structure remains active When the timeout value expires the router drops the unassembled packet freeing that structure for use by another packet TCP SYN wait 30 secs Defines how long the software will wait for a TCP session to reach an established state before dropping the session TCP FIN wait 5 secs Specifies how long a TCP session will be managed after the firewall detects a FIN exchange TCP connection 3600 secs The length of time for which a TCP session will be idle timeout 1 hour managed if there is no activity UDP session idle 30 secs The length of time for which a UDP session will timeou be managed if there is no activity DoS Detect Criteria Total incomplete 300 Defines the rate of new unestablished sessions that TCP UDP sessions will cause the software to s art deleting half open sessions HIGH sessions Total incomplete 250 Defines the rate of new unestablished sessions that TCP UDP sessions will cause
3. Configuring Your Macintosh Computer on page 3 15 3 1 TCP IP CONFIGURATION TCP IP Configuration 3 2 To access the Internet through the Barricade you must configure the network settings of the computers on your LAN to use the same IP subnet as the Barricade The default network settings for the Barricade are IP Address 192 168 2 1 Subnet Mask 255 255 255 0 Note These settings can be changed to fit your network requirements but you must first configure at least one computer to access the Barricade s web configuration interface in order to make the required changes See Configuring the Barricade on page 4 1 for instructions on configuring the Barricade Windows 2000 DHCP IP Configuration 1 On the Windows desktop click Start Settings Network and Dial Up Connections 2 Click the icon that corresponds to the connection to your Barricade 3 The connection status screen will open Click Properties CONFIGURING THE CLIENT PC 8 New Office Document A Open Office Document B windows Update 4 Acrobat Reader 5 0 I winzip fe Programs 3 Document gt Printers Arm Taskbar amp Start Menu Local Area Connection 1 Status Ax General m Connection Status Connected Duration 00 15 12 Speed 10 0 Mbps Activity af Sent 1 Received Packets 49 0 3 3 TCP IP CONFIGURATION 4 Double click Internet Protocol TCP IP
4. Setup Wizard Home Network Settings Status LAN Settings WAN Settings Wireless WDS Site Survey P Channel and SSID b WDS wep64_1111111111 Security Advanced Settings SMC 3COM_WPAPSK smc HMB610G Larry ptest philips Jamie The Wireless Distribution System WDS provides a means to extend the range of a Wireless Local Area Network WLAN WDS allows a wireless router to establish a direct link to other wireless base stations and to allows stations to roam freely within the area covered by the WDS Scan Channel MAC Address Security Enable WDS 6 00 30 11 b4 46 12 WEP a 6 00 04 e2 11 22 35 fm 6 00 30 11 91 06 24 wpa r 6 00 04 02 02 65 b8 r 6 00 04 e2 af ef 23 r 6 00 01 95 6a 3c bd WEP Fr 6 00 12 bf 00 00 c1 r SAVE SETTINGS CANCEL Parameter Description SSID The Service Set ID SSID is the name of your witeless network The SSID must be the same on the Barticade and all of its wireless clients Channel This device supports the following modes 11g only 11b only 11b g mixed mode Super G Dynamic Turbo and Super G Static Tutbo MAC Address The media access control address MAC address is a unique identifier attached to each wireless base station Security Displays the security mechanism in use Enable WDS Enables the WDS feature When enabled up to 4 WDS links can be set by specifying their Wireless MAC addtesses in the MAC address table Make sute the same channel is in use on a
5. UPnP Universal Plug and Play UPnP allows for simple and robust connectivity between external devices and your PC Routing Sets routing parameters and displays the current routing table 4 51 CONFIGURING THE BARRICADE NAT 4 52 The first menu item in the Advanced Settings section is Network Address Translation NAT This process allows all of the computers on your home network to use one IP address Using the NAT capability of the Barricade you can access the Internet from any computer on your home network without having to purchase more IP addresses from your ISP Setup Wizard Home Network Settings Network Address Translation NAT allows multiple users at your local site to access the Internet through a Security single public IP address or multiple public IP addresses NAT can also prevent hacker attacks by mapping local addresses to public addresses for key services such as the Web or FTP Advanced Settings NAT Settings Enable or disable NAT module function Enable Disable SAVE SETTINGS To use the NAT feature check the Enable check box and click Save Settings ADVANCED SETTINGS Address Mapping Network Address Translation NAT allows IP addresses used in a private local network to be mapped to one or more addresses used in the public global Internet This feature limits the number of public IP addresses required from the ISP and also maintains the privacy and security of the local net
6. WEP See WEP on page 4 45 For maximum wireless security you should enable the WPA WPA2 option See WPA WPA2 on page 4 47 Click Save Settings to proceed or Cancel to change your settings 4 43 CONFIGURING THE BARRICADE Access Control 4 44 For a mote secure wireless network you can specify that only certain wireless clients can connect to the Barricade Up to 32 MAC addresses can be added to the MAC Filtering Table When enabled all registered MAC addresses are controlled by the Access Rule Setup Wizard Home Network Settings For a more secure Wireless network you can specify that only certain Wireless PCs can connect Security to the Wireless Router Up to 32 MAC addresses can be added to the MAC Filtering Table When enabled all registered MAC addresses are controlled by the Access Rule Access Control e Enable MAC Filtering C Enable Disable SAVE SETTINGS CANCE e Access Rule for registered MAC address Allow Deny _ MAC Filtering Table up to 32 stations 1D MAC Address 1 foo foo foo foo foo foo Advanced Settings 2 eo foo foo foo foo foo Va E all By default this MAC filtering feature is disabled WEP SECURITY WEP is the basic mechanism to transmit your data securely over a wireless network Matching encryption keys must be set up on your Barricade and and each of your wireless client devices Home Netw
7. packet If this does not match what is expected the packet will be discarded This method provides very little security as it is possible to learn the authentication key by watching RIP packets Authentication Password Authentication key Code When a router receives a routing update that includes changes to an entry it updates its routing table to reflect the new route RIP routers maintain only the best route to a destination After updating its routing table the router immediately begins transmitting routing updates to inform other network routers of the change Click Save Settings to proceed or Cancel to change your settings 4 69 CONFIGURING THE BARRICADE Routing Table Click Routing Table to view the screen below Setup Wizard Home Network Routing Table Settings List Routing Table Security Advanced Settings Flags Network Address Netmask Gateway Interface Metric NA c 192 168 2 0 255 255 255 0 directly LAN ste Ic 127 0 0 1 255 255 255 255 directly Loopback e Flags C directly connected S static R RIP I ICMP Redirect Parameter Description Flags Indicates the route status C Direct connection on the same subnet S Static route R RIP Routing Information Protocol assigned route I ICMP Internet Control Message Protocol Redirect route Network Address Destination IP address Netmask The subnetwork associated with the destination This is a template
8. Figure 2 3 Installing with a Splitter 2 6 CONNECT THE SYSTEM Installing a Splitterless Connection If you are using a splitterless G lite connection then your service provider will attach the outside ADSL line directly to your phone system Use a straight through CAT 5 Ethernet cable RJ 45 to connect the Barricade to the cable DSL modem You will have to add low pass filters to your phones as shown below Plain Old Telephone System POTS i Voice LEN LEN Residential i i eae Voice Fler Point Network amp Data Interface Device NID Voice amp Datay a Modem v gt Barricade Data Y or N E E N au E p hub or switch Figure 2 4 Installing without a Splitter 2 7 INSTALLATION Connecting the Barricade to your LAN 2 8 The four LAN ports on the Barricade auto negotiate the connection speed to 10 Mbps Ethernet or 100 Mbps Fast Ethernet as well as the transmission mode to half duplex or full duplex Use RJ 45 cables to connect any of the four LAN ports on the Barricade to an Ethernet adapter on your PC Otherwise cascade any of the LAN ports on the Barricade to an Ethernet hub or switch and then connect your PC or other network equipment to the hub or switch When inserting an RJ 45 connector be sure the tab on the connector clicks into position to ensure that it is properly seated Warning Do not plug a phone jack connector into an RJ 45 port This may damage
9. Home Network Settings This page defines schedule rule names and activates the schedule for use in the Access Control page Security Schedule Rule Table up to 10 rules Rule Name Rule Comment Configure Weekdays Rule 1 No weekday emailing Edit Delete Add Schedule Rule SAVE SETTINGS CANCEL Advanced Settings You may filter Internet access for local clients based on rules Each access control rule may be activated at a scheduled time First define the schedule on the Schedule Rule page then apply the rule on the Access Control page 1 To adda new rule click Add Schedule Rule Proceed to the following page 4 29 CONFIGURING THE BARRICADE Edit Schedule Rule 4 30 2 Define the appropriate settings for a schedule rule as shown on the following screen ax Bt Hom 1 getapiwizard Edit Schedule Rule Home Network Settings Name Weekdays Rule 1 Security Comment No weekday emailing e Activate Time Period Week Day Start Time hh mm End Time hh mm Every Day Sunday E AA Advanced Settings MEE 14 joo 23 8959 Tuesday 14 foo 23 s9 Wednesday 14 foo 23 59 Thursday 14 foo 23 59 Friday i i Saturday i N Cancel sl 3 Upon completion click OK to save your schedule rules and then click Save Settings to make your settings to take effect Each access control rule may be activated at a scheduled time First define the schedule on the Schedule Rule pa
10. Once a configuration change has been made on a page click the Save Settings or NEXT button at the bottom of the page to make the new settings active Note To ensure proper screen refresh after a command entry check that Internet Explorer 5 5 is configured as follows Under the menu Tools Internet Options General Temporary Internet Files Settings the setting for Check for newer versions of stored pages should be Every visit to the page Status MAKING CONFIGURATION CHANGES The Status screen displays WAN LAN connection status firmware and hardware version numbers as well as information on DHCP clients connected to your network You can also view the Security Log Setup Wizard Home Network Settings Security Advanced Settings Status a You can use the Status screen to see the connection status for the wireless router s WAN LAN interfaces firmware and hardware version numbers any illegal attempts to access your network as well as information on all DHCP client PCs currently connected to your network e Current Time 2004 12 18 00 50 57 INTERNET Renew Home Network LAN IP Address 192 168 2 1 Subnet Mask 255 255 255 0 DHCP Server Enabled Firewall Disabled UPnP Enabled Wireless Enabled ADSL only PPTP Client Line 1 Disabled PPTP Server Line 1 Disconnected Y E Home Logo Setup Wizard INFORMATION Bl Home Network Numbers of DHCP Clients o Settings Run
11. and cables are covered by a standard one year warranty from date of purchase SMC Networks Inc 38 Tesla Irvine CA 92618 COMPLIANCES Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference
12. server Secret Key The 802 1X secret key used to configure the Barricade NAS ID Defines the request identifier of the Network Access Server 802 1X The use of IEEE 802 1X offers an effective framework for authenticating and controlling user traffic to a protected network as well as dynamically vatying encryption keys 802 1X ties EAP Extensible Authentication Protocol to both the wired and wireless LAN media and supports multiple authentication methods such as token cards Kerberos one time passwotds certificates and public key authentication Click Save Settings to proceed or Cancel to change your settings ADVANCED SETTINGS Advanced Settings To configure the advanced settings such as NAT Maintenance System settings and UPnP click Advanced Settings Note Changing some of the device settings in the Advanced Settings mode may cause the Barricade to become unresponsive The Barricade s advanced management interface contains 6 main menu items as described in the following table Menu Description NAT Shares a single ISP account with multiple users sets up virtual servers Maintenance Allows you to backup restore reset and upgrade the Barricade s firmware System Sets the local time zone the password for administrator access the IP address of a PC that will be allowed to manage the Barricade remotely and the IP address of a Domain Name Server SNMP Community string and trap server setting
13. 15 802 11g 12Mbps 15 802 11g 18Mbps 15 802 11g 24Mbps 15 802 11g 36Mbps 15 802 11g 48Mbps 15 802 11g 54Mbps 15 Sensitivity Modulation Rate Receiver 2 412 2 484 HGz Sensitivity dBm 802 11b 1Mbps 90 802 11b 2Mbps 88 802 11b 5 5Mbps 85 802 11b 11Mbps 84 Modulation Rate Receiver Sensitivity Typical dBm 802 11g 6Mbps 88 C 3 SPECIFICATIONS C 4 Environmental SMCWBR14T G complies with the following standards Temperature Operating 0 to 40 C 32 to 104 F Storage 40 to 70 C 40 to 158 F Humidity 5 to 95 non condensing Vibration IEC 68 2 36 IEC 68 2 6 Shock IEC 68 2 29 Drop IEC 68 2 32 IEEE Standards IEEE 802 3 802 3u 802 11g 802 1D ITU G dmt ITU G Handshake ITU T 413 issue 2 ADSL full rate FOR TECHNICAL SUPPORT CALL From U S A and Canada 24 hours a day 7 days a week 800 SMC 4 YOU Phn 949 679 8000 Fax 949 679 1481 From Europe Contact details can be found on Www smc europe com or www smc com From Asia Pacific Contact details can be found on www smc asia com INTERNET E mail addresses techsupport smc com european techsupport smc europe com support smc asia com Driver updates http www smc com index cfm action tech_support_ drivers downloads http www smc asia com index php option com_downloads amp ltemid 50 World Wide Web http www smc com http www smc europe com http www smc asia com For Lite
14. 3 jec Site 18 Advanced Settings etel Site 4 Site 19 Site 5 Site 20 Sie 6 TI Site 21 site 7 Site 22 site 8 Site 23 Site 9 Site 24 site 10 Site 25 Site 11 Site 26 site 2 In Site 27 Site 13 Site 28 Gite 14 1 Gite oa r ll You can define up to 30 sites or keywords here To configure the Parental Control feature use the table to specify the web sites www somesite com and or keywords you want to block on your network To complete this configuration you will need to create or modify an access rule in Access Control Add PC on page 4 32 To modify an existing rule click the Edit option next to the rule you want to modify To create a new rule click on the Add PC option From the Access Control Add PC section check the option for WWW with Parental Control in the Client PC Service table to filter out the web sites and keywords selected below on a specific PC Click Save Settings to proceed or Cancel to change your settings SECURITY Intrusion Detection The Barricade s firewall inspects packets at the application layer maintains TCP and UDP session information including timeouts and number of active sessions and provides the ability to detect and prevent certain types of network attacks such as Denial of Service DoS attacks Intrusion Detection When the SPI Stateful Packet Inspection firewall feature is enabled all packets can be blocked Stateful Packet Inspection SPI allows full support of diffe
