D-Link DI-604 User Manual
TM
D-Link Express EtherNetwork
4-Port Ethernet Broadband Router
Manual
DI-604
Building Networks for People
Contents
Introduction
Package Contents
........................................................................................ 3
......................................................................... 6
Hardware Description................................................................. 7
Reset
...................................................................................................... 8
Getting Started ................................................................................ 9
Configuring the DI-604
............................................................. 10
Using the Configuration Wizard......................................... 11
Using the Configuration Menu
............................................ 15
Troubleshooting............................................................................ 42
Networking Basics
...................................................................... 48
Technical Specifications.......................................................... 75
Contacting Technical Support
............................................. 77
Warranty and Registration..................................................... 78
-2-
Introduction
The D-Link Express EtherNetwork DI-604 is a 4-port Ethernet Broadband
Router. The D-Link DI-604 enables users to quickly and easily share a
high speed Internet connection. The D-Link DI-604 also incorporates
many advanced features, traditionally found in more expensive routers.
After completing the steps outlined in the Quick Installation Guide
(included in your package) you will have the ability to share a single
Internet connection as well as sharing information and resources such as
files and printers.
The DI-604 is compatible with most popular operating systems, including
Macintosh, Linux and Windows, and can be integrated into an existing
network. This Manual is designed to help you connect the D-Link
Express EtherNetwork DI-604 to a high speed Internet connection and 4
Ethernet PC connections.
This manual provides a quick introduction to Broadband Router
Technology, Firewalls, and Local Area Networking. Please take a moment
to read through this manual and get acquainted these various
technologies.
Features and Benefits
Broadband Modem and IP Sharing
Connects multiple computers to a Broadband (Cable or DSL) modem to
share the Internet connection.
Ethernet Switch
Allows you to quickly and easily share an Internet connection with multiple
computers and devices.
VPN supported
Supports multiple and concurrent IPSec and PPTP pass-through sessions,
so multiple users behind the DI-604 can access corporate networks
through various VPN clients more securely.
Advanced Firewall & Parental Control Features
The Web-Based user interface displays a number of advanced
management features including:
network
-3-
Content Filtering
Easily applied content filtering based on Mac Address, IP Address, URL
and/or Domain Name.
Filter Scheduling
These filters can also be scheduled to be active on certain days or for a
duration of hours or minutes.
Network Address Translation
NAT allows you to share a single IP Address and protects you from outside
intruders gaining access to your private network.
DHCP Server Supported
All of the networked computers can retrieve TCP/IP settings automatically
from the DI-604.
Web-Based Management
DI-604 is configurable through any network computer’s web browser using
Netscape or Internet Explorer.
Access Control Supported
Allows you to assign different access rights for different users.
Virtual Server Supported
Enables you to expose WWW, FTP and other services on your LAN to be
accessible to Internet users.
Special Application Supported
Special applications requiring multiple connections, like Internet gaming,
video conferencing, Internet telephony and so on. The DI-604 can sense
the application type and open a multi-port tunnel for it.
DMZ Host Supported
Allows a networked computer to be fully exposed to the Internet. This
function is used when the Special Application feature is insufficient to allow
an application to function correctly.
Technology Introduction
Introduction to Broadband Router Technology
A router is a device that forwards data packets from a source to a
destination. Routers forward data packets using IP addresses and not a
MAC address. A router will forward data from the Internet to a particular
computer on your LAN.
The information that makes up the Internet gets moved around using
routers. When you click on a link on a web page, you send a request to a
-4-
server to show you the next page. The information that is sent and
received from your computer is moved from your computer to the server
using routers. A router also determines the best route that your information
should follow to ensure that the information is delivered properly.
A router controls the amount of data that is sent through your network by
eliminating information that should not be there. This provides security for
the computers connected to your router, because computers from the
outside cannot access or send information directly to any computer on
your network. The router determines which computer the information
should be forwarded to and sends it. If the information is not intended for
any computer on your network, the data is discarded. This keeps any
unwanted or harmful information from accessing or damaging your
network.
Introduction to Firewalls
A firewall is a device that sits between your computer and the Internet that
prevents unauthorized access to or from your network. A firewall can be a
computer using firewall software or a special piece of hardware built
specifically to act as a firewall. In most circumstances, a firewall is used to
prevent unauthorized Internet users from accessing private networks or
corporate LAN’s and Intranets.
