D-Link DI-804HV User Manual

Download

Page 1

D-Link

Broadband Hardware

VPN Router

DI-804HV

Manual

Building Networks for People

07/25/2003

Page 2

Package Contents ................................................................................3

Introduction............................................................................................4

Getting Started ....................................................................................10

Using the Configuration Menu.............................................................. 11

Networking Basics ..............................................................................68

Reset to Factory Default Settings ........................................................94

Technical Specifications ......................................................................95

Frequently Asked Questions ................................................................96

Contacting Technical Support ............................................................142

Warranty and Registration ................................................................. 143

Page 3

Package Contents

Contents of Package:



D-Link DI-804HV Broadband Hardware VPN Router

Power Adapter – 5V DC



Ethernet (CAT5-UTP/Straight-Through) Cable



Manual on CD



Quick Installation Guide



Note: Using a power supply with a different voltage rating than the one included with the DI-804HV will cause damage and void the warranty for this product.

If any of the above items are missing, please contact your reseller.

System Requirements For Configuration:

Ethernet-Based Cable or DSL Modem



Computer with Windows, Macintosh, or Linux-based



operating system with an installed Ethernet adapter

Internet Explorer version 6.x or Netscape Navigator



version 6.x and above, with JavaScript enabled

Page 4

Introduction

The D-Link DI-804HV is a 4-port Broadband Router with Virtual Private Network (VPN) functionality. It provides a complete solution for Internet surfing, office resources sharing, and secure access to remote corporate networks.. It is an ideal way to extend the reach and number of computers connected to your network.

After completing the steps outlined in the Quick Installation Guide (included in your package) you will have the ability to share information and resources.

The DI-804HV is compatible with most popular operating systems, including Macintosh, Linux and Windows, and can be integrated into a large network.

Page 5

Connections

All Ethernet ports auto-sense cable types to accommodate straight-through or cross-over cable.

WAN port is the connection for the Ethernet cable to the Cable or DSL modem

Receptor for the

Power Adapter

COM port provides

serial connection for dial-up analog modem.

LAN ports provide connections to Ethernetenabled devices.

Features & Benefits

Broadband modem and IP sharing



Connects multiple computers to a broadband (cable or DSL) modem to surf the Internet

Auto-sensing Ethernet Switch



Equipped with a 4-port auto-sensing Ethernet switch

Hardware VPN Termination Device



Supports up to 40 VPN Tunnels

VPN Pass-Through supported



Supports pass-through VPN sessions and allows you to setup VPN server and VPN clients

Firewall



Unwanted packets from outside intruders can be blocked to protect your network

DHCP server supported



All of the networked computers can retrieve TCP/IP settings automatically from the DI-804HV

Pressing the

Reset Button

restores the router to its original factory default settings.

Web-based configuration



Configurable through any networked computer’s web browser using Netscape or Internet Explorer

Page 6

Features & Benefits continued

Access Control supported



Allows you to assign different access rights for different users.

Packet filter supported



Packet Filter allows you to control access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP address of the source and destination.

Virtual Server supported



Enables you to expose WWW, FTP and other services on your LAN to be accessible to Internet users.

User-Definable Application Sensing Tunnel



You can define the attributes, for instance opening special ports to allow packets to come through, to support special applications requiring multiple connections, such as Internet gaming, video conferencing, and Internet telephony. The DI-804HV can sense the application type and open a multiport tunnel for it.

DMZ Host supported



Allows a networked computer to be fully exposed to the Internet; this function is used when the special “application-sensing tunnel feature” is insufficient to allow an application to function correctly.

Introduction to Broadband Router Technology

A router is a device that forwards data packets from a source to a destination. Routers forward data packets using IP addresses and not a MAC address. A router will forward data from the Internet to a particular computer on your LAN.

The information that resides on the Internet gets moved around using routers. When you click on a link on a web page, you send a request to a server to show you the next page. The information that is sent and received from your computer is moved from your computer to the server using routers. A router also determines the best route that your information should follow to ensure that the information is delivered properly.

A router controls the amount of data that is sent through your network by eliminating information that should not be there. This provides security for the computers connected to your router, because computers from the outside cannot access or send information directly to any computer on your network. The router determines which computer the information should be forwarded to and sends it. If the information is not intended for any computer on your network, the data is discarded. This keeps any unwanted or harmful information from accessing or damaging your network.