15. Communications gt Internet Explorer ommand Prompt Ea Outlook Express w Paint y CY wordPad y Documents Prompt ee A Search Help Run Shut Down BN Start 2 In the Command Prompt window type IPCONFIG RELEASE and press the Enter key Microsoft Windows 2000 Version 5 80 2195 lt C gt Copyright 1985 2808 Microsoft Corp C Documents and Settings Nlaurence gt IPCONFIG RELEASE Windows 2000 IP Configuration IP addre successfully released for adapter Local Area Connection 2 C Documents and SettingsNlaurence gt 3 5 TCP IP CONFIGURATION 3 6 Type IPCONFIG RENEW and press the Enter key Verify that your IP Address is now 192 168 2 xxx your Subnet Mask is 255 255 255 0 and your Default Gateway is 192 168 2 1 These values confirm that your Barricade is functioning correctly ion 5 80 2195 oft Corp C Documents and Settings laurence gt IPCONFIG RELEASE Windows 2888 IP Configuration IP addre successfully released for adapter Local Area Connection C Documents and Settings laurence gt IPCONFIG RENEW Windows 2888 IP Configuration Ethernet adapter Local Area Connection 2 192 168 2 108 E la 255 255 255 0 Default Gateway 192 168 2 1 C Documents and Settin Type EXIT and press the Enter key to close the Command Prompt window CONFIGURING THE CLIENT PC Manual IP Configuration 1 2 Follow steps 1 4 in DHCP
16. IP address of 0 0 0 0 any host can manage the Barricade For remote management via WAN IP address you need to connect using port 8080 Simply enter WAN IP address followed by 8080 in the address field of your web browser for example 212 120 68 20 8080 4 63 CONFIGURING THE BARRICADE SNMP Community 4 64 Click SNMP and then Community to access the screen below SENSE Setup Wizard SNMP Community 2 Home Network Settings In the context of SNMP a relationship between an agent and a set of SNMP managers defines security characteristics The community concept is a local one defined at the agent The agent establishes one Security community for each desired combination of authentication access control and proxy characteristics Each Advanced Settings community is given a unique within this agent community name and the management stations within that community are provided with and must employ the community name in all get operations The agent may establish a number of communities with overlapping management station membership No Community Access Valid 1 public Ready PB 2 private Write 7 K 3 Read y f Read y gt eee m m Use the SNMP configuration screen to display and modify parameters for the Simple Network Management Protocol SNMP A computer attached to the network called a Network Management Station NMS can be used to access this information Access rights to the agent are cont
17. a common radio channel and SSID Service Set ID to be used by the Barricade and all of its wireless clients Be sure you configure all of its clients to the same value For security purposes you should change the default SSID immediately ER O 4 Modem settings 5 ADSL settings Parameter 1 Getting started 2 Wireless settings 2 Wireless settings This page allows you to enter the Wireless Network Name SSID and the Channel number a sanon Wireless Network Name SSID Sc Broadcast Wireless Network ENABLE DISABLE Name Wireless Mode 11 b g Mixed mode Wi Fi Channel number 6 gt Extend Range C ENABLE DISABLE BACK Description The Service Set ID SSID is the name of your Wireless Network Name SSID wireless network The SSID must be the same on the Barricade and all of its wireless clients Broadcast Wireless Network Name Enable or disable the broadcasting of the SSID If you disable broadcast of the SSID only devices that have the correct SSID can connect This nullifies the wireless network discovery feature of some products such as Windows XP Default Enable Wireless Mode This device supports the following modes 11g only 11b only 11b g mixed mode Super G Dynamic Turbo and Super G Static Turbo Wi Fi Channel Number This device supports the following modes 11g only 11b only 11b g mixed mode Super G Dynamic Turbo and Super G Static
18. be setup on your wireless router and wireless client devices to use WPA WPA2 Cipher suite TKIP AES WPA WPA2 Authentication C 802 1X Pre shared Key Pre shared key type passphrase 863 characters C Hex 64 digits Pre shared Key Group Key Re_Keying per 1800 Per 1000 Disable Seconds K Packets SAVE SETTINGS CANCEL Description The security mechanism used in WPA for encryption Select TKIP AES WPA WPA2 or AES WPA2 Only Select 802 1X or Pre shared Key for the authentication method 802 1X for the enterprise network with a RADIUS server Pre shared key for the SOHO network environment without an authentication server Pre shared key type Select the key type to be used in the Pre shared Key Pre shared Key Type the key here Group Key Re_Keying The period of renewing the broadcast multicast key 4 47 CONFIGURING THE BARRICADE 4 48 WPA WPA addresses all known vulnerabilities in WEP the original less secure 40 or 104 bit encryption scheme in the IEEE 802 11 standard WPA also provides user authentication since WEP lacks any means of authentication Designed to secure present and future versions of IEEE 802 11 devices WPA is a subset of the IEEE 802 111 specification WPA replaces WEP with a strong new encryption technology called Temporal Key Integrity Protocol TKIP with Message Integrity Check MIC It also provides a scheme of mutual authent
19. browser Internet Explorer 5 5 or later Mozilla 1 7 Firefox 1 0 or later Hardware Description 2 2 The Barricade connects to the Internet or to a remote site using its ADSL RJ 45 port It can be connected directly to your PC or to a local area network using the Fast Ethernet LAN port Access speed to the Internet depends on your service type Full rate ADSL provides up to 8 Mbps downstream and 1 Mbps upstream G lite or splitterless ADSL provides up to 1 5 Mbps downstream and 512 kbps upstream However you should note that the actual rate provided by specific service providers may vaty dramatically from these upper limits Data passing between devices connected to your local area network can run at up to 100 Mbps over the Fast Ethernet port and 54 Mbps over the built in wireless network adapter HARDWARE DESCRIPTION The Barricade includes an LED display on the front panel for system power and port indications that simplifies installation and network troubleshooting Figure 2 1 Front LED indicators The power and port LED indicators on the front panel are illustrated by the following table LED Status Description LAN 1 4 On Ethernet link Flashing The LAN port is sending or receiving data Off No Ethernet link WLAN On WLAN link Flashing The Barricade is sending or receiving data via WLAN Off No WLAN link PPPoE DSL On PPPoE DSL connection is functioning corr
20. but may be required by some service providers Enter a Maximum Idle Time in minutes to define a maximum period of time for which the Internet connection is maintained during inactivity If the connection is inactive for longer than the Maximum Idle Time then it will be dropped You can enable the Auto reconnect option to automatically re establish the connection as soon as you attempt to access the Internet again PPPoE Security Advanced Settings If your Internet Service Provider requires the use of PPPoE enter the information below Use PPPoE Authentication UserName SCS Password a Please retype your password i y Service Name MTU i454 576 lt MTU Value lt 1492 Maximum Idle Time 29 min W Auto reconnect SAVE SETTINGS CANCEL Click Save Settings to proceed or Cancel to change your settings 4 21 CONFIGURING THE BARRICADE PPTP 4 22 Enter the User ID and Password assigned by your ISP in the appropriate fields Enter the Idle Time Out for the Internet connection This is the period of time for which the connection to the Internet is maintained during inactivity The default setting is 10 minutes If your ISP charges you by the minute you should change the Idle Time Out to one minute After the Idle Time Out has expired set the action you wish the Barricade to take You can tell the device to connect manually or automatically as soon as you try to access the Internet again or to keep the ses
21. einen Brand bzw elektrischen Schlag ausl sen ffnen sie niemals das Ger t Das Ger t darf aus Gr nden der elektrischen Sicherheit nur von authorisiertem Servicepersonal ge ffnet werden Wenn folgende Situationen auftreten ist das Ger t vom Stromnetz zu trennen und von einer qualifizierten Servicestelle zu berpr fen a Netzkabel oder Netzstecker sind besch digt b Fl ssigkeit ist in das Ger t eingedrungen c Das Ger t war Feuchtigkeit ausgesetzt d Wenn das Ger t nicht der Bedienungsanleitung entsprechend funktioniert oder Sie mit Hilfe dieser Anleitung keine Verbesserung erzielen e Das Ger t ist gefallen und oder das Geh use ist besch digt f Wenn das Ger t deutliche Anzeichen eines Defektes aufweist Stellen Sie sicher da die Stromversorgung dieses Ger tes nach der EN 60950 gepr ft ist Ausgangswerte der Stromversorgung sollten die Werte von AC 7 5 8 V 50 60 Hz nicht ber oder unterschreiten sowie den minimalen Strom von 1 A nicht unterschreiten Der arbeitsplatzbezogene Schalldruckpegel nach DIN 45 635 Teil 1000 betr gt 70 dB A oder weniger viii TABLE OF CONTENTS Introduction sn Asa A A a OSs 1 1 About the Batticade ran an ner nn ee RL En 1 1 Feat res and Benefits Ar un ae ae 1 2 Dpphicationss s nar o aldo A AATE a A en EA 1 3 Installation as era EA a As 2 1 Package Contents iia te este 2 1 System Requirements o a nr LER eh 2 2 Hardware Description 2 0 0 6 eee nennen 2 2 AAA
22. fes f m EndIP fi fies PB fo Domain Name Lease Time Forever The LAN Settings parameters are listed below Parameter Description Wireless Router IP Address IP Address The IP address of the Barricade IP Subnet Mask The IP subnet mask DHCP Server DHCP Server DHCP allows individual computers to obtain the TCP IP configuration at startup from a centralized DHCP server To dynamically assign an IP address to a client PC enable the DHCP Dynamic Host Configuration Protocol function DHCP Server ID Enter the DHCP Server ID hete 4 17 CONFIGURING THE BARRICADE 4 18 Parameter DHCP IP Address Pool Start IP End IP Domain Name Lease Time Description The DHCP IP Address Pool is the range of IP addresses set aside for dynamic assignment to the computers on your network This field indicates the first of the contiguous IP addresses in the IP address pool This field indicates the last of the contiguous IP addresses in the IP address pool The domain name is the name you assign to your network The length of time the DHCP server will reserve the IP address for each computer Setting lease times for shorter intervals such as one day or one hour frees IP addresses after the specified period of time This also means that a particular computer s IP address may change over time If you have set any advanced features such as DMZ this is dependent on the IP address For this reason you will n
23. no longer have access to network resources The Barricade protects against DoS attacks including Ping of Death Ping flood attack SYN flood attack IP fragment attack Teardrop Attack Brute force attack Land Attack IP Spoofing attack IP with zero length TCP null scan Port Scan Attack UDP port loopback Snork Attack Note The firewall does not significantly affect system performance so we advise enabling the prevention features to protect your network SECURITY The table below lists the Intrusion Detection parameters and their descriptions Parameter Defaults Description Intrusion Detection Feature SPland Anti DoS firewall protection RIP Defect No Disabled The Intrusion Detection feature of the Barricade limits the access of incoming traffic at the WAN port When the Stateful Packet Inspection SPI feature is turned on all incoming packets are blocked except those types marked with a check in the SPI section at the top of the screen If the router does not reply to an IPX RIP request packet it will stay in the input queue and not be released Accumulated packets could cause the input queue to fill causing severe problems for all protocols Enabling this feature prevents the packets accumulating Discard Ping to WAN Don t discard Prevents a ping on the router s WAN port from being routed to the network 4 37 CONFIGURING THE BARRICADE Parameter Defaults Description Stat
24. oe gli haa oS IA ee ee Hr 2 5 Gonnectithe System isis seit IE BE denn 2 5 Connect the ADSL Cable Modem Line 22222 2 5 Phone Line Configuration 1 0 0 0 cece eee 2 6 Connecting the Barricade to your LAN 0 0005 2 8 Connect the Power Adapter 00 2 9 Configuring The Client PC oo ooooo o 3 1 TCP IP Configuration ress erbia 3004 bate soportar dela proye 3 2 Windows 2000 is cata it 3 3 Obtain IP Settings From Your Barricade oooomm o o 3 5 Manual IP Configuration 0 cee eee eee 3 7 WindowsXP tus tis le at aoe Meats Saad dine bake ay Sea See 3 9 Disable HP Proxy un an ee 3 14 Configuring Your Macintosh Computer 000 00 eee eee 3 15 Disable METP Proxy aid a ads eda hes 3 17 Configuring the Barricade oooooooooo 4 1 Navigating the Web Browser Interface 000 cee eee eee 4 2 Making Configuration Changes 0 0 ce eee ee eee 4 3 Tooin Screen a ate ihe A ub oN ans Bi la 4 4 Setup Wizarde sea eis gehn 4 5 Getting Started anne a ete tiie e eat a 4 5 Wireless Settings tia a si ls 4 6 Internet Settings nr 2 al a a ai 4 8 Cable Modem Settings 22 222222 eeeeeeeeeeennnn nn 4 9 ix TABLE OF CONTENTS ADSL Settings Fixed IP xDSL ooooooocccooommmo 4 10 ADSL Settings PPPOE ba 4 2 2 aa 4 11 ADSE Settines PPFP cia 4 a 4 12 Home Network Settings 2 0 0 0 cece eee 4 13 Making Configuration Changes ooooocccccccco
25. the software to stop deleting half open sessions LOW sessions Incomplete 250 Maximum number of allowed incomplete TCP UDP sessions TCP UDP sessions per minute sessions per min HIGH Incomplete 200 Minimum number of allowed incomplete TCP UDP sessions TCP UDP sessions per minute sessions per min LOW Maximum 10 Maximum number of incomplete TCP UDP incomplete sessions sessions from the same host TCP UDP sessions number from same host 4 39 CONFIGURING THE BARRICADE Parameter Defaults Description Incomplete 300 msecs Length of time before an incomplete TCP UDP TCP UDP session is detected as incomplete sessions detect sensitive time period Maximum 30 Maximum number of half open fragmentation half open sessions packets from the same host fragmentation packet number from same host Half open 1 sec Length of time before a half open fragmentation fragmentation session is detected as half open detect sensitive time period Flooding cracker 300 secs Length of time from detecting a flood attack to block time blocking the attack Note We do not recommend modifying the default parameters shown above Click Save Settings to proceed or Cancel to change your settings 4 40 SECURITY DMZ Setup Wizard DMZ Demilitarized Zone Home Network Settings If you have a local client PC that cannot run an Internet application properly from behind the firewall then you can Security
26. 4 64 Gommunity A at BA et ote ee E 4 64 Tape ya a cin tated econ A Moa le 4 65 WRI Pye o OEE elisa Beak oo So itis E 4 66 ROMA a A DA A Ravi A 4 67 Static Route joy Ya ns u N ER 4 67 RIP unse ai u Al did 4 68 Routing Table SRH a Sr a ER rag 4 70 Troubleshooting sa na A 1 Cables an en re ae B 1 Ethernet Gable wisn cl Bacau ae ee B 1 Specifications an a Bley Bg Leta B 1 Wiring Conventions so Taena Ak cee cence eee B 1 RJ 45 Port Ethernet Connection 0 0000 c ccc cece eee B 2 Pin ASSIOnIMeN a rn Ares B 3 Specifications an ana C 1 xi TABLE OF CONTENTS CHAPTER 1 INTRODUCTION Congratulations on your purchase of the Barricade SMCWBR14T G We are proud to provide you with a powerful yet simple communication device for connecting your local area network LAN to the Internet For those who want to surf the Internet in the most secure way this router provides a convenient and powerful solution About the Barricade The Barricade provides Internet access to multiple users by sharing a single user account This new technology provides many secure and cost effective functions It is simple to configure and can be up and running in minutes 1 1 FEATURES AND BENEFITS Features and Benefits 1 2 Local network connection via a 10 100 Mbps Ethernet port DHCP for dynamic IP configuration and DNS for domain name mapping Firewall with Stateful Packet Inspection client privileges intrusion detec
27. 5 If Obtain an IP address automatically and Obtain DNS server address automatically are already selected your computer is already configured for DHCP If not select these options now and click OK Local Area Connection 1 Properties 4 2 x General Sharing l Connect using 3 SMC EZ Card 10 100 S5MC1211Tx Configure Components checked are used by this connection E Client for Microsoft Networks a SMC EZStart Service a File and Printer Sharing for Microsoft Networks Internet Protocol TCP IP K K K K Internet Protocol TCP IP Properties Axl General You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings IP address Subnet mask Default gateway Obtain DNS server address automatically Use the following DNS server addresses Prefered DNS server Alternate DNS server Advanced CONFIGURING THE CLIENT PC Obtain IP Settings From Your Barricade Now that you have configured your computer to connect to your Barricade it needs to obtain new network settings By releasing old DHCP IP settings and renewing them with settings from your Barricade you can verify that you have configured your computer correctly 1 On the Windows desktop click Start Programs Accessories Command Windows Update 3 a
