Cisco Linksys WAG54GX2 User Manual

Page 1
A Division of Cisco Systems, Inc.
®
Model No.
ADSL Gateway
Wireless-G
WAG54GX2 (EU)
User Guide
WIRELESS
802.11g
2,4
with SRX200
Page 2
Wireless-G ADSL Gateway with SRX200
Copyright and Trademarks
Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2005 Cisco Systems, Inc . All rights reserved. Other brands and product names are trademarks or registered trademarks of their respective holders.
How to Use this Guide
Your Guide to the Wireless-G ADSL Gateway with SRX200 has been designed to make understanding networking with the Gateway easier than ever. Look for the following items when reading this User Guide:
In addition to these symbols, there are definitions for technical terms that are presented like this:
Also, each figure (diagram, screenshot, or other image) is provided with a figure number and description, like this:
Figure numbers and descriptions can also be found in the “List of Figures” section in the “Table of Contents”.
This exclamation point means there is a Caution or Warning and is something that could damage your property or the Gateway.
word: definition.
This checkmark means there is a Note of interest and is something you should pay special attention to while using the Gateway.
This question mark provides you with a reminder about something you might need to do while using the Gateway.
Figure 0-1: Sample Figure Description
WAG54GX2-EU-UG-50811NC JL
Page 3
Wireless-G ADSL Gateway with SRX200
Table of Contents
Chapter 1: Introduction 1
Welcome 1 What’s in this User Guide? 2
Chapter 2: Planning Your Network 4
The Gateway’s Functions 4 IP Addresses 4
Chapter 3: Getting to Know the Wireless-G ADSL Gateway with SRX200 6
Ports and Reset Button on Side Panel 6 LEDs on Side Panel 7
Chapter 4: Connecting the Wireless-G ADSL Gateway with SRX200 8
Overview 8 Wired Connection to a Computer 9 Wireless Connection to a Computer 10
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 11
Overview 11 Using the Setup Wizard 11
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 24
Overview 24 How to Access the Web-based Utility 26 The Setup Tab 26 The Wireless Tab 35 The Security Tab 42 The Access Restrictions Tab 49 The Applications and Gaming Tab 51 The Administration Tab 58 The Status Tab 63
Appendix A: Troubleshooting 67
Common Problems and Solutions 67 Frequently Asked Questions 75
Appendix B: Wireless Security 82
Security Precautions 82 Security Threats Facing Wireless Networks 82
Page 4
Wireless-G ADSL Gateway with SRX200
Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter 85
Windows 98 or Me Instructions 85 Windows 2000 or XP Instructions 86
Appendix D: Upgrading Firmware 87 Appendix E: Glossary 88 Appendix F: Specifications 95 Appendix G: Warranty Information 97 Appendix H: Regulatory Information 98 Appendix I: Contact Information 105
Page 5
Wireless-G ADSL Gateway with SRX200
List of Figures
Figure 2-1: Network 4 Figure 3-1: Ports and Reset Button on Side Panel 6 Figure 3-2: LEDs on Side Panel 7 Figure 4-1: Connect the ADSL Line 9 Figure 4-2: Connect a PC 9 Figure 4-3: Connect the Power 9 Figure 4-4: Connect the ADSL Line 10 Figure 4-5: Connect the Power 10 Figure 5-1: Setup Wizard’s Welcome - Language Selection Screen 11 Figure 5-2: Setup Wizard’s Welcome - Start Wizard Screen 11 Figure 5-3: Setup Wizard’s License Agreement Screen 12 Figure 5-4: Setup Wizard’s Disconnect the Modem from the PC and ADSL Wall Jack Screen 12 Figure 5-5: Setup Wizard’s Connect the Gateway to the ADSL Wall Jack Screen 13 Figure 5-6: Setup Wizard’s Connect a Network Cable to a PC Screen 13 Figure 5-7: Setup Wizard’s Connect the Network Cable to the Gateway Screen 14 Figure 5-8: Setup Wizard’s Power on the Gateway Screen 14 Figure 5-9: Setup Wizard’s Check the Gateway’s Status Screen 15 Figure 5-10: Setup Wizard’s Select Your Country Screen 15 Figure 5-11: Setup Wizard’s Select Your Internet Service Provider Screen (UK) 16 Figure 5-12: Setup Wizard’s Configure DSL - 1483 Bridged Screen 16 Figure 5-13: Setup Wizard’s Configure DSL - 1483 Routed Screen 17 Figure 5-14: Setup Wizard’s Configure DSL - PPPoA Screen 17 Figure 5-15: Setup Wizard’s Configure DSL - PPPoE Screen 18 Figure 5-16: Setup Wizard’s Set the Gateway’s Password Screen 18 Figure 5-17: Setup Wizard’s Wireless Settings Screen 19 Figure 5-18: Setup Wizard’s Configure Wireless Security Settings Screen 19 Figure 5-19: Setup Wizard’s Wireless Security - WPA Personal Screen 20 Figure 5-20: Setup Wizard’s Wireless Security - WPA2 Personal Screen 20 Figure 5-21: Setup Wizard’s Wireless Security - WPA2 Mixed Mode Screen 21 Figure 5-22: Setup Wizard’s Wireless Security - WEP (64-Bit) Screen 21 Figure 5-23: Setup Wizard’s Wireless Security - WEP (128-Bit) Screen 22 Figure 5-24: Setup Wizard’s Confirm New Settings Screen 22
Page 6
Wireless-G ADSL Gateway with SRX200
Figure 5-25: Setup Wizard’s Safe Surfing Screen 23 Figure 5-26: Setup Wizard’s Congratulations Screen 23 Figure 6-1: Login Screen 26 Figure 6-2: Basic Setup 26 Figure 6-3: RFC 1483 Bridged 27 Figure 6-4: RFC 1483 Routed 28 Figure 6-5: IPoA 28 Figure 6-6: RFC 2516 PPPoE 29 Figure 6-7: RFC 2364 PPPoA 29 Figure 6-8: Bridged Mode Only 30 Figure 6-9: Optional Settings 30 Figure 6-10: DDNS - DynDNS.org 32 Figure 6-11: DDNS - TZO.com 32 Figure 6-12: Advanced Routing 33 Figure 6-13: Routing Table 34 Figure 6-14: Basic Wireless Settings 35 Figure 6-15: Wireless Security - WPA-Personal 36 Figure 6-16: Wireless Security - WPA2-Personal 36 Figure 6-17: Wireless Security - WPA2-Mixed 37 Figure 6-18: Wireless Security - WPA Enterprise 37 Figure 6-19: Wireless Security - WPA2 Enterprise 38 Figure 6-20: Wireless Security - WEP 38 Figure 6-21: Wireless Access 39 Figure 6-22: MAC Address Filter List 39 Figure 6-23: Wireless Client MAC List 39 Figure 6-24: Advanced Wireless Settings 40 Figure 6-25: Firewall 42 Figure 6-26: VPN Passthrough 43 Figure 6-27: VPN 44 Figure 6-28: VPN Settings Summary 44 Figure 6-29: Key Exchange Method - Auto (IKE) 45 Figure 6-30: Key Exchange Method - Manual 46 Figure 6-31: VPN Log 46 Figure 6-32: Advanced VPN Tunnel Setup 47
Page 7
Wireless-G ADSL Gateway with SRX200
Figure 6-33: Internet Access Policy 49 Figure 6-34: Internet Policy Summary 49 Figure 6-35: List of PCs 50 Figure 6-36: Single Port Forwarding 51 Figure 6-37: Port Range Forwarding 52 Figure 6-38: Port Triggering 53 Figure 6-39: DMZ 54 Figure 6-40: QoS 55 Figure 6-41: QoS - Online Game 56 Figure 6-42: QoS - MSN Messenger 56 Figure 6-43: QoS - Voice Device 56 Figure 6-44: QoS - Add a New Application (Port Range) 56 Figure 6-45: QoS - Add a New Application (MAC Address) 57 Figure 6-46: Management 58 Figure 6-47: Allowed IP - IP Range 58 Figure 6-48: Reporting 60 Figure 6-49: System Log 60 Figure 6-50: Diagnostics 61 Figure 6-51: Backup&Restore 61 Figure 6-52: Factory Defaults 62 Figure 6-53: Firmware Upgrade 62 Figure 6-54: Gateway 63 Figure 6-55: Local Network 64 Figure 6-56: DHCP Active IP Table 64 Figure 6-57: ARP/RARP Table 64 Figure 6-58: Wireless 65 Figure 6-59: Networked Computers 65 Figure 6-60: DSL Connection 66 Figure C-1: IP Configuration Screen 85 Figure C-2: MAC Address/Adapter Address 85 Figure C-3: MAC Address/Physical Address 86 Figure D-1: Firmware Upgrade 87
Page 8
1
Chapter 1: Introduction Welcome
Wireless-G ADSL Gateway with SRX200
Chapter 1: Introduction
Welcome
Thank you for choosing the Wireless-G ADSL Gateway with SRX200. This Gateway will provide your computers with a high-speed Internet connection as well as resources, including files and printers.
How does the Gateway do all of this? By connecting the Internet, as well as your computers and peripherals, to the Gateway, then the Gateway can direct and control communications for your network. Plus, since the Gateway is wireless, Internet access can be shared over the wireless broadcast as well as the wired network.
The Wireless-G ADSL Gateway with SRX200 combines smart antenna technology with standards-based, Wireless-G (802.11g) networking. By overlaying the signals of two Wireless-G compatible radios, the “Multiple In, Multiple Out” (MIMO) technology effectively doubles the data rate. Unlike ordinary wireless networking technologies that are confused by signal reflections, MIMO actually uses these reflections to increase the range and reduce “dead spots” in the wireless coverage area. The robust signal travels farther, maintaining wireless connections up to two times farther than standard Wireless-G. And the farther away you are, the mor e adv antage you get—the higher data rate and reflection-friendly technology can yield up to six times more throughput than Wireless-G in some situations. The Gateway avoids interference by dynamically switching to the clearest channel available. Even your standard Wireless-G and -B equipment will work better when communicating with SRX­enabled devices.
To protect your data and privac y, WPA encryption provides greater wireless security opportunities while the whole network is protected through a Stateful Packet Inspection (SPI) firewall and NAT technology. In addition, you can safeguard your family with parental control features such as Internet access restrictions and keyword blocking. These security features, as well as the Gateway’s other settings, are accessed through the easy-to-use, browser­based utility.
But what does all of this mean? Networks are useful tools for sharing Internet access and computer resources. You can access one printer from
different computers and access data located on another computer’s hard drive. Networks are even used for playing multiplayer video games. So, networks not only are useful in homes and offices, but also can be fun.
PCs on a wired network create a LAN, or Local Area Network. They are connected with Ethernet cables, which is why the network is called “wired”. PCs equipped with wireless cards or adapters can communicate without cumbersome cables. By sharing the same wireless settings, within their transmission radius, they form a wireless network. This is sometimes called a WLAN, or Wireless Local Area Network. Since the Gateway has wireless capabilities, it can bridge your wired and wireless networks, letting them communicate with each other.
lan (local area network): The computers and networking products that make up the network in your home or office.
nat (network address translation): NAT technology translates IP addresses of a local area network to a different IP address for the Internet.
wpa (wi-fi protected access): a wireless security protocol using TKIP (Temporal Key Integrity Protocol) encryption, which can be used in conjunction with a RADIUS server.
spi (stateful packet inspection) firewall: a technology that inspects incoming packets of information before allowing them to enter the network.
firewall: Security measures that protect the resources of a local network from intruders.
network: a series of computers or devices connected for the purpose of data sharing, storage, and/or transmission between users
802.11b: an IEEE wireless networking standard that specifies a maximum data transfer rate of 11Mbps and an operating frequency of 2.4GHz.
802.11g: an IEEE wireless networking standard that specifies a maximum data transfer rate of 54Mbps, an operating frequency of 2.4GHz, and backward compatibility with 802.11b devices.
Page 9
2
Chapter 1: Introduction What’s in this User Guide?
Wireless-G ADSL Gateway with SRX200
With your networks all connected, wired, wireless, and the Internet, you can now share files and Internet access—and even play games. All the while, the Wireless-G ADSL Gateway with SRX200 protects your networks from unauthorized and unwelcome users.
Linksys recommends using the Setup CD-ROM for first-time installation of the Gateway. If you do not wish to run the Setup Wizard on the Setup CD-ROM, then use the instructions in this Guide to help you connect the Gateway, set it up, and configure it to bridge your different networks. These instructions should be all you need to get the most out of the Wireless-G ADSL Gateway with SRX200.
What’s in this User Guide?
This user guide covers the steps for setting up and using the Wireless-G ADSL Gateway with SRX200.
• Chapter 1: Introduction This chapter describes applications of the Wireless-G ADSL Gateway with SRX200 and this User Guide.
• Chapter 2: Planning Your Network This chapter describes the basics of networking.
• Chapter 3: Getting to Know the Wireless-G ADSL Gateway with SRX200 This chapter describes the physical features of the Gateway.
• Chapter 4: Connecting the Wireless-G ADSL Gateway with SRX200 This chapter instructs you on how to connect the Gateway to your network.
• Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 This chapter explains how to set up the Gateway using its Setup Wizard.
• Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 This chapter explains how to configure the Gateway’s settings using its Web-based Utility.
• Appendix A: Troubleshooting This appendix describes some problems and solutions, as well as frequently asked questions, regarding installation and use of the Wireless-G ADSL Gateway with SRX200.
• Appendix B: Wireless Security This appendix explains the risks of wireless networking and some solutions to reduce the risks.
• Appendix C: Finding the MAC Address and IP Address for your Ethernet Adapter. This appendix describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC filtering and/or MAC address cloning feature of the Gateway.
Page 10
3
Chapter 1: Introduction What’s in this User Guide?
Wireless-G ADSL Gateway with SRX200
• Appendix D: Upgrading Firmware This appendix instructs you on how to upgrade the firmware on the Gateway if you should need to do so.
• Appendix E: Glossary This appendix gives a brief glossary of terms frequently used in networking.
• Appendix F: Specifications This appendix provides the technical specifications for the Gateway.
• Appendix G: Warranty Information This appendix supplies the warranty information for the Gateway.
• Appendix H: Regulatory Information This appendix supplies the regulatory information regarding the Gateway.
• Appendix I: Contact Information This appendix provides contact information for a variety of Linksys resources, including Technical Support.
Page 11
4
Chapter 2: Planning Your Network The Gateway’s Functions
Wireless-G ADSL Gateway with SRX200
Chapter 2: Planning Your Network
The Gateway’s Functions
A Gateway is a network device that connects two networks together. In this instance, the Gateway connects your Local Area Network (LAN), or the group of computers in your home or
office, to the Internet. The Gateway processes and regulates the data that travels between these two networks. The Gateway’s NA T feature protects your network of computers so users on the public, Internet side cannot “see”
your computers. This is how your network remains private. The Gateway protects your network by inspecting every packet coming in through the Internet port before delivery to the appropriate computer on your network. The Gateway inspects Internet port services like the web server, ftp server, or other Internet applications, and, if allowed, it will forward the packet to the appropriate computer on the LAN side.
Remember that the Gateway’s ports connect to two sides. The LAN ports connect to the LAN, and the ADSL port connects to the Internet. The LAN ports transmit data at 10/100Mbps.
IP Addresses
What’s an IP Address?
IP stands for Internet Protocol. Every device on an IP-based network, including computers, print servers, and Gateways, requires an IP address to identify its “location,” or address, on the network. This applies to both the Internet and LAN connections. There are two ways of assigning an IP address to your network devices. You can assign static IP addresses or use the Gateway to assign IP addresses dynamically.
Static IP Addresses
A static IP address is a fixed IP address that you assign manually to a computer or other device on the network. Since a static IP address remains valid until you disable it, static IP addressing ensures that the device assigned it will always have that same IP address until you change it. Static IP addresses must be unique and are commonly used with network devices such as server computers or print servers.
NOTE: Since the Gateway is a device that connects two networks, it needs two IP addresses—one for the LAN, and one for the Internet. In this User Guide, you’ll see references to the “Internet IP address” and the “LAN IP address.”
Since the Gateway uses NAT technology, the only IP address that can be seen from the Internet for your network is the Gateway’s Internet IP address. However, even this Internet IP address can be blocked, so that the Gateway and network seem invisible to the Internet—see the Security - Firewall tab in “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200.”
Figure 2-1: Network
ip (internet protocol): a protocol used to send data over a network
Page 12
5
Chapter 2: Planning Your Network IP Addresses
Wireless-G ADSL Gateway with SRX200
Since you use the Gateway to share your DSL Internet connection, contact your ISP to find out if they have assigned a static IP address to your account. If so, you will need that static IP address when configuring the Gateway. You can get that information from your ISP.
Dynamic IP Addresses
A dynamic IP address is automatically assigned to a device on the network, such as computers and print servers. These IP addresses are called “dynamic” because they are only temporarily assigned to the computer or device. After a certain time period, they expire and may change. If a computer logs onto the network (or the Internet) and its dynamic IP address has expired, the DHCP server will automatically assign it a new dynamic IP address.
DHCP (Dynamic Host Configuration Protocol) Servers
Computers and other network devices using dynamic IP addressing are assigned a new IP address by a DHCP server. The computer or network device obtaining an IP address is called the DHCP client. DHCP frees you from having to assign IP addresses manually every time a new user is added to your network.
A DHCP server can either be a designated computer on the network or another network device, such as the Gateway. By default, the Gateway’s DHCP Server function is enabled.
If you already have a DHCP server running on your network, you must disable one of the two DHCP servers. If you run more than one DHCP server on your network, you will experience network errors, such as conflicting IP addresses. To disable DHCP on the Gateway, see the DHCP section in “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200.”
Page 13
6
Chapter 3: Getting to Know the Wireless-G ADSL Gateway with SRX200 Ports and Reset Button on Side Panel
Wireless-G ADSL Gateway with SRX200
Chapter 3: Getting to Know the Wireless-G ADSL Gateway with SRX200
Ports and Reset Button on Side Panel
The Gateway’s ports and Reset button are located on a side panel.
