Cisco WRV54G User Manual
A Division of Cisco Systems, Inc.
®
2.4
Model No.
GHz
802.11g
WIRELESS
WRV54G
Wireless-G
VPN Broadband Router
User Guide
Wireless-G VPN Broadband Router
Copyright and Trademarks
Specifications are subject to change without notice. Instant Etherfast, Linksys, and the Linksys logo are
registered trademarks of Linksys Group, Inc. Other brands and product names are trademarks or registered
trademarks of their respective holders. Copyright © 2003 Linksys. All rights reserved.
How to Use this Guide
Your Guide to the Wireless-G VPN Broadband Router has been designed to make understanding networking with
the Router easier than ever. Look for the following items when reading this User Guide:
This checkmark means there is a Note of interest and
is something you should pay special attention to while
using the Router.
This exclamation point means there is a Caution or
Warning and is something that could damage your
property or the Router.
This question mark provides you with a reminder about
something you might need to do while using the Router.
In addition to these symbols, there are definitions for technical terms that are presented like this:
word: definition.
Also, each figure (diagram, screenshot, or other image) is provided with a figure number and description, like
this:
Figure 0-1: Sample Figure Description
Figure numbers and descriptions can also be found in the "List of Figures" section in the “Table of Contents”.
WRV54G-EU-QI-31014NC KL
EtherFast Cable/DSL Router with 8-Port Switch
Table of Contents
Chapter 1: Introduction 1
Welcome 1
What’s in this Guide? 2
Chapter 2: Planning your Wireless Network 4
The Router’s Functions 4
IP Addresses 4
Why do I need a VPN? 5
What is a VPN? 6
Chapter 3: Getting to Know the Wireless-G VPN Broadband Router 9
The Back Panel 9
The Front Panel 10
Chapter 4: Connecting the Wireless-G Broadband Router 11
Overview 11
Wired Connection to a PC 12
Wireless Connection to a PC 12
Chapter 5: Configuring the PCs 14
Overview 14
Configuring Windows 98 and Millennium PCs 14
Configuring Windows 2000 PCs 15
Configuring Windows XP PCs 16
Chapter 6: Configuring the Router 17
Overview 17
How to Access the Web-based Utility 19
The Setup Tab 19
The Wireless Tab 26
The Security Tab 30
The Access Restrictions Tab 35
The Applications and Gaming Tab 37
The Administration Tab 41
Status 45
Chapter 7: Troubleshooting 48
Common Problems and Solutions 48
EtherFast Cable/DSL Router with 8-Port Switch
Frequently Asked Questions 56
Chapter 8: Wireless Security 63
A Brief Overview 63
What Are The Risks? 63
Chapter 9: Configuring IPSec between a Windows 2000 PC and the Router 70
Introduction 70
Environment 70
How to Establish a Secure IPSec Tunnel 71
Windows 98 or Me Instructions 81
Windows 2000 or XP Instructions 82
Chapter 10: SNMP Functions 83
Chapter 11: Upgrading Firmware 84
Chapter 12: Windows Help 85
Chapter 13: Glossary 86
Chapter 14: Specifications 92
Chapter 15: Regulatory Information 93
Chapter 16: Warranty Information 96
Chapter 17: Contact Information 97
Wireless-G Broadband VPN Router
Chapter 1: Introduction
Welcome
Wireless-G is the upcoming 54Mbps wireless networking standard that’s almost five times faster than the widely
deployed Wireless-B (802.11b) products found in homes, businesses, and public wireless hotspots around the
country—but since they share the same 2.4GHz radio band, Wireless-G devices can also interoperate with
existing 11Mbps Wireless-B equipment.
Since both standards are built in, you can protect your investment in existing 802.11b infrastructure, and migrate
to the new screaming fast Wireless-G standard as your needs grow.
The Linksys Wireless-G Broadband VPN Router is really three devices in one box. First, there’s the Wireless
Access Point, which lets you connect Wireless-G or Wireless-B devices to the network. There’s also a built-in 4port full-duplex 10/100 Switch to connect your wired-Ethernet devices. Connect four PCs directly, or daisy-chain
out to more hubs and switches to create as big a network as you need. Finally, the Router function ties it all
together and lets your whole network share a high-speed cable or DSL Internet connection.
To protect your data and privacy, the Wireless-G Broadband VPN Router can encrypt all wireless transmissions.
The Router can serve as a DHCP Server, has NAT technology to protect against Internet intruders, supports VPN
pass-through, and can be configured to filter internal users’ access to the Internet. Configuration is a snap with
the web browser-based configuration utility.
With the Linksys Wireless-G Broadband VPN Router at the center of your home or office network, you can share a
high-speed Internet connection, files, printers, and multi-player games with the flexibility, speed, and security
you need!
Chapter 1: Introduction
Welcome
1
Wireless-G Broadband VPN Router
What’s in this Guide?
This user guide covers the steps for setting up and using the Wireless-G VPN Broadband Router.
• Chapter 1: Introduction
This chapter describes the Wireless-G VPN Broadband Router applications and this User Guide.
• Chapter 2: Planning your Wireless Network
This chapter describes the basics of wireless networking.
• Chapter 3: Getting to Know the Wireless-G VPN Broadband Router
This chapter describes the physical features of the Router.
• Chapter 4: Connecting the Wireless-G VPN Broadband Router
This chapter instructs you on how to connect the Router to your network.
• Chapter 5: Configuring the PCs
This chapter explains how to configure the PCs for your network.
• Chapter 6: Configuring the Router
This chapter explains how to use the Web-Based Utility to configure the settings on the Router.
