Cisco Systems RVL200 User Manual

4-Port SSL/IPSec VPN Router
USER GUIDE
BUSINESS SERIES
Model: RVL200
About This Guide
Icon Descriptions
While reading through the User Guide you may see various icons that call attention to specific items. Below is a description of these icons:
NOTE: This check mark indicates that there is
a note of interest and is something that you should pay special attention to while using the product.
WARNING: This exclamation point indicates
that there is a caution or warning and it is something that could damage your property or product.
WEB: This globe icon indicates a noteworthy
website address or e-mail address.
Open Source
This product may contain material licensed to you under the GNU General Public License or other open-source software licenses. Upon request, open-source software source code is available at cost from Linksys for at least three years from the product purchase date.
WEB: For detailed license terms and additional
information visit: www.linksys.com/gpl
Online Resources
Website addresses in this document are listed without http:// in front of the address because most current web browsers do not require it. If you use an older web browser, you may have to add http:// in front of the web address.
Resource Website
Linksys www.linksys.com
Linksys International www.linksys.com/international
Glossary www.linksys.com/glossary
Network Security www.linksys.com/security
Copyright and Trademarks
Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2007 Cisco Systems, Inc. All rights reserved. Other brands and product names are trademarks or registered trademarks of their respective holders.
4-Port SSL/IPSec VPN Router
ii
Table of Contents
Chapter 1: Introduction 1
Introduction to the Router. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Introduction to Virtual Private Networks (VPNs) . . . . . . . . . . . . . . . . . . . . . . . . . . 1
VPN Router to VPN Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Computer (using SSL VPN client software) to VPN Router . . . . . . . . . . . . . . . . . 2
Chapter 2: Product Overview 3
Front Panel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Back Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Chapter 3: Installation 4
Physical Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Horizontal Placement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Vertical Placement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Wall-Mounting Placement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Cable Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Chapter 4: Advanced Conguration 6
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Internet Explorer 6.0 or Higher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Netscape Communicator 8.0 or Higher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
How to Access the Web-Based Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
System Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Network Setting Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Firewall Setting Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
IPSec VPN Setting Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
SSL VPN Setting Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Log Setting Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Setup Tab > Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
Setup > Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12
Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Setup > Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Setup > DMZ Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
DMZ Host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Setup Tab > Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Forwarding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Setup > UPnP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
UPnP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
4-Port SSL/IPSec VPN Router
i
Table of Contents
Setup > One-to-One NAT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
One-to-One NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Setup > MAC Clone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
MAC Clone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Setup > DDNS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
DDNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Setup > Advanced Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Advanced Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
DHCP > Setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
DHCP > Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
DHCP > Multiple VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Multiple VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
DHCP > Inter-VLAN Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Inter-VLAN Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
System Management > Diagnostic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Diagnostic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
System Management > Factory Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Factory Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
System Management > Firmware Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Firmware Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
System Management > Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
System Management > Setting Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Import Conguration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Export Conguration File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
System Management > Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
System Management > IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Port Management > Port Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
Basic Per Port Cong. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
Port Management > Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
Port Management > Create VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Create VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Port Management > Port Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Port Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Port Management > VLAN Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
VLAN Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
QoS > Bandwidth Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
Bandwidth Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
4-Port SSL/IPSec VPN Router
ii
Table of Contents
QoS > QoS Setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
QoS Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
QoS > Queue Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Queue Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
QoS > DSCP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
DSCP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
Firewall > General . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
General . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
Firewall > Access Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Access Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Add a New Access Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Firewall > Content Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Content Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
IPSec VPN > Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
IPSec VPN > Gateway to Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
Add a New Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
IPSec Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
IPSec VPN > VPN Pass Through . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
VPN Pass Through . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
SSL VPN > Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
SSL VPN > Certicate Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
SSL VPN > User Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
User Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
SSL VPN > Virtual Passage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Virtual Passage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
SNMP > Global Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
Global Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
SNMP > Views. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
SNMP > Group Prole. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Group Prole . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
SNMP > Group Membership. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Group Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
SNMP > Communities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
SNMP > Notication Recipient . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Notication Recipient . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Log > System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
System Log. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Log > System Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
4-Port SSL/IPSec VPN Router
iii
Table of Contents
Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Basic Setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Access Rule Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Linksys Web Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Appendix A: Troubleshooting 55
Appendix B: Virtual Passage SSL VPN Client 5
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
Before You Begin (Windows OS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
Internet Explorer 6.0 or Higher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
Netscape Communicator 8.0 or Higher . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Make the SSL VPN Portal a Trusted Site (Windows OS) . . . . . . . . . . . . . . . . . . . . . .57
Login for the SSL VPN Portal (Windows OS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58
Installation of the Virtual Passage Client (Windows OS) . . . . . . . . . . . . . . . . . . . . .58
Logout of the SSL VPN Portal (Windows OS) . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Windows Vista Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Login for the SSL VPN Portal (Mac OS X) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Installation of the Virtual Passage Client (Mac OS X). . . . . . . . . . . . . . . . . . . . . . . .60
Removal of the Virtual Passage Client (Mac OS X) . . . . . . . . . . . . . . . . . . . . . . . . .61
Before You Begin (Linux OS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
Login for the SSL VPN Portal (Linux OS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
Installation of the Virtual Passage Client (Linux OS) . . . . . . . . . . . . . . . . . . . . . . . .62
Removal of the Virtual Passage Client (Linux OS). . . . . . . . . . . . . . . . . . . . . . . . . .63
Appendix C: Bandwidth Management 64
6
4-Port SSL/IPSec VPN Router
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Creation of New Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Creation of New Bandwidth Management Rules. . . . . . . . . . . . . . . . . . . . . . . . . .65
Appendix D: Active Directory Server 66
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70
Appendix E: User for the Active Directory Server 71
Appendix F: Internet Authentication Service (IAS) Server 7
Appendix G: Lightweight Directory Access Protocol (LDAP) Server 7
3
9
iv
Table of Contents
Appendix H: Deployment in an Existing Network 80
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
LAN-to-LAN Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
WAN-to-LAN Connection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81
Appendix I: Gateway-to-Gateway VPN Tunnel 82
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82
Conguration when the Remote Gateway Uses a Static IP Address . . . . . . . . . . . . . .82
Conguration of the RVL200. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82
Conguration of the RV082 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Conguration of PC 1 and PC 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Conguration when the Remote Gateway Uses a Dynamic IP Address. . . . . . . . . . . .84
Conguration of the RVL200. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
Conguration of the RV082 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
Conguration of PC 1 and PC 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Conguration when Both Gateways Use Dynamic IP Addresses . . . . . . . . . . . . . . . .85
Conguration of the RVL200. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Conguration of the RV082 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Conguration of PC 1 and PC 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Appendix J: IPSec NAT Traversal 87
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Conguration of Scenario 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Conguration of Router A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Conguration of Router B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
Conguration of Scenario 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89
Conguration of the One-to-One NAT Rules. . . . . . . . . . . . . . . . . . . . . . . . . .89
Conguration of Router B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89
Conguration of Router A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90
Appendix K: Conguration of Multiple Subnets 91
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91
RVL200-to-RV042 Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91
RVL200 Conguration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91
RV042 #1 Conguration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
RV042 #2 Conguration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93
Appendix L: Multiple VLANs with Computers 94
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
RVL200-to-SRW2048 Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
RVL200 Conguration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
SRW2048 Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95
4-Port SSL/IPSec VPN Router
v
Table of Contents
Appendix M: Multiple VLANs and Subnets 96
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96
RVL200 Conguration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96
Basic Instructions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96
Inter-VLAN Routing Option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97
Appendix N: Access of Multiple VLANs over a SSL VPN Tunnel 98
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
SSL VPN Connection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Static Route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Windows Operating System (OS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Mac OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Linux OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
Appendix O: Firmware Upgrade 99
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
Internet Explorer 6.0 or Higher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
How to Access the Web-Based Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
Upgrade the Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
Appendix P: Battery Replacement 101
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Replace the Lithium Battery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101
Appendix Q: Specications 102
Appendix S: Regulatory Information 10
FCC Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104
Safety Notices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Industry Canada Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Avis d’Industrie Canada. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
User Information for Consumer Products Covered by EU Directive 2002/96/EC on Waste
Electric and Electronic Equipment (WEEE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Appendix T: Contact Information 109
4
4-Port SSL/IPSec VPN Router
vi
Chapter 1
Introduction