A firewall watches all of the information moving to and from your network
and analyzes each piece of data. Each piece of data is checked against a
set of criteria that the administrator configures. If any data does not meet
the criteria, that data is blocked and discarded. If the data meets
criteria, the data is passed through. This method is called packet filtering.
A firewall can also run specific security functions based on the type of
application or type of port that is being used. For example, a firewall can
be
configured to work with an FTP or Telnet server. Or a firewall can be
configured to work with specific UDP or TCP ports to allow certain
applications or games to work properly over the Internet.
the
Introduction to Local Area Networking
Local Area Networking (LAN) is the term used when connecting several
computers together over a small area such as a building or group of
buildings. LAN’s can be connected over large areas. A collection of LAN’s
connected over a large area is called a Wide Area Network (WAN).
A LAN consists of multiple computers connected to each other. There are
many types of media that can connect computers together. The most
common media is CAT5 cable (UTP or STP twisted pair wire.) On the
other hand, wireless networks do not use wires; instead they communicate
over radio waves. Each computer must have a Network Interface Card
(NIC), which communicates the data between computers. A NIC is usually
-5-
a 10Mbps network card, or 10/100Mbps network card, or a wireless
network card.
Most networks use hardware devices such as hubs or switches that each
cable can be connected to in order to continue the connection between
computers. A hub simply takes any data arriving through each port and
forwards the data to all other ports. A switch is more sophisticated, in that
a switch can determine the destination port for a specific piece of data. A
switch minimizes network traffic overhead and speeds up the
communication over a network.
Networks take some time in order to plan and implement correctly. There
are many ways to configure your network. You may want to take some
time to determine the best network set-up for your needs.
Package Contents
DI-604 Ethernet Broadband Router
Power Adapter
Ethernet Cable
Quick Installation Guide
Manual on CD
Note: Using a power supply with a different voltage rating will damage and void the warranty for this
product. If any of the above items are missing, please contact your reseller.
-6-
Hardware Description
Front Panel
Power
WAN
LAN
Power Power indicator will light Green.
WAN WAN status indicator will light Green when there is good
physical WAN connection.
LAN
Link/Act.
Link status indicators light Green. The LED flickers when the
corresponding port is sending or receiving data.
-7-
Hardware Description
Rear Panel
LAN
WAN
Reset
Power
Reset Used to restore the DI-604 back to factory default settings.
LAN
PORTS*
1-4
WAN* WAN port socket (CAT5 Ethernet RJ-45 cable). This is where
Power Connect one end of your included power adapter to the power
*All ports (both LAN & WAN) are Auto-MDIX. All ports auto-sense cable
types to accommodate Straight-through or Cross-over cable.
LAN port sockets (CAT5 Ethernet RJ-45 cable). The LED
glows steadily when a port is connected to a hub, switch or
network-adapter-equipped computer in your local area network
(LAN.)
you will connect your Cable or DSL modem.
port and the other end into your power outlet.
Reset
To reset the system settings to factory defaults, please follow these steps:
1. Leave the device powered on, do not disconnect the power
2. Press the reset button and hold (use a paper-clip)
3. Keep the button pressed about 10 seconds
4. Release the button
The DI-604 will then automatically reboot itself.
-8-
Getting Started
Installation Location
The DI-604 can be positioned at any convenient place in your office or
house. No special wiring or cooling requirements are needed. However,
you should comply with the following guidelines:
Place the DI-604 on a flat horizontal plane.
Keep away from any heating devices.
Do not place in a dusty or wet environment.
The recommended operational specifications of the DI-604 are:
Temperature 32
Humidity 5 % ~ 90 %
In addition, remember to turn off the power, remove the power cord from
the outlet, and keep your hands dry when you install the hardware.
o
F ~ 131o F
Network Settings
To use the DI-604 correctly, you have to properly configure the network
settings of your computers. The default IP address of the DI-604 is
192.168.0.1, and the default subnet mask is 255.255.255.0. These
addresses can be changed as needed, but the default values are used in
this manual. If the TCP/IP environment of your computer has not yet been
configured, you can refer to Configuring Your PCs to Connect to the
DI-604 to configure it.