• Appendix A: Troubleshooting
This appendix describes some problems and solutions, as well as frequently asked questions, regarding
installation and use of the Wireless-G VPN Broadband Router.
• Appendix B: Wireless Security
This appendix explains the risks of wireless networking and some solutions to reduce the risks.
• Appendix C: Configuring IPSec between a Windows 2000 Pc and the Router
This appendix instructs you on how to establish a secure IPSec tunnel using preshared keys to join a private
network inside the VPN Router and a Windows 2000 or XP PC.
• Appendix D: SNMP Functions
This appendix explains SNMP.
• Appendix E: Upgrading Firmware
This appendix instructs you on how to upgrade the firmware on your Router if you should need to do so.
• Appendix F: Windows Help
This appendix describes how you can use Windows Help for instructions about networking, such as installing
the TCP/IP protocol.
Chapter 1: Introduction
What’s in this Guide?
2
Wireless-G Broadband VPN Router
• Appendix G: Finding the MAC Address and IP Address for your Ethernet Adapter.
This appendix describes how to find the MAC address for your computer’s Ethenet adapter so you can use the
MAC filtering and/or MAC address cloning feature of the Router.
• Appendix H: Glossary
This appendix gives a brief glossary of terms frequently used in networking.
• Appendix I: Specifications
This appendix provides the technical specifications for the Router.
• Appendix J: Warranty Information
This appendix supplies the warranty information for the Router..
• Appendix K: Regulatory Information
This appendix supplies the regulatory information regarding the Router.
• Appendix L: Contact Information
This appendix provides contact information for a variety of Linksys resources, including Technical Support.
Chapter 1: Introduction
What’s in this Guide?
3
Wireless-G VPN Broadband Router
Chapter 2: Planning your Wireless Network
The Router’s Functions
Simply put, a router is a network device that connects two networks together.
In this instance, the Router connects your Local Area Network (LAN), or the group of PCs in your home or office, to
the Internet. The Router processes and regulates the data that travels between these two networks.
The Router’s NAT feature protects your network of PCs so users on the public, Internet side cannot “see” your
PCs. This is how your network remains private. The Router protects your network by inspecting every packet
coming in through the Internet port before delivery to the appropriate PC on your network. The Router inspects
Internet port services like the web server, ftp server, or other Internet applications, and, if allowed, it will forward
the packet to the appropriate PC on the LAN side.
Remember that the Router’s ports connect to two sides. The LAN ports connect to the LAN, and the Internet port
connects to the Internet. The LAN and Internet ports transmit data at 10/100Mbps.
IP Addresses
What’s an IP Address?
IP stands for Internet Protocol. Every device on an IP-based network, including PCs, print servers, and routers,
requires an IP address to identify its “location,” or address, on the network. This applies to both the Internet and
LAN connections. There are two ways of assigning an IP address to your network devices. You can assign static
IP addresses or use the Router to assign IP addresses dynamically.
Static IP Addresses
A static IP address is a fixed IP address that you assign manually to a PC or other device on the network. Since a
static IP address remains valid until you disable it, static IP addressing ensures that the device assigned it will
always have that same IP address until you change it. Static IP addresses must be unique and are commonly
used with network devices such as server PCs or print servers.
Chapter 2: Planning your Wireless Network
The Router’s Functions
Figure 2-1: Network
LAN: the computers and networking products that
make up your local network
NOTE: Since the Router is a device that connects two
networks, it needs two IP addresses—one for the LAN,
and one for the Internet. In this User Guide, you’ll see
references to the “Internet IP address” and the “LAN IP
address.”
Since the Router uses NAT technology, the only IP
address that can be seen from the Internet for your
network is the Router’s Internet IP address. However,
even this Internet IP address can be blocked, so that the
Router and network seem invisible to the Internet—see
the Block WAN Requests description under Filters in
“Chapter 7: The Router’s Web-based Utility.”
4
Wireless-G VPN Broadband Router
If you use the Router to share your cable or DSL Internet connection, contact your ISP to find out if they have
assigned a static IP address to your account. If so, you will need that static IP address when configuring the
Router. You can get that information from your ISP.
Dynamic IP Addresses
A dynamic IP address is automatically assigned to a device on the network, such as PCs and print servers. These
IP addresses are called “dynamic” because they are only temporarily assigned to the PC or device. After a
certain time period, they expire and may change. If a PC logs onto the network (or the Internet) and its dynamic IP
address has expired, the DHCP server will automatically assign it a new dynamic IP address.
DHCP (Dynamic Host Configuration Protocol) Servers
PCs and other network devices using dynamic IP addressing are assigned a new IP address by a DHCP server.
The PC or network device obtaining an IP address is called the DHCP client. DHCP frees you from having to assign
IP addresses manually every time a new user is added to your network.
A DHCP server can either be a designated PC on the network or another network device, such as the Router. By
default, the Router’s DHCP Server function is enabled.
If you already have a DHCP server running on your network, you must disable one of the two DHCP servers. If you
run more than one DHCP server on your network, you will experience network errors, such as conflicting IP
addresses. To disable DHCP on the Router, see the DHCP section in “Chapter 6: The Router’s Web-based Utility.”
Why do I need a VPN?
Computer networking provides a flexibility not available when using an archaic, paper-based system. With this
flexibility, however, comes an increased risk in security. This is why firewalls were first introduced. Firewalls
help to protect data inside of a local network. But what do you do once information is sent outside of your local
network, when emails are sent to their destination, or when you have to connect to your company's network
when you are out on the road? How is your data protected?