28. C Networks dat deze Radio LAN device voldoet aan de essenti le eisen en aan de overige relevante bepalingen van Richtlijn 1999 5 EC French Par la pr sente SMC Networks d clare que l appareil Radio LAN device est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Swedish Danish German H rmed intygar SMC Networks att denna Radio LAN device st r verensst mmelse med de v sentliga egenskapskrav och vriga relevanta best mmelser som framg r av direktiv 1999 5 EG Undertegnede SMC Networks erkl rer herved at f lgende udstyr Radio LAN device overholder de v sentlige krav og vrige relevante krav i direktiv 1999 5 EF Hiermit erkl rt SMC Networks dass sich dieser diese dieses Radio LAN device in bereinstimmung mit den grundlegenden Anforderungen und den anderen relevanten Vorschriften der Richtlinie 1999 5 EG befindet BMWi Hiermit erkl rt SMC Networks die bereinstimmung des Ger tes Radio LAN device mit den grundlegenden Anforderungen und den anderen relevanten Festlegungen der Richtlinie 1999 5 EG Wien Greek vi Me nv Trapouoa smc networks nAwvel ot radio LAN device OUUNOPYWVETAI TTPOO TIO OUOIW EIO ATTAITNOEIO KAI TIO AOITTEO OXETIKEO latage o THO o ny ao 1999 5 ek COMPLIANCES Italian Con la presente SMC Networks dichiara che questo Radio LAN device conforme ai requisiti essenziali ed alle altre disposiz
29. CP Port 443 r File Transfer FTP TCP Port 21 m Telnet Service TCP Port 23 r AIM AOL Instant Messenger TCP Port 5190 r NetMeeting H 323 TCP Port 1720 1503 r DNS UDP Port 53 r SNMP UDP Port 161 162 E Define the appropriate settings for client PC services as shown above At the bottom of this screen you can set the scheduling function You can set this function to Always Blocking or to whatever schedule you have defined in the Schedule Rule screen Click OK to save your settings The added PC will now appear in the Access Control page For the URL keyword blocking function you will need to configure the URL address or blocked keyword on the Parental Control page first Click Parental Control to add to the list of disallowed URL s and keywords To enable scheduling you also need to configure the schedule rule first See Schedule Rule on page 4 29 Click Schedule Rule to set the times for which you wish to enforce the rule SECURITY MAC Filter Use this page to block access to your network using MAC addresses Setup Wizard MAC Filter Home Network Settings This section helps provides MAC Filter configuration When enabled only MAC addresses configured will have access to your network All other client devices will get denied access This Security security feature can support up to 32 devices and applies to clients MAC Address Control C Enable Disable SAVE SETTINGS CANCE MAC Fi
30. Configuration and click NEXT to save your Barricade s configuration to a file named config bin on your PC You can then check the Restore from saved Configuration file SMCWBR14T_backup bin radio button and click NEXT to restore the saved backup configuration file To restore the factory settings check Restore Wireless Router to Factory Defaults and click NEXT You will be asked to confirm your decision MAINTENANCE Firmware Upgrade Use this screen to update the firmware to the latest version Setup Wizard Home Network Firmware Upgrade This tool allows you to upgrade the wireless router firmware You can download the latest firmware from the ite The product code is SMCWBR14T G Advanced Settings Enter the path and name or browse to the location of the upgrade file then click the BEGIN UPGRADE button You will be prompted to confirm the upgrade to complete the process a Browse BEGIN UPGRADE CANCEL Go to www smc com to find the latest firmware Download the firmware to your hard drive first Click Browse to locate the saved file After locating the new firmware file click BEGIN UPGRADE Follow the instructions to complete the upgrade After restarting check the Status page to make sure the device is running the new code 4 59 CONFIGURING THE BARRICADE Reset Perform a reset from this screen Setup Wizard Home Network Settings In the event that the system
31. IP Configuration on page 3 3 Select Use the Pinternet protocol TCP IP properties ES following IP address General Enter an IP address You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for based on the default o network 192 168 2 Obtain an IP address automatically h b 2 Use the following IP address w ere x is between IP address 192 168 2 20 and 254 and use Subnet mask 255 255 285 0 255 255 255 0 for the Default gateway 192 168 2 1 subnet mask Use Obtain DNS server address automatically 192 168 2 1 for the f Use the following DNS server addresses Preferred DNS server 192 168 2 1 Default gateway field Altemate DNS server E 7 Select Use the following DNS server addresses Enter the IP address for the Barricade in the Preferred DNS server field This automatically relays DNS requests to the DNS server s provided by your ISP Otherwise add a specific DNS server into the Alternate DNS Server field and click OK to close the dialog boxes Record the configured information in the following table TCP IP Configuration Setting IP Address Subnet Mask Preferred DNS Server Alternate DNS Server Default Gateway 3 7 TCP IP CONFIGURATION Disable HTTP Proxy You need to verify that the HTTP Proxy feature of your web browser is disabled This is so that your brow
32. M Enable Automatic Time Server Maintenance When you enable this option you will need to configure two different time servers use the options below to set the primary and secondary NTP servers in your area Primary Server 129 132 2 21 Europe Ez Secondary Server 130 149 17 8 Europe y SAVE SETTINGS CANCEL Set the time zone and time server for the Barricade This information is used for log entries and client access control Check Enable Automatic Time Server Maintenance to automatically maintain the Barricade s system time by synchronizing with a public time server over the Internet Then configure two different time servers by selecting the options in the Primary Server and Secondary Server fields 4 61 CONFIGURING THE BARRICADE Password Settings Use this page to restrict access based on a password For security you should assign one before exposing the Barricade to the Internet Setup Wizard Home Network Settings Set a password to restrict management access to the wireless router If you want to manage the wireless Security router from a remote location outside of the local network you must also specify the IP address of the remote PC You can do this in the System Remote Management menu e Current Password New Password e Re Enter Password for Verification Idle Time Out 1b_ Min Idle Time 0 NO Time Out Password Settings Advanced Settings SAVE SETTINGS CANCEL Pa
33. Please Enter the following Configuration Parameters O NAT Maintenance General RIP parameter Poesia RIP mode C Enable Disable m e Auto summary Enable Disable UPNP Table of current interface RIP parameter Routing ORE Rat Interface Operation Mode Version Poison Authentication Authentication D RIP Reverse Required Code D i ib pause iene WAN Disable Bi 17 Enable None 7 WLAN_g Disable bl E Enable y None y sl Parameter Description General RIP Parameters RIP Mode Globally enables or disables RIP Auto summary If Auto summary is disabled then RIP packets will include sub network information from all subnetworks connected to the router If enabled this sub network information will be summarized to one piece of information covering all subnetworks Table of current Interface RIP parameter Interface Operation Mode Version Poison Reverse The WAN interface to be configured Disable RIP disabled on this interface Enable RIP enabled on this interface Silent Listens for route broadcasts and updates its route table It does not participate in sending route broadcasts Sets the RIP Routing Information Protocol version to use on this interface A method for preventing loops that would cause endless retransmission of data traffic ROUTING Parameter Description Authentication None No authentication Required SER e 7 Password A password authentication key is included in the
34. SMGCWBR141 G Barricade Wireless Broadband Router From SMC s line of award winning connectivity solutions SMC Networks 38 Tesla May 2005 RO1 F W 1 00 149100019300 Irvine CA 92618 Phone 949 679 8000 Information furnished is believed to be accurate and reliable However no responsibility is assumed by our company for its use nor for any infringements of patents or other rights of third parties which may result from its use No license is granted by implication or otherwise under any patent or patent rights of our company We reserve the right to change specifications at any time without notice Copyright O 2005 by SMC Networks Inc 38 Tesla Irvine CA 92618 All rights reserved Trademarks Product and company names are trademarks or registered trademarks of their respective holders LIMITED WARRANTY Limited Warranty Statement SMC Networks Inc SMC warrants its products to be free from defects in workmanship and materials under normal use and service for the applicable warranty term All SMC products carry a standard 90 day limited warranty from the date of purchase from SMC or its Authorized Reseller SMC may at its own discretion repair or replace any product not operating as warranted with a similar or functionally equivalent product during the applicable warranty term SMC will endeavor to repair or replace any product returned under warranty within 30 days of receipt of the product The s
35. THE SALE INSTALLATION MAINTENANCE OR USE OF ITS PRODUCTS SMC SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY CUSTOMERS OR ANY THIRD PERSON S MISUSE NEGLECT IMPROPER INSTALLATION OR TESTING UNAUTHORIZED ATTEMPTS TO REPAIR OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE OR BY ACCIDENT FIRE LIGHTNING OR OTHER HAZARD LIMITATION OF LIABILITY IN NO EVENT WHETHER BASED IN CONTRACT OR TORT INCLUDING NEGLIGENCE SHALL SMC BE LIABLE FOR INCIDENTAL CONSEQUENTIAL INDIRECT SPECIAL OR PUNITIVE DAMAGES OF ANY KIND OR FOR LOSS OF REVENUE LOSS OF BUSINESS OR OTHER FINANCIAL LOSS ARISING OUT OF OR IN CONNECTION WITH THE SALE INSTALLATION MAINTENANCE USE PERFORMANCE FAILURE OR INTERRUPTION OF ITS PRODUCTS EVEN IF SMC OR ITS AUTHORIZED RESELLER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR CONSUMER PRODUCTS SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS WHICH MAY VARY FROM STATE TO STATE NOTHING IN THIS WARRANTY SHALL BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS SMC will provide warranty service for one year following discontinuance from the active SMC price list Under the limited lifetime warranty internal and external power supplies fans
36. Turbo Extend Range Increases the range of the Barricade Default Disable SETUP WIZARD Super G Atheros Super G is a series of intelligent mechanisms that engage when additional bandwidth is available and or needed It increases the actual end user throughput of an 802 11a b g network These features include bursting compression fast frames and Dynamic Turbo These four features are described briefly below Super G Feature Summary Feature Characteristics Benefit Bursting More data frames per given Increase throughput via time period overhead reduction Standards based 802 11e subset Relevant to STA Advantage applies to any AP Compression Real time hardware data Increased data throughput using compression compressed frames Standards based Lempel Ziv No impact on host processor Fast Frames Utilizes frame aggregation Increases throughput by and timing modifications transmitting more data per frame Dynamic Turbo Similar to trunking techniques Maximizes bandwidth using used in Fast Ethernet multiple channels networks utilizes dual channels to double transmission rates Environment awate Analyzes environment and adjusts bandwidth utilization accordingly 4 7 CONFIGURING THE BARRICADE Internet Settings Specify the WAN connection type required by your Internet Service Provider Specify Cable modem Fixed IP xDSL PPPoE xDSL or PPTP 1 Getting star
37. ance between the Barricade and wireless PC is too great e Make sure the wireless PC has the same SSID and security settings as the Barricade See Channel and SSID on page 25 and Security on page 27 APPENDIX B CABLES Ethernet Cable Caution Do not plug a phone jack connector into an RJ 45 port For Ethernet connections use only twisted pair cables with RJ 45 connectors that conform to FCC standards Specifications Cable Types and Specifications Cable Type Max Length Connector 10BASE T Cat 3 4 5 100 ohm UTP 100 m 328 ft RJ 45 100BASE TX Cat 5 100 ohm UTP 100 m 328 ft RJ 45 Wiring Conventions For Ethernet connections a twisted pair cab e must have two pairs of wires Each wire pair is identified by two different colors For example one wire might be red and the other red with white stripes Also an RJ 45 connector must be attached to both ends of the cable B 1 CABLES Each wire pair must be attached to the RJ 45 connectors in a specific orientation The following figure illustrates how the pins on an Ethernet RJ 45 connector are numbered Be sure to hold the connectors in the same orientation when attaching the wires to the pins Figure B 1 RJ 45 Ethernet Connector Pin Numbers RJ 45 Port Ethernet Connection B 2 Use the straight through CAT 5 Ethernet cable provided in the package to connect the Barricade to your PC When connecting to oth
38. articular reason to change it Enter the maximum idle time for the Internet connection After this time has been exceeded the connection will be terminated Check the Auto reconnect check box to automatically re establish the connection as soon as you attempt to access the Internet again 5 ADSL settings El 1 Getting started 2 Wireless settings ge PPPoE 3 Internet settings Use PPPoE Authentication UserName 5 ADSL settings Password 1 Please retype your password sis Service Name o MTU 1454 S76 lt MTU Valuec 1492 Maximum Idle Time fo min IV Auto reconnect 4 Modem settings Click NEXT to proceed or BACK to change your settings Note Clicking NEXT will not automatically connect the Barricade to the Internet The Barricade will only connect when you explicitly request it to for example by launching your web browser 4 11 CONFIGURING THE BARRICADE ADSL Settings PPTP 4 12 Enter the User ID and Password required by your ISP in the appropriate fields Enter the Idle Time Out for the Internet connection This is the period of time for which the connection to the Internet is maintained during inactivity The default setting is 10 minutes If your ISP charges you by the minute you should change the Idle Time Out to one minute After the Idle Time Out has expired set the action you wish the Barricade to take You can tell the device to connect manually or automatically as soon as you t
39. ateway is 192 168 2 1 These values confirm that your Barricade is functioning correctly ex Command Prom BE c gt ipconfig release Windows IP Configuration Ethernet adapter Local Area Connection Connection specific DNS Suffix IP Addr Subnet Mask Default Gateway IC gt ipconfig renew Mindows IP Configuration Ethernet adapter Local Area Connection Connection specific DNS Suffix IP Addy ae Subnet kee Default Gateway Type EXIT and press the Enter key to close the Command Prompt window Your computer is now configured to connect to the Barricade 3 12 CONFIGURING THE CLIENT PC Manual IP Configuration 1 Follow steps 1 5 in DHCP IP Configuration on page 3 9 2 Select Use the following IP Internet Protocol TCP IP Properties Address General You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for 3 Enter an IP address based on tie enonse in atingi O Obtain an IP address automatically the default network Use the following IP address 192 168 2 x where x is IP address 192 168 2 22 Subnet mask 25 25 25 0 between 2 and 254 and use ie HA Default gateway 192 168 2 q 255 255 255 0 for the subnet mask Use 192 168 2 1 for the Use the folowing DNS server addresses Preferred DNS server 192 168 2 1 Default gateway field Altemate DNS server Do 4 Sele