Page 7

Introduction to Firewalls

A firewall is a device that sits between your computer and the Internet that prevents unauthorized access to or from your network. A firewall can be a computer using firewall software or a special piece of hardware built specifically to act as a firewall. In most circumstances, a firewall is used to prevent unauthorized Internet users from accessing private networks or corporate LAN's and Intranets.

A firewall watches all of the information moving to and from your network and analyzes each piece of data. Each piece of data is checked against a set of criteria that the administrator configures. If any data does not meet the criteria, that data is blocked and discarded. If the data meets the criteria, the data is passed through. This method is called packet filtering.

A firewall can also run specific security functions based on the type of application or type of port that is being used. For example, a firewall can be configured to work with an FTP or Telnet server. Or a firewall can be configured to work with specific UDP or TCP ports to allow certain applications or games to work properly over the Internet.

Introduction to Local Area Networking

Local Area Networking (LAN) is the term used when connecting several computers together over a small area such as a building or group of buildings. LAN's can be connected over large areas. A collection of LAN's connected over a large area is called a Wide Area Network (WAN).

A LAN consists of multiple computers connected to each other. There are many types of media that can connect computers together. The most common media is CAT5 cable (UTP or STP twisted pair wire.) Each computer must have a Network Interface Card (NIC), which communicates the data between computers. A NIC is usually a 10Mbps network card, or 10/100Mbps network card, or a wireless network card. Wireless Local Area Networks (WLANs) do not use wires; instead they communicate over radio waves.

Most networks use hardware devices such as hubs or switches that each cable can be connected to in order to continue the connection between computers. A hub simply takes any data arriving through each port and forwards the data to all other ports. A switch is more sophisticated, in that a switch can determine the destination port for a specific piece of data. A switch minimizes network traffic overhead and speeds up the communication over a network.

Networks take some time in order to plan and implement correctly. There are many ways to configure your network. You may want to take some time to determine the best network set-up for your needs.

Page 8

Introduction to Virtual Private Networking

Virtual Private Networking (VPN) uses a publicly wired network (the Internet) to securely connect two different networks as if they were the same network. For example, an employee can access a corporate network from home using VPN, allowing the employee to access files, databases, and other networked resources. Here are several different implementations of VPN that can be used.

Point-to-Point Tunneling Protocol (PPTP)

PPTP uses proprietary means of connecting two private networks over the Internet. PPTP is a way of securing the information that is communicated between networks. PPTP secures information by encrypting the data inside of a packet.

IP Security (IPSec)

IPSec provides a more secure network-to-network connection across the Internet or a Wide Area Network (WAN). IPSec encrypts all communication between the client and server whereas PPTP only encrypts the data packets.

Both of these VPN implementations are used because there is not a standard for VPN server software. Because of this, each ISP or business can implement its own VPN network making interoperability a challenge.

Page 9

LEDS

LED stands for Light-Emitting Diode. The DI-804HV has the following LEDs

as described below:

LED

Power

M1 LED

M2 LED

WAN

COM

LOCAL NETWORK (Ports 1-4)

LED Activity

A steady light indicates a connection to a power sourcea power source

Flashes once per second to indicate an active system

Lights up when the device has an Internet connection

A solid light indicates connection on the WAN port. This LED blinks during data transmission

A solid light indicates a connection to an external dial-up analog modem

A solid light indicates a connection to an Ethernet-enabled computer on ports 1-4. This LED blinks during data transmission

Page 10

Getting Started

For additional information about setting up a network, see:

Networking Basics

Using the Configuration Menu

For a typical network setup in a home or small office (as shown above), please do the following:

You will need broadband Internet access (a Cable or DSL subscription line into your home or office).

Consult with your Cable or DSL provider for proper installation of the modem.

Connect the Cable or DSL modem to the DI-804HV wireless broadband router (see the Quick Installation Guide included with the DI-804HV.)

If you are connecting a desktop computer to your network and you need an Ethernet connection, you can install the D-Link DFE-530TX+ Ethernet adapter into an available PCI slot. (See the Quick Installation Guide included with the DFE-530TX+.)

If you are connecting a laptop computer to your network, install the drivers for the Ethernet Cardbus adapter (e.g., D-Link DFE-690TXD) into a laptop computer.(See the Quick Installation Guide included with the DFE-690TXD.)

