Home
Linksys WRV54G router
Contents
1. User Nearne Password Server Address linksys vpn com _ Connect Seve Delete Help Figure C 4 QuickVPN Software Profile Linksys QuickV PH Connected to 639 105 48 21 Connected at 15 02 September 08 2004 Total Time Connected 00 00 04 Disconnect Change Password Help Figure C 5 QuickVPN Software Status Figure C 6 QuickVPN Tray Icon Connection Available Connect Virtual Private Connection Old Password KE New Password Confirm New Password a Figure C 7 QuickVPN Software Change Password 98 Appendix D Configuring IPSec between a Windows 2000 or XP Computer and the Router Introduction This document demonstrates how to establish a secure IPSec tunnel using preshared keys to join a private NOTE Keep a record of any changes you make network inside the Router and a Windows 2000 or XP computer You can find detailed information on configuring AN Those changes will be identical in the Windows the Windows 2000 server at the Microsoft website secpol application and the Router s Web based Utility Microsoft KB Q252735 How to Configure IPSec Tunneling in Windows 2000 http support microsoft com support kb articles Q252 7 35 asp Microsoft KB Q257225 Basic IPSec Troubleshooting in Windows 2000 l NOTE The text on your screen may differ from http support microsoft com support kb articles Q257 2 25 asp E AI on ee es or e your screen Environment Th
2. 40 C 4 158 F 20 70 C 10 to 85 Non Condensing 5 to 90 Non Condensing 127 Appendix L Warranty Information LIMITED WARRANTY Linksys warrants to You that for a period of three years the Warranty Period your Linksys Product will be substantially free of defects in materials and workmanship under normal use Your exclusive remedy and Linksys entire liability under this warranty will be for Linksys at its option to repair or replace the Product or refund Your purchase price less any rebates This limited warranty extends only to the original purchaser lf the Product proves defective during the Warranty Period call Linksys Technical Support in order to obtain a Return Authorization Number if applicable BE SURE TO HAVE YOUR PROOF OF PURCHASE ON HAND WHEN CALLING If You are requested to return the Product mark the Return Authorization Number clearly on the outside of the package and include a copy of your original proof of purchase RETURN REQUESTS CANNOT BE PROCESSED WITHOUT PROOF OF PURCHASE You are responsible for shipping defective Products to Linksys Linksys pays for UPS Ground shipping from Linksys back to You only Customers located outside of the United States of America and Canada are responsible for all shipping and handling charges ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE LIMITED TO THE DURATION OF THE WARRANTY PERIOD ALL OTHER EXPRESS O
3. Get Community LS Sel Commundty Deen eg tutsit Sep teeter _ Aa Tree Design 382 480 0 0 Enabled C Disabled Mow liter G Enabled f Disabled Cordguneter Changes ee Utter KZ e Enabled Dlesbled Phare Arcerg Figure 6 41 Administration Tab Management 45 Identification Contact Enter the name of the network administrator for the Router as well as a contact number or e mail address Device Name Enter the name of the Router Location Enter the location of the Router For example you could include the name of the building floor number and room location such as Head Office Floor 5 Networking 3 Get Community Enter the password that allows read only access to the Router s SNMP information The default name is public Set Community Enter the password that allows read write access to the Router s SNMP information The default name is private A name must be entered in this field SNMP Trusted Host You can restrict access to the Router s SNMP information by IP address Enter the IP address in the SNMP Trusted Host field If this field is left blank then access is permitted from any IP address SNMP Trap Community Enter the password required by the remote host computer that will receive trap messages or notices sent by the Router SNMP Trap Destination Enter the IP address of the remote host computer that will receive the trap messages UPnP UPnP allows Windows XP and Windows Me
4. In the Components checked are used by this connection box highlight Internet Protocol TCP IP and click the Properties button Select Use the following IP address option Enter a unique IP address that is not used by any other computer on the network connected to the Router Enter the Subnet Mask 255 255 255 0 Enter the Default Gateway 192 168 1 1 Router s default IP address Toward the bottom of the window select Use the following DNS server addresses and enter the Preferred DNS server and Alternative DNS server provided by your ISP Contact your ISP or go on its website to find the information Click the OK button in the Internet Protocol TCP IP Properties window and click the OK button in the Local Area Connection Properties window Restart the computer if asked Windows XP The following instructions assume you are running Windows XP with the default interface If you are using the Classic interface where the icons and menus look like previous Windows versions please follow the instructions for Windows 2000 i 2 3 4 Click Start and Control Panel Click the Network and Internet Connections icon and then the Network Connections icon Right click the Local Area Connection that is associated with the Ethernet adapter you are using and select the Properties option In the This connection uses the following items box highlight Internet Protocol TCP IP Click the Properties button Enter a unique IP addre
5. Click the Preview button to view the web page that includes the information you have added GE cnr Senta Monica When finished click the Continue button Een Tenin Lire Seen Mama Minem weas Phara TE M E Emad an Bicodershog WET CHAS Se TOPOS DCH Server JF fazian DCH Heaget ECT DHCP Start P EI 10 100 DHCP Stee F E 1A Tubppper pile Tirat E Brimarp Gaewer B 101 645 Zereagnre Sarwar Jee W644 OC Met Piat iini The Cotes Shop character beret vs iud e spaced Cet a free cup of coffiea with every pound of 5 Coffee beans purthased Hot Stat C porpacan es cbie ec er leng muing zeg Fre MAC ID Hor Urar d 1 Era MAC ID far Urs M MAC ID fer Liar F J MAC ID for Wier A E MAC ID ter Uter E MAC ID for Liner RE MAC ID far Ur T MAC 1G Aor Urer E MAC ID far Luar d a MAC 1D for Winer 18 1 Doa DN lp rimat Figure 7 16 Confirmation H eg en TM H rt CA ka ah In A B A WY ID ren eg to eg tg tay H At C a a i sl Ie wf TR go Hot Spot in a Box Pro gram TOI riot opot businesses 8 The Almost Done screen will appear Read the information and then click the Complete Device Setup button Ee SS e to save all of your settings Step 4 Return to the Device After the Hot Spot tab reappears click the Refresh button A screen will appear to notify you that you are online Complete the configuration of the Router When finished the setup of your fir
6. Local Network erer A Divan of Goce Systema ine The Local Network screen displays information about the local network Status Local Network an IP Address The Router s local IP Address is shown here lt a ug ZE DHCP Chert Leese info DHCP Chents Table eschen md heal Subnet Mask The Router s Subnet Mask is shown here DHCP Server The status of the DHCP server is displayed here DHCP Client Lease Info Click the DHCP Clients Table button to view a list of PCs that have been assigned IP addresses by the Router The DHCP Active IP Table screen lists the DHCP Server IP Address Computer Names IP egen Addresses MAC Addresses and length of time until a Computere assigned IP address expires Click the Close button to return to the Local Network screen Click the Refresh button to update the information Click the Refresh button to update the on screen information For help information click More Pere DHCP Active IP Table Refresh DHF Serer IP Address 192 168 0 2 Computer Hama IP Address MAC Address Expires vaio 182 168 12 DI a0 ce 23 10 85 Expire fesilabBmbaqqzk 192 168 08 00M ETE Aa 23 45 27 waikeagrykjzfed 192 1681 4 DO i be e Expire nevehost 182 168 15 DDG 242 bot be Expira n w osi 3 192 168 1 6 0058518 Expire new host 4 132 168 1 7 roit ET E AE Expire detective 192 168 1 9 S iebh s db e Expire neve host 2 192 168 110 dc e 4S bb Bb s Expire p w baost 182 16111 45 3b 130d 60a Expare p w bnst
7. VPN Router to VPN Router An example of a VPN Router to VPN Router VPN would be as follows At home a telecommuter uses his VPN Router for his always on Internet connection His router is configured with his office s VPN settings When he connects to his office s router the two routers create a VPN tunnel encrypting and decrypting data As VPNs utilize the Internet distance is not a factor Using the VPN the telecommuter now has a secure connection to the central office s network as if he were physically connected For more information refer to Appendix E Configuring VPN Tunnels Computer using the Linksys VPN client software to VPN Router The following is an example of a computer to VPN Router VPN In her hotel room a traveling businesswoman dials up her ISP Her notebook computer has the Linksys VPN client software which is configured with her office s IP address She accesses the Linksys VPN client software and connects to the VPN Router at the central office As VPNs utilize the Internet distance is not a factor Using the VPN the businesswoman now has a secure connection to the central office s network as if she were physically connected For additional information and instructions about creating your own VPN please visit Linksys s website at www linksys com You can also refer to Appendix C Using the Linksys QuickVPN Software for Windows 2000 or XP Appendix D Configuring IPSec between a Windows 2000 or XP PC a
8. or open user is logged in Bytes In Number of megabytes MB received Bytes Out Number of megabytes MB sent Device Statistics This shows the device network information identical to route command on UNIX systems Routing The route information for this device is shown here Destination The IP address destination network or host is displayed Gateway The gateway address is shown Mask This is the Netmask or Subnet Mask for the network Flags The status of the route is indicated here Ref Count This is the number of references to this route Use Count The number of lookups for the route is displayed here Interface This is the number of the network interface Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses Administration Site User Statistics Report Dez The Coser Shop Company The Coffee Shop Under the front counter Aegebeee CA page 192 160 300 103 O004 25 67 abdd open 9021 20000 ME Figure 7 23 User Statistics Hint pnt in a Be GA je Pyete pas Ge Hha A 3 23 Grr iee e A A ad AA dhan ee tee eg kengt eben eng Vase H Det e dikerhs Aepbteegg Bake Kenge thacneeu P ssensarni Device Statistics DOT The Coffee Shop Company The Coffee Shop Wader the front outer erer CA Routing CS ee ee ee aim 66 1420 129 0 000 DG g S HER T PERF ar EEEE FH 1216810 e 25352550 0 192 165200 0 Peso U 24 14250128 255 255 255 128 U
9. 192 168 0 3 DO A0 di E TA 21 36 02 eng 152 168 0 4 00 00 41 4a FEO 21 07 29 ok 152 168 0 5 000 Sa Bai ei 20 36 34 micheal w2kii 183 168 016 00 02 82 40 45 fe 00 00 25 NGUYENTU W2KI 132 168 0 7 00 07 eb St act Expire Ges Figure 6 48 DHCP Active IP Table Chapter 6 Configuring the Wireless G VPN Broadband Router 53 The Status Tab Local Network Wireless G VPN Broadband Router The Status Tab Wireless LINKSYS Doson of Qsco Systema inc The Wireless screen displays status information about your wireless network Status Wireless MAC Address The MAC Address of the Router s wireless network interface is displayed here ates Mode As selected from the Wireless tab this will display the wireless mode Mixed G Only or Disabled used by the network SSID As entered on the Wireless tab this will display the wireless network name or SSID Refresh Channel As entered on the Wireless tab this will display the channel on which your wireless network is broadcasting Figure 6 49 Status Tab Wireless Encryption Function As selected on the Wireless Security tab this will display what type of encryption the Router uses for security Click the Refresh button to update the on screen information For help information click More Chapter 6 Configuring the Wireless G VPN Broadband Router 54 The Status Tab Local Network Wireless G VPN Broadband Router The Status Tab System Performance The System
10. 255 255 255 0 Defaut Gateway 192 168 1 254 ox eene ze e E e Figure F 1 IP Configuration Screen E o ae Adapter Information Linksys LNE100TX Fast Etherne sl Adapter Address lt 00 00 00 00 00 00 gt IP Addiess 192 168 1 100 Subnet Mask 255 255 255 0 Default Gateway 192 168 1 1 C oos ze Release All Renew All More Info gt gt Figure F 2 MAC Address Adapter Address 117 Windows 2000 or XP Instructions 1 Click Start and Run In the Open field enter cmd Press the Enter key or click the OK button i Note The MAC address is also called the Physical Address 2 Atthe command prompt enter ipconfig all Then press the Enter key 3 Write down the Physical Address as shown on your computer screen it is the MAC address for your Ethernet adapter This appears as a series of numbers and letters The MAC address Physical Address is what you will use for MAC address cloning or MAC filtering On the MAC Address Physical Address screen the example shows the Ethernet adapter s IP address as 192 168 1 100 Your computer may show something different Figure F 3 MAC Address Physical Address 118 Appendix G SNMP Functions SNMP Simple Network Management Protocol is a widely used network monitoring and control protocol Data is passed from a SNMP agent such as the VPN Router to the workstation console used to oversee the network The Router then returns info
11. Enabled 7 Dimsb ed Dene harsi Ted mx Song Server P Adie fp of m e Sek Pricriy infomation sl Log Gueus Lee n Fi trin Log Tee Threrhaki Sun mondi T Sen Pleasing l Ping Cel pesh T P Spsating FF unauthorised Logn Attend TT w n H Seztee Erop Metzp es FF Authorized Login T Dery boer F Cremosgue Changes T Aiow Pokeies I conent Fitering l Daia Kegecbeen eari Sein kimi i feae Figure 6 42 Administration Tab Log GZ 47 Log Time Threshold You can designate how often the log will be e mailed to you The default is 10 minutes so unless you change this setting the Router will e mail the log to you every 10 minutes The Router will e mail the log every time the Log Queue Length or Log Time Threshold is reached Alert Log You can receive alert logs for specific types of Internet attacks and events Syn Flooding IP Spoofing Win Nuke Ping of Death and Unauthorized Login Attempt To be notified of a specific event click its checkbox General Log Select the type of activity you would like to log Select System Error Messages Deny Policies Allow Policies Content Filtering Data Inspection Authorized Login or Configuration Changes When you have finished making changes on this screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More 48 es Al Dun B aee C VDM Aren en elle canaell D ALITAN
12. Gagn Soh ings fans ol hangs Figure 6 2 Setup Tab Automatic Configuration DHCP 15 Static IP If you are required to use a permanent IP address to connect to the Internet then select Static IP IP Address This is the Router s IP address when seen from the WAN or the Internet Your ISP will provide you with the IP Address you need to specify here Subnet Mask This is the Router s Subnet Mask as seen by external users on the Internet including your ISP Your ISP will provide you with the Subnet Mask Default Gateway Your ISP will provide you with the Default Gateway Address which is the ISP server s IP address Primary DNS Required and Secondary DNS Optional Your ISP will provide you with at least one DNS Domain Name System Server IP Address When you have finished making changes to the screen click the Save Settings button to save the changes or click the Gancel Changes button to undo your changes PPPoE some DSL based ISPs use PPPoE Point to Point Protocol over Ethernet to establish Internet connections If you are connected to the Internet through a DSL line check with your ISP to see if they use PPPoE If they do you will have to enable PPPoE User Name and Password Enter the User Name and Password provided by your ISP Connect on Demand Max Idle Time You can configure the Router to cut the Internet connection after it has been inactive for a specified period of time Max Idle Time If your In
13. Router Click the OK for WinXP or A Close for Win2000 button on the P Filter List window The selected IP fitter list specifies which network traffic will be secured with this rule Description ASICMP Traffic Matches all ICMP packets betw O ASIP Traffic Matches all IP packets from this O touter gt win O vwarr gt router Figure D 9 New Rule Properties 102 Wireless G VPN Broadband Router Step 3 Configure Individual Tunnel Rules Tunnel 1 win gt Router 1 From the P Filter List tab click the filter list win gt Router 2 Click the Filter Action tab and click the filter action Require Security radio button Then click the Edit button 3 From the Security Methods tab verify that the Negotiate security option is enabled and deselect the Accept unsecured communication but always respond using IPSec check box Select Session key Perfect Forward Secrecy and click the OK button Appendix D Configuring IPSec between a Windows 2000 or XP Computer and the Router How to Establish a Secure IPSec Tunnel x Authentication Methods TunnelSetting Connection Type IP Fiker List Fiter Action New Rule Properties The selected IP filter list specifies which network traffic yall be secured wath this rule AIP Traffic Matches al IP packets from this wouer ug wine gt router Figure D 10 IP Filter List Tab New Rule Properties vil Authentication Methods TunnelSet
14. ae RS Password ES 2 Double click the Linksys QuickVPN software icon on your desktop or in the system tray Server Address i212 3 The login screen will appear Enter a name for your profile Connect Seve Delete _ Heip 4 Enter the user name in the User Name field l Figure E 13 QuickVPN Software Profile Appendix E Configuring VPN Tunnels 115 Connecting a VPN Client 5 Enter the password in the Password field 6 Enter the WAN IP address of VPN Router 1 in the Server Address field 7 Click the Connect button 8 When your QuickVPN connection is active the status screen will appear and the QuickVPN tray icon will turn green It will display the IP address of the remote end of the VPN tunnel the time and date the VPN tunnel began and the total length of time the VPN tunnel has been active 9 Verify that the VPN client and PC 1 can ping each other 10 To terminate the VPN tunnel click the Disconnect button The QuickVPN tray icon will turn gray Congratulations You have successfully created a QuickVPN connection Linksys YPN Client Connecting Figure E 14 Connecting venting Network Figure E 16 Verifying Network Linksys VPN Client x Connected to 12113 Connected at 14 37 March 02 2006 Total Time Connected 00 01 48 Change Password Help Figure E 17 QuickVPN Software Status PU Ki 3 Figure E 18 QuickVPN Tray Figure E 19 QuickVPN Tray icon Connection icon
15. rtlichen Beh rden oder st dtischen Entsorgungsdienste oder an den H ndler bei dem Sie das Produkt erworben haben Eesti Estonian Keskkonnaalane informatsioon Euroopa Liidus asuvatele klientidele Euroopa Liidu direktiivi 2002 96 EU n uete kohaselt on seadmeid millel on tootel v i pakendil k esolev s mbol keelatud k rvaldada koos sorteerimata olmejaatmetega See s mbol n itab et toode tuleks k rvaldada eraldi tavalistest olmej tmevoogudest Olete kohustatud k rvaldama k esoleva ja ka muud elektri ja elektroonikaseadmed riigi v i kohalike ametiasutuste poolt ette n htud kogumispunktide kaudu Seadmete korrektne k rvaldamine ja ringlussev tt aitab v ltida v imalikke negatiivseid tagaj rgi keskkonnale ning inimeste tervisele Vanade seadmete k rvaldamise kohta t psema informatsiooni saamiseks v tke palun hendust kohalike ametiasutustega j tmek itlusfirmaga v i kauplusega kust te toote ostsite Appendix M Regulatory Information Espa ol Spanish Informaci n medioambiental para clientes de la Uni n Europea La Directiva 2002 96 CE de la UE exige que los equipos que lleven este simbolo en el propio aparato y o en su embalaje no deben eliminarse junto con otros residuos urbanos no seleccionados El s mbolo indica que el producto en cuesti n debe separarse de los residuos dom sticos convencionales con vistas a su eliminaci n Es responsabilidad suya desechar este y cualesquiera otros aparatos el ctricos y
16. so the Encryption Key will be 48 bit Make sure both ends of the VPN tunnel use the same Encryption Key Figure 6 30 Key Exchange Method Manual Authentication Key 00000000000000000000 Authentication Algorithm Select a method of authentication MD5 or SHA1 The Authentication method determines how the ESP packets are validated MD5 is a one way hashing algorithm that produces a 128 bit digest SHA is a one way hashing algorithm that produces a 160 bit digest SHA1 is recommended because it is more secure Make sure both ends of the VPN tunnel use the same authentication method Authentication Key This field specifies a key used to authenticate IP traffic Enter a key of hexadecimal values If MD5 is selected the Authentication Key is 32 bit which requires 32 hexadecimal values If you do not enter enough hexadecimal values then the rest of the Authentication Key will be automatically completed with zeroes until it has 32 hexadecimal values If SHA is selected the Authentication Key is 40 bit which requires 40 hexadecimal values If you do not enter enough hexadecimal values then the rest of the Authentication Key will be automatically completed with zeroes until it has 40 hexadecimal values Make sure both ends of the VPN tunnel use the same Authentication Key inbound amp Outbound SPI Security Parameter Index SPI is carried in the ESP Encapsulating Security Payload Protocol header and enables the receiver and sender to select the
17. 10 00 pm Pacific Standard Time Saturday and Sunday 6 00 am to 3 00 pm Pacific Standard Time Address Boingo Wireless 1601 Cloverfield Boulevard Suite 570 South Santa Monica CA 90404 Web www boingo com or www boingo com servicecenter html E mail service boingo com Getting Started Setting up your first Hot Spot in a Box device is a fast and simple process To begin make sure you have the following e Boingo Hot Spot in a Box device e DSL cable or T1 connectivity e A notebook or desktop computer with a wireless 802 11b or 802 119 adapter such as a PCMCIA card or built in 802 11b or 802 119 capabilities Step 1 Setup of Your First Hot Spot in a Box Device Set up the Wireless G VPN Broadband Router using the Setup Wizard on the Setup CD ROM Boingo recommends that you use a wired connection to configure the Router for Hot Spot in a Box Then click the Register button on the Hot Spot tab of the Setup tab in the Router s Web based Utility refer to Chapter 6 Configuring the Wireless G VPN Broadband Router A IMPORTANT Make sure to check with your Internet Service Provider s terms of service agreement to see if they allow hot spots on your plan before you continue 60 Wireless G VPN Broadband Router Step 2 Registration Process STI i a weds DAD Duech irme Gee A D A 7 JA d sl pa n Ahera o herpe iere hotipat 1 The Registration Login screen will appear In the First Hot Spot
18. 12 Quick VPN Desktop Icon Figure E 13 QuickVPN Software Profile Figure E 14 Connecting Figure E 15 Activating Policy Figure E 16 Verifying Network Figure E 17 QuickVPN Software Status Figure E 18 QuickVPN Tray Icon Connection Figure E 19 QuickVPN Tray Icon No Connection Figure F 1 IP Configuration Screen Figure F 2 MAC Address Adapter Address Figure F 3 MAC Address Physical Address Figure H 1 Upgrade Firmware 113 114 115 115 115 115 116 116 116 116 116 116 117 117 118 120 Chapter 1 Introduction Welcome Thank you for choosing the Linksys Wireless G VPN Broadband Router The Wireless G VPN Broadband Router will allow you to network wirelessly better than ever sharing Internet access files and fun easily and securely How does the Wireless G VPN Broadband Router do all of this A router is a device that allows access to an Internet connection over a network With the Wireless G VPN Broadband Router this access can be shared over the four switched ports or via the wireless network broadcast at either 11Mbps for Wireless B or 54Mbps for Wireless G To protect your data and privacy the Wireless G VPN Broadband Router can encrypt all wireless transmissions with up to 128 bit WEP encryption and supports the WPA standard which provides greater security opportunities The Router also has a powerful Stateful Packet Inspection SPI firewall and Network Address Translation NAT technology to prote
19. Addresse Figure 6 28 Remote Security Group Any and Remote Secure Gateway Any Key Exchange Method AutofIKE PFS C Enabled Ge Disabled Pre Shared Key Please enter shared secret C RSA Signature PleaseenterRSAL tt Key Lifetime 3600 Figure 6 29 Key Exchange Method Auto IKE 33 Encryption Algorithm Select a method of encryption DES or 3DES This determines the length of the key used to encrypt or decrypt ESP packets DES is 56 bit encryption and 3DES is 168 bit encryption 3DES is Key Exchange Method Manual v recommended because it is more secure Make sure both ends of the VPN tunnel use the same encryption Encryption Algorithm DES v DES 16 HEX 3DES 48 HEX MEMOR Encryption Key 0000000000000000 Encryption Key This field specifies a key used to encrypt and decrypt IP traffic Enter a key of hexadecimal Authentication Algorithm MD5 v MD5 32 HEX SHA1 40 HEX values If DES is selected the Encryption Key is 16 bit which requires 16 hexadecimal values If you do not enter enough hexadecimal values then the rest of the Encryption Key will be automatically completed with zeroes so the Encryption Key will be 16 bit If 3DES is selected the Encryption Key is 48 bit which requires Inbound SPI 100 HEX 100 FFFFFFFF 40 hexadecimal values If you do not enter enough hexadecimal values then the rest of the Encryption Key Outbound SPt 400 HEX 100 FFFFFFFF will be automatically completed with zeroes
20. Ane MAC Address Pag re 1TH GIOOGTBER Oo Spi 192 LS 2 10 Oe ST AS OR T en Socket j p Biiprjjadmn hobigot bongo osjog bnjadn fogsor Hangod AN e hme Figure 7 24 Device Statistics 19 Inace C UDM Benadhangs Dairtar less G VPN Broadband Route Arp This shows who is associated to a network interface e g a client who associates with the access point but doesn t get an IP address IP This is the IP address of the device on the network Mac Address This the MAC address of the device on the network Flags The type of ARP entry is shown here Interface The network interface is shown here Socket This shows the network connections incoming and outgoing traffic requests Proto The protocol TCP or UDP is displayed here Receiving Queue This is the number of bytes received by the user program connected to this socket send Queue This is the number of bytes received by the user program connected to this socket Local Address This is the IP address of the local end of the socket Local Port This is the port number of the local end of the socket Foreign Address This is the IP address of the remote end of the socket Foreign Port This is the port number of the remote end of the socket State Shown here is the state of the socket e g OPEN CLOSED or TIME WAIT Device Performance This shows the historical view of device uptime load and RAM CPU or network usage Post Time This is the time the upda
21. CE OTS DL a E E d egme dito feeb gated rig ee ed Packets Pehea Sent Bytes Sent d D Error Packets Dropped Packets D Bereet Refresh OC ED Tea a De ao PC PECL tte Encinas tem tnd M rrlesg GEZ Wwe eTe 107 Oa ht WE iE Figure 6 50 Status Tab System Performance 99 Packets Sent The number of packets sent is displayed here Bytes Received The number of bytes received is shown here Bytes Sent The number of bytes sent is shown here Error Packets Received The number of error packets received is displayed here Dropped Packets Received The number of dropped packets received is displayed here Click the Refresh button to update the on screen information Help information is shown on the right hand side of the screen 56 Wireless G VPN Broadband Router The Status Tab VPN Clients rr After d Chace a be The VPN Client Status screen displays status information about the Router s VPN clients Status VPN Client Status WPN Cieni Users Display E Pen Upergeg Ham fet tes Dra bea Deg Mpio io s Oria KK i VPN Client Users Display Select the group of VPN client users whose information you wish to see No This is the number assigned to the VPN client Username The Username assigned to the VPN client will be displayed here Status This is the status of the VPN connection Start Time The time the VPN connection began is displayed here End Time
22. DSL users it is recommended to use the value 1492 By default MTU is set at 1500 when disabled packet a unit of data sent over a network 17 Network Setup The Network Setup section allows you to change the Router s local network settings Gateway IP The Router s Local IP Address and Subnet Mask are shown here In most cases you should keep the defaults Local IP Address The default value is 192 168 1 1 Subnet Mask The default value is 255 255 255 0 Network Address Server Settings DHCP The Router can be used as your network s DHCP Dynamic Host Configuration Protocol server which automatically assigns an IP address to each PC on your network Unless you already have one it is highly recommended that you leave the Router enabled as a DHCP server Local DHCP Server DHCP is already enabled by factory default If you already have a DHCP server on your network set the Router s DHCP option to Disabled If you disable DHCP assign a static IP address to the Router Start IP Address Enter a value for the DHCP server to start with when issuing IP addresses This value must be 192 168 1 2 or greater but smaller than 192 168 1 254 because the default IP address for the Router is 192 168 1 1 Number of Address Enter the maximum number of PCs that you want the DHCP server to assign IP addresses to This number cannot be greater than 253 In order to determine the DHCP IP Address range add the starting IP address e g
23. Help information is shown on the right hand side of a screen For additional information click More A Fen of Deere Zetteen ire Wireless Sauunty bade bag d ALS Server rade 0 0 Rb RADIUS Server Part CEE Shared See Ee Deteg Tee Key f_Me Oa Oa WEP Ereryetion G4 bits 10 hex digits Pasaphrnse IT e L A ikan of Dog iym beer Wireless The router supports four Aiae tyes of pect Dem Trona Key Fy Og Og Ca ML nind ASUSE OA e WEP Encryption EA bite 10 hex digis wie RE Figure 6 16 Wireless Security WEP wep wired equivalent privacy a method of encrypting network data transmitted on a wireless network for greater security 26 Nireless G VPN Broadband Route The Wireless Tab Wireless Network Access This screen allows you to control access to your wireless network Wireless Network Access Access List To allow the designated computers to access your network select the Permit to access radio button To block the designated computers from accessing your wireless network select the Prevent from accessing radio button Click Disabled to disable the access function MAC 1 20 Enter the MAC addresses of the designated computers For a more convenient way to add MAC addresses click the Select MAC Address From Networked Computers button The Networked Computers screen will appear Select the MAC Addresses you want Then click the Select button Click the Refresh button if you want to
24. Instructions 117 Windows 2000 or XP Instructions 118 Appendix G SNMP Functions 119 Appendix H Upgrading Firmware 120 Appendix Windows Help 121 Appendix J Glossary 122 Appendix K Specifications 127 Appendix L Warranty Information 128 Appendix M Regulatory Information 129 Appendix N Contact Information 135 List of Figures Figure 2 1 Network Diagram Figure 3 1 VPN Router to VPN Router Figure 3 2 Computer to VPN Router Figure 4 1 Back Panel Figure 4 2 Front Panel Figure 5 1 Connect to LAN Ports Figure 5 2 Connect to Internet Port Figure 5 3 Connect to Power Port Figure 5 4 Connect to Internet Port Figure 5 5 Connect to Power Port Figure 6 1 Login Screen Figure 6 2 Setup Tab Automatic Configuration DHCP Figure 6 3 Internet Connection Type Static IP Figure 6 4 Internet Connection Type PPPoE Figure 6 5 Internet Connection Type PPTP Figure 6 6 DDNS Tab DynDNS org Figure 6 7 DDNS Tab TZO com Figure 6 8 Setup Tab MAC Address Clone Figure 6 9 Setup Tab Advanced Routing Figure 6 10 Routing Table Entry List Figure 6 11 Setup Tab Hot Spot in a Box Figure 6 12 Wireless Tab Basic Wireless Settings Figure 6 13 Wireless Security WPA Pre Shared Key Figure 6 14 Wireless Security WPA RADIUS Figure 6 15 Wireless Security RADIUS Figure 6 16 Wireless Security WEP Figure 6 17 Wireless Tab Wireless Network Access Figure 6 18 Networked Computers Figure 6 19 Wireles