That is when a VPN can help. VPNs are called Virtual Private Networks because they secure data moving outside
of your network as if it were still within that network.
When data is sent out across the Internet from your computer, it is always open to attacks. You may already have
a firewall, which will help protect data moving around or held within your network from being corrupted or
intercepted by entities outside of your network, but once data moves outside of your network - when you send
data to someone via email or communicate with an individual over the Internet - the firewall will no longer protect
that data.
Chapter 2: Planning your Wireless Network
Why do I need a VPN?
5
Wireless-G VPN Broadband Router
At this point, your data becomes open to hackers using a variety of methods to steal not only the data you are
transmitting but also your network login and security data. Some of the most common methods are as follows:
1) MAC Address Spoofing
Packets transmitted over a network, either your local network or the Internet, are preceded by a packet header.
These packet headers contain both the source and destination information for that packet to transmit efficiently.
A hacker can use this information to spoof (or fake) a MAC address allowed on the network. With this spoofed
MAC address, the hacker can also intercept information meant for another user.
2) Data Sniffing
Data "sniffing" is a method used by hackers to obtain network data as it travels through unsecured networks,
such as the Internet. Tools for just this kind of activity, such as protocol analyzers and network diagnostic tools,
are often built into operating systems and allow the data to be viewed in clear text.
3) Man in the middle attacks
Once the hacker has either sniffed or spoofed enough information, he can now perform a "man in the middle"
attack. This attack is performed, when data is being transmitted from one network to another, by rerouting the
data to a new destination. Even though the data is not received by its intended recipient, it appears that way to
the person sending the data.
These are only a few of the methods hackers use and they are always developing more. Without the security of
your VPN, your data is constantly open to such attacks as it travels over the Internet. Data travelling over the
Internet will often pass through many different servers around the world before reaching its final destination.
That's a long way to go for unsecured data and this is when a VPN serves its purpose.
What is a VPN?
A VPN, or Virtual Private Network, is a connection between two endpoints - a VPN Router, for instance - in
different networks that allows private data to be sent securely over a shared or public network, such as the
Internet. This establishes a private network that can send data securely between these two locations or
networks.
This is done by creating a "tunnel". A VPN tunnel connects the two PCs or networks and allows data to be
transmitted over the Internet as if it were still within those networks. Not a literal tunnel, it is a connection
secured by encrypting the data sent between the two networks.
VPN was created as a cost-effective alternative to using a private, dedicated, leased line for a private network.
Using industry standard encryption and authentication techniques - IPSec, short for IP Security - the VPN creates
Chapter 2: Planning your Wireless Network
What is a VPN?
6
Wireless-G VPN Broadband Router
a secure connection that, in effect, operates as if you were directly connected to your local network. Virtual
Private Networking can be used to create secure networks linking a central office with branch offices,
telecommuters, and/or professionals on the road (travelers can connect to a VPN Router using any computer with
VPN client software that supports IPSec, such as SSH Sentinel.)
There are two basic ways to create a VPN connection:
•VPN Router to VPN Router
•Computer (using VPN client software that supports IPSec) to VPN Router
The VPN Router creates a “tunnel” or channel between two endpoints, so that data transmissions between them
are secure. A computer with VPN client software that supports IPSec can be one of the two endpoints. Any
computer with the built-in IPSec Security Manager (Microsoft 2000 and XP ) allows the VPN Router to create a
VPN tunnel using IPSec (refer to “Appendix C: Configuring IPSec between a Windows 2000 or XP PC and the VPN
Router”). Other versions of Microsoft operating systems require additional, third-party VPN client software
applications that support IPSec to be installed.
VPN Router to VPN Router
An example of a VPN Router-to-VPN Router VPN would be as follows. (See Figure 2-2.) At home, a telecommuter
uses his VPN Router for his always-on Internet connection. His router is configured with his office's VPN settings.
When he connects to his office's router, the two routers create a VPN tunnel, encrypting and decrypting data. As
VPNs utilize the Internet, distance is not a factor. Using the VPN, the telecommuter now has a secure connection
to the central office's network, as if he were physically connected.
Figure 2-2:
Chapter 2: Planning your Wireless Network
What is a VPN?
IMPORTANT: You must have at least one VPN
Router on one end of the VPN tunnel. At the other
end of the VPN tunnel, you must have a second
VPN Router or a computer with VPN client
software that supports IPSec.
7
Wireless-G VPN Broadband Router
Computer (using VPN client software that supports IPSec) to VPN Router
The following is an example of a computer-to-VPN Router VPN. (See Figure 2-3.) In her hotel room, a traveling
businesswoman dials up her ISP. Her notebook computer has VPN client software that is configured with her
office's VPN settings. She accesses the VPN client software that supports IPSec and connects to the VPN Router
at the central office. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the businesswoman now
has a secure connection to the central office's network, as if she were physically connected.
For additional information and instructions about creating your own VPN, please visit Linksys’s website at
www.linksys.com or refer to “Appendix C: Configuring IPSec between a Windows 2000 or XP PC and the VPN
Router.”
Chapter 2: Planning your Wireless Network
What is a VPN?
Figure 2-3:
8
Wireless-G VPN Broadband Router
Chapter 3: Getting to Know the Wireless-G VPN Broadband Router
The Back Panel
The Router’s ports, where a network cable is connected, are located on the back panel.
Figure 3-1: Back Panel
Important: Resetting the Router will erase all
Internet The Internet port connects to your modem.
LAN (1-4) The LAN (Local Area Network) ports connect to your PC and other network devices.