You may connect an analog modem (optional) to function as a backup to the DI804HV. To use a backup modem, you must have dial-up service.

Page 11

Using the Configuration Menu

Whenever you want to configure your network or the DI-804HV, you can access the Configuration Menu by opening the web-browser (i.e., Internet Explorer or Netscape Navigator) and typing in the IP Address of the DI-804HV. The DI-804HV default IP Address is shown below:

 Open the web browser  Type in the IP Address of

the DI-804HV (http://192.168.0.1)

Note: If you have changed the default IP Address assigned to the DI-804HV, make sure to enter the correct IP Address.

The factory default User name is admin and the default Password is blank (empty). It is recommended that you

change the admin password for security purposes. Please refer to Tools>Admin to change the admin password.

Home > Wizard

The Home>Wizard screen will appear. Please refer to the Quick Installation Guide for more information regarding the Setup Wizard.

http://192.168.0.1

Apply

Cancel

Help

Restart

Clicking Apply will save changes made to the page

Clicking Cancel will clear changes made to the page

Clicking Help will bring up helpful information regarding the page

Clicking Restart will restart the router. (Necessary for some changes.)

Page 12

Using the Configuration Menu

Setup Wizard

Once you have logged in, the

Home screen will appear.

Click Run Wizard

The welcome screen outlines the steps to complete the setup

wizard. Click Next to continue.

Click Next

Page 13

Using the Configuration Menu

Setup Wizard > Set Password

Click Next

Old Password-

New Password-

Reconfirm-

This information is masked.

Type in the new password for the admin account.

Type in the new password again to confirm. Click Next to continue with the Setup Wizard.

Page 14

Using the Configuration Menu

Setup Wizard > Time Zone

Select the appropriate time zone for your location-

Select the proper time zone. Selections can be made by clicking on the drop down list.

Click Next to continue.

Click Next

Setup Wizard > Connection Type (WAN)

Select Your Internet Connection-

You will be prompted to select the type of internet connection for your router. Choose the appropriate selection and click

Next to continue.

Click Next

If you are unsure of which setting to select, please contact your Internet Service Provider.

Select Others only if you use PPTP in Europe or Big Pond Cable in Australia.

Page 15

Using the Configuration Menu

Setup Wizard > Set Dynamic IP Address

Click Next

If your ISP uses Dynamic IP Address, this screen will appear: (Used mainly for Cable Internet service.)

Host Name-

MAC Address-

Clone MAC Address-

Host name is the section where you input the name of your ISP. This section is optional and is not required to be filled in.

Each network adapter has a discrete Media Access Control (MAC) address. Note that some computer and peripherals may

already include built-in network adapter.

By clicking on Clone MAC Address, the DI-804HV will automatically copy the MAC address of the network adapter in your computer. You can also manually type in the MAC address.

Click Next to continue.

Page 16

Using the Configuration Menu

Setup Wizard > Set Static IP Address

Click Next

If your ISP uses a Static IP Address, and this option is selected, then this screen will appear.

WAN IP Address-

WAN Subnet Mask-

WAN Gateway-

Primary DNS-

Secondary DNS-

If your ISP requires a Static IP Address, and this option is selected, then this screen appear. Enter the IP address information originally provided to you by your ISP. You will need to

complete all the required fields.

The subnet for the DI-804HV is preconfigured to 255.255.255.0. Configurations can be made in, but not recommended. This

feature is for advanced users.

This information is provided by your ISP.

The Primary DNS can be found by contacting the ISP.

The Secondary DNS can be found by contacting the ISP.

Page 17

Using the Configuration Menu

Setup Wizard > PPPoE

Click Next

If your ISP uses PPPoE (Point-to-Point Protocol over Ethernet), and this option is selected, then this screen will appear: (Used mainly for DSL Internet service.)

PPPoE Account-

PPPoE Password-

PPPoE Service Name-

Enter in the username provided to you by your ISP.

Enter in the password provided to you by your ISP.

Enter in the name of your service provider. This is an optional field and is not necessary to be filled in.

Page 18

Using the Configuration Menu

Setup Wizard

Click Next

Configure this section only if you have an analog dial-up account. Otherwise click Next to skip.