25. Internet Access as the Policy Type Click the Edit List button to select which PCs will be affected by the policy The List of PCs screen will appear You can select a PC by MAC Address or IP Address You can also enter a range of IP Addresses if you want this policy to affect a group of PCs After making your changes click the Apply button to apply your changes or Cancel to cancel your changes Then click the Close button Click the appropriate option Deny or Allow depending on whether you want to block or allow Internet access for the PCs you listed on the List of PCs screen Decide which days and what times you want this policy to be enforced Select the individual days during which the policy will be in effect or select Everyday Then enter a range of hours and minutes during which the policy will be in effect or select 24 Hours You can filter access to various services accessed over the Internet such as FTP or telnet by selecting services from the drop down menus next to Blocked Services You can block up to 20 services LINKSYS A pes of Osco Systema inc Access Restrictions http VG Deem reet access dar selected days and C aow Top Devs Tene Internet Filter Summary No Name default oo nrownwen UN EI o Figure 6 33 RH ewei F Sa F Wee 7 te r Frm fm Tse Cnet Got w ES ES Weavers 3 WAE ERI 192 168 0 2 Fater Settings Summary Microsoft Internet Explorer Days miT
26. Kay Lite Time 2600 Mote Following three additional proposals a in Main mode DESMOS 8S SDEESHANO24 ond SDE SMOSH Phase 2 Proeponal Encryption DES Authentication MDS PFS Enabled Key Lite Tima 28000 Gihar Options T vet igz broadcast F ante replay Keep Alive FF WHE failed more than g mes biog this unsutharized IP tor 50 EE Saeed SG Fhe 3 Figure 6 31 Advanced VPN Tunnel Setup te abro proposed 35 Key Life Time In the Key Lifetime field you may optionally select to have the key expire at the end of a time period of your choosing Enter the number of seconds you d like the key to be used until a re key negotiation between each endpoint is completed Other Options NetBIOS broadcast Click the checkbox if you want NetBIOS traffic to pass through the VPN tunnel By default the Router blocks these broadcasts Anti replay This protects the Router from anti replay attacks when people try to capture your authentication packets in an attempt to gain access The feature is enabled by default Keep Alive This feature helps maintain the connections of IPSec tunnels Whenever a connection is dropped and the drop is detected then the connection will be re established immediately Click the checkbox to enable this feature If IKE failed more than times block this unauthorized IP for seconds This feature is enabled by default It enables the Router to block unauthorized IP addresses Specify the num
27. PC 1 2 Enter the VPN Router s local IP address in the Address field default is 192 168 1 1 Then press Enter 3 A password request page will appear Non Windows XP users will see a similar screen Complete the User Name and Password fields admin is the default user name and password Then click the OK button Figure E 2 Login Screen 4 The first screen that appears will be the Basic Setup screen For the Internet Connection Type select Automatic Configuration DHCP 5 Click the Security tab internet Connection Type Automate Configuration OMP gt 6 Click the VPN tab Figure E 3 Setup Basic Setup Internet Setup 7 For the VPN Tunnel setting select Enabled E EE 8 Enter a name in the Tunnel Name field Local Secure Group f eg 9 For the Local Secure Group select Subnet Enter VPN Router 1 s local network settings in the P Address and e Gs Ee Eer b Mask fields Remote Secure Group Stra P Aayer i72 be gt 10 For the Remote Secure Group select Subnet Enter VPN Router Ze local network settings in the P Address and Mask fields namato Secure geng Ze P Aker S fs fs be 11 For the Remote Secure Gateway select IP Addr Enter VPN Router 2 s WAN IP address in the P Address field trenton ees 12 Click the Save Settings button May itenegemant vey xturgeitirot az PFS C inbid Disabled C Pre Shared Key Phom erte thared rece yo em C RSA Sgaire Prove erte ASA ege A
28. The time the VPN connection ended is shown here Duration This is the length of time the VPN connection has lasted Se ee a a HRH el Disconnect If you want to disconnect a VPN client click this checkbox Click the Refresh button to update the on screen information Click the Disconnect button to disconnect the VPN clients whose Disconnect checkboxes have been checked For help information click the More button Beitaah Gatonnert Figure 6 51 Status Tab VPN Clients Chapter 6 Configuring the Wireless G VPN Broadband Router 57 The Status Tab VPN Clients Chapter 7 Bongo Hot Spot in a Box Program for Hot Spot Businesses Program Overview Boingo Hot Spot in a Box is a program for businesses that want to offer wireless networking services for their customers Enabling the Boingo Hot Spot in a Box feature will turn the Linksys Wireless G VPN Broadband Router into a commercial hot spot The service is powered by Boingo Wireless the leading WI Fi service provider and IMPORTANT Make sure to check with your has been designed for small business that need a single hot spot installation Internet Service Providers terms of service agreement to see if they allow hot spots on your Wi Fi is the fastest growing segment of the Internet industry and there are already millions of people carrying Wi plan before you continue Fi enabled notebooks and PDAs Now you can harness Wi Fi to make money and provide a valuable service to y
29. Wireless Settings This tab is used to set up the Router s advanced wireless functions These settings should only be adjusted by an advanced user as incorrect settings can reduce wireless performance Advanced Wireless Authentication Type The default is set to Auto which allows either Open System or Shared Key authentication to be used Select the appropriate authentication type for your network For Open System authentication the sender and the recipient do NOT use a WEP key for authentication For Shared Key authentication the sender and recipient use a WEP key for authentication Basic Data Rates Select 1 2 Mbps All 1 2 5 5 6 11 24 or Default 1 2 5 5 11 from the drop down menu The Basic Data Rates setting is not actually one rate of transmission but a series of rates at which the Router can transmit The Router will advertise its Basic Data Rate to the other wireless devices in your network so they know which rates will be used The Router will also advertise that it will automatically select the best rate for transmission The default setting is Default when the Router can transmit at all standard wireless rates 1 2Mbps 5 5Mbps 11Mbps Other options are 1 2Mbps for use with older wireless technology and All when the Router can transmit at all wireless rates 1 2Mbps 5 5Mbps 6Mbps 11Mbps 24Mbps The Basic Rate is not the actual rate of data transmission If you want to specify the Router s rate of data transmission c
30. address that a manufacturer assigns to each networking device 20 The Setup Tab Advanced Routing A Druen of Osco Zeien inc The Advanced Routing screen allows you to configure the dynamic and static routing settings Setup Advanced Routing Operating Mode Select Gateway or Router from the drop down menu If this Router is hosting your network s connection to the Internet keep the default Gateway If you have a different router hosting your Internet connection then select Router Dynamic Routing With Dynamic Routing you can enable the Router to automatically adjust to physical changes in the network s layout The Router using the RIP protocol determines the network packets route based on the fewest number of hops between the source and the destination The RIP protocol regularly broadcasts routing information to other routers on the network Sere Settings Cance Chennss Figure 6 9 Setup Tab Advanced Routing RIP To use dynamic routing click the Enabled radio button Receive RIP Version To use dynamic routing for reception of network data select the protocol you want Both RIP v1 and v2 RIPv1 or RIPv2 If you do not want to use this feature select None Transmit RIP Version To use dynamic routing for transmission of network data select the protocol you want RIPv1 RIPv2 Broadcast or RIPv2 Multicast If you do not want to use this feature select None Static Routing If the Router is connected to
31. automatically logged the subscriber out M Wat Onat in a DA Y A Draaram far Hat Crant Rireinac CAC Hot Spot in a Box Pro gram for i lot opot businesses T1 Appendix A Troubleshooting This appendix consists of two parts Common Problems and Solutions and Frequently Asked Questions Provided are possible solutions to problems that may occur during the installation and operation of the Router Read the descriptions below to help you solve your problems If you can t find an answer here check the Linksys website at www linksys com Common Problems and Solutions 1 Pm trying to access the Router s Web based Utility but do not see the login screen Instead I see a screen saying 404 Forbidden If you are using Windows Explorer perform the following steps until you see the Web based Utility s login screen Netscape Navigator will require similar steps 1 2 3 Click File Make sure Work Offline is NOT checked Press CTRL F5 This is a hard refresh which will force Windows Explorer to load new webpages not cached ones Click Tools Click Internet Options Click the Security tab Click the Default level button Make sure the security level is Medium or lower Then click the OK button 2 need to set a static IP address on a PC You can assign a static IP address to a PC by performing the following steps e For Windows 98 and Me 1 2 Click Start Settings and Control Panel Double click N
32. for your password when you access the Router s Web based Utility The default user name and password is admin User Name It is recommended that you change the default user name to one of your choice Router Password It is recommended that you change the default password to one of your choice Re enter to confirm Re enter the Router s new Password to confirm it Remote Router Access This feature allows you to access the Router from a remote location via the Internet Remote Management This feature allows you to manage the Router from a remote location via the Internet To enable Remote Management click the Enabled radio button Management Port Enter the port number you will use to remotely access the Router Note When you are in a remote location and wish to manage the Router enter htto lt Internet IP AN Address gt port Enter the Router s specific Internet IP address in place of lt nternet IP Address gt and enter the Administration Port number in place of the word port SNMP SNMP Simple Network Management Protocol is a network protocol that provides network administrators with the ability to monitor the status of the Router and receive notification of any critical events as they occur on the network To enable SNMP check the Enabled box To configure SNMP complete all fields on this screen To disable the SNMP agent remove the checkmark A Deon gi Cece Siem ke Administration i Gre Device Name cE 4
33. function properly consider exposing one PC to the Internet using DeMilitarized Zone DMZ hosting This option is available when an application requires too many ports or when you are not sure which port services to use Make sure you disable all the forwarding entries if you want to successfully use DMZ hosting since forwarding has priority over DMZ hosting In other words data that enters the Router will be checked first by the forwarding settings If the port number that the data enters from does not have port forwarding then the Router will send the data to whichever PC or network device you set for DMZ hosting e Follow these steps to set DMZ hosting 1 Access the Router s web based utility by going to http 192 168 1 1 or the IP address of the Router Go to the Applications and Gaming gt DMZ tab 2 Disable or remove the entries you have entered for forwarding Keep this information in case you want to use it at a later time e Once completed with the configuration click the Save Settings button 83 10 I forgot my password or the password prompt always appears when am saving settings to the Router e Reset the Router to factory default by pressing the Reset button for 10 seconds and then releasing it If you are still getting prompted for a password when saving settings then perform the following steps 1 Access the Router s web based utility by going to http 192 168 1 1 or the IP address of the Router Enter the default p
34. in a Box Registration Process section click the sorso opaan Register as a Hot Spot in a Box Owner button to register for the first time and then go to the next step on this page step 2 First Hot Spot in a Box Registration Process D pou are regitering your first Hot Spot in a Box device cick the ink below to begn If you already have a Hot Spot in a Box account and want to add another Router enter your user name and Already have a Hot Spot in a Box account password in the Already have a Hot Spot in a Boxe Account section Click the Login button and then skip EE ahead to Step 3 Device Configuration Wizard The Boingo system will detect that a device is set up and will besen go directly to the Device Configuration Wizard geg CH A 9 reem 2 When the Welcome screen appears read the general information and then click the Register your Hot Spot E Ree i T in a Box now button at the bottom of the screen SES See EE E Welcome to the Boingo Hot Spot in a Box Registration Process Follow Deve easy de r to tet vp your Mot Spot n a Berd derce at a full commercal bet ipot Rend and accept the Berge Mat Spet a a Bo1 Agreement 2 lore ten ah erbe pte ari wy ler aren ond tert 6 Configure n device wth he Dongo Mot Soet r s Bor Setup Witerd An e e H age TOY caa Gererate Fevers Dy erne Commnernneal We fi sooess pd srat how Connect fees Dongo pert pou every terme e curtormer connecti at your Mot Spot
35. its radio button enter a series of numbers or letters in the Pre shared Key field Based on this word which MUST be entered at both ends of the tunnel a key is generated to scramble encrypt the data being transmitted over the tunnel where it is unscrambled decrypted You may use any combination of up to 24 numbers or letters in this field No special characters or spaces are allowed RSA Signature You can choose to use a Pre shared Key or RSA Signature To use the RSA Signature click its radio button Enter the RSA Signature in the field provided This is similar to a Pre shared Key Make sure it matches the RSA Signature entered at the remote end of the tunnel s Key Lifetime You may optionally select to have the key expire at the end of a time period of your choosing Enter the number of seconds you d like the key to be useful or leave it blank for the key to last indefinitely Manual If you select Manual you generate the key yourself and no key negotiation is needed Basically manual key management is used in small static environments or for troubleshooting purposes Remote Secure Group Ary D This Gateway accepts request from any IP Remote Secure Gateway FOON gatevay linksys com Figure 6 27 Remote Secure Group Any and Remote Secure Gateway FQDN Remote Secure Group ary z This Gateway accepts request from any IP Address Remote Secure Gateway Ary X This Gateway accepts request from any IP
36. junto com os res duos municipais n o separados O simbolo indica que este produto deve ser eliminado separadamente dos residuos dom sticos regulares E da sua responsabilidade eliminar este e qualquer outro equipamento el ctrico e electr nico atrav s dos instala es de recolha designadas pelas autoridades governamentais ou locais A elimina o e reciclagem correctas ajudar o a prevenir as consequ ncias negativas para o ambiente e para a sa de humana Para obter informa es mais detalhadas sobre a forma de eliminar o seu equipamento antigo contacte as autoridades locais os servi os de elimina o de residuos ou o estabelecimento comercial onde adquiriu o produto Sloven ina Slovak Inform cie o ochrane ivotn ho prostredia pre z kazn kov v Eur pskej nii Pod a eur pskej smernice 2002 96 ES zariadenie s t mto symbolom na produkte a alebo jeho baleni nesmie byt likvidovan spolu s netriedenym komun lnym odpadom Symbol znamen e produkt by sa mal likvidova oddelene od be n ho odpadu z dom cnost Je va ou povinnos ou likvidova toto i ostatn elektrick a elektronick zariadenia prostredn ctvom pecializovan ch zbern ch zariaden ur en ch vl dou alebo miestnymi org nmi Spr vna likvid cia a recykl cia pom e zabr ni pr padn m negat vnym dopadom na ivotn prostredie a zdravie lud Ak m te z ujem o podrobnej ie inform cie o likvid cii star ho zariadenia obr tte sa prosim na
37. less G VPN Broadband Route The Administration Tab Diagnostics The ping test allows you to check the connections of your network components Ping Test Ping Test Parameters Ping Target IP Enter the IP address of the network device whose connection you wish to test No of Pings Enter the number of times that you want to ping the device Ping Size Enter the size of the ping packets Ping Interval Enter the ping interval in milliseconds how often you want the device to be pinged Ping Timeout If there is no response the ping test will time out after a specified length of time Enter the timeout period in milliseconds Click the Start Test button to start the test The results of the test will be displayed in the window Click the Abort Test button to stop the test Click the Clear Result button to clear the results For help information click More BD VDI Pp renadhandd Denter VPN Broadband Route Li A Divenen of Osce Sytema ec Administration Ping Test Peremneters Peg Target P C f RR No of Penge om Prg Sae ET bytes Prg ntara 1000 M teconde Ping Tract S000 Mmseconds Figure 6 43 Administration Tab Diagnostics 49 leese C UDM BDenadhang Daitar less G VPN Broadband Route The Administration Tab Factory Defaults Toes A Diiia g Coco Steeg fine Wireless G VPH Router The Factory Defaults screen allows you to restore the Router s configuration to its factory default settin
38. line a call at 800 546 5797 LINKSYS Or fax your request in to 949 823 3002 If you experience problems with any Linksys product you can call us at 800 326 7114 Don t wish to call You can e mail us at support linksys com If any Linksys product proves defective during its warranty period you can Call the Linksys Return Merchandise Authorization department for obtaining a Return Authorization Number at 949 823 3000 Details on Warranty and RMA issues can be found in the Warranty Information section in this Guide 135
39. minutes you want to have elapsed before your Internet connection terminates Keep Alive Option Redial Period If you select this option the Router will periodically check your Internet connection If you are disconnected then the Router will automatically re establish your connection To use this option click the radio button next to Keep Alive In the Redial Period field you specify how often you want the Router to check the Internet connection The default Redial Period is 30 seconds When you have finished making changes to the screen click the Save Settings button to save the changes or click the Gancel Changes button to undo your changes IR C Connect on Demand Max Idle Time 5 Min Figure 6 5 Internet Connection Type PPTP Optional Settings Required by some ISPs some of these settings may be required by your ISP Verify with your ISP before making any changes Host Name and Domain Name These fields allow you to supply a host and domain name for the Router Some ISPs require these names as identification You may have to check with your ISP to see if your broadband Internet service has been configured with a host and domain name In most cases leaving these fields blank will work MTU The MTU Maximum Transmission Unit setting specifies the largest packet size permitted for network transmission Select Enabled and enter the value desired It is recommended that you leave this value in the 1200 to 1500 range For most
40. monitoring system detects a problem with the device This person is a contact person only and does not need technical skills Enter the Name Phone number Fax number and Email address in the fields provided When finished click the Continue button Y errur tebup ep I o t Location Mieosolt inbornet Explorer alja Ps Ede Gen Fie ooh e Hii J 23 23 Aeh reote eda A e A2 sl A diieas El heman tetapa bange eee br zl ege bs Device Setup Step 1 of 6 Location Pirate enter the locaton information for this dewice Df the device ii mowed Bless be iure ta update thie devices profile All Aside requared Lacation Hame The Coen Shop Uedertecoumer L taben Tepe Cetebigeriauget ETETEN Derer a Pierement of Device Within the Location 123 Men neet g Dore ON e Internet Dhur slup Herp J of Et Gente Con Lact Leer mun Microbe Br srgseh Leplat lol Cet rn een Te ps e bed A 3 23 Deech alten Open A Zu oo al a areas E br Garen betipeg besen cone a ations otee Pr Device Setup Step 2 of 6 Onsite Contact Information Please enter the Coster information for the parron responsible for this device af the location Beings may contact this parron Hl we detect preblera sah your device thraagh our pete ck mentoring eyetem D the entite comtact perron changes ever time pleage be gure to update this device pralle Mame Phone aad eat are required Helda Name iaa waaga Phong PFH Fax LR
41. more than one network it may be necessary to set up a static route between them A static route is a pre determined pathway that network information must travel to reach a specific host or network To create a static route change the following settings Select Number Select the number of the static route from the drop down menu The Router supports up to 20 static route entries Delete This Entry If you need to delete a route select its number from the drop down menu and click the Delete This Entry button LAN IP Address The LAN IP Address is the address of the remote network or host to which you want to assign a static route Enter the IP address of the host for which you wish to create a static route If you are building a route to an entire network be sure that the network portion of the IP address is set to 0 For example the Router s standard IP address is 192 168 1 1 Based on this address the address of the routed 21 network is 192 168 1 with the last digit determining the Router s place on the network Therefore you would enter the IP address 192 168 1 0 if you wanted to route to the Router s entire network rather than just to the Router Subnet Mask The Subnet Mask also known as the Network Mask determines which portion of an IP address is the network portion and which portion is the host portion Take for example a network in which the Subnet Mask is 255 255 255 0 This determines by using the values 255 that
42. not tuned to the right frequency a spread spectrum signal looks like background noise There are two main alternatives Direct Sequence Spread Spectrum DSSS and Frequency Hopping Spread Spectrum FHSS 91 What is DSSS What is FHSS And what are their differences Frequency Hopping Spread Spectrum FHSS uses a narrowband carrier that changes frequency in a pattern that is known to both transmitter and receiver Properly synchronized the net effect is to maintain a single logical channel To an unintended receiver FHSS appears to be short duration impulse noise Direct Sequence Spread Spectrum DSSS generates a redundant bit pattern for each bit to be transmitted This bit pattern is called a chip or chipping code The longer the chip the greater the probability that the original data can be recovered Even if one or more bits in the chip are damaged during transmission statistical techniques embedded in the radio can recover the original data without the need for retransmission To an unintended receiver DSSS appears as low power wideband noise and is rejected ignored by most narrowband receivers Will the information be intercepted while it is being transmitted through the air WLAN features two fold protection in security On the hardware side as with Direct Sequence Spread Spectrum technology it has the inherent security feature of scrambling On the software side WLAN offers the encryption function WEP to enhance security and
43. of device status reports are offered Details on each of these reports are provided below e Edit Current Configuration This shows all of your device configuration fields and allows you to edit them e Map It shows your Hot Spot location on a regional map Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses Administration Site Hote QOD Dawn Grew Gee A A A R JA dien herpe fasun erger barage comp ane rem System Configuration Report 00005001 The Coffee Shop Company The Coffee Shop Under the front counter Angwhere CA Sea Rosa Aeiem Sethe g Last Coebe Update 2004 01 22 163709 PST Hardware 14 DOC AL SE ALAI Service Set ID SSID Boingo Hot Spot Wrwelets Channel for DI Figure 7 22 Map 74 Wireless G VPN Broadband Router User Statistics Report This shows the statistics of the subscribers that are currently accessing the Internet through the Router Post Time This is the time when the user first accessed the Internet through the Router Idle Time This is the length of time that the user has been idle the session is considered inactive User Name The user name of the subscriber is displayed here User IP The IP address assigned to the user is shown here User MAC Address This is the MAC address of the Wi Fi adapter or card being used by the subscriber State This indicates one of two states pending user has associated to the Router but has not authenticated
44. reduce the risks Appendix C Using the Linksys QuickVPN Software for Windows 2000 or XP This appendix instructs you on how to use the Linksys QuickVPN software if you are using a Windows 2000 or XP PC Appendix D Configuring IPSec between a Windows 2000 or XP PC and the Router This appendix instructs you on how to establish a secure IPSec tunnel using preshared keys to join a private network inside the VPN Router and a Windows 2000 or XP PC Appendix E Configuring VPN Tunnels This appendix describes how to configure VPN IPSec tunnels using the VPN Routers and a VPN client Appendix F Finding the MAC Address and IP Address for your Ethernet Adapter This appendix describes how to find the MAC address for your computer s Ethernet adapter so you can use the MAC filtering and or MAC address cloning feature of the Router It also explains how to find the IP address for your computer Appendix G SNMP Functions This appendix explains SNMP Simple Network Management Protocol Appendix H Upgrading Firmware This appendix instructs you on how to upgrade the firmware on your Router should you need to do so Appendix Windows Help This appendix describes how you can use Windows Help for instructions about networking such as installing the TCP IP protocol Appendix J Glossary This appendix gives a brief glossary of terms frequently used in networking Appendix K Specifications This appendix provides the technical specifications for t
45. refresh the screen Click the Close button to return to the previous screen If you want detailed instructions on how to find the MAC address of a specific computer refer to Appendix F Finding the MAC Address or IP Address for Your Ethernet Adapter When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More Chapter 6 Tha Alive ine Wireless Oonfiguring the W fealeasGa s V P aA VEE iY Idi e NNIIEIE aa IEATWOrkKkK ACCASS A Drereo of Once Siem Ke Wireless G VPN Router Wireless Access Lat Disebled C Prevent from sccessing Permit to eccess mact 00 00 00 00 00 00 MAC 00 00 00 00 00 00 macz 00 00 00 00 00 00 mactz 00 00 00 00 00 00 macx 00 00 00 00 00 00 MaC14x 00 00 00 00 00 00 mace ao og oo G macte 00 00 00 00 00 00 macs ao oos og 00 Mact amp 00 00 00 op og 00 mace 00 00 00 00 0000 MaC tt 00 00 00 00 00 00 mact 00 00 00 00 00 00 Macar 00 00 00 00 00 00 mace 00 00 00 00 00 00 wacuwlugn oe og op o op mace 00 00 00 00 00 00 MaAC4 00 00 00 00 00 00 MAC tk 00 00 00 00 00 00 mac 2e 00 00 00 00 00 00 Sere Steg Cancel Chemoes Networked Computers MAC Address Select 00 00 41 44 7F 06 00 02 84 40 05 FE IR 00 07 E6 31 14 F7 Select Refresh Close Figure 6 18 Networked Computers 27 The Wireless Tab Advanced
46. the security The VPN screen allows you to configure your VPN settings to make your network more secure VPN PassThrough IPSec Passthrough PSec Internet Protocol Security is a suite of protocols used to implement secure exchange of packets at the IP layer To allow IPSec Passthrough click the Enabled button To disable IPSec Passthrough click the Disabled button PPTP Pass Through PPTP Point to Point Tunneling Protocol Passthrough allows the Point to Point PPP to be tunneled through an IP network To allow PPTP Passthrough click the Enabled button To disable PPTP Passthrough click the Disabled button L2TP Passthrough Layer 2 Tunneling Protocol Passthrough is the method used to enable Point to Point sessions via the Internet on the Layer 2 level To allow L2TP Passthrough click the Enabled button To disable L2TP Passthrough click the Disabled button VPN Tunnel The VPN Broadband Router creates a tunnel or channel between two endpoints so that the data or information between these endpoints is secure Select Tunnel Entry To establish this tunnel select the tunnel you wish to create from the drop down box It is possible to create up to 100 simultaneous tunnels VPN Tunnel Click Enabled to enable the selected VPN Tunnel VPN Gateway If you want to route all the traffic through the tunnel and not just the ones destined for the remote secure group click Enabled Tunnel Name Once the tunnel is enabled enter the na
47. the first three numbers of a network IP address identify this particular network while the last digit from 1 to 254 identifies the specific host Default Gateway Enter the IP address of the gateway device that allows for contact between the Router and the remote network or host metric This determines the maximum number of steps between network nodes that data packets will travel A node is any device on the network such as PCs print servers routers etc Interface Select LAN amp Wireless or Internet WAN depending on the location of the static route s final destination Show Routing Table Click the Show Routing Table button to open a screen displaying how data is routed through your local network For each route the Destination LAN IP address Subnet Mask Gateway and Interface are displayed Click the Refresh button to update the information Click the Close button to exit this screen When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More By https 192 1668 ii Bed xg Table Microsoft Internet Enplarer Routing Table Entry List _Fetresh Destination LAH IP Subnet Mask Gateway Interface 192 163 1 0 255 255 2550 192 168 1 1 LANE Wireless 127 0 0 1 0 0 0 0 1270 01 LOOPBACK Dose Figure 6 10 Routing Table Entry List 22 Wireless G VPN Broadband Router The Setup Tab H
48. these and many other Linksys products your networking options are limitless Go to the Linksys website at www linksys com for more information about products that work with the Wireless G VPN Broadband Router Figure 2 1 Network Diagram Chapter 3 Planning Your Virtual Private Network VPN Why do I need a VPN Computer networking provides a flexibility not available when using an archaic paper based system With this flexibility however comes an increased risk in security This is why firewalls were first introduced Firewalls help to protect data inside of a local network But what do you do once information is sent outside of your local network when e mails are sent to their destination or when you have to connect to your company s network when you are out on the road How is your data protected That is when a VPN can help VPNs are called Virtual Private Networks because they secure data moving outside of your network as if it were still within that network When data is sent out across the Internet from your computer it is always open to attacks You may already have a firewall which will help protect data moving around or held within your network from being corrupted or intercepted by entities outside of your network but once data moves outside of your network when you send data to someone via e mail or communicate with an individual over the Internet the firewall will no longer protect that data At this point your d
49. to access Enabled Click the Enabled checkbox to enable UPnP forwarding for the relevant application When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More Chantar A Cantfiniring tha W Unapter D coni g urin g ne wW The Applications and Gaming Deben of Care Ener int Wireless G VPM Router Applications amp Gaming Application Fafe bt fen Procol 1 Ackirews Enabled TK fo Ba wes r KR KR bad we r fo ean wwen r i KR KR Ema me 67 fo 0 Ema wwen r fo fo ene wes r r E KR Ema me r Co KR RK Ema w r fo 0 Baz wwen r TK KR fears wwesb 6 faint Saree tenon Changes Figure 6 39 Applications amp Gaming Tab UPnP Forwarding 43 The Applications and Gaming Tab DMZ The DMZ screen allows one local user to be exposed to the Internet for use of a special purpose service such as Internet gaming and videoconferencing through Software DMZ or a user can use LAN Port 4 as a DMZ port through Hardware DMZ Whereas Port Range Forwarding can only forward a maximum of 10 ranges of ports DMZ hosting forwards all the ports for one PC at the same time Software DMZ This feature allows one local user to be exposed to the Internet for use of a special purpose service such as Internet gaming and videoconferencing To use this feature select Enable