Power The Power port is where you will connect the power adapter.
of your settings (WEP Encryption, Wireless and
LAN settings, etc.) and replace them with the
factory defaults. Do not reset the Router if you
want to retain these settings.
Reset Button There are two ways to Reset the Router's factory defaults. Either press the Reset Button, for
approximately ten seconds, or restore the defaults from the Password tab in the Router’s WebBased Utility.
With these, and many other, Linksys products, your networking options are limitless. Go to the Linksys website at
www.linksys.com for more information about products that work with the Router.
Chapter 3: Getting to Know the Wireless-G VPN Broadband Router
The Back Panel
9
Wireless-G VPN Broadband Router
The Front Panel
The Router's LEDs, where information about network activity is displayed, are located on the front panel.
Figure 3-2: Front Panel
Power Green. The Power LED lights up when the Access Point is powered on.
DMZ Red. The DMZ LED indicates the Access Point's self- diagnosis mode during boot-up and
restart. It will turn off upon completing the diagnosis. If this LED stays on for an abnormally
long period of time, refer to Appendix A: Troubleshooting.
Internet Green. The Internet LED lights whenever there is a successful wireless connection. If the LED
is flickering, the Router is actively sending or receiving data to or from one of the devices on
the network.
Wireless-G Green. The Wireless-G LED lights whenever there is a successful wireless connection.
LAN (1-4) Green. The LAN LED serves two purposes. If the LED is continuously lit, the Router is
successfully connected to a device through the LAN port. If the LED is flickering, it is an
indication of any network activity.
Chapter 3: Getting to Know the Wireless-G VPN Broadband Router
The Front Panel
10
Wireless-G VPN Broadband Router
Chapter 4: Connecting the Wireless-G Broadband Router
Overview
The Router’s setup consists of more than simply plugging hardware together. You will have to configure your
networked PCs to accept the IP addresses that the Router assigns them (if applicable), and you will also have to
configure the Router with setting(s) provided by your Internet Service Provider (ISP).
The installation technician from your ISP should have left the setup information for your modem with you after
installing your broadband connection. If not, you can call your ISP to request that data.
Once you have the setup information you need for your specific type of Internet connection, you can begin
installation and setup of the Router.
If you want to use a PC with an Ethernet adapter to configure the Router, continue to “Wired Connection to a PC.”
If you want to use a PC with a wireless adapter to configure the Router, continue to “Wireless Connection to a
PC.”
Chapter 4: Connecting the Wireless-G Broadband Router
Overview
11
Wireless-G VPN Broadband Router
Wired Connection to a PC
1. Before you begin, make sure that all of your network’s hardware is powered off, including the Router, PCs,
and cable or DSL modem.
2. Connect one end of an Ethernet network cable to one of the LAN ports (labeled 1-4) on the back of the Router
(see Figure 4-1), and the other end to an Ethernet port on a PC.
3. Repeat this step to connect more PCs, a switch, or other network devices to the Router.
4. Connect a different Ethernet network cable from your cable or DSL modem to the Internet port on the Router’s
rear panel (see Figure 4-2). This is the only port that will work for your modem connection.
5. Power on the cable or DSL modem.
6. Connect the power adapter to the Router’s Power port (see Figure 4-3), and then plug the power adapter into
a power outlet.
• The Power LED on the front panel will light up green as soon as the power adapter is connected properly.
The Power LED will flash for a few seconds, then it will light up steady when the self-test is complete. If
the LED flashes for one minute or longer, see “Appendix A: Troubleshooting.”
7. Power on one of your PCs that is connected to the Router.
Wireless Connection to a PC
If you want to use a wireless connection to access the Router, follow these instructions:
1. Before you begin, make sure that all of your network’s hardware is powered off, including the Router, PCs,
and cable or DSL modem.
2. Connect an Ethernet network cable from your cable or DSL modem to the Internet port on the Router’s rear
panel (see Figure 4-2). This is the only port that will work for your modem connection.
3. Power on the cable or DSL modem.
4. Connect the power adapter to the Power port (see Figure 4-3), and then plug the power adapter into a power
outlet.
Figure 4-1:
Figure 4-2:
Figure 4-3:
NOTE: IYou should always plug the Router’s
power adapter into a power strip with surge
protection.
NOTE: IYou should always change the SSID
from its default, linksys, and enable WEP
encryption.
Chapter 4: Connecting the Wireless-G Broadband Router
Wired Connection to a PC
12
Wireless-G VPN Broadband Router
• The Power LED on the front panel will light up green as soon as the power adapter is connected properly.
The Power LED will flash for a few seconds, then light up steady when the self-test is complete. If the LED
flashes for one minute or longer, see “Appendix A: Troubleshooting.”
5. Power on one of the PCs on your wireless network(s).
6. For initial access to the Router through a wireless connection, make sure the PC’s wireless adapter has its
SSID set to linksys-g (the Router’s default setting), and its WEP encryption is disabled. After you have
accessed the Router, you can change the Router and this PC’s adapter settings to match the your usual
network settings.
The Router’s hardware installation is now complete.
Go to “Chapter 5: Configuring the PCs.”
Chapter 4: Connecting the Wireless-G Broadband Router
Wireless Connection to a PC
13
Wireless-G VPN Broadband Router
Chapter 5: Configuring the PCs
Overview
The instructions in this chapter will help you configure each of your computers to be able to communicate with
the Router.
To do this, you need to configure your PC’s network settings to obtain an IP (or TCP/IP) address automatically, so
your PC can function as a DHCP client. Computers use IP addresses to communicate with the Router and each
other across a network, such as the Internet.