Chapter 1: Introduction

Introduction to the Router

Thank you for choosing the Linksys 4-Port SSL/IPSec VPN Router. The Router is an advanced Internet-sharing network solution for your small business needs. Like any router, it lets multiple computers in your office share an Internet connection. It features a built-in, 4-port, full­duplex, 10/100 Ethernet switch to connect four computers directly, or you can connect more switches to create as big a network as you need. If you have multiple routers in your Local Area Network (LAN), you can use the Router’s multiple subnet feature to support those routers.
The five Secure Sockets Layer (SSL) Virtual Private Network (VPN) tunnels gives your mobile workers a secure and easy way to stay connected. Additionally, an IPSec (Internet Protocol Security), gateway-to-gateway VPN tunnel facilitates branch office connectivity. As an essential element of your business, the Router provides security functions for authentication, encryption, and firewall. Additional security features includes Denial of Service (DoS) prevention and HTTPS management, while the Quality of Service (QoS) features provide consistent voice and video quality throughout your business.
Use the browser-based utility to configure settings and run convenient wizards that will help you set up the Router and its access rules.

Introduction to Virtual Private Networks (VPNs)

A VPN is a connection between two endpoints—a VPN Router, for instance—in different networks that allows private data to be sent securely over a shared or public network, such as the Internet. This establishes a private network that can send data securely between these two locations or networks.
VPN Router supports two of the most popular VPN tunnel types, SSL and IPSec.
There are two basic ways to create a VPN connection:

VPN Router to VPN Router

computer (using SSL VPN client software) to
VPN Router
NOTE: The 4-Port SSL/IPSec VPN Router does
not support IPSec VPN client software.
The VPN Router creates a “tunnel” or channel between two endpoints, so that data transmissions between them are secure. A computer with SSL or IPSec VPN client software can be one of the two endpoints.
For an IPSec VPN tunnel, any computer with the built-in IPSec Security Manager (Windows 2000 and XP) allows the VPN Router to create a VPN tunnel using IPSec (Windows Vista uses a similar utility). Other Windows operating systems require additional, third-party VPN client software applications that support IPSec to be installed.
For an SSL VPN tunnel, a computer can download the Virtual Passage SSL VPN client software during first-time connection to the SSL VPN Portal. (See “Appendix B: Virtual Passage SSL VPN Client.”)
VPN Router to VPN Router
An example of a VPN Router-to-VPN Router VPN would be as follows. At home, a telecommuter uses his VPN Router for his always-on Internet connection. His Router is configured with his office’s VPN settings. When he connects to his office’s router, the two routers create a VPN tunnel, encrypting and decrypting data. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the telecommuter now has a secure connection to the central office’s network, as if he were physically connected.
The private network is established by creating a “tunnel”. A VPN tunnel connects the two computers or networks and allows data to be transmitted over the Internet as if it were still within those networks. A VPN tunnel uses industry­standard encryption and authentication techniques to secure the data sent between the two networks.
Virtual Private Networking was created as a cost-effective alternative to using a private, dedicated, leased line for a private network. It can be used to create secure networks linking a central office with branch offices, telecommuters, and/or professionals on the road. The 4-Port SSL/IPSec
4-Port SSL/IPSec VPN Router
1
Chapter 1
Introduction
Home
VPN Router
VPN Router
VPN Router to VPN Router
Internet
Central Office

Computer (using SSL VPN client software) to VPN Router

For additional information and instructions about creating your own VPN, visit the Linksys website at www.linksys.com.
The following is an example of a computer-to-VPN Router VPN. In her hotel room, a traveling businesswoman connects to her Internet Service Provider (ISP). Her notebook computer has VPN client software that is configured with her office’s VPN settings. She accesses the VPN client software and connects to the VPN Router at the central office. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the businesswoman now has a secure connection to the central office’s network, as if she were physically connected.
Off-Site
Internet
Notebook with VPN
Client Software
VPN
Router
Central Office
Computer to VPN Router
4-Port SSL/IPSec VPN Router
2
Chapter 2
Product Overview

Chapter 2: Product Overview

Front Panel

Power (Green) The Power LED lights up green
and stays on while the Router is powered on.
Diag (Orange) The Diag LED lights up when
the Router is not ready for use. During a warm reset, it flashes slowly. During a reset to factory defaults, it flashes quickly. The LED turns off when the Router is ready for use.
Internet (Green) The Internet LED lights up
and stays on when there is a connection made through the Internet port. It flashes to indicate network activity over the Internet port.
Ethernet 1-4 (Green) These numbered LEDs,
corresponding with the numbered ports on the Router’s back panel, serve two purposes. If the LED is solidly lit, the Router is connected to a device through that port. It flashes to indicate network activity over that port.

Back Panel

Reset The Reset button can be used in one
of two ways, warm reset and reset to factory defaults.
Warm Reset If the Router is having problems
connecting to the Internet, press and hold in the Reset button for four seconds using the tip of a pen. This is similar to pressing the power button on your computer to reboot it. The Diag LED will flash slowly during a warm reset.
Reset to Factory Defaults If you are
experiencing extreme problems with the Router and have tried all other troubleshooting measures, press and hold in the Reset button for ten seconds. This will restore the factory defaults and clear all of the Router’s custom settings. The Diag LED will flash quickly during a reset to factory defaults.
You can also reset the Router to factory defaults using the System Management > Factory Defaults screen of the Router’s web-based utility.
Internet The Internet port is where you will
connect your cable or DSL Internet connection.
4-Port SSL/IPSec VPN Router
Ethernet 1, 2, 3, 4 These Ethernet ports (1, 2, 3,
4) connect the Router to wired computers and other Ethernet network devices.
Power The Power port is where you connect
the power adapter.
3
Chapter 3
64.4 mm
Installation

Chapter 3: Installation

Physical Installation

There are three ways to place the Router. The first way is to place it horizontally on a surface, so it sits on its four rubber feet. The second way is to stand the Router vertically on a surface. The third way is to mount it on a wall.