For example:
1. Configure your computer IP as 192.168.0.3, subnet mask as
255.255.255.0 and gateway as 192.168.0.1
Or more conveniently
2. Configure your computers to obtain TCP/IP settings automatically
from the DHCP server feature of the DI-604
Since the IP address of the DI-604 is 192.168.0.1, the IP address of your
computer must be 192.168.0.X (where “X” is a number between 2 and
254.) Each computer on your network must have a different IP address
within that range. The default gateway must be 192.168.0.1 (the IP
address of the DI-604).
-9-
Configuring the DI-604
The DI-604 provides an embedded Web-based management utility
making it operating system independent. You can configure your DI-604
through the Netscape Communicator or Internet Explorer browser in MS
Windows, Macintosh, Linux or UNIX based platforms. All that is needed is
a web browser such as Internet Explorer or Netscape Navigator version 4
and higher with Java Script enabled.
Start-up and Log in
Activate your web browser and type in the IP address of the DI-604 into
the Location (for Netscape) or Address (for IE) field and press “Enter.” The
default IP address of the DI-604 is
192.168.0.1
For example: http://192.168.0.1
After the connection is established, the logon screen will pop up.
To log in as an administrator, enter the username of “
password (there are no default password, leave it blank). Click the
button. If the password is correct, the web-management interface will
appear.
admin
” and the
OK
-10-
Using the Configuration Wizard
The Setup Wizard screen will
appear. Follow the Wizard
step by step to quickly
configure the DI-604.
Click Next
It is recommended that you
change the admin password
for security purposes. Enter in
your new password. Enter it in
a second time for verification.
Click
Next
Click on the drop down box
arrow and select the
appropriate time zone for
your location.
Click Next
-11-
There will be three options to select from. Please select the appropriate
option that is used by your ISP.
Dynamic IP Address:
Cable users) Select this
option to obtain an IP address
automatically from your ISP.
Please see Dynamic IP
Address section.
Static IP Address: Select this
option to manually input the
IP address that your ISP
assigned to you. Please see
Static IP Address section.
(ex:
PPP over Ethernet (PPPoE)
(ex: DSL users) Select this option if your ISP requires the use of PPPoE to
connect to their services. Please see PPPoE section.
Once you have made the appropriate selection, click
:
Next
.
Dynamic IP Address
If you selected
If your ISP requires you to
enter a specific host name or
specific MAC address, please
enter it in. The CLONE MAC
Address button is used to
copy the MAC address of
your Ethernet adapter to the
DI-604 WAN interface.
Dynamic IP Address
, you will see the following page.
Click Next
-12-
Static IP Address
If you selected
Static IP Address
, you will see the following page.
Enter in the IP address
information provided to you
by your ISP. You will need to
enter in WAN IP Address,
WAN Subnet Mask, WAN
Gateway, and Primary DNS.
Click Next
PPPoE
If you select PPP over Ethernet (PPPoE), you will see the following
page.
Enter in the username and
password provided to you
by your ISP.
Enter in the Service Name
if your ISP uses a Service
Name for the PPPoE
connection.
Click Next
NOTE: Please be sure to remove any existing PPPoE client
software installed on your computers.
-13-
At this point, the Setup
Wizard has completed. Click
Restart to save the settings
and reboot the DI-604.
The DI-604 will save the
changes and reboot.
Click Close to close out the
Setup Wizard screen.
Your setup of the DI-604 is now complete. You should be able to access
the Internet.
-14-
Using the Configuration Menu
Setup Wizard
The Setup Wizard page is the first page that appears when logging into
the web-based management interface. The Setup Wizard is a utility used
to quickly configure the DI-604. It will guide you through four quick and
basic steps to help you connect to your ISP. You will be connected to your
ISP (Internet Service Provider) and have Internet access within minutes.
WAN
WAN is short for Wide Area Network. The WAN settings can be referred to
as the Public settings. All IP information in the WAN settings are public IP
addresses which are accessible on the Internet.
The WAN settings consist of three options: Dynamic IP Address, Static
IP Address
information needed to connect to your ISP.