First, find out which Windows operating system your computer is running. You can find out by clicking the Start
button. Read the side panel of the Start menu to find out which operating system your PC is running.
You may need to do this for each computer you are connecting to the Router.
The next few pages tell you, step by step, how to configure your network settings based on the type of Windows
operating system you are using. Make sure that an Ethernet or wireless adapter (also known as a network
adapter) has been successfully installed in each PC you will configure. Once you’ve configured your computers,
continue to “Chapter 6: Using the Router’s Web-Based Utility.”
Configuring Windows 98 and Millennium PCs
1. Click the Start button. Select Settings and click the Control Panel icon. Double-click the Network icon.
2. On the Configuration tab, select the TCP/IP line for the applicable Ethernet adapter, as shown in Figure 5-1.
Do not choose a TCP/IP entry whose name mentions DUN, PPPoE, VPN, or AOL. If the word TCP/IP appears by
itself, select that line. Click the Properties button.
IMPORTANT: Important: By default Windows 98,
2000, Me, and XP has TCP/IP installed and set to
obtain an IP address automatically. If your PC does
not have TCP/IP installed, click Start and then
Help. Search for the keyword TCP/IP. Then follow
the instructions to install TCP/IP.
Figure 5-1: Configuration Tab
3. Click the IP Address tab. Select Obtain an IP address automatically. (See Figure 5-2.)
Chapter 5: Configuring the PCs
Overview
Figure 5-2: IP Address Tab
14
Wireless-G VPN Broadband Router
4. Now click the Gateway tab, and verify that the Installed Gateway field is blank. Click the OK button.
5. Click the OK button again. Windows may ask you for the original Windows installation disk or additional files.
Check for the files at c:\windows\options\cabs, or insert your Windows CD-ROM into your CD-ROM drive and
check the correct file location, e.g., D:\win98, D:\win9x, etc. (if “D” is the letter of your CD-ROM drive).
6. Windows may ask you to restart your PC. Click the Yes button. If Windows does not ask you to restart, restart
your computer anyway.
Go to “Chapter 6: Using the Router’s Web-Based Utility.”
Configuring Windows 2000 PCs
1. Click the Start button. Select Settings and click the Control Panel icon. Double-click the Network and Dialup Connections icon.
2. Select the Local Area Connection icon for the applicable Ethernet adapter (usually it is the first Local Area
Connection listed). Double-click the Local Area Connection. Click the Properties button. (See Figure 5-3.)
3. Make sure the box next to Internet Protocol (TCP/IP) is checked. Highlight Internet Protocol (TCP/IP), and click
the Properties button. (See Figure 5-4.)
4. Select Obtain an IP address automatically. Once the new window appears, click the OK button. Click the
OK button again to complete the PC configuration. (See Figure 5-5.)
5. Restart your computer.
Go to “Chapter 6: Using the Router’s Web-Based Utility.”
Figure 5-3: Properties
Figure 5-4: TCP/IP
Chapter 5: Configuring the PCs
Configuring Windows 2000 PCs
Figure 5-5: IP Address
15
Wireless-G VPN Broadband Router
Configuring Windows XP PCs
The following instructions assume you are running Windows XP with the default interface. If you are using the
Classic interface (where the icons and menus look like previous Windows versions), please follow the
instructions for Windows 2000.
1. Click the Start button and then the Control Panel icon. Click the Network and Internet Connections icon.
Then click the Network Connections icon.
2. Select the Local Area Connection icon for the applicable Ethernet adapter (usually it is the first Local Area
Connection listed). Double-click the Local Area Connection. Click the Properties button. (See Figure 5-6.)
3. Make sure the box next to Internet Protocol (TCP/IP) is checked. Highlight Internet Protocol (TCP/IP), and
click the Properties button. (See Figure 5-7.)
4. Select Obtain an IP address automatically. (See Figure 5-8.) Once the new window appears, click the OK
button. Click the OK button again to complete the PC configuration.
Go to “Chapter 6: Using the Router’s Web-Based Utility.”
Figure 5-6: Properties
Figure 5-7: TCP/IP
Chapter 5: Configuring the PCs
Configuring Windows XP PCs
Figure 5-8: IP Address
16
Wireless-G VPN Broadband Router
Chapter 6: Configuring the Router
Overview
Linksys recommends using the Setup CD-ROM for first-time installation of the Router and setting up additional
computers. If you do not wish to run the Setup Wizard on the Setup CD-ROM, then follow the steps in this chapter
and use the Router’s web-based utility to configure the Router. This chapter will describe each web page in the
Utility and each page’s key functions. The utility can be accessed via your web browser through use of a
computer connected to the Router. For a basic network setup, most users only have to use the following screens
of the Utility:
• Basic Setup. On the Basic Setup screen, enter the settings provided by your ISP.
• Management. Click the Administration tab and then the Management tab. The Router’s default password is
admin. To secure the Router, change the Password from its default.
There are seven main tabs: Setup, Wireless, Security, Access Restrictions, Applications & Gaming,
Administration, and Status. Additional tabs will be available after you click one of the main tabs.
Setup
• Basic Setup. Enter the Internet connection and network settings on this screen.
• DDNS. To enable the Router’s Dynamic Domain Name System (DDNS) feature, complete the fields on this
screen.
• MAC Address Clone. If you need to clone a MAC address onto the Router, use this screen.
• Advanced Routing. On this screen, you can alter Network Address Translation (NAT), Dynamic Routing, and
Static Routing configurations.
Note: The Router is designed to function
properly after connecting the Router to your
network. This chapter is provided solely for
those who wish to perform more advanced
Have You: Enabled TCP/IP on your PCs? PCs
communicate over the network with this
protocol. Refer to Appendix D: Windows Help for
more information on TCP/IP.