Horizontal Placement

The Router has four rubber feet on its bottom panel. Set the Router on a flat surface near an electrical outlet.
WARNING: Do not place excessive weight
on top of the Router; too much weight could damage it.

Wall-Mounting Placement

The Router has two wall-mount slots on its bottom. The distance between the two slots is 64.4 mm (2.535 inches).
Two screws are needed to mount the Router.
Suggested Mounting Hardware
5.0-6.0 mm 1.6-2.0 mm
Note: Mounting hardware illustrations are not
true to scale.
NOTE: Linksys is not responsible for damages
incurred by insecure wall-mounting hardware.
Follow these instructions:
Determine where you want to mount the Router. Make
1. sure that the wall you use is smooth, flat, dry, and sturdy. Also make sure the location is within reach of an electrical outlet.
3.0-3.8 mm

Vertical Placement

Line up the edges of the Router with the two stands.
1.
Insert the Router into the stands.
2.
Set the Router on a flat surface near an electrical
3. outlet.
Drill two holes into the wall. Make sure the holes are
2.
64.4 mm (2.535 inches) apart.
Insert a screw into each hole and leave 5 mm
3. (0.2 inches) of its head exposed.
Maneuver the Router so the wall-mount slots line up
4. with the two screws.
Place the wall-mount slots over the screws and slide
5. the Router down until the screws fit snugly into the wall-mount slots.
Print this page at 100% size. Cut along the dotted line, and place on the wall to drill precise spacing.
4-Port SSL/IPSec VPN Router
Wall Mounting Template
4
Chapter 3

Cable Connection

To connect network devices to the Router, follow these instructions:
Before you begin, make sure that all of your hardware
1. is powered off, including the Router, computers, switches, and cable or DSL modem.
Connect your cable or DSL modem’s Ethernet cable to
2. the Router’s Internet port.
Connect to the Internet Port
Installation
Power on the cable or DSL modem.
3.
Connect one end of an Ethernet network cable to
4. one of the numbered ports on the back of the Router. Connect the other end to an Ethernet port on a network device, such as a computer or switch.
Repeat this step to connect more computers or other network devices to the Router.
Connect to the Network Device
Connect the included power adapter to the Router’s
5. Power port, and then plug the power adapter into an electrical outlet.
Connect the Power
The Power LED on the front panel will light up as soon
6. as the power adapter is connected properly.
Power on your computers and other network devices.
7.
4-Port SSL/IPSec VPN Router
5
Chapter 4

Chapter 4: Advanced Configuration

Overview

For your convenience, use the Router’s web-based utility to set it up and configure it. This chapter will explain all of the functions in this utility.
These are the main tabs of the utility: System Summary, Setup, DHCP, System Management, Port Management, QoS, Firewall, IPSec VPN, SSL VPN, SNMP, Log, Wizard, Support, and Logout. Additional tabs will be available after you click one of the main tabs.

Before You Begin

The Router’s web-based utility and SSL VPN Portal support Internet Explorer 6.0 (or higher) and Netscape Communicator 8.0 (or higher) running in a Windows environment.
To configure the SSL VPN software, your web browser must have SSL, JavaScript, ActiveX, and cookies enabled (these settings are enabled by default). If the settings are already enabled, proceed to the next section, “How to Access the Web-Based Utility”. If the settings are disabled, you should enable them before configuring the Router. Proceed to the instructions for your web browser.
Advanced Configuration
Click OK.
6.
Click the Security tab.
7.
Click Custom Level.
8.
Select Enable for Active scripting, Allow paste operations
9. via script, and Scripting of Java applets.
Internet Explorer > Tools > Internet Options > Security
Click OK.
10.
Click the Privacy tab.
11.
Click Advanced.
12.
Deselect (remove the checkmark from) Override
13. automatic cookie handling.

Internet Explorer 6.0 or Higher

Open Internet Explorer.
1.
Click Tools.
2.
Click Internet Options.
3.
Click the Advanced tab.
4.
Select Use SSL 2.0 and Use SSL 3.0.
5.
Internet Explorer > Tools > Internet Options > Advanced
Internet Explorer > Tools > Internet Options > Privacy
Click OK.
14.
Click OK again.
15.

Netscape Communicator 8.0 or Higher

Open Netscape Communicator.
1.
Click Tools.
2.
Click Options.
3.
Click Site Controls.
4.
Click the Trust Preferences tab.
5.
In the Master Settings section, click I’m Not Sure.
6.
4-Port SSL/IPSec VPN Router
6
Chapter 4
Select Allow cookies.
7.
Select Enable JavaScript.
8.
Click Advanced.
9.
Select Enable ActiveX.
10.
Netscape Communicator > Options > Site Controls > Web Features
Click OK.
11.
Advanced Configuration

How to Access the Web-Based Utility

For local access of the Router’s web-based utility,
1. launch your web browser, and enter the Router’s default IP address, 192.168.1.1, in the Address field. Press the Enter key.
Address Bar
NOTE: If the Remote Management feature on
the Firewall > General screen has been enabled, then users with administrative privileges can remotely access the web-based utility. Use https://<WAN IP address of the Router>.
A login screen prompts you for your User Name and
2. Password. Enter admin in the User Name field, and enter admin in the Password field. (You can change the Password on the Setup > Password screen.) Then click Login.
Under Options, click Advanced.
12.
Click Security.
13.
Select Use SSL 2.0 and Use SSL 3.0.
14.
Netscape Communicator > Options > Advanced > Security
Click OK.
15.
Login Screen
After you have logged in, you will be asked to install
3. the Web Cache Cleaner application. This will prompt any user of the Router to delete all temporary Internet files, cookies, and browser history when the user logs out or closes the web browser window. (The ActiveX web cache control will be ignored by web browsers that do not support ActiveX.)
Click the link to install the Web Cache Cleaner.
4-Port SSL/IPSec VPN Router
7
Chapter 4
Click to Install the Web Cache Cleaner
On the Security Warning screen, click Yes.
4.
Advanced Configuration
Click Yes to Install
The Web Cache Cleaner will be installed in C:\\
5. WINDOWS\Downloaded Program Files. Proceed to the rest of this chapter for information about the web­based utility.
When you or another user logs out, a Warning screen will appear. It will ask you to confirm that you want to delete the History Item for the Router. Click Yes.
Click Yes to Delete History

System Summary

The first screen that appears is the System Summary screen, which displays the Router’s current status and settings. This information is read-only. Underlined text is hyperlinked to related setup pages, so if you click a hyperlink, the related setup screen will appear. On the right-hand side of this screen and all other screens of the utility is a link to the Site Map, which has links to all of the utility’s tabs. Click Site Map to view the Site Map. Then, click the desired tab.
System Summary
Site Map

System Information

Serial Number Displayed here is the serial number of the
Router.
Firmware version Displayed here is the current version
number of the firmware installed on the Router.
CPU Displayed here are the type and speed of the
processor installed on the Router.
DRAM Displayed here is the size of DRAM installed on
the Router’s motherboard.
Flash Displayed here is the size of flash memory installed
on the Router’s board.
4-Port SSL/IPSec VPN Router
8
Chapter 4
Advanced Configuration
System Up Time This is the length of time in days, hours,
and minutes that the Router has been active. The current time and date are also displayed.