40. ations of the two For example e Port Ranges 100 150 Multiple Ports 25 110 80 Combination 25 100 80 All known port number No LAN IP Address Protocol Type LAN Public Enable Port Port 2 192 168 2 TCP y E Add Clean 2 192 168 2 TCP Y A ll Add Clean 2 192 168 2 TCP Y m ada clean Using this feature you can put PCs with public IPs and PCs with private IPs in the same LAN area If you configure the Barricade as a virtual server remote users accessing services such as web or FTP at your local site via public IP addresses can be automatically redirected to local servers configured with private IP addresses In other words depending on the requested service TCP UDP port number the Barricade redirects the external service request to the appropriate server located at another internal IP address For example if you set Type Public Port to TCP 80 HTTP or web and the Private IP Port to 192 168 2 2 80 then all HTTP requests from outside users will be transferred to 192 168 2 2 on port 80 Therefore by just entering the IP address provided by the ISP Internet users can access the service they need at the local address to which you redirect them The more common TCP service ports include HTTP 80 FTP 21 Telnet 23 and POP3 110 ADVANCED SETTINGS Special Applications Some applications such as Internet gaming videoconferencing Internet telephony and others require multiple connections These appl
41. ave Settings to proceed or Cancel to change your settings 4 66 ROUTING Routing This section defines routing related parameters including static routes and RIP Routing Information Protocol parameters Static Route Click Add to add a new static route to the list Setup Wizard Home Network Settings Security Advanced Settings Index Network Address Subnet Mask Gateway Configure NAT No Valid Static Route Entry 11 Maintenance System SNMP UPNP SAVE SETTINGS CANCEL Routing gt Static Route gt RIP gt Routing Table Static Route Parameter Please Enter the Following Configuration Parameters Add Parameter Description Index Index number of the route Network Address Enter the IP address of the remote computer for which to set a static route Subnet Mask Enter the subnet mask of the remote network for which to set a static route Gateway Enter the WAN IP address of the gateway to the remote network Configure Allows you to edit existing routes Click Save Settings to save the configuration 4 67 CONFIGURING THE BARRICADE RIP 4 68 RIP sends routing update messages at regular intervals and when the network topology changes Setup Wizard Home Network RIP Parameter SEMUS The device supports Routing Information Protocol RIP vi and v2 to dynamically exchange routing Security information with adjacent routers Advanced Settings
42. call origination and flow control required by ISPs L2TP merges the best features of PPTP and L2F Like PPTP L2TP requires that the ISP s routers support the protocol IP Security Provides IP network layer encryption IPSec can support large encryption networks such as the Internet by using digital certificates for device authentication CHAPTER 2 INSTALLATION Before installing the Barricade verify that you have all the items listed under Package Contents If any of the items ate missing or damaged contact your local distributor Also be sure that you have all the necessary cabling before installing the Barricade After installing the Barricade refer to Configuring the Barricade on page 4 1 Package Contents After unpacking the Barricade check the contents of the box to be sure you have received the following components Barricade IMCWBR14T G Power adapter One CAT 5 Ethernet cable RJ 45 One documentation CD Quick Install Guide Immediately inform your dealer in the event of any incorrect missing or damaged parts If possible please retain the carton and original packing materials in case there is a need to return the product 2 1 INSTALLATION System Requirements You must meet the following minimum requirements An ADSL line installed by your ISP An ADSL splitter at least one A computer with a CD ROM drive Windows 98 or later MacOS 9 x An up to date web
43. ct Use the following _Advanced _ DNS server addresses Cancel 5 Enter the IP address for the Barricade in the Preferred DNS server field This automatically relays DNS requests to the DNS server s provided by your ISP Otherwise add a specific DNS server into the Alternate DNS Server field and click OK to close the dialog boxes 6 Record the configured information in the following table TCP IP Configuration Setting IP Addtess Subnet Mask Preferred DNS Server Alternate DNS Server Default Gateway 3 13 TCP IP CONFIGURATION Disable HTTP Proxy You need to verify that the HTTP Proxy feature of your web browser is disabled This is so that your browser can view the Barricade s HTML 3 14 configuration pages To disable the proxy in Internet Explorer click Tools Click Internet Options and then the Connections tab shown on the right In the Local Area Network LAN settings section click LAN Settings to display the Local Area Network LAN Settings pop up window below In the Proxy server section ensure the Use a proxy server for your LAN These settings will not apply to dial up or VPN connections check box is not ticked Click OK Internet Options General Security Privacy Content Connections Programs Advanced To set up an Internet connection click S Setup etup Dial up and Virtual Private Network settings Choose Settings if you ne
44. cts returned to SMC pursuant to any warranty Products returned to SMC should have any customer installed accessory or add on components such as expansion modules removed prior to returning the product for replacement SMC is not responsible for these items if they are returned with the product Customers must contact SMC for a Return Material Authorization number prior to returning any product to SMC Proof of purchase may be required Any product returned to SMC without a valid Return Material Authorization RMA number clearly marked on the outside of the package will be returned to customer at customer s expense For warranty claims within North America please call our toll free customer support number at 800 762 4968 Customers ate responsible for all shipping charges from their facility to SMC SMC is responsible for return shipping charges from SMC to customer LIMITED WARRANTY WARRANTIES EXCLUSIVE IF AN SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE CUSTOMER S SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN QUESTION AT SMC S OPTION THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS EXPRESS OR IMPLIED EITHER IN FACT OR BY OPERATION OF LAW STATUTORY OR OTHERWISE INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH
45. e Barricade with a valid using the web IP address subnet mask and default gateway browser e Check that you have a valid network connection to the Barricade and that the port you are using has not been disabled e Check the network cabling between the management station and the Batricade Forgot or lost Press the Reset button on the rear panel holding it the password down for at least six seconds to restore the factory defaults A 3 TROUBLESHOOTING A 4 Troubleshooting Chart Symptom Action Wireless Problems A wireless PC cannot associate with the Barricade e Make sure the wireless PC has the same SSID settings as the Barricade See Channel and SSID on page 25 e You need to have the same security settings on the clients and the Barricade See Security on page 27 The wireless network is often interrupted e Move your wireless PC closer to the Barricade to find a better signal If the signal is still weak change the angle of the antenna There may be interference possibly caused by microwave ovens or wireless phones Change the location of the possible sources of interference or change the location of the Barricade e Change the wireless channel on the Barricade See Channel and SSID on page 25 e Check that the antenna connectors and cabling are firmly connected The Barricade cannot be detected by a wireless client The dist
46. e Set Identifier SSID and channel number It supports data encryption and client filtering ES SEE SOMO vecn Wireless Settings Home Network Settings The wireless router can be quickly configured for roaming clients by setting the service set identifier Wireless Network Name SSID and channel number It also supports data encryption and client filtering Enable or disable Wireless module function Enable Disable SAVE SETTINGS Security Advanced Settings To use the wireless feature check the Enable check box and click Save Settings After clicking Save Settings you will be brought directly to the wireless settings screen in the Security section See Wireless on page 4 24 for details on how to configure wireless security MAKING CONFIGURATION CHANGES Channel and SSID Enter your wireless network settings on this screen You must specify a common radio channel and SSID Service Set ID to be used by the Barricade and all of its wireless clients Be sure you configure all of its clients to the same value For security purposes you should change the default SSID immediately SMC 8 Home 7 a Setup Wizard Channel and Wireless Network Name SSID ml Home Network Settings This page allows you to enter the Wireless Network Name SSID and the Channel number These parameters are Status used for a wireless computer to connect to this wireless router LAN Settings WAN Settings Wireless Net
47. e drop down menu Click APPLY Note The passphrase can consist of up to 63 alphanumeric characters Hexadecimal Keys A hexadecimal key is a mixture of numbers and letters from A F and 0 9 64 bit keys are 10 digits long and can be divided into five two digit numbers 128 bit keys are 26 digits long and can be divided into 13 two digit numbers ASCII Keys There are 95 printable ASCII characters MHS amp 0123456789 lt gt ABCDEFGHIJ KLMNOPQRSTUVWXYZ _ abcdefghijklmnopgrstuvwxyz Click Save Settings to proceed or Cancel to change your settings WPA WPA2 SECURITY WPA WPA2 is a security enhancement that strongly increases the level of data protection and access control for existing wireless LAN Matching authentication and encryption methods must be set up on your Barricade and wireless client devices to use WPA WPA2 To use WPA your wireless network cards must be equipped with software that supports WPA A security patch from Microsoft is available for free download for XP only Setup Wizard Home Network Settings Security Firewall Wireless gt Wireless Encryption b Access Control gt WEP D WPA WPA2 b 802 1 Advanced Settings Parameter Cipher Suite Authentication WPA WPA2 WPA WPAZ is a security enhancement that strongly increases the level of data protection and access control for existing wireless LAN Matching authentication and encryption methods must
48. ectly Flashing The Barricade is establishing an PPPoE DSL link Off PPPoE DSL connection is not established WAN On WAN link Off No WAN link PWR On The Barricade is receiving power Normal operation Off Power off or failure INSTALLATION The following figure and table shows the rear panel of the Barricade Note Antenna not shown i JL JL Le O LJ GEASS WAN LAN1 LAN2 LAN3 LAN4 Reset LL Power RJ 45 Reset Antenna Connector Port RJ 45 LAN Ports Button Connector Figure 2 2 Rear Panel Item Description Power Inlet Connect the included power adapter to this inlet Warning Using the wrong type of power adapter may cause damage WAN Pott WAN port RJ 45 Connect your WAN line to this port LAN Ports Fast Ethernet ports RJ 45 Connect devices on your local area network to these ports i e a PC hub switch or IP set top box Reset Button Use this button to reset the power and restore the default factory settings To reset without losing configuration settings see Reset on page 4 60 Antenna Antenna is connected here Connector 2 4 ISP SETTINGS ISP Settings Please collect the following information from your ISP before setting up the Barricade ISP account user name and password e Protocol encapsulation and VPI VCI circuit numbers DNS serve
49. ed to configure a proxy server for a connection Local Area Network LAN settings LAN Settings do not apply to dial up connections Choose Settings above for dial up settings LAN Settings xa jC tra Local Area Network LAN Settings Automatic configuration Automatic configuration may override manual settings To ensure the use of manual settings disable automatic configuration automatically detect settings O Use automatic configuration script Proxy server pile a proxy server for your LAN These settings will not apply to dial up or VPN connections Your computer is now configured to connect to the Barricade CONFIGURING THE CLIENT PC Configuring Your Macintosh Computer You may find that the instructions here do not exactly match your operating system This is because these steps and screen shots were created using Mac OS 10 2 Mac OS 7 x and above are similar but may not be identical to Mac OS 10 2 Follow these instructions 1 Pull down the Apple Menu Click System Preferences Finder File About This Mac Get Mac OS X Software System Preferences Edit View 2 Double click the Network icon in the Systems Preferences window Dock Location Recent Items Force Quit Sleep Restart Shut Down Log Out ee System Preferences Personal CHE E 2 Desktop Dock General International Login Items My Account Screen Effects Hardware G 6 m Y
50. eful Packet This option allows you to select different Inspection application types that are using dynamic port numbers If you wish to use Stateful Packet Inspection SPI for blocking packets click on the Yes radio button in the Enable SPI and Anti DoS firewall protection field and then check the inspection type that you need such as Packet Fragmentation TCP Connection UDP Session FTP Service and TFTP Service Itis called a stateful packet inspection because it examines the contents of the packet to determine the state of the communication i e it ensures that the stated destination computer has previously requested the current communication This is a way of ensuring that all communications are initiated by the recipient computer and are taking place only with sources that are known and trusted from previous interactions In addition to being more rigorous in their inspection of packets stateful inspection firewalls also close off ports until a connection to the specific port is requested When particular types of traffic are checked only the particular type of traffic initiated from the internal LAN will be allowed For example if the user only checks FTP Service in the Stateful Packet Inspection section all incoming traffic will be blocked except for FTP connections initiated from the local LAN When hackers attempt to enter your network we can alert you by email Your E mail Enter your email address
51. er network devices such as an Ethernet switch use the cable type shown in the following table Attached Device Port Type Connecting Cable Type MDI X Straight through MDI Crossover RJ 45 Port ETHERNET CONNECTION Pin Assignments With 10BASE T 100BASE TX cable pins 1 and 2 are used for transmitting data and pins 3 and 6 for receiving data RJ 45 Pin Assignments Pin Number Assignment 1 Tx 2 Tx 3 Rx 6 Rx The and signs represent the polarity of the wires that make up each wire pair Straight Through Wiring If the port on the attached device has internal crossover wiring MDI X then use straight through cable Straight Through Cable Pin Assignments End 1 End 2 1 Ix 1 Tx 2 Tx 2 Ix 3 Rx 3 Rx 6 Rx 6 Rx B 3 CABLES Crossover Wiring If the port on the attached device has straight through wiring MDD use crossover cable Crossover Cable Pin Assignments End 1 End 2 1 Tx 3 Rx 2 Ix 6 Rx 3 Rx 1 Ix 6 Rx 2 1x B 4 APPENDIX C SPECIFICATIONS Standards Compliance CE Mark Safety TUV IEEE 802 3 10 BASE T Ethernet IEEE 802 3u 100 BASE TX Fast Ethernet LAN Interface 4 RJ 45 10 BASE T 100 BASE TX ports Auto negotiates the connection speed to 10 Mbps Ethernet or 100 Mbps Fast Ethernet and the transmission mode to half dup
52. erver Security Firewall 802 1 Authentication C Enable Disable Wireless ss D Wireless Encryption Session Idle Timeout 399 Seconds 0 for no timeout checking b Access Control Re Authentication Period 3600 Seconds 0 for no re authentication gt WEP A D WPA WPA2 Quiet Period 60 Seconds after authentication failed gt 802 1 Server Type RADIUS y Advanced Settings RADIUS Server Parameters Server IP is2 fies 2 fi Server Port fig Secret Key NAS ID SAVE SETTINGS CANCEL x Parameter Description 802 1X Authentication Enable or disable the authentication function Session Idle Timeout This is the time in seconds that a session will sit inactive before terminating Set to 0 if you do not want the session to timeout Default 300 seconds Re Authentication The interval time in seconds after which the client will Period be asked to re authenticate For example if you set this to 30 seconds the client will have to re authenticate every 30 seconds Set to 0 for no re authentication Default 3600 seconds Quiet Period This is the interval time in seconds for which the Barricade will wait between failed authentications Default 60 seconds Server Type Sets the authentication server type Server IP Set the IP address of your RADIUS server 4 49 CONFIGURING THE BARRICADE 4 50 Parameter Server Port Description Set the connection port that is configured on the radius