Line The Line port connects to the ADSL line. Ethernet (1-4) The Ethernet ports connect to your computers and other network devices. Reset Button There are two ways to reset the Gateway's factory defaults. Either press the Reset Button,
for approximately five seconds, or restore the defaults from the Factory Defaults screen of the Administration tab in the Gateway’s Web-based Utility.
Power The Power port is where you will connect the power adapter.
IMPORTANT: Resetting the Gateway to factory
defaults will erase all of your settings (including Internet connection, wireless, and other settings) and replace them with the factory defaults. Do not reset the Gateway if you want to retain these settings.
Figure 3-1: Ports and Reset Button on Side Panel
Page 14
7
Chapter 3: Getting to Know the Wireless-G ADSL Gateway with SRX200 LEDs on Side Panel
Wireless-G ADSL Gateway with SRX200
LEDs on Side Panel
The Gateway's LEDs, which indicate network activity, are located on the other side panel.
(POWER) button When you want to power the Gateway on or off, push this button. POWER Green. The POWER LED lights up when the Gateway is powered on. WIRELESS Green. The WIRELESS LED lights up whenever there is a successful wireless connection. If
the LED is flashing, the Gateway is actively sending or receiving data to or from one of the devices on the network.
ETHERNET (1-4) Green. The ETHERNET LED serves two purposes. If the LED is continuously lit, the Gateway
is successfully connected to a device through the Ethernet port. If the LED is flashing, it is an indication of any network activity.
DSL Green. The DSL LED lights up whenever there is a successful DSL connection. The LED
flashes while the Gateway is establishing the ADSL connection.
INTERNET Green. The INTERNET LED lights up green when an Internet connection to the Internet
Service Provider (ISP) is established. The INTERNET LED lights up red when the connection to the ISP fails.
Figure 3-2: LEDs on Side Panel
Page 15
8
Chapter 4: Connecting the Wireless-G ADSL Gateway with SRX200 Overview
Wireless-G ADSL Gateway with SRX200
Chapter 4: Connecting the Wireless-G ADSL Gateway with SRX200
Overview
The installation technician from your ISP should have left the setup information for the modem with you after installing your broadband connection. If not, you can call your ISP to request that data.
After you have the setup information you need for your specific type of Internet connection, you can begin installation and setup of the Gateway.
If you want to use a computer with an Ethernet adapter to configure the Gateway, continue to “Wired Connection to a Computer.” If you want to use a computer with a wireless adapter to configure the Gateway, continue to “Wireless Connection to a Computer.”
Page 16
9
Chapter 4: Connecting the Wireless-G ADSL Gateway with SRX200 Wired Connection to a Computer
Wireless-G ADSL Gateway with SRX200
Wired Connection to a Computer
1. Make sure that all of your network’s hardware is powered off, including the Gateway and all computers.
2. Connect a phone cable from the Line port on the Gateway’s side panel to the wall jack of the ADSL line. A small device called a microfilter (not included) may be necessary between each phone and wall jack to prevent interference. Contact your ISP if you have any questions.
3. Connect one end of an Ethernet network cable to one of the Ethernet ports (labeled 1-4) on the back of the Gateway, and the other end to an Ethernet port on a computer.
Repeat this step to connect more computers, a switch, or other network devices to the Gateway.
4. Connect the power adapter to the Gateway’s Power port, and then plug the power adapter into a power outlet.
The Power LED on the front panel will light up green as soon as the power adapter is connected properly. The Power LED will flash for a few seconds, and then it will be solidly lit when the self-test is complete. If the LED flashes for one minute or longer, see “Appendix A: Troubleshooting.”
5. Power on one of your computers that is connected to the Gateway.
Go to “Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200.”
Figure 4-2: Connect a PC
Figure 4-1: Connect the ADSL Line
Figure 4-3: Connect the Power
NOTE: You should always plug the Gateway’s power adapter into a power strip with
surge protection.
IMPORTANT: For countries that have phone jacks with RJ-11 connectors, make sure to only place the microfilters between the phone and the wall jack and not between the Gateway and the wall jack or your ADSL will not connect.
For countries that do not have phone jacks with RJ-11 connectors (e.g. France, Sweden, Switzerland, United Kingdom, etc.), except for ISDN users, the microfilter has to be used between the Gateway and the wall jack, because the microfilter will have the RJ-11 connector.
Annex B users (E1 and DE versions of the Gateway) must use the included network cable to connect the Gateway to the wall jack or NTBA device. If you requir e splitters or special jacks, please contact your service provider.
NOTE:
A small device called a microfilter (not included) may be necessary between each phone
and wall jack to prevent interference. Contact your ISP if you have any questions.
Page 17
10
Chapter 4: Connecting the Wireless-G ADSL Gateway with SRX200 Wireless Connection to a Computer
Wireless-G ADSL Gateway with SRX200
Wireless Connection to a Computer
If you want to use a wireless connection to access the Gateway, follow these instructions:
1. Make sure that all of your network’s hardware is powered off, including the Gateway and all computers.
2. Connect a phone cable from the Line port on the Gateway’s back panel to the wall jack of the ADSL line. A small device called a microfilter (not included) may be necessary between each phone and wall jack to prevent interference. Contact your ISP if you have any questions.
3. Connect the power adapter to the Power port, and then plug the power adapter into a power outlet.
The Power LED on the front panel will light up green as soon as the power adapter is connected properly. The Power LED will flash for a few seconds, and then it will be solidly lit when the self-test is complete. If the LED flashes for one minute or longer, see “Appendix A: Troubleshooting.”
4. Power on one of the computers on your wireless network(s).
5. For initial access to the Gateway through a wireless connection, make sure the computer’s wireless adapter has its SSID set to linksys (the Gateway’s default setting), and its wireless security is disabled. After you have accessed the Gateway, you can change the Gatew ay and this computer’s adapter settings to match your usual network settings.
Go to “Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200.”
NOTE: You should always change the SSID from its default, linksys, and enable wireless security.
NOTE:
A small device called a microfilter (not included) may be necessa ry between each phone
and wall jack to prevent interference. Contact your ISP if you have any questions.
IMPORTANT: For countries that have phone jacks with RJ-11 connectors, make sure you only place the microfilters between the phone and the wall jack and not between the Gateway and the wall jack or your ADSL will not connect.
For countries that do not have phone jacks with RJ-11 connectors (e.g. France , Sweden, Switzerland, United Kingdom, etc.), except for ISDN users, the microfilter has to be used between the Gateway and the wall jack, because the microfilter will have the RJ-11 connector.
Annex B users (E1 and DE versions of the Gateway) must use the included network cable to connect the Gateway to the wall jack or NTBA device. If you require splitters or special jacks, please contact your service provider.
Figure 4-4: Connect the ADSL Line
Figure 4-5: Connect the Power
NOTE: You should always plug the Gateway’s power adapter into a power strip with
surge protection.
Page 18
11
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Overview
Wireless-G ADSL Gateway with SRX200
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200
Overview
The Wireless-G ADSL Gateway with SRX200 Setup Wizard will guide you through the installation procedure. It will go through the instructions for configuring the Gateway’s network and wireless settings.
Using the Setup Wizard
1. Insert the Setup Wizard CD-ROM into your CD-ROM drive. The Setup Wizard should run automatically, and the Welcome screen should appear. If it does not, click the Start button and choose Run. In the field that appears, enter D:\setup.exe (if “D” is the letter of your CD-ROM drive).
2. The Setup Wizard will automatically detect the language setting of your PC; if it does not, select one of the available languages from the Language drop-down menu. On the initial Welcome screen, click the Next button if you want to proceed with the Setup Wizard using the current language. If you want to use a different language, select the appropriate language, and then click the Next button.
3. On the following Welcome screen, click the Click Here to Start button. These are your other choices: Norton Internet Security - Click the Norton Internet Security button to install the Norton Internet Security
software program.
User Guide - Click the User Guide button to open the PDF file of this User Guide. Exit - Click the Exit button to exit the Setup Wizard.
Figure 5-1: Setup Wizard’s Welcome - Language
Selection Screen
Figure 5-2: Setup Wizard’s Welcome - Start
Wizard Screen
Page 19
12
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
4. After reading the License Agreement, click the Next button if you accept, or click the Exit button to end the installation. Click the Back button go back to the previous screen.
5. The Setup Wizard will ask you to disconnect your broadband modem from your PC and the ADSL wall jack. After you have done so, click the Next button.
Figure 5-3: Setup Wizard’s License Agreement Screen
Figure 5-4: Setup Wizard’s Disconnect the Modem from
the PC and ADSL Wall Jack Screen
Page 20
13
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
6. The Setup Wizard will ask you to connect the Gateway to the ADSL wall jack. After you have done so, click the Next button.
7. The Setup Wizard will ask you to connect a network cable to your PC. After you have done so, click the Next button.
Figure 5-5: Setup Wizard’s Connect the Gateway to the
ADSL Wall Jack Screen
Figure 5-6: Setup Wizard’s Connect a Network Cable to a
PC Screen
Page 21
14
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
8. The Setup Wizard will ask you to connect the other end of the network cable to the Gateway. Then you can also connect additional PCs to the Gateway. After you have done so, click the Next button.
9. The Setup Wizard will ask you to power on the Gateway. After you have done so, click the Next button.
Figure 5-7: Setup Wizard’s Connect the Network Cable
to the Gateway Screen
Figure 5-8: Setup Wizard’s Power on the
Gateway Screen
Page 22
15
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
10. Make sure the Gateway’s Power, DSL, and numbered LEDs (depending on the number of PCs connected) are lit on its front panel. After you have done so, click the Next button.
11. You will be asked where you reside. Select the appropriate country from the drop-down menu. Then click the
Next button.
Figure 5-9: Setup Wizard’s Check the Gateway’s
Status Screen
Figure 5-10: Setup Wizard’s Select Your Country Screen
NOTE: If your country is not listed, then use the Gateway’s Web-based Utility to configure your
settings. Refer to “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200” for instructions.
Page 23
16
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
12. The Internet Service Providers (ISPs) for your country will be listed. (The on-screen options will vary depending on which country you selected on the previous screen.) Click the button for your ISP.
If your ISP is not listed, click the Next button to manually enter your settings.
13. If applicable, the Setup Wizard will automatically detect the Encapsulation type you use: 1483 Bridged, 1483 Routed, PPPoA, or PPPoE. To manually enter your settings, select your Encapsulation type: 1483 Bridged, 1483 Routed, PPPoA, or PPPoE.
Proceed to the appropriate section for your Encapsulation type.
1483 Bridged
If you selected your ISP, then the Setup Wizard will automatically select the Encapsulation, VPI, VCI, and Multiplexing settings. Then select the appropriate IP setting for your DSL connection.
If you need to manually enter your settings, use this screen. VPI/VCI - If you need to manually enter your settings, enter the VPI (Virtual Path Identifier) and VCI (Virtual
Channel Identifier) settings provided by your ISP.
Multiplexing - If you need to manually enter your settings, select LLC or VC, depending on your ISP. Auto IP - If you are using a dynamic IP address, then click the Auto IP radio button. Static IP - If you are using a static IP address, then click the Static IP radio button. Complete the IP Address,
Subnet Mask, Default Gateway, Primary DNS (Domain Name System), and Secondary DNS fields. (You need to enter at least one DNS server IP address.)
Click the Next button to continue or the Back button to return to the previous screen.
Figure 5-11: Setup Wizard’s Select Your Internet Service
Provider Screen (UK)
Figure 5-12: Setup Wizard’s Configure DSL -
1483 Bridged Screen
NOTE: If your Encapsulation type is IPoA or Bridged Mode Only, you will have to use the
Gateway’s Web-based Utility to configure it. Refer to “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200” for instructions.
Page 24
17
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
1483 Routed
If you selected your ISP, then the Setup Wizard will automatically select the Encapsulation, VPI, VCI, and Multiplexing settings. Then enter the appropriate IP settings for your DSL connection.
If you need to manually enter your settings, use this screen. VPI/VCI - If you need to manually enter your settings, enter the VPI (Virtual Path Identifier) and VCI (Virtual
Channel Identifier) settings provided by your ISP.
Multiplexing - If you need to manually enter your settings, select LLC or VC, depending on your ISP. Static IP - Complete the IP Address, Subnet Mask, Default Gateway, Primary DNS (Domain Name System),
and Secondary DNS fields. (You need to enter at least one DNS server IP address.) Click the Next button to continue or the Back button to return to the previous screen.
PPPoA
If you selected your ISP, then the Setup Wizard will automatically select the Encapsulation, VPI, VCI, and Multiplexing settings. Then enter the User ID and Password for your DSL connection.
If you need to manually enter your settings, use this screen. VPI/VCI - If you need to manually enter your settings, enter the VPI (Virtual Path Identifier) and VCI (Virtual
Channel Identifier) settings provided by your ISP.
Multiplexing - If you need to manually enter your settings, select LLC or VC, depending on your ISP. User ID and Password - Enter the User ID and Password provided by your ISP. Connection - Select Keep Alive if you always want to be connected to your ISP, or select Connect on
Demand if you are charged for the time that you are connected to your ISP. Keep Alive - For this option, the Gateway will keep the Internet connection active. In the Redial Period field,
specify how often you want the Gateway to check the Internet connection (the default is 5 minutes). Connect on Demand - If you select this option, the Gateway will terminate your Internet access after all
online applications have been closed for a specified period of time, which you can specify in the Max Idle Time field (the default is 30 seconds).
Click the Next button to continue or the Back button to return to the previous screen.
Figure 5-13: Setup Wizard’s Configure DSL -
1483 Routed Screen
Figure 5-14: Setup Wizard’s Configure DSL -
PPPoA Screen
Page 25
18
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
PPPoE
If you selected your ISP, then the Setup Wizard will automatically select the Encapsulation, VPI, VCI, and Multiplexing settings. Then enter the User ID and Password for your DSL connection.
If you need to manually enter your settings, use this screen. VPI/VCI - If you need to manually enter your settings, enter the VPI (Virtual Path Identifier) and VCI (Virtual
Channel Identifier) settings provided by your ISP.
Multiplexing - If you need to manually enter your settings, select LLC or VC, depending on your ISP. User ID and Password - Enter the User ID and Password provided by your ISP. Connection - Select Keep Alive if you always want to be connected to your ISP, or select Connect on
Demand if you are charged for the time that you are connected to your ISP. Keep Alive - For this option, the Gateway will keep the Internet connection active. In the Redial Period field,
specify how often you want the Gateway to check the Internet connection (the default is 5 minutes). Connect on Demand - If you select this option, the Gateway will terminate your Internet access after all
online applications have been closed for a specified period of time, which you can specify in the Max Idle Time field (the default is 30 seconds).
Click the Next button to continue or the Back button to return to the previous screen.
14. The Gateway provides a Web-based Utility you can use for configuring the Gateway from any networked PC. Access to the Utility is protected by a password.
Password - The default password is admin. Change it to a password of your choice. Confirm - Enter the password again in the Confirm field. Click the Next button to continue or the Back button to return to the previous screen.
Figure 5-15: Setup Wizard’s Configure DSL -
PPPoE Screen
Figure 5-16: Setup Wizard’s Set the Gateway’s
Password Screen
Page 26
19
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
15. The Setup Wizard will ask you to enter the settings for your wireless network. SSID - In the SSID field, enter the name of your wireless network. The SSID must be identical for all devices in
the network. The default setting is linksys (all lowercase).
Channel - Select the operating channel for your wireless network. All of your wireless devices will use this channel to communicate.
Network Mode - From the Network Mode drop-down menu, select the wireless standards running on your network. If you have both 802.11g and 802.11b devices in your network, keep the default setting, Mixed. If you have only 802.11g devices, select G-Only. If you have only 802.11b devices, select B-Only. If you want to disable your wireless network, select Disable.
Device Name - Enter a name for the Gateway in the Device Name field. Click the Next button to continue or the Back button to return to the previous screen.
16. Select the method of security you want to use: WPA Personal, WPA2 Personal, WPA2 Mixed Mode, WEP (64-Bit), or WEP (128-Bit). WPA stands for Wi-Fi Protected Access, and WEP stands for Wired Equivalent Privacy. WPA is a stronger security method than WEP, and WPA2 is a stronger version of WPA. Proceed to the appropriate section for your security method.
If you do not want to use any wireless security method, select Disabled and then click the Next button. Proceed to step 17.
Figure 5-17: Setup Wizard’s Wireless Settings Screen
NOTE: An SSID is the network name shared by all devices in a wireless network. Your network’s
SSID should be unique to your network and identical for all devices within the network.
Figure 5-18: Setup Wizard’s Configure Wir eless Security
Settings Screen
wpa (wi-fi protected access): a wireless security protocol using TKIP (Temporal Key Integrity Protocol) encryption, which can be used in conjunction with a RADIUS server.
wep (wired equivalent privacy): a method of encrypting network data transmitted on a wireless network for greater security.
NOTE: If you want to use WPA Enterprise or WPA2 Enterprise security, select Disabled and then click the Next button. After you have finished the Setup Wizard, use the Gateway’s Web-based Utility to configure your wireless security settings. Refer to “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200” for instructions.
Page 27
20
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
WPA Personal
Encryption - Select the type of algorithm you want to use, TKIP or AES. Passphrase - Enter a Passphrase, also called a pre-shared key, of 8 to 63 characters. The longer and more
complex your Passphrase is, the more secure your network will be. Click the Next button to continue or the Back button to return to the previous screen.
WPA2 Personal
Encryption - AES is automatically selected for WPA2 Personal mode. Passphrase - Enter a Passphrase, also called a pre-shared key, of 8 to 63 characters. The longer and more
complex your Passphrase is, the more secure your network will be. Click the Next button to continue or the Back button to return to the previous screen.
Figure 5-19: Setup Wizard’s Wireless Security -
WPA Personal Screen
encryption: encoding data transmitted in a network.
Figure 5-20: Setup Wizard’s Wireless Security -
WPA2 Personal Screen
Page 28
21
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
WPA2 Mixed Mode
Encryption - TKIP + AES is automatically selected so both methods can be used. Passphrase - Enter a Passphrase, also called a pre-shared key, of 8 to 63 characters. The longer and more
complex your Passphrase is, the more secure your network will be. Click the Next button to continue or the Back button to return to the previous screen.