Dial-up Telephone-

Dial-up Account-

Dial-up Password-

Primary DNS-

Secondary DNS-

Enter the telephone number to connect to your ISP.

This information is provided by your ISP. The Dial-up Account is also known as username.

Enter in the password to log into your Dial-up account.

The Primary DNS can be found by contacting the ISP.

The Secondary DNS can be found by contacting the ISP.

Page 19

Using the Configuration Menu

Setup Wizard

Click Restart

Back-

Restart-

Exit-

Click on Back button to go back to previous page.

Click on Restart button to finalize the settings made.

Click on Exit button to end the Setup Wizard without saving any changes.

Page 20

Using the Configuration Menu

Home > WAN

Choose WAN Type

WAN stands for Wide Area Network. In this case WAN represents the mode in which

you connect to the Internet. If you are uncertain, please ask your ISP which of the following represents your connection mode to the Internet:

Dynamic IP Address-

Static IP Address-

PPPoE-

Dial-up Network -

Others-

PPTP-

Big Pond Cable-

Obtain an IP address from your ISP automatically (mainly for Cable users)

Your ISP assigns you a Static IP Address

Some ISPs require the use of PPPoE to connect to their services (mainly for DSL users)

Dial-up users can select this option to connect to their ISP through an analog dial-up modem if broadband connectivity is unavailable.

For use in Europe only

For use in Australia only

Page 21

Using the Configuration Menu

Home > WAN > Dynamic IP Address

Most Cable modem users will select this option to obtain an IP from their ISP (Internet Service Provider).

Host Name-

MAC Address-

This is optional, but may be required by some ISPs. The host name is the device name of the Router.

The default MAC Address is set to the WAN’s physical interface MAC address on the Router.

Clone MAC Address-

This feature will copy the MAC address of the Ethernet card, and replace the WAN MAC address of the Router with this Ethernet card MAC address. It is not recommended that you change the default MAC address unless required by your ISP.

Primary DNS Address-

Input the primary DNS address provided by your ISP

Secondary DNS Address-

MTU-

Auto-reconnect -

Auto-backup -

(Optional) Input the Secondary DNS address provided by your ISP.

Maximum Transmission Unit; default is 1500; you may need to change the MTU to conform to your ISP.

If enabled, the Broadband Router will automatically connect to your ISP after your system is restarted or if the connection is dropped. Enabling this feature will connect your router to the Internet using a dial-up service if your broadband connection becomes unavailable. A subscription to a dial-up service is required for the autobackup to work.

Address automatically

Page 22

Using the Configuration Menu

Home > WAN > Static IP Address

If you use a Static IP Address, you will input information here that your ISP has provided to you.

IP Address-

Subnet Mask-

ISP Gateway Address-

Primary DNS Address-

Secondary DNS Address-

MTU-

Input the IP Address provided by your ISP

Input the Subnet Mask provided by your ISP

Input the Gateway address provided by your ISP

Input the primary DNS address provided by your ISP

(Optional) Input the Secondary DNS address provided by your ISP.

Maximum Transmission Unit; default is 1500; you may need to change the MTU to conform to your ISP.

Page 23

Using the Configuration Menu

Home > WAN > PPPoE

Most DSL users will select this option to obtain an IP address automatically from their ISP through the use of PPPoE.

User Name-

Password-

Service Name-

IP Address-

Primary DNS Address-

Maximum Idle Time-

MTU-

Your PPPoE username provided by your ISP

Your PPPoE password is provided by your ISP

(Optional) Check with your ISP for more information if they require the use of service name.

(Optional) Enter in the IP Address if you are assigned a static PPPoE address.

You will get the DNS IP automatically from your ISP but you may enter a specific DNS address that you want to use instead.

(Optional) Input the secondary DNS address

Enter a maximum idle time during which Internet connection is maintained during inactivity. To disable this feature, enable Auto-

reconnect. Maximum Transmission Unit; default is 1492; you may need to

change the MTU to conform to your ISP.

Page 24

Using the Configuration Menu

Home > WAN > Dial-up Network

Most Dial-up users will select this option to connect to their ISP through an analog dial-up modem. This feature can be used as a back-up when your broadband connectivity is unavailable.