53. escribed as follows Protocol protocol of the flow Local IP local LAN host s IP address for the flow Local Port local LAN host s port number for the flow Pseudo IP translated IP address for the flow e Pseudo Port translated port number for the flow Peer IP remote WAN host s IP address for the flow Peer Port remote WAN host s port number for the flow 4 57 CONFIGURING THE BARRICADE Maintenance Use the Maintenance menu to back up the current settings to restore previously saved settings or to restore the factory default settings Configuration Tools 4 58 Setup Wizard Home Network Settings Use the Backup tool to save the wireless router s current configuration to a file on your PC Security Advanced Settings Configuration Tools You can then use the Restore tool to restore the saved configuration to the wireless router Alternatively you can use the Restore to Factory Defaults tool to force the wireless router to perform a power reset and restore the original factory settings WARNING All configuration settings will be lost so also the username and password of your ISP Please backup your configuration first before your reset the wireless router Backup Wireless Router Configuration C Restore from saved Configuration file SMCWBR14T_backup bin C Restore Wireless Router to Factory Defaults Next gt gt z Check Backup Wireless Router
54. ettings The following items are displayed on the Access Control screen Parameter Description Enable Filtering Function Enables or disables the filtering function Normal Filtering Table Displays the IP address or an IP address range up to 10 computers filtering table 4 31 CONFIGURING THE BARRICADE Access Control Add PC 4 32 Define the access control list in this page The settings in the screen shot below will block all email sending and receiving during weekdays except Friday Setup Wizard Access Control Add PC Home Network Settings This page allows users to define service limitations of client PCs including 1P address service type and scheduling rule criteria For the Parental Control function you need to configure the URL address first on the Parental Control page For Security the scheduling function you also need to configure the schedule rule first on the Schedule Rule page Firewall D Schedule Rule Client PC Description No emailing b Access Control D MAC Filter Client PC IP Address 192 168 1 a ad fz peana contre Client PC Service D Intrusion Detection Service Name Detail Description Blocking Poe www HTTP TCP Port 80 3128 8000 8001 8080 r Wireless WWW with Parental Control HTTP Ref Parental Control Page r Advanced settings E mail Sending SMTP TCP Port 25 K News Forums NNTP TCP Port 119 r E mail Receiving POP3 TCP Port 110 Pr Secure HTTP HTTPS T
55. ference to other users the antenna type and its gain should be so chosen that the EIRP is not more than required for successful communication To prevent radio interference to the licensed service this device is intended to be operated indoors and away from windows to provide maximum shielding Equipment or its transmit antenna that is installed outdoors is subject to licensing EC Declaration of Conformity EO SMC contact for these products in Europe is SMC Networks Europe Edificio Conata II Calle Fructuos Gelabert 6 8 20 4a 08970 Sant Joan Despi Barcelona Spain Marking by the above symbol indicates compliance with the Essential Requirements of the R amp TTE Directive of the European Union 1999 5 EC This equipment meets the following conformance standards EN 300 328 1 December 2001 V1 3 1 EN 300 328 2 December 2001 V1 2 1 EN 301 489 1 September 2001 V1 4 1 EN 301 489 17 September 2000 V1 2 1 EN 60950 January 2000 COMPLIANCES Countries of Operation amp Conditions of Use in the European Community This device is intended to be operated in all countries of the European Community Requirements for indoor vs outdoor operation license requirements and allowed channels of operation apply in some countries as described below Note The user must use the configuration utility provided with this product to ensure the channels of operation are in conformance with the spectrum usage rules for European C
56. ge then apply the rule on the Access Control page SECURITY Access Control Setup Wizard Home Network Access Control Settings Access Control allows users to define the traffic type permitted or not permitted to WAN port service This page Security includes IP address filtering and MAC address filtering Firewall S Enable Filtering Function Enable Disable b Schedule Rule D Access Control Normal Filtering Table up to 10 computers D MAC Filter gt Parental Control Rule Client PC IP Client Service Schedule Rule Configure a Detection Description Address D DMZ No emailing 192 168 1 12 E mail Sending E mail Weekdays Rule Edit Delete K Receiving 1 Wireless Advanced Settings Parental contro 192 168 1 12 WWW with URL Blocking Always Blocking Edit Delete Add PC SAVE SETTINGS CANCEL Used in conjunction with the Schedule Rule screen the Access Control screen allows users to define the outgoing traffic permitted or not permitted The default is to permit all outgoing traffic The Barricade can also limit the access of hosts within the local atea network LAN The MAC Filtering Table allows the Batricade to enter up to 32 MAC addresses that are not allowed access to the WAN port 1 Click Add PC on the Access Control screen 2 Define the appropriate settings for client PC services as shown on the following screen 3 Click OK and then click Apply to save your s
57. ication using either IEEE 802 1X Extensible Authentication Protocol EAP authentication or pre shared key PSK technology The passphrase can consist of up to 32 alphanumeric characters WPA2 Launched in September 2004 by the Wi Fi Alliance WPA2 is the certified interoperable version of the full IEEE 802 111 specification which was ratified in June 2004 Like WPA WPA2 supports IEEE 802 1X EAP authentication or PSK technology It also includes a new advanced encryption mechanism using the Counter Mode CBC MAC Protocol CCMP called the Advanced Encryption Standard AES WPA and WPA2 Mode Types WPA WPA2 Enterprise Mode Authentication Authentication IEEE 802 1X EAP IEEE 802 1X EAP Encryption Encryption TKIP MIC AES CCMP SOHO Mode Authentication Authentication PSK PSK Encryption Encryption TKIP MIC AES CCMP Click Save Settings to proceed or Cancel to change your settings SECURITY 802 1X If 802 1X is used in your network then you should enable this function for the Barricade This screen allows you to set the 802 1X parameters 802 1X is a method of authenticating a client wireless connection Enter the parameters below to connect the Barricade to the Authentication Server Setup Wizard 802 1X al Home Retworks This page allows you to set the 802 1X a method for performing authentication to wireless connection These 9 parameters are used for this wireless router to connect to the Authentication S
58. ications cannot work with Network Address Translation NAT enabled If you need to run applications that require multiple connections use the following screen to specify the additional public ports to be opened for each application Click the List of well known special applications link for more information Setup Wizard Special Applications El Home Network Settings Some applications require multiple connections such as Internet gaming video conferencing Internet telephony and others These applications cannot work when Network Address Translation NAT is enabled If Security you need to run applications that require multiple connections specify the port normally associated with an Advanced Settings 2PPlication in the Trigger Port field select the protocol type as TCP or UDP then enter the public ports DEE associated with the trigger port to open them for inbound traffic Note The range of the Trigger Ports is from 1 to 65535 Trigger Port Trigger Public Port Public Enabled Type List of well known special applications Type 1 TCP TCP upp C UDP 2 TCP G TCP m C upp C UDP 3 e TCP TCP C upp C upp e TCP G TCP Y Specify the public port number normally associated with an application in the Trigger Port field Set the protocol type to TCP or UDP then enter the ports that the application requires The ports may be in the format of a single port or in a range e g
59. iguration change has been made on a page be sure to click the Apply or Save Settings or NEXT button at the bottom of the page to enable the new setting Note To ensure proper screen refresh after a command entry be sure that Internet Explorer 5 5 is configured as follows Under the menu Tools Internet Options General Temporary Internet Files Settings the setting for Check for newer versions of stored pages should be Every visit to the page 4 3 CONFIGURING THE BARRICADE Login Screen The Login screen automatically appears first Password CANCEL Please enter correct password for Administrator Access Thank you We suggest that you use Internet Explorer 5 5 or above at a minimum of 1024x768 resolution Copyright 2004 SMC Networks Inc All rights reserved Enter the default password smcadmin and then click LOGIN SETUP WIZARD Setup Wizard Getting Started The Setup Wizard automatically appears next The first item in the Setup Wizard is Getting Started 1 Getting started 1 Getting started 2 Wireless settings Welcome 3 Internet settings Make sure the Ethernet cable is connected correctly to the SMCWBR14T G 4 Modem settings _NExT 5 ADSL settings Simply click NEXT to proceed to the following screen and configure your Wireless Settings CONFIGURING THE BARRICADE Wireless Settings 4 6 Enter your wireless network settings on this page You must specify
60. ioni pertinenti stabilite dalla direttiva 1999 5 CE Spanish Por medio de la presente SMC Networks declara que el Radio LAN device cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 CE Portuguese SMC Networks declara que este Radio LAN device est conforme com os requisitos essenciais e outras disposi es da Directiva 1999 5 CE Safety Compliance Underwriters Laboratories Compliance Statement Important Before making connections make sure you have the correct cord set Check it read the label on the cable against the following Operating Voltage Cord Set Specifications 120 Volts UL Listed CSA Certified Cord Set Minimum 18 AWG Type SVT or SJT three conductor cord Maximum length of 15 feet Parallel blade grounding type attachment plug rated 15 A 125 V 240 Volts Europe only Cord Set with HO5VV F cord having three conductors with minimum diameter of 0 75 mm IEC 320 receptacle Male plug rated 10 A 250 V The unit automatically matches the connected input voltage Therefore no additional adjustments are necessary when connecting it to any input voltage within the range marked on the power adapter Information for Power Source N11846 This unit is to be used with a class 2 or level 3 external power adapter approved suitable for use in North American equipment installation having an output voltage
61. lex or full duplex WAN Interface 1 ADSL RJ 45 port Indicator Panel LAN 1 4 WLAN PPPoE DSL WAN Power Dimensions 145 x 95 x 36 mm 5 70 x 3 74 x 1 41 in Weight 0 175 kg 0 469 lbs Input Power 12V1A Power Consumption 9 Watts maximum C 1 SPECIFICATIONS C 2 Advanced Features Dynamic IP Address Configuration DHCP DNS DDNS Firewall Client privileges hacker prevention and logging Stateful Packet Inspection Virtual Private Network PPTP IPSec pass through VPN pass through VLAN Ping Internet Standards RFC 826 ARP RFC 791 TP RFC 792 ICMP RFC 768 UDP RFC 793 TCP RFC 783 TFTP RFC 1483 AAL5 Encapsulation RFC 1661 PPP RFC 1866 HTML RFC 2068 HTTP RFC 2364 PPP over ATM Radio Features Wireless RF module Frequency Band 802 11g Radio 2 4GHz 802 11b Radio 2 4GHz USA FCC 2412 2462MHz Ch1 Ch11 Canada IC 2412 2462MHz Ch1 Ch11 Europe ETSI 2412 2472MHz Ch1 Ch13 Japan STD T66 STD 33 2412 2484MHz Ch1 Ch14 Modulation Type OFDM CCK Operating Channels IEEE 802 11b compliant 11 channels US Canada 13 channels ETSD 14 channels Japan Operating Channels IEEE 802 11g compliant 13 channels US Canada Europe Japan SPECIFICATIONS RF Output Power Modulation Rate Output Power dBm 802 11b 1Mbps 16 802 11b 2Mbps 16 802 11b 5 5Mbps 16 802 11b 11Mbps 16 Modulation Rate Output Power dBm 802 11g 6Mbps 15 802 11g 9Mbps
62. ll devices Default Disable Click Save Settings to proceed or Cancel to change your settings SECURITY Security The first menu item in the Security section is Firewall The Barricade provides a stateful inspection firewall which is designed to protect against Denial of Service DoS attacks when activated Its purpose is to allow a private local area network LAN to be securely connected to the Internet The second menu item is Wireless This section allows you to configure wireless security settings according to your environment and the privacy level required Setup Wizard A pP Security Home Network Settings Device provides a stateful inspection firewall which is designed to protect against Denial of Service attacks when Security activated Its purpose is to allow a private local area network LAN to be securely connected to the Internet F Wireless Advanced Settings To configure your firewall settings click Firewall in the left hand menu 4 27 CONFIGURING THE BARRICADE Firewall 4 28 The Barricade s firewall inspects packets at the application layer maintains TCP and UDP session information including time outs and the number of active sessions and provides the ability to detect and prevent certain types of network attacks SEE Setup Wizard A p Firewall Home Network Settings The Device provides extensive firewall protection by restricting connection parameter
63. lt MAC address is set to the er WAN s physical interface on the Wireless Router Dynamic IP If required by your Service Provider you can use the Clone MAC Address button to copy the MAC address of the Network Interface Card installed in your PC to replace the WAN MAC address If necessary you can use the Renew button on the Status page to renew the WAN IP address Security Advanced Settings Host Name MAC Address po 112 BF amp 3 158 04 Clone MAC Address SAVE SETTINGS CANCEL Note Make sure you record the MAC address that you clone so that if you lose your settings you will be able to re connect to the Internet Click Save Settings to proceed or Cancel to change your settings MAKING CONFIGURATION CHANGES PPPoE Enter the PPPoE user name and password assigned by your Service Provider The Service Name is normally optional but may be required by some service providers Enter a Maximum Idle Time in minutes to define a maximum period of time for which the Internet connection is maintained during inactivity If the connection is inactive for longer than the Maximum Idle T me then it will be dropped You can enable the Auto reconnect option to automatically re establish the connection as soon as you attempt to access the Internet again Setup Wizard Home Network Settings Enter the PPPoE user name and password assigned by your Service Provider The Service Name is normally optional
64. ltering Table up to 32 computers 10 MAC Address Advanced Settings 3 HaHa ad al all IE III AA AAA DAA JOGO kl A a The Barricade can also limit the access of hosts within the local area network LAN The MAC Filtering Table allows the Barricade to enter up to 32 MAC addresses that are allowed access to the WAN port All other devices will be denied access By default this feature is disabled Click Save Settings to proceed or Cancel to change your settings 4 33 CONFIGURING THE BARRICADE Parental Control 4 34 The Barricade allows the user to block access to web sites from a particular PC by entering either a full URL address or just a keyword This feature can be used to protect children from accessing violent or pornographic web sites Setup Wizard Home Network Parental Control Settings Disallowed Web Sites and Keywords Security ECF You can block access to certain Web sites from a particular PC by entering either a full URL address or just a keyword DE of the Web site b Schedule Rule D Access Control To specify the particular PC go back to the Access Control page and check the box for Http with Parental Control in the Normal Filtering Table D MAC Filter a gt Parental Control Deineruslon Detsdi Rule Number URL Keyword Rule Number URL Keyword gt ai N A Site 1 guns Site 16 es Site 2 www unsuitablesite com Site 17 y site