Port Statistics

Click any port on the Router’s rear panel image to see the status of the selected port. If the port is disabled, it will be red; if enabled, it will be black. If the port is connected, it will be green. Information about the selected port will appear in a separate window.
The port’s Summary table shows the settings of the selected port, including Type, Interface, Link Status, Port Activity, Priority, Speed Status, Duplex Status, and Auto negotiation.
click Renew to update the DHCP Lease Time or get a new IP address. If the WAN port is set to PPPoE or PPTP, two buttons, Connect and Disconnect, will be available.
Mode It shows the Router’s Working Mode (Gateway or
Router), and it hyperlinks to the Dynamic Routing section on the Advanced Routing screen of the Setup tab.
DNS It shows all DNS Server Addresses and hyperlinks to
the WAN Connection Type settings on the Network screen of the Setup tab.
DDNS It shows the DDNS settings of the Router’s WAN
port and hyperlinks to the DDNS screen of the Setup tab.
DMZ Host It shows the DMZ Private IP Address and
hyperlinks to the DMZ Host screen of the Setup tab. The default is Disabled.

Firewall Setting Status

SPI (Stateful Packet Inspection) It shows the status
(On/Off) of the SPI setting and hyperlinks to the General screen of the Firewall tab.
DoS (Denial of Service) It shows the status (On/Off) of
the DoS setting and hyperlinks to the General screen of the Firewall tab.
Port 1 Information
For the selected port, the statistics table shows this information: number of packets received, number of packet bytes received, number of packets transmitted, number of packet bytes transmitted, and number of packet errors.
To update the on-screen information, click Refresh. To exit this screen, click Close.

Network Setting Status

LAN IP It shows the current LAN IP Address of the Router,
as seen by internal users on the network, and it hyperlinks to the LAN Setting section on the Network screen of the Setup tab.
WAN IP This shows the current WAN IP address of the
Router, as seen by external users on the Internet and hyperlinks to the WAN Connection Type settings on the Network screen of the Setup tab. If the port is set to Obtain an IP automatically, two buttons, Release and Renew, will be available. Click Release to release the IP address, and
Block WAN Request It shows the status (On/Off) of the
Block WAN Request setting and hyperlinks to the General screen of the Firewall tab.
Remote Management It shows the status (On/Off) of
the Remote Management setting and hyperlinks to the General screen of the Firewall tab.

IPSec VPN Setting Status

IPSec VPN Summary It hyperlinks to the Summary screen
of the IPSec VPN tab.
Tunnel(s) Used It shows the number of VPN tunnels
used.
Tunnel(s) Available It shows the number of VPN tunnels
available.

SSL VPN Setting Status

SSL VPN Summary It hyperlinks to the Summary screen
of the SSL VPN tab.
Tunnel(s) Used It shows the number of VPN tunnels
used.
Tunnel(s) Available It shows the number of VPN tunnels
available.

Log Setting Status

It hyperlinks to the System Log screen of the Log tab.
4-Port SSL/IPSec VPN Router
9
Chapter 4
Advanced Configuration
If you have not set up the e-mail server on the Log tab, the message, “E-mail cannot be sent because you have not specified an outbound SMTP server address,” will be displayed.
If you have set up the mail server but the log has not been generated due to the Log Queue Length and Log Time Threshold settings, the message, “E-mail settings have been configured,” will be displayed.
If you have set up the e-mail server and the log has been sent to the e-mail server, the message, “E-mail settings have been configured and sent out normally,” will be displayed.
If you have set up the e-mail server and the log cannot be sent to the e-mail server, the message, “E-mail cannot be sent out, probably use incorrect settings,” will be displayed.

Setup Tab > Network

The Setup > Network screen shows all of the Router’s basic setup functions. The Router can be used in most network setups without changing any of the default values; however, you may need to enter additional information in order to connect to the Internet through an ISP (Internet Service Provider) or broadband (DSL or cable) carrier. The setup information is provided by your ISP.
LAN Setting
The MAC Address of the Router is displayed.
Device IP Address and Subnet Mask The default values
are 192.168.1.1 for the Router’s local IP address and
255.255.255.0 for the subnet mask.
Multiple Subnet Select this option to enable the Multiple
Subnet feature. Then click Add/Edit to create or modify subnet(s). A new screen appears.
Create or Modify a Subnet
Setup > Network