50. to automatically configure the Router for various Internet applications such as gaming and videoconferencing fo enable UPnP check the Enabled box Allow Users to Make Configuration Changes When enabled this feature allows you to make manual changes while still using the UPnP feature Allow Users to Disable Internet Access When enabled this feature allows you to prohibit any and all Internet connections When you have finished making changes on this screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More 46 The Administration Tab Log When you click the Administration tab you will see the Log screen The Log screen provides you with options for email alerts and a log of all incoming and outgoing URLs or IP addresses for your Internet connection Log Email Alert Email Alerts To enable the Router to send email alerts in the event of Denial of Service attacks and the like click the radio button beside Enabled If you do not wish to have email alerts click the radio button beside Disabled Email Address for General Logs This is the e mail address where you would like the general logs sent Email Address for Alert Logs This is the e mail address where you would like the alert logs sent Return E Mail address Your mail server may require a return email address Enter that here If you re unsure as to what address to enter enter the
51. to match the name used at the other end of the tunnel Enter the IP Address and Subnet Mask of the local VPN Router in the Local Secure Group fields To allow access to the entire IP subnet enter 0 for the last set of IP Addresses e g 192 168 1 0 Enter the IP Address and Subnet Mask of the VPN device at the other end of the tunnel the remote VPN Router or device with which you wish to communicate in the Remote Security Router fields Select from two different types of encryption DES or 3DES 3DES is recommended because it is more secure You may choose either of these but it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel Or you may choose not to encrypt by selecting Disable Select from two types of authentication MD5 and SHA SHA is recommended because it is more secure As with encryption either of these may be selected provided that the VPN device at the other end of the tunnel is using the same type of authentication Or both ends of the tunnel may choose to Disable authentication Select the Key Management Select Auto IKE and enter a series of numbers or letters in the Pre shared Key field Check the box next to PFS Perfect Forward Secrecy to ensure that the initial key exchange and IKE proposals are secure You may use any combination of up to 24 numbers or letters in this field No special characters or spaces are allowed In the Key Lifetime field you may optionall
52. to save the changes or click the Cancel Changes button to undo your changes Help information is shown on the right hand side of a screen For additional information click More WEP WEP is a basic encryption method which is not as secure as WPA To indicate which WEP key to use select the appropriate Default Transmit Key number Then select the level of WEP encryption 64 bits 10 hex digits or 128 bits 26 hex digits Higher encryption levels offer higher levels of security but due to the complexity of the encryption they may decrease network performance Instead of manually entering WEP keys you can enter a Passphrase to generate one or more WEP keys The Passphrase is case sensitive and should have no more than 32 alphanumeric characters If you want to use a Passphrase then enter it in the Passphrase field and click the Generate button If you want to enter the WEP key s manually then enter it in the Key 7 4 field s Do not leave a field blank and do not enter all zeroes they are not valid key values If you are using 64 bit WEP encryption the key must be exactly 10 hexadecimal characters in length If you are using 128 bit WEP encryption the key must be exactly 26 hexadecimal characters in length Valid hexadecimal characters are 0 to 9 and A to F When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes
53. you need to manage your device The site allows you to do the following Change your billing contact person Access online Help files View current and historical usage View revenue generated from usage and commissions Access your past Boingo commission statements View statistical and performance data on your devices Change update the configuration of your devices You can access this site in one of two ways Go directly to http admin hotspot boingo com Go to www boingo com and click the My Account button The site offers three primary screens Login This is the website s entry screen Home This is the initial screen you see after you log in It provides general information and data on all of your live devices as a group Device This displays the system information for the device 71 Wireless G VPN Broadband Router Login To access the Administration site enter your user name and password in the fields provided Then click the Login button Home This is the view displayed when you log in to the Boingo Administration Site It is also the screen you will see whenever you click on Home in the left column The Home screen consists of three primary areas e Main Window white area This screen displays a list of the Hot Spot in a Box devices that you have installed The description includes a ball shaped icon indicating the device s status device s unique identification company name location name descrip
54. your network such as web servers ftp servers e mail Applications amp servers or other specialized Internet applications Specialized Internet applications are any applications that use ES Internet access to perform functions such as videoconferencing or online gaming Some Internet applications may not require any forwarding When users send this type of request to your network via the Internet the Router will forward those requests to n en a Geng A the appropriate PC Any PC whose port is being forwarded must have its DHCP client function disabled and must kass 20962 Pese iP web P g d g d bensgs Ss0i4i Ss014 Sar wweab F have a new static IP address assigned to it because its IP address may change when using the DHCP function Sy ee faemege Sid5ito Ei Gem wech r Port Range Forwarding cee Re Oe EER eo H fcnege 276921 27692 Bens wech r IT o e o ems wwab r Application In this field enter the name you wish to give the application Each name can be up to 12 characters Ex E fre wee r Start End This is the port range Enter the number that starts the port range under Start and the number that ends the range under End Figure 6 37 Applications amp Gaming Tab Protocol Enter the protocol used for this application either TCP or UDP or Both Port Range Forwarding IP Address For each application enter the IP Address of the PC running the specific application Enabled Click the Enabled ch
55. 00 or XP Computer and the Router 101 en a Windows lt en a WINQOWS lt Filter List 2 Router gt win Lik 2x 7 The New Rule Properties screen will appear Select the IP Filter List tab and make sure that win gt Router is highlighted Then click the Add button 8 The P Filter List screen should appear Enter an appropriate name such as Router gt win for the filter list and de select the Use Add Wizard check box Click the Add button Figure D 7 IP Filter List 9 The Filters Properties screen will appear Select the Addressing tab In the Source address field select A qx specific IP Subnet and enter the IP Address 192 168 1 0 and Subnet mask 255 255 255 0 Enter your new l SE Addressing Protocol Description values if you have changed the default settings In the Destination address field select My IP Address Source address fa speciic IP Subnet 0 0 10 If you want to enter a description for your filter click the Description tab and enter the description there IP Address 192 168 1 Subnet mask 255 255 255 Destination address My IF Address T e Mirored Ako match packets wih the exact opposite souca and destination addresses Figure D 8 Filters Properties 11 Click the OK or Close button and the New Rule Properties screen should appear with the IP Filer List tab SE ax selected There should now be a listing for Router gt win and win gt
56. 100 to the number of DHCP users IP Address Range The range of DHCP addresses is displayed here Time Setting This is where you set the time for the Router You can set the time and date manually or automatically Manually Select the date from the Date drop down menus Then enter the time in the Time fields Automatically Select your time zone from the Time Zone drop down menu If you want to enable the Automatic Daylight Savings feature click the Enabled radio button When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes 18 The Setup Tab DDNS The Router offers a Dynamic Domain Name System DDNS feature DDNS lets you assign a fixed host and domain name to a dynamic Internet IP address It is useful when you are hosting your own website FTP server or other server behind the Router Before you can use this feature you need to sign up for DDNS service at one of two DDNS service providers DynDNS org or TZ0 com DDNS If your DDNS service is provided by DynDNS org then select DynDNS org in the drop down menu If your DDNS service is provided by TZO then select TZO0 com The features available on the DDNS screen will vary depending on which DDNS service provider you use DynDNS org User Name Password and Host Name Enter the User Name Password and Host Name of the account you set up with DynDNS org Internet
57. Add Wizard check box Then click the Add button An IP fter kat composed of me ede filters In this way mukipis subnets IF E es and protocol can be combined into one IP fter Figure D 4 IP Filter List 4 The Filters Properties screen will appear Select the Addressing tab In the Source address field select My IP Address In the Destination address field select A specific IP Subnet and fill in the IP Address 192 168 1 0 ee EEA ia and Subnet mask 255 255 255 0 These are the Router s default settings If you have changed these settings enter your new values gt 5 If you want to enter a description for your filter click the Description tab and enter the description there r Destination address A specific IP Subnet z IP Address 168 192 i D Subnetmask 255 255 255 Ol Jh Mirored Ako match packets with the exact opposite source and destnalion addresses Figure D 5 Filters Properties 6 Click the OK button Then click the OK or Close button on the P Filter List window 21x Authentication Methods Tunnel Setting Connection Type IP Filter List Filter Achor The selected IP filter ist species which network trathe will be secured w h this rule IP Fiter Lists Name _ Description AIICMP Traffic Matches all ICMP packets betw AN IP Treffe Matches all IP packets from this win gt router Figure D 6 New Rule Properties
58. Are E hipan farinin hotspot opge pnfieuenbagteteegeg zl ege tks i Zon CO MET SPOT Ko mem Vie Ww E dit settings Ges change theis settings if yeu are cure you need io change tham The default s settings thould werk fer mat a watio reless setings DHCP Server IP TEA DHCP Hetepch ATM DHCP Start IP 1E2155 100 100 DHCP Stop P fise 168 100254 Subkponder le Terao be Prone Serve 6103545 Secondary Server ALED glia DN e neet Figure 7 12 View Edit Settings 66 5 The Your Location Page screen will appear Enter the information that your customers will see on the webpage that they will use to log on to the Internet You can customize the page by adding the name of your Hot Spot a message or description 255 character limit and your company logo Enter the name of your Hot Spot in the Hot Spot Name field In the Hot Spot Description field enter the message you want your customers to see To add a logo save a copy of the logo GIF or JPEG format only to the computer and then click the New button Enter a name or description of the image in the Description field Enter the file name in the field provided or click the Browse button to locate the file After the file is located click the Upload Image button to add it to the web page Click the Preview button to view the web page that includes the information you have added A sample webpage is shown on the right When finished click the Continue button to
59. CD ROM then follow the steps in this chapter and use the Router s Web based Utility to configure the Router For advanced users you may configure the Router s advanced settings through the Web based Utility This chapter will describe each web page in the Utility and each page s key functions The Utility can be accessed via your web browser through use of a computer connected to the Router For a basic network setup most users only have to use the following screens of the Utility Basic Setup On the Basic Setup screen enter the settings provided by your ISP Management Click the Administration tab and then the Management tab The Router s default password is admin To secure the Router change the Password from its default There are seven main tabs Setup Wireless Security Access Restrictions Applications amp Gaming Administration and Status Additional tabs will be available after you click one of the main tabs Setup e Basic Setup Enter the Internet connection and network settings on this screen e DDNS On this screen enable the Router s Dynamic Domain Name System DDNS feature e MAC Address Clone If you need to clone a MAC address onto the Router use this screen e Advanced Routing On this screen configure the dynamic and static routing configuration e Hot Spot To enable the Hot Spot in a Box feature and turn your Router into a commercial Hot Sport register with your Hot Spot service provider on this scre
60. EP used in coordination with a RADIUS server This should only be used when a RADIUS server is connected to the Router First enter the RADIUS server s IP address and port number in the RADIUS Server IP Address and RADIUS Server Port fields Enter the key shared between the Router and the server in the Shared Secret field To indicate which WEP key to use select the appropriate Default Transmit Key number Then select the level of WEP encryption 64 bits 10 hex digits or 128 bits 26 hex digits Higher encryption levels offer higher levels of security but due to the complexity of the encryption they may decrease network performance Instead of manually entering WEP keys you can enter a Passphrase to generate one or more WEP keys The Passphrase is case sensitive and should have no more than 32 alphanumeric characters If you want to use a Passphrase then enter it in the Passphrase field and click the Generate button If you want to enter the WEP key s manually then enter it in the Key 7 4 field s Do not leave a field blank and do not enter all zeroes they are not valid key values If you are using 64 bit WEP encryption the key must be exactly 10 hexadecimal characters in length If you are using 128 bit WEP encryption the key must be exactly 26 hexadecimal characters in length Valid hexadecimal characters are 0 to 9 and A to F When you have finished making changes to the screen click the Save Settings button
61. FREIER The Coffee Uap Campeny he effes Irap Linier Se fani center Sergz aes A Figure 7 19 Home 12 e Nav Log out Use this screen to log you out of the Boingo Administration Site Help This screen provides additional information igation Bar at the Top The links in the top navigation bar vary depending on the view selected These links may include the following Usage Revenue Month to date This shows usage revenue from the beginning of the month to the current day The chart will show the number of connections from Boingo Subscription users and from As You Go users It will also show the total revenue from each group and the total revenue for the time period Usage Revenue Total Since Install Date This screen shows the same information as above but the time period will range from the initial device installation date to the current date Usage Revenue Date Range It shows the same information as above but the time period will be based on a range of dates set by the user Sales Commissions This shows the total number of Boingo subscription sign ups that have come through your device Past Statements See electronic versions of the monthly commission statements that Boingo will send to you each month Device This is the view that you see when you Click on a device The Device view screen consists of three primary areas e Main Window white area When you select a specific device the main window will di
62. IP Address The Router s current Internet IP Address is displayed here Because it is dynamic it will change Status The status of the DDNS service connection is displayed here When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More TZ0 com Email TZO Password Key and Domain Name Enter the Email Address TZO Password Key and Domain Name of the service you set up with TZO Internet IP Address The Router s current Internet IP Address is displayed here Because it is dynamic this will change Status The status of the DDNS service connection is displayed here When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes hantar A Coan reauntit eg d Is a Mira J ACC gt V DAI BraS el kK Ann ll Te tar Unapter D coni UY Urine Jl ne Wireless G VPI d DIOOOUOI d R OUTS The Setup Tab DDNS ddns allows the hosting of a website FTP server or e mail server with a fixed domain name e g Wwww xyz com and a dynamic IP address Wireless G VPM Rooter ee satinda Caneel Chamgee A Iren of Osoa Systems inc Setup aco Swert Sero E Cancel Changes Figure 6 7 DDNS Tab TZ0 com 19 The Setup Tab MAC Address Clone The Router s MAC address is a 12 digit c
63. LINKSYS A Division of Cisco Systems Inc 2AGHz Cisco SYSTEMS Model No WRYV54G Copyright and Trademarks Specifications are subject to change without notice Linksys is a registered trademark or trademark of Cisco systems Inc and or its affiliates in the U S and certain other countries Copyright 2006 Cisco Systems Inc All rights reserved Other brands and product names are trademarks or registered trademarks of their respective holders WARNING This product contains chemicals including lead known to the State of California to cause cancer and birth defects or other reproductive harm Wash hands after handling How to Use this Guide This User Guide has been designed to make understanding networking with the Router easier than ever Look for the following items when reading this User Guide This checkmark means there is a note of interest and is something you should pay special attention to while using the Router This exclamation point means there is a caution or warning and is something that could damage your property or the Router This question mark provides you with a reminder about something you might need to do while using the Router gt gt p gt In addition to these symbols there are definitions for technical terms that are presented like this word definition Also each figure diagram screenshot or other image is provided with a figure number and description like this Fig
64. No Connection 116 Appendix F Finding the MAC Address and IP Address for Your Ethernet Adapter This section describes how to find the MAC address for your computer s Ethernet adapter so you can use the MAC filtering and or MAC address cloning feature of the Router You can also find the IP address of your computer s Ethernet adapter This IP address is used for the Router s filtering forwarding and or DMZ features Follow the steps in this appendix to find the adapter s MAC or IP address in Windows 98 Me 2000 or XP Windows 98 or Me Instructions 1 Click Start and Run In the Open field enter winipcfg Then press the Enter key or the OK button 2 When the P Configuration screen appears select the Ethernet adapter you have connected to the Router via a CAT 5 Ethernet network cable 3 Write down the Adapter Address as shown on your computer screen This is the MAC address for your Ethernet adapter and is shown as a series of numbers and letters The MAC address Adapter Address is what you will use for MAC address cloning or MAC filtering On the MAC Address Adapter Address screen the example shows the Ethernet adapter s IP address as 192 168 1 100 Your computer may show something different f Note The MAC address is also called the Adapter Address Is Ethemet Adapter Information Linksys LNE100TX Fast Etherne sl inksvs LNE 100TX Fast Ethernet d IPAddress 192 168 1 45 SubnetMask
65. O AYOOGCATE TO TTOOION 131 Wireless G VPN Broadband Router Francais French Informations environnementales pour les clients de l Union europ enne La directive europ enne 2002 96 CE exige que l quipement sur lequel est appos ce symbole sur le produit et ou son emballage ne soit pas jet avec les autres ordures m nag res Ce symbole indique que le produit doit tre limin dans un circuit distinct de celui pour les d chets des m nages Il est de votre responsabilit de jeter ce materiel ainsi que tout autre materiel lectrique ou lectronique par les moyens de collecte indiqu s par le gouvernement et les pouvoirs publics des collectivites territoriales L elimination et le recyclage en bonne et due forme ont pour but de lutter contre l impact n faste potentiel de ce type de produits sur l environnement et la sant publique Pour plus d informations sur le mode d elimination de votre ancien equipement veuillez prendre contact avec les pouvoirs publics locaux le service de traitement des d chets ou l endroit ou vous avez achet le produit Italiano Italian Informazioni relative all ambiente per i clienti residenti nell Unione Europea La direttiva europea 2002 96 EC richiede che le apparecchiature contrassegnate con questo simbolo sul prodotto e o sul imballaggio non siano smaltite insieme ai rifiuti urbani non differenziati I simbolo indica che questo prodotto non deve essere smaltito insieme ai normali rif
66. Open field type cmd Press the Enter key or click the OK button In the command prompt type ping 192 168 1 1 and press the Enter key If you get a reply the computer is communicating with the Router If you do NOT get a reply please check the cable and make sure Obtain an IP address automatically is selected in the TCP IP settings for your Ethernet adapter In the command prompt type ping followed by your Internet or WAN IP address and press the Enter key The Internet or WAN IP Address can be found on the Status screen of the Router s web based utility For example if your Internet or WAN IP address is 1 2 3 4 you would enter ping 1 2 3 4 and press the Enter key If you get a reply the computer is connected to the Router If you do NOT get a reply try the ping command from a different computer to verify that your original computer is not the cause of the problem In the command prompt type ping www yahoo com and press the Enter key If you get a reply the computer is connected to the Internet If you cannot open a webpage try the ping command from a different computer to verify that your original computer is not the cause of the problem If you do NOT get a reply there may be a problem with the connection Try the ping command from a different computer to verify that your original computer is not the cause of the problem 4 lam not getting an IP address on the Internet with my Internet connection Refer to Problem 3
67. Performance screen displays status information about network traffic for the Internet wireless activities and wired connectivity system Performance Internet Wireless Statistics for the network traffic on the Internet connection and wireless connectivity are shown in two separate columns IP Address The IP address of the Router s interface is displayed here MAC Address The MAC address of the Router s interface is shown here Connection The status of the connection is shown here Packets Received The number of packets received is displayed here Packets Sent The number of packets sent is displayed here Bytes Received The number of bytes received is shown here Bytes Sent The number of bytes sent is shown here Error Packets Received The number of error packets received is displayed here Dropped Packets Received The number of dropped packets received is displayed here LAN Statistics for the network traffic on each of the four LAN ports are shown in four separate columns IP Address The IP address of the Router s interface is displayed here MAC Address The MAC address of the Router s interface is shown here Connection The status of the connection is shown here Packets Received The number of packets received is displayed here Chapter 6 Configuring the Wireless G VPN Broadband Router The Status Tab System Performance Status Miche i clon Sart iniarmnri Address ba 1 at EE MAC Agkeeg
68. R AKGRIERENZ ee chim Aorsspenr carefully before signing up ta be a Rot por Operator SE itis conditions af this Agrtemrnt shall govern the relationship nig cari Son a Boe por Operator Tou of Kic aad Brisgo Wirelsss Inc Aoip azn GC is is qhe bbe yru appes Do be bound by Lhi Agreement aed Le gent to Boingo and ita v temgrp Ecce En your Hot Spot Im conmideretion of the mutual promises and f LE conkaiaed berein tbe partias enee intendiag te be legally boumi ep neige lard ahead a arh PAE TA TOR TA team od le a pH n a Baad Agama tret Tia ba ania a aa EH cerebberd of then Hot Seek o 8 Booli grepeard cepeedeis ace warrants thal ay are dole eonced fa de 0 recat rues os A kreeg Figure 7 3 Operator Agreement TF Tina Marie p oa Vial keen Fb irish Seated resell pelea wet Re ll x De DR Sen frim T ep e EE OAI Bown iremen EE H A bii a erm A pti dhedhi eel het beens Z etr ies geg mi be pert lo Iha piron belted bales Pepi marbad h Aen SES C ara ees Tan e Steuer e Bebia Dereyi wil E aipe pou Z ragpct tat fer r ng dei Enn Pape Tel Humber TAHE Fau Humber a DE elire D D ea Figure 7 4 Business Contact Information 62 5 The Credit Card Information screen will appear Enter the Name Address City State and Zip Code Then select the appropriate Card Type Enter the Card Number and select the Expiration Date When finished click the Continue button You will be charg
69. R IMPLIED CONDITIONS REPRESENTATIONS AND WARRANTIES INCLUDING ANY IMPLIED WARRANTY OF NON INFRINGEMENT ARE DISCLAIMED Some jurisdictions do not allow limitations on how long an implied warranty lasts so the above limitation may not apply to You This warranty gives You specific legal rights and You may also have other rights which vary by jurisdiction This warranty does not apply if the Product a has been altered except by Linksys b has not been installed operated repaired or maintained in accordance with instructions supplied by Linksys or c has been subjected to abnormal physical or electrical stress misuse negligence or accident In addition due to the continual development of new techniques for intruding upon and attacking networks Linksys does not warrant that the Product will be free of vulnerability to intrusion or attack TO THE EXTENT NOT PROHIBITED BY LAW IN NO EVENT WILL LINKSYS BE LIABLE FOR ANY LOST DATA REVENUE OR PROFIT OR FOR SPECIAL INDIRECT CONSEQUENTIAL INCIDENTAL OR PUNITIVE DAMAGES REGARDLESS OF THE THEORY OF LIABILITY INCLUDING NEGLIGENCE ARISING OUT OF OR RELATED TO THE USE OF OR INABILITY TO USE THE PRODUCT INCLUDING ANY SOFTWARE EVEN IF LINKSYS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN NO EVENT WILL LINKSYS LIABILITY EXCEED THE AMOUNT PAID BY YOU FOR THE PRODUCT The foregoing limitations will apply even if any warranty or remedy provided under this Agreement fails of its essent
70. R et Set m e Linka Aj wija l hi par iege D ROHN 1 MUS HOTELS Aarts SIGN UP ont ay km ire Chay CEI bF 8 Bieg Lei w Weu 8 ri A Prt rain ge n Hr Fo Pai cote hap ie hiia r hn aah JA Zone peed berm the a ps n ered thes reds of other pd D h scha ip Pr ety ILP rees ls rieri Lei bie Bipi riy 1 Sp gideeee f Leen 8 Faahi pret ote Fee LE pen p Wa ri bhp mpih j erect P Ben sl ba RE Sa cate el pred Fea tet ks aisen rass pre AN Se 1 ated dee ed 9 br Kaze Figure 7 14 Sample Page 67 6 The Free Access for Friends and Family screen will appear Use this feature to set up free Internet access accounts through the Hot Spot in a Box device for your family friends and employees You will need the MAC Address of the wireless adapter or card for each computer that will be used The MAC Address is usually located on the adapter s label or the bottom of the notebook computer For each user enter the MAC Address in the MAC ID for User field When finished click the Continue button You can cet up free acoeunts for Gi teiends and employers be access the Intervet ot bn a Bom device without s Binge scene by adding the MAC ID af aaeh of e cord con wrwally ker found on the W E Eh a huit in WiFi card th Ga Touagd an apbep r In th upttntafloan that caene with the m ch bine I you be ep Katk p ec eee Ka MAC ID for a device plenge Costart the device manufacturer or call Spinan at i D H perrons WI ca
71. SA under which a packet should be processed Hexadecimal values is acceptable and the valid range is 100 ffffffff Each tunnel must have a unique Inbound SPI and Outbound SPI No two tunnels share the same SPI The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel and vice versa Status The status information for the Router s VPN tunnels is displayed here Click the Disconnect button to terminate the VPN connection When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More 34 Advanced VPN Tunnel Setup Click the Advanced VPN Tunnel Setup button and the Advanced VPN Tunnel Setup screen will appear These advanced IPSec settings are for advanced users Phase 1 Phase 1 is used to create a security association SA often called the IKE SA After Phase 1 is completed Phase 2 is used to create one or more IPSec SAs which are then used to key IPSec sessions Operation Mode There are two modes Main and Aggressive and they exchange the same IKE payloads in different sequences Main mode is more common however some people prefer Aggressive mode because It is faster Main mode is for normal usage and includes more authentication requirements than Aggressive mode Main mode is recommended because it is more secure No matter which mode is selected the VPN Router will acc
72. ab E Emal pewirelens oofee thon i g Bere 2 e ine F Figure 7 10 Onsite Contact 65 Wireless G VPN Broadband Router 3 The Device Configuration screen will appear Most Hot Spot operators will not need to change the default settings To view or edit the settings click View Settings When finished click the Continue button 4 If you click the View Settings button the View Edit Settings screen will appear The Wireless Settings Network Settings and DNS Settings are listed Do not change the settings unless you are sure that they need to change Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses Getting Started act Conte apen Marosoft bermet Tegleer wll 8 De Cp en T epe por pp DI Bek A 2 2 ZD oech Alteecte Zon A Ze A 7 2 A n ien KE Matpa lan bereet bongo fe ebeg eenbeger E Seele sconce Fee 2 Setup Step 3 of G Device Configuration i Please enter the configuratben ieformation fer thii device Bol han pre comigured this de neice for P rou with the typical e Piha inge Hot Spee in in a Ben devic t r will not need to edie betting To view the default oettings orto edit them plepne click on Vien Settings en ES Ayt aber tingi wledd pou keer Changed perd te be miade for peur igecthe device zetop zl lege DN interes Figure 7 11 Device Configuration al jxj De git We P o eter Jools Hip E ik d 2 Gee e Gee A A A 7 28
73. access control What is WEP WEP is Wired Equivalent Privacy a data privacy mechanism based on a 64 bit or 128 bit shared key algorithm as described in the IEEE 802 11 standard What is a MAC Address The Media Access Control MAC address is a unique number assigned by the manufacturer to any Ethernet networking device such as a network adapter that allows the network to identify it at the hardware level For all practical purposes this number is usually permanent Unlike IP addresses which can change every time a computer logs onto the network the MAC address of a device stays the same making it a valuable identifier for the network How do I reset the Router Press the Reset button on the back panel for about ten seconds This will reset the Router to its default settings How do I resolve issues with signal loss There is no way to know the exact range of your wireless network without testing Every obstacle placed between the Router and a wireless PC will create signal loss Lead glass metal concrete floors water and walls will inhibit the signal and reduce range Start with the Router and your wireless PC in the same room and move it away in small increments to determine the maximum range in your environment You may also try using different channels as this may eliminate interference affecting only one channel I have excellent signal strength but cannot see my network WEP is probably enabled on the Router but not on yo
74. addresses 122 DMZ Demilitarized Zone Removes the Router s firewall protection from one PC allowing it to be seen from the Internet DNS Domain Name Server The IP address of your ISP s server which translates the names of websites into IP addresses Domain A specific name for a network of computers Download To receive a file transmitted over a network DSL Digital Subscriber Line An always on broadband connection over traditional phone lines Dynamic IP Address A temporary IP address assigned by a DHCP server EAP Extensible Authentication Protocol A general authentication protocol used to control network access Many specific authentication methods work within this framework Encryption Encoding data transmitted in a network Ethernet IEEE standard network protocol that specifies how data is placed on and retrieved from a common transmission medium Firewall A set of related programs located at a network gateway server that protects the resources of a network from users from other networks Firmware The programming code that runs a networking device FTP File Transfer Protocol A protocol used to transfer files over a TCP IP network Full Duplex The ability of a networking device to receive and transmit data simultaneously Gateway A device that interconnects networks with different incompatible communications protocols Half Duplex Data transmission that can occur in two direction