Dial-up Telephone -

Dial-up Account-

Dial-up Password-

Primary DNSSeconday DNS-

Assigned IP Address-

Extra Settings-

Maximum Idle Time-

Baud Rate-

Telephone number to connect to your ISP

Username provided by your ISP

Password provided by your ISP

If the settings are configured as “0.0.0.0,” they will be automatically assigned upon connection.

(Optional) Enter in the IP Address if you are assigned a static PPPoE address.

This setting is used to optimize the communication quality between the ISP and your analog dial-up modem. (Initialization string) - optional.

Enter a maximum idle time during which Internet connection is maintained during inactivity. To disable this feature, enable Auto-reconnect.

The communication speed between the DI-804HV and your modem.

Page 25

Using the Configuration Menu

Home > WAN > PPTP

Point-to-Point Tunneling Protocol (PPTP) is a WAN connection used in Europe.

My IP Address-

My Subnet Mask-

Server IP Address-

PPTP Account-

PPTP Password-

Connection ID-

Maximum Idle Time-

Enter the IP Address

Enter the Subnet Mask

Enter the Server IP Address

Enter the PPTP account name

Enter the PPTP password

(Optional) Enter the connection ID if required by your ISP

Enter a maximum idle time during which Internet connection is maintained during inactivity. To disable this feature, enable Auto-

reconnect.

Page 26

Using the Configuration Menu

Home > WAN > BigPond Cable

Dynamic IP Address for BigPond is a WAN connection used in Australia.

User Name-

Password-

Renew IP forever-

Enter in the username for the BigPond account

Enter the password for the BigPond account

(Optional) enter the Login Server name if required

If enabled, the device will automatically connect to your ISP after your unit is restarted or when the connection is dropped.

Page 27

Using the Configuration Menu

Home > LAN

LAN (Local Area

Network). This is considered your internal network. These are the IP settings of the LAN interface for the DI804HV. These settings may be referred to as Private settings. You may change the LAN IP address if needed. The LAN IP address is private to your internal network and cannot be seen on the Internet.

LAN IP Address-

Subnet Mask-

Domain Name-

The IP address of the LAN interface. The default IP address is: 192.168.0.1

The subnet mask of the LAN interface. The default subnet mask is 255.255.255.0.

(Optional) The name of your local domain

Page 28

Using the Configuration Menu

Home >DHCP

DHCP stands for Dynamic Host Control Protocol. The DI-804HV has a built-in DHCP

server. The DHCP Server will automatically assign an IP address to the computers on the LAN/private network. Be sure to set your computers to be DHCP clients by setting their TCP/IP settings to “Obtain an IP Address Automatically.” When you turn your computers on, they will automatically load the proper TCP/IP settings provided by the DI-804HV. The DHCP Server will automatically allocate an unused IP address from the IP address pool to the requesting computer. You must specify the starting and ending

address of the IP address pool.

DHCP Server-

Enable or disable the DHCP service.

Starting IP Address-

The starting IP address for the DHCP server’s IP assignment.

Ending IP Address-

Lease Time-

The ending IP address for the DHCP server’s IP assignment.

The length of time for the DHCP lease.

DHCP Clients List- Lists the DHCP clients connected to the DI-804HV. Click

Refresh to update the list. The table will show the Host Name,

IP Address, and MAC Address of the DHCP client computer.

Page 29

Using the Configuration Menu

Home >VPN Settings

VPN Settings are settings that are used to create virtual private tunnels to remote

VPN gateways. The tunnel technology supports data confidentiality, data origin, authentication and data integrity of network information by utilizing encapsulation protocols, encryption algorithms, and hashing algorithms.

VPN -

NetBIOS broadcast-

Max. number of tunnels-

Tunnel Name-

Method-

More-

Check here to enable VPN tunnels. When you are not using the VPN feature, it is best to keep VPN disabled.

Enable this to allow NetBIOS braodcast over the VPN tunnels.

Select the maximum number of allowable tunnels.

Create a name for the tunnel.

IPSec VPN supports two kinds of key-obtained methods: manual key and automatic key exchange. Manual key approach indicates that the two endpoint VPN gateways require setting up authentication and encryption key by the Administrator manually. However, IKE approach will perform automatic Internet key exchange. Admins of both endpoint gateways will only need to set the same pre-shared key.

For more in depth configuration to adjust manual key or IKE method settings, click

More.