Network

Host Name and Domain Name Enter a host and domain
name for the Router. Some ISPs require these names as identification. You may have to check with your ISP to see if your broadband Internet service has been configured with a host and domain name. In most cases, you can leave these fields blank.
LAN IP Address Enter the LAN IP address.
Subnet Mask Enter the subnet mask.
Click Add to List. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the Network screen.
If you want to modify a subnet you have created, select it and Make changes.. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the Network screen.
If you want to delete a subnet you have created, select it and click Delete selected subnet. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the Network screen.
WAN Connection Type
WAN
There are four connection types available: Obtain an IP automatically, Static IP, PPPoE, and PPTP. Depending on which connection type you select, you will see various settings.
Obtain an IP Automatically
If your ISP automatically assigns an IP address, select
Obtain an IP automatically. (Most cable modem
4-Port SSL/IPSec VPN Router
10
Chapter 4
Advanced Configuration
subscribers use this connection type.) Your ISP assigns these values.
Obtain an IP Automatically
DNS Server (Required) 1/2 If you select Use the
Following DNS Server Addresses, enter your DNS server IP address(es) (enter at least one). Multiple DNS server IP settings are common. In most cases, the first available DNS entry is used.
MTU The MTU (Maximum Transmission Unit) setting
specifies the largest packet size permitted for network transmission. To manually set a value, select Manual and enter the value desired in the field provided. You should leave this value in the 1200 to 1500 range, and most DSL users should use the value 1492. The default is Auto, which allows the Router to select the best MTU for your Internet connection.
Default Gateway Address Enter the IP address of the
default gateway.
DNS Server (Required) 1/2 If you select Use the
Following DNS Server Addresses, enter your DNS server IP address(es) (enter at least one). Multiple DNS server IP settings are common. In most cases, the first available DNS entry is used.
MTU The MTU (Maximum Transmission Unit) setting
specifies the largest packet size permitted for network transmission. To manually set a value, select Manual and enter the value desired in the field provided. You should leave this value in the 1200 to 1500 range, and most DSL users should use the value 1492. The default is Auto, which allows the Router to select the best MTU for your Internet connection.
Click Save Settings to save your changes, or click Cancel Changes to undo them.
PPPoE (Point-to-Point Protocol over Ethernet)
Some DSL-based Internet Service Providers (ISPs) use PPPoE (Point-to-Point Protocol over Ethernet) to establish Internet connections for end-users. If you use a DSL line, check with your ISP to see if they use PPPoE, select PPPoE.
Click Save Settings to save your changes, or click Cancel Changes to undo them.
Static IP
If you are required to use a permanent IP address, select Static IP.
Static IP
Specify WAN IP Address Enter the external IP address of
the Router.
Subnet Mask Enter the subnet mask of the Router.
PPPoE
User Name and Password Enter your account’s User
Name and Password. The maximum number of characters is 60.
Connect on Demand If you select the Connect on
Demand option, the connection will be disconnected after a specified period of inactivity (Max Idle Time). If you have been disconnected due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. Enter the number of minutes you want to have elapsed before your Internet access disconnects. The default Max Idle Time is 5 minutes.
4-Port SSL/IPSec VPN Router
11
Chapter 4
Advanced Configuration
Keep Alive: Interval If you select the Keep Alive option,
the Router will send keep-alive packets as often as you specify. The default Interval is 30 seconds.
Keep Alive: Retry Times If you select the Keep Alive
option, the Router will send keep-alive packets as many times as you specify. If the Router does not receive a response from the ISP, then the Router will terminate the connection and start sending PADI packets after the Redial Period. The default Retry Times is 5 times.
Keep Alive: Redial Period If you select the Keep Alive
option, the Router will keep the connection alive by sending out a few data packets periodically, so your ISP thinks that the connection is still active. This option keeps your connection active indefinitely, even when it sits idle. The default Redial Period is 30 seconds.
MTU The MTU (Maximum Transmission Unit) setting
specifies the largest packet size permitted for network transmission. To manually set a value, select Manual and enter the value desired in the field provided. You should leave this value in the 1200 to 1500 range, and most DSL users should use the value 1492. The default is Auto, which allows the Router to select the best MTU for your Internet connection.
Click Save Settings to save your changes, or click Cancel
Changes to undo them.
Default Gateway Address Enter the IP address of the
default gateway.
DNS Server (Required) 1/2 If you select Use the
Following DNS Server Addresses, enter your DNS server IP address(es) (enter at least one). Multiple DNS server IP settings are common. In most cases, the first available DNS entry is used.
User Name and Password Enter your account’s User
Name and Password. The maximum number of characters is 60.
Connect on Demand If you select the Connect on
Demand option, the connection will be disconnected after a specified period of inactivity (Max Idle Time). If you have been disconnected due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. Enter the number of minutes you want to have elapsed before your Internet access disconnects. The default Max Idle Time is 5 minutes.
Keep Alive If you select the Keep Alive option, the Router
will keep the connection alive by sending out a few data packets periodically, so your ISP thinks that the connection is still active. This option keeps your connection active indefinitely, even when it sits idle. The default Redial Period is 30 seconds.
PPTP (Point-to-Point Tunneling Protocol)
Point to Point Tunneling Protocol (PPTP) is a service that applies to connections in Europe and Israel only.
PPTP
Specify WAN IP Address Enter the external IP address of
the Router.
MTU The MTU (Maximum Transmission Unit) setting
specifies the largest packet size permitted for network transmission. To manually set a value, select Manual and enter the value desired in the field provided. You should leave this value in the 1200 to 1500 range, and most DSL users should use the value 1492. The default is Auto, which allows the Router to select the best MTU for your Internet connection.
Click Save Settings to save your changes, or click Cancel Changes to undo them.

Setup > Password

The Router’s default User Name and Password is admin, and Linksys strongly recommends that you change the Router’s password from the default to a unique password.
NOTE: The password cannot be recovered if
it is lost or forgotten. If the password is lost or forgotten, you have to reset the Router to its factory default settings; this will remove all of your configuration changes.
Subnet Mask Enter the subnet mask of the Router.
4-Port SSL/IPSec VPN Router
12
Chapter 4
Setup > Password

Password

The User Name is admin; it cannot be changed.
Old Password Enter the old password. The default is
admin when you first power up the Router.
Advanced Configuration
Daylight Saving To use the daylight saving feature, select
Enabled. Enter the Month and Day of the start date, and
then enter the Month and Day of the end date.
NTP Server Enter the URL or IP address of the NTP server.
The default is time.nist.gov.
Manual
New Password Enter a new password for the Router. Your
password must have 20 or fewer characters and cannot contain any spaces.
Confirm New Password Re-enter the new password to
confirm it.
Click Save Settings to save your change, or click Cancel Changes to undo it.

Setup > Time

The Router uses the time settings to time stamp log events, automatically apply the Access Rules and Content Filter, and perform other activities for other internal purposes.

Time

To set the local time, select Set the local time using the Network Time Protocol (NTP) automatically or Set the local time Manually.
Automatic
Setup > Time > Manual
Time Zone Select your time zone (the default Time Zone
is Pacific Time).
Hours, Minutes, Seconds Enter the time.
Month, Day, Year Enter the date.
Click Save Settings to save your changes, or click Cancel Changes to undo them.

Setup > DMZ Host

The DMZ (Demilitarized Zone) Host feature allows one local user to be exposed to the Internet for use of a special-purpose service such as Internet gaming or videoconferencing. Although Port Range Forwarding can only forward 10 ranges of ports maximum, DMZ hosting forwards all the ports to one computer at the same time.
Setup > Time > Automatic
Time Zone Select your time zone (the default Time Zone
is Pacific Time).
4-Port SSL/IPSec VPN Router
Setup > DMZ Host

DMZ Host

DMZ Private IP Address Enter the local IP address of
the computer you want to expose. The default value of 0 deactivates the DMZ Host.
13
Chapter 4
Advanced Configuration
Click Save Settings to save your change, or click Cancel Changes to undo it.