75. assword admin and click the Administrations gt Management tab 2 Enter a different password in the Router Password field and enter the same password in the second field to confirm the password 3 Click the Save Settings button 11 1 am a PPPoE user and I need to remove the proxy settings or the dial up pop up window If you have proxy settings you need to disable these on your computer Because the Router is the gateway for the Internet connection the computer does not need any proxy settings to gain access Please follow these directions to verify that you do not have any proxy settings and that the browser you use is set to connect directly to the LAN e For Microsoft Internet Explorer 5 0 or higher Click Start Settings and Control Panel Double click Internet Options Click the Connections tab Click the LAN settings button and remove anything that is checked Click the OK button to go back to the previous screen Click the option Never dial a connection This will remove any dial up pop ups for PPPoE users e For Netscape 4 7 or higher 1 Start Netscape Navigator and click Edit Preferences Advanced and Proxies 2 Make sure you have Direct connection to the Internet selected on this screen 3 Close all the windows to finish owns 12 To start over need to set the Router to factory default Hold the Reset button for 10 seconds and then release it This will return the password forwarding and other settings on the Ro
76. ata becomes open to hackers using a variety of methods to steal not only the data you are transmitting but also your network login and security data Some of the most common methods are as follows 1 MAC Address Spoofing Packets transmitted over a network either your local network or the Internet are preceded by a packet header These packet headers contain both the source and destination information for that packet to transmit efficiently A hacker can use this information to spoof or fake a MAC address allowed on the network With this spoofed MAC address the hacker can also intercept information meant for another user 2 Data Sniffing Data sniffing is a method used by hackers to obtain network data as it travels through unsecured networks such as the Internet Tools for just this kind of activity such as protocol analyzers and network diagnostic tools are often built into operating systems and allow the data to be viewed in clear text 3 Man in the middle attacks Once the hacker has either sniffed or spoofed enough information he can now perform a man in the middle attack This attack is performed when data is being transmitted from one network to another by rerouting the vpn virtual private network a security measure to protect data as it leaves one network and goes to another over the Internet packet a unit of data sent over a network data to a new destination Even though the data is not received by its i
77. ation on what port services to use is to go to the website of the online game or application you want to use Follow these steps to set up online game hosting or use a certain Internet application 1 Access the Router s web interface by going to http 192 168 1 1 or the IP address of the Router Go to the Applications and Gaming gt Port Forwarding tab 82 2 Enter any name you want to use for the Customized Application 3 Enter the External Port range of the service you are using For example if you want to host Unreal Tournament UT you would enter the range 7777 to 27900 4 Check the protocol you will be using TCP and or UDP 5 Enter the IP address of the PC or network device that you want the port server to go to For example if the web server s Ethernet adapter IP address is 192 168 1 100 you would enter 100 in the field provided Check Appendix F Finding the MAC Address and IP Address for Your Ethernet Adapter for details on getting an IP address 6 Check the Enable option for the port services you want to use Consider the example below Application Start and End IP Address Enabled aE a E E a R PC Anywhere 5631 to 5631 mm o 192 168 1 102 VPN IPSEC 500 to 500 UDP 192 168 1 100 When you have completed the configuration click the Save Settings button 9 I can t get the Internet game server or application to work If you are having difficulties getting any Internet game server or application to
78. b Advanced VPN Tunnel Setup Tunnel 1 Phase 1 Operation Mode Main SZ Proposal Encryption DES gt nhani MOS SR Group 768 bit Key Life Time 3600 Note Following three additional proposals are also proposed in Main mode DES M05 768 IDES SHA 1024 and SDES MO5 1024 Phase 2 Proposal Encryption 3DES Authentication GA PFS Enabled Group 1024 bit e Key Life Time 28000 Other Options T NetBIOS broadcast M Anti replay a Keep Alive I if IKE failed more than k times block this unauthorized IP for en seconds Figure E 9 Advanced Tunnel Setup Screen 114 Wireless G VPN Broadband Router 3 Enter the username in the Username field A Dreem of Caco Synem ke 4 Enter the password in the Password field and enter it again in the Re enter to confirm field Wireless G VPN Router Access Restrictions 5 Click the Add Save button 6 Click the Active checkbox for VPN Client No 1 7 Click the Save Settings button Configuring the QuickVPN Settings for the VPN Client Figure E 10 Access Restrictions VPN Client Access Screen notebook with QuickVPN installed as Figure E 12 QuickVPN Desktop Icon NOTE The VPN client is a Windows desktop PC or Linksys VPN Client VPN Client Figure E 11 Diagram of VPN Tunnel between VPN Router 1 and VPN Client S i s yle Name lipse n 1 Activate the high speed Internet connection on the VPN client
79. based utility by going to http 192 168 1 1 or the IP address of the Router Go to the Applications and Gaming gt Port Forwarding tab Enter any name you want to use for the Customized Application Enter the External Port range of the service you are using For example if you have a web server you would enter the range 80 to 80 Check the protocol you will be using TCP and or UDP Enter the IP address of the PC or network device that you want the port server to go to For example if the web server s Ethernet adapter IP address is 192 168 1 100 you would enter 100 in the field provided Check Appendix F Finding the MAC Address and IP Address for Your Ethernet Adapter for details on getting an IP address Check the Enable option for the port services you want to use Consider the example below Application Start and End IP Address Enabled POP3 incoming 110 to 110 192 168 1 102 When you have completed the configuration click the Save Settings button 8 need to set up online game hosting or use other Internet applications If you want to play online games or use Internet applications most will work without doing any port forwarding or DMZ hosting There may be cases when you want to host an online game or Internet application This would require you to set up the Router to deliver incoming packets or data to a specific computer This also applies to the Internet applications you are using The best way to get the inform
80. ber of times IKE must fail before the Router blocks that unauthorized IP address Then specify how many seconds you want the unauthorized IP address to be blocked When you have finished making changes to this screen click the Save Settings button to save the changes or click the Gancel Changes button to undo your changes 36 The Access Restrictions Tab Internet Access The nternet Access screen allows you to block or allow specific kinds of Internet usage and traffic such as Internet access designated services websites and inbound traffic during specific days and times Internet Access Policy Access can be managed by a policy Use the settings on this screen to establish an access policy after the Save Settings button is clicked Selecting a policy from the drop down menu will display that policy s settings To delete a policy select that policy s number and click the Delete button To view all the policies click the Summary button Status Policies are disabled by default To enable a policy select the policy number from the drop down menu and Click the radio button beside Enable You can create two kinds of policies one kind to manage Internet access and another kind to manage inbound traffic To create an Internet Access Policy 1 2 Select a number from the Internet Access Policy drop down menu To enable this policy click the radio button beside Enable Enter a Policy Name in the field provided Select
81. connect the service after a period of inactivity just like a normal phone dial up connection to the Internet e There is a setup option to keep alive the connection This may not always work so you may need to re establish connection periodically 1 To connect to the Router go to the web browser and enter http 192 168 1 1 or the IP address of the Router Enter the password if asked The default password is admin On the Setup screen select the option Keep Alive and set the Redial Period option at 20 seconds Click the Save Settings button Click the Status tab and click the Connect button You may see the login status display as Connecting Press the F5 key to refresh the screen until you see the login status display as Connected e Click the Save Settings button to continue e ifthe connection is lost again follow steps 1 6 to re establish connection CAE e Da 16 I can t access my e mail web or VPN or am getting corrupted data from the Internet The Maximum Transmission Unit MTU setting may need to be adjusted By default the MTU is set at 1500 For most DSL users it is strongly recommended to use MTU 1492 e If you are having some difficulties perform the following steps 1 To connect to the Router go to the web browser and enter http 192 168 1 1 or the IP address of the Router 2 Enter the password if asked The default password is admin 3 Look for the MTU option and select Manual In the Size fiel
82. continue with the setup Dt ent Sebup Hep 4 ol Gi Pour Locate Page Microbe internet Eeplorer alpaj Bie ER Gen Ppote Tos Dee BOINGO H h SEET er FW A Bos etup Step 4 of 6 t Your Lecetion Page la the meb page Four Cu tonmerg cee when they Tirst consect te your Het Geet They sill be able te log ante the internet theeugh the page by eateriag thelr username and p tzenrd They will alee be able te sige up fer Goings service The page can be cusbomined with the fellawing information Het Spot Mame ii a required field Hot Spa Hame Coflne Shap 23 cher regar imi ge ndhoag ac t a free cup of coffee with every pound of offese beans purchased Rat Spee Dercraban Si 255 character bung cluding spaces Lage i Lgj Dera e nen Figure 7 13 Your Location Page tomas Hot pot a Bont alaisi wie Gi ew AAE EN emi gpg Beek rece Grete A Ze gad en Lei eter hotspot berg OOOO E e The Coffee Shop A ho 7 ersten cug of colton wth avery sound ef cotit beans purchased What is BOINGO Wireless t pms CONNECT FOR A DAY i i dust 7 95 oD tet eo ie Pees gei gf eg D Fo ee on Pa P gr gen ge re hig crepe hip linet hag ap ege Dim ated bal ber ls ee cee Di d hom Peep gra ch TR JT Pach D n abi Lig gor glbt bee ete N Ha ok a Boingo Monthly Subtonpiion Zog s i EN en sary red Ge ae Leg TE ore leschen ef Bargo sighed roa at He Areg C IE
83. ct your PCs against intruders and most known Internet attacks Its Virtual Private Network VPN function creates encrypted tunnels through the Internet so up to 50 remote or traveling users can securely connect to your office network from off site or users in your branch office can connect to a corporate network All of these security features as well as full configurability are accessed through the easy to use browser based utility But what does all of this mean Networks are useful tools for sharing computer resources You can access one printer from different computers and access data located on another computer s hard drive Networks are even used for playing multiplayer video games So networks are not only useful in homes and offices they can also be fun PCs on a wired network create a LAN or Local Area Network They are connected with Ethernet cables which is why the network is called wired PCs equipped with wireless cards or adapters can communicate without cumbersome cables By sharing the same wireless settings within their transmission radius they form a wireless network The Wireless G VPN Broadband Router bridges wireless networks of both 802 11b and 802 119 standards and wired networks allowing them to communicate with each other With your networks all connected wired wireless and the Internet you can now share files and Internet access and even play games All the while the Wireless G VPN Broadband Rou
84. ctivex filtering click Enabled Filter Multicast Multicasting allows for multiple transmissions to specific recipients at the same time If multicasting is permitted then the Router will allow IP multicast packets to be forwarded to the appropriate computers Select Enabled to filter multicasting or Disabled to disable this feature Block WAN Requests Block Anonymous Internet Requests This keeps your network from being pinged or detected and reinforces your network security by hiding your network ports so it is more difficult for intruders to work their way into your network Select Enabled to block anonymous Internet requests or Disabled to allow anonymous Internet requests When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes Help information is shown on the right hand side of a screen For additional information click More A Divison of Osce Spitters e Wireless G VPH Router Security Figure 6 20 Security Tab Firewall spi stateful packet inspection firewall A technology that inspects incoming packets of information before allowing them to enter the network 30 The Security Tab VPN Virtual Private Networking VPN is a security measure that basically creates a secure connection between two remote locations This connection is very specific as far as its settings are concerned this is what creates
85. d To disable the Software DMZ feature select Disabled DMZ Host IP Address To expose one PC enter the computer s IP address To get the IP address of a computer refer to Appendix F Finding the MAC Address and IP Address for Your Ethernet Adapter Deactivate DMZ by entering a 0 in the field Hardware DMZ This feature allows a user to use LAN Port 4 as a DMZ port To use this feature select Enabled To disable the Hardware DMZ feature select Disabled Hardware DMZ IP Address Enter the IP Address of the local computer Hardware DMZ Netmask Enter the Netmask also known as Subnet Mask of the local computer Destination IP Address Enter the IP Address of the destination Subnet Mask Enter the Subnet Mask of the destination Default Gateway Enter the IP address of the Default Gateway metric Enter the metric in the field provided When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More L A Devtsion of Onco Siem inc Applications amp Gaming Figure 6 40 Applications amp Gaming Tab DMZ 44 The Administration Tab Management The Management screen allows you to change the Router s access settings as well as configure the SNMP and UPnP Universal Plug and Play features Router Password Local Router Access To ensure the Router s security you will be asked
86. d enter 1492 4 Click the Save Settings button to continue 85 e f your difficulties continue change the Size to different values Try this list of values one value at a time in this order until your problem is solved 1462 1400 1362 1300 17 The Power LED flashes continuously The Power LED lights up when the device is first powered up Meantime the system will boot up itself and check for proper operation After finishing the checking procedure the LED remains steady to show that the system is working fine If the LED continues to flash after this time the device is not working properly Try to flash the firmware by assigning a static IP address to the computer and then upgrade the firmware Try using the following settings IP Address 192 168 1 50 and Subnet Mask 255 255 255 0 18 When I enter a URL or IP address I get a time out error or am prompted to retry e Check if other PCs work If they do ensure that your workstation s IP settings are correct IP Address subnet Mask Default Gateway and DNS Restart the computer that is having a problem e Ifthe PCs are configured correctly but still not working check the Router Ensure that it is connected and powered on Connect to it and check its settings If you cannot connect to it check the LAN and power connections e Ifthe Router is configured correctly check your Internet connection DSL cable modem etc to see if it is working correctly You can remove the Ro
87. d kfeldolgoz si szolg lattal vagy azzal zlettel ahol a term ket v s rolta 132 Wireless G VPN Broadband Router Nederlands Dutch Milieu informatie voor klanten in de Europese Unie De Europese Richtlijn 2002 96 EC schrijft voor dat apparatuur die is voorzien van dit symbool op het product of de verpakking niet mag worden ingezameld met niet gescheiden huishoudelijk afval Dit symbool geeft aan dat het product apart moet worden ingezameld U bent zelf verantwoordelijk voor de vernietiging van deze en andere elektrische en elektronische apparatuur via de daarvoor door de landelijke of plaatselijke overheid aangewezen inzamelingskanalen De juiste vernietiging en recycling van deze apparatuur voorkomt mogelijke negatieve gevolgen voor het milieu en de gezondheid Voor meer informatie over het vernietigen van uw oude apparatuur neemt u contact op met de plaatselijke autoriteiten of afvalverwerkingsdienst of met de winkel waar u het product hebt aangeschaft Norsk Norwegian Milj informasjon for kunder i EU EU direktiv 2002 96 EF krever at utstyr med f lgende symbol avbildet p produktet og eller pakningen ikke m kastes sammen med usortert avfall Symbolet indikerer at dette produktet skal h ndteres atskilt fra ordin r avfallsinnsamling for husholdningsavfall Det er ditt ansvar a kvitte deg med dette produktet og annet elektrisk og elektronisk avfall via egne innsamlingsordninger slik myndighetene eller kommunene bestemmer Kor
88. d registers its address Communications between end node and host computer can then be transmitted up and down the backbone As the user moves on the end node s RF transmitter regularly checks the system to determine whether it is in touch with the original access point or whether it should seek a new one When a node no longer receives acknowledgment from its original access point it undertakes a new search Upon finding a new access point it then re registers and the communication process continues What is ISM band The FCC and their counterparts outside of the U S have set aside bandwidth for unlicensed use in the ISM Industrial Scientific and Medical band Spectrum in the vicinity of 2 4 GHz in particular is being made available worldwide This presents a truly revolutionary opportunity to place convenient high speed wireless capabilities in the hands of users around the globe What is Spread Spectrum Spread Spectrum technology is a wideband radio frequency technique developed by the military for use in reliable secure mission critical communications systems It is designed to trade off bandwidth efficiency for reliability integrity and security In other words more bandwidth is consumed than in the case of narrowband transmission but the trade off produces a signal that is in effect louder and thus easier to detect provided that the receiver knows the parameters of the spread spectrum signal being broadcast If a receiver is
89. dministration Tab Management The Administration Tab Log The Administration Tab Diagnostics The Administration Tab Factory Defaults The Administration Tab Firmware Upgrade The Status Tab Router The Status Tab Local Network The Status Tab System Performance The Status Tab VPN Clients Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses Program Overview Simple Hot Spot in a Box Program How the Boingo Hot Spot in a Box Feature Impacts the Linksys Wireless G Broadband Router Excellent Customer Support Getting Started Administration Site Appendix A Troubleshooting Common Problems and Solutions Frequently Asked Questions Appendix B Wireless Security Security Precautions Security Threats Facing Wireless Networks Appendix C Using the Linksys QuickVPN Software for Windows 2000 or XP 97 Overview 97 Before You Begin 97 Installing the LInksys QuickVPN Software 97 Using the Linksys QuickVPN Software 98 Appendix D Configuring IPSec between a Windows 2000 or XP Computer and the Router 99 Introduction 99 Environment 99 How to Establish a Secure IPSec Tunnel 100 Appendix E Configuring VPN Tunnels 110 Overview 110 Before You Begin 110 Configuring the VPN Settings for the VPN Routers 111 Configuring the Key Management Settings 113 Configuring PC 1 and PC 2 114 Connecting a VPN Client 114 Appendix F Finding the MAC Address and IP Address for Your Ethernet Adapter 117 Windows 98 or Me
90. dvanced VPN Tunnel Setup Sere Sette Cancel Chenoce Figure E 4 Security VPN Screen VPN Tunnel 111 e Ai esenl ege C UDA Denadhand Daitar Wireless G VPN Broa d band Router Configuring VPN Router 2 Follow similar instructions for VPN Router 2 10 11 12 Launch the web browser for a networked PC designated PC 2 Enter the VPN Router s local IP address in the Address field default is 192 168 1 1 Then press Enter A password request page will appear Non Windows XP users will see a similar screen Complete the User Name and Password fields admin is the default user name and password Then click the OK button The first screen that appears will be the Basic Setup screen For the Internet Connection Type select Automatic Configuration DHCP Click the Security tab Click the VPN tab For the VPN Tunnel setting select Enabled Enter a name in the Tunnel Name field For the Local Secure Group select Subnet Enter VPN Router 2 s local network settings in the P Address and Mask fields For the Remote Secure Group select Subnet Enter VPN Router 1 s local network settings in the P Address and Mask fields For the Remote Secure Gateway select IP Addr Enter VPN Router 1 s WAN IP address in the P Address field Click the Save Settings button internet Setup internet Connection Type Automatic Configuration DHCP D Figure E 5 Setup Basic Setup Internet Setup Lea
91. e WAN Connections Network Access This indicates the type of Internet connection you are using Login Status The status of the connection is displayed only for PPPoE or PPTP connections For these dial up style connections there is a Connect button to click if there is no connection and you want to establish an Internet connection WAN IP Address The Router s Internet IP Address is displayed here Subnet Mask and Default Gateway The Router s Subnet Mask and Default Gateway address are displayed here for DHCP and static IP connections DNS Shown here are the DNS Domain Name System IP addresses currently used by the Router DHCP Release Available for a DHCP connection click the DHCP Release button to release the current IP address of the device connected to the Router s Internet port DHCP Renew Available for a DHCP connection click the DHCP Renew button to replace the current IP address of the device connected to the Router s Internet port with a new IP address Click the Refresh button to update the on screen information For help information click More Hordwere Version Sotiwere Vernier MAC Address Local MAC Address System Up Tire Network Accers WAN P Adtest Subnet Mart Deng Ostowny ONS Figure 6 46 Rex 87 2 312 Bc SRO HTS KEE Ke Static IP 63 105 483 17 69 105 81 22 206 12 29 12 206 12 28 12 Status Tab Router 52 Wireless G VPN Broadband Router The Status Tab
92. e IP addresses and other specifics mentioned in this appendix are for illustration purposes only Windows 2000 or Windows XP IP Address 140 111 1 2 lt User ISP provides IP Address this is only an example Subnet Mask 255 255 255 0 WRV54G WAN IP Address 140 111 1 1 lt User ISP provides IP Address this is only an example Subnet Mask 255 255 255 0 LAN IP Address 192 168 1 1 Subnet Mask 255 255 255 0 99 How to Establish a Secure IPSec Tunnel Step 1 Create an IPSec Policy 1 Click the Start button select Run and type secpol msc in the Open field The Local Security Setting screen will appear 2 Right click IP Security Policies on Local Computer Win XP or IP Security Policies on Local Machine Win 2000 and click Create IP Security Policy 3 Click the Next button and then enter a name for your policy for example to_Router Then click Next 4 Deselect the Activate the default response rule check box and then click the Next button 5 Click the Finish button making sure the Edit check box is checked Step 2 Build Filter Lists Filter List 1 win gt Router 1 In the new policy s properties screen verify that the Rules tab is selected Deselect the Use Add Wizard check box and click the Add button to create a new rule 2 Make sure the IP Filter List tab is selected and click the Add button E Local Security Settings ell xj Acton Yew e gt Em AR e ae Tree l Eckert Res
93. e Router I set up an Unreal Tournament Server but others on the LAN cannot join What do I need to do If you have a dedicated Unreal Tournament server running you need to create a static IP for each of the LAN computers and forward ports 7777 7778 7779 7780 7781 and 27900 to the IP address of the server You can also use a port forwarding range of 7777 27900 If you want to use the UT Server Admin forward another port Port 8080 usually works well but is used for remote admin You may have to disable this Then in the UWeb WebServer section of the server ini file set the ListenPort to 8080 to match the mapped port above and ServerName to the IP assigned to the Router from your ISP Can multiple gamers on the LAN get on one game server and play simultaneously with just one public IP address It depends on which network game or what kind of game server you are using For example Unreal Tournament supports multi login with one public IP 87 How do I get Half Life Team Fortress to work with the Router The default client port for Half Life is 27005 The computers on your LAN need to have clientport 2700x added to the HL shortcut command line the x would be 6 7 8 and on up This lets multiple computers connect to the same server One problem Version 1 0 1 6 won t let multiple computers with the same CD key connect at the same time even if on the same LAN not a problem with 1 0 1 3 As far as hosting games the HL se
94. e Siem bec Wireless Set Sethi Caneel Chante Figure 6 19 Wireless Tab Advanced Wireless Settings beacon interval The frequency interval of the beacon which is a packet broadcast by a router to synchronize a wireless network dtim delivery traffic indication message A message included in data packets that can increase wireless efficiency rts request to send A packet sent when a computer has data to transmit The computer will wait for a CTS Clear To Send message before sending data 28 smaller than the preset RTS threshold size the RTS CTS mechanism will not be enabled The Router sends Request to Send RTS frames to a particular receiving station and negotiates the sending of a data frame After receiving an RTS the wireless station responds with a Clear to Send CTS frame to acknowledge the right to begin transmission Fragmentation Threshold In most cases this value should remain at its default value of 2346 It specifies the maximum size for a packet before data is fragmented into multiple packets If you experience a high packet error rate you may slightly increase the Fragmentation Threshold Setting the Fragmentation Threshold too low may result in poor network performance Only minor reduction of the default value is recommended When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help in
95. e same number used in the VPN IP address the Router will have difficulties routing information to the right location If you change the Router s IP address to 192 168 2 1 that should solve the problem Change the Router s IP address through the Setup tab of the web interface If you assigned a static IP address to any computer or network device on the network you need to change its IP address accordingly to 192 168 2 Y Y being any number from 1 to 254 Note that each IP address must be unique within the network Your VPN may require port 500 UDP packets to be passed to the computer that is connecting to the IPSec server Refer to Problem 8 need to set up online game hosting or use other Internet applications for details Check the Linksys website for more information at www linksys com 81 7 need to set up a server behind my Router and make it available to the public To use a server like a web ftp or mail server you need to know the respective port numbers they are using For example port 80 HTTP is used for web port 21 FTP is used for FTP and port 25 SMTP outgoing and port 110 POP3 incoming are used for the mail server You can get more information by viewing the documentation provided with the server you installed e Follow these steps to set up port forwarding through the Router s web based utility We will be setting up web ftp and mail servers 1 2 3 4 5 6 Access the Router s web
96. e simultaneously maintaining security and privacy on your private wired network and both share the same Internet connection To maintain wireless access to your private network you can simply add a wireless access point like the Linksys WAP54G to one of the wired Ethernet LAN ports You will still be able to use the wireless interface of the Router to access the Internet when Hot Spot in a Box is enabled During the Hot Spot in a Box registration process you can enter the MAC addresses unique serial numbers of your wireless adapters or cards so that you can access the Internet without a Boingo subscription or day account Of course you can also still access the Internet and your local network through any one of the four LAN ports on the Router Once the Router has been registered with Boingo as a Hot Spot in a Box you can easily unregister the device and restore the factory default settings by going back to the Hot Spot tab on the web based utility interface and checking the Disable box If you decide to re register your device you can do so by repeating the Boingo registration process 59 Excellent Customer Support Toll free technical support is available from Boingo s staff of Wi Fi experts For questions or problems related to the Boingo Hot Spot in a Box program the Boingo Wi Fi service or your sales usage commissions please contact Boingo Wireless Customer Support at Phone 1 800 380 4082Monday through Friday 4 00 am to
97. e the Linksys QuickVPN utility then the Router must have the User Name Enter a name for the VPN client Password Enter a password for the VPN client Figure 6 36 Access Restrictions Tab VPN Client Access Re enter to confirm Enter the password again to confirm it Allow user to change password If you want to let the user change his or her password click the Yes When you have finished setting up a VPN client click the Add Save button to add the VPN client to your list and save the new settings VPN Client List Table VPN Client Users Select the appropriate group of users from the drop down menu No This is the number assigned to this VPN client Active If you want to activate this VPN client click the Active checkbox Username The Username assigned to this VPN client will be displayed here Password The Password assigned to this VPN client will be displayed here Edit Remove If you want to change the settings for a VPN client click the Edit button and then make your changes If you want to delete a VPN client from your list click the Remove button When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More 40 The Applications and Gaming Tab Port Range Forwarding A Dotson of Once Sytems nc Wireless G VPN Router The Port Forwarding screen sets up public services on
98. e your connection more secure There are two different types of encryption DES or 3DES 3DES is recommended because it is more secure You may choose either of these but it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel Or you may choose to disable this feature Authentication Authentication acts as another level of security There are two types of authentication MD5 and SHA SHA is recommended because it is more secure As with encryption either of these may be selected provided that the VPN device at the other end of the tunnel is using the same type of authentication Or both ends of the tunnel may choose to disable authentication Key Management Key Exchange Method Select Auto IKE or Manual for the Key Exchange Method Both ends of a VPN tunnel must use the same mode of key management The two methods are described below After you have selected the method the settings available on this screen may change depending on the selection you have made Auto IKE IKE is an Internet Key Exchange protocol used to negotiate key material for Security Association SA IKE uses the Pre shared Key to authenticate the remote IDE peer PFS PFS Perfect Forward Secrecy ensures that the initial key exchange and IKE proposals are secure To use PFS click the Enabled radio button Pre shared Key You can choose to use a Pre shared Key or RSA Signature To use the Pre shared Key click