65. me field The MAC Address field will be filled automatically 1 Getting started 4 Cable Modem settings 2 Wireless settings Cable Modem 3 Internet settings Host Name SMC Modem settings Mac address fo fo fs je ss Rs A cable modem requires minimal configuration If the ISP requires you to input a Host Name type it in the Host Name field above pack nor Click NEXT to proceed or BACK to change your settings CONFIGURING THE BARRICADE ADSL Settings Fixed IP xDSL Enter the IP address Gateway IP address DNS IP address and Subnet Mask provided to you by your ISP in the appropriate fields below 1 Getting started 5 ADSL settings 2 Wireless settings EB Fixed Ip xDSL 3 Internet settings IP Address y P fb P Gateway IP Address 6 P pP pP gt DNS 1P Address 6 ff po po Subnet Mask p pP pP pP Enter the IP address Gateway IP address DNS IP address and Subnet Mask provided to you by your ISP in the appropriate fields above BACK NEXT 4 Modem settings 5 ADSL settings Click NEXT to proceed or BACK to change your settings 4 10 SETUP WIZARD ADSL Settings PPPoE Enter the User Name and Password required by your ISP in the appropriate fields If your ISP has provided you with a Service Name enter it in the Service Name field otherwise leave it blank Leave the Maximum Transmission Unit MTU at the default value 1454 unless you have a p
66. o amp f x Y La xi CDs DVDs ColorSync Displays Energy Keyboard Mouse Sound Saver Internet amp Network Internet QuickTime Sharing System a Accounts Q Classic O Date amp Time Software Speech Update Startup Disk Universal Access gt gt gt LEQ 3 15 CONFIGURING YOUR MACINTOSH COMPUTER 3 If Using DHCP Server is eo5 kn already selected in the m_m Show Built in Ethernet B cone error Appietaik Proxies Configure field your computer is already Configure Using DHCP DNS Servers Optional configured for DHCP If IP Address 10 1 28 83 Provided by DHCP Server not select this option Subnet Mask 255 255 252 0 een Search Domains Optional DHCP Client ID Optional Example apple com Ethernet Address 00 50 e4 00 2c 06 earthlink net 8 Click the lock to prevent further changes Apply Now 4 Your new settings are shown in the TCP IP tab Verify that your IP Address is now 192 168 2 xxx your Subnet Mask is 255 255 255 0 and your Default Gateway is 192 168 2 1 These values confirm that your Barricade is functioning 5 Close the Network window Now your computer is configured to connect to the Barricade 3 16 Disable HTTP Proxy CONFIGURING THE CLIENT PC You need to verify that the HTTP Proxy feature of your web browser is disabled This is so that your browser can view the Barricade s HTML configurati
67. occccccc 4 14 SS a id a EE e dao as 4 15 EAN Settings ii ne ad 4 17 WAN S6ttings 34 2 2 a En a en Bas 4 19 Dynamie IP sa A aia 4 20 PPPOR AA A EI IR 4 21 PPTPP ne A TOS 4 22 Static IPs En een a N ad aida 4 23 Wireless ce ars 4 24 Channeland SSID ltr En Ble es 4 25 WD er bre at i aka 4 26 SECUTI a de en ashi tain nes Be aah sue Ba Tala Mb hain ts 4 27 Firewall sis ai AR 4 28 Schedule Rule Ada sl a en aa 4 29 Edit Schedule Rule iii ka 4 30 Access CORO vun do REEL Eee 4 31 Access Control Add PC oooooooooomomomommomo mo 4 32 MAC Hilkten EA a E ETS 4 33 Parental Control ii ia 4 34 Intrusion Detection 2 0 0 cece eens 4 35 DML Se enh is da ed 4 41 Wireless it di disable Ad is oi Gade tse 4 42 Wireless Encryption 0 ccc cee cc cece ees 4 43 Access conttol ai mir da AG 4 44 NE A AA Rael as ee 4 45 OT A A ee a ee 4 47 802 IX Ana ea 4 49 Adyv need Settings Ansan nur nr Be ae nein 4 51 NAT ne en ee A E R 4 52 Address Mapping trade a ee 4 53 Virtual Server saoo See 2 RT nass 4 54 Special Applications 2 34 20 eee a 4 55 NAT Mapping Table 1 0 0 ccc EA eee ees 4 57 TABLE OF CONTENTS M initenance As a N A a Ad 4 58 Eonfisur tion Fools id u dida et ok el 4 58 Firimware porade did dad 4 59 Rest E A O e ee 4 60 SYSTEM nn dia 4 61 Lime Settings ee a 4 61 Password Settings ccc cece eee eee 4 62 Remote Management 0 cee cece cece eee 4 63 SNMP a A OA ahaa Aaah Snel oth nl
68. om Your Barricade Now that you have configured your computer to connect to your Barricade it needs to obtain new network settings By releasing old DHCP IP settings and renewing them with settings from your Barricade you can verify that you have configured your computer correctly 1 On the Windows desktop click Start Programs Accessories Command Prompt W windows Catalog xI MSN Explorer Windows Media Play Q Windows Movie Make D Tour Windows XP Files and Settings Tr SYS wizard e Snaglt 5 0 All Programs Windows Update m Games Od Stnet Ex gt E Startup gt Internet Explorer wg MSN Explorer Outlook Express iD Remote Assistance Windows Media Player 8 Windows Messenger Accessibility Communications IM Entertainment m System Tools 114 Address Book E Calculator ex Command Prompt 9 Notepad Y Paint Program Compatibility Wizard Synchronize Tour Windows XP amp Windows Explorer A Windows Movie Maker A Wordpad 2 In the Command Prompt window type IPCONFIG RELEASE and press the Enter key Command Prompt Windows IP Configuration Ethernet adapter Local Area Connection Connection ific DNS Suffix 3 11 TCP IP CONFIGURATION 3 Type IPCONFIG RENEW and press the Enter key Verify that your IP Address is now 192 168 2 xxx your Subnet Mask is 255 255 255 0 and your Default G
69. ommand to reduce network management traffic when retrieving a sequence of MIB variables and a more elaborate set of error codes for improved reporting to a Network Management Station Click Save Settings to proceed or Cancel to change your settings 4 65 CONFIGURING THE BARRICADE UPnP Universal Plug and Play technology makes home networking simple and affordable This architecture offers pervasive peer to peer network connectivity of PCs of all form factors intelligent appliances and wireless devices UPnP architecture leverages TCP IP and the web to enable seamless proximity networking in addition to control and data transfer among networked devices in the home office and everywhere in between Click Enable to turn on the Universal Plug and Play function of the Barricade This function allows the device to automatically and dynamically join a network Setup Wizard Home Network Settings The Universal Plug and Play architecture offers pervasive peer to peer network connectivity of PCs of all Security form factors intelligent appliances and wireless devices UPnP enables seamless proximity network in addition to control and data transfer among networked devices in the home office and everywhere in Advanced Settings between ONT o o Maintenance Enable or disable UPnP module function Enable Disable System SNMP SAVE SETTINGS CANCEL _ UPNP Routing UPnP Universal Plug and Play Setting Click S
70. ommunity countries as described below e This device requires that the user or installer properly enter the current country of operation in the command line interface as described in the user guide before operating this device e This device will automatically limit the allowable channels determined by the current country of operation Incorrectly entering the country of operation may result in illegal operation and may cause harmful interference to other system The user is obligated to ensure the device is operating according to the channel limitations indoor outdoor restrictions and license requirements for each European Community country as described in this document e This device may be operated indoors or outdoors in all countries of the European Community using the 2 4 GHz band Chamnels 1 13 COMPLIANCES Declaration of Conformity in Languages of the European Community English Finnish Dutch Hereby SMC Networks declares that this Radio LAN device is in compliance with the essential requirements and other relevant provisions of Directive 1999 5 EC Valmistaja SMC Networks vakuuttaa t ten ett Radio LAN device tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sit koskevien direktiivin muiden ehtojen mukainen Hierbij verklaart SMC Networks dat het toestel Radio LAN device in overeenstemming is met de essenti le eisen en de andere relevante bepalingen van richtlijn 1999 5 EG Bijdeze SM
71. omputer use a web browser to configure the Barricade The Barricade can be configured by any Java supported browser such as Internet Explorer 5 5 or above Using the web management interface you can configure the Barricade and view statistics to monitor network activity To access the Barricade s management interface enter the IP address of the Barricade in your web browser http 192 168 2 1 Ihe Barricade automatically switches to Port 80 for management access 41 CONFIGURING THE BARRICADE Navigating the Web Browser Interface 4 2 The Barricade s management interface consists of a Setup Wizard a Home Network Settings section a Security section and an Advanced Settings section Setup Wizard Use the Setup Wizard for quick and easy configuration of your Internet connection and basic LAN settings Go to Setup Wizard on page 4 5 Home Network Settings Use the Home Network Settings section to configure your LAN WAN and wireless settings Go to Home Network Settings on page 4 13 Security In this section you can easily configure your wireless secutity settings Go to Security on page 4 27 Advanced Settings Advanced Settings supports more advanced functions like NAT system maintenance SNMP UPnP and DDNS Go to Advanced Settings on page 4 51 NAVIGATING THE WEB BROWSER INTERFACE Making Configuration Changes Configurable parameters have a dialog box or a drop down list Once a conf
72. on pages The following steps are for Internet Explorer Internet Explorer 1 Open Internet Explorer and click the Stop button Click Explorer Preferences 2 In the Internet Explorer Preferences window under Network select Proxies E File Edit View G About Internet Explorer d License Agreement Bal Services Hide Explorer H Hide Others NH Show All Quit Explorer Q 3 Uncheck all check boxes and click OK Internet Explorer Preferences Security Security Zones Ratings Advanced y Forms AutoFill Forms AutoComplete AutoFill Profile y Receiving Files Download Options File Helpers Cookies y Network Protocol Helpers Q Proxies Site Passwords y E mail General If you are accessing the Internet from a private network you can set gateways to allow Internet access Contact your network manager for more information Note These settings are shared with other applications through Internet Config Use Proxy Servers U Web Proxy Settings 7 Use Web Proxy for all O Bypass Web Proxy for FTP 8B Secure Proxy Settings U Mail Proxy Settings Gopher Proxy Settings List the sites you want to connect to directly bypassing the proxies set above Put a space or comma between each site Ce ED 3 17 CONFIGURING YOUR MACINTOSH COMPUTER 3 18 CHAPTER 4 CONFIGURING THE BARRICADE After you have configured TCP TP on a client c
73. open the client up to unrestricted two way Internet access by defining a Virtual DMZ Host e Enable DMZ C Enable Disable e Multiple PCs can be exposed to the Internet for two way communications e g Internet gaming video conferencing or VPN connections To use the DMZ you must set a static IP address for that PC Public 1P Address Client PC 1P Address 1 0 0 0 0 121010 2p pP P P 11m ap p pP P 26a bp pP f 1924681 Shp p pP P 1921681 eb pP pP pP 7 192 168 1 ze pP pP P 121681 eb pP pP P aab a Advanced Settings pS pS pS If you have a client PC that cannot run an Internet application properly from behind the firewall you can open the client up to unrestricted two way Internet access Enter the IP address ofa DMZ Demilitarized Zone host on this screen Adding a client to the DMZ may expose your local network to a variety of security risks so only use this option as a last resort 4 41 CONFIGURING THE BARRICADE Wireless 4 42 The Barricade can be quickly configured for roaming clients by setting the Service Set Identifier SSID and channel number It supports data encryption and client filtering To use the wireless feature check the Enable check box and click Save Settings Setup Wizard Home Network Settings The wireless router can be quickly configured for roaming clients by setting the service set identifier Wireless Security Network Name SSID and channel number It also suppo
74. ork Advanced Settings Settings WEP is the basic mechanism to transmit your data securely over the wireless network Matching encryption keys must ann be setup on your wireless router and wireless client devices to use WEP Firewall WEP Mode 64 bit 128 bit Wireless D Wireless Encryption Key Entry Method Hex C ASci b Access Control Key Provisioning static Dynamic D WEP D WPA WPA2 b 802 1 Static WEP Key Setting Setup Wizard WEP 10 26 hex digits for 64 WEP 128 WEP Default Key ID 1 2 Passphrase 7 1 32 characters Key 1 Perrererer Key 2 pmr Kaya peras Key 4 Paracas save serrinos CANCEL a Parameter Description WEP Mode Select 64 bit or 128 bit key to use for encryption Key Entry Method Select hexadecimal Hex or ASCH for the key entry method Key Provisioning Select Static if there is only one fixed key for encryption If you want to select Dynamic you need to enable 802 1X function first Default Key ID Choose which key to use as default Passphrase Check the Passphrase check box to generate a key automatically Key 1 4 The Barricade supports up to 4 keys You select the default key 4 45 CONFIGURING THE BARRICADE 4 46 You may automatically generate encryption keys or manually enter the keys To generate the key automatically with passphrase check the Passphrase box and enter a string of characters Select the default key from th
75. ot want the IP address to change MAKING CONFIGURATION CHANGES WAN Settings Specify the WAN connection type required by your Internet Service Provider Specify Dynamic IP Address PPPoE PPTP or Static IP Address ECOS ESTE WAN Settings Home Network Settings The Wireless Router can be connected to your service provider in any of the following ways Dynamic IP Address Obtains an IP address automatically from your service provider C PPPoE PPP over Ethernet is a common connection method used for xDSL Security C PPTP Point to Point Tunneling Protocol is a common connection method used for Advanced Settings xDSL connections in Europe C Static IP Address Your service provider provides a static IP address to access Internet services Select the connection type and click More Configuration 4 19 CONFIGURING THE BARRICADE Dynamic IP 4 20 The Host name is optional but may be required by some Service Providers The default MAC address is set to the WAN s physical interface on the Barricade If required by your Service Provider you can use the Clone MAC Address button to copy the MAC address of the Network Interface Card NIC installed in your PC to replace the WAN MAC address If necessary you can use the Renew button on the Status page to renew the WAN IP address 8 P Hom Setup Wizard Home Network Settings The Host name is optional but may be required by some Service Provider s The defau
76. our site using a constant IP address Then depending on the requested service or port number the Barricade can route the request to the appropriate server at another internal IP address This secures your network from direct attack by hackers and provides more flexible management by allowing you to change internal IP addresses without affecting outside access to your network 1 3 APPLICATIONS 1 4 DMZ Host Support Allows a networked computer to be fully exposed to the Internet This function is used when NAT and firewall security prevent an Internet application from functioning correctly Security The Barricade supports security features that deny Internet access to specified users or filter all requests for specific services that the administrator does not want to serve The Barricade s firewall also blocks common hacker attacks including IP Spoofing Land Attack Ping of Death IP with zero length Smurf Attack UDP port loopback Snork Attack TCP null scan and TCP SYN flooding WPA WPA2 WEP SSID and MAC filtering provide security over the wireless network Virtual Private Network VPN Pass through The Barricade supports three of the most commonly used VPN protocols PPTP L2TP and IPSec The VPN protocols supported by the Barricade are briefly described below e Point to Point Tunneling Protocol Provides a secure tunnel for remote client access to a PPTP security gateway PPTP includes provisions for