Setup Tab > Forwarding

The Forwarding screen allows you to set up port range forwarding and port triggering applications. Port range forwarding can be used to set up public services or other specialized Internet applications on your network, while port triggering can be used to set up triggered ranges and forwarded ranges for Internet applications.
If the Service you need is not listed in the menu, click
Service Management to add the new service. The Service Management screen appears.
Service Management
Service Name Enter a name.
Protocol Select the protocol it uses.
Setup > Forwarding

Forwarding

Port Range Forwarding
Port forwarding can be used to set up public services on your network. When users from the Internet make certain requests on your network, the Router can forward those requests to computers equipped to handle the requests. If, for example, you set the port number 80 (HTTP) to be forwarded to IP address 192.168.1.2, then all HTTP requests from outside users will be forwarded to 192.168.1.2.
NOTE: You must disable the Router’s DHCP
function to use port forwarding.
You may use this function to establish a web server or FTP server via an IP gateway. Make sure that you enter a valid IP address. (You may need to establish a static IP address in order to properly run an Internet server.) For added security, Internet users will be able to communicate with the server, but they will not actually be connected. The packets will simply be forwarded through the Router.
Service Select the Service you want.
Port Range Enter its range.
Click Add to List. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the Forwarding screen.
If you want to modify a service you have created, select it and click Update this service. Make changes. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the Forwarding screen.
If you want to delete a service you have created, select it and click Delete selected service. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the Forwarding screen.
IP Address Enter the IP address of the server that you
want the Internet users to access.
Enable Select Enable to enable this port range forwarding
entry.
Click Add to List, and configure as many entries as you would like, up to a maximum of 30. To delete an entry, select it and click Delete selected application.
Port Triggering
Port triggering allows the Router to watch outgoing data for specific port numbers. The IP address of the computer that sends the matching data is remembered by the Router, so that when the requested data returns through the Router, the data is pulled back to the proper computer by way of IP address and port mapping rules.
4-Port SSL/IPSec VPN Router
14
Chapter 4
Advanced Configuration
Some Internet applications or games use alternate ports to communicate between the server and LAN host. When you want to use these applications, enter the triggering (outgoing) port and alternate incoming port in the Port Triggering table. Then the Router will forward the incoming packets to the LAN host.
Application Name Enter the name of the application.
Trigger Port Range Enter the starting and ending port
numbers of the trigger port range.
Incoming Port Range Enter the starting and ending port
numbers of the incoming port range.
Click Add to List, and configure as many entries as you would like, up to a maximum of 30. To delete an entry, select it and click Delete selected application.
Click Show Tables to see the details of your entries. The Port Range Forwarding Table List appears.
Port Range Forwarding Table List
Port Range Forwarding Select this option to view the
Port Range Forwarding entries.

UPnP

UPnP Function Select Yes to enable the UPnP function.
Otherwise, keep the default, No.
Service Select the Service you want.
If the Service you need is not listed in the menu, click
Service Management to add the new service. The Service Management screen appears.
Port Triggering Select this option to view the Port
Triggering entries.
Click Refresh to update the on-screen information. Click Close to exit this screen and return to the Forwarding screen.
On the Forwarding screen, click Save Settings to save your changes, or click Cancel Changes to undo them.

Setup > UPnP

Universal Plug and Play (UPnP) can be used to set up public services on your network. When the UPnP function is enabled, Windows XP can modify these entries via UPnP.
Setup > UPnP
Service Management
Service Name Enter a name.
Protocol Select the protocol it uses.
External Port Enter the external port number.
Internal Port Enter the internal port number.
Click Add to List. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the UPnP screen.
If you want to modify a service you have created, select it and click Update this service. Make changes. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the UPnP screen.
If you want to delete a service you have created, select it and click Delete selected service. Click Save Settings to save your changes, or click Cancel Changes to undo them. Click Exit to return to the UPnP screen.
Name or IP Address Enter the name or IP address of the
server that you want the Internet users to access.
Enable Select Enable to enable this UPnP entry.
Click Add to List, and configure as many entries as you would like, up to a maximum of 30. To delete an entry, select it and click Delete selected application.
Click Show Tables to see the details of your entries. The UPnP Forwarding Table List appears.
4-Port SSL/IPSec VPN Router
15
Chapter 4
UPnP Forwarding Table List
Click Refresh to update the on-screen information. Click Close to exit this screen and return to the UPnP screen.
On the UPnP screen, click Save Settings to save your changes, or click Cancel Changes to undo them.

Setup > One-to-One NAT

One-to-One NAT (Network Address Translation) creates a relationship that maps valid external IP addresses to internal IP addresses hidden by NAT. A device with an internal IP address may be accessed at the corresponding external valid IP address.
To create this relationship, define internal and external IP address ranges of equal length. Once the relationship is defined, the device with the first internal IP address is accessible at the first IP address in the external IP address range, and so forth.
For example, you have a Local Area Network (LAN) for which the ISP has assigned the IP address range of 209.19.28.16 to 209.19.28.31, with 209.19.28.16 used as the Wide Area Network (WAN) or NAT public IP address of the Router. The address range of 192.168.168.1 to 192.168.168.255 is used for the devices on the LAN. With One-to-One NAT, the devices with the internal IP addresses of 192.168.168.2 to 192.168.168.15 may be accessed at the corresponding external IP addresses.
Advanced Configuration
Setup > One-to-One NAT

One-to-One NAT

One-to-One NAT Select Enable to use the One-to-One
NAT function.
Private Range Begin Enter the starting IP address of the
internal IP address range. This is the IP address of the first device that
Public Range Begin Enter the starting IP address of the
public IP address range. This IP address is provided by the ISP. (Do not include the Router’s WAN IP Address.)
Range Length Enter the number of IP addresses in the
range. The range length cannot exceed the number of valid IP addresses. To map a single address, enter 1.
Click Add to List, and configure as many entries as you would like, up to a maximum of 64. To delete an entry, select it and click Delete selected range.
NOTE: One-to-One NAT affects how the firewall
functions work. Access to LAN devices from the Internet is allowed unless access rules are set.
Click Save Settings to save your changes, or click Cancel
Changes to undo them.
NOTE: The Router’s WAN IP address should not
be included in the range you specify.
4-Port SSL/IPSec VPN Router

Setup > MAC Clone

Some ISPs require that you register a MAC address, which is a 12-digit code assigned to a unique piece of hardware for identification. The MAC Clone feature “clones” your network adapter’s MAC address onto the Router, so you don’t have to call your ISP to change the registered MAC address to the Router’s MAC address.
For the WAN port, you can assign or clone a MAC address.
16
Chapter 4
Advanced Configuration
User Name and Password Enter your DynDNS.org
account information.
Host Name Enter your host name in the three Host Name
fields. For example, if your host name were myhouse. dyndns.org, then myhouse would go into the first field, dyndns would go into the second field, and org would go into the last field.
Click Save Settings, and the status of the DDNS function will be updated.
Setup > MAC Clone

MAC Clone

User Defined WAN MAC Address To manually clone a
MAC address, select User Defined WAN MAC Address, and then enter the 12 digits of your adapter’s MAC address.
MAC Address from this PC To clone the MAC address
of the computer you are currently using to configure the Router, select MAC Address from this PC.
Click Save Settings to save your changes, or click Cancel Changes to undo them.

Setup > DDNS

Dynamic Domain Name System (DDNS) service allows you to assign a fixed domain name to a dynamic WAN IP address, so you can host your own web, FTP or other type of TCP/IP server in your LAN. The DDNS feature is disabled by default.
Before configuring DDNS, visit www.dyndns.org and register a domain name. (The DDNS service is provided by DynDNS.org).
Internet IP Address The Router’s current Internet IP
address is displayed. Because it is dynamic, this will change.
Status The status of the DDNS function is displayed. If
the status information indicates an error, make sure you have correctly entered the information for your account with your DDNS service.
Click Save Settings to save your changes, or click Cancel Changes to undo them.