Note: For added security, you should change
the password through the Administration
screen of the web-based utility.
NAT (Network Address Translation): NAT
technology translates IP addresses of a local area
network to a different IP address for the Internet.
• Hot Spot. Register with your Hot Spot service provider on this screen.
Wireless
• Basic Wireless Settings. You can choose your Wireless Network Mode and Wireless Security on this screen.
• Wireless Network Access. This screen displays your network access list.
Chapter 6: Configuring the Router
Overview
17
Wireless-G VPN Broadband Router
• Advanced Wireless Settings. On this screen you can access the Advanced Wireless features of Authentication
Type, Basic Data Rates, Control Tx Rates, Beacon Interval, DTIM Interval, RTS Threshold, and Fragmentation
Threshold.
Security
• Filter. To block specific users from Internet access, you can set up IP address, port, and MAC address filtering
on the Filter screen.
• VPN. To enable or disable IPSec, L2TP, and/or PPTP Pass-through, and set up VPN tunnels, use this screen.
• 802.1x. Use this screen to set up RADIUS authentication.
Access Restrictions
• Access Restriction. This screen allows you to prevent or permit only certain users from attaching to your
network.
Applications & Gaming
• Port Range Forwarding. To set up public services or other specialized Internet applications on your network,
click this tab.
• Port Triggering. To set up triggered ranges and forwarded ranges for Internet applications, click this tab.
Beacon Interval :The frequency interval of the
beacon, which is a packet broadcast by a
router to synchronize a wireless network.
DTIM (Delivery Traffic Indication Message):
A message included in data packets that can
increase wireless efficiency.
RTS (Request To Send): A packet sent when a
computer has data to transmit. The computer
will wait for a CTS (Clear To Send) message
before sending data.
Fragmentation: Breaking a packet into smaller
units when transmitting over a network medium
that cannot support the original size of the
packet.
• UPnP Forwarding. Use this screen to alter UPnP forwarding settings.
• DMZ. To allow one local user to be exposed to the Internet for use of special-purpose services, use this
screen.
Administration
• Management. On this screen, alter router access privileges and UPnP settings.
• Log. If you want to view or save activity logs, click this tab.
• Diagnostics. Use this screen to check the connection between your Router and PC.
• Factory Defaults. If you want to restore the Router’s factory defaults, then use this screen.
• Firmware Upgrade. Click this tab if you want to upgrade the Router’s firmware.
Chapter 6: Configuring the Router
Overview
18
Wireless-G VPN Broadband Router
Status
• Router. This screen provides status information about the Router.
• Local Network. This provides status information about the local network.
How to Access the Web-based Utility
To access the web-based utility, launch Internet Explorer or Netscape Navigator, and enter the Router’s default IP
address, 192.168.1.1, in the Address field. Then press Enter.
A password request page, shown in Figure 6-1 will appear. (non-Windows XP users will see a similar screen.)
Enter admin (the default user name) in the User Name field, and enter admin (the default password) in the
Password field. Then click the OK button.
The Setup Tab
The Basic Setup Tab
The first screen that appears is the Basic Setup tab. (See Figure 6-2.) This tab allows you to change the Router's
general settings. Change these settings as described here and click the Save Settings button to save your
changes or Cancel Changes to cancel your changes.
Figure 6-1: Password Screen
Internet Setup
• Internet Connection Type. The Router supports four connection types: Automatic Configuration - DHCP (the
default connection type), PPPoE, Static IP, and PPTP. Each Basic Setup screen and available features will
differ depending on what kind of connection type you select.
Automatic Configuration - DHCP
By default, the Router’s Configuration Type is set to Automatic Configuration - DHCP, and it should be kept
only if your ISP supports DHCP or you are connecting through a dynamic IP address.
Chapter 6: Configuring the Router
How to Access the Web-based Utility
Figure 6-2: Setup Tab/DHCP Internet Connection Type
19
Wireless-G VPN Broadband Router
Static (See Figure 6-3.)
If you are required to use a permanent IP address to connect to the Internet, then select Static IP.
• IP Address. This is the Router’s IP address, when seen from the WAN, or the Internet. Your ISP will provide
you with the IP Address you need to specify here.
• Subnet Mask. This is the Router’s Subnet Mask, as seen by external users on the Internet (including your
ISP). Your ISP will provide you with the Subnet Mask.
• Default Gateway. Your ISP will provide you with the Default Gateway Address, which is the ISP server’s IP
address.
• Primary DNS. (Required) and Secondary DNS (Optional). Your ISP will provide you with at least one DNS
(Domain Name System) Server IP Address.
When finished making your changes on this tab, click the Save Settings button to save these changes, or
click the Cancel Changes button to undo your changes.
PPPoE (See Figure 6-4.)
Some DSL-based ISPs use PPPoE (Point-to-Point Protocol over Ethernet) to establish Internet connections. If
you are connected to the Internet through a DSL line, check with your ISP to see if they use PPPoE. If they do,
you will have to enable PPPoE.
• User Name and Password. Enter the User Name and Password provided by your ISP.
• Connect on Demand: Max Idle Time. You can configure the Router to cut the Internet connection after it
has been inactive for a specified period of time (Max Idle Time). If your Internet connection has been
terminated due to inactivity, Connect on Demand enables the Router to automatically re-establish your
connection as soon as you attempt to access the Internet again. If you wish to activate Connect on
Demand, click the radio button. In the Max Idle Time field, enter the number of minutes you want to have
elapsed before your Internet connection terminates.