WEP (64-Bit)
Enter a passphrase or WEP key. Passphrase - Enter a passphrase in the Passphrase field, so a WEP key is automatically generated. The
passphrase is case-sensitive and should not be longer than 16 alphanumeric characters. It must match the passphrase of your other wireless network devices and is compatible with Linksys wireless products only. (If you have any non-Linksys wireless products, enter the WEP key manually on those products.)
Key 1 - The WEP key you enter must match the WEP key of your wireless network. For 64-bit encryption, enter exactly 10 hexadecimal characters. Valid hexadecimal characters are “0” to “9” and “A” to “F”.
Click the Next button to continue or the Back button to return to the previous screen.
Figure 5-21: Setup Wizard’s Wireless Security -
WPA2 Mixed Mode Screen
Figure 5-22: Setup Wizard’s Wir e less Security -
WEP (64-Bit) Screen
Page 29
22
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
WEP (128-Bit)
Enter a passphrase or WEP key. Passphrase - Enter a passphrase in the Passphrase field, so a WEP key is automatically generated. The
passphrase is case-sensitive and should not be longer than 16 alphanumeric characters. It must match the passphrase of your other wireless network devices and is compatible with Linksys wireless products only. (If you have any non-Linksys wireless products, enter the WEP key manually on those products.)
Key 1 - The WEP key you enter must match the WEP key of your wireless network. For 128-bit encryption, enter exactly 26 hexadecimal characters. Valid hexadecimal characters are “0” to “9” and “A” to “F”.
Click the Next button to continue or the Back button to return to the previous screen.
17. The Setup Wizard will ask you to review your settings before it saves them. Click the Yes button if you are satisfied with your settings, or click the No button if you do not want to save your new settings.
Figure 5-23: Setup Wizard’s Wireless Security -
WEP (128-Bit) Screen
Figure 5-24: Setup Wizard’s Confirm New Settings Screen
Page 30
23
Chapter 5: Setting up the Wireless-G ADSL Gateway with SRX200 Using the Setup Wizard
Wireless-G ADSL Gateway with SRX200
18. After the settings have been saved, the Safe Surfing screen will appear. Click the Norton Internet Security Suite button to install the special edition of Norton Internet Security on your computer, or click the Finish
button to complete the Setup Wizard.
19. The Congratulations screen will appear. Click the Online Registration button to register the Gateway, or click the Exit button to exit the Setup Wizard.
Congratulations! The installation of the Wireless-G ADSL Gateway with SRX200 is complete.
If you want to make advanced configuration changes, proceed to “Chapter 6: Configuring the Wireless-G
ADSL Gateway with SRX200.”
Figure 5-25: Setup Wizard’s Safe Surfing Screen
Figure 5-26: Setup Wizard’s Congratulations Screen
Page 31
24
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 Overview
Wireless-G ADSL Gateway with SRX200
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200
Overview
Follow the steps in this chapter and use the Gateway’s web-based utility to configure the Gateway. This chapter will describe each web page in the Utility and each page’s key functions. The utility can be accessed via your web browser through use of a computer connected to the Gateway. For a basic network setup, most users only have to use the following screens of the Utility:
• Basic Setup. On the Basic Setup screen, enter the settings provided by your ISP.
• Management. Click the Administration tab and then the Management tab. The Gateway’s default username and password is admin. To secure the Gateway, change the default username and password.
There are seven main tabs: Setup, Wireless, Security , Access Restrictions, Applications & Gaming , Administration, and Status. Additional tabs will be available after you click one of the main tabs. Click Help for more information.
Setup
• Basic Setup. Enter the Internet connection and network settings on this screen.
• DDNS. To enable the Gateway’s Dynamic Domain Name System (DDNS) feature, complete the fields on this screen.
• Advanced Routing. On this screen, you can alter NAT and routing configurations.
Wireless
• Basic Wireless Settings. You can choose your wireless network settings on this screen.
• Wireless Security. Configure your wireless security settings on this screen.
• Wireless Access. This screen lets you control access to your wireless network.
• Advanced Wireless Settings. On this screen you can access the advanced wireless network settings.
NOTE: For added security, you should change the username and password through the Administration tab.
HAVE YOU: Enabled TCP/IP on your computers? Computers communicate over the network with this protocol. Refer to Windows Help for more information on TCP/IP.
Page 32
25
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 Overview
Wireless-G ADSL Gateway with SRX200
Security
• Firewall. Use this screen to enable/disable the firewall, set up filters, and block anonymous Internet requests.
• VPN Passthrough. You can enable or disable Virtual Private Network (VPN) Passthrough on this screen.
• VPN. Use this screen to configure up to five VPN tunnels.
Access Restrictions
• Internet Access Policy. This screen allows you to control the Internet usage and traffic on your local network.
Applications & Gaming
• Single Port Range Forwarding. Use this screen to set up common services or applications that require forwarding on a single port.
• Port Range Forwarding. To set up public services or other specialized Internet applications that require forwarding on a range of ports, use this screen.
• Port Triggering. To set up triggered ranges and forwarded ranges for Internet applications, click this tab.
• DMZ. To allow one local computer to be exposed to the Internet for use of special-purpose services, use this screen.
• QoS. Use Quality of Service (QoS) to assign different priority levels to different types of data transmissions.
Administration
• Management. On this screen, alter Gateway access, Simple Network Management Protocol (SNMP), Universal Plug and Play (UPnP), wireless management, and IGMP proxy settings.
• Reporting. If you want to view or save activity logs, click this tab.
• Diagnostics. Use this screen to run a Ping test.
• Backup&Restore. On this screen, you can back up or restore the Gateway’s configuration.
• Factory Defaults. If you want to restore the Gateway’s factory default settings, use this screen.
• Firmware Upgrade. Click this tab if you want to upgrade the Gateway’s firmware.
vpn (virtual private network): a security measure to protect data as it leaves one network and goes to another over the Internet.
Page 33
26
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 How to Access the Web-based Utility
Wireless-G ADSL Gateway with SRX200
Status
• Gateway. This screen provides status information about the Gateway.
• Local Network. This provides status information about the local network.
• Wireless. This screen provides status information about the wireless network.
• DSL Connection. This screen provides status information about the DSL connection.
How to Access the Web-based Utility
To access the web-based utility, launch Internet Explorer or Netscape Navigator, and enter the Gateway’s default IP address, 192.168.1.1, in the Address field. Then press Enter.
A login screen will appear (Windows XP users will see a similar screen). Enter admin (the default user name) in the User Name field, and enter admin (the default password) in the Password field. Then click the OK button.
The Setup Tab
The Basic Setup Tab
The first screen that appears is the Basic Setup tab. This tab allows you to change the Gateway's general settings. Change these settings as described here and click the Save Settings button to save your changes, or click the Cancel Changes button to cancel your changes. Click Help for more information.
Internet Setup
• Internet Connection Type. The Gateway supports six Encapsulation methods: RFC 1483 Bridged, RFC 1483 Routed, IPoA, RFC 2516 PPPoE, RFC 2364 PPPoA, and Bridged Mode Only. Select the appropriate type of encapsulation from the drop-down menu. Each Basic Setup screen and available features will differ depending on what type of encapsulation you select.
• VC Settings. You will configure your Virtual Circuit (VC) settings in this section.
• Multiplexing: Select LLC or VC, depending on your ISP.
• QoS Type: Select from the drop-down menu: CBR (Continuous Bit Rate) to specify fixed bandwidth for
voice or data traffic; UBR (Unspecific Bit Rate) for application that are none-time sensitive, such as e-mail; or VBR (Variable Bite Rate) for bursty traffic and bandwidth-sharing with other applications.
Figure 6-2: Basic Setup
Figure 6-1: Login Screen
Page 34
27
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
• Pcr Rate: For the Peak Cell Rate, divide the DSL line rate by 424 to get the maximum rate the sender can
send cells. Enter the rate in the field (if required by your service provider).
• Scr Rate: The Sustain Cell Rate sets the average cell rate that can be transmitted. The SCR value is
normally less than the PCR value. Enter the rate in the field (if required by your service provider).
• Autodetect: Select Enable to have the settings automatically entered, or select Disable to enter the
values manually.
• Virtual Circuit: These fields consist of two items: VPI (Virtual Path Identifier) and VCI (Virtual Channel
Identifier). Your ISP will provide the correct settings for these fields.
• IP Settings. Follow the instructions in the section for your type of encapsulation.
RFC 1483 Bridged
Dynamic IP
IP Settings. Select Obtain an IP Address Automatically if your ISP says you are connecting through a dynamic IP address.
Static IP
If you are required to use a permanent (static) IP address to connect to the Internet, then select Use the following IP Address.
• Internet IP Address. This is the Gateway’s IP address, when seen from the WAN, or the Internet. Your ISP
will provide you with the IP Address you need to specify here.
• Subnet Mask. This is the Gateway’s Subnet Mask. Your ISP will provide you with the Subnet Mask.
• Default Gateway. Your ISP will provide you with the default Gateway Address, which is the ISP server’s IP
address.
• Primary DNS (Required) and Secondary DNS (Optional). Your ISP will provide you with at least one DNS
(Domain Name System) Server IP Address.
Figure 6-3: RFC 1483 Bridged
Page 35
28
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
RFC 1483 Routed
If you are required to use RFC 1483 Routed, then select RFC 1483 Routed.
• Internet IP Address. This is the Gateway’s IP address, when seen from the WAN, or the Internet. Your ISP
will provide you with the IP Address you need to specify here.
• Subnet Mask. This is the Gateway’s Subnet Mask. Your ISP will provide you with the Subnet Mask.
• Default Gateway. Your ISP will provide you with the default Gateway Address, which is the ISP server’s IP
address.
• Primary DNS (Required) and Secondary DNS (Optional). Your ISP will provide you with at least one DNS
(Domain Name System) Server IP Address.
IPoA
If you are required to use IPoA (IP over ATM), then select IPoA.
• Internet IP Address. This is the Gateway’s IP address, when seen from the WAN, or the Internet. Your ISP
will provide you with the IP Address you need to specify here.
• Subnet Mask. This is the Gateway’s Subnet Mask. Your ISP will provide you with the Subnet Mask.
• Default Gateway. Your ISP will provide you with the default Gateway Address, which is the ISP server’s IP
address.
• Primary DNS (Required) and Secondary DNS (Optional). Your ISP will provide you with at least one DNS
(Domain Name System) Server IP Address.
Figure 6-4: RFC 1483 Routed
Figure 6-5: IPoA
Page 36
29
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
RFC 2516 PPPoE
Some DSL-based ISPs use PPPoE (Point-to-Point Protocol over Ethernet) to establish Internet connections. If you are connected to the Internet through a DSL line, check with your ISP to see if they use PPPoE. If they do, you will have to enable PPPoE.
• User Name and Password. Enter the User Name and Password provided by your ISP.
• Connect on Demand: Max Idle Time. You can configure the Gateway to disconnect the Internet connection
after it has been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Gateway to automatically re-establish your connection as soon as you attempt to access the Internet again. To use this option, click the Connect on Demand radio button. In the Max Idle Time field, enter the number of minutes you want to have elapsed before your Internet connection terminates.
• Keep Alive: Redial Period. If you select this option, the Gateway will periodically check your Internet
connection. If you are disconnected, then the Gateway will automatically re-establish your connection. To use this option, click the Keep Alive radio button. In the Redial Period field, specify how often you want the Gateway to check the Internet connection. The default Redial Period is 30 seconds.
RFC 2364 PPPoA
Some DSL-based ISPs use PPPoA (Point-to-Point Protocol over ATM) to establish Internet connections. If you are connected to the Internet through a DSL line, check with your ISP to see if they use PPPoA. If they do, you will have to enable PPPoA.
• User Name and Password. Enter the User Name and Password provided by your ISP.
• Connect on Demand: Max Idle Time. You can configure the Gateway to disconnect the Internet connection
after it has been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Gateway to automatically re-establish your connection as soon as you attempt to access the Internet again. To use this option, click the Connect on Demand radio button. In the Max Idle Time field, enter the number of minutes you want to have elapsed before your Internet connection terminates.
Keep Alive: Redial Period. If you select this option, the Gateway will periodically check your Internet connection. If you are disconnected, then the Gateway will automatically re-establish your connection. To use this option, click the Keep Alive radio button. In the Redial Period field, specify how often you want the Gateway to check the Internet connection. The default Redial Period is 30 seconds.
Figure 6-7: RFC 2364 PPPoA
Figure 6-6: RFC 2516 PPPoE
IMPORTANT: For Connect on Demand to work
correctly, close all Internet applications or the Gateway may not drop the connection depending on how often the application tries to get on the Internet (e.g., chat programs).
Page 37
30
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
Bridge Mode Only
If you are using your Gateway as a bridge, which makes the Gateway act like a stand-alone modem, select
Bridge Mode Only. All NAT and routing settings are disabled in this mode.
Optional Settings (required by some ISPs)
• Host Name and Domain Name. These fields allow you to supply a host and domain name for the Gateway. Some ISPs require these names as identification. You may have to check with your ISP to see if your broadband Internet service has been configured with a host and domain name. In most cases, you can leave these fields blank.
• MTU and Size. The MTU (Maximum Transmission Unit) setting specifies the largest packet size permitted for network transmission. Select Manual and enter the value desired in the Size field. It is recommended that you leave this value in the 1200 to 1500 range. By default, MTU is configured automatically.
Network Setup
• Router IP. The values for the Gateway’s Local IP Address and Subnet Mask are shown here. In most cases, keeping the default values will work.
• Local IP Address. The default value is 192.168.1.1.
• Subnet Mask. The default value is 255.255.255.0.
• Network Address Server Settings (DHCP). Configure the Gateway’s Dynamic Host Configuration Protocol (DHCP) settings in this section.
• DHCP Server. A Dynamic Host Configuration Protocol (DHCP) server automatically assigns an IP address to
each computer on your network for you. Unless you already have one, it is highly recommended that you leave the Gateway enabled as a DHCP server. You can also use the Gateway in DHCP Relay mode. (This setting is not available for all Encapsulation types.)
• DHCP Server. If you enable the DHCP Relay mode for the DHCP Server setting, enter the IP address for the
DHCP relay server in the fields provided. (This setting is not available for all Encapsulation types.)
• Starting IP Address. Enter a value for the DHCP server to start with when issuing IP addresses. This value
must be 192.168.1.2 or greater, because the default IP address for the Gateway is 192.168.1.1.
• Maximum Number of DHCP Users. Enter the maximum number of users/clients that can obtain an IP
address. The number will vary depending on the starting IP address entered.
Figure 6-9: Optional Settings
Figure 6-8: Bridged Mode Only
Page 38
31
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
• Client Lease Time. The Client Lease Time is the amount of time a computer will be allowed connection to
the Gateway with its current dynamic IP address. Enter the amount of time, in minutes, that the computer will be “leased” this dynamic IP address.
• Static DNS 1-3. The Domain Name System (DNS) is how the Internet translates domain or website names
into Internet addresses or URLs. Your ISP will provide you with at least one DNS Server IP Address. You can enter up to three DNS Server IP Addresses here. The Gateway will use these for quicker access to functioning DNS servers.
• WINS. The Windows Internet Naming Service (WINS) converts NetBIOS names to IP addresses. If you use a
WINS server, enter that server’s IP address here. Otherwise, leave this field blank.
• Time Setting. Select the appropriate time zone for the Gateway’s location. If desired, check the
Automatically adjust clock for daylight saving changes checkbox.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Page 39
32
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
The DDNS Tab
The Gateway offers a Dynamic Domain Name System (DDNS) feature. DDNS lets you assign a fixed host and domain name to a dynamic Internet IP address. It is useful when you are hosting your own website, FTP server, or other server behind the Gateway.
Before you can use this feature, you need to sign up for DDNS service at DynDNS.org or TZO.com.
DDNS
DDNS Service. If your DDNS service is provided by DynDNS.org, then select DynDNS.org from the drop-down menu. If your DDNS service is provided by TZO.com, then select TZO.com from the drop-down menu. To disable DDNS Service, select Disabled.
DynDNS.org
• User Name, Password, and Host Name. Enter the User Name, Password, and Host Name of the account you set up with DynDNS.org.
• Status. The status of the DDNS service connection is displayed here.
• Connect. Click the Connect button to start the DDNS service connection.
TZO.com
• E-mail Address, Password, and Domain Name. Enter the E-mail Address, Password, and Domain Name of the account you set up with TZO.
• Status. The status of the DDNS service connection is displayed here.
• Connect. Click the Connect button to start the DDNS service connection.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-10: DDNS - DynDNS.org
Figure 6-11: DDNS - TZO.com
Page 40
33
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
The Advanced Routing Tab
The Advanced Routing screen allows you to configure the NAT, dynamic routing, and static routing settings.
Advanced Routing
• Operating Mode. In this section, you will configure the Gateway’s general routing settings.
• NAT. NAT is a security feature that is enabled by default. It enables the Gateway to translate IP addresses
of your local area network to a different IP address for the Internet. To disable NAT, click the Disabled radio button.
• Dynamic Routing. With Dynamic Routing you can enable the Gateway to automatically adjust to physical changes in the network’s layout. Using RIP, the Gateway determines the network packets’ route based on the fewest number of hops between the source and the destination. The RIP protocol regularly broadcasts routing information to other Gateways on the network.
• RIP . If you have multiple routers, you may want to use the Routing Information Protocol (RIP) so the routers
can exchange routing information with each other. To use RIP, select the Enabled radio button. Otherwise , keep the default, Disabled.
• RIP Send Packet Version. Select the protocol version you want, RIPv1 or RIPv2.
• RIP Recv Packet Version. Select the protocol version you want, RIPv1 or RIPv2.
• Static Routing. If the Gateway is connected to more than one network, it may be necessary to set up a static route between them. A static route is a pre-determined pathway that network information must travel to reach a specific host or network. To create a static route, change the following settings:
• Select set number. Select the number of the static route from the drop-down menu. The Gateway
supports up to 20 static route entries. If you need to delete a route, then select the entry and click the Delete This Entry button.