99. eckbox to enable port forwarding for the relevant application When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More Unapter D LONMQUFNG the vil eless G VPN Broadband Route 41 Tal j C AMING e 4 Ve di Da ge Je y I VE aval The Applications and Gaming Tab Port Triggering Port Triggering is used for special Internet applications whose outgoing ports differ from the incoming ports For this feature the Router will watch outgoing data for specific port numbers The Router will remember the IP address of the computer that sends a transmission requesting data so that when the requested data returns through the Router the data is pulled back to the proper computer by way of IP address and port mapping rules Port Triggering Application In this field enter the name you wish to give the application Each name can be up to 12 characters Triggered Range Start Port End Port Enter the number that starts the triggered port range under Start Port and the number that ends the range under End Port Forwarded Range Start Port End Port Enter the number that starts the forwarded port range under Start Port and the number that ends the range under End Port Protocol Enter the protocol used for this application either TCP or UDP or Both Enabled Click the Enabled checkbox to enable port triggerin
100. ecoju a apr kojuma izme anu atkritumos j s varat sa emt viet j pa vald b atkritumu sav k anas dienest ka ar veikal kur iegadajaties o izstr d jumu Appendix M Regulatory Information Lietuv kai Lithuanian Aplinkosaugos informacija skirta Europos S jungos vartotojams Europos direktyva 2002 96 EC numato kad rangos kuri ir arba kurios pakuot yra pa ym ta iuo simboliu negalima alinti kartu su ner iuotomis komunalinemis atliekomis is simbolis rodo kad gaminj reikia alinti atskirai nuo bendro buitini atliek srauto J s privalote u tikrinti kad i ir kita elektros ar elektronin jranga b t alinama per tam tikras nacionalin s ar vietin s vald ios nustatytas atlieku rinkimo sistemas Tinkamai alinant ir perdirbant atliekas bus i vengta galimos alos aplinkai ir moni sveikatai Daugiau informacijos apie j s senos jrangos alinim gali pateikti vietin s vald ios institucijos atliek alinimo tarnybos arba parduotuv s kuriose isigijote t gamini Malti Maltese Informazzjoni Ambjentali g al Klijenti fl Unjoni Ewropea Id Direttiva Ewro pea 2002 96 KE titlob li t tag mir li jkun fih is simbolu fuq il prodott u jew fuq l ippakkjar ma jistax jintrema ma skart muni ipali li ma iex isseparat Is simbolu jindika li dan il prodott g andu jintrema separatament minn ma l iskart domestiku regolari Hija responsabbilt tieg ek li tarmi dan it tag mir u kull tag mi
101. ed a one time fee of 10 00 for marketing materials If you add more devices to your account you will not be charged a fee for marketing materials 6 Select a user name and password to use when you access your account The user name can include numbers lowercase letters and periods It must begin with a lowercase letter and it must have at least four characters but not more than sixteen characters Your password must contain at least six characters Enter a user name and password in the fields provided Enter the password again in the Repeat Password field When finished click the Continue button Of Cred pets I oct be ik Se Geet Stegen Z n A ZA Go od A geet hip dn Tage bongo come umio sl Pa trie BOING T D I R I meen rie Lol S Enter Creche Card Informatics There omntL fgie Zeg Row peor Fret Pit Dpr on e bar Agecn Yow ell act be charged M t dee gd pru DPED atte bet Lp A Bevel dempe The aafileed PE PRE cht ae dE pe Cee ard vgtezgprt Raphi erbi ma de aeng rh eg riari hd aS breent B rerg 17 A Mas Seet vw Code Card T t view Led humben Ferrite a Eepiretion Dote pe 6 vean ET ajes e R yew Tr tt jos tb EA ett DDD Died irn Gem G A A 7 ASA Ate Nine Vedran hotpet bango comer On vet binges a Ube Dee A Oo tree Figure 7 6 Select a Username and Password 63 Wireless G VPN Broadband Router 7 The Confirmation screen wi
102. ed computers and other devices to communicate with a wired network Also used to expand the range of a wireless network Ad hoc A group of wireless devices communicating directly with each other peer to peer without the use of an access point AES Advanced Encryption Standard A security method that uses symmetric 128 bit block data encryption Bandwidth The transmission capacity of a given device or network Bit A binary digit Boot To start a device and cause it to start executing instructions Broadband An always on fast Internet connection Browser An application program that provides a way to look at and interact with all the information on the World Wide Web Byte A unit of data that is usually eight bits long Cable Modem A device that connects a computer to the cable television network which in turn connects to the Internet Daisy Chain A method used to connect devices in a series one after the other DDNS Dynamic Domain Name System Allows the hosting of a website FTP server or e mail server with a fixed domain name e g Www xyz com and a dynamic IP address Default Gateway A device that forwards Internet traffic from your local area network DHCP Dynamic Host Configuration Protocol A networking protocol that allows administrators to assign temporary IP addresses to network computers by leasing an IP address to a user for a limited amount of time instead of assigning permanent IP
103. eg e memberi to pisn or d Wes eg owner af Golan rerun s sam seu ont ALE oer Connect Ben 1 enna You eg 4 50 por Conaee Dor tach Connect Dap goed for p Ap come ens acaso oi oan yos 28 50 overs CRO S turemer rgs ue a Pert reted Borge een plan geben A pera maorier and Sars vi o erg thet pou get the cred you Goverve we track your pon upe wth a peer tales channel code owl be wp ond rurung a4 commmarnal Mot spot operator A putt A teow rromtues gauna We re here to heip yeu have quetbent or regure techtetel support please ce ut at 1 009 380 4082 Figure 7 2 Welcome Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses 61 Getting Started Wireless G VPN Broadband Router 3 The Hot Spot Operator Agreement will appear Read the terms of the agreement and then if you agree with the terms click the I Agree button 4 The Business Contact Information screen will appear Enter the contact information for the person who will receive commission checks and correspondence from Boingo Enter the Contact Name Company Name Tax ID Social Security Number Address City State Zip Code Country Telephone Number Fax Number and Email address information Then select the appropriate Time Zone When finished click the Continue button Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses Getting Started Oe oor Fear ede EN Zeta ee A 2 Gees e Des A Ze A7 2 A CECR SPOT OFLRATO
104. egate Traffic OUT MB This is the total amount of outgoing traffic for all users of the wired interface represented in megabytes MB e Device Alerts This is a log of events including system startup shutdown DHCP activities and AAA Administration on 9 3 4 aeen tow E Authorization and Authentication activities tse et Am i l i ate hipaa ieri apie wll x es fr eg a b s System startup This is a notification indicating when the device was started system shutdown This is a notification indicating when the device was shut down or restarted i SE Jan BD HEH Li NI 88 DCH Mag dam j FR Diet 38 BHO Rap Jen PR HAH Ge YE ee Bog Ans fi JEH pete ER 39 DCK Mag DHCP offer This is a notification indicating when a particular subscriber has obtained a DHCP lease DHCP release This is a notification indicating when a particular subscriber has released a DHCP lease SS Ege daa 33 3004 70079040 8 jaiman LEO Lien eae ter reg Er de AAA login redirect This is a notification indicating when the device has captured port 80 traffic and a oe See redirected the subscriber une S den 23 HEN H ft DE DCH Huh 4 AAA logout redirect This is a notification indicating when the device has received a logout request and Figure 7 26 Device Alerts redirected the subscriber to the AAA logout URL AAA session timeout This is a notification indicating when the device has detected an inactive session and
105. el button To close the Port Services screen and return to Figure 6 34 List of PCs the Access Restrictions screen click the Glose button 10 If you want to block websites with specific URL addresses enter each URL in a separate field next to Website Blocking by URL Address 3 http 192 168 0 2 Microsoft Internet Explorer 11 If you want to block websites using specific keywords enter each keyword in a separate field next to Website Blocking by Keyword Service Name 12 Click the Save Settings button to save the policy s settings To cancel the policy s settings click the Cancel Protocol Changes button ICMP Port Range Add Modify Delete TFTP es 63 af Apply Cancel Close To create an Inbound Traffic Policy 1 Select Inbound Traffic as the Policy Type 2 Select a number from the Internet Access Policy drop down menu 3 To enable this policy click the radio button beside Enable S Figure 6 35 Blocked Services 4 Enter a Policy Name in the field provided 5 Enter the source IP address whose traffic you want to manage Select the appropriate protocol TCP UDP or Both Enter the appropriate port range or select Any Enter the destination IP address whose traffic you want to manage or select Any 6 Click the appropriate option Deny or Allow depending on whether you want to block or allow network traffic 38 7 Decide which days and what times you want this policy to be enfo
106. elect IP Addr and enter the IP address Make sure that you have entered the IP address correctly or the connection cannot be made Remember this is NOT the IP address of the local VPN Broadband Router it is the IP address of the remote VPN router or device with which you wish to communicate If the IP address is dynamic select FQDN for DDNS or Any If FQDN is selected enter the domain name of the remote router so the Router can locate a current IP address using DDNS If Any is selected then the Router will accept requests from any IP address Local Secure Group IP Addr IP Address is2 fice a fo Mask 255 255 255 255 Remote Secure Group IP Add IP Address 192 bes bn Figure 6 23 Local Secure Group IP Address and Remote Secure Group IP Address iP Range KK EE Local Secure Group D Address iP Range KEE EE Remote Secure Group IP Address Figure 6 24 Local Secure Group IP Range and Remote Secure Group IP Range Local Secure Group Ho The same as Local Security Gateway setting Remote Secure Group Hos z The same es Remote Security Gateway setting Figure 6 25 Local Secure Group Host and Remote Secure Group Host Local Secure Group P Address 192 fies 1 In oss 255 0 Remote Secure Group This Gateway accepts request from any IP Address Figure 6 26 Local Secure Group Subnet and Remote Secure Group Any 32 Encryption Using encryption also helps mak
107. electr nicos a trav s de los puntos de recogida que ponen a su disposici n e gobierno y las autoridades locales Al desechar y reciclar correctamente estos aparatos estar contribuyendo a evitar posibles consecuencias negativas para el medio ambiente y la salud de las personas Si desea obtener informaci n m s detallada sobre la eliminaci n segura de su aparato usado consulte a las autoridades locales al servicio de recogida y eliminaci n de residuos de su zona o pregunte en la tienda donde adquiri el producto AAnvikd Greek LTOIXEIA TIEPIBAAAOVTIKNS TIPOOTAGIAS YIA TEAGTES EVTOS THS Eupwrtraikns Evene H Koivotikh Odnyia 2002 96 EC atraitei oo E OTTAIGUOG O OTTOIOS PEPE AUTO TO OUUBOAO GTO TIPOIOYV KOU OTN GUOKEUAGIA TOU SEV TIPETTE VA ATTOPPITTTETAI UOCT UE TO IKTA KOIVOTIKG OTTOGOIUUOTO TO OUUBOAO UTTOSOEIKVUE OT AUTO TO TIPOIOV Ga TIPETTE va ATTOOPITITETAI EExWPIOTG att Ta GUVABN OIKIAKG atTroppiuvata Eiote utreu8uvoc yia Thy OTTO TOU TTAPOVTOS KOL GAAOU NAEKTPIKOU KOL NAEKTPOVIKOU EEOTTAIGUOU UEOU TWV KABOPIOLEVWWV EYKATACTACGEWV GUYKEYTOWONS ATIOPPIUUGTWV OI OTTOIES TAPEXOVTAI AT TO KPATOS D TIC GPUOOIES TOTTIKES ANKE H GWOT aTTOPPIWN KO AVAaKUKAWON OUUBGAAE OT TIPOANWN TTIBaVWY APYNTIKWY OUVETTEIWV YIG TO TEPIBGAAOV Kal TNV UYEIA Mid TIEPIOOOTEPES TTANDOMOPIES OXETIKA UE THY ATTOOPIWN TOU TTAAIOU OOC ELOTTAIOUOU TAPAKA AW ETTIKOIVWYVNOTE UE TIC TOTTIKES APXEG TIC UTINPECIEC QTTOPIWNS D TO KATGOTNUG ATTO TO OTTOI
108. en Wireless e Basic Wireless Settings You can choose your Wireless Network Mode and security settings on this screen e Wireless Network Access This screen displays your network access list 3 NOTE When first installing the Router you AN should use the Setup Wizard on the Setup CD ROM If you want to configure advanced settings use this chapter to learn about the Web based Utility HAVE YOU Enabled TCP IP on your PCs PCs A communicate over the network with this protocol Refer to Appendix Windows Help for more information on TCP IP NOTE For added security you should change AN the password through the Administration screen of the Web based Utility nat network address translation NAT technology translates IP addresses of a local area network to a different IP address for the Internet 13 e Advanced Wireless Settings For advanced users you can alter data transmission settings on this screen Security e Firewall On this screen you can configure a variety of filters to enhance the security of your network e VPN To enable or disable IPSec L2TP and or PPTP Pass through and set up VPN tunnels use this screen Access Restrictions e internet Access This screen allows you to permit or block specific users from connecting to your network e VPN Client Access Use this screen to designate VPN clients and their passwords Applications amp Gaming e Port Range Forwarding To set up public
109. en est mahdolliset kielteiset vaikutukset ymp rist n ja ihmisten terveyteen Lis tietoja vanhan laitteiston oikeasta h vitystavasta saa paikallisilta viranomaisilta j tteenh vityspalvelusta tai siit myym l st josta ostit tuotteen Svenska Swedish Milj information f r kunder i Europeiska unionen Det europeiska direktivet 2002 96 EC kr ver att utrustning med denna symbol p produkten och eller f rpackningen inte f r kastas med osorterat kommunalt avfall Symbolen visar att denna produkt b r kastas efter att den avskiljts fr n vanligt hush llsavfall Det faller p ditt ansvar att kasta denna och annan elektrisk och elektronisk utrustning p fastst llda insamlingsplatser utsedda av regeringen eller lokala myndigheter Korrekt kassering och tervinning skyddar mot eventuella negativa konsekvenser f r milj n och personh lsa F r mer detaljerad information om kassering av din gamla utrustning kontaktar du dina lokala myndigheter avfallshanteringen eller butiken d r du k pte produkten For more information visit www linksys com Appendix M Regulatory Information 134 Appendix N Contact Information Need to contact Linksys Visit us online for information on the latest products and updates to your existing products at http www linksys com or ftp linksys com Can t find information about a product you want to buy on the web Do you want to know more about networking with Linksys products Give our advice
110. ept both Main and Aggressive requests from the remote VPN device Encryption Select the length of the key used to encrypt or decrypt ESP packets There are two choices DES and 3DES 3DES is recommended because it is more secure Authentication Select the method used to authenticate ESP packets There are two choices MD5 and SHA1 SHA1 is recommended because it is more secure Group There are three Diffie Hellman Groups to choose from 768 bit 1024 bit and 1536 bit Diffie Hellman refers to a cryptographic technique that uses public and private keys for encryption and decryption Key Life Time In the Key Lifetime field you may optionally select to have the key expire at the end of a time period of your choosing Enter the number of seconds you d like the key to be used until a re key negotiation between each endpoint is completed Phase 2 Encryption The encryption method selected in Phase 1 will be displayed Authentication The authentication method selected in Phase 1 will be displayed PFS The status of the PFS Perfect Forward Secrecy feature will be displayed Group There are three Diffie Hellman Groups to choose from 768 bit 1024 bit and 1536 bit Diffie Hellman refers to a cryptographic technique that uses public and private keys for encryption and decryption E Advanced VPN Tunnel Setup Tunnel 1 Phaze 1 Operation Made Mem Proposal Encryption DES Authentication MDS Group Zb bu e
111. er for authentication and the use of dynamic TKIP AES or WEP Important Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly 95 WPA Pre Shared Key If you do not have a RADIUS server select the type of algorithm TKIP or AES enter a password in the Pre Shared key field of 8 64 characters and enter a Group Key Renewal period time between 0 and 99 999 seconds which instructs the Router or other device how often it should change the encryption keys WPA RADIUS WPA used in coordination with a RADIUS server This should only be used when a RADIUS server is connected to the Router or other device First select the type of WPA algorithm TKIP or AES Enter the RADIUS server s IP Address and port number along with a key shared between the device and the server Last enter a Group Key Renewal period which instructs the device how often it should change the encryption keys RADIUS WEP used in coordination with a RADIUS server This should only be used when a RADIUS server is connected to the Router or other device First enter the RADIUS server s IP Address and port number along with a key shared between the device and the server Then select a WEP key and a level of WEP encryption and either generate a WEP key through the Passphrase or enter the WEP key manually Implementing encryption may have a negative impact on yo
112. etwork In The following network components are installed box select the TCP IP gt associated with your Ethernet adapter If you only have one Ethernet adapter installed you will only see one TCP IP line with no association to an Ethernet adapter Highlight it and click the Properties button In the TCP IP properties window select the IP address tab and select Specify an IP address Enter a unique IP address that is not used by any other computer on the network connected to the Router Make sure that each IP address is unique for each PC or network device Click the Gateway tab and in the New Gateway prompt enter 192 168 1 1 which is the default IP address of the Router Click the Add button to accept the entry Click the DNS tab and make sure the DNS Enabled option is selected Enter the Host and Domain names e g John for Host and home for Domain Enter the DNS entry provided by your ISP If your ISP has not provided the DNS IP address contact your ISP to get that information or go to its website for the information Click the OK button in the TCP IP properties window and click Close or the OK button for the Network window Restart the computer when asked 78 e For Windows 2000 1 2 3 8 9 e For Click Start Settings and Control Panel Double click Network and Dial Up Connections Right click the Local Area Connection that is associated with the Ethernet adapter you are using and select the Properties option
113. formation click More fragmentation Breaking a packet into smaller units when transmitting over a network medium that cannot support the original size of the packet 29 The Security Tab Firewall When you click the Security tab you will see the Firewall screen The Router s firewall enhances the security of your network You can also enable a variety of filters to further protect your network Firewall Firewall Protection The firewall uses Stateful Packet Inspection SPI to check the incoming data transmissions before allowing them to enter your network To use the Router s firewall click Enabled If you do not want firewall protection click Disabled Additional Filters Filter Proxy Use of WAN proxy servers may compromise the Router s security Denying Filter Proxy will disable access to any WAN proxy servers To enable proxy filtering click Enabled Filter Cookies A cookie is data stored on your PC and used by Internet sites when you interact with them To enable cookie filtering click Enabled Filter Java Applets Java is a programming language for websites If you deny Java Applets you run the risk of not having access to Internet sites created using this programming language To enable Java Applet filtering click Enabled Filter ActiveX ActiveX is a programming language for websites If you deny Activex you run the risk of not having access to Internet sites created using this programming language To enable A
114. g To get the LAN IP address see Appendix F Finding the MAC Address and IP Address for Your Ethernet Adapter If DMZ Hosting is used does the exposed user share the public IP with the Router No Does the Router pass PPTP packets or actively route PPTP sessions The Router allows PPTP packets to pass through Is the Router cross platform compatible Any platform that supports Ethernet and TCP IP is compatible with the Router How many ports can be simultaneously forwarded Theoretically the Router can establish 520 sessions at the same time but you can only forward 10 ranges of ports What are the advanced features of the Router The Router s advanced features include Advanced Wireless settings Filters Port Forwarding Routing and DDNS What is the maximum number of VPN sessions allowed by the Router The maximum number depends on many factors At least one IPSec session will work through the Router however simultaneous IPSec sessions may be possible depending on the specifics of your VPNs How can check whether I have static or DHCP IP Addresses Consult your ISP to obtain this information How do I get mIRC to work with the Router Under the Port Forwarding tab set port forwarding to 113 for the PC on which you are using mIRC Can the Router act as my DHCP server Yes The Router has DHCP server software built in 89 Can run an application from a remote computer over the wireless network This will depe
115. g Firmware Wireless G VPM Router CH 2 Finerevere Upgrade Figure H 1 Upgrade Firmware 120 Appendix Windows Help Almost all wireless products require Microsoft Windows Windows is the most used operating system in the world and comes with many features that help make networking easier These features can be accessed through Windows Help and are described in this appendix TCP IP Before a computer can communicate with the Access Point TCP IP must be enabled TCP IP is a set of instructions or protocol all PCs follow to communicate over a network This is true for wireless networks as well Your PCs will not be able to utilize wireless networking without having TCP IP enabled Windows Help provides complete instructions on enabling TCP IP Shared Resources If you wish to share printers folder or files over your network Windows Help provides complete instructions on utilizing shared resources Network Neighborhood My Network Places Other PCs on your network will appear under Network Neighborhood or My Network Places depending upon the version of Windows you re running Windows Help provides complete instructions on adding PCs to your network 121 Appendix Glossary This glossary contains some basic networking terms you may come across when using this product For more advanced terms see the complete Linksys glossary at http www linksys com glossary Access Point A device that allows wireless equipp
116. g for the relevant application When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More Cnapter 6 Configuring the Wireless G VPN Broadband Route A Drettem of Once Systemes inc Applications amp Gaming Applicsion ei Fo Gr Fon nt po EndPot Protocal ft vb b vb ez wf vb fom Bb rb b vb bex o wf wfo ez f wh wfo omy re Ce OGR wE ez wf wf ams wh 0 wfo ez f wh wfo ez f wf wfo ez Figure 6 38 Applications amp Gaming Tab Port Triggering H NUELA HU ECO OD D 42 The Applications and Gaming Tab UPnP Forwarding The UPnP Forwarding screen provides options for customization of port services for applications UPnP Forwarding Application In this field enter the name you wish to give the application Each name can be up to 12 characters Ext Port Enter the number of the external port used by the server Check with the Internet application documentation for more information Int Port Enter the number of the internal port used by the server Check with the Internet application software documentation for more information Protocol Enter the protocol used for this application either TCP or UDP or Both IP Address For each application enter the IP Address of the server that you want the Internet users to be able
117. ge and or transmission between users lan local area network The computers and networking products that make up the network in your home or office ssid your wireless network s name ad hoc a group of wireless devices communicating directly to each other peer to peer without the use of an access point infrastructure a wireless network that is bridged to a wired network via an access point adapter a device that adds network functionality to your PC ethernet IEEE standard network protocol that specifies how data is placed on and retrieved from a common transmission medium access point a device that allows wireless equipped computers and other devices to communicate with a wired network Also used to expand the range of a wireless network The Wireless G VPN Broadband Router is compatible with all 802 11b and 802 119 adapters such as the Notebook Adapters WPC54G WPC11 for your laptop computers PCI Adapter WMP54G WMP11 for your desktop PC and USB Adapter WUSB54G WUSB11 when you want to enjoy USB connectivity The Broadband Router will also communicate with the Wireless PrintServer WPS54GU2 WPS11 and Wireless Ethernet Bridges WET54G WET11 When you wish to connect your wireless network with your wired network you can use the Broadband Router s three LAN ports To add more ports any of the Broadband Router s LAN ports can be connected to any of Linksys s switches such as the EZXS55W or EZXS88W With
118. gs Administration _ Adeniin aii I Feirev Deieg Factory Defaults Restore Factory Defaults To clear all of the Router s settings and reset them to its factory defaults click the Yes radio button exhausted all other troubleshooting measures Once the Router is reset you will have to re enter all Note Do not restore the factory defaults unless you are having difficulties with the Router and have A of your configuration settings Click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More Figure 6 44 Administration Tab Factory Default VDOR DN rs en en el La ca pa el DA tAr N Broadband Route 50 The Administration Tab Firmware Upgrade The Firmware Upgrade screen allows you to upgrade the Router s firmware Do not upgrade the firmware unless you are experiencing problems with the Router or the new firmware has a feature you want to use Note The Router will lose all of the settings you have customized Before you upgrade its firmware AN write down all of your custom settings After you upgrade its firmware you will have to re enter all of your configuration settings Before upgrading the firmware download the Router s firmware upgrade file from the Linksys website www linksys com Then extract the file Upgrade Firmware In the field provided enter the name of the extracted firmware upgrade file or click the Br
119. gure D 5 Filters Properties Figure D 6 New Rule Properties Figure D 7 IP Filter List Figure D 8 Filters Properties Figure D 9 New Rule Properties Figure D 10 IP Filter List Tab Figure D 11 Filter Action Tab Figure D 12 Security Methods Tab Figure D 13 Authentication Methods Figure D 14 Preshared Key Figure D 15 New Preshared Key Figure D 16 Tunnel Setting Tab Figure D 17 Connection Type Tab Figure D 18 Properties Screen Figure D 19 IP Filter List Tab Figure D 20 Filter Action Tab Figure D 21 Authentication Methods Tab Figure D 22 Preshared Key Figure D 23 New Preshared Key Figure D 24 Tunnel Setting Tab Figure D 25 Connection Type Figure D 26 Rules Figure D 27 Local Computer Figure D 28 VPN Tab Figure E 1 Diagram of All VPN Tunnels Figure E 2 Login Screen Figure E 3 Setup Basic Setup Internet Setup Figure E 4 Security VPN Screen VPN Tunnel Figure E 5 Setup Basic Setup Internet Setup Figure E 6 Security VPN Screen VPN Tunnel Figure E 7 Diagram of VPN Tunnel between VPN Routers 100 101 101 101 102 102 102 103 103 103 104 104 104 105 105 105 106 106 106 107 107 107 108 108 108 109 110 111 111 111 112 112 113 Figure E 8 Security VPN Screen Key Management Figure E 9 Advanced Tunnel Setup Screen Figure E 10 Access Restrictions VPN Client Access Screen Figure E 11 Diagram of VPN Tunnel between VPN Router 1 and VPN Client Figure E
120. he Router Appendix L Warranty Information This appendix supplies the warranty information for the Router Appendix M Regulatory Information This appendix supplies the regulatory information regarding the Router Appendix N Contact Information This appendix provides contact information for a variety of Linksys resources including Technical Support Chapter 2 Planning Your Wireless Network Network Topology A wireless local area network WLAN is exactly like a regular local area network LAN except that each computer in the WLAN uses a wireless device to connect to the network Computers in a WLAN share the same frequency channel and SSID which is an identification name shared by the wireless devices belonging to the same wireless network Ad Hoc versus Infrastructure Mode Unlike wired networks wireless networks have two different modes in which they may be set up infrastructure and ad hoc An infrastructure configuration is a WLAN and wired LAN communicating to each other through an access point An ad hoc configuration is wireless equipped computers communicating directly with each other Choosing between these two modes depends on whether or not the wireless network needs to share data or peripherals with a wired network or not lf the computers on the wireless network need to be accessible by a wired network or need to share a peripheral such as a printer with the wired network computers the wireless network should be set
121. he screen showing the security policies to_Router Properties as Rules General ats Secunty rules for communicating with other computers IP Securty Rules win gt router Require Security PresharedKey 14 router gt win Require Security PresharedKey 14 o lt Dynamic gt Default Response Kerberos Nc Figure D 26 Rules Step 4 Assign New IPSec Policy a en WA cere Respond orb Communicate normally une Ei scare Server Roque For al IP traffic always req Ei Server Request Secu For al IP traffic ahuays rea Bato Router In the P Security Policies on Local Machine window right click the policy named fo Router and click Assign A green arrow appears in the folder icon TTT Figure D 27 Local Computer Appendix D Configuring IPSec between a Windows 2000 or XP Computer and the Router 108 How to Establish a Secure IPSec Tunnel Step 5 Create a Tunnel Through the Web Based Utility 1 2 From the VPN tab select the tunnel you wish to create in the Select Tunnel Entry drop down box Then click Open your web browser and enter 192 168 1 1 in the Address field Press the Enter key Aires or Ceo keisa ke When the User name and Password fields appear enter the default user name and password admin Press Bag the Enter key From the Setup tab click the VPN tab Enabled Enter the name of the tunnel in the Tunnel Name field This is to allow you to identify multiple tunnels and does not have
122. ial purpose Some jurisdictions do not allow the exclusion or limitation of incidental or consequential damages so the above limitation or exclusion may not apply to You Please direct all inquiries to Linksys PO Box 18558 Irvine CA 92623 128 Appendix M Regulatory Information FCC Statement This product has been tested and complies with the specifications for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used according to the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which is found by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment or devices e Connect the equipment to an outlet other than the receiver s e Consult a dealer or an experienced radio TV technician for assistance FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment shou
123. ics Administration Tab Factory Default Administration Tab Firmware Upgrade Status Tab Router Status Tab Local Network DHCP Active IP Table Status Tab Wireless Status Tab System Performance Status Tab VPN Clients Figure 7 1 Registration Login Figure 7 2 Welcome Figure 7 3 Operator Agreement Figure 7 4 Business Contact Information Figure 7 5 Credit Card Information Figure 7 6 Select a Username and Password Figure 7 7 Confirmation Figure 7 8 Registration Complete Figure 7 9 Device Location Figure 7 10 Onsite Contact Figure 7 11 Device Configuration Figure 7 12 View Edit Settings Figure 7 13 Your Location Page Figure 7 14 Sample Page Figure 7 15 Free Access Figure 7 16 Confirmation Figure 7 17 Almost Done Figure 7 18 Administration Login Figure 7 19 Home Figure 7 20 Device View Figure 7 21 Edit Current Configuration Figure 7 22 Map Figure 7 23 User Statistics Figure 7 24 Device Statistics Figure 7 25 Device Performance Figure 7 26 Device Alerts Figure C 1 Setup Wizard Welcome Screen Figure C 2 QuickVPN Desktop Icon Figure C 3 QuickVPN Tray Icon No Connection Figure C 4 QuickVPN Software Profile Figure C 5 QuickVPN Software Status Figure C 6 QuickVPN Tray Icon Connection Available Figure C 7 QuickVPN Software Change Password Figure D 1 Local Security Screen Figure D 2 Rules Tab Figure D 3 IP Filter List Tab Figure D 4 IP Filter List Fi