• Keep Alive Option: Redial Period. If you select this option, the Router will periodically check your Internet
connection. If you are disconnected, then the Router will automatically re-establish your connection. To
use this option, click the radio button next to Keep Alive. In the Redial Period field, you specify how often
you want the Router to check the Internet connection. The default Redial Period is 30 seconds.
When finished making your changes on this tab, click the Save Settings button to save these changes, or
click the Cancel Changes button to undo your changes.
Chapter 6: Configuring the Router
The Setup Tab
Figure 6-3: Static Internet Connection Type
Figure 6-4: PPPoE Internet Connection Type
20
Wireless-G VPN Broadband Router
PPTP (See Figure 6-5.)
Point to Point Tunneling Protocol (PPTP) is a service that applies to connections in Europe only (see Figure 6-
5).
• Internet IP Address. This is the Router’s IP address, when seen from the Internet. Your ISP will provide you
with the IP Address you need to specify here.
• Subnet Mask. This is the Router’s Subnet Mask, as seen by external users on the Internet (including your
ISP). Your ISP will provide you with the Subnet Mask.
• Default Gateway. Your ISP will provide you with the Default Gateway Address.
• User Name and Password. Enter the User Name and Password provided by your ISP.
• Connect on Demand: Max Idle Time. You can configure the Router to cut the Internet connection after it
has been inactive for a specified period of time (Max Idle Time). If your Internet connection has been
terminated due to inactivity, Connect on Demand enables the Router to automatically re-establish your
connection as soon as you attempt to access the Internet again. If you wish to activate Connect on
Demand, click the radio button. In the Max Idle Time field, enter the number of minutes you want to have
elapsed before your Internet connection terminates.
• Keep Alive Option: Redial Period. If you select this option, the Router will periodically check your Internet
connection. If you are disconnected, then the Router will automatically re-establish your connection. To
use this option, click the radio button next to Keep Alive. To use this option, click the radio button next to
Keep Alive. In the Redial Period field, you specify how often you want the Router to check the Internet
connection. The default Redial Period is 30 seconds.
When finished making your changes on this tab, click the Save Settings button to save these changes, or
click the Cancel Changes button to undo your changes.
Optional Settings (Required by some ISPs)
• Host Name and Domain Name. These fields allow you to supply a host and domain name for the Router. Some
ISPs require these names as identification. You may have to check with your ISP to see if your broadband
Internet service has been configured with a host and domain name. In most cases, leaving these fields blank
will work.
• MTU. The MTU (Maximum Transmission Unit) setting specifies the largest packet size permitted for network
transmission. Select Enabled and enter the value desired. It is recommended that you leave this value in the
Chapter 6: Configuring the Router
The Setup Tab
Figure 6-5: PPTP Internet Connection Type
21
Wireless-G VPN Broadband Router
1200 to 1500 range. For most DSL users, it is recommended to use the value 1492. By default, MTU is set at
1500 when disabled.
Network Setup
• Gateway IP. The values for the Router’s Local IP Address and Subnet Mask are shown here. In most cases,
keeping the default values will work.
• Local IP Address. The default value is 192.168.1.1.
• Subnet Mask. The default value is 255.255.255.0.
• Network Address Server Settings (DHCP). A Dynamic Host Configuration Protocol (DHCP) server
automatically assigns an IP address to each PC on your network for you. Unless you already have one, it is
highly recommended that you leave the Router enabled as a DHCP server.
• Local DHCP Server. DHCP is already enabled by factory default. If you already have a DHCP server on your
network, set the Router’s DHCP option to Disable. If you disable DHCP, remember to assign a static IP
address to the Router.
• Start IP Address. Enter a value for the DHCP server to start with when issuing IP addresses. This value
must be 192.168.1. 2 or greater, because the default IP address for the Router is 192.168.1.1.
• Number of Address. Enter the maximum number of PCs that you want the DHCP server to assign IP
addresses to. This number cannot be greater than 254 (the Router’s IP address must be accounted for,
effective available IP addresses is no more than 253). In order to determine the DHCP IP Address range,
add the starting IP address (e.g., 100) to the number of DHCP users. By default, as shown in Figure 6-9,
add 100 to 50, and the range is 192.168.1.100 to 192.168.1.149.
• DHCP Address Range. The range of DHCP addresses is displayed here.
• Time Setting. This is where you set the time for your Router. You can set the time and date manually or
automatically, by setting the time zone.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes.
Chapter 6: Configuring the Router
The Setup Tab
22
Wireless-G VPN Broadband Router
The DDNS Tab
The Router offers a Dynamic Domain Name System (DDNS) feature. DDNS lets you assign a fixed host and domain
name to a dynamic Internet IP address. It is useful when you are hosting your own website, FTP server, or other
server behind the Router.
Before you can use this feature, you need to sign up for DDNS service at one of two DDNS service providers,
DynDNS.org or TZO.com.
DDNS
DDNS Service. If your DDNS service is provided by DynDNS.org, then select DynDNS.org in the drop-down menu.
(See Figure 6-6.) If your DDNS service is provided by TZO, then select TZO.com. (See Figure 6-7.) The features
available on the DDNS screen will vary, depending on which DDNS service provider you use.
DynDNS.org
• User Name, Password, and Host Name. Enter the User Name, Password, and Host Name of the account you
set up with DynDNS.org.
• Internet IP Address. The Router’s current Internet IP Address is displayed here. Because it is dynamic, it will
change.
• Status. The status of the DDNS service connection is displayed here.
Figure 6-6: DynDNS.org
When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes.