Setup > Advanced Routing

The Advanced Routing screen allows you to configure the dynamic and static routing settings.
Setup > DDNS

DDNS

DDNS Service To enable DDNS, select DynDNS.org.
Otherwise, select Disable.
4-Port SSL/IPSec VPN Router
Setup > Advanced Routing

Advanced Routing

Dynamic Routing
The Router’s dynamic routing feature can be used, so the Router will automatically adjust to physical changes in the network’s layout. Using the dynamic RIP protocol, the Router calculates the most efficient route for the network’s data packets to travel between the source and the destination, based upon the shortest paths. The RIP protocol regularly broadcasts routing information to
17
Chapter 4
Advanced Configuration
other routers on the network. It determines the route that the network packets take based on the fewest number of hops between the source and the destination.
Working Mode Select Gateway mode if the Router
is hosting your network’s connection to the Internet. Select Router mode if the Router exists on a network with other routers, including a separate network gateway that handles the Internet connection. In Router mode, any computer connected to the Router will not be able to connect to the Internet unless you have another router function as the gateway.
RIP (Routing Information Protocol) To use dynamic
routing for communication of network data, select
Enabled. Otherwise, keep the default, Disabled.
Receive RIP versions To use dynamic routing for
reception of network data, select the protocol you want:
None, RIPv1, RIPv2, or Both RIP v1 and v2.
Transmit RIP versions To use dynamic routing for
transmission of network data, select the protocol you want: None, RIPv1, RIPv2 - Broadcast, or RIPv2 - Multicast.
Static Routing
If the Router is connected to more than one network or there are multiple routers installed on your network, it may be necessary to set up static routes. The static routing function determines the path that data follows over your network before and after it passes through the Router. You can use static routing to allow different IP domain users to access the Internet through the Router.
Static routing is a powerful feature that should be used by advanced users only. In many cases, it is better to use dynamic routing because it enables the Router to automatically adjust to physical changes in the network’s layout.
If you want to use static routing, the Router’s DHCP settings must be disabled. Then add routing entries to the Static Routing table. These entries tell the Router where to send all incoming packets. All of your network routers should direct the default route entry to the 4-Port SSL/IPSec VPN Router.
Subnet Mask Enter the subnet mask used on the
destination LAN IP domain. For Class C IP domains, the subnet mask is 255.255.255.0.
Default Gateway Enter the IP address of your network’s
gateway. If this Router is used to connect your network to the Internet, then the gateway IP is the Router’s Internet IP address. If you have another router handling your network’s Internet connection, enter the IP address of that router instead.
Hop Count Enter the appropriate value (maximum is 15).
This indicates the number of nodes that a data packet passes through before reaching its destination. A node is any device on the network, such as a switch, PC, or router.
Interface Select the appropriate interface. The Interface
tells you whether your network is on the LAN or the WAN (the Internet). If you’re connecting to a sub-network, select LAN. If you’re connecting to another network through the Internet, select the appropriate WAN port option.
Click Add to List, and configure as many entries as you would like, up to a maximum of 30. To delete an entry, select it and click Delete selected IP.
Click Show Tables to see the details of your entries. Click
Save Settings to save your changes, or click Cancel Changes to undo them.

DHCP > Setup

The Router can be used as a DHCP (Dynamic Host Configuration Protocol) server on your network. A DHCP server automatically assigns available IP addresses to computers on your network. If you choose to enable the DHCP server option, all of the computers on your LAN must be set to obtain an IP address automatically from a DHCP server. (By default, Windows computers are set to obtain an IP automatically.)
If the Router’s DHCP server function is disabled, you have to carefully configure the IP address, subnet mask, and DNS settings of every computer on your network. Make sure you do not assign the same IP address to different computers.
NOTE: Static routing is an advanced feature.
Create these routes with care.
To create a static route entry, enter the following information:
Destination IP Enter the network address of the remote
LAN segment. For a standard Class C IP domain, the network address is the first three fields of the Destination LAN IP, while the last field should be 0.
4-Port SSL/IPSec VPN Router
18
Chapter 4
Advanced Configuration
Unknown MAC Address List
To add an IP address and MAC address set to the Static IP list, select Enable, and then click Apply. To add all IP addresses and MAC addresses to the Static IP list, click Select All.
To update the on-screen information, click Refresh. To exit this screen and return to the DHCP > Setup screen, click Close.
Static IP Address Enter the static IP address. You can
enter 0.0.0.0 if you want the Router to assign a static IP address to the device.
MAC Address Enter the MAC address of the device.
Name Enter a descriptive name for the device.
Enable Select Enable to assign the static IP address to
this device.
DHCP > Setup

Setup

Enable DHCP Server To use the Router as your network’s
DHCP server, select Enable DHCP Server. If you already have a DHCP server on your network, remove the check mark.
Dynamic IP
Client Lease Time The Client Lease Time is the amount
of time a network user will be allowed connection to the Router with their current dynamic IP address. Enter the amount of time, in minutes, that the user will be “leased” this dynamic IP address. The range is 5-43,200 minutes. The default is 1440 minutes.
Dynamic IP Range Start/End Enter a starting IP address
and ending IP address to create a range of available IP addresses. The default range is 100-149. Enter a value for the DHCP server to start with when issuing IP addresses. This value must be 192.168.1. 2 or greater, because the default IP address for the Router is 192.168.1.1.
Static IP
Click Add to List, and configure as many entries as you would like, up to a maximum of 100. To delete an entry, select it and click Delete selected Entry.
Block MAC address on the list with wrong IP address To
block traffic from devices with MAC addresses on the Static IP list but using the wrong IP addresses, select this option. It prevents users from changing device IP addresses without your permission.
Block MAC address not on the list To block traffic from
devices using dynamic IP addresses, select this option. It blocks all devices with MAC addresses not listed on the Static IP list.
DNS
DNS Server You can assign DNS server(s) to the DHCP
clients so the Router will use the DNS server(s) for faster access to functioning DNS server(s). Enter the IP address of at least one DNS server.
WINS
WINS Server Windows Internet Naming Service (WINS)
is a service that resolves NetBIOS names to IP addresses. WINS is assigned if the computer (DHCP client) requests one. If you do not know the IP address of the WINS server, keep the default, 0.0.0.0.
You can assign a static IP address to a specific device based on its MAC address.
Show unknown MAC addresses Click Show unknown
MAC addresses to view all devices’ IP addresses and
corresponding MAC addresses. The Unknown MAC Address List appears.
4-Port SSL/IPSec VPN Router
19
Chapter 4
Advanced Configuration
NOTE: To support NetBIOS for DHCP and Virtual
Passage clients, the Router uses two methods. (Virtual Passage is an ActiveX-based VPN client that provides full network connectivity for Windows users. It allows remote access to the Router’s network through a secure connection.)
First, when the DHCP and Virtual Passage clients receive dynamic IP addresses from the Router, it automatically includes the information of the WINS server to support NetBIOS. Second, if a user sets up a static IP address, then the IP address, subnet mask, default gateway, and DNS server settings must be configured on the Internet Protocol (TCP/IP) screen of the Windows operating system. Then the WINS IP address must be configured on the advanced TCP/IP screen. (For more information, refer to Windows Help.)
Click Save Settings to save your changes, or click Cancel Changes to undo them.