, and
PPPoE
. Select the appropriate option and fill in the
-15-
HOME > WAN > DYNAMIC IP Address
Choose Dynamic IP Address to obtain IP address information
automatically from your ISP. Select this option if your ISP does not give
you any IP numbers to use. This option is commonly used for Cable
modem services.
Host Name:
ISPs. The host name is the device name of the Broadband Router.
MAC Address: The default MAC address is set to the WAN's physical
interface MAC address on the Broadband Router. You can use the "Clone
MAC Address" button to copy the MAC address of the Ethernet Card
installed by your ISP and replace the WAN MAC address with this MAC
address. It is not recommended that you change the default MAC address
unless required by your ISP.
The Host Name field is optional but may be required by some
-16-
HOME > WAN > Static IP Address
Choose Static IP Address if all WAN IP information is provided to you by
your ISP. You will need to enter in the IP address, subnet mask, gateway
address, and DNS address(es) provided to you by your ISP. Each IP
address entered in the fields must be in the appropriate IP form, which are
four IP octets separated by a dot (x.x.x.x). The Router will not accept the
IP address if it is not in this format.
IP Address: Public IP address provided by your ISP.
Subnet Mask: Subnet mask provided by your ISP.
ISP Gateway Address:
connecting to.
Primary DNS Address: Primary DNS (Domain Name Server) IP provided
by your ISP
Secondary DNS Address:
Public IP address of your ISP that you are
optional
-17-
HOME > WAN > PPPOE
Please be
sure sure to
remove any
existing
PPPoE Client
Software
installed on
your
computers.
1492
Choose PPPoE (Point to Point Protocol over Ethernet) if you’re ISP uses PPPoE
connection. Your ISP will provide you with a username and password. This option
is typically used for DSL services. Select Dynamic PPPoE to obtain an IP address
automatically for your PPPoE connection. Select Static PPPoE to use a static IP
address for your PPPoE connection.
Dynamic PPPoE:
PPPoE connection where you will receive an IP
address automatically from your ISP
Static PPPoE:
PPPoE connection where you have an assigned (static) IP
address
User Name:
Your PPPoE username provided by your ISP
Password: Your PPPoE password provided by your ISP
Retype Password: Re-enter PPPoE password
Service Name:
Enter the service name provided by your ISP. (optional)
IP Address: This option is only available for Static PPPoE. Enter in the
static IP address for the PPPoE connection.
Primary DNS Address: Primary DNS IP provided by your ISP
Secondary DNS Address: optional
-18-
Maximum Idle Time: The amount of time of inactivity before
disconnecting your PPPoE session. Enter a Maximum Idle Time (in
minutes) to define a maximum period of time for which the Internet
connection is maintained during inactivity. If the connection is inactive for
longer than the defined Maximum Idle Time, then the connection will be
dropped. Either set this to zero or enable Auto-reconnect to disable this
feature.
MTU:
connections, you may need to change the MTU settings in order to work
correctly with your ISP.
Auto-Reconnect: If enabled, the Broadband Router will automatically
connect to your ISP after your system is restarted or if the connection is
dropped.
MTU stands for Maximum Transmission Unit. For PPPoE
HOME > LAN
LAN is short for Local Area Network. This is considered your internal
network. These are the IP settings of the LAN interface for the DI-604.
These settings may be referred to as Private settings. You may change
the LAN IP address if needed. The LAN IP address is private to your
internal network and cannot be seen on the Internet.
IP Address: The IP address of the LAN interface. The default IP address
is 192.168.0.1.
Subnet Mask:
mask is 255.255.255.0.
Local Domain Name: This field is optional. Enter in the your local domain
name.
The subnet mask of the LAN interface. The default subnet
-19-
HOME > DHCP
DHCP stands for Dynamic Host Configuration Protocol. The DI-604 has a
built-in DHCP server. The DHCP Server will automatically assign an IP
address to the computers on the LAN/private network. Be sure to set your
computers to be DHCP clients by setting their TCP/IP settings to “Obtain
an IP Address Automatically.” When you turn your computers on, they will
automatically load the proper TCP/IP settings provided by the DI-604. The
DHCP Server will automatically allocate an unused IP address from the IP
address pool to the requesting computer. You must specify the starting
and ending address of the IP address pool.
Starting IP Address: The starting IP address for the DHCP server’s IP
assignment.