• Destination IP Address. The Destination IP Address is the address of the remote network or host to which
you want to assign a static route. Enter the IP address of the host for which you wish to create a static route. If you are building a route to an entire network, be sure that the network portion of the IP address is set to 0.
• Subnet Mask. Enter the Subnet Mask (also known as the Network Mask), which determines which portion
of an IP address is the network portion, and which portion is the host portion.
F
i
g
u
r
e
6
-
1
2
:
A
d
v
a
n
c
e
d
R
o
u
t
i
n
g
Page 41
34
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Setup Tab
Wireless-G ADSL Gateway with SRX200
• Gateway. Enter the IP address of the gateway device that allows for contact between the Gateway and the
remote network or host.
• Hop Count. Hop Count is the number of hops to each node until the destination is reached (16 hops
maximum). Enter the Hop Count in the field provided.
• Show Routing Table. Click the Show Routing Table button to open a screen displaying how data is routed through your local network. For each route, the Destination LAN IP address, Subnet Mask, Gateway, and Interface are displayed. Click the Refresh button to update the information. Click the Close button to return to the previous screen.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-13: Routing Table
Page 42
35
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Wireless Tab
Wireless-G ADSL Gateway with SRX200
The Wireless Tab
The Basic Wireless Settings Tab
This screen allows you to choose your wireless network mode and wireless security.
Wireless Network
• Wireless Network Mode. If you have 802.11g and 802.11b devices in your network, then keep the default setting, Mixed. If you have only 802.11g devices, select G-Only. If you have only 802.11b devices, select B-Only. If you want to disable wireless networking, select Disabled.
• Wireless Network Name (SSID). Enter the name for your wireless network into the field. The SSID is the network name shared among all devices in a wireless network. It must be identical for all devices in the wireless network. It is case-sensitive and must not exceed 32 alphanumeric characters, which may be any keyboard character . Linksys recommends that you change the default SSID (linksys) to a unique name of your choice.
• Wireless Channel. Select the appropriate channel from the list provided to correspond with your network settings. All devices in your wireless network must use the same channel in order to function correctly. Wireless computers or clients will automatically detect the wireless channel of the Gateway.
• Wireless SSID Broadcast. When wireless computers or clients survey the local area for wireless networks to associate with, they will detect the SSID broadcast by the Gateway. To broadcast the Gateway's SSID, keep the default setting, Enable. If you do not want to broadcast the Gateway's SSID, then select Disable.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-14: Basic Wireless Settings
Page 43
36
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Wireless Tab
Wireless-G ADSL Gateway with SRX200
The Wireless Security Tab
The Wireless Security settings configure the security of your wireless network. There are six wireless security options supported by the Gateway: WPA-Personal, WPA2-Personal, WPA2-Mixed, WPA Enterprise, WPA2 Enterprise, and WEP. WPA stands for Wi-Fi Protected Access, which is a security standard stronger than WEP (Wired Equivalent Privacy) encryption. WPA2 is a more advanced, more secure version of WPA. WPA Enterprise and WPA2 Enterprise use a RADIUS (Remote Authentication Dial-In User Service) server for authentication. These are briefly discussed here. For detailed instructions on configuring wireless security for the Gateway, turn to “Appendix B: Wireless Security.”
If you want to disable wireless security, select Disable from the drop-down menu for Security Mode.
• Security Mode. Select the mode you want your network to use, WPA-Personal, WPA2-Personal, WPA2-Mixed, WPA Enterprise, WPA2 Enterprise, or WEP. If you have devices using WPA-Personal and WPA2-Personal, select WPA2-Mixed.
WPA-Personal
• Encryption. Select the method you want to use, TKIP or AES. (AES is a stronger encryption method than TKIP.)
• Passphrase. Enter the key shared by the Gateway and your other network devices. It must have 8 to 63 characters.
• Key Renewal. Enter the Key Renewal period, which tells the Gateway how often it should change the dynamic encryption keys.
When you have finished making changes to this screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
WPA2-Personal
• Encryption. AES is automatically selected.
• Passphrase. Enter the key shared by the Gateway and your other network devices. It must have 8 to 63 characters.
• Key Renewal. Enter the Key Renewal period, which tells the Gateway how often it should change the dynamic encryption keys.
When you have finished making changes to this screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-16: Wireless Security - WPA2-Personal
Figure 6-15: Wireless Security - WPA-Personal
IMPORTANT: If you are using wireless security,
always remember that each device in your wireless network MUST use the same wireless security method and shared key, or else the network will not function correctly. If you have devices using WPA-Personal and WPA2-Personal, you should use WPA2-Mixed. You may mix between WPA and WPA2 Enterprise, but not between Personal and Enterprise, Personal and WEP, or Enterprise and WEP.
Page 44
37
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Wireless Tab
Wireless-G ADSL Gateway with SRX200
WPA2-Mixed
• Encryption. TKIP + AES is automatically selected so both methods are available.
• Passphrase. Enter the key shared by the Gateway and your other network devices. It must have 8 to 63 characters.
• Key Renewal. Enter the Key Renewal period, which tells the Gateway how often it should change the dynamic encryption keys.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
WPA Enterprise
WPA Enterprise features WPA used with a RADIUS server. (This method should only be used when the Gateway is connected to a RADIUS server.)
• RADIUS Server Address. Enter the IP address of the RADIUS server.
• RADIUS Port. Enter the port number of the RADIUS server.
• Shared Key. Enter the key shared between the Gateway and its RADIUS server.
• Key Renewal Timeout. Enter the Key Renewal period, which tells the Gateway how often it should change the dynamic encryption keys.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-17: Wireless Security - WPA2-Mixed
Figure 6-18: Wireless Security - WPA Enterprise
Page 45
38
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Wireless Tab
Wireless-G ADSL Gateway with SRX200
WPA2 Enterprise
WPA2 Enterprise features WPA2 used with a RADIUS server. (This method should only be used when the Gateway is connected to a RADIUS server.)
• RADIUS Server Address. Enter the IP address of the RADIUS server.
• RADIUS Port. Enter the port number of the RADIUS server.
• Shared Key. Enter the key shared between the Gateway and its RADIUS server.
• Key Renewal Timeout. Enter the Key Renewal period, which tells the Gateway how often it should change the dynamic encryption keys.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
WEP
• Encryption. Select the appropriate level of encryption, 64-bit or 128-bit. A higher level of encryption is more secure.
• Passphrase. Instead of manually entering WEP keys, you can enter a Passphrase. It is case-sensitive and should not be longer than 32 alphanumeric characters. (This Passphrase function is compatible with Linksys wireless products only and cannot be used with Windows XP Zero Configuration. If you want to communicate with non-Linksys wireless products or Windows XP Zero Configuration, make a note of the WEP keys generated, and enter the appropriate one manually in the wireless computer or client.) If you want to use a Passphrase, then enter it in the Passphrase field and click the Generate button.
• WEP Keys 1-4. If you are not using a Passphrase, then manually enter a set of values. (Do not leave a key field blank, and do not enter all zeroes; they are not valid key values.) If you are using 40/64-bit WEP encryption, the key must be exactly 10 hexadecimal characters in length. If you are using 128-bit WEP encryption, the key must be exactly 26 hexadecimal characters in length. Valid hexadecimal characters are “0”-“9” and “A”-“F”.
• TX Key. To indicate which WEP key to use, select a default Transmit (TX) Key number.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-19: Wireless Security - WPA2 Enterprise
Figure 6-20: Wireless Security - WEP
Page 46
39
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Wireless Tab
Wireless-G ADSL Gateway with SRX200
The Wireless Access Tab
Wireless Network Access
Wireless Network Access. Select Allow All you want all computers to have access to the wireless network. To restrict access to the network, select Restrict Access, and then select Prevent to block access for the designated computers or Permit only to permit access for the designated computers. Click the Update Filter List button, and the Mac Address Filter List screen will appear.
Enter the MAC addresses of the computers you want to designate. To see a list of MAC addresses for wireless computers or clients, click the Wireless Client MAC List button.
The Wireless Client List screen will list MAC addresses for your wireless devices. Click the Refresh button to get the most up-to-date information. To add a specific computer to the Mac Address Filter List, click the Enable MA C
Filter checkbox and then the Update Filter List button. Click the Close button to return to the MAC Address Filter List screen.
On the MAC Address Filter List screen, click the Save Settings button to save this list, or click the Cancel Changes button to remove your entries.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-22: MAC Address Filter List
Figure 6-21: Wireless Access
Figure 6-23: Wireless Client MAC List
Page 47
40
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Wireless Tab
Wireless-G ADSL Gateway with SRX200
The Advanced Wireless Settings Tab
You can access the advanced wireless features on this screen.
Advanced Wireless
Wireless-G Settings This tab is used to set up the Gateway’s advanced wireless functions. These settings should only be adjusted by
an expert administrator as incorrect settings can reduce wireless performance.
• Basic Rate Set. The Basic Rate Set is a series of rates at which the Gateway can transmit. (If you want to specify the Gateway’s actual rate of data transmission, configure the T ransmission Rate setting.) The Gatew ay will advertise its Basic Rate Set to the other wireless devices in your network, so they know which rates will be supported. The Gateway will also advertise that it will automatically select the best rate for transmission. In most cases, you should keep the default setting, Default (1-2-5.5-11). Other options are 1-2Mbps, for use with older wireless technology, and All, when the Gateway can transmit at all wireless rates.
• Transmission Rate. The rate of data transmission should be set depending on the speed of your wireless network. You can select from a range of transmission speeds, or you can select Auto to have the Gateway automatically use the fastest possible data rate and enable the Auto-Fallback feature. Auto-Fallback will negotiate the best possible connection speed between the Gateway and a wireless client. The default is Auto.
• CTS Protection Mode. CTS (Clear-To-Send) Protection Mode should remain set to its default, Auto, so when your Wireless-G products are not able to transmit to the Gateway in an environment with heavy 802.11b traffic, the CTS Protection Mode will be used. This function boosts the Gateway’s ability to catch all Wireless­G transmissions but will severely decrease performance.
• Beacon Interval. A beacon is a packet broadcast by the Gateway to synchronize the wireless network.Beacon Interval. The default value is 100. Enter a value between 1 and 65,535 milliseconds. The Beacon Interval value indicates the frequency interval of the beacon. A beacon is a packet broadcast by the Gateway to synchronize the wireless network.
• DTIM Interval. This value, between 1 and 255, indicates the interval of the Delivery T raffic Indication Message (DTIM). A DTIM field is a countdown field informing clients of the next window for listening to broadcast and multicast messages. When the Gateway has buffered broadcast or multicast messages for associated clients, it sends the next DTIM with a DTIM Interval value. Its clients hear the beacons and awaken to receive the broadcast and multicast messages. The default value is 1.
• Fragmentation Threshold. This value specifies the maximum size for a packet before data is fragmented into multiple packets. If you experience a high packet error rate, you may slightly increase the Fragmentation
Figure 6-24: Advanced Wireless Settings
Page 48
41
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Wireless Tab
Wireless-G ADSL Gateway with SRX200
Threshold. Setting the Fragmentation Threshold too low may result in poor network performance. Only minor reduction of the default value is recommended. In most cases, it should remain at its default value of 2346.
• RTS Threshold. If you encounter inconsistent data flow, only minor modifications are recommended. If a network packet is smaller than the preset RTS threshold size, the RTS/CTS mechanism will not be enabled. The Gateway sends Request to Send (RTS) frames to a particular receiving station and negotiates the sending of a data frame. After receiving an RTS, the wireless station responds with a Clear to Send (CTS) frame to acknowledge the right to begin transmission. This value should remain at its default setting of 2346.
• Preamble Type. The preamble defines the length of the CRC block for communication between the Gateway and a roaming wireless client. (High network traffic areas should use the shorter preamble type.) Select the appropriate preamble type, Long (default) or Short.
• Network Density. This determines the Gateway’s transmission and reception range. Select one of these settings, Low (greater range), Medium (mid-range), or High (lower range). The Low setting is recommended when you have few wireless networks in your area, while the High setting is recommended when you have a lot of wireless network traffic in your area. You can also use the Medium setting if you want a mid-range setting. The default setting is Low.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Page 49
42
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Security Tab
Wireless-G ADSL Gateway with SRX200
The Security Tab
The Firewall Tab
You can enable or disable the firewall, select filters to block specific Internet data types, and block anonymous Internet requests. Use these features to enhance the security of your network.
Firewall
• SPI Firewall Protection. The Stateful Packet Inspection (SPI) firewall feature enhances the security of your network. To use this feature, click Enable. If you do not want to use the firewall, click Disable.
Additional Filters
• Filter Proxy. Use of WAN proxy servers may compromise the Gateway's security. Denying Filter Proxy will disable access to any WAN proxy servers. To enable proxy filtering, click the checkbox.
• Filter Cookies. A cookie is data stored on your computer and used by Internet sites when you interact with them. To enable cookie filtering, click the checkbox.
• Filter Java Applets. Java is a programming language for websites. If you deny Java Applets, you run the risk of not having access to Internet sites created using this programming language. To enable Java Applet filtering, click the checkbox.
• Filter ActiveX. ActiveX is a programming language for websites. If you deny ActiveX, you run the risk of not having access to Internet sites created using this programming language. To enable ActiveX filtering , click the checkbox.
Block WAN Requests
• Block Anonymous Internet Requests. This keeps your network from being “pinged” or detected and reinforces your network security by hiding your network ports, so it is more difficult for intruders to discover your network. Select Block Anonymous Internet Requests to block anonymous Internet requests or de­select it to allow anonymous Internet requests.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-25: Firewall
Page 50
43
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Security Tab
Wireless-G ADSL Gateway with SRX200
The VPN Passthrough Tab
Virtual Private Networking (VPN) is a security measure that basically creates a secure connection between two remote locations. Configure these settings so the Gateway will permit VPN tunnels to pass through.
VPN Passthrough
• IPSec Passthrough. Internet Protocol Security (IPSec) is a suite of protocols used to implement secure exchange of packets at the IP layer. To allow IPSec Passthrough, click the Enable button. To disable IPSec Passthrough, click the Disable button.
• PPTP Passthrough. Point-to-Point Tunneling Protocol Passthrough is the method used to enable VPN sessions to a Windows NT 4.0 or 2000 server. To allow PPTP Passthrough, click the Enable button. To disable PPTP Passthrough, click the Disable button.
• L2TP Passthrough. Layering 2 Tunneling Protocol Passthrough is an extension of the Point-to-Point Tunneling Protocol (PPTP) used to enable the operation of a VPN over the Internet.To allow L2TP Passthrough, click the Enable button. To disable L2TP Passthrough, click the Disable button.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-26: VPN Passthrough
Page 51
44
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Security Tab
Wireless-G ADSL Gateway with SRX200
The VPN Tab
Virtual Private Networking (VPN) is a security measure that basically creates a secure connection between two remote locations. Configure these settings so the Gateway will create VPN tunnels, up to a maximum of five.
VPN Tunnel
• Select Tunnel Entry. To establish this tunnel, select new. To modify the settings for a tunnel, select the tunnel you wish to modify.
• Delete. To delete a tunnel, select it from the drop-down menu and click the Delete button.
• Summary. To see the settings for a tunnel, select it from the drop-down menu and click the Summary button.
• IPSec VPN Tunnel. Select Enable to activate the current VPN tunnel. Otherwise, select Disable.
• Tunnel Name. Once the tunnel is enabled, enter the name of the tunnel. Unique names allow you to identify multiple tunnels. The name you give on this end does not have to match the name used at the remote end of the tunnel.
Local Secure Group The Local Secure Group is the computer(s) on your local network that can access the tunnel. From the drop-down
menu, select IP Addr. or Subnet.
• IP Addr . Select IP Addr . if you w ant to designate a specific computer. Then enter the computer’s IP address in the IP field.
• Subnet. Select Subnet if you want to include the entire network for the tunnel. Then enter the Gateway’s IP address in the IP field and subnet mask in the Mask field.
Remote Secure Group The Remote Secure Group is the computer(s) on the remote end of the tunnel; these are the computers that can
access the tunnel. From the drop-down menu, select IP Addr., Subnet, or Any.
• IP Addr . Select IP Addr . if you w ant to designate a specific computer. Then enter the computer’s IP address in the IP field.
• Subnet. Select Subnet if you want to include the entire network for the tunnel. In the IP field, enter the IP address of the remote VPN device, such as a router, and enter its subnet mask in the Mask field.
Figure 6-27: VPN
Figure 6-28: VPN Settings Summary
Page 52
45
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Security Tab
Wireless-G ADSL Gateway with SRX200
• Any. Select Any if you want the Gateway to accept requests from any IP address.
Remote Secure Gateway The Remote Secure Gateway is the VPN device on the remote end of the VPN tunnel. The remote VPN device can
be a VPN router, VPN server, or computer with VPN client software that supports IPSec. From the drop-down menu, select IP Addr. or Any.
• IP Addr . Select IP Addr. if you want to designate a static IP address. Then enter the VPN device’ s IP address in the IP field.
• Any. Select Any if you want the Gateway to accept requests from any IP address.
Key Management
• Key Exchange Method. Select Auto (IKE) or Manual for the Key Exchange Method. Both ends of a VPN tunnel must use the same mode of key management. The two methods are described below. After you have selected the method, the settings available on this screen may change, depending on the selection you have made.
Auto (IKE)
IKE is an Internet Key Exchange protocol used to negotiate key material for Security Association (SA). IKE uses the Pre-Shared Key to authenticate the remote IDE peer.
• Encryption. When you select Auto (IKE), 3DES (168-bit) encryption is automatically selected. The same
type of encryption must be used by the VPN device at the remote end of the tunnel.
• Authentication. Select one of the two authentication methods available, SHA1 or MD5. MD5 is a one-way
hashing algorithm that produces a 128-bit digest. SHA is a one-way hashing algorithm that produces a 160-bit digest. SHA1 is recommended because it is more secure. Make sure both ends of the VPN tunnel use the same authentication method.
• PFS. PFS (Perfect Forward Secrecy) ensures that the initial key exchange and IKE proposals are secure. T o
use PFS, select Enable. Otherwise, select Disable.