DHCP > Status

Client Table
For all network clients using the DHCP server, the Client Table shows the current DHCP Client information:
Client Host Name This is the name assigned to a client
host.
IP Address It is the dynamic IP address assigned to a
client.
MAC Address This indicates the MAC address of a client.
Leased Time It displays the amount of time a network
user will be allowed connection to the Router with their current dynamic IP address.
Delete Click the Trash Can icon to delete a DHCP client,
and the client host’s IP address will be released.
Click Refresh to refresh the on-screen information.

DHCP > Multiple VLANs

Use this screen to establish relationships between multiple subnets and Virtual Local Area Networks (VLANs).
On the Status screen, view the status information for the DHCP server and its clients.
DHCP > Status

Status

For the DHCP server, the following information is shown:
DHCP Server This is the IP address of the DHCP server.
Dynamic IP Used It shows the number of dynamic IP
addresses used.
DHCP Available This indicates the number of dynamic IP
addresses available.
Total It shows the total number of dynamic IP addresses
that can be assigned by the DHCP server.
DHCP > Multiple VLANs

Multiple VLANs

Enable Multiple VLANs Select this option to establish a
relationship between multiple subnets and VLANs. If you enable this option and the multiple subnets and VLANs are not enabled, then the Router will prompt you to configure and enable the multiple subnets and VLANs.
VLAN ID The VLANs are configured on the Port
Management > Create VLAN screen (by default, all VLANs
created on this screen are part of the default subnet). The VLAN IDs you assigned are displayed on the Multiple VLANs screen.
Multiple Subnet Multiple subnets define different IP
networks using the subnet mask. They are created after multiple VLANs are created. (If you want to change the settings of VLAN 1, then use the Setup > Network screen
4-Port SSL/IPSec VPN Router
20
Chapter 4
Advanced Configuration
to configure the Device IP Address and Subnet Mask settings.)
Subnet1-4 The subnet numbers are created according
to the VLAN numbers. (The multiple subnets can also be configured on the Setup > Network screen.)
IP Address Enter an IP address.
Subnet Mask Select the appropriate subnet mask.
Dynamic IP Range When the IP Address and Subnet
Mask settings are configured, the range of IP addresses is displayed. You can change the range of IP addresses as long as the total number of IP addresses assigned by DHCP is 253. The greater the number of multiple subnets, the fewer the number of IP addresses assigned by DHCP.
NOTE: The Router’s built-in DHCP server can
assign up to 253 IP addresses.
Click Save Settings to save your changes, or click Cancel Changes to undo them.

DHCP > Inter-VLAN Routing

To route packets between different VLANs, enable the Multiple VLANs option on the Multiple VLANs screen, and then select the VLANs on the Inter-VLAN Routing screen.
The Internet has a service called the Domain Name Service (DNS), which allows users to enter an easily remembered host name, such as www.linksys.com, instead of numerical TCP/IP addresses to access Internet resources. The DNS Name Lookup tool will return the numerical TCP/IP address of a host name.
The Ping test bounces a packet off a machine on the Internet back to the sender. This test shows if the Router is able to contact the remote host. If users on the LAN are having problems accessing services on the Internet, try pinging the DNS server or other machine at the ISP’s location. If this test is successful, try pinging devices outside the ISP. This will show if the problem lies with the ISP’s connection.

Diagnostic

DNS Name Lookup/Ping Select which tool you want
to use, DNS Name Lookup or Ping. Then proceed to the appropriate instructions.
DNS Name Lookup
Before using this tool, make sure the IP address of the DNS server is entered on the Setup > Network screen; otherwise, this tool will not work.
DHCP > Inter-VLAN Routing

Inter-VLAN Routing

VLAN1-4 Select the VLANs that can route packets to each
other. For example, if you select VLAN1 and VLAN2, then packets can be routed between VLAN1 and VLAN2, but packets cannot be routed between VLAN3 and VLAN4.
Click Save Settings to save your changes, or click Cancel Changes to undo them.

System Management > Diagnostic

The Router has two built-in tools, DNS Name Lookup and Ping, which are used for troubleshooting network problems.
4-Port SSL/IPSec VPN Router
System Management > Diagnostic > DNS Name Lookup
Look up the name Enter the host name, and click Go.
(Do not add the prefix http:// or else you will get an error message.) The Router will then query the DNS server and display the result at the bottom of the screen.
Ping
Before using this tool make sure you know the device or host’s IP address. If you do not know it, use the Router’s DNS Name Lookup tool to find the IP address.
21
Chapter 4
System Management > Diagnostic > Ping
Advanced Configuration
Ping host or IP address Enter the IP address of the device
being pinged, and click Go. The test will take a few seconds to complete. When completed, the Router will display the results at the bottom of the screen. The results include this information: status; number of packets transmitted, received, or lost; and round trip time (minimum, maximum, and average).

System Management > Factory Default

Use this screen to clear all of your configuration information and restore the Router to its factory default settings. Only use this feature if you wish to discard all the settings and preferences that you have configured.

System Management > Firmware Upgrade

Firmware Upgrade

To download the firmware, refer to the Firmware Download instructions. If you have already downloaded the firmware onto your computer, then click the Browse button to look for the file.
NOTE: If you are using Internet Explorer on
Windows XP, disable the pop-up blocking function before you upgrade the Router’s firmware. Refer to “Appendix O: Firmware Upgrade” for more information.
Firmware Upgrade Right Now After you have selected
the file, click Firmware Upgrade Right Now.
NOTE: The Router will take approximately ten
minutes to upgrade its firmware. During this process, do not power off the Router or press the Reset button.
Firmware Download
System Management > Factory Default

Factory Default

Return to Factory Default Setting Click Return to
Factory Default Setting if you want to restore the Router
to its factory default settings. After clicking the button, a confirmation screen appears. Click OK to continue.
System Management > Firmware Upgrade
You can use this feature to upgrade the Router’s firmware to the latest version.
4-Port SSL/IPSec VPN Router
Firmware Download from Linksys Web Site If you need
to download the latest version of the Router’s firmware, click Firmware Download from Linksys Web Site. The Support page of the Linksys website appears.
Select 4-Port SSL/IPSec VPN Router from the drop­down menu, and choose the firmware from the available options. After downloading the firmware file, extract it on your computer. Then follow the Firmware Upgrade instructions.
For more details, refer to “Appendix O: Firmware Upgrade”.

System Management > Restart

If you need to restart the Router, Linksys recommends that you use the Restart tool on this screen. When you restart
22
Loading...
+ 87 hidden pages