124. inistrator Installing the Linksys QuickVPN Software LINKSYS Division of Cisco Systems inc NOTE If you have the Wireless G VPN Broadband Router Setup CD ROM available then follow A these instructions 1 Insert the Setup CD ROM into your CD ROM drive The Setup Wizard should run automatically and the Welcome screen should appear If it does not click Start and then Run In the field provided enter D setup exe if D is the letter of your CD ROM drive 2 Click Install QuickVPN Software Then follow the on screen instructions E A VPN Broadband Router Setup Wizard wer 1 1 Goto www linksys com and select Products setup P Lidca Gea ties mein WRG S Copyright Tou Cane Serien lee Al Agii Bebang A A 2 Click Business Solutions Figure C 1 Setup Wizard Welcome Screen 3 Click Router VPN Solutions 97 Click WRV54G Click Linksys QuickVPN Utility in the More Information section Save the zip file to your PC and extract the exe file Double click the exe file and follow the on screen instructions Then proceed to the next section Using the Linksys QuickVPN Software Using the Linksys QuickVPN Software 1 2 Double click the Linksys QuickVPN software icon on your desktop or in the system tray The login screen will appear Enter a name for your profile Then enter the User Name and Password you have been assigned In the Server Address field enter the IP add
125. ion click More WPA RADIUS This option features WPA used in coordination with a RADIUS server This should only be used when a RADIUS server is connected to the Router Enter the RADIUS server s IP address Select TKIP or AES from the WPA Algorithm drop down menu Enter the RADIUS server s port number along with the Shared Secret key which is the key shared between the Router and the server Last enter the Key Renewal Timeout period which instructs the Router how often it should change the encryption keys When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes Help information is shown on the right hand side of a screen For additional information click More aqpand RO Lt A osan of Cre Ze em inc Wireless Figure 6 13 Wireless Security WPA Pre Shared Key wpa wi fi protected access a wireless security protocol using TKIP Temporal Key Integrity Protocol encryption which can be used in conjunction with a RADIUS server A Orage g Lo Syste ne Wireless Securty Mode wares d RADIIS Server P Ad ees 0 RB fo fo WPA Augen ne RADIUS Server Port ber Shared Secrect Kary Recwrwal Tree 900 recone Sars Setlings Cartel bass Figure 6 14 Wireless Security WPA RADIUS radius a protocol that uses an authentication server to control network access 25 RADIUS This option features W
126. irect traffic to the correct computer Refer to the Port Range Forwarding tab of the Applications and Gaming tab Remote Secure Group The Remote Secure Group is the computer s on the remote end of the tunnel that can access the tunnel From the drop down menu select Subnet to include the entire network for the tunnel select IP address if you want a specific computer IP Range if you want to include a range of IP addresses select Host if the VPN will terminate at the Router instead of the PC or Any to allow any computer to access the tunnel The screen will change depending on the selected option The options are described below Subnet Enter the IP Address and Mask of the remote VPN router in the fields provided To allow access to the entire IP subnet enter 0 for the last set of IP Addresses e g 192 168 1 0 IP Address Enter the IP Address of the remote VPN router The Mask will be displayed IP Range Enter the starting and ending numbers for the IP Address range Remote Secure Gateway The Remote Secure Gateway is the VPN device such as a second VPN router on the remote end of the VPN tunnel Enter the IP Address of the VPN device at the other end of the tunnel The remote VPN device can be another VPN router a VPN server or a computer with VPN client software that supports IPSec The IP address may either be static permanent or dynamic depending on the settings of the remote VPN device lf the IP Address is static s
127. iuti domestici E responsabilit del proprietario smaltire sia questi prodotti sia le altre apparecchiature elettriche ed elettroniche mediante le specifiche strutture di raccolta indicate dal governo o dagli enti pubblici locali Il corretto smaltimento ed il riciclaggio aiuteranno a prevenire conseguenze potenzialmente negative per l ambiente e per la salute dell essere umano Per ricevere informazioni pi dettagliate circa lo smaltimento delle vecchie apparecchiature in Vostro possesso Vi invitiamo a contattare gli enti pubblici di competenza il servizio di smaltimento rifiuti o il negozio nel quale avete acquistato il prodotto Latvie u valoda Latvian Ekolo iska inform cija klientiem Eiropas Savien bas jurisdikcij Direkt v 2002 96 EK ir pras ba ka apr kojumu kam pievienota z me uz pa a izstr d juma vai uz t iesai ojuma nedr kst izmest ne irot veid kop ar komun lajiem atkritumiem tiem ko rada viet ji iedz vot ji un uz mumi z me noz m to ka Si ier ce ir j izmet atkritumos ta lai t nenon ktu kop ar parastiem m jsaimniec bas atkritumiem J su pien kums ir o un citas elektriskas un elektroniskas ier ces izmest atkritumos izmantojot pa us atkritumu sav k anas veidus un l dzek us ko nodro ina valsts un pa vald bu iest des Ja izme ana atkritumos un p rstr de tiek veikta pareizi tad mazin s iesp jamais kait jums dabai un cilv ku vesel bai S k kas zi as par nov
128. jxj IP Filter List Filter Action Authentication Methods Tunnel Setting Connection Type The authentication method species how trust is established ats between the computers Offer and accept these e 5 authentication methods when negotiating security with another computer Authentication Method preference order Remove Figure D 21 Authentication Methods Tab 106 Edit Authentication Method Properties Authentication Method The authentication method specifies how trust ts established Wireless G VPN Broadband Router 13 Change the authentication method to Use this string to protect the key exchange preshared key and enter the preshared key string such as XYZ12345 This is a sample key string Yours should be a key that is aa between the computers unique but easy to remember Then click the OK button Windows 2000 default Kerberos V5 protocol Use a certificate from this certificate authonty CAL eg e Use this string to protect the key exchange preshared key i 2345 Figure D 22 Preshared Key E Filter Action 14 This new Preshared key will be displayed Click the Apply button to continue if it appears on your screen otherwise proceed to the next step IP Fiter List Authentication Methods Tunnel Setting Connection Type The authentication method specifies how trust is established Offer and accept these ote between the computers a authentication methods when nego
129. k Change your SSID to something unique and not something related to your company or the networking products you use Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in MAC Addresses Enable MAC Address filtering MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses This makes it harder for a hacker to access your network with a random MAC Address WEP Encryption Wired Equivalent Privacy WEP is often looked upon as a cure all for wireless security concerns This is overstating WEP s ability Again this can only provide enough security to make a hacker s job more difficult There are several ways that WEP can be maximized 1 Use the highest level of encryption possible 2 Use Shared Key authentication 3 Change your WEP key regularly WPA Wi Fi Protected Access WPA is the newest and best available standard in Wi Fi security Two modes are available Pre Shared Key and RADIUS Pre Shared Key gives you a choice of two encryption methods TKIP Temporal Key Integrity Protocol which utilizes a stronger encryption method and incorporates Message Integrity Code MIC to provide protection against hackers and AES Advanced Encryption System which utilizes a symmetric 128 Bit block data encryption RADIUS Remote Authentication Dial In User Service utilizes a RADIUS serv
130. l Power Green The Power LED lights up when the Router is powered on DMZ Red The DMZ LED lights up when the Router has an available DMZ port If the LED is flashing the Router is sending or receiving data over the DMZ port Internet Green The Internet LED lights up when the Router is connected to your cable or DSL modem If the LED is flashing the Router is sending or receiving data over the Internet port Wireless G Green The Wireless G LED lights whenever there is a successful wireless connection If the LED is flashing the Router is actively sending or receiving data over the wireless network LAN 1 4 Green The LAN LED serves two purposes If the LED is solidly lit the Router is connected to a device through the corresponding port LAN 1 2 or 3 If the LED is flashing the Router is sending or receiving data over that port 10 Chapter 5 Connecting the Wireless G VPN Broadband Router Overview To begin installation of the Router you will connect the Router to your PCs other network devices and cable or DSL modem If you want to use a PC with an Ethernet adapter to configure the Router continue to Wired Connection to a PC If you want to use a PC with a wireless adapter to configure the Router continue to Wireless Connection to a PC Wired Connection to a PC 1 Make sure that all of your network s hardware is powered off including the Router PCs and cable or DSL modem Connect one end of a
131. l Secure Group Remote Secure Group Romme Socure Galoway Res Mersoemezg F Adiera Authenbostion Bry Exchange keitve T Pre Steg Key T RSA Signature Veel teiee Advanced VPH Tunnel Setup Ep Setlings Leite ZE GC The Pi TT funnel oF channel baean Fee a ht Giba or Cie a ee Gite ie Fee Of the hih i he Turned piama Tat Figure E 6 Security VPN Screen VPN Tunnel 112 Nivralace_f VDA Denadhangd Daitar Wireless G VPN Broadband Router Configuring the Key Management Settings d o PC 1 PC 2 N VPN Router 1 VPN Router 2 Figure E 7 Diagram of VPN Tunnel between VPN Routers Configuring VPN Router 1 Following these instructions for VPN Router 1 1 On the VPN screen select 3DES from the Encryption drop down menu 2 Select SHA1 from the Authentication drop down menu 3 Keep the default Key Exchange Method Auto IKE 4 For the PFS setting select Enabled 5 Select Pre Shared Key and enter a string for this key 6 If you need more detailed settings click the Advanced VPN Tunnel Setup button Otherwise click the Save Settings button and proceed to the next section Configuring VPN Router 2 7 On the Advanced VPN Tunnel Setup screen keep the default Operation Mode Main 8 For Phase 1 select DES from the Encryption drop down menu 9 Select MD5 from the Authentication drop down menu Save Settings Cancel Changes Figure E 8 Security VPN Screen Ke
132. ld be installed and operated with minimum distance 20cm between the radiator and your body Safety Notices Caution To reduce the risk of fire use only No 26 AWG or larger telecommunication line cord Do not use this product near water for example in a wet basement or near a swimming pool Avoid using this product during an electrical storm There may be a remote risk of electric shock from lightning Industry Canada Canada This device complies with Canadian ICES 003 and RSS210 rules Cet appareil est conforme aux normes NMB 003 et RSS210 d Industry Canada 129 Wireless G VPN Broadband Router User Information for Consumer Products Covered by EU Directive 2002 96 EC on Waste Electric and Electronic Equipment WEEE This document contains important information for users with regards to the proper disposal and recycling of Linksys products Consumers are required to comply with this notice for all electronic products bearing the following symbol English Environmental Information for Customers in the European Union European Directive 2002 96 EC requires that the equipment bearing this symbol on the product and or its packaging must not be disposed of with unsorted municipal waste The symbol indicates that this product should be disposed of separately from regular household waste streams It is your responsibility to dispose of this and other electric and electronic equipment via designated collection facilities appointed by the g
133. ll appear Review your Business Contact Information and Credit Card Information If you want to make any changes click the Edit button under the section that you want to edit When finished click the Continue button 8 The Registration Complete screen will appear when you have finished the registration process Click the Setup New Device button to continue with the setup and begin the Device Configuration Wizard Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses Getting Started E a a a B Ip j i b Gi Le wie s AA 2 2 Geet Gee Gee A Ze A7 zl A somes nn Tur Saa EERTEFLLNN F epir sine Date Er phi zaj Ges abera ieu mai pat ma a iaaii T E De E p prim r mr EN etek A 2 3 Geet tet Gass A Ze A 7 AAA i ig tg LT Tis sch Bie ba tla Ml ia k Marge moi Epal es ini Leet Baani mbari qia sf hed og Cea Ei Federal qtr t cole SA cee Riek al ade dief Figure 7 8 Registration Complete 64 Step 3 Device Configuration Wizard 1 The Device Setup Location screen will appear Enter the Location Name Then describe where the device is placed at the location Select the Location Type Enter the Phone number Address City State Postal Zip Code and Country in the fields provided When finished click the Continue button 2 When the Onsite Contact Information screen appears enter the contact information for the person who is to be contacted if the network
134. mand Max Vie Time 5 Min Keep Alive Redial Period Ion Sec Figure 6 4 Internet Connection Type PPPoE pppoe a type of broadband connection that provides authentication username and password in addition to data transport 16 PPTP PPTP F IP Address fo jn f Subnet Mask fo Jon Defaut Gateway o Jo ff User Name Point to Point Tunneling Protocol PPTP is a service that applies to connections in Europe and Israel only IP Address This is the Router s IP address when seen from the WAN or the Internet Your ISP will provide you with the IP Address you need to specify here 333 1715 Subnet Mask This is the Router s Subnet Mask as seen by external users on the Internet including your ISP Your ISP will provide you with the Subnet Mask Password Default Gateway Your ISP will provide you with the Default Gateway Address D Keep Alive Redial Period 30 User Name and Password Enter the User Name and Password provided by your ISP Connect on Demand Max Idle Time You can configure the Router to cut the Internet connection after it has been inactive for a specified period of time Max Idle Time If your Internet connection has been terminated due to inactivity Connect on Demand enables the Router to automatically re establish your connection as soon as you attempt to access the Internet again If you wish to activate Connect on Demand click the radio button In the Max Idle Time field enter the number of
135. me of the tunnel This allows you to identify multiple tunnels and does not have to match the name used at the other end of the tunnel Local Secure Group The Local Secure Group is the computer s on your LAN that can access the tunnel From the drop down menu select Subnet to include the entire network for the tunnel select IP Address if you want a specific computer IP Range if you want to include a range of IP addresses or select Host which is used with Port Forwarding to ren gg Den rien leer Security Veli ENEI E pitri re M kurai erte gie Se CR ap ER kelen Figure 6 21 Security Tab VPN Local Secure Group Subnet IP Address 192 fies fi fo Mask 255 bes 255 fo Remote Secure Group Subnet e IP Address 192 fies 2 fo Figure 6 22 Local Secure Group Subnet and Remote Secure Group Subnet 31 direct the traffic to the correct computer The screen will change depending on the selected option The options are described below Subnet Enter the IP Address and Mask of the local VPN Broadband Router in the fields provided To allow access to the entire IP subnet enter 0 for the last set of IP Addresses e g 192 168 1 0 IP Address Enter the IP Address of the local VPN Broadband Router The Mask will be displayed IP Range Enter the starting and ending numbers for the IP address range Host The VPN tunnel will terminate at the router with this setting Use Port Range Forwarding to d
136. miestne org ny organiz cie zaoberaj ce sa likvid ciou odpadov alebo obchod v ktorom ste si produkt zak pili Sloven ina Slovene Okoljske informacije za stranke v Evropski uniji Evropska direktiva 2002 96 EC prepoveduje odlaganje opreme ozna ene s tem simbolom na izdelku in ali na embala i med obi ajne nerazvr ene odpadke Ta simbol opozarja da je treba izdelek odvre i lo eno od preostalih gospodinjskih odpadkov Va a odgovornost je da to in preostalo elektri no in elektronsko opremo odnesete na posebna zbirali a ki jih dolo ijo dr avne ustanove ali lokalna uprava S pravilnim odlaganjem in recikliranjem boste prepre ili morebitne kodljive vplive na okolje in zdravje ljudi e elite izvedeti ve o odlaganju stare opreme se obrnite na lokalno upravo odpad ali trgovino kjer ste izdelek kupili 133 Wireless G VPN Broadband Router Suomi Finnish Ymp rist koskevia tietoja EU alueen asiakkaille EU direktiivi 2002 96 EY edellytt ett jos laitteistossa on t m symboli itse tuotteessa ja tai sen pakkauksessa laitteistoa ei saa h vitt lajittelemattoman yhdyskuntajatteen mukana Symboli merkitsee sit ett t m tuote on h vitett v erill n tavallisesta kotitalousj tteest Sinun vastuullasi on h vitt tama elektroniikkatuote ja muut vastaavat elektroniikkatuotteet viem ll tuote tai tuotteet viranomaisten m r m n ker yspisteeseen Laitteiston oikea h vitt min
137. n to verify that your computer is properly connected to the Router 1 Refer to Appendix F Finding the MAC Address and IP address for Your Ethernet Adapter to verify that your computer has an IP Address Subnet Mask Gateway and DNS 2 Seta static IP address on your system refer to Problem 2 need to set a static IP address 3 Refer to Problem 11 need to remove the proxy settings or the dial up pop up window for PPPoE users 6 can t get my Virtual Private Network VPN working through the Router Access the Router s web interface by going to http 192 168 1 1 or the IP address of the Router and go to the Security tab Make sure you have IPsec pass through and or PPTP pass through enabled VPNs that use IPSec with the ESP Encapsulation Security Payload known as protocol 50 authentication will work fine At least one IPSec session will work through the Router however simultaneous IPSec sessions may be possible depending on the specifics of your VPNs VPNs that use IPSec and AH Authentication Header known as protocol 51 are incompatible with the Router AH has limitations due to occasional incompatibility with the NAT standard Change the IP address for the Router to another subnet to avoid a conflict between the VPN IP address and your local IP address For example if your VPN server assigns an IP address 192 168 1 X X is a number from 1 to 254 and your local LAN IP address is 192 168 1 X X is th
138. n Ethernet network cable to one of the LAN ports labeled 1 4 on the back of the Router Then connect the other end to an Ethernet port on a PC Repeat step 2 to connect additional PCs or other network devices to the Router Connect a different Ethernet network cable from your cable or DSL modem to the Internet port on the Router s rear panel Power on the cable or DSL modem Connect the power adapter to the Router s Power port and then plug the power adapter into a power outlet NOTE You should always plug the Router s power adapter into a power strip with surge protection The Power LED on the front panel will light up green as soon as the power adapter is connected properly The Power LED will flash for a few seconds and then it will be solidly lit when the self test is complete If the LED flashes for one minute or longer see Appendix A Troubleshooting Power on one of your PCs that is connected to the Router The Router s hardware installation is now complete Go to Chapter 6 Configuring the Wireless G VPN Broadband Router Figure 5 3 Connect to Power Port 11 Wireless Connection to a PC If you want to use a wireless connection to access the Router follow these instructions 1 Make sure that all of your network s hardware is powered off including the Router PCs and cable or DSL modem Connect an Ethernet network cable from your cable or DSL modem to the Internet port on the Rou
139. ncryption keys for Linksys products Ping Packet INternet Groper An Internet utility used to determine whether a particular IP address is online POP3 Post Office Protocol 3 A standard mail server commonly used on the Internet Port The connection point on a computer or networking device used for plugging in cables or adapters Power over Ethernet PoE A technology enabling an Ethernet network cable to deliver both data and power PPPoE Point to Point Protocol over Ethernet A type of broadband connection that provides authentication username and password in addition to data transport PPTP Point to Point Tunneling Protocol A VPN protocol that allows the Point to Point Protocol PPP to be tunneled through an IP network This protocol is also used as a type of broadband connection in Europe RADIUS Remote Authentication Dial In User Service A protocol that uses an authentication server to control network access 124 RJ 45 Registered Jack 45 An Ethernet connector that holds up to eight wires Roaming The ability to take a wireless device from one access point s range to another without losing the connection Router A networking device that connects multiple networks together Server Any computer whose function in a network is to provide user access to files printing communications and other services SMTP Simple Mail Transfer Protocol The standard e mail protocol on the Internet SNMP Simple Ne
140. nd on whether or not the application is designed to be used over a network Consult the application s documentation to determine if it supports operation over a network What is the IEEE 802 11b standard lt is one of the IEEE standards for wireless networks The 802 11b standard allows wireless networking hardware from different manufacturers to communicate provided that the hardware complies with the 802 11b standard The 802 11b standard states a maximum data transfer rate of 11Mbps and an operating frequency of 2 4GHz What is the IEEE 802 119 standard It is one of the IEEE standards for wireless networks The 802 119 standard allows wireless networking hardware from different manufacturers to communicate provided that the hardware complies with the 802 119 standard The 802 119 standard states a maximum data transfer rate of 54Mbps and an operating frequency of 2 4GHz What IEEE 802 11b features are supported The product supports the following IEEE 802 11b functions e CSMA CA plus Acknowledge protocol Multi Channel Roaming Automatic Rate Selection RTS CTS feature Fragmentation Power Management What IEEE 802 119 features are supported The product supports the following IEEE 802 119 functions e CSMA CA plus Acknowledge protocol OFDM protocol Multi Channel Roaming Automatic Rate Selection RTS CTS feature Fragmentation Power Management What is ad hoc mode When a wireless network is set to ad hoc mode the wirele
141. nd the Router and Appendix E Configuring VPN Tunnels Home o Central Office WRVS4G VPN Router BEE Figure 3 1 VPN Router to VPN Router Laptop with VPN Client Software that Supports IPSec INTERNET Central Office VPN Router d L L L L Figure 3 2 Computer to VPN Router Chapter 4 Getting to Know the Wireless G VPN Broadband Router The Back Panel The Router s ports where a network cable is connected are located on the back panel Figure 4 1 Back Panel Internet The Internet port connects to your cable or DSL modem LAN 1 4 The LAN Local Area Network ports connect to your PCs and other network devices Reset Button There are two ways to reset the Router s factory defaults Either press the Reset Button for IMPORTANT If you reset the Router all of approximately five seconds or restore the defaults from the Administration tab Factory A your settings including Internet connection Defaults in the Router s Web based Utility wireless and security will be deleted and replaced with the factory defaults Do not Power The Power port is where you will connect the power adapter reset the Router if you want to retain these settings The Front Panel The Router s LEDs where information about network activity is displayed are located on the front panel be SH e GE i q f Internet S S 2 i LL Figure 4 2 Front Pane
142. nel endpoint is the tunneling computer closest to the IP traffic destination as specified by the associated IP Fiter List It takes two rules to describe an PSec Tunnel This rule does not specify an IPSec tunnel Ce The tunnel endpoint is specified by this IP Address 140 1117 7 1 Figure D 16 Tunnel Setting Tab 8 Select the Connection Type tab and click All network connections Then click the OK or Close button to finish this rule Edit Rule Properties E 2lsl IF Filter List Filter Action Authentication Methods Tunnel Setting Connection Type mia This rule only apples to network trafic over connections of the selected type Ce All network connections Local area network LAM Remote access Figure D 17 Connection Type Tab Tunnel 2 Router gt win ER Rules Gener 9 In the new policy s properties screen make sure that win gt Router is selected and deselect the Use Add s Wizard check box Then click the Add button to create the second IP filter ate Saciuby piles EE IP Security Rules Require Security Preshared Key go lt Dynamic gt Default Response Kerberos Nc Figure D 18 Properties Screen Appendix D Configuring IPSec between a Windows 2000 or XP Computer and the Router 105 How to Establish a Secure IPSec Tunnel oenleeses CS IDN Rrnadhand Denger ireiess G VPN Broadband Router HNIUEIG aac VFN DIU 10 Go to the IP Filter List tab and click the filter list Route
143. ntended recipient it appears that way to the person sending the data These are only a few of the methods hackers use and they are always developing more Without the security of your VPN your data is constantly open to such attacks as it travels over the Internet Data travelling over the Internet will often pass through many different servers around the world before reaching its final destination That s a long way to go for unsecured data and this is when a VPN serves its purpose What ts a VPN A VPN or Virtual Private Network is a connection between two endpoints a VPN Router for instance in different networks that allows private data to be sent securely over a shared or public network such as the Internet This establishes a private network that can send data securely between these two locations or networks This is done by creating a tunnel A VPN tunnel connects the two PCs or networks and allows data to be transmitted over the Internet as if it were still within those networks Not a literal tunnel it is a connection secured by encrypting the data sent between the two networks VPN was created as a Cost effective alternative to using a private dedicated leased line for a private network Using industry standard encryption and authentication techniques IPSec short for IP Security the VPN creates a secure connection that in effect operates as if you were directly connected to your local network Virtual Private Netwo
144. ode assigned to a unique piece of hardware for identification like a social security number Some ISPs require you to register a MAC address in order to access the Internet If you do not wish to re register the MAC address with your ISP you may assign the MAC address you have currently registered with your ISP to the Router using the MAC Address Clone feature If you need to find your adapter s MAC address follow the instructions in Appendix F Finding the MAC Address and IP Address for Your Ethernet Adapter MAC Clone To use MAC address cloning select Enabled MAC Clone Address Enter the MAC Address registered with your ISP Then click the Save Settings button Clone My MAC Address If you want to clone the MAC address of the PC you are currently using to configure the Router then click the Clone My MAC Address button The Router will automatically detect your PC s MAC address so you do NOT have to call your ISP to change the registered MAC address to the Router s MAC address lt is recommended that the PC registered with the ISP is used to open the MAC Address Clone tab When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes For help information click More C Enabled Olesbled WC Come Agen 00 00 00 00 00 00 Clone MyMAC Address Figure 6 8 Setup Tab MAC Address Clone mac address the unique
145. onfigure the Control Tx Rate setting Control Tx Rates The default value is Auto The range is from 1 to 54Mbps The rate of data transmission should be set depending on the speed of your wireless network You can select from a range of transmission speeds or keep the default setting Auto to have the Router automatically use the fastest possible data rate and enable the Auto Fallback feature Auto Fallback will negotiate the best possible connection speed between the Router and a wireless client Beacon Interval The default value is 100 Enter a value between 1 and 65 535 milliseconds The Beacon Interval value indicates the frequency interval of the beacon A beacon is a packet broadcast by the Router to synchronize the wireless network DTIM Interval The default value is 3 This value between 1 and 255 indicates the interval of the Delivery Traffic Indication Message DTIM A DTIM field is a countdown field informing clients of the next window for listening to broadcast and multicast messages When the Router has buffered broadcast or multicast messages for associated clients it sends the next DTIM with a DTIM Interval value Its clients hear the beacons and awaken to receive the broadcast and multicast messages RTS Threshold The RTS Threshold value should remain at its default value of 2347 Should you encounter inconsistent data flow only minor reduction of the default value 2347 is recommended If a network packet is A Diinan it C
146. ot Spot The Hot Spot tab is for business owners who want to generate revenue by turning the Router into a commercial Hot Spot using Boingo Hot Spot in a Box For additional information click the More Info button or refer to Chapter 7 Boingo Hot Spot in a Box Program for Hot Spot Businesses To start the registration process click the Register button Chapter 6 Configuring the Wireless G VPN Broadband Router The Setup Tab Hot Spot Irim raren Z IA Wireless G VPH Reuter WHS You Cam funn h s Linkeys device inte a commercial WEF Het Spot e Vou tanimake ihis access pokni a Commercial Hel Spal and stan eal D d vemgie baili a Bopi wll E ou ree te St ft ieee vun Hod Spent a Boings plovkdes everything jou need te gei started e Cih HPE teg med e information eg click en MLO TEE to get wtarted wth Ger petup process R will take cody after mimir Ane cloiong on ihe Fieger bution 8 wel iske 10415 seconds be redirect you be Perion process Pease de not click on fee Regie buon pen durig Des lame F HOT SPOT IN ZE Figure 6 11 Setup Tab Hot Spot in a Box 23 The Wireless Tab Basic Wireless Settings The basic settings for wireless networking are configured on this screen Wireless Network Wireless Network Mode From this drop down menu you can select the wireless standards running on your network If you have both 802 119 and 802 11b devices in your network keep the default
147. our Customers Wi Fi service will grow to hundreds of millions of dollars over the next few years Notebook manufacturers are already building Wi Fi capability into their machines rapidly making Wi Fi a standard computer component similar to the way the 56k modem is standard today Simple Hot Spot in a Box Program The Boingo Hot Spot in a Box simplifies your process to become part of this exciting technology movement Here is the program 1 Enable the Boingo Hot Spot in a Box feature during the setup of the Linksys Wireless G Broadband Router 2 Register as a Boingo Hot Spot in a Box owner and configure your Hot Spot in a Box using Boingo s online setup wizard Your location will be listed in the Boingo directory which is available on our website and in the Boingo client software which will reside on the notebooks and handhelds of millions of mobile users 3 Market the program with the Hot Spot in a Box marketing kit that Boingo will send you This kit includes everything you need to sell access in your location including 300 brochures explaining the service and technology 20 table tents promoting the service as well as 10 Boingo stickers and CDs to sign up additional customers Boingo will also send you a presentation describing the most effective ways to promote your location and Boingo will advise you along the way 4 Collect a check that Boingo will send you every month for aggregate customer connections and customers you sign u
148. overnment or loca authorities Correct disposal and recycling will help prevent potential negative consequences to the environment and human health For more detailed information about the disposal of your old equipment please contact your local authorities waste disposal service or the shop where you purchased the product CeStina Czech Informace o ochran ivotn ho prost ed pro z kazn ky v zem ch Evropsk unie Evropsk sm rnice 2002 96 ES zakazuje aby za zen ozna en t mto symbolem na produktu anebo na obalu bylo likvidovano s netridenym komun ln m odpadem Tento symbol ud v e dan produkt mus b t likvidov n odd len od b n ho komun ln ho odpadu Odpov d te za likvidaci tohoto produktu a dal ch elektrick ch a elektronick ch za zen prost ednictv m ur en ch sb rn ch m st stanoven ch vl dou nebo m stn mi ady Spr vn likvidace a recyklace pom h p edch zet potenci ln m negativn m dopad m na ivotn prost ed a lidsk zdrav Podrobn j informace o likvidaci star ho vybaven si laskav vy dejte od m stn ch adu podniku zab vaj c ho se likvidac komun ln ch odpadu nebo obchodu kde jste produkt zakoupili Appendix M Regulatory Information 130 Wireless G VPN Broadband Router Dansk Danish Miljoinformation for kunder i EU EU direktiv 2002 96 EF kr ver at udstyr der b rer dette symbol pa produktet og eller emballagen ikke ma bo