• Pre-Shared Key. Enter a series of numbers or letters in the Pre-Shared Key field. Based on this word,
which MUST be entered at both ends of the tunnel, a key is generated to scramble (encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted). You may use any combination of up to 24 numbers or letters in this field. No special characters or spaces are allowed.
• Key Life Time. You may select to have the key expire at the end of a time period of your choosing. Enter
the number of seconds you’d like the key to be useful, or leave it blank for the key to last indefinitely.
Figure 6-29: Key Exchange Method - Auto (IKE)
Page 53
46
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Security Tab
Wireless-G ADSL Gateway with SRX200
Manual
If you select Manual, you generate the key yourself, and no key negotiation is needed. Basically, manual key management is used in small static environments or for troubleshooting purposes.
• Encryption Algorithm. When you select Manual, 3DES (168-bit) encryption is automatically selected. The
same type of encryption must be used by the VPN device at the remote end of the tunnel.
• Encryption Key. This field specifies a key used to encrypt and decrypt IP traffic. The Encryption Key is
48-bit, so you should enter a key of 24 ASCII characters. Make sure both ends of the VPN tunnel use the same Encryption Key.
• Authentication Algorithm. Select a method of authentication, MD5 or SHA1. This determines how the ESP
packets are validated. MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA is a one­way hashing algorithm that produces a 160-bit digest. SHA1 is recommended because it is more secure. Make sure both ends of the VPN tunnel use the same authentication method.
• Authentication Key. This field specifies a key used to authenticate IP traffic. Enter a key of hexadecimal
values. If MD5 is selected, the Authentication Key is 32-bit, so you should enter 16 ASCII characters. If SHA is selected, the Authentication Key is 40-bit, so you should enter a key of 20 ASCII characters. Make sure both ends of the VPN tunnel use the same Authentication Key.
• Inbound and Outbound SPI (Security Parameter Index). SPI is carried in the ESP (Encapsulating Security
Payload Protocol) header and enables the receiver and sender to select the SA, under which a packet should be processed. Hexadecimal values is acceptable, and the valid range is 100~ffffffff. Each tunnel must have a unique Inbound SPI and Outbound SPI. No two tunnels share the same SPI. The Incoming SPI
here must match the Outgoing SPI value at the other end of the tunnel, and vice versa. Status The status information for the Gateway’s VPN tunnels is displayed here. If you selected Manual, then you will have one button available. Click the View Log button to see the activity logs. If you selected Auto (IKE), then you will have four buttons available. Click the Connect button to start the VPN
connection.Click the Disconnect button to terminate the VPN connection. Click the View Log button to see the activity logs. Click the Advanced Settings button to configure the advanced settings of the VPN tunnel.
Figure 6-30: Key Exchange Method - Manual
Figure 6-31: VPN Log
Page 54
47
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Security Tab
Wireless-G ADSL Gateway with SRX200
Advanced VPN Tunnel Setup
Click the Advanced Settings button, and the Advanced VPN Tunnel Setup screen will appear. These advanced IPSec settings are for advanced users.
Phase 1
Phase 1 is used to create a security association (SA), often called the IKE SA. After Phase 1 is completed, Phase 2 is used to create one or more IPSec SAs, which are then used to key IPSec sessions.
Operation Mode. There are two modes: Main and Aggressive, and they exchange the same IKE payloads in different sequences. Main mode is more common; however, some people prefer Aggressive mode because it is faster. Main mode is for normal usage and includes more authentication requirements than Aggressive mode. Main mode is recommended because it is more secure. No matter which mode is selected, the VPN Router will accept both Main and Aggressive requests from the remote VPN device.
Local Identity. Select the Local IP address or Name radio button. If you select Local IP address, then the Gateway’s Internet IP address will be used. If you select Name, enter the Fully Qualified Domain Name (FQDN) of the Gateway in the field provided, so its current IP address can be located via DDNS.
Remote Identity. Select the Remote IP address or Name radio button. If you select Remote IP address, then the Internet IP address of the remote VPN device will be used. If you select Name, enter the Fully Qualified Domain Name (FQDN) of the remote VPN device in the field provided, so a current IP address can be located via DDNS.
Encryption. For encryption or decryption of ESP packets. 3DES (168-bit) encryption is automatically selected. Authentication. Select the method used to authenticate ESP packets. There are two choices: MD5 and SHA1.
SHA1 is recommended because it is more secure. Group. There are three Diffie-Hellman Groups to choose from: 768-bit, 1024-bit, and 1536-bit. Diffie-Hellman
refers to a cryptographic technique that uses public and private keys for encryption and decryption. Key Life Time. In the Key Lifetime field, you may optionally select to have the key expire at the end of a time
period of your choosing. Enter the number of seconds you’d like the key to be used until a re-key negotiation between each endpoint is completed.
Phase 2
Encryption. The encryption method selected in Phase 1 will be displayed. Authentication. The authentication method selected in Phase 1 will be displayed.
Figure 6-32: Advanced VPN Tunnel Setup
Page 55
48
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Security Tab
Wireless-G ADSL Gateway with SRX200
PFS. The status of the PFS (Perfect Forward Secrecy) feature will be displayed. Group. There are three Diffie-Hellman Groups to choose from: 768-bit, 1024-bit, and 1536-bit. Diffie-Hellman
refers to a cryptographic technique that uses public and private keys for encryption and decryption. Key Life Time. In the Key Lifetime field, you may optionally select to have the key expire at the end of a time
period of your choosing. Enter the number of seconds you’d like the key to be used until a re-key negotiation between each endpoint is completed.
When you have finished making changes to this screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Page 56
49
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Access Restrictions Tab
Wireless-G ADSL Gateway with SRX200
The Access Restrictions Tab
The Internet Access Policy Tab
The Internet Access Policy screen allows you to block or allow specific kinds of Internet usage. You can set up Internet access policies for specific computers and block websites by URL address or keyword.
Internet Access Policy
Internet Access Policy. Access can be managed by a policy. Use the settings on this screen to establish an access policy (after the Save Settings button is clicked). Selecting a policy from the drop-down menu will display that policy’s settings. To delete a policy, select that policy’s number and click the Delete button. To view all the policies, click the Summary button. (Policies can be deleted from the Summary screen by selecting the policy or policies and clicking the Delete button. To return to the Internet Access screen, click the Close button.)
Status. Policies are disabled by default. To enable a policy, select the policy number from the drop-down menu, and click the radio button beside Enable.
To create an Internet Access policy:
1. Select a number from the Internet Access Policy drop-down menu.
2. To enable this policy, click the radio button beside Enable.
3. Enter a Policy Name in the field provided.
Figure 6-33: Internet Access Policy
Figure 6-34: Internet Policy Summary
Page 57
50
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Access Restrictions Tab
Wireless-G ADSL Gateway with SRX200
4. Click the Edit List of PCs button to select which PCs will be affected by the policy. The List of PCs screen will
appear. You can select a PC by MAC Address or IP Address. You can also enter a range of IP Addresses if you want this policy to affect a group of PCs. After making your changes, click the Save Settings button to apply your changes or Cancel Changes to cancel your changes. Then click the Close button to exit this screen.
5. Click the appropriate option, Deny or Allow, depending on whether you want to block or allow Internet access
for the PCs you listed on the List of PCs screen.
6. Decide which days and what times you want this policy to be enforced. Select the individual days during
which the policy will be in effect, or select Everyday. Then enter a range of hours and minutes during which the policy will be in effect, or select 24 Hours.
7. If you want to block websites with specific URL addresses, enter each URL in a separate field next to Website
Blocking by URL Address.
8. If you want to block websites using specific keywords, enter each keyword in a separate field next to Website
Blocking by Keyword.
9. You can filter access to various services accessed over the Internet, such as FTP or telnet, by selecting
services from the drop-down menus next to Blocked Services. The port numbers and protocol for the selected service will be automatically displayed.
If the service you want is not listed, select User-Defined. Enter its port numbers in the fields provided. Then select its protocol, ICMP, TCP, UDP, or TCP & UDP from the drop-down menu.
10. Click the Save Settings button to save the policy’s settings. To undo the policy’s settings, click the Cancel
Changes button. Click Help for more information.
Figure 6-35: List of PCs
Page 58
51
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Applications and Gaming Tab
Wireless-G ADSL Gateway with SRX200
The Applications and Gaming Tab
The Single Port Range Forwarding Tab
Use the Single Port Range Forwarding screen when you want to open a specific port so users on the Internet can see the servers behind the Gateway (such servers may include FTP or e-mail servers). When users send this type of request to your network via the Internet, the Gateway will forward those requests to the appropriate computer. Any computer whose port is being forwarded should have its DHCP client function disabled and should have a new static IP address assigned to it because its IP address may change when using the DHCP function.
Single Port Forwarding
• Application. Enter the name of the application in the field provided.
• External Port and Internal Port. Enter the External and Internal Port numbers.
• Protocol. Select the protocol you wish to use for each application: TCP or UDP.
• IP Address. Enter the IP Address of the appropriate computer.
• Enabled. Click Enabled to enable forwarding for the chosen application. When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-36: Single Port Forwarding
Page 59
52
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Applications and Gaming Tab
Wireless-G ADSL Gateway with SRX200
The Port Range Forwarding Tab
The Port Range Forwarding screen sets up public services on your network, such as web servers, ftp servers, e­mail servers, or other specialized Internet applications. (Specialized Internet applications are any applications that use Internet access to perform functions such as videoconferencing or online gaming. Some Internet applications may not require any forwarding.)
When users send this type of request to your network via the Internet, the Gateway will forward those requests to the appropriate computer. Any computer whose port is being forwarded should have its DHCP client function disabled and should have a new static IP address assigned to it because its IP address may change when using the DHCP function.
Port Range Forwarding
• Application. Enter the name of the application in the field provided.
• Start and End. Enter the starting and ending numbers of the port range you wish to forward.
• Protocol. Select the protocol you wish to use for each application: TCP, UDP, or Both.
• IP Address. Enter the IP Address of the appropriate computer.
• Enable. Click the Enable checkbox to enable forwarding for the chosen application. When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-37: Port Range Forwarding
Page 60
53
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Applications and Gaming Tab
Wireless-G ADSL Gateway with SRX200
The Port Triggering Tab
Port Triggering is used for special applications that can request a port to be opened on demand. For this feature, the Gateway will watch outgoing data for specific port numbers. The Gateway will remember the IP address of the computer that sends a transmission requesting data, so that when the requested data returns through the Gateway, the data is pulled back to the proper computer by way of IP address and port mapping rules.
Port Range Triggering
• Application. Enter the name you wish to give each application.
• Triggered Range. Enter the starting and ending port numbers of the Triggered Range.
• Forwarded Range. Enter the starting and ending port numbers of the Forwarded Range.
• Enabled. Click the Enabled checkbox to enable port triggering for the chosen application. When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-38: Port Triggering
Page 61
54
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Applications and Gaming Tab
Wireless-G ADSL Gateway with SRX200
The DMZ Tab
The DMZ screen allows one local user to be exposed to the Internet for use of a special-purpose service such as Internet gaming and videoconferencing through DMZ Hosting. DMZ hosting forwards all the ports for one computer at the same time, which differs from Port Range Forwarding, which can only forward a maximum of 10 ranges of ports.
DMZ
• DMZ Hosting. This feature allows one local user to be exposed to the Internet for use of a special-purpose
service such as Internet gaming and videoconferencing. To use this feature, select Enable. To disable DMZ, select Disable.
• DMZ Host IP Address. To expose one computer, enter the computer’s IP address. To get the IP address of a
computer, refer to “Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter.”
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-39: DMZ
Page 62
55
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Applications and Gaming Tab
Wireless-G ADSL Gateway with SRX200
The QoS Tab
QoS (Quality of Service)
QoS ensures better service to high-priority types of network traffic, which may involve demanding, real-time applications, such as Internet phone calls or videoconferencing.
Wireless
ACK Mode. This setting prioritizes QoS for users who also have ACK Mode enabled. Users with Immediate
ACK (the default setting) will experience reliable connectivity for normal network use. Burst ACK is faster but less reliable and may also affect long-range wireless performance. The No ACK setting disables the ACK feature. Clients utilizing ACK must have their wireless adapter on the same setting as the Gateway. This is normally used in a multicast broadcast like video. Do not use this unless you are an advanced user.
802.11e/QoS. QoS will be enabled by default to provide the best performance for your wireless connection.
Select Disable to improve performance for a mixed wireless network. Internet Access Priority In this section, you can set priority based on Application, Port Range, or MAC Address. There are four priories you
can set: High, Medium, Normal, or Low.
• Enabled/Disabled. To limit outgoing bandwidth for the QoS policies in use, select Enabled. Otherwise, select
Disabled.
• Set Internet Bandwidth. This setting allows you to limit the outgoing bandwidth for the QoS policies in use, so
you can control how much bandwidth a particular application is allowed to use. Enter the bandwidth in the
field.
• Application. With this option you can select None, Online Game, MSN Messenger, YAHOO Messenger,
Skype, Voice Device, Add a New Application, or select from the list of applications you want to set. To
create a new entry, select Add a New Application, and refer to the Add a New Application section.
• Priority. Select High, Medium, Normal, or Low for the bandwidth priority you need for the application you
selected. Don’t set all applications to High, because this will defeat the purpose of allocating the available
bandwidth. If you want to select below normal bandwidth, select Low. Depending on the application, a few
attempts may be needed to set the appropriate bandwidth priority. Once you have made your selection, click
Add to add to the Summary list.
Figure 6-40: QoS
Page 63
56
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Applications and Gaming Tab
Wireless-G ADSL Gateway with SRX200
Online Game Selecting Online Game will display the Select a Game drop-down menu, which will list a few common pre-
configured games. Select the game from the list, and then select its priority. MSN Messenger Select its priority from the drop-down menu, and click Add. YAHOO Messenger Select its priority from the drop-down menu, and click Add. Skype Select its priority from the drop-down menu, and click Add. Voice Device Enter the name of your network device in the Enter a Name field, enter its MAC Address, select its priority
from the drop-down menu, and click Add. Add a New Application Enter a Name Enter any name to indicate the name of the entry. Category Select from Port Range or MAC Address for the Gateway to use to set the bandwidth priority. Port Range If you selected Port Range, then this category will be available. It allows you to enter the port
range(s) that the application will be using. For example, if you want to allocate bandwidth for FTP, you can enter 21-21. If you need services for an application that uses from 1000 to 1250, you enter 1000-1250 as your settings. Port numbers can range from 1 to 65535. Check your application's documentation for details on the service ports used.
You can define up to three ranges for this bandwidth allocation. For each port range, designate the protocol type(s): TCP, UDP, or Both.
MAC Address If you selected MAC Address, then this category will be available. Enter the 12 hexadecimal
digit MAC Address to represent the device you want to set as a bandwidth priority. This is a unique identifier for your network device. When the Gateway identifies the device entered, the Gateway will allocate the priority set for that entry. Check the device’ s documentation to obtain the MAC Address.
Figure 6-41: QoS - Online Game
Figure 6-42: QoS - MSN Messenger
Figure 6-43: QoS - Voice Device
Figure 6-44: QoS - Add a New Application (Port Range)
Page 64
57
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Applications and Gaming Tab
Wireless-G ADSL Gateway with SRX200
Priority Select the bandwidth priority for the application you selected. Select High, Medium, Normal,
or Low for the bandwidth, but don’t set all applications to High. Once you have made your selection, click Add to add to the Summary list.
Summary
Priority This displays the bandwidth allocation priority of High, Medium, Normal, or Low, that you set
for the application. Name This displays the application name or the entries you entered to be allocated. Information This displays the Port Range or MAC Address entered when you added a new application. If a
pre-configured application was selected, there will be no valid entry shown in this section. Remove This button allows you to remove the application entry. To remove the entry, click the Remove
button. To save the configuration, click the Save Settings button. Otherwise, to cancel, click
the Cancel Changes button. When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-45: QoS - Add a New Application (MAC
Address)
Page 65
58
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Administration Tab
Wireless-G ADSL Gateway with SRX200
The Administration Tab
The Management T ab
The Management screen allows you to change the Gateway’s access settings as well as configure the SNMP (Simple Network Management Protocol), UPnP (Universal Plug and Play), and WLAN management features.
Gateway Access
Local Gateway Access. To ensure the Gateway’s security, you will be asked for your password when you access the Gateway’s Web-based Utility. The default username and password is admin.
• Gateway Userlist. Select the number of the user from the drop-down menu.
• Gateway Username. Enter the default username, admin. It is recommended that you change the default username to one of your choice.
• Gateway Password. It is recommended that you change the default password, admin, to one of your choice.
• Re-enter to confirm. Re-enter the Gateway’s new Password to confirm it.
Remote Gateway Access. This feature allows you to access the Gateway from a remote location, via the Internet.
• Remote Management. This feature allows you to manage the Gateway from a remote location via the Internet. To enable Remote Management, click Enable.
• Management Port. Enter the port number you will use to remotely access the Gateway.
SNMP
SNMP is a popular network monitoring and management protocol.
• Device Name. Enter the name of the Gateway.
• SNMP. To enable SNMP, click Enable. To disable SNMP, click Disable.
• Get Community. Enter the password that allows read-only access to the Gateway’s SNMP information.
Figure 6-47: Allowed IP - IP Range
Figure 6-46: Management
IMPORTANT: Enabling remote management allows anyone with your password to configure the
Gateway from somewhere else on the Internet.
Page 66
59
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Administration Tab
Wireless-G ADSL Gateway with SRX200
• Set Community. Enter the password that allows read/write access to the Gateway’s SNMP information.
• Trap Management: Trap to. Enter the IP address of the remote host computer that will receive the trap messages.
UPnP
UPnP allows Windows Me and XP to automatically configure the Gateway for various Internet applications, such as gaming and videoconferencing.
• UPnP. To enable UPnP, click Enable. Otherwise, click Disable.
WLAN
• Management via WLAN. This feature allows the Gateway to be managed by a wireless computer on the local network when it logs into the Gateway’s Web-based Utility. To enable this feature, click Enable. Otherwise, click Disable.