TZO.com Tab
• Email Address, TZO Password Key, and Domain Name. Enter the Email Address, TZO Password Key, and
Domain Name of the service you set up with TZO.
• Internet IP Address. The Router’s current Internet IP Address is displayed here. Because it is dynamic, this will
change.
• Status. The status of the DDNS service connection is displayed here.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes.
Chapter 6: Configuring the Router
The Setup Tab
Figure 6-7: TZO.com
23
Wireless-G VPN Broadband Router
MAC Address Clone Tab (See Figure 6-8.)
The Router’s MAC address is a 12-digit code assigned to a unique piece of hardware for identification, like a
social security number. If your ISP requires MAC address registration, find your adapter’s MAC address by
following the instructions in “Appendix D: Finding the MAC Address and IP Address for Your Ethernet Adapter.”
MAC Clone
• MAC Clone Service. To use MAC address cloning, select Enable.
• MAC Address. To manually clone a MAC address, enter the 12 digits of your adapter’s MAC address in the onscreen fields (see Figure 6-8). Then click the Save Settings button.
• Clone My MAC Address. If you want to clone the MAC address of the PC you are currently using to configure
the Router, then click the Clone My MAC Address button. The Router will automatically detect your PC’s
MAC address, so you do NOT have to call your ISP to change the registered MAC address to the Router’s MAC
address. It is recommended that the PC registered with the ISP is used to open the MAC Address Clone tab.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes.
Advanced Routing Tab
Figure 6-8: MAC Address Clone
The Advanced Routing screen allows you to configure the dynamic routing and static routing settings. (See Figure
6-9.)
Advanced Routing
• Operating Mode. Select Gateway or Router for the Operating Mode from the drop-down menu.
• Dynamic Routing. With Dynamic Routing you can enable the Router to automatically adjust to physical
changes in the network’s layout. The Router, using the RIP protocol, determines the network packets’ route
based on the fewest number of hops between the source and the destination. The RIP protocol regularly
broadcasts routing information to other routers on the network.
• Receive RIP Version To use dynamic routing for reception of network data, select the protocol you want: RIP1
or RIP2.
• Transmit RIP Version. To use dynamic routing for transmission of network data, select the protocol you want:
RIP1, RIP1-Compatible, or RIP2.
Chapter 6: Configuring the Router
The Setup Tab
Figure 6-9: Advanced Routing
24
Wireless-G VPN Broadband Router
Static Routing
If the Router is connected to more than one network, it may be necessary to set up a static route between them.
A static route is a pre-determined pathway that network information must travel to reach a specific host or
network. To create a static route, change the following settings:
• Select Number. Select the number of the static route from the drop-down menu. The Router supports up to
20 static route entries.
• Delete This Entry. If you need to delete a route, select its number from the drop-down menu, and click the
Delete Entry button.
• LAN IP Address. The LAN IP Address is the address of the remote network or host to which you want to assign
a static route. Enter the IP address of the host for which you wish to create a static route. If you are building a
route to an entire network, be sure that the network portion of the IP address is set to 0. For example, the
Router’s standard IP address is 192.168.1.1. Based on this address, the address of the routed network is
192.168.1, with the last digit determining the Router’s place on the network. Therefore you would enter the IP
address 192.168.1.0 if you wanted to route to the Router’s entire network, rather than just to the Router.
• Subnet Mask. The Subnet Mask (also known as the Network Mask) determines which portion of an IP address
is the network portion, and which portion is the host portion. Take, for example, a network in which the
Subnet Mask is 255.255.255.0. This determines (by using the values 255) that the first three numbers of a
network IP address identify this particular network, while the last digit (from 1 to 254) identifies the specific
host.
Figure 6-10: Routing Table
• Default Gateway. This IP address should be the IP address of the gateway device that allows for contact
between the Router and the remote network or host.
• metric. This determines the maximum number of steps between network nodes that data packets will travel.
A node is any device on the network, such as PCs, print servers, routers, etc.
• Interface. Select LAN & Wireless or Internet, depending on the location of the static route’s final destination.
• Show Routing Table. Click the Show Routing Table button to open a screen displaying how data is routed
through your LAN. For each route, the Destination LAN IP address, Subnet Mask, Default Gateway, and
Interface are displayed. Click the Refresh button to update the information. See Figure 6-10.
When finished making your changes on this tab, click the Save Settings button to save these changes, or click
the Cancel Changes button to undo your changes.
Chapter 6: Configuring the Router
The Setup Tab
25
Wireless-G VPN Broadband Router
The Wireless Tab
Basic Wireless Settings (See Figure 6-11.)
This screen allows you to choose your wireless network mode and wireless security.
Wireless Network
• Wireless Network Mode. If you have Wireless-G and 802.11b devices in your network, then keep the default
setting, Mixed. If you have only Wireless-G devices, select G-Only. If you want to disable wireless
networking, select Disable.
• Wireless Network Name. Enter the Wireless Network Name (SSID) into the field. The SSID is the network
name shared among all devices in a wireless network. The SSID must be identical for all devices in the
wireless network. It is case-sensitive and must not exceed 32 alphanumeric characters, which may be any
keyboard character. For added security, Linksys recommends that you change the default SSID (linksys) to a
unique name of your choice.
• Wireless Channel. Select the appropriate channel from the list provided to correspond with your network
settings, between 1 and 13 (in most of Europe and between 1 and 11 in North America and South America).
All devices in your wireless network must use the same channel in order to function correctly.
Figure 6-11: Basic Wireless
Chapter 6: Configuring the Router
The Wireless Tab
26
Loading...