149. owse button to find this file After you have selected the appropriate file click the Upgrade button and follow the on screen instructions For help information click More Ahantar C PA FiA FINAN ba a Wliralace_ VON Dreneanelkacatael Da EAr VWilavle O WHI A4 U iy UIS WHIG de wo Vr iN DI oqa LU SEI IU NO UI Ce A Deeree of Gace Spe be Mas armen 1 S Wireless G VPH Router AAG Administration Bhroeeg r gin ze JL rresege Upgree Waming Upgrading firmware may take a few minutes Please don t torn off or reset rowter Figure 6 45 Administration Tab Firmware Upgrade firmware the programming code that runs a networking device download to receive a file transmitted over a network upgrade to replace existing software or firmware with a newer version 51 The Status Tab Router The Router screen displays information about the Router and its current settings The on screen information will vary depending on the Internet Connection Type selected on the Setup screen Information Hardware Version This shows the installed version and date of the hardware Software Version This shows the installed version and date of the software MAC Address The MAC Address of the Router s Internet interface is displayed here Local MAC Address The MAC Address of the Router s LAN local area network interface is displayed here System Up Time The length of time the Router has been running is indicated her
150. p to the service e Boingo will pay you 1 00 every day that a Boingo monthly subscriber or roaming system user connects to one of your locations and 4 00 every day that someone connects using a Boingo AsYouGo day connection e Boingo will pay you 20 every time you sign up a new Boingo monthly subscriber who remains a member for 60 days Boingo will track your sign ups with a sales channel code that is assigned to the Router when you register with Boingo and Boingo will send you a usage statement and commission check every month You can track your usage and account sign ups through Boingo s convenient Hot Spot in a Box Administration website How the Boingo Hot Spot in a Box Feature Impacts the Linksys Wireless G Broadband Router The Linksys Wireless G VPN Broadband Router is a highly advanced networking solution that combines a Wi Fi access point a built in 4 port full duplex 10 100 switch to connect your wired Ethernet devices and a router that ties it all together and lets your whole network share a high speed cable or DSL Internet connection If you enable the Hot Spot in a Box feature the Router can only be used wirelessly as a public commercial hot spot device and you will no longer have access to your private network wirelessly you will only have wired access For security reasons the wired and wireless sides of your device are kept separate when the Hot Spot in a Box feature is enabled You can provide a public hot spot whil
151. pond Only Communicate normally uns No Bi secure Server Requir For all IP traffic always req No E server Request Secu For all IP traffic always req No Bro _Rowter No i Security Settings e GD Account Policies C Local Policies C Public Key Policies ber Ser Eed rival Figure D 1 Local Security Screen NOTE The references in this section to win are references to Windows 2000 and XP NOTE The text on your screen may differ from the text in your instructions regarding the OK or Close buttons click the appropriate button on your screen to router Properties 3 E ajx Rules General ats Secunty rules for communicating with other computers IP Security Rules iP Filter List Filter Action Authentication Tu O lt Dynamic gt Default Response Kerberos Ne Figure D 2 Rules Tab New Rule Properties is Authentication Methods Tunnel Setting Connection Type IP Fiter List Filter Action The selected IP fiter list specifies which network traffic will be secured wih this rule IP Filter Lists AUICMP Tratfic Matches all ICMP packets betw AllIP Traffic Matches all IP packets from this Figure D 3 IP Filter List Tab 100 e Al amilace CT UDM RPenadhang D Nitar Wireless G VPN Broai b and Router 3 The P Filter List screen should appear Enter an appropriate name such as win gt Router for the filter list and aixi de select the Use
152. r gt win 11 Click the Filter Action tab and select the filter action Require Security Then click the Edit button From the Security Methods tab verify that the Negotiate security option is enabled and deselect the Accept unsecured communication but always respond using IPSec check box Select Session key Perfect Forward Secrecy and click the OK button 12 Click the Authentication Methods tab and verify that the authentication method Kerberos is selected Then Click the Edit button or XP Computer and the Router New Rule Properties ajxj Authentication Methods TunnelSetting Connection Type IP Filter List Fiter Action The selected IP filter list specifies which network traffic wall be secured with this rule IP Filter Lists _ Description AllICMP Traffic Matches all ICMP packets betw All IP Traffic Matches all IF packets from this LOW route zum win gt router Figure D 19 IP Filter List Tab New Rule Properties E 2 x Authentication Methods Tunnel Setting Connection Type IP Filter List Filter Action X The selected fiter action specifies whether this rule negotiates t for secure network traffic and how it will secure the traffic Filter Actions Name Permit Permit unsecured IP packets to Request Security Optional Accepts unsecured communicat Require Security Accepts unsecured communicat Figure D 20 Filter Action Tab New Rule Properties l a
153. r List Fiter Action Authentication Methods Tunnel Setting Connection Type The authentication method specifies how trust is established ci between the computers Offer and accept these henticali SEH one security with another computer Authentication Method preference order Method Details Add Kerberos Jace 90e ___ Hamadai Figure D 13 Authentication Methods Edit Authentication Method Properties Authentication Method The authentication method specifies how tust ts established sams between the computers Windows 2000 default Kerberos V5 protocol C Use a certificate from this certificate authority CA Use this string to protect the key exchange preshared key ge 2345 a Figure D 14 Preshared Key New Rule Properties I IP Filter List Filter Action Authentication Methods TunnelSeting Connection Type The authentication method specifies how trust is established between the computers Offer and accept these another computer Authentication Method preference order htt Preshared Key AYZ12345 Figure D 15 New Preshared Key 104 Wireless G VPN Broadband Router 7 Select the Tunnel Setting tab and click The tunnel endpoint is specified by this IP Address radio button New Rule Properties WS zi xi Then enter the Router s WAN IP Address IP Fiter List Fiter Action Authentication Methods Tunnel Setting Connection Type The tun
154. r ie or ta l elettriku u elettroniku permezz ta fa ilitajiet ta bir appuntati apposta mill gvern jew mill awtoritajiet lokali Ir rimi b mod korrett u r ri ikla jg in jipprevjeni konsegwenzi negattivi potenzjali g all ambjent u g as sa a tal bniedem G al aktar informazzjoni dettaljata dwar ir rimi tat tag mir antik tieg ek jekk jog bok ikkuntattja lill awtoritajiet lokali tieg ek is servizzi g ar rimi ta l iskart jew il anut minn fejn xtrajt il prodott Magyar Hungarian K rnyezetv delmi inform ci az eur pai uni s v s rl k sz m ra A 2002 96 EC sz m eur pai uni s ir nyelv megk v nja hogy azokat a term keket amelyeken s vagy amelyek csomagol s n az al bbi c mke megjelenik tilos a t bbi szelekt latlan lakoss gi hullad kkal egy tt kidobni A c mke azt jel li hogy az adott term k kidob sakor a szokv nyos h ztart si hullad kelszallitasi rendszerekt l elk l n tett elj r st kell alkalmazni Az n felelOssege hogy ezt s m s elektromos s elektronikus berendez seit a korm nyzati vagy a helyi hat s gok ltal kijel lt gy jt redszereken kereszt l sz molja fel A megfelel hullad kfeldolgoz s seg t a k rnyezetre s az emberi eg szs gre potenci lisan rtalmas negat v hat sok megel z s ben Ha elavult berendez seinek felsz mol s hoz tov bbi r szletes inform ci ra van sz ks ge k rj k l pjen kapcsolatba a helyi hat s gokkal a hulla
155. rced Select the individual days during which the policy will be in effect or select Everyday Then enter a range of hours and minutes during which the policy will be in effect or select 24 Hours 8 Click the Save Settings button to save the policy s settings To cancel the policy s settings click the Cancel Changes button When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes Help information is shown on the right hand side of a screen For additional information click More 39 The Access Restrictions Tab VPN Client Access d i of Ca Spem e The Wireless G VPN Broadband Router offers a free Linksys QuickVPN utility for Windows 2000 or XP For more SE information refer to Appendix D Using the Linksys QuickVPN Software for Windows 2000 or XP If the Router Restrictions has VPN clients using this utility then you can designate the VPN clients and their passwords on this screen VPN Client Access screen as part of its Web based Utility If you do not see this screen then you must upgrade the Router s firmware Refer to Appendix H Upgrading Firmware for further instructions Before upgrading its firmware write down the Router s settings You will need to VPN Clee List Table reset the Router to its factory defaults after you upgrade its firmware VPN Client Status NOTE If you want VPN clients to us
156. rd te the li card s label katai a your ae HAC ID for nee F i MAC 10 for Uter 2 MAC ID for User J HAC ID for Urar S HAC ID for Usar 5 MAC Dier Uter F MAC ID for Upe f F HAC ID for User 8 HAC ID for Uter 9 BAC ID for User 10 ft beten The MAC ID Se for Frends and Famibhy kam Keel o0 54 93 28 76 12 Figure 7 15 Free Access lO x bbi A 2 28 Beech Grete Gree A Zb Ah 7 2 A j Ajresa E Waradin et banga eier DeeP stonata py eo Uns 68 nee_f UDM RBenadhangd Datar less G VPN Broadband Router LEI E i 7 The Confirmation screen will appear You may review and edit all of your settings for Location Onsite Contact EI eng beis Sep bel EI Canesten r r asght Internet Tee wll Wireless Settings Network Settings DNS Settings Location Page and Free Access for Friends and Family ae E Goes wer BS SE Adda u Mute Une hon epe Jeu Corse pr anya Er sl n tria In the Location Page section you can add a logo if you didn t previously To add a logo save a copy of the logo sonso perm GIF or JPEG format only to the computer and then click the New button Enter a name or description of the image in the Description field Enter the file name in the field provided or click the Browse button to locate oe oor ee the file After the file is located click the Upload Image button to add it to the webpage Ste besti Bue sund per nde Ba tomco
157. rder to join a wireless network wireless networking products first listen for beacon messages These messages can be easily decrypted and contain much of the network s information such as the network s SSID Service Set Identifier Here are the steps you can take Change the administrator s password regularly With every wireless networking device you use keep in mind that network settings SSID WEP keys etc are stored in its firmware Your network administrator is the only person who can change network settings If a hacker gets a hold of the administrator s password he too can change those settings So make it harder for a hacker to get that information Change the administrator s password regularly A Note Some of these security features are available only through the network router or access point Refer to the router or access point s documentation for more information 94 SSID There are several things to keep in mind about the SSID 1 Disable Broadcast 2 Make it unique 3 Change it often Most wireless networking devices will give you the option of broadcasting the SSID While this option may be more convenient it allows anyone to log into your wireless network This includes hackers So don t broadcast the SSID Wireless networking products come with a default SSID set by the factory The Linksys default SSID is linksys Hackers know these defaults and can check these against your networ
158. rekt avfallshandtering og gjenvinning vil v re med pa forhindre mulige negative konsekvenser for milj og helse For n rmere informasjon om h ndtering av det kasserte utstyret ditt kan du ta kontakt med kommunen en innsamlingsstasjon for avfall eller butikken der du kj pte produktet Polski Polish Informacja dla klient w w Unii Europejskiej o przepisach dotycz cych ochrony rodowiska Dyrektywa Europejska 2002 96 EC wymaga aby sprz t oznaczony symbolem znajduj cym si na produkcie i lub jego opakowaniu nie by wyrzucany razem z innymi niesortowanymi odpadami komunalnymi Symbol ten wskazuje e produkt nie powinien by usuwany razem ze zwyk ymi odpadami z gospodarstw domowych Na Pa stwu spoczywa obowi zek wyrzucania tego i innych urz dze elektrycznych oraz elektronicznych w punktach odbioru wyznaczonych przez w adze krajowe lub lokalne Pozbywanie si sprz tu we w a ciwy spos b i jego recykling pomog zapobiec potencjalnie negatywnym konsekwencjom dla rodowiska i zdrowia ludzkiego W celu uzyskania szczeg owych informacji o usuwaniu starego sprz tu prosimy zwr ci si do lokalnych w adz stuzb oczyszczania miasta lub sklepu w kt rym produkt zosta nabyty Appendix M Regulatory Information Portugu s Portuguese Informa o ambiental para clientes da Uni o Europeia A Directiva Europeia 2002 96 CE exige que o equipamento que exibe este simbolo no produto e ou na sua embalagem n o seja eliminado
159. ress or domain name of the Wireless G VPN Broadband Router To begin your QuickVPN connection click the Connect button To save this profile click the Save button To delete this profile click the Delete button For information click the Help button When your QuickVPN connection is active the status screen will appear and the QuickVPN tray icon will turn green It will display the IP address of the remote end of the VPN tunnel the time and date the VPN tunnel began and the total length of time the VPN tunnel has been active To terminate the VPN tunnel click the Disconnect button If you want to change your password click the Change Password button For information click the Help button A NOTE You can change your password only if you have been granted that privilege by your system administrator If you clicked the Change Password button and have permission to change your own password you will see the Connect Virtual Private Connection screen Enter your password in the O d Password field Enter your new password in the New Password field Then enter the new password again in the Confirm New Password field Click the OK button to save your new password Click the Cancel button to cancel your change For information click the Help button You can create multiple profiles by repeating steps 2 and 3 for each profile Figure C 2 QuickVPN Desktop Icon Figure C 3 QuickVPN Tray Icon No Connection Linksys Quick PM Wies
160. rking can be used to create secure networks linking a central office with branch offices telecommuters and or professionals on the road travelers can connect to a VPN Router using any computer with the Linksys VPN client software There are two basic ways to create a VPN connection e VPN Router to VPN Router e Computer using the Linksys VPN client software to VPN Router IMPORTANT You must have at least one VPN Router on one end of the VPN A tunnel At the other end of the VPN tunnel you must have a second VPN Router or a computer with the Linksys VPN client software The VPN Router creates a tunnel or channel between two endpoints so that data transmissions between them are secure A computer with the Linksys VPN client software can be one of the two endpoints refer to Appendix C Using the Linksys QuickVPN Software for Windows 2000 or XP If you choose not to run the VPN client software any computer with the built in IPSec Security Manager Microsoft 2000 and XP allows the VPN Router to create a VPN tunnel using IPSec refer to Appendix D Configuring IPSec between a Windows 2000 or XP PC encryption encoding data transmitted in a network ip internet protocol a protocol used to send data over a network software instructions for the computer and the Router Other versions of Microsoft operating systems require additional third party VPN client software applications that support IPSec to be installed
161. rmation contained in a MIB Management Information Base which is a data structure that defines what is obtainable from the device and what can be controlled turned off on etc SNMP functions such as statistics configuration and device information are not available without third party Management Software The Router is compatible with all HP Openview compliant software 119 LIZ es gl en ap C UDA Deen en elle eg gagl DR sagen ge Wiiraracece t Wei rey nD LOT ir Wireless G VPN Broadband Router Appendix H Upgrading Firmware You can use the Router s Web based Utility to upgrade the firmware however if you do so you will lose the r settings you have configured on the Router Before you upgrade its firmware write down all of your custom LINKSYS settings After you upgrade its firmware you will have to re enter all of your configuration settings To upgrade the Router s firmware follow these instructions 1 2 Click the Administration tab and then the Firmware Upgrade tab of the Router s Web based Utility On the Upgrade Firmware screen enter the location of the extracted firmware upgrade file or click the Administration Download the Router s firmware upgrade file from the Linksys website www linksys com Extract the file on your computer Browse button to find this file Click the Upgrade button and follow the on screen instructions Annandiv LH llinnradinga Eirmwara A ppen dix H U pgi adin
162. rtskaffes som usorteret kommunalt affald Symbolet betyder at dette produkt skal bortskaffes adskilt fra det almindelige husholdningsaffald Det er dit ansvar at bortskaffe dette og andet elektrisk og elektronisk udstyr via bestemte indsamlingssteder udpeget af staten eller de lokale myndigheder Korrekt bortskaffelse og genvinding vil hj lpe med til at undg mulige skader for milj et og menneskers sundhed Kontakt venligst de lokale myndigheder renovationstjenesten eller den butik hvor du har k bt produktet ang ende mere detaljeret information om bortskaffelse af dit gamle udstyr Deutsch German Umweltinformation f r Kunden innerhalb der Europ ischen Union Die Europ ische Richtlinie 2002 96 EC verlangt dass technische Ausr stung die direkt am Ger t und oder an der Verpackung mit diesem Symbol versehen ist nicht zusammen mit unsortiertem Gemeindeabfall entsorgt werden darf Das Symbol weist darauf hin dass das Produkt von regul rem Haushaltm ll getrennt entsorgt werden sollte Es liegt in Ihrer Verantwortung dieses Ger t und andere elektrische und elektronische Ger te ber die daf r zust ndigen und von der Regierung oder rtlichen Beh rden dazu bestimmten Sammelstellen zu entsorgen Ordnungsgem es Entsorgen und Recyceln tr gt dazu bei potentielle negative Folgen f r Umwelt und die menschliche Gesundheit zu vermeiden Wenn Sie weitere Informationen zur Entsorgung Ihrer Altgerate ben tigen wenden Sie sich bitte an die
163. rver does not need to be in the DMZ Just forward port 27015 to the local IP address of the server computer How can I block corrupted FTP downloads If you are experiencing corrupted files when you download a file with your FTP client try using another FTP program The web page hangs downloads are corrupt or nothing but junk characters are being displayed on the screen What do I need to do Force your Ethernet adapter to 10Mbps or half duplex mode and turn off the Auto negotiate feature of your Ethernet adapter as a temporary measure Please look at the Network Control Panel in your Ethernet adapter s Advanced Properties tab Make sure that your proxy setting is disabled in the browser Check our website at www linksys com for more information If all else fails in the installation what can do Reset the Router by holding down the reset button until the Power LED fully turns on and off Reset your cable or DSL modem by powering the unit off and then on Obtain and flash the latest firmware release that is readily available on the Linksys website www linksys com How will I be notified of new Router firmware upgrades All Linksys firmware upgrades are posted on the Linksys website at www linksys com where they can be downloaded for free To upgrade the Router s firmware use the System tab of the Router s web based utility If the Router s Internet connection is working well there is no need to download a newer firmware
164. s Tab Advanced Wireless Settings Figure 6 20 Security Tab Firewall Figure 6 21 Figure 6 22 Figure 6 23 Figure 6 24 Figure 6 25 Figure 6 26 Figure 6 27 Figure 6 28 Figure 6 29 Figure 6 30 Figure 6 31 Figure 6 32 Figure 6 33 Figure 6 34 Figure 6 35 Figure 6 36 Figure 6 37 Figure 6 38 Figure 6 39 Figure 6 40 Figure 6 41 Figure 6 42 Figure 6 43 Figure 6 44 Figure 6 45 Figure 6 46 Figure 6 47 Figure 6 48 Figure 6 49 Figure 6 50 Figure 6 51 Security Tab VPN Local Secure Group Subnet and Remote Secure Group Subnet Local Secure Group IP Address and Remote Secure Group IP Address Local Secure Group IP Range and Remote Secure Group IP Range Local Secure Group Host and Remote Secure Group Host Local Secure Group Subnet and Remote Secure Group Any Remote Secure Group Any and Remote Secure Gateway FQDN Remote Security Group Any and Remote Secure Gateway Any Key Exchange Method Auto IKE Key Exchange Method Manual Advanced VPN Tunnel Setup Access Restrictions Tab Internet Access Internet Filter Summary List of PCs Blocked Services Access Restrictions Tab VPN Client Access Applications amp Gaming Tab Port Range Forwarding Applications amp Gaming Tab Port Triggering Applications amp Gaming Tab UPnP Forwarding Applications amp Gaming Tab DMZ Administration Tab Management Administration Tab Log Administration Tab Diagnost
165. s over a single line but only one direction at a time HTTP Hypertext Transport Protocol The communications protocol used to connect to servers on the World Wide Web Infrastructure A wireless network that is bridged to a wired network via an access point IP Internet Protocol A protocol used to send data over a network 123 IP Address The address used to identify a computer or device on a network IPCONFIG A Windows 2000 and XP utility that displays the IP address for a particular networking device IPSec Internet Protocol Security A VPN protocol used to implement secure exchange of packets at the IP layer ISP Internet Service Provider A company that provides access to the Internet LAN The computers and networking products that make up your local network MAC Media Access Control Address The unique address that a manufacturer assigns to each networking device Mbps MegaBits Per Second One million bits per second a unit of measurement for data transmission NAT Network Address Translation NAT technology translates IP addresses of a local area network to a different IP address for the Internet Network A series of computers or devices connected for the purpose of data sharing storage and or transmission between users Packet A unit of data sent over a network Passphrase Used much like a password a passphrase simplifies the WEP encryption process by automatically generating the WEP e
166. same email address for Email Address for Alert Logs E Mail Server IP Address This is the IP address or full mail server name e g mail domain com of your mail server Syslog Notification Syslog is a standard protocol used to capture information about network activity The Router supports this protocol and can send its activity logs to an external server To enable Syslog click Enabled Otherwise select Disabled Device Name Enter a name for the Router in the field provided Syslog Server IP Address Enter the IP Address of the Syslog server in the Syslog Server IP Address field In addition to the standard event log the Router can send a detailed log to an external Syslog server The Router s Syslog captures all log activities and includes this information about all data transmissions every connection source and destination IP address IP service and number of bytes transferred Syslog Priority Select the appropriate priority from the drop down list The default is nformation Notification Queue Length Log Queue Length You can designate the length of the log that will be e mailed to you The default is 50 entries so unless you change this setting the Router will e mail the log to you when there are more than 50 log entries Division af Dea Eyrinni ine Administration E field Set T Enab F Disabled Eel Adger der Ganerako m E Mail Adekezg for Ale Logt Peter ft Mai addes EA Serve P addins o ff f fo
167. services or other specialized Internet applications on your network Click this tab e Port Triggering To set up triggered ranges and forwarded ranges for Internet applications click this tab e UPnP Forwarding Use this screen to alter UPnP forwarding settings e DMZ Click this tab to allow one local user to be exposed to the Internet for use of special purpose services Administration e Management Alter the Router s password its access privileges SNMP settings and UPnP settings e Log If you want to view or save activity logs click this tab e Diagnostics Use this screen to check the connection between the Router and a PC e Factory Defaults If you want to restore the Router s factory defaults then use this screen e Firmware Upgrade Click this tab if you want to upgrade the Router s firmware Status e Router This screen provides status information about the Router 14 e Local Network This provides status information about the local network e Wireless Status information about the wireless network is displayed here e System Performance Status information is provided for all network traffic e VPN Clients This screen provides status information about the Router s VPN clients How to Access the Web based Utility To access the web based utility launch Internet Explorer or Netscape Navigator and enter the Router s default IP address 192 168 1 1 in the Address field Then press Enter A password req
168. setting Mixed If you have only 802 119 devices select G Only If you have only 802 11b devices select B Only If you do not have any 802 11g and 802 11b devices in your network select Disable Wireless Network Name SSID The SSID is the network name shared among all points in a wireless network The SSID must be identical for all devices in the wireless network It is case sensitive and must not exceed 32 characters use any of the characters on the keyboard Make sure this setting is the same for all points in your wireless network For added security you should change the default SSID linksys g to a unique name Wireless Channel Select the appropriate channel from the list provided to correspond with your network settings All devices in your wireless network must be broadcast on the same channel in order to function correctly Wireless SSID Broadcast When wireless clients survey the local area for wireless networks to associate with they will detect the SSID broadcast by the Router To broadcast the Router s SSID keep the default setting Enable If you do not want to broadcast the Router s SSID then select Disabled When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes Help information is shown on the right hand side of a screen For additional information click More A Divison of Coco Systems ine Wireless G VPN Rou
169. smitted Topology The physical layout of a network TX Rate Transmission Rate Upgrade To replace existing software or firmware with a newer version Upload To transmit a file over a network URL Uniform Resource Locator The address of a file located on the Internet VPN Virtual Private Network A security measure to protect data as it leaves one network and goes to another over the Internet WAN Wide Area Network The Internet WEP Wired Equivalent Privacy A method of encrypting network data transmitted on a wireless network for greater security WLAN Wireless Local Area Network A group of computers and associated devices that communicate with each other wirelessly WPA Wi Fi Protected Access A wireless security protocol using TKIP Temporal Key Integrity Protocol encryption which can be used in conjunction with a RADIUS server 126 Appendix K Specifications Standards Ports Buttons Cabling Type LEDs Transmit Power Security Features WEP Key Bits Dimensions W x H x D Unit Weight Power Certifications Operating Temp Storage Temp Operating Humidity Storage Humidity 802 11b 802 119 802 3 Internet Ethernet 1 4 Power Power Reset UTP CAT 5 or better Power Internet Ethernet 1 2 3 4 Wireless G DMZ 19 dBm WEP 802 1x Authentication 64 128 7 32 x 6 89 x 1 89 186 mm x 175 mm x 48 mm 1 26 Ib 0 57 kg 5V 2 5A FCC IC 03 32 104 F 0
170. splay general information about the device At this point all links in the top navigation bar will apply to this specific device e Navigation Column on the Left The navigation column will not change zg Bike d 3 3 Greh steet One 3 Ae AR A Abma og hapa n he teg Koup Lo erg T nf E sar Pipar freen Euri leiayegg gie e E erte A J e kreeg Figure 7 20 Device View 73 Wireless G VPN Broadband Router e Navigation Bar at the Top The links in the top navigation bar will change All of these links are now specific to the device that you selected The Sales Commissions and Past Statements links will disappear these reports are not device specific In addition a new list of reports called Status will appear Usage Reports e Usage Revenue Month to date This shows usage revenue from the beginning of the month to the current day The chart will show the number of connections from Boingo Subscription users and from As You Go users It will also show the total revenue from each group and the total revenue for the time period e Usage Revenue Total Since Install Date This screen shows the same information as above but the time period will range from the initial device installation date to the current date e Usage Revenue Date Range It shows the same information as above but the time period will be based on a range of dates set by the user Status Reports A variety
171. ss equipped computers are configured to communicate directly with each other The ad hoc wireless network will not communicate with any wired network 90 What is infrastructure mode When a wireless network is set to infrastructure mode the wireless network is configured to communicate with a wired network through a wireless access point What is roaming Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single access point Before using the roaming function the workstation must make sure that it is the same channel number with the access point of dedicated coverage area To achieve true seamless connectivity the wireless LAN must incorporate a number of different functions Each node and access point for example must always acknowledge receipt of each message Each node must maintain contact with the wireless network even when not actually transmitting data Achieving these functions simultaneously requires a dynamic RF networking technology that links access points and nodes In sucha system the user s end node undertakes a search for the best possible access to the system First it evaluates such factors as signal strength and quality as well as the message load currently being carried by each access point and the distance of each access point to the wired backbone Based on that information the node next selects the right access point an
172. ss that is not used by any other computer on the network connected to the Router Enter the Subnet Mask 255 255 255 0 Enter the Default Gateway 192 168 1 1 Router s default IP address Toward the bottom of the window select Use the following DNS server addresses and enter the Preferred DNS server and Alternative DNS server provided by your ISP Contact your ISP or go on its website to find the information Click the OK button in the Internet Protocol TCP IP Properties window Click the OK button in the Local Area Connection Properties window 3 I want to test my Internet connection A Check your TCP IP settings For Windows 98 Me 2000 and XP e Refer to Windows Help for details Make sure Obtain IP address automatically is selected in the settings 79 For Windows NT 4 0 B Click Start Settings and Control Panel Double click the Network icon Click the Protocol tab and double click on TCP IP Protocol When the window appears make sure you have selected the correct Adapter for your Ethernet adapter and set it for Obtain an IP address from a DHCP server Click the OK button in the TCP IP Protocol Properties window and click the Close button in the Network window Restart the computer if asked Open a command prompt For Windows 98 and Me Click Start and Run In the Open field type in command Press the Enter key or click the OK button For Windows NT 2000 and XP C Click Start and Run In the