77. r address IP address subnet mask and default gateway for fixed IP users only Connect the System The Barricade can be positioned at any convenient location in your office ot home No special wiring or cooling requirements are needed You should however comply with the following guidelines Keep the Barricade away from any heating devices Do not place the Barricade in a dusty or wet environment You should also remember to turn off the power remove the power cord from the outlet and keep your hands dry when you install the Barricade Connect the ADSL Cable Modem Line Connect the ADSL cable modem using a CAT 5 Ethernet cable RJ 45 to the Barricade s WAN port Use straight through cable for this connection The modem is connected to the ADSL line and or splitter When inserting the RJ 45 plug be sure the tab on the plug clicks into position to ensure it is properly seated 2 5 INSTALLATION Phone Line Configuration Installing a Full Rate Connection If you are using a full rate G dmt connection your service provider will attach the outside ADSL line to a data voice splitter Use a straight through CAT 5 Ethernet cable RJ 45 to connect the Barricade to the cable DSL modem Plain Old Telephone System POTS Residential Connection Point NID 7 gt Data a Modem O Splitter gt UL O e or gt we j EN 7 EEES Ethernet o hub or switch Ng E E
78. rating of 12 V DC and output current rating of 1 0 A or equivalent vii COMPLIANCES Wichtige Sicherheitshinweise Germany 1 2 3 10 11 12 13 14 15 Bitte lesen Sie diese Hinweise sorgf ltig durch Heben Sie diese Anleitung f r den sp teren Gebrauch auf Vor jedem Reinigen ist das Ger t vom Stromnetz zu trennen Verwenden Sie keine Fl ssigoder Aerosolreiniger Am besten eignet sich ein angefeuchtetes Tuch zur Reinigung Die Netzanschlu Bsteckdose soll nahe dem Ger t angebracht und leicht zug nglich sein Das Ger t ist vor Feuchtigkeit zu sch tzen Bei der Aufstellung des Ger tes ist auf sicheren Stand zu achten Ein Kippen oder Fallen k nnte Besch digungen hervorrufen Die Bel ftungs ffnungen dienen der Luftzirkulation die das Ger t vor berhit zung sch tzt Sorgen Sie daf r da diese ffnungen nicht abgedeckt wer den Beachten Sie beim Anschlu an das Stromnetz die Anschlu werte Verlegen Sie die Netzanschlu leitung so da niemand dar ber fallen kann Es sollte auch nichts auf der Leitung abgestellt werden Alle Hinweise und Warnungen die sich am Ger t befinden sind zu beachten Wird das Ger t ber einen l ngeren Zeitraum nicht benutzt sollten Sie es vom Stromnetz trennen Somit wird im Falle einer berspannung eine Bes ch digung vermieden Durch die L ftungs ffnungen d rfen niemals Gegenst nde oder Fl ssigkeiten in das Ger t gelangen Dies k nnte
79. rature or Advertising Response Call U S A and Canada 800 SMC 4 YOU Fax 949 679 1481 Spain 34 91 352 00 40 Fax 34 93 477 3774 UK 44 0 8712779802 Fax 44 0 1189748701 France 33 0 41383232 Fax33 0 41380158 Italy 39 0 3355708602 Fax39027391417 Benelux 31334557288 Fax 3133 455 73 30 Central Europe 49 0 8992861 0 Fax 49 0 89 92861 230 Nordic 46 0 868 70700 Fax 46 0 887 62 62 Eastern Europe 34 93 477 4920 Fax34934773774 Sub Saharan Africa 216 712 36616 Fax 216 71751415 North West Africa 3493 477 4920 Fax 34 93 477 3774 CIs 7 095 7893573 Fax 7 095 789 357 PRC 86 10 6235 4958 Fax 86 10 6235 4962 Taiwan 886 2 87978006 Fax 886 2 87976288 Asia Pacific 65 62386556 Fax 65 6238 6466 Japan 81 45 224 2332 Fax 81 45 224 2331 India 91 11 51436361 62 Fax 91 11 51601838 Thailand 66 26518733 Fax 66 26518737 Middle East 971 4883 0610 Fax 971 4883 0611 If you are looking for further contact information please visit www smc com WWw smc europe com or www smc asia com Irvine CA 90618 Phone 943 679 81
80. received including interference that may cause undesired operation FCC Caution Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment IMPORTANT NOTE This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with a minimum distance of 20 cm between the radiator and your body This transmitter must not be co located or operating in conjunction with any other antenna or transmitter IEEE 802 11b or 802 11g operation of this product in the U S A is firmware limited to channels 1 through 11 111 COMPLIANCES iv Industry Canada Statement Operation is subject to the following two conditions 1 this device may not cause interference and 2 this device must accept any interference including interference that may cause undesired operation of the device To prevent radio interference to the licensed service this device is intended to be operated indoors and away from windows to provide maximum shielding Equipment or its transmit antenna that is installed outdoors is subject to licensing This device has been designed to operate with an antenna having a maximum gain of 1 5 dBi Antenna having a higher gain is strictly prohibited per regulations of Industry Canada The required antenna impedance is 50 ohms To reduce potential radio inter
81. rent application types that are using dynamic port numbers For the applications checked in the list below the Device will support full operation as initiated from the local LAN The Device firewall can block common hacker attacks including IP Spoofing Land Attack Ping of Death IP with zero length Smurf Attack UDP port loopback Snork Attack TCP null scan and TCP SYN flooding Intrusion Detection Feature e Stateful Packet Inspection 4 35 CONFIGURING THE BARRICADE 4 36 eCa Setup Wizard al REMENE DoS Detect Criteria Settings i f s Security Total incomplete TCP UDP sessions HIGH 300 session Total incomplete TCP UDP sessions LOW 250 session Incomplete TCP UDP sessions per min HIGH 250 session Incomplete TCP UDP sessions per min LOW 200 session Maximum incomplete TCP UDP sessions number from same host fo Incomplete TCP UDP sessions detect sensitive time period 900 msec Wireless Maximum half open fragmentation packet number from same host 10 Advanced Settings Half open fragmentation detect sensitive time period 10000 msec Flooding cracker block time 300 sec SAVE SETTINGS CANCEL Network attacks that deny access to a network device are called DoS attacks DoS attacks are aimed at devices and networks with a connection to the Internet Their goal is not to steal information but to disable a device or network so users
82. rolled by community strings To communicate with the Barricade the NMS must first submit a valid community string for authentication Parameter Description Community A community name authorized for management access Access Management access is restricted to Read Only Read or Read Write Write Valid Enables disables the entry Note Up to 5 community names may be entered SNMP Trap Click SNMP and then Trap This will load the SNMP trap screen shown below Home O Logout Setup Wizard SNMP Trap Home Network Settings In the context of SNMP an unsolicited message can be sent by an agent to management station The purpose is to notify the management station of some unusual event Security Advanced Settings 2 5 No IP Address Community Version pp RB pf Dy 2 pp pp fisted sp pP bP pf Peste pop b P To oisabied Shp bP bf oisabied I SAVE SETTINGS CANCEL x Parameter Description IP Address Traps are sent to this address when errors or specific events occur on the network Community A community string password specified for trap management Enter a word something other than public or private to prevent unauthorized individuals from reading information on your system Version Sets the trap status to disabled or enabled with v1 or v2c The v2c protocol was proposed in late 1995 and includes enhancements to v1 that are universally accepted These include a get bulk c
83. rts data encryption and client filtering Wireless Settings Enable or disable Wireless module function Enable Disable SAVE SETTINGS Advanced Settings To begin configuring your wireless security settings click Wireless Encryption Wireless Encryption SECURITY The Barricade can transmit your data securely over a wireless network Matching security mechanisms must be set up on your Barricade and your wireless client devices Select the most suitable security mechanism from the drop down list on this screen Setup Wizard Home Security Home Network Settings The wireless router can transmit your data securely over the wireless network Matching security mechanisms must Security be setup on your wireless router and wireless client devices You can choose the allowed security mechanisms in this page and configure them in the sub pages Firewall Wireless Allowed Client Type No WEP No WPA WPA2 y gt Wireless Encryption WED Only gt Access Control WPA WPA2 Onl b WPAJWPA2 b 802 1 Advanced Settings al Parameter Description No WEP No WPA WPA2 Disables all wireless security To make it easier to set up your wireless network we recommend enabling this setting initially By default wireless security is disabled WEP Only Once you have your wireless network in place the WPA WPA2 Only minimum security we recommend is to enable the legacy security standard Wired Equivalent Privacy
84. ry to access the Internet again or to keep the session alive 1 Getting started 5 ADSL settings 2 Wireless settings PPTP 3 Internet settings 4 Modem settings En E mm E 5 ADSL settings gt MINT P O _ Default Gateway p p pP pP UserID SS Password PPTP Gateway p p pP Idle Time Out fo min Manual connect Auto connect Keep session Point to Point Tunneling Protocol is a common connection method used for xDSL connections in Europe BACK NEXT Click NEXT to proceed or BACK to change your settings Home NETWORK SETTINGS Home Network Settings Clicking the Home icon at any time returns you to this home page The Main Menu links are used to navigate to other menus that display configuration parameters and statistics Settings Security Advanced Settings Runtime Code Version Boot Code Version LAN MAC Address 1 00 May 27 2005 11 52 57 v0 03 00 12 BF 03 58 04 Wireless MAC Address 00 12 BF 03 58 06 WAN MAC Address 00 12 BF 03 58 05 Hardware Version oc Serial Num A000000001 DHCP Client Log View information on LAN DHCP clients currently linked to the wireless router Security Log View any attempts that have been made to gain access to your network ien 52 DHCP Client Send Discover Send Discover Send Discover Setup Wizard Status 4 Home Network Settings You can use the Status screen to see the connec
85. s Tools Advanced Help Network Tasks El Create a new connection Set up a home or small office network See Also O O Osea Es Folders E Address Network Connections Local Area Connection 2 Status General Support Connection Status Duration Speed Activity Packets Sent Received 43 43 Connected 00 47 38 11 0 Mbps TCP IP CONFIGURATION 3 10 5 Double click Internet Protocol TCP IP 6 If Obtain an IP address automatically and Obtain DNS server address automatically are already selected your computer is already configured for DHCP If not select these options now and click OK PR Local Area Connection 3 Properties General Advanced Connect using E9 SMC EZ Card 10 100 SMC1255FTX ST 2 This connection uses the following items 5 005 Packet Scheduler AF AEGIS Protocol IEEE 802 1x v2 3 1 9 Intenet Protocol TCP IP Internet Protocol TCP IP Properties General Altemate Configuration You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings O Obtain an IP address automatically O Use the following IP address Obtain DNS server address automatically Use the following DNS server addresses a Car Ce CONFIGURING THE CLIENT PC Obtain IP Settings fr
86. s to limit the risk of hacker Security attack and defending against a wide array of common attacks However for applications that require unrestricted access to the Internet you can configure a specific client server as a demilitarized zone DMZ Firewall Wireless Enable or disable Firewall features Enable Disable Advanced Settings SAVE SETTINGS Network attacks that deny access to a network device are called Denial of Service DoS attacks DoS attacks are aimed at devices and networks with a connection to the Internet Their goal is not to steal information but to disable a device or network so users no longer have access to network resources The Barricade protects against the following DoS attacks IP Spoofing Land Attack Ping of Death IP with zero length Smurf Attack UDP port loopback Snork Attack TCP null scan and TCP SYN flooding See page 4 46 for details The firewall does not significantly affect system performance so we advise leaving it enabled to protect your network Enable the firewall feature and click Save Settings to proceed SECURITY Schedule Rule The first item listed in the Firewall section is Schedule Rule You may filter Internet access for local clients based on rules Each access control rule may be activated at a scheduled time Define the schedule on the Schedule Rule page and apply the rule on the Access Control page SERE Betipiwizsnd Schedule Rule
87. ser can view the Barricade s HTML configuration pages To disable the proxy in Internet Options Internet Explorer click Tools Click Internet Options and then the Connections tab shown on the right In the Local Area Network LAN settings section click LAN Settings to display the Local Area Network LAN Settings pop up window below In the Proxy server section PEN ensure the Use a proxy server for your LAN These settings will not apply to dial up or VPN connections check box is not ticked Click OK 4 Port Ad s proxy server for local addresses Your computer is now configured to connect to the Barricade 3 8 Windows XP DHCP IP Configuration 1 On the Windows desktop click Start Control Panel 2 In the Control Panel window click Network and Internet Connections 3 The Network Connections window will open Locate and double click the Local Area Connection icon for the Ethernet adapter that is connected to the Barricade 4 Inthe connection status screen click Properties CONFIGURING THE CLIENT PC G E mail Outlook Express A MSN Explorer Windows Media Player Q Windows Movie Maker Tour Windows XP Files and Settings Transfer Wizard e Snaglt 5 0 All Programs gt 4 My Recent Documents 2 My Pictures 2 My Music gs My Computer a Connect Te gt ta Printers and Faxes O Help and Support yo Search File Edit View Favorite
88. sion alive E SENSE AAA Setup Wizard PPTP Home Network ttings Point to Point Tunneling Protocol is a common connection method used for xDSL connections in Europe IP Address p P o 0 Subnet Mask p Ag O O Security Default Gateway p Ag jo 0 Advanced Settings UserID p OS SCS Password PPTP Gateway p 17 JO 17 Idle Time Out rg min C Manual connect Auto connect C Keep session If you have an ISP that charges by the time change your idle time out value to 1 minute SAVE SETTINGS CANCEL Click Save Settings to proceed or Cancel to change your settings MAKING CONFIGURATION CHANGES Static IP If your Service Provider has assigned a fixed IP address enter the assigned IP address subnet mask and the gateway address on this screen svc A S Setup Wizard Static IP If your Service Provider has assigned a fixed IP address enter the assigned IP address subnet mask and the gateway address provided Has your Service Provider given you an IP address and Gateway address IP address assigned by your Service Provider g p o p Subnet Mask 9 p JO E p Service Provider Gateway Address 5 p jo a p SAVE SETTINGS CANCEL Security Advanced Settings Click Save Settings to proceed or Cancel to change your settings 4 23 CONFIGURING THE BARRICADE Wireless 4 24 The Barricade can be quickly configured for roaming clients by setting the Servic
89. ssistance A 1 TROUBLESHOOTING A 2 Troubleshooting Chart Symptom Action LED Indicators LAN LED is e Verify that the Barricade and attached device are Off powered on Be sure the cable is plugged into both the Barricade and the corresponding device Verify that the proper cable type is used and that its length does not exceed the specified limits Be sute that the network interface on the attached device is configured for the proper communication speed and duplex mode Check the adapter on the attached device and cable connections for possible defects Replace any defective adapter or cable if necessary Network Connection Problems Cannot ping the Barricade from the attached LAN ot the Barricade cannot ping any device on the attached LAN Verify that the IP addresses are properly configured For most applications you should use the Barricade s DHCP function to dynamically assign IP addresses to hosts on the attached LAN However ifyou manually configure IP addresses on the LAN verify that the same network address network component of the IP address and subnet mask are used for both the Barricade and any attached LAN devices Be sure the device you want to ping or from which you are pinging has been configured for TCP IP TROUBLESHOOTING Troubleshooting Chart Symptom Action Management Problems Cannot connect Be sure to have configured th