Page 30

Using the Configuration Menu

Home >VPN Settings > Tunnel > Method>IKE

Tunnel Name-

Aggressive Mode-

Local Subnet-

Local Netmask-

Remote Subnet-

Remote Netmask-

Remote Gateway-

Preshared Key-

IKE Proposal index-

IPSec Proposal index-

Current tunnel name.

Enabling this mode will accelerate establishing tunnel, but the device will have less security.

The subnet of the VPN gateway’s local network. It can be a host, a partial subnet or a whole subnet.

Local netmask combined with local subnet to form a subnet domain.

The subnet of the remote VPN gateway’s local network. It can be a host, a partial subnet or a whole subnet.

The WAN IP address of remote VPN gateway.

The first key that supports IKE mechanism of both VPN gateways for negotiating further security keys. The preshared key must be the same for both endpoint gateways.

Click the button to setup a set of frequent-used IKE proposals and select from the set of IKE proposals for the tunnel.

Click the button to setup a set of frequent-used IPSec proposals and select from the set of IKE proposals for the tunnel.

Page 31

Using the Configuration Menu

Home >VPN Settings > Tunnel > Method > IKE > Select IKE Proposal

IKE Proposal index-

Proposal Name-

DH Group-

Encrypt algorithm-

Auth algorithm-

A list of selected proposal indexes from the IKE proposal pool listed below.

This is the name used to classify the IKE proposal.

There are three groups can be selected: group 1 (MODP768), group 2 (MODP1024), group 5 (MODP1536).

There are two algorithms that can be selected: 3DES and DES.

There are two algorithms that can be selected: SHA1 and MD5.

Page 32

Using the Configuration Menu

Home >VPN Settings > Tunnel > Method > IKE > Select IKE Proposal

Continued...

Life Time-

Life Time Unit-

Proposal ID-

Add to-

Enter in the life time value.

There are two units that can be selected: second and KB.

The identifier of IKE proposal can be chosen for adding corresponding proposal to the dedicated tunnel.

Click it to add the chosen proposal indicated by proposal ID to IKE Proposal index list.

Page 33

Using the Configuration Menu

Home >VPN Settings > Tunnel > Method > IKE > Select IPSEC Proposal

IPSec Proposal index-

Proposal Name-

DH Group-

Encap protocol-

Encrypt algorithm-

Auth algorithm-

A list of selected proposal indexes from the IPSec proposal pool listed below.

This is the name used to classify the IPSec Proposal

There are three groups that can be selected: group 1 (MODP768), group 2 (MODP1024), group 5 (MODP1536).

There are two protocols that can be selected: ESP and AH.

There are two algorithms that can be selected: 3DES and DES.

There are two algorithms that can be selected: SHA1 and MD5.

Page 34

Using the Configuration Menu

Home >VPN Settings > Tunnel > Method > IKE > Select IPSEC Proposal

Continued...

Life Time-

Life Time Unit-

Proposal ID-

Add to-

Enter in a life time value.

There are two units that can be selected: second and KB.

The identifier of IPSec proposal can be chosen for adding the proposal to the dedicated tunnel.

Click it to add the chosen proposal indicated by proposal ID to IPSec Proposal index list.

Page 35

Using the Configuration Menu

Home >VPN Settings > Tunnel > Manual

Tunnel Name-

Aggressive Mode-

Local Subnet-

Local Netmask-

Remote Subnet-

Remote Netmask-

Remote Gateway-

Method-

Local SPI-

Remote SPI-

Current tunnel name.

Enabling this mode will accelerate establishing tunnel, but the device will have less security.

The subnet of the VPN gateway’s local network. It can be a host, a partial subnet or a whole subnet.

Local netmask combined with local subnet to form a subnet domain.

The subnet of the remote VPN gateway’s local network. It can be a host, a partial subnet or a whole subnet.

The WAN IP address of remote VPN gateway.

The set of rules applied when connecting to the VPN gateway.

The value of the local SPI should be set in hex format.

The value of the remote SPI should be set in hex format.

Page 36

Using the Configuration Menu

Home >VPN Settings > Tunnel > Manual Continued...

Encapsulation Protocol-

There are two protocols that can be selected: ESP and AH.

Encryption Algorithm-

Encryption Key-

Authentication Algorithm-

Authentication Key-

Life Time-

Life Time Unit-

There are two algorithms that can be selected: 3DES and DES.