173. st Hot Spot in a Box device is complete and now it is an active Hot Spot location in the Boingo system You can manage your device check usage change settings update contact information review device statistics etc by going to the Boingo Administration site at http admin hotspot boingo com or www boingo com selfcare Refer to the following section Administration Site You have entered al of the requened daba for piw dewere FREE Tou eer chek on the Corglete Dewoe Zeta bution at the bengen of thit page te coreelese the Hot Spot in a Box d bep presets Aer completing pour bup wall ba able bo ane pour gezeomsrh glita by gomg bo the Baan E ake ax bapa di adiran hotspot bouge con Tta pae Miaa ected Ba pie Brough a Nr Apiuni ink on the Borago eebpite wem bongo tomi You will ba able te Bri pitou galas generebon trom pour dances CMTE See Bere our whon t the configuratios of pour devices Amer chology on the Complete Device Setup bution the Hot Spot in a Bow configqureten l be grein pour devaa After 10 30 pecends pou mil gee a pepe that asks pou bo click a Restart butters After clckeng hestert your deres sf be operational E bathe a pour day KEE GT Te H vc Zeg You shovld be ahia be cas Hea coal i the Anesti Wi Fi dree gt P aie cick con the batten belger Figure 7 17 Almost Done 70 Administration Site The Boingo Hot Spot in a Box Administration site provides you with the tools
174. t up and configure it to bridge your different networks These instructions should be all you need to get the most out of the Wireless G VPN Broadband Router What s in this Guide This user guide covers the steps for setting up and using the Wireless G VPN Broadband Router Chapter 1 Introduction This chapter describes the Wireless G VPN Broadband Router applications and this User Guide Chapter 2 Planning Your Wireless Network This chapter describes the basics of wireless networking Chapter 3 Planning Your Virtual Private Network VPN This chapter describes a VPN and its various applications Chapter 4 Getting to Know the Wireless G VPN Broadband Router This chapter describes the physical features of the Router Chapter 5 Connecting the Wireless G VPN Broadband Router This chapter instructs you on how to connect the Router to your network Chapter 6 Configuring the Wireless G VPN Broadband Router This chapter explains how to use the Web Based Utility to configure the settings on the Router Chapter 7 Boingo Hot Spot in a Box for Hot Spot Businesses This chapter explains how to sign up for the Boingo Hot Spot in a Box program Appendix A Troubleshooting This appendix describes some problems and solutions as well as frequently asked questions regarding installation and use of the Wireless G VPN Broadband Router Appendix B Wireless Security This appendix explains the risks of wireless networking and some solutions to
175. te was made by the device Uptime This is the total amount of uptime represented in DD HH MM SS days hours minutes seconds Load This is the system load average represented in typical UNIX format displaying averages for the past 1 5 and 15 minutes M Wat Crnat in a Dav A Dranram far Hat Crnt Bireinaceneae Hot Spot in a Box Program for Hot Spot Businesses ke ww J api d Sad o Pere Mh ee al been K Fifa iriad ed eel gee wll x fb E Wees fyoim oon iip Hbd d 3 23 Qhera tert Ze G Zu AR JA Adem c Wies Arte hape bongo nom we Wed dest Device Performance DNR The Cafe Shop Company The Caller Shop Mader the front counter Aerer CA A eons Cu N ME m HOF PEE Je 23 2004 1207 26 ST 176 LEN 100 Je A3 2004 12043 ST OO I82 019 LEI LEO 1m 3003 ZER Je 23 2009 11 2125 OC UM Um 10 oa mn ne Je 23 2009 1122 22 ST OO Tee 1 2003 es Jas 23 2009 114725 FST OOTP LT 11 m nn 298 Figure 7 25 Device Performance 76 leese C IDN BDenadhang Daitar less G VPN Broadband Route CPU Used This is the percentage of the CPU s processing power currently in use RAM Total MB This is the total RAM available represented in megabytes MB RAM Used MB Shown here is the amount of RAM currently in use represented in megabytes MB Aggregate Traffic IN MB This is the total amount of incoming traffic for all users of the wired interface represented in megabytes MB Aggr
176. ter Wireless Wireless Network Mode Maxed Wireless Network Nemegsopy linksye g Wireless Carret 6 74NG u w YWweless SSD Drosdcast tmabied Diesbied Ze etonus Comsit Chenges Figure 6 12 Wireless Tab Basic Wireless Settings 24 The Wireless Tab Wireless Security The Wireless Security settings configure the security of your wireless network There are four wireless security mode options supported by the Router WPA Pre Shared Key WPA RADIUS RADIUS and WEP WPA stands for Wi Fi Protected Access which is a security standard stronger than WEP encryption WEP stands for Wired Equivalent Privacy while RADIUS stands for Remote Authentication Dial In User Service These four are discussed here Select the appropriate security mode for your network For detailed instructions on configuring wireless security for the Router turn to Appendix B Wireless Security WPA Pre Shared Key WPA gives you one encryption method TKIP with dynamic encryption keys Select TKIP or AES from the WPA Algorithm drop down menu Enter a WPA Shared Key of 8 32 characters Then enter the Key Renewal Timeout period which instructs the Router how often it should change the encryption keys When you have finished making changes to the screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes Help information is shown on the right hand side of a screen For additional informat
177. ter s rear panel Power on the cable or DSL modem Connect the power adapter to the Router s Power port and then plug the power adapter into a power outlet NOTE You should always plug the Router s power adapter into a power strip with surge protection The Power LED on the front panel will light up green as soon as the power adapter is connected properly The Power LED will flash for a few seconds and then it will be solidly lit when the self test is complete If the LED flashes for one minute or longer see Appendix A Troubleshooting Power on one of the PCs on your wireless network s For initial access to the Router through a wireless connection make sure the PC s wireless adapter has its SSID set to linksys g the Router s default setting and its WEP encryption disabled After you have accessed the Router you can change the Router and this PC s adapter settings to match your usual network settings The Router s hardware installation is now complete Go to Chapter 6 Configuring the Wireless G VPN Broadband Router A Figure 5 5 Connect to Power Port NOTE You should change the SSID from its default linksys and enable WEP encryption after you have accessed the Router 12 Chapter 6 Configuring the Wireless G VPN Broadband Router Overview Linksys recommends using the Setup CD ROM for first time installation of the Router If you do not wish to run the Setup Wizard on the Setup
178. ter protects your networks from unauthorized and unwelcome users vpn virtual private network A security measure to protect data as it leaves one network and goes to another over the Internet 802 11b an IEEE wireless networking standard that specifies a maximum data transfer rate of 11Mbps and an operating frequency of 2 4GHz 802 11g an IEEE wireless networking standard that specifies a maximum data transfer rate of 54Mbps an operating frequency of 2 4GHz and backward compatibility with 802 11b devices wpa wi fi protected access a wireless security protocol using TKIP Temporal Key Integrity Protocol encryption which can be used in conjunction with a RADIUS server nat network address translation NAT technology translates IP addresses of a local area network to a different IP address for the Internet spi stateful packet inspection firewall A technology that inspects incoming packets of information before allowing them to enter the network ethernet an EEE standard network protocol that specifies how data is placed on and retrieved from a common transmission medium lan local area network The computers and networking products that make up the network in your home or office You should always use the Setup CD ROM when you first install the Router If you do not wish to run the Setup Wizard on the Setup CD ROM then use the instructions in this Guide to help you connect the Wireless G VPN Broadband Router set i
179. ternet connection has been terminated due to inactivity Connect on Demand enables the Router to automatically re establish your connection as soon as you attempt to access the Internet again If you wish to activate Connect on Demand click the radio button In the Max Idle Time field enter the number of minutes you want to have elapsed before your Internet connection terminates Keep Alive Option Redial Period If you select this option the Router will periodically check your Internet connection If you are disconnected then the Router will automatically re establish your connection To use this option click the radio button next to Keep Alive In the Redial Period field you specify how often you want the Router to check the Internet connection The default Redial Period is 30 seconds When you have finished making changes to the screen click the Save Settings button to save the changes or click the Gancel Changes button to undo your changes Static IP sl IP Address 10 fo Jo Aa Subnet Mask 255 255 255 0 Default Gateway fo fo fo fo Secondary ons fo Jon Jo Jo Figure 6 3 Internet Connection Type Static IP Static ip address a fixed address assigned to a computer or device connected to a network subnet mask an address code that determines the size of the network default gateway a device that forwards Internet traffic from your local area network PPPoE d User Name linksys Password lececeee C Connect on De
180. thernet The Router s current hardware design supports up to 100Mbps Ethernet on its Internet port however the Internet connection speed will vary depending on the speed of your broadband connection The Router also supports 100Mbps over the auto sensing Fast Ethernet 10 100 switch on the LAN side of the Router What is Network Address Translation and what is it used for Network Address Translation NAT translates multiple IP addresses on the private LAN to one public address that is sent out to the Internet This adds a level of security since the address of a PC connected to the private LAN is never transmitted on the Internet Furthermore NAT allows the Router to be used with low cost Internet accounts such as DSL or cable modems when only one TCP IP address is provided by the ISP The user may have many private addresses behind this single address provided by the ISP Does the Router support any operating system other than Windows 95 Windows 98SE Windows Millennium Windows 2000 or Windows XP Yes but Linksys does not at this time provide technical support for setup configuration or troubleshooting of any non Windows operating systems Does the Router support ICQ send file Yes with the following fix click ICQ menu gt preference gt connections tab gt and check am behind a firewall or proxy Then set the firewall time out to 80 seconds in the firewall setting The Internet user can then send a file to a user behind th
181. tiating security with another computer Edit Remove Authentication Method preference order Method Details Preshared Key XYZ12345 Figure D 23 New Preshared Key New Rule Properties 1 Fiter Action 15 Click the Tunnel Setting tab Click the radio button for The tunnel endpoint is specified by this IP Address and enter the Windows 2000 XP computer s IP Address IP Fiter List Authentication Methods TunnelSetting Connection Type The tunnel endpoint is the tunneling computer closest to the IP traffic destination as specified by the associated IP Fiter List It takes two rules to describe an IPSec Tunnel C This rule does not specify an IPSec tunnel Ce The tunnel endpoint is specified by this IP Address D EE ee Figure D 24 Tunnel Setting Tab 107 Appendix D Configuring IPSec between a Windows 2000 or XP Computer and the Router How to Establish a Secure IPSec Tunnel Wireless G VPN Broadband Router 16 Click the Connection Type tab and select All network connections Then click the OK or Close button to finish New Rule Properties IP Fiter List Filter Action Authentication Methods Tunnel Setting Connection Type ats This rule only applies to network traffic over connections of the selected type All network connections C Local area network LAN Remote access Figure D 25 Connection Type 17 From the Rules tab click the OK or Close button to return to t
182. ting Connection Type IP Filter List Fiter Action x The selected filter action specifies whether this rule negotiates for secure network traffic and how it will secure the traffic O Perma Permit unsecured IP packets to O Request Security Optional Accepts unsecured communicat Require Security Accepts unsecured communicat Figure D 11 Filter Action Tab Require Securty Properties aal Security Methods General C Permit C Block Ge Negotiate security Secunty Method preference order AH Integrity ESP Confidential ES lt None gt 3DES SH lt None gt 3DES MC lt None gt DES SH lt None gt DES MC j Move down Accept unsecured communication but always respond using IPSec T Allow unsecured communication wth non IPSec aware computer IV Session key Perfect Forward Secrecy Figure D 12 Security Methods Tab 103 Wireless G VPN Broadband Router 4 Select the Authentication Methods tab and click the Edit button 5 Change the authentication method to Use this string to protect the key exchange preshared key and enter the preshared key string such as XYZ12345 Click the OK button 6 This new Preshared key will be displayed Click the Apply button to continue if it appears on your screen otherwise proceed to the next step Appendix D Configuring IPSec between a Windows 2000 or XP Computer and the Router How to Establish a Secure IPSec Tunnel New Rule Properties des IP Fite
183. tion of the device s placement city and state Clicking on one of the devices listed will display the Device screen The color of the status ball indicates the following Green Green indicates that your device is online and connected to the Internet Red Red indicates that your device is offline and is not connected to the Internet or is not configured correcily Gray Gray indicates that your device is not registered Make sure that you are connected to the Internet and register your device again NOTE If any other color of status ball appears contact Boingo Technical Support e Navigation Column on the Left This is a list of available links These links include the following e Home This displays the Home screen e Customer Support It provides Customer Support contact information in the main window e Change Billing Contact This allows you to change the contact information of the person who receives the commission checks Let Crnat in 4 Hot Spot in a 2n zete Hei Speak ei a Alive Adminniraiion S 7 Mucrnantt Internet Tetdee IO xj De DR Ges Pgeorbes Job ek e e DA l Ah a e A 2 A7 2 A Ajia Lei ete age hokai begann ost se Links BOINGO WIRELESS ke Boingo Hot Spot in a Box Administration Site a La eer Rame alere EED N mW a 3G tere Figure 7 18 Administration Login P few Int Soot n a boat Adrere x Ge E yew Trotn ps tb Zeta d 2 23 Bien irn Ge A DJIA JS Ten o
184. twork Management Protocol A widely used network monitoring and control protocol SPI Stateful Packet Inspection Firewall A technology that inspects incoming packets of information before allowing them to enter the network SSID Service Set IDentifier Your wireless network s name Static IP Address A fixed address assigned to a computer or device that is connected to a network Static Routing Forwarding data in a network via a fixed path Subnet Mask An address code that determines the size of the network Switch 1 A data switch that connects computing devices to host computers allowing a large number of devices to share a limited number of ports 2 A device for making breaking or changing the connections in an electrical circuit TCP Transmission Control Protocol A network protocol for transmitting data that requires acknowledgement from the recipient of data sent TCP IP Transmission Control Protocol Internet Protocol A set of instructions PCs use to communicate over a network Telnet A user command and TCP IP protocol used for accessing remote PCs TFTP Trivial File Transfer Protocol A version of the TCP IP FTP protocol that has no directory or password capability Throughput The amount of data moved successfully from one node to another in a given time period 125 TKIP Temporal Key Integrity Protocol a wireless encryption protocol that provides dynamic encryption keys for each packet tran
185. uest page will appear Non Windows XP users will see a similar screen Enter admin the default user name in the User Name field and enter admin the default password in the Password field Then click the OK button Make the necessary changes through the Utility When you have finished making changes to a screen click the Save Settings button to save the changes or click the Cancel Changes button to undo your changes Help information is shown on the right hand side of a screen For additional information click More The Setup Tab Basic Setup The first screen that appears is the Basic Setup tab This tab allows you to change the Router s general settings Internet Setup The Internet Setup section configures the Router for your Internet connection type This information can be obtained from your ISP Internet Connection Type The Router supports four connection types Automatic Configuration DHCP the default connection type PPPoE Static IP and PPTP Each Basic Setup screen and available features will differ depending on what kind of connection type you select Automatic Configuration DHCP By default the Router s Configuration Type is set to Automatic Configuration DHCP and it should be kept only if your ISP supports DHCP or you are connecting through a dynamic IP address Connect to 192 168 1 1 ajx Sy EMT ETH Paciic Tne UGA A Canada sl Auto Daylight Saving C Ened e Deabieg eee ot FCO ERTI
186. up in Infrastructure mode The basis of Infrastructure mode centers around an access point or wireless router such as the Wireless G VPN Broadband Router which serves as the main point of communications in a wireless network The Router transmits data to PCs equipped with wireless network adapters which can roam within a certain radial range of the Router You can arrange the Router and multiple access points to work in succession to extend the roaming range and you can set up your wireless network to communicate with your Ethernet hardware as well lf the wireless network is relatively small and needs to share resources only with the other computers on the wireless network then the Ad Hoc mode can be used Ad Hoc mode allows computers equipped with wireless transmitters and receivers to communicate directly with each other eliminating the need for a wireless router or access point The drawback of this mode is that in Ad Hoc mode wireless equipped computers are not able to communicate with computers on a wired network And of course communication between the wireless equipped computers is limited by the distance and interference directly between them Network Layout The Wireless G VPN Broadband Router has been specifically designed for use with both your 802 11b and 802 119 products Now products using these standards can communicate with each other network a series of computers or devices connected for the purpose of data sharing stora
187. ur network s performance but if you are transmitting sensitive data over your network encryption should be used These security recommendations should help keep your mind at ease while you are enjoying the most flexible and convenient technology Linksys has to offer 96 Appendix C Using the Linksys QuickVPN Software for Windows 2000 or XP Overview vpn virtual private network a security measure to protect data as it leaves one The Linksys Wireless G VPN Broadband Router offers a free QuickVPN software program for computers running network and goes to another over the internet Windows 2000 or XP Computers running other operating systems will have to use a third party VPN software program This guide describes how to install and use the Linksys QuickVPN software software instructions for the computer Before You Begin The QuickVPN software program only works with a Wireless G VPN Broadband Router that meets these two criteria 1 it is running firmware version 2 36 or higher and 2 it MUST be properly configured to accept a QuickVPN connection If you need to upgrade the Router s firmware or configure it for a QuickVPN connection refer to Appendix H Upgrading Firmware After you have verified that the Router is ready for a Quick VPN connection make sure you have the necessary information user name password and server address for your QuickVPN connection If you do not have this information contact your system adm
188. ur wireless adapter or vice versa Verify that the same WEP keys and levels 64 or 128 are being used on all nodes of your wireless network 92 How many channels frequencies are available with the Router There are eleven available channels ranging from 1 to 11 in North America If your questions are not addressed here refer to the Linksys website www linksys com 93 Appendix B Wireless Security Linksys wants to make wireless networking as safe and easy for you as possible The current generation of Linksys products provide several network security features but they require specific action on your part for implementation So keep the following in mind whenever you are setting up or using your wireless network Security Precautions The following is a complete list of security precautions to take as shown in this User Guide at least steps 1 through 5 should be followed 1 Change the default SSID 2 Disable SSID Broadcast 3 Change the default password for the Administrator account 4 Enable MAC Address Filtering 5 Change the SSID periodically 6 Use the highest encryption algorithm possible Use WPA if it is available Please note that this may reduce your network performance 7 Change the WEP encryption keys periodically To ensure network security steps one through five should be followed at least Security Threats Facing Wireless Networks Wireless networks are easy to find Hackers know that in o
189. ure 0 1 Sample Figure Description Figure numbers and descriptions can also be found in the List of Figures section in the Table of Contents WRV54G UG 60306D JL Table of Contents Chapter 1 Introduction Welcome What s in this Guide Chapter 2 Planning Your Wireless Network Network Topology Ad Hoc versus Infrastructure Mode Network Layout Chapter 3 Planning Your Virtual Private Network VPN Why do need a VPN What is a VPN Chapter 4 Getting to Know the Wireless G VPN Broadband Router The Back Panel The Front Panel Chapter 5 Connecting the Wireless G VPN Broadband Router Overview Wired Connection to a PC Wireless Connection to a PC Chapter 6 Configuring the Wireless G VPN Broadband Router Overview How to Access the Web based Utility The Setup Tab Basic Setup The Setup Tab DDNS The Setup Tab MAC Address Clone The Setup Tab Advanced Routing The Setup Tab Hot Spot The Wireless Tab Basic Wireless Settings The Wireless Tab Wireless Security The Wireless Tab Wireless Network Access The Wireless Tab Advanced Wireless Settings OnNOoOnRAR P BPD sch The Security Tab Firewall The Security Tab VPN The Access Restrictions Tab Internet Access The Access Restrictions Tab VPN Client Access The Applications and Gaming Tab Port Range Forwarding The Applications and Gaming Tab Port Triggering The Applications and Gaming Tab UPnP Forwarding The Applications and Gaming Tab DMZ The A
190. uter to the factory default settings In other words the Router will revert to its original factory configuration 13 1 need to upgrade the firmware In order to upgrade the firmware with the latest features you need to go to the Linksys website and download the latest firmware at www linksys com e Follow these steps 1 Go to the Linksys website at http www linksys com and download the latest firmware 2 To upgrade the firmware follow the steps in the System section found in Chapter 6 Configuring the Wireless G VPN Broadband Router 84 14 The firmware upgrade failed and or the Power LED is flashing The upgrade could have failed for a number of reasons Follow these steps to upgrade the firmware and or make the Power LED stop flashing e If the firmware upgrade failed use the TFTP program it was downloaded along with the firmware Open the pdf that was downloaded along with the firmware and TFTP program and follow the pdf s instructions e Seta static IP address on the PC refer to Problem 2 need to set a static IP address Use the following IP address settings for the computer you are using IP Address 192 168 1 50 Subnet Mask 255 255 255 0 Gateway 192 168 1 1 e Perform the upgrade using the TFTP program or the Router s web based utility through its Administration tab 15 My DSL service s PPPoE is always disconnecting PPPoE is not actually a dedicated or always on connection The DSL ISP can dis
191. uter to verify a direct connection e Manually configure the TCP IP settings with a DNS address provided by your ISP e Make sure that your browser is set to connect directly and that any dial up is disabled For Internet Explorer click Tools Internet Options and then the Connection tab Make sure that Internet Explorer is set to Never dial a connection For Netscape Navigator click Edit Preferences Advanced and Proxy Make sure that Netscape Navigator is set to Direct connection to the Internet Frequently Asked Questions What is the maximum number of IP addresses that the Router will support The Router will support up to 253 IP addresses Is IPSec Pass Through supported by the Router Yes it is a built in feature that the Router automatically enables Where is the Router installed on the network In a typical environment the Router is installed between the cable DSL modem and the LAN Plug the Router into the cable DSL modem s Ethernet port 86 Does the Router support IPX or AppleTalk No TCP IP is the only protocol standard for the Internet and has become the global standard for communications IPX a NetWare communications protocol used only to route messages from one node to another and Applefalk a communications protocol used on Apple and Macintosh networks can be used for LAN to LAN connections but those protocols cannot connect from the Internet to a LAN Does the Internet connection of the Router support 100Mbps E
192. version unless that version contains new features that you would like to use Downloading a more current version of Router firmware will not enhance the quality or speed of your Internet connection and may disrupt your current connection stability Will the Router function in a Macintosh environment Yes but the Router s setup pages are accessible only through Internet Explorer 4 0 or Netscape Navigator 4 0 or higher for Macintosh Tam not able to get the web configuration screen for the Router What can I do You may have to remove the proxy settings on your Internet browser e g Netscape Navigator or Internet Explorer Or remove the dial up settings on your browser Check with your browser documentation and make sure that your browser is set to connect directly and that any dial up is disabled Make sure that your browser is set to connect directly and that any dial up is disabled For Internet Explorer click Tools Internet Options and 88 then the Connection tab Make sure that Internet Explorer is set to Never dial a connection For Netscape Navigator click Edit Preferences Advanced and Proxy Make sure that Netscape Navigator is set to Direct connection to the Internet What is DMZ Hosting Demilitarized Zone DMZ allows one IP address computer to be exposed to the Internet Some applications require multiple TCP IP ports to be open It is recommended that you set your computer with a static IP if you want to use DMZ Hostin
193. wT F m r wT IF m r wT F m r wir F m r wir F m r wT F m r wT F mfr wit F m r wT IF m fr fwi JF Ved Time of Day Internet Filter Summary d 37 9 Then enter the range of ports you want to filter Bh http 192 168 0 2 List of PCs Microsoft Internet Explorer List of PCs If the service you want to block is not listed or you want to edit a service s settings then click the Add Edit DE eg DEEN Service button Then the Port Services screen will appear MACON 60 00 00 00 00 00 MACOS 00700 00 00 00 00 MAC OF Ion op ep op DD 00 MAC D6 log 00 00 00 00 00 SE MACOS 00 00 00 00 00 00 MACON 00 00 00 00 00 00 To add a service enter the service s name in the Service Name field Select its protocol from the Protocol MACO SOTGOTOUTGUGS GG acon oroo inoit drop down menu and enter its range in the Port Range fields Then click the Add button Emer the IF Address of the POs IPO 192 1680 0 wos 19216800 To modify a service select it from the list on the right Change its name protocol setting or port range Then ee vec wee See click the Modify button pp 192 168 0 0 Poe 192 1680 0 To delete a service select it from the list on the right Then click the Delete button Sei DRG oes BEI When you are finished making changes on the Port Services screen click the Apply button to save changes SS ES Gs E If you want to cancel your changes click the Canc
194. want to test my Internet connection to verify that you have connectivity 1 If you need to register the MAC address of your Ethernet adapter with your ISP please see Appendix F Finding the MAC address and IP Address for Your Ethernet Adapter If you need to clone the MAC address of your Ethernet adapter onto the Router see the System section of Chapter 6 Configuring the Wireless G VPN Broadband Router for details 2 Make sure you are using the right Internet connection settings Contact your ISP to see if your Internet connection type is DHCP Static IP Address or PPPoE commonly used by DSL consumers Please refer to the Setup section of Chapter 6 Configuring the Wireless G VPN Broadband Router for details on Internet connection settings 3 Make sure you have the right cable Check to see if the Internet column has a solidly lit Link Act LED 80 4 Make sure the cable connecting from your cable or DSL modem is connected to the Router s Internet port Verify that the Status page of the Router s web based utility shows a valid IP address from your ISP 5 Turn off the computer Router and cable DSL modem Wait 30 seconds and then turn on the Router cable DSL modem and computer Check the Status tab of the Router s web based utility to see if you get an IP address 5 I am not able to access the Setup page of the Router s web based utility Refer to Problem 3 want to test my Internet connectio
195. y Management 113 10 Select 768 bit from the Group drop down menu 11 Enter 3600 in the Key Life Time field 12 For Phase 2 the Encryption Authentication and PFS settings were set on the VPN screen Select 1024 bit from the Group drop down menu 13 Keep the default Key Life Time value 28000 14 Click the Save Settings button on the Advanced VPN Tunnel Setup screen 15 Click the Save Settings button on the VPN screen Configuring VPN Router 2 For VPN Router 2 follow the same instructions in the previous section Configuring VPN Router 1 Configuring PC 1 and PC 2 1 Set PC 1 and PC 2 to be DHCP clients refer to Windows Help for more information 2 Verify that PC 1 and PC 2 can ping each other refer to Windows Help for more information lf the computers can ping each other then you know the VPN tunnel is configured correctly You can select different algorithms for the encryption authentication and other key management settings for VPN Routers 1 and 2 Refer to the previous section Configuring the Key Management Settings for details Congratulations You have successfully configured a VPN tunnel between two VPN Routers Proceed to the next section if you want to connect a QuickVPN client to a VPN Router Connecting a VPN Client Configuring the VPN Client Settings for VPN Router 1 Follow these instructions for VPN Router 1 1 Click the Access Restrictions tab 2 Click the VPN Client Access ta
196. y select to have the key expire at the end of a time period you designate Enter the number of seconds you d like the key to be useful or leave it blank for the key to last indefinitely 10 Click the Save Settings button to save these changes Your tunnel should now be established Figure D 28 VPN Tab 109 Wiiralace_ UDM Benadhang Denker Wireless G VPN Broadband Router App ndix E Configuring VPN Tunnels Overview This appendix has two sections The first explains how to configure a VPN IPSec tunnel between two VPN Routers The second explains how to connect a QuickVPN client to the VPN Router VPN Router 1 VPN Router 2 VPN Client Figure E 1 Diagram of All VPN Tunnels Before You Begin The following is a list of equipment you need e Two Windows desktop PCs each PC will be connected to a VPN Router e One QuickVPN client a Windows notebook or desktop PC with QuickVPN software installed e Two VPN Routers Adiy E Canfiniiringa V JDAI Timnale nd E Configuring VPN Tunnels A NOTE Each computer must have a network adapter installed 110 BAF nn pa le e Dug nae _ LDA ren en elle enne Darkar less G VPN Broadband Router Configuring the VPN Settings for the VPN Routers Configuring VPN Router 1 Ke Follow these instructions for the first VPN Router designated VPN Router 1 The other VPN Router is designated VPN Router 2 1 Launch the web browser for a networked PC designated
Download Pdf Manuals
Related Search
Related Contents
Asteroid User`s manual Automated Disaster Recovery User Guide A+ Server 4022G-6F USER`S MANUAL PARTS LIST - Wells 2012LA-000147-85001 Equipo Cómputo Periférico Lantronix SCS1620 TP/TPT-1902E(C) 取扱説明書 Anzeige- und Bedieneinheit PCE- RS Serie www Samsung M1714R Инструкция по использованию Kodak EASYSHARE CD14 User's Manual Copyright © All rights reserved.
Failed to retrieve file