IGMP
• IGMP Proxy. If your multimedia application or device is not working properly behind the Gateway, then you can use the IGMP Proxy feature to allow multicast traffic through the Gateway. To use this feature, click Enable. Otherwise, click Disable.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Page 67
60
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Administration Tab
Wireless-G ADSL Gateway with SRX200
The Reporting Tab
The Reporting screen provides you with a log of all incoming and outgoing URLs or IP addresses for your Internet connection. It also provides logs for VPN and firewall events.
Reporting
• Log. To enable log reporting, click Enable.
Email Alerts
• E-Mail Alerts. To enable E-Mail Alerts, click Enable.
• Denial of Service Thresholds. Enter the number of Denial of Service attacks that will trigger an e-mail alert.
• SMTP Mail Server. Enter the IP address of the SMTP server.
• E-Mail Address for Alert Logs. Enter the e-mail address that will receive alert logs.
• Return E-Mail address. Enter the return address for the e-mail alerts.
To view the logs, clic k the View Logs button. A new screen will appear. From the drop-down menu, select which log you want to view: ALL, Access Log, or Firewall Log. Click the pageRefresh button to refresh the information. Click the Clear button to clear the log information. Click the Previous Page button to go to the previous page of information. Click the Next Page button to move to the next page of information.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
Figure 6-49: System Log
Figure 6-48: Reporting
Page 68
61
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Administration Tab
Wireless-G ADSL Gateway with SRX200
The Diagnostics Tab
Use this screen to run ping tests and display test results.
Ping Test
Ping Test Parameters
• Ping Target IP. Enter the IP address that you want to ping. This can be either a local (LAN) IP or an Internet (WAN) IP address.
• Ping Size. Enter the size of the packet.
• Number of Pings. Enter the number of times that you want to ping.
• Ping Interval. Enter the ping interval (how often the target IP address will be pinged) in milliseconds.
• Ping Timeout. Enter the ping timeout (how long before the ping test times out) in milliseconds.
Click the Start Test button to start the Ping Test.
• Ping Result. The results of the ping test will be shown here.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes. Click Help for more information.
The Backup&Restore Tab
The Backup&Restore tab allows you to back up and restore the Gateway’s configuration file.
Backup Configuration
To back up the Gateway’s configuration file, click the Backup button. Then follow the on-screen instructions.
Restore Configuration
To restore the Gateway’s configuration file, click the Browse button. Then follow the on-screen instructions to locate the file. After you have selected the file, click the Restore button.
Click Help for more information.
Figure 6-50: Diagnostics
Figure 6-51: Backup&Restore
Page 69
62
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Administration Tab
Wireless-G ADSL Gateway with SRX200
The Factory Defaults Tab
If you want to restore the Gateway’s factory default settings, then use this screen.
Factory Defaults
Restore Factory Defaults. If you wish to restore the Gateway to its factory default settings and lose all your settings, click Restore Factory Defaults. Then follow the on-screen instructions. Click Help for more information.
The Firmware Upgrade Tab
Use this screen to upgrade the Gateway’s firmware.
Firmware Upgrade
To upgrade the Gateway’s firmware:
1. Download the Gateway’s firmware upgrade file from www.linksys.com/international.
2. Extract the file on your computer.
3. On the Firmware Upgrade screen, click the Browse button to find the firmware upgrade file.
4. Double-click the firmware file that you have downloaded and extracted.
5. Click the Start to Upgrade button, and follow the on-screen instructions.
Click Help for more information.
Figure 6-53: Firmware Upgrade
Figure 6-52: Factory Defaults
Page 70
63
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Status Tab
Wireless-G ADSL Gateway with SRX200
The Status Tab
The Gateway Tab
This screen displays information about the Gateway and its Internet connection.
Gateway Information
This section displays the Gateway’s Firmware Version, MAC Address, and Current Time.
Internet Connection
This section shows the following information: Login Type, Interface, IP Address, Subnet Mask, Default Gateway, and DNS 1, 2, and 3 server IP addresses.
DHCP Renew. If available, click the DHCP Renew button to replace the Gateway’s current IP address with a new IP address.
DHCP Release. If available, click the DHCP Release button to delete the Gateway’s current IP address.
Click the Refresh button if you want to refresh the displayed information. Click Help for more information.
Figure 6-54: Gateway
Page 71
64
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Status Tab
Wireless-G ADSL Gateway with SRX200
The Local Network Tab
This screen displays information about the Gateway’s local network.
Local Network
This screen displays the following: the local Mac Address, IP Address, Subnet Mask, DHCP Server, Start IP Address, and End IP Address.
To view the DHCP Client Table, click the DHCP Client Table button. To view the ARP/RARP Table, click the ARP/RARP Table button.
DHCP Clients Table. The DHCP Active IP Table shows the current DHCP Client data. You will see the computer name, IP address, MAC address, and expiration time of the dynamic IP address for the clients using the DHCP server. (This data is stored in temporary memory and changes periodically.) Click the Refresh button if you want to refresh the displayed information. To delete a client from the DHCP server, select the client, and then click the Delete button. Click the Close button to return to the Local Network screen.
ARP/RARP Table. An ARP request is a request sent by the Gateway asking clients with IP addresses for their MAC addresses, so the Gateway can map IP addresses to MAC addresses. RARP is the reverse of ARP. The ARP/RARP Table shows the current data for the local network clients of the Gateway. You will see their IP addresses and MAC addresses. (This data is stored in temporary memory and changes periodically.) Click the Refresh button if you want to refresh the displayed information. Click the Close button to return to the Local Network screen.
Click the Refresh button if you want to refresh the displayed information. Click Help for more information.
Figure 6-57: ARP/RARP Table
Figure 6-55: Local Network
Figure 6-56: DHCP Active IP Table
Page 72
65
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Status Tab
Wireless-G ADSL Gateway with SRX200
The Wireless Tab
This screen displays information about the Gateway’s wireless network.
Wireless
This screen displays the following: the Wireless Firmware Version, MAC Address, Mode, SSID, Channel, and Encryption Function.
Click the Wireless Clients Connected button to view a list of the wireless clients connected to the Gateway, along with their computer names, IP addresses, and MAC addresses. Click the Refresh button if you want to refresh the displayed information. Click the Close button to return to the Wireless screen.
Click the Refresh button if you want to refresh the displayed information. Click Help for more information.
Figure 6-59: Networked Computers
Figure 6-58: Wireless
Page 73
66
Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200 The Status Tab
Wireless-G ADSL Gateway with SRX200
The DSL Connection Tab
This screen shows information about the DSL connection.
DSL Status
This section shows the following: Status, Downstream Rate, and Upstream Rate.
PVC Connection
This section displays the following information: Encapsulation, Multiplexing, QoS, Pcr Rate, Scr Rate, Autodetect, VPI, VCI, Enable status, and PVC Status.
Click the Refresh button if you want to refresh the displayed information. Click Help for more information.
Figure 6-60: DSL Connection
Page 74
67
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
Appendix A: Troubleshooting
This appendix consists of two parts: “Common Problems and Solutions” and “Frequently Asked Questions.” Provided are possible solutions to problems that may occur during the installation and operation of the Gateway. Read the descriptions below to help you solve your problems. If you can’t find an answer here, check the Linksys international website at www.linksys.com/international.
Common Problems and Solutions
1. I need to set a static IP address on a computer.
You can assign a static IP address to a computer by performing the following steps:
• For Windows 98 and Me:
1. Click Start, Settings, and Control Panel. Double-click Network.
2. In The following network components are installed box, select the TCP/IP-> associated with your Ethernet adapter. If you only have one Ethernet adapter installed, you will only see one TCP/IP line with no association to an Ethernet adapter. Highlight it and click the Properties button.
3. In the TCP/IP properties window, select the IP address tab, and select Specify an IP address. Enter a unique IP address that is not used by any other computer on the network connected to the Gateway. Make sure that each IP address is unique for each computer or network device.
4. Click the Gateway tab, and in the New Gateway prompt, enter 192.168.1.1, which is the default IP address of the Gateway. Click the Add button to accept the entry.
5. Click the DNS tab, and make sure the DNS Enabled option is selected. Enter the Host and Domain names (e.g., John for Host and home for Domain). Enter the DNS entry provided by your ISP. If your ISP has not provided the DNS IP address, contact your ISP to get that information or go to its website for the information.
6. Click the OK button in the TCP/IP properties window, and click Close or the OK button for the Network window.
7. Restart the computer when asked.
• For Windows 2000:
1. Click Start, Settings, and Control Panel. Double-click Network and Dial-Up Connections.
2. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option.
3. In the Components checked are used by this connection box, highlight Internet Protocol (TCP/IP), and click the Properties button. Select Use the following IP address option.
4. Enter a uniqu e IP address that is not used by any other computer on the network co nnected to the Gateway.
5. Enter the Subnet Mask, 255.255.255.0.
6. Enter the Default Gateway, 192.168.1.1 (Gateway’s default IP address).
Page 75
68
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
7. Toward the bottom of the window, select Use the following DNS server addresses, and enter the Preferred DNS server and Alternative DNS server (provided by your ISP). Contact your ISP or go on its website to find the information.
8. Click the OK button in the Internet Protocol (TCP/IP) Properties window, and click the OK button in the Local Area Connection Properties window.
9. Restart the computer if asked.
• For Windows XP: The following instructions assume you are running Windows XP with the default interface. If you are using the Classic interface (where the icons and menus look like previous Windows versions), please follow the instructions for Windows 2000.
1. Click Start and Control Panel.
2. Click the Network and Internet Connections icon and then the Network Connections icon.
3. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option.
4. In the This connection uses the following items box, highlight Internet Protocol (TCP/IP). Click the Properties button.
5. Enter a uniqu e IP address that is not used by any other computer on the network co nnected to the Gateway.
6. Enter the Subnet Mask, 255.255.255.0.
7. Enter the Default Gateway, 192.168.1.1 (Gateway’s default IP address).
8. Toward the bottom of the window, select Use the following DNS server addresses, and enter the Preferred DNS server and Alternative DNS server (provided by your ISP). Contact your ISP or go on its website to find the information.
9. Click the OK button in the Internet Protocol (TCP/IP) Properties window. Click the OK button in the Local Area Connection Properties window.
2. I want to test my Internet connection.
A. Check your TCP/IP settings. For Windows 98, Me, 2000, and XP:
• Refer to Windows Help for details. Make sure Obtain IP address automatically is selected in the settings. For Windows NT 4.0:
• Click Start, Settings, and Control Panel. Double-click the Network icon.
• Click the Protocol tab, and double-click on TCP/IP Protocol.
• When the window appears, make sure you have selected the correct Adapter for your Ethernet adapter and set it for Obtain an IP address from a DHCP server.
• Click the OK button in the TCP/IP Protocol Properties window, and click the Close button in the Network window.
• Restart the computer if asked.
B. Open a command prompt.
Page 76
69
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
For Windows 98 and Me:
• Click Start and Run. In the Open field, type in command. Press the Enter key or click the OK button.
For Windows NT, 2000, and XP:
• Click Start and Run. In the Open field, type cmd. Press the Enter key or click the OK button. In the command prompt, type ping 192.168.1.1 and press the Enter key.
• If you get a reply, the computer is communicating with the Gateway.
• If you do NOT get a reply, please check the cable, and make sure Obtain an IP address automatically is selected in the TCP/IP settings for your Ethernet adapter.
C. In the command prompt, type ping followed by your Internet or WAN IP address and press the Enter key.
The Internet or WAN IP Address can be found on the Status screen of the Gateway’s web-based utility. For example, if your Internet or WAN IP address is 1.2.3.4, you would enter ping 1.2.3.4 and press the Enter key.
• If you get a reply, the computer is connected to the Gateway.
• If you do NOT get a reply, try the ping command from a different computer to verify that your original computer is not the cause of the problem.
D. In the command prompt, type ping www.yahoo.com and press the Enter key.
• If you get a reply, the computer is connected to the Internet. If you cannot open a webpage, try the ping command from a different computer to verify that your original computer is not the cause of the problem.
• If you do NOT get a reply, there may be a problem with the connection. Try the ping command from a different computer to verify that your original computer is not the cause of the problem.
3. I am not getting an IP address on the Internet with my Internet connection.
• Refer to “Problem #2, I want to test my Internet connection” to verify that you have connectivity.
1. Make sure you are using the right Internet connection settings. Contact your ISP to see if your Internet connection type is RFC 1483 Bridged, RFC 1483 Routed, RFC 2516 PPPoE, RFC 2364 PPPoA, Bridged Mode Only, or IPoA. Please r efer to the Setup section of “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200” for details on Internet connection settings.
2. Make sure you have the right cable. Check to see if the Gateway column has a solidly lit ADSL LED.
3. Make sure the cable connecting from your Gateway’s ADSL port is connected to the wall jack of the ADSL service line. Verify that the Status page of the Gateway’s web-based utility shows a valid IP address from your ISP.
4. Turn off the computer and Gateway. Wait 30 seconds, and then turn on the Gateway, and computer. Check the Status tab of the Gateway’s web-based utility to see if you get an IP address.
4. I am not able to access the Setup page of the Gateway’s web-based utility.
• Refer to “Problem #2, I want to test my Internet connection” to verify that your computer is properly connected to the Gateway.
1. Refer to “Appendix C: Finding the MAC Address and IP address for Your Ethernet Adapter” to verify that your computer has an IP Address, Subnet Mask, Gateway, and DNS.
2. Set a static IP address on your system; refer to “Problem #1: I need to set a static IP address.”
Page 77
70
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
3. Refer to “Problem #10: I am a PPPoE user, and I need to remove the proxy settings or the dial-up pop­up window.”
5. I can’t get my Vi rtual Private Network (VPN) working through th e Gateway.
Access the Gateway’s web interface by going to http://192.168.1.1 or the IP address of the Gateway, and go to the Security tab. Make sure you have IPsec passthrough and/or PPTP pass-through enabled.
• VPNs that use IPSec with the ESP (Encapsulation Security Payload known as protocol 50) authentication will work fine. At least one IPSec session will work through the Gateway; however, simultaneous IPSec sessions may be possible, depending on the specifics of your VPNs.
• VPNs that use IPSec and AH (Authentication Header known as protocol 51) are incompatible with the Gateway. AH has limitations due to occasional incompatibility with the NAT standard.
• Change the IP address for the Gateway to another subnet to avoid a conflict between the VPN IP address and your local IP address. For example, if your VPN server assigns an IP address 192.168.1.X (X is a number from 1 to 254) and your local LAN IP address is 192.168.1.X (X is the same number used in the VPN IP address), the Gateway will have difficulties routing information to the right location. If you change the Gateway’s IP address to 192.168.2.1, that should solve the problem. Change the Gateway’s IP address through the Setup tab of the web interface.
• If you assigned a static IP address to any computer or network device on the network, you need to change its IP address accordingly to 192.168.2.Y (Y being any number from 1 to 254). Note that each IP address must be unique within the network.
• Your VPN may require port 500/UDP packets to be passed to the computer that is connecting to the IPSec server. Refer to “Problem #7, I need to set up online game hosting or use other Internet applications” for details.
• Check the Linksys international website for more information at www.linksys.com/international.
6. I need to set up a server behind my Gateway and make it available to the public.
To use a server like a web, ftp, or mail server, you need to know the respective port numbers they are using. For example, port 80 (HTTP) is used for web; port 21 (FTP) is used for FTP, and port 25 (SMTP outgoing) and port 110 (POP3 incoming) are used for the mail server. You can get more information by viewing the documentation provided with the server you installed.
• Follow these steps to set up port forwarding through the Gateway’s web-based utility. We will be setting up web, ftp, and mail servers.
1. Access the Gateway’s web-based utility by going to http://192.168.1.1 or the IP address of the Gateway. Go to the Applications and Gaming => Port Range Forwarding tab.
2. Enter any name you want to use for the Customized Application.
3. Enter the External Port range of the service you are using. For example, if you have a web server , you would enter the range 80 to 80.
4. Check the protocol you will be using, TCP and/or UDP.
5. Enter the IP address of the computer or network device that you want the port server to go to. For example, if the web server’s Ethernet adapter IP address is 192.168.1.100, you would enter 100 in the
Page 78
71
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
field provided. Check “Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter” for details on getting an IP address.
6. Check the Enable option for the port services you want to use. Consider the example below:
Customized Application External Port TCP UDP IP Address Enable Web server 80 to 80 X 192.168.1.100 X FTP server 21 to 21 X 192.168.1.101 X SMTP (outgoing) 25 to 25 X 192.168.1.102 X POP3 (incoming) 110 to 110 X 192.168.1.102 X
When you have completed the configuration, click the Save Settings button.
7. I need to set up online game hosting or use other Internet applications.
If you want to play online games or use Internet applications, most will work without doing any port forwarding or DMZ hosting. There may be cases when you want to host an online game or Internet application. This would require you to set up the Gateway to deliver incoming packets or data to a specific computer. This also applies to the Internet applications you are using. The best way to get the information on what port services to use is to go to the website of the online game or application you want to use. Follow these steps to set up online game hosting or use a certain Internet application:
1. Access the Gateway’s web interface by going to http://192.168.1.1 or the IP address of the Gateway. Go to the Applications and Gaming => Port Range Forwarding tab.
2. Enter any name you want to use for the Customized Application.
3. Enter the External Port range of the service you are using. For example, if you want to host Unreal Tournament (UT), you would enter the range 7777 to 27900.
4. Check the protocol you will be using, TCP and/or UDP.
5. Enter the IP address of the computer or network device that you want the port server to go to. For example, if the web server’s Ethernet adapter IP address is 192.168.1.100, you would enter 100 in the field provided. Check “Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter” for details on getting an IP address.
6. Check the Enable option for the port services you want to use. Consider the example below:
Customized Application External Port TCP UDP IP Address Enable UT 7777 to 27900 X X 192.168.1.100 X Halflife 27015 to 27015 X X 192.168.1.105 X PC Anywhere 5631 to 5631 X 192.168.1.102 X VPN IPSEC 500 to 500 X 192.168.1.100 X
When you have completed the configuration, click the Save Settings button.