Ending IP Address: The ending IP address for the DHCP server’s IP
assignment.
Lease Time:
The length of time for the IP lease.
-20-
ADVANCED > VIRTUAL SERVER
The DI-604 can be configured as a virtual server so that remote users
accessing Web or FTP services via the public IP address can be
automatically redirected to local servers in the LAN network.
The DI-604 firewall feature filters out unrecognized packets to protect your
LAN network so all computers networked with the DI-604 are invisible to
the outside world. If you wish, you can make some of the LAN computers
accessible from the Internet by enabling Virtual Server. Depending on the
requested service, the DI-604 redirects the external service request to the
appropriate server within the LAN network.
The DI-604 is also capable of port-redirection meaning incoming traffic to
a particular port may be redirected to a different port on the server
computer.
-21-
Each virtual service that is created will be listed at the bottom of the
screen in the Virtual Servers List. There are already pre-defined virtual
services already in the table. You may use them by enabling them and
assigning the server IP to use that particular virtual service.
Name: The name referencing the virtual service.
Private IP:
The server computer in the LAN network that will be providing
the virtual services.
Private Port:
The port number of the service used by the Private IP
computer.
Protocol Type:
The protocol used for the virtual service.
Public Port: The port number on the WAN side that will be used to access
the virtual service.
Schedule:
The schedule of time when the virtual service will be enabled.
The schedule may be set to Always, which will allow the particular service
to always be enabled. If it is set to Time, select the time frame for the
service to be enabled. If the system time is outside of the scheduled time,
the service will we disabled.
Example #1:
If you have a Web server that you wanted Internet users to access at all
times, you would need to enable it. Web (HTTP) server is on LAN
computer 192.168.0.25. HTTP uses port 80, TCP.
Name: Web Server
Private IP: 192.168.0.25
Protocol Type: TCP
Private Port: 80
Public Port: 80
Schedule: always
Click on this icon to edit the virtual service.
Click on this icon to delete the virtual service.
-22-
Example #2:
If you have an FTP server that you wanted Internet users to access by
WAN port 2100 and only during the weekends, you would need to enable
it as such. FTP server is on LAN computer 192.168.0.30. FTP uses port
21, TCP.
Name: FTP Server
Private IP: 192.168.0.30
Protocol Type: TCP
Private Port: 21
Public Port: 2100
Schedule: From: 01:00AM to 01:00AM, Sat to Sun
All Internet users who want to access this FTP Server must connect to it from port
2100. This is an example of port redirection and can be useful in cases where
there are many of the same servers on the LAN network.
ADVANCED > APPLICATIONS
-23-
Some applications require multiple connections, such as Internet gaming,
video conferencing, Internet telephony and others. These applications
have difficulties working through NAT (Network Address Translation).
Special Applications makes some of these applications work with the
DI-604. If you need to run applications that require multiple connections,
specify the port normally associated with an application in the "Trigger
Port" field, select the protocol type as TCP or UDP, then enter the public
ports associated with the trigger port to open them for inbound traffic.
The DI-604 provides some predefined applications in the table on the
bottom of the web page. Select the application you want to use and
enable it.
Note! Only one PC can use each Special Application tunnel.
Trigger Name: This is the name referencing the special application.
Trigger Port:
either a single port or a range of ports.
Trigger Type:
Public Port: This is the port number on the WAN side that will be used to
access the application. You may define a single port or a range of ports.
You can use a comma to add multiple ports or a hyphen to add port
ranges.
Public Type:
This is the port used to trigger the application. It can be
This is the protocol used to trigger the special application.
This is the protocol used for the special application.
-24-
ADVANCED > FILTERS > IP FILTERS
Filters
Filters are used to deny or allow LAN computers from accessing the Internet. The
DI-604 can be setup to deny internal computers by their IP or MAC addresses.
The DI-604 can also block users from accessing restricted web sites.
IP Filters
Use IP Filters to deny LAN IP addresses from accessing the Internet. You can
deny specific port numbers or all ports for the specific IP address.
The IP address of the LAN computer that will be denied access to the Internet.
IP:
Port:
Schedule:
The single port or port range that will be denied access to the Internet.
This is the schedule of time when the IP Filter will be enabled.
-25-
Loading...