90. sswords can contain from 3 to12 alphanumeric characters and are case sensitive Note If your password is lost or you cannot gain access to the user interface press the Reset button colored blue on the rear panel holding it down for at least six seconds to restore the factory defaults The default password is smcadmin Enter a maximum Idle Time Out in minutes to define a maximum period of time an inactive login session will be maintained If the connection is inactive for longer than the maximum idle time 1t will be logged out and you will have to log in to the web management system again Setting the idle time to 0 will mean the connection never times out Default 10 minutes 4 62 SYSTEM Remote Management By default management access is only available to users on your local network However you can also manage the Barricade from a remote host by entering the IP address of a remote computer on this screen Check the Enabled check box and enter the IP address of the remote host and click Save Settings Setup Wizard Home Network Settings Set the remote management of the wireless router If you want to manage the wireless router from a remote Security location outside of the local network you must specify the IP address of the remote PC Advanced Settings Remote Management Host Address o jo fo fo Enabled 7 SAVE SETTINGS CANCEL Note If you check Enabled and specify an
91. stops responding correctly or in some way stops functioning you can perform Security a reset Your settings will not be changed To perform the reset click on the SAVE SETTINGS button below You will be asked to confirm your decision The reset will be complete when the power light stops Advanced Settings blinking Reboot Wireless Router Reset To perform a system reset click the Reboot Wireless Router button in the screen above The configurations that you have set previously will not be changed back to the factory default settings Note You may also use the blue Reset button on the rear panel of the Barricade to perform a reset Push for one second to perform a reboot All of your settings will remain upon restarting Push for six seconds to return the Barricade to factory default settings 4 60 SYSTEM System This section includes all the basic configuration tools for the Barricade such as time settings password settings and remote management Time Settings Setup Wizard Time Settings Home Network Set Time Zone Use this setting to insure the time based client filtering feature and system log entries are based on the correct localized time GMT Greenwich Mean Time Dublin Edinburgh Lisbon London y Configure Time Server NTP Advanced Settings You can automatically maintain the system time on your Wireless Router by synchronizing with a public time server over the Internet
92. tandard limited warranty can be upgraded to a Limited Lifetime warranty by registering new products within 30 days of purchase from SMC or its Authorized Reseller Registration can be accomplished via the enclosed product registration card or online via the SMC web site Failure to register will not affect the standard limited warranty The Limited Lifetime warranty covers a product during the Life of that Product which is defined as the period of time during which the product is an Active SMC product A product is considered to be Active while it is listed on the current SMC price list As new technologies emerge older technologies become obsolete and SMC will at its discretion replace an older product in its product line with one that incorporates these newer technologies At that point the obsolete product is discontinued and is no longer an Active SMC product A list of discontinued products with their respective dates of discontinuance can be found at http www smc com index cfm action customer_service_warranty All products that are replaced become the property of SMC Replacement products may be either new or reconditioned Any replaced or repaired product carries either a 30 day limited warranty or the remainder of the initial warranty whichever is longer SMC is not responsible for any custom software or firmware configuration information or memory data of Customer contained in stored on or integrated with any produ
93. ted 3 Internet Settings 2 Wireless settings Specify the WAN connection type required by your Internet Service Provider Specify Cable modem Fixed IP xDSL or PPPOE xDSL 3 Internet settings 4 Modem settings c Ya Cable Modem 5 ADSL settings A cable modem requires minimal configuration When you have setup an account with your Internet provider the wireless router will be automatically configured when plugged into the cable modem The host name field is optional but may be required by some Service Providers If there is a Domain Name Server DNS that you would rather use you need to specify the IP address in the WAN page c gt Fixed IP xDSL Some xDSL Internet Service Providers may assign a fixed IP address for your gateway If you have been provided with this information choose this option and enter the assigned IP address subnet mask gateway IP and DNS IP addresses for your wireless router c ge PPPoE xDSL If you connect to the Internet using an xDSL Modem and your ISP has provided you with a password and service name then your ISP uses PPPoE You must choose this option and enter the required information r PPTP Point to Point Tunneling Protocol is a common connection method used for xDSL connections in Europe Select your connection type to proceed Click BACK to go back and change your settings SETUP WIZARD Cable Modem Settings If the ISP requires you to input a Host Name type it in the Host Na
94. that identifies the address bits in the destination address used for routing to specific subnets Each bit that corresponds to a 1 is part of the subnet mask number each bit that corresponds to 0 is part of the host number Gateway The IP address of the router at the next hop to which frames are forwarded Interface The local interface through which the next hop of this route is reached Metric When a router receives a routing update that contains a new or changed destination network entry the router adds 1 to the metric value indicated in the update and enters the network in the routing table 4 70 APPENDIX TROUBLESHOOTING This section describes common problems you may encounter and possible solutions to them The Barricade can be easily monitored through panel indicators to identify problems Troubleshooting Chart LED Indicators Symptom Action Power LED is off Check connections between the Batricade the external power supply and the wall outlet If the power indicator does not turn on when the power cord is plugged in you may have a problem with the power outlet power cord or external power supply However if the unit powers off after running for a while check for loose power connections power losses or surges at the power outlet If you still cannot isolate the problem then the external power supply may be defective In this case contact Technical Support for a
95. the Barricade Instead use only twisted pair cables with RJ 45 connectors that conform with FCC standards Notes 1 Use 100 ohm shielded or unshielded twisted pair cable with RJ 45 connectors for all Ethernet ports Use Category 3 4 or 5 for connections that operate at 10 Mbps and Category 5 for connections that operate at 100 Mbps 2 Make sure each twisted pair cable length does not exceed 100 meters 328 feet CONNECT THE SYSTEM Connect the Power Adapter Plug the power adapter into the power socket on the side panel of the Barricade and the other end into a power outlet Check the power indicator on the front panel is lit If the power indicator is not lit refer to Troubleshooting on page A 1 In case of a power input failure the Barricade will automatically restart and begin to operate once the input power is restored If the Barricade is properly configured it will take about 30 seconds to establish a connection with the ADSL service provider after powering up 2 9 INSTALLATION 2 10 CHAPTER 3 CONFIGURING THE CLIENT PC After completing hardware setup by connecting all your network devices you need to configure your computer to connect to the Barricade You can either configure your computer to automatically obtain IP settings DHCP or manually configure IP addtess settings Static IP Depending on your operating system see Windows 2000 on page 3 3 Windows XP on page 3 9 or
96. time Code version V1 00 May 27 2005 11 52 57 Boot Code Version v0 03 LAN MAC Address 00 12 BF 03 58 04 Wireless MAC Address 00 12 BF 03 58 06 WAN MAC Address 00 12 BF 03 58 05 Hardware Version oc BEIDEN Serial Num AD00000001 Advanced Settings DHCP Client Log View information on LAN DHCP clients currently linked to the wireless router El ld ai Security Log View any attempts that have been made to gain access to your network 2004 12 18 00 50 58 DHCP Client Send Discover El 2004 12 18 0 52 DHCP Client Send Discover 2004 12 18 0 47 DHCP Client Send Discover zl 4 15 CONFIGURING THE BARRICADE 4 16 Setup Wizard Security Log Home Network View any attempts that have been made to gain access to your network Settings Status LAN Settings WAN Settings Wireless Security Advanced Settings DHCP Client Send Discover DHCP Client Send Discover DHCP Client Send Discover DHCP Client Send Discover DHCP Client Send Discover DHCP Client Send Discover DHCP Client Send Discover DHCP Client Send Discover 44 Save Clear Refresh DHCP Client Could not find DHCP daemon to get information The security file SMCWBR14T_logfile log may be saved by clicking Save and choosing a location The following items are included on the Status screen Parameter Description INTERNET Displays WAN connection type and status Release Click on this button to disconnect from the WAN Renew Click on this button
97. tion and NAT NAT also enables multi user Internet access v a a single user account and virtual server functionality providing protected access to Internet services such as web FTP email and Telnet VPN pass through IPSec ESP Tunnel mode L2TP PP TP User definable application sensing tunnel supports applications requiring multiple connections Easy setup through a web browser on any operating system that supports TCP IP Compatible with all popular Internet applications INTRODUCTION Applications Many advanced networking features are provided by this Barricade Wired and Wireless LAN The Barricade provides connectivity to 10 100 Mbps devices and wireless IEEE 802 11g compatible devices making it easy to create a network in small offices or homes Internet Access This device supports Internet access through an ADSL connection Since many ADSL providers use PPPoE or PPPoA to establish communications with end users the Barricade includes built in clients for these protocols eliminating the need to install these services on your computer Shared IP Address The Barricade provides Internet access for up to 253 users via a single shared IP address Using only one ISP account multiple users on your network can browse the web at the same time Virtual Server If you have a fixed IP address you can set the Barricade to act as a virtual host for network address translation Remote users access various services at y
98. tion status for the wireless router s WAN LAN interfaces firmware and hardware version numbers any illegal attempts to access your network as well as information on all DHCP client PCs currently connected to your network e Current Time 2004 12 18 00 50 57 Security INTERNET Advanced Settings new Home Network LAN IP Address 192 168 2 1 Subnet Mask 255 255 255 0 DHCP Server Enabled Firewall Disabled UPnP Enabled Wireless Enabled ADSL only PPTP Client Line 1 Disabled PPTP Server Line 1 Disconnected Setup Wizard INFORMATION Home Network Numbers of DHCP Clients o CONFIGURING THE BARRICADE The Barricade s Home Network Settings interface contains four main menu items as described in the following table Menu Description Status Provides WAN connection type and status firmware and hardware version numbers system IP settings as well as DHCP NAT and firewall information Displays the number of attached clients the firmware versions the physical MAC address for each media interface and the hardware version and serial number Shows the security and DHCP client log LAN Sets the TCP IP configuration for the Barricade LAN interface and Settings DHCP clients WAN Specifies the Internet connection settings Settings Wireless Configures the radio frequency SSID and security for wireless communications Making Configuration Changes 4 14 Configurable parameters have a dialog box or a drop down list
99. to establish a connection to the WAN Home Network Displays system IP settings as well as DHCP Server Firewall LAN UPnP and Wireless status INFORMATION Displays the number of attached clients the firmware versions the physical MAC address for each media interface and for the Barricade as well as the hardware version and serial number DHCP Client Log Displays information on DHCP clients on your network Security Log Displays illegal attempts to access your network Save Click on this button to save the security log file Clear Click on this button to delete the access log Refresh Click on this button to refresh the screen MAKING CONFIGURATION CHANGES LAN Settings You can enable DHCP to dynamically allocate IP addresses to your client PCs or configure filtering functions based on specific clients or protocols The Barricade must have an IP address for the local network nc _ m Setup Wizard Pp LAN Settings Home Network Settings _ You can enable DHCP to dynamically allocate IP addresses to your client PCs or configure filtering functions Status based on specific clients or protocols The wireless router must have an IP address for the local network LAN Settings Wireless Router IP Address WAN Settings Wireless 1P Address Security ha fee 2 ft Advanced Settings IP Subnet Mask 255 955 255 D DHCP Server DHCP Server Enabled Disabled DHCP Server ID DHCP IP Address Pool Start IP 92
100. work We allow one public IP address to be mapped to a pool of local addresses Setup Wizard Home Network Address Mapping Network Address Translation NAT allows IP addresses used in a private local network to be mapped to one or more addresses used in the public global Internet This feature limits the number of public IP addresses required from the ISP and also maintains the privacy and security of the local network We allow one public IP address to be mapped to a pool of local addresses Address Mapping Global 1p 0 7 p PR is transformed as multiple virtual IPs from 192 168 2 0 to 192 168 2 0 Note Please make sure your DHCP server lease time is set to Forever SAVE SETTINGS CANCEL Click Save Settings to proceed or Cancel to change your settings 4 53 CONFIGURING THE BARRICADE Virtual Server 4 54 Setup Wizard Virtual Server Home Network s a Settings You can configure the wireless router as a virtual server so that remote users accessing services such as the Web or FTP at your local site via public IP addresses can be automatically redirected to local Security servers configured with private IP addresses In other words depending on the requested service Advanced Settings TCP UDP port number the wireless router redirects the external service request to the appropriate server located at another internal IP address This tool can support both port ranges multiple ports and combin
101. work Name SSID suc Wireless Broadcast Wireless Network Name ENABLE DISABLE gt Channel and SSID ioe Nod b wos ireless Mode 11 b g Mixed mode y Security Wi Fi Channel number 6 x Advanced Settings Extend Range C ENABLE DISABLE SAVE SETTINGS CANCEL X Parameter Description Wireless Network Name The Service Set ID SSID is the name of your SSID wireless network The SSID must be the same on the Barricade and all of its wireless clients Broadcast Wireless Network Enable or disable the broadcasting of the SSID If Name you disable broadcast of the SSID only devices that have the correct SSID can connect This nullifies the wireless network discovery feature of some products such as Windows XP Default Enable Wireless Mode This device supports the following modes 11g only 11b only 11b g mixed mode Super G Dynamic Turbo and Super G Static Turbo Wi Fi Channel Number This device supports the following modes 11g only 11b only 11b g mixed mode Super G Dynamic Turbo and Super G Static Turbo Extend Range Extends the range of the Barricade Default Disable 4 25 CONFIGURING THE BARRICADE WDS 4 26 The Wireless Distribution System WDS provides a means to extend the range of a Wireless Local Area Network WLAN WDS allows the Barricade to establish a direct link to other wireless base stations and allows clients to roam freely within the area covered by the WDS
Download Pdf Manuals
Related Search