Page 79
72
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
8. I can’t get the Internet game, server, or ap plication to work.
If you are having difficulties getting any Internet game, server, or application to function properly, consider exposing one computer to the Internet using DeMilitarized Zone (DMZ) hosting. This option is available when an application requires too many ports or when you are not sure which port services to use. Make sure you disable all the forwarding entries if you want to successfully use DMZ hosting, since forwarding has priority over DMZ hosting. (In other words, data that enters the Gateway will be checked first by the forwarding settings. If the port number that the data enters from does not have port forwarding, then the Gateway will send the data to whichever computer or network device you set for DMZ hosting.)
• Follow these steps to set DMZ hosting:
1. Access the Gateway’s web-based utility by going to http://192.168.1.1 or the IP address of the Gateway. Go to the Applications and Gaming => DMZ tab. Click Enabled and enter the IP of the computer.
2. Check the Port Forwarding pages and disable or remove the entries you have entered for forwarding. Keep this information in case you want to use it at a later time.
• Once completed with the configuration, click the Save Settings button.
9. I forgot my password, or the password prompt always appears when I am saving settings to the Gateway.
• Reset the Gateway to factory default by pressing the Reset button for 10 seconds and then releasing it. If
you are still getting prompted for a password when saving settings, then perform the following steps:
1. Access the Gateway’s web-based utility by going to http://192.168.1.1 or the IP address of the Gateway. Enter the default username and password admin, and click the Administrations => Management tab.
2. Enter a different password in the Gate way Password field, and enter the same password in the second field to confirm the password.
3. Click the Save Settings button.
10.I am a PPPoE user, and I need to remove the proxy settings or the dial-up pop-up window.
If you have proxy settings, you need to disable these on your computer. Because the Gateway is the gateway for the Internet connection, the computer does not need any proxy settings to gain access. Please follow these directions to verify that you do not have any proxy settings and that the browser you use is set to connect directly to the LAN.
• For Microsoft Internet Explorer 5.0 or higher:
1. Click Start, Settings, and Control Panel. Double-click Internet Options.
2. Click the Connections tab.
3. Click the LAN settings button and remove anything that is checked.
4. Click the OK button to go back to the previous screen.
5. Click the option Never dial a connection. This will remove any dial-up pop-ups for PPPoE users.
Page 80
73
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
• For Netscape 6 or higher:
1. Start Netscape Navigator, and click Edit, Preferences, Advanced, and Proxies.
2. Make sure you have Direct connection to the Internet selected on this screen.
3. Close all the windows to finish.
11.To start over, I need to set the Gateway to factory default.
Hold the Reset button for 10 seconds and then release it. This will return the Internet settings, password, forwarding, and other settings on the Gateway to the factory default settings. In other words, the Gateway will revert to its original factory configuration.
12.I need to upgrade the firmware.
In order to upgrade the firmware with the latest features, you need to go to the Linksys international website and download the latest firmware at www.linksys.com/international.
• Follow these steps:
1. Go to the Linksys international website at http://www.linksys.com/international and select your region or country.
2. Click the Products tab and select the Gateway.
3. On the Gateway’s webpage, click Firmware, and then download the latest firmware for the Gateway.
4. To upgrade the firmware, follow the steps in the Administration section found in “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200.”
13.The firmware upgrade failed, and/or the Power LED is flashing.
The upgrade could have failed for a number of reasons. Follow these steps to upgrade the firmware and/or make the Power LED stop flashing:
• If the firmware upgrade failed, use the TFTP program (it was downloaded along with the firmware). Open the pdf that was downloaded along with the firmware and TFTP program, and follow the pdf’s instructions.
• Set a static IP address on the computer; refer to “Problem #1, I need to set a static IP address.” Use the following IP address settings for the computer you are using: IP Address: 192.168.1.50 Subnet Mask: 255.255.255.0 Gateway: 192.168.1.1
• Perform the upgrade using the TFTP program or the Gateway’s web-based utility through its Administration tab.
14.My DSL service’s PPPoE is always disconnecting.
PPPoE is not actually a dedicated or always-on connection. The DSL ISP can disconnect the service after a period of inactivity, just like a normal phone dial-up connection to the Internet.
• There is a setup option to “keep alive” the connection. This may not always work, so you may need to re­establish connection periodically.
Page 81
74
Appendix A: Troubleshooting Common Problems and Solutions
Wireless-G ADSL Gateway with SRX200
1. To connect to the Gateway, go to the web browser, and enter http://192.168.1.1 or the IP address of the Gateway.
2. Enter the username and password, if asked. (The default username and password is admin.)
3. On the Setup screen, select the option Keep Alive, and set the Redial Period option at 30 (seconds) (this will keep the connection to the ISP and will not disconnect.
4. Click the Save Settings button. Click the Status tab, and click the Connect button.
5. You may see the login status display as Connecting. Press the F5 key to refresh the screen, until you see the login status display as Connected.
6. Click the Save Settings button to continue.
• If the connection is lost again, follow steps 1- 6 to re-establish connection.
15.I can’t access my e-mail, web, or VPN, or I am getting corrupted data from the Internet.
The Maximum Transmission Unit (MTU) setting may need to be adjusted. By default, the MTU is set automatically.
• If you are having some difficulties, perform the following steps:
1. To connect to the Gateway, go to the web browser, and enter http://192.168.1.1 or the IP address of the Gateway.
2. Enter the username and password, if asked. (The default username and password is admin.)
3. Look for the MTU option, and select Manual. In the Size field, enter 1492.
4. Click the Save Settings button to continue.
• If your difficulties continue, change the Size to different values. T ry this list of values, one value at a time, in this order, until your problem is solved: 1462 1400 1362 1300
16.The Power LED flashes continuously.
The Power LED lights up when the device is first powered up. In the meantime, the system will boot up itself and check for proper operation. After finishing the checking procedure, the LED remains steady to show that the system is working fine. If the LED continues to flash after this time, the device is not working properly. Try to flash the firmware by assigning a static IP address to the computer, and then upgrade the firmware. Try using the following settings, IP Address: 192.168.1.50 and Subnet Mask: 255.255.255.0.
17.When I enter a URL or IP address, I get a time-out error or am prompted to retry.
• Check if other computers work. If they do, ensure that your computer’s IP settings are correct (IP Address, Subnet Mask, Default Gateway, and DNS). Restart the computer that is having a problem.
• If the computers are configured correctly, but still not working, check the Gateway. Ensure that it is connected and powered on. Connect to it and check its settings. (If you cannot connect to it, check the LAN and power connections.)
Page 82
75
Appendix A: Troubleshooting Frequently Asked Questions
Wireless-G ADSL Gateway with SRX200
• If the Gateway is configured correctly, check your Internet connection (DSL/cable modem, etc.) to see if it is working correctly. You can remove the Gateway to verify a direct connection.
• Manually configure the TCP/IP settings with a DNS address provided by your ISP.
• Make sure that your browser is set to connect directly and that any dial-up is disabled. For Internet Explorer, click Tools, Internet Options, and then the Connection tab. Make sure that Internet Explorer is set to Never dial a connection. For Netscape Navigator, click Edit, Preferences, Advanced, and Proxy. Make sure that Netscape Navigator is set to Direct connection to the Internet.
18.I’m trying to access the Gateway’s Web-based Utility, but I do not see the login screen. Instead, I see a screen saying, “404 Forbidden.”
If you are using Windows Explorer, perform the following steps until you see the Web-based Utility’s login screen (Netscape Navigator will require similar steps):
1. Click File. Make sure Work Offline is NOT checked.
2. Press CTRL + F5. This is a hard refresh, which will force Windows Explorer to load new webpages, not cached ones.
• Click Tools. Click Internet Options. Click the Security tab. Click the Default lev el button. Make sure the security level is Medium or lower. Then click the OK button.
Frequently Asked Questions
What is the maximum number of IP addresses that the Gateway will support?
The Gateway will support up to 253 IP addresses.
Is IPSec Passthrough supported by the Gateway?
Yes, it is a built-in feature that is enabled by default.
Where is the Gateway installed on the network?
In a typical environment, the Gateway is installed between the ADSL wall jack and the LAN.
Does the Gateway support IPX or AppleTalk?
No. TCP/IP is the only protocol standard for the Internet and has become the global standard for communications. IPX, a NetWare communications protocol used only to route messages from one node to another, and AppleTalk, a communications protocol used on Apple and Macintosh networks, can be used for LAN to LAN connections, but those protocols cannot connect from the Internet to a LAN.
Does the LAN connection of the Gateway support 100Mbps Ethernet?
The Gateway supports 100Mbps over the auto-sensing Fast Ethernet 10/100 switch on the LAN side of the Gateway.
Page 83
76
Appendix A: Troubleshooting Frequently Asked Questions
Wireless-G ADSL Gateway with SRX200
What is Network Address Translation and what is it used for?
Network Address Translation (NAT) translates multiple IP addresses on the private LAN to one public address that is sent out to the Internet. This adds a level of security since the address of a computer connected to the private LAN is never transmitted on the Internet. Furthermore, NAT allows the Gateway to be used with low cost Internet accounts when only one TCP/IP address is provided by the ISP. The user may have many private addresses behind this single address provided by the ISP.
Does the Gateway support any operating system other than Windows 98SE, Windows Millennium, Windows 2000, or Windows XP?
Yes, but Linksys does not, at this time, provide technical support for setup, configuration or troubleshooting of any non-Windows operating systems.
Does the Gateway support ICQ send file?
Yes, with the following fix: click ICQ menu -> preference -> connections tab->, and check I am behind a firewall or proxy. Then set the firewall time-out to 80 seconds in the firewall setting. The Internet user can then send a file to a user behind the Gateway.
I set up an Unreal Tournament Server, but others on the LAN cannot join. What do I need to do?
If you have a dedicated Unreal Tournament server running, you need to create a static IP for each of the LAN computers and forward ports 7777, 7778, 7779, 7780, 7781, and 27900 to the IP address of the server. You can also use a port forwarding range of 7777 ~ 27900. If you want to use the UT Server Admin, forward another port. (Port 8080 usually works well but is used for remote admin. You may have to disable this.) Then in the [UWeb.WebServer] section of the server.ini file, set the ListenPort to 8080 (to match the mapped port above) and ServerName to the IP assigned to the Gateway from your ISP.
Can multiple gamers on the LAN get on one game server and play simultaneously with just one public IP address?
It depends on which network game or what kind of game server you are using. For example, Unreal Tournament supports multi-login with one public IP.
How do I get Half-Life: Team Fortress to work with the Gateway?
The default client port for Half-Life is 27005. The computers on your LAN need to have “+clientport 2700x” added to the HL shortcut command line; the x would be 6, 7, 8, and on up. This lets multiple computers connect to the same server. One problem: Version 1.0.1.6 won’t let multiple computers with the same CD key connect at the same time, even if on the same LAN (not a problem with 1.0.1.3). As far as hosting games, the HL server does not need to be in the DMZ. Just forward port 27015 to the local IP address of the server computer.
Page 84
77
Appendix A: Troubleshooting Frequently Asked Questions
Wireless-G ADSL Gateway with SRX200
The web page hangs; downloads are corrupt, or nothing but junk characters are being displayed on the screen. What do I need to do?
Force your Ethernet adapter to 10Mbps or half duplex mode, and turn off the “Auto-negotiate” feature of your Ethernet adapter as a temporary measure. (Please look at the Network Control Panel in your Ethernet adapter’s Advanced Properties tab.) Make sure that your proxy setting is disabled in the browser. Check our website at www.linksys.com/international for more information.
If all else fails in the installation, what can I do?
Reset the Gateway by holding down the reset button until the Power LED fully turns on and off. Reset your DSL modem by powering the unit off and then on. Obtain and flash the latest firmware release that is readily available on the Linksys international website, www.linksys.com/international.
How will I be notified of new Gateway firmware upgrades?
All Linksys firmware upgrades are posted on the Linksys international website at www.linksys.com/international, where they can be downloaded for free. To upgrade the Gateway’s firmware, use the Administration tab of the Gateway’s web-based utility . If the Gateway’s Internet connection is working well, there is no need to download a newer firmware version, unless that version contains new features that you would like to use.
Will the Gateway function in a Macintosh environment?
Yes, but the Gateway’s setup pages are accessible only through Internet Explorer 4.0 or Netscape Navigator 4.0 or higher for Macintosh.
I am not able to get the web configuration screen for the Gateway. What can I do?
You may have to remove the proxy settings on your Internet browser, e.g., Netscape Navigator or Internet Explorer. Check with your browser documentation, and make sure that your browser is set to connect directly and that any dial-up is disabled. For Internet Explorer, click Tools, Internet Options, and then the Connection tab. Make sure that Internet Explorer is set to Never dial a connection. For Netscape Navigator, click Edit, Preferences, Advanced, and Proxy. Make sure that Netscape Navigator is set to Direct connection to the Internet.
What is DMZ Hosting?
Demilitarized Zone (DMZ) allows one IP address (computer) to be exposed to the Internet. Some applications require multiple TCP/IP ports to be open. It is recommended that you set your computer with a static IP if you want to use DMZ Hosting. To get the LAN IP address, see “Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter.”
If DMZ Hosting is used, does the exposed user share the public IP with the Gateway?
No.
Does the Gateway pass PPTP packets or actively route PPTP sessions?
The Gateway allows PPTP packets to pass through.
Page 85
78
Appendix A: Troubleshooting Frequently Asked Questions
Wireless-G ADSL Gateway with SRX200
Is the Gateway cross-platform compatible?
Any platform that supports Ethernet and TCP/IP is compatible with the Gateway.
How many ports can be simultaneously forwarded?
Theoretically, the Gateway can establish 520 sessions at the same time, but you can only forward 10 ranges of ports.
What are the advanced features of the Gateway?
The Gateway’s advanced features include Advanced Wireless settings, Filters, Port Forwarding, Routing, and DDNS.
How can I check whether I have static or DHCP IP Addresses? Consult your ISP to obtain this information.
How do I get mIRC to work with the Gateway?
Under the Port Forwarding tab, set port forwarding to 113 for the computer on which you are using mIRC.
Can the Gateway act as my DHCP server?
Yes. The Gateway has DHCP server software built-in.
Can I run an application from a remote computer over the wireless network?
This will depend on whether or not the application is designed to be used over a network. Consult the application’s documentation to determine if it supports operation over a network.
What is the IEEE 802.11g standard?
It is one of the IEEE standards for wireless networks. The 802.11g standard allows wireless networking hardware from different manufacturers to communicate, provided that the hardware complies with the 802.11g standard. The 802.11g standard states a maximum data transfer rate of 54Mbps and an operating frequency of 2.4GHz.
What is the IEEE 802.11b standard?
It is one of the IEEE standards for wireless networks. The 802.11b standard allows wireless networking hardware from different manufacturers to communicate, provided that the hardware complies with the 802.11b standard. The 802.11b standard states a maximum data transfer rate of 11Mbps and an operating frequency of 2.4GHz.
Page 86
79
Appendix A: Troubleshooting Frequently Asked Questions
Wireless-G ADSL Gateway with SRX200
What IEEE 802.11b and 802.11g features are supported?
The product supports the following IEEE 802.11b and IEEE 802.11g functions:
• CSMA/CA plus Acknowledge protocol
• Multi-Channel Roaming
• Automatic Rate Selection
• RTS/CTS feature
• Fragmentation
• Power Management
It also supports OFDM technology for 802.11g networking.
What is ad-hoc mode?
When a wireless network is set to ad-hoc mode, the wireless-equipped computers are configured to communicate directly with each other, peer-to-peer without the use of an access point.
What is infrastructure mode?
When a wireless network is set to infrastructure mode, the wireless network is configured to communicate with a network through a wireless access point.
What is roaming?
Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single access point. Before using the roaming function, the computer must make sure that it is the same channel number with the access point of dedicated coverage area.
To achieve true seamless connectivity, the wireless LAN must incorporate a number of different functions. Each node and access point, for example, must always acknowledge receipt of each message. Each node must maintain contact with the wireless network even when not actually transmitting data. Achieving these functions simultaneously requires a dynamic RF networking technology that links access points and nodes. In such a system, the user’s end node undertakes a search for the best possible access to the system. First, it evaluates such factors as signal strength and quality, as well as the message load currently being carried by each access point and the distance of each access point to the wired backbone. Based on that information, the node next selects the right access point and registers its address. Communications between end node and host computer can then be transmitted up and down the backbone.
As the user moves on, the end node’s RF transmitter regularly checks the system to determine whether it is in touch with the original access point or whether it should seek a new one. When a node no longer receives acknowledgment from its original access point, it undertakes a new search. Upon finding a new access point, it then re-registers, and the communication process continues.
Page 87
80
Appendix A: Troubleshooting Frequently Asked Questions
Wireless-G ADSL Gateway with SRX200
What is the ISM band?
The FCC and their counterparts outside of the U.S. have set aside bandwidth for unlicensed use in the ISM (Industrial, Scientific and Medical) band. Spectrum in the vicinity of 2.4 GHz, in particular, is being made available worldwide. This presents a truly revolutionary opportunity to place convenient high-speed wireless capabilities in the hands of users around the globe.
What is Spread Spectrum?
Spread Spectrum technology is a wideband radio frequency technique developed by the military for use in reliable, secure, mission-critical communications systems. It is designed to trade off bandwidth efficiency for reliability, integrity, and security. In other words, more bandwidth is consumed than in the case of narrowband transmission, but the trade-off produces a signal that is, in effect, louder and thus easier to detect, provided that the receiver knows the parameters of the spread-spectrum signal being broadcast. If a receiver is not tuned to the right frequency, a spread-spectrum signal looks like background noise. There are two main alternatives, Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS).
What is DSSS? What is FHSS? And what are their differences?
Frequency-Hopping Spread-Spectrum (FHSS) uses a narrowband carrier that changes frequency in a pattern that is known to both transmitter and receiver. Properly synchronized, the net effect is to maintain a single logical channel. To an unintended receiver, FHSS appears to be short-duration impulse noise. Direct-Sequence Spread­Spectrum (DSSS) generates a redundant bit pattern for each bit to be transmitted. This bit pattern is called a chip (or chipping code). The longer the chip, the greater the probability that the original data can be recovered. Even if one or more bits in the chip are damaged during transmission, statistical techniques embedded in the radio can recover the original data without the need for retransmission. To an unintended receiver, DSSS appears as low power wideband noise and is rejected (ignored) by most narrowband receivers.