For DES, the encryption key is 8 bytes (16 Char.). For 3DES, the encryption key is 24 bytes (48 Char.).

There are two algorithms that can be selected: SHA1 and MD5.

For MD5, the authentication algorithm is16 bytes (32 Char.). For SHA1, the authentication algorithm is 20 bytes.(40 Char.).

Enter in the life time value.

There are two units that can be selected: Second and KB.

Page 37

Using the Configuration Menu

Home >VPN Settings > Dynamic VPN Tunnel

VPN Settings - IKE-

Tunnel Name-

Dynamic VPN-

Aggressive Mode-

Local Subnet-

Local Netmask-

There are three parts that are necessary to setup the configuration of IKE for the dedicated tunnel: basic setup, IKE proposal setup, and IPSec proposal setup. Basic setup includes the setting of following items: local subnet, local netmask, remote subnet, remote netmask, remote gateway, and pre-shared key. The tunnel name is derived from previous page of VPN setting. IKE proposal setup includes the setting of a set of frequent-used IKE proposals and selecting from the set of IKE proposals.

Current tunnel name.

This feature works with a VPN software client so the DI-804HV does not need to know the IP address of the remote clients.

Enabling this mode will accelerate establishing the tunnel, but the device will have less security.

The subnet of the VPN gateway’s local network. It can be a host, a partial subnet or a whole subnet.

The netmask of the VPN gateway’s local network.

Page 38

Using the Configuration Menu

Home >VPN Settings > Dynamic VPN Tunnel Continued...

Preshared Key-

IKE Proposal index-

IPSec Proposal index-

The first key that supports IKE mechanism of both VPN gateways for negotiating further security keys. The preshared key must be the same for both endpoint gateways.

Click the button to setup a set of frequent-used IKE proposals and select from the set of IKE proposals for the

dedicated tunnel.

Click the button to setup a set of frequent-used IPSec proposals and select from the set of IKE proposals for the dedicated tunnel.

Page 39

Using the Configuration Menu

Home >VPN Settings > Dynamic VPN Tunnel > Set IKE Proposal

IKE Proposal index-

Proposal Name-

DH Group-

Encrypt algorithm-

Auth algorithm-

A list of selected proposal indexes from the IKE proposal pool listed below.

It indicates which IKE proposal to be focused. First char of the name with 0x00 value stands for the IKE proposal is not

available.

There are three groups can be selected: group 1 (MODP768), group 2 (MODP1024), group 5 (MODP1536).

There are two algorithms that can be selected: 3DES and DES.

There are two algorithms that can be selected: SHA1 and MD5.

Page 40

Using the Configuration Menu

Home >VPN Settings > Dynamic VPN Tunnel > Set IKE Proposal

Continued...

Life Time-

Life Time Unit-

Proposal ID-

Add to-

Enter in the life time value.

There are two units that can be selected: second and KB.

The identifier of IKE proposal can be chosen for adding corresponding proposal to the dedicated tunnel.

Click it to add the chosen proposal indicated by proposal ID to IKE Proposal index list.

Page 41

Using the Configuration Menu

Home >VPN Settings > Dynamic VPN Tunnel > Set IPSEC Proposal

IPSec Proposal index-

Proposal Name-

DH Group-

Encap protocol-

Encrypt algorithm-

Auth algorithm-

A list of selected proposal indexes from the IPSec proposal pool listed below.

This is the name used to classify the IPSec proposal.

There are three groups that can be selected: group 1 (MODP768), group 2 (MODP1024), group 5 (MODP1536).

There are two protocols that can be selected: ESP and AH.

There are two algorithms that can be selected: 3DES and DES.

There are two algorithms that can be selected: SHA1 and MD5.

Page 42

Using the Configuration Menu

Home >VPN Settings > Dynamic VPN Tunnel > Set IPSEC Proposal

Continued...

Life Time-

Life Time Unit-

Proposal ID-

Add to-

Enter in a life time value.

There are two units that can be selected: second and KB.

The identifier of IPSec proposal can be chosen for adding the proposal to the dedicated tunnel.

Click it to add the chosen proposal indicated by proposal ID to IPSec Proposal index list.

Page 43

Using the Configuration Menu

Home >VPN Settings > L2TP Server