Will the information be intercepted while it is being transmitted through the air?
WLAN features two-fold protection in security. On the hardware side, as with Direct Sequence Spread Spectrum technology, it has the inherent security feature of scrambling. On the software side, WLAN offers the encryption function (WEP) to enhance security and access control.
What is WEP?
WEP is Wired Equivalent Privacy, a data privacy mechanism based on a 64-bit or 128-bit shared key algorithm, as described in the IEEE 802.11 standard.
What is a MAC Address?
The Media Access Control (MAC) address is a unique number assigned by the manufacturer to any Ethernet networking device, such as a network adapter, that allows the network to identify it at the hardware level. For all practical purposes, this number is usually permanent. Unlike IP addresses, which can change every time a computer logs onto the network, the MAC address of a device stays the same, making it a valuable identifier for the network.
Page 88
81
Appendix A: Troubleshooting Frequently Asked Questions
Wireless-G ADSL Gateway with SRX200
How do I reset the Gateway?
Press the Reset button on the back panel for about ten seconds. This will reset the Gateway to its default settings.
How do I resolve issues with signal loss?
There is no way to know the exact range of your wireless network without testing. Every obstacle placed between the Gateway and a wireless computer will create signal loss. Lead glass, metal, concrete floors, water and walls will inhibit the signal and reduce range. Start with the Gateway and your wireless computer in the same room and move it away in small increments to determine the maximum range in your environment.
You may also try using different channels, as this may eliminate interference affecting only one channel.
I have excellent signal strength, but I cannot see my network.
Wireless security is probably enabled on the Gateway, but not on your wireless adapter (or vice versa). Verify that the same wireless security settings are being used on all devices of your wireless network.
How many channels/frequencies are available with the Gateway?
There are eleven available channels, ranging from 1 to 11, in most of North, Central, and South America. There are thirteen available channels, ranging from 1 to 13, in most of Europe. There may be additional channels available in other regions, subject to the regulations of your region and/or country.
If your questions are not addressed here, refer to the Linksys international website, www.linksys.com/international.
Page 89
82
Appendix B: Wireless Security Security Precautions
Wireless-G ADSL Gateway with SRX200
Appendix B: Wireless Security
Linksys wants to make wireless networking as safe and easy for you as possible. The current generation of Linksys products provide several network security features, but they require specific action on your part for implementation. So, keep the following in mind whenever you are setting up or using your wireless network.
Security Precautions
The following is a complete list of security precautions to take (at least steps 1 through 5 should be followed):
1. Change the default SSID.
2. Disable SSID Broadcast.
3. Change the default password for the Administrator account.
4. Enable MAC Address Filtering.
5. Change the SSID periodically.
6. Use the highest encryption algorithm possible. Use WPA if it is available. Please note that this may reduce your network performance.
7. Change the WEP encryption keys periodically.
For information on implementing these security features, refer to “Chapter 6: Configuring the Wireless-G ADSL Gateway with SRX200.”
Security Threats Facing Wireless Networks
Wireless networks are easy to find. Hackers know that in order to join a wireless network, wireless networking products first listen for “beacon messages”. These messages can be easily decrypted and contain much of the network’s information, such as the network’s SSID (Service Set Identifier). Here are the steps you can take:
Change the administrator’s password regularly. With every wireless networking device you use, keep in mind that network settings (SSID, WEP keys, etc.) are stored in its firmware. Your network administrator is the only person who can change network settings. If a hacker gets a hold of the administrator’s password, he, too, can change those settings. So, make it harder for a hacker to get that information. Change the administrator’s password regularly.
NOTE: Some of these security features are available only through the network gateway, router, or access point. Refer to the gateway, router , or access point’s documentation for more information.
Page 90
83
Appendix B: Wireless Security Security Threats Facing Wireless Networks
Wireless-G ADSL Gateway with SRX200
SSID. There are several things to keep in mind about the SSID:
1. Disable Broadcast
2. Make it unique
3. Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.
Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.
Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.
MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.
WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.
There are several ways that WEP can be maximized:
1. Use the highest level of encryption possible
2. Use “Shared Key” authentication
3. Change your WEP key regularly
WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. WPA2 is the newer version of Wi-Fi Protected Access with stronger encryption than WPA. WPA gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. WPA Enterprise and WPA2 Enterprise use a RADIUS (Remote Authentication Dial-In User Service) server for authentication.
IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.
Page 91
84
Appendix B: Wireless Security Security Threats Facing Wireless Networks
Wireless-G ADSL Gateway with SRX200
WPA Personal. Select the type of algorithm, TKIP or AES, enter a password in the Passphrase field of 8-63
characters, and enter a Group Key Renewal period time between 0 and 99,999 seconds, which instructs the Gateway or other device how often it should change the encryption keys.
WPA2 Personal. WPA2 gives you one encryption method, AES, with dynamic encryption keys. Enter a Passphrase of 8-63 characters. Then enter a Group Key Renewal period, which instructs the Gateway how often it should change the encryption keys.
WPA2 Mixed Mode. WPA2 Mixed Mode gives you TKIP+AES encryption. Enter a Passphrase of 8-63 characters. Then enter a Group Key Renewal period, which instructs the Gateway how often it should change the encryption keys.
WPA Enterprise. This method is WPA used in coordination with a RADIUS server. Enter the IP address and port number of the RADIUS server. Then enter the key shared between the Gateway and its RADIUS server. Then enter a Key Renewal Timeout period, which instructs the Gateway how often it should change the encryption keys.
WPA2 Enterprise. This method is WPA2 used in coordination with a RADIUS server. Enter the IP address and port number of the RADIUS server. Then enter the key shared between the Gateway and its RADIUS server. Then enter a Key Renewal Timeout period, which instructs the Gateway how often it should change the encryption keys.
Implementing encryption may have a negative impact on your network’s performance, but if you are transmitting sensitive data over your network, encryption should be used.
These security recommendations should help keep your mind at ease while you are enjoying the most flexible and convenient technology Linksys has to offer.
Page 92
85
Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter Windows 98 or Me Instructions
Wireless-G ADSL Gateway with SRX200
Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter
This section describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC filtering feature of the Gateway. You can also find the IP address of your computer’s Ethernet adapter. This IP address is used for the Gateway’s filtering, forw arding, and/or DMZ features. Follow the steps in this appendix to find the adapter’s MAC or IP address in Windows 98, Me, 2000, or XP.
Windows 98 or Me Instructions
1. Click Start and Run. In the Open field, enter winipcfg. Then press the Enter key or the OK button.
2. When the IP Configuration screen appears, select the Ethernet adapter you have connected to the Gateway via a CAT 5 Ethernet network cable. See Figure C-1.
3. Write down the Adapter Address as shown on your computer screen (see Figure C-2). This is the MAC address for your Ethernet adapter and is shown in hexadecimal as a series of numbers and letters.
The MAC address/Adapter Address is what you will use for MAC filtering. The example in Figure D-2 shows the Ethernet adapters’s MAC address as 00-00-00-00-00-00. Your computer will show something different.
The example in Figure C-2 shows the Ethernet adapter’s IP address as 192.168.1.100. Your computer may show something different.
Figure C-2: MAC Address/Adapter
Address
Figure C-1: IP Configuration Screen
NOTE: The MAC address is also called the Adapter Address.
Page 93
86
Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter Windows 2000 or XP Instructions
Wireless-G ADSL Gateway with SRX200
Windows 2000 or XP Instructions
1. Click Start and Run. In the Open field, enter cmd. Press the Enter key or click the OK button.
2. At the command prompt, enter ipconfig /all. Then press the Enter key.
3. Write down the Physical Address as shown on your computer screen (Figure C-3); it is the MAC address for your Ethernet adapter. This appears as a series of numbers and letters.
The MAC address/Physical Address is what you will use for MAC filtering. The example in Figure C-3 shows the Ethernet adapters’s MAC address as 00-00-00-00-00-00. Your computer will show something different.
The example in Figure C-3 shows the Ethernet adapter’s IP address as 192.168.1.100. Your computer may show something different.
Figure C-3: MAC Address/Physical Address
NOTE: The MAC address is also called the Physical Address.
Page 94
87
Appendix D: Upgrading Firmware
Wireless-G ADSL Gateway with SRX200
Appendix D: Upgrading Firmware
To upgrade the Gateway’s firmware:
1. Download the Gateway’s firmware upgrade file from www.linksys.com/international.
2. Extract the file on your computer.
3. Open the Gateway’s Web-based Utility and click the Administration tab.
4. Click the Firmware Upgrade tab.
5. Click the Browse button to find the extracted file, and then double-click it.
6. Click the Upgrade button, and follow the on-screen instructions.
Figure D-1: Firmware Upgrade
Page 95
88
Appendix E: Glossary
Wireless-G ADSL Gateway with SRX200
Appendix E: Glossary
802.11b - A wireless networking standard that specifies a maximum data transfer rate of 11Mbps and an
operating frequency of 2.4GHz.
802.11g - A wireless networking standard that specifies a maximum data transfer rate of 54Mbps, an operating
frequency of 2.4GHz, and backward compatibility with 802.11b devices. Access Point - A device that allows wireless-equipped computers and other devices to communicate with a
wired network. Also used to expand the range of a wireless network.
Adapter - A device that adds network functionality to your PC. Ad-hoc - A group of wireless devices communicating directly with each other (peer-to-peer) without the use of
an access point.
AES (Advanced Encryption Standard) - A security method that uses symmetric 128-bit block data encryption. Backbone - The part of a network that connects most of the systems and networks together, and handles the
most data.
Bandwidth - The transmission capacity of a given device or network. Beacon Interval - Data transmitted on your wireless network that keeps the network synchronized. Bit - A binary digit. Boot - To start a device and cause it to start executing instructions. Bridge - A device that connects different networks. Broadband - An always-on, fast Internet connection. Browser - An application program that provides a way to look at and interact with all the information on the
World Wide Web. Buffer - A shared or assigned memory area that is used to support and coordinate different computing and
networking activities so one isn't held up by the other. Byte - A unit of data that is usually eight bits long
Page 96
89
Appendix E: Glossary
Wireless-G ADSL Gateway with SRX200
Cable Modem - A device that connects a computer to the cable television network, which in turn connects to the
Internet. CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance) - A method of data transfer that is used to prevent
data collisions.
CTS (Clear To Send) - A signal sent by a wireless device, signifying that it is ready to receive data. Daisy Chain - A method used to connect devices in a series, one after the other. Database - A collection of data that is organized so that its contents can easily be accessed, managed, and
updated. DDNS (Dynamic Domain Name System) - Allows the hosting of a website, FTP server, or e-mail server with a
fixed domain name (e.g., www.xyz.com) and a dynamic IP address.
Default Gateway - A device that forwards Internet traffic from your local area network. DHCP (Dynamic Host Configuration Protocol) - A networking protocol that allows administrators to assign
temporary IP addresses to network computers by “leasing” an IP address to a user for a limited amount of time, instead of assigning permanent IP addresses.
DMZ (Demilitarized Zone) - Removes the Router's firewall protection from one PC, allowing it to be “seen” from the Internet.
DNS (Domain Name Server) - The IP address of your ISP's server, which translates the names of websites into IP addresses.
Domain - A specific name for a network of computers. Download - To receive a file transmitted over a network. DSL (Digital Subscriber Line) - An always-on broadband connection over traditional phone lines. DSSS (Direct-Sequence Spread-Spectrum) - Frequency transmission with a redundant bit pattern resulting in a
lower probability of information being lost in transit. DTIM (Delivery Traffic Indication Message) - A message included in data packets that can increase wireless
efficiency. Dynamic IP Address - A temporary IP address assigned by a DHCP server.
Page 97
90
Appendix E: Glossary
Wireless-G ADSL Gateway with SRX200
EAP (Extensible Authentication Protocol) - A general authentication protocol used to control network access.
Many specific authentication methods work within this framework. EAP-PEAP (Extensible Authentication Protocol-Protected Extensible Authentication Protocol) - A mutual
authentication method that uses a combination of digital certificates and another system, such as passwords. EAP-TLS (Extensible Authentication Protocol-Transport Layer Security) - A mutual authentication method that
uses digital certificates.
Encryption - Encoding data transmitted in a network. Ethernet - A networking protocol that specifies how data is placed on and retrieved from a common transmission
medium.
Finger - A program that tells you the name associated with an e-mail address. Firewall - A set of related programs located at a network gateway server that protects the resources of a
network from users from other networks.
Firmware - The programming code that runs a networking device. Fragmentation -Breaking a packet into smaller units when transmitting over a network medium that cannot
support the original size of the packet.
FTP (File Transfer Protocol) - A protocol used to transfer files over a TCP/IP network. Full Duplex - The ability of a networking device to receive and transmit data simultaneously. Gateway - A device that interconnects networks with different, incompatible communications protocols. Half Duplex - Data transmission that can occur in two directions over a single line, but only one direction at a
time.
Hardware - The physical aspect of computers, telecommunications, and other information technology devices. HTTP (HyperText Transport Protocol) - The communications protocol used to connect to servers on the World
Wide Web.
Infrastructure - A wireless network that is bridged to a wired network via an access point. IP (Internet Protocol) - A protocol used to send data over a network. IP Address - The address used to identify a computer or device on a network.
Page 98
91
Appendix E: Glossary
Wireless-G ADSL Gateway with SRX200
IPCONFIG - A Windows 2000 and XP utility that displays the IP address for a particular networking device. IPSec (Internet Protocol Security) - A VPN protocol used to implement secure exchange of packets at the IP layer. ISM band - Radio bandwidth utilized in wireless transmissions. ISP (Internet Service Provider) - A company that provides access to the Internet. LAN - The computers and networking products that make up your local network. LEAP (Lightweight Extensible Authentication Protocol) - A mutual authentication method that uses a username
and password system. MAC (Media Access Control) Address - The unique address that a manufacturer assigns to each networking
device.
Mbps (MegaBits Per Second) - One million bits per second; a unit of measurement for data transmission. mIRC - An Internet Relay Chat program that runs under Windows. Multicasting - Sending data to a group of destinations at once. NAT (Network Address Translation) - NA T technolog y translates IP addresses of a local area network to a different
IP address for the Internet. Network - A series of computers or devices connected for the purpose of data sharing, storage, and/or
transmission between users.
NNTP (Network News Transfer Protocol) - The protocol used to connect to Usenet groups on the Internet. Node - A network junction or connection point, typically a computer or work station. OFDM (Orthogonal Frequency Division Multiplexing) - Frequency transmission that separates the data stream
into a number of lower-speed data streams, which are then transmitted in parallel to prevent information from being lost in transit.
Packet - A unit of data sent over a network. Passphrase - Used much like a password, a passphrase simplifies the WEP encryption process by automatically
generating the WEP encryption keys for Linksys products. PEAP (Protected Extensible Authentication Protocol) - A mutual authentication method that uses a combination
of digital certificates and another system, such as passwords.
Page 99
92
Appendix E: Glossary
Wireless-G ADSL Gateway with SRX200
Ping (Packet INternet Groper) - An Internet utility used to determine whether a particular IP address is online. POP3 (Post Office Protocol 3) - A standard mail server commonly used on the Internet. Port - The connection point on a computer or networking device used for plugging in cables or adapters. Power over Ethernet (PoE) - A technology enabling an Ethernet network cable to deliver both data and power. PPPoE (Point to Point Protocol over Ethernet) - A type of broadband connection that provides authentication
(username and password) in addition to data transport. PPTP (Point-to-Point Tunneling Protocol) - A VPN protocol that allows the Point to Point Protocol (PPP) to be
tunneled through an IP network. This protocol is also used as a type of broadband connection in Europe.
Preamble - Part of the wireless signal that synchronizes network traffic. RADIUS (Remote Authentication Dial-In User Service) - A protocol that uses an authentication server to control
network access.
RJ-45 (Registered Jack-45) - An Ethernet connector that holds up to eight wires. Roaming - The ability to take a wireless device from one access point's range to another without losing the
connection.
Router - A networking device that connects multiple networks together. RTS (Request To Send) - A networking method of coordinating large packets through the RTS Threshold setting. Server - Any computer whose function in a network is to provide user access to files, printing, communications,
and other services.
SMTP (Simple Mail Transfer Protocol) - The standard e-mail protocol on the Internet. SNMP (Simple Network Management Protocol) - A widely used network monitoring and control protocol. Software - Instructions for the computer. A series of instructions that performs a particular task is called a
“program”.
SOHO (Small Office/Home Office) - Market segment of professionals who work at home or in small offices. SPI (Stateful Packet Inspection) Firewall - A technology that inspects incoming packets of information before
allowing them to enter the network.
Page 100
93
Appendix E: Glossary
Wireless-G ADSL Gateway with SRX200
Spread Spectrum - Wideband radio frequency technique used for more reliable and secure data transmission. SSID (Service Set IDentifier) - Your wireless network's name. Static IP Address - A fixed address assigned to a computer or device that is connected to a network. Static Routing - Forwarding data in a network via a fixed path. Subnet Mask - An address code that determines the size of the network. Switch - 1. A data switch that connects computing devices to host computers, allowing a large number of
devices to share a limited number of ports. 2. A device for making, breaking, or changing the connections in an electrical circuit.
TCP (Transmission Control Protocol) - A network protocol for transmitting data that requires acknowledgement from the recipient of data sent.
TCP/IP (Transmission Control Protocol/Internet Protocol) - A set of instructions PCs use to communicate over a network.
Telnet - A user command and TCP/IP protocol used for accessing remote PCs. TFTP (Trivial File Transfer Protocol) - A version of the TCP/IP FTP protocol that has no directory or password
capability.
Throughput - The amount of data moved successfully from one node to another in a given time period. TKIP (Temporal Key Integrity Protocol) - a wireless encryption protocol that provides dynamic encryption keys for
each packet transmitted.
Topology - The physical layout of a network. TX Rate - Transmission Rate. UDP (User Datagram Protocol) - A network protocol for transmitting data that does not require acknowledgement
from the recipient of the data that is sent.
Upgrade - To replace existing software or firmware with a newer version. Upload - To transmit a file over a network. URL (Uniform Resource Locator) - The address of a file located on the Internet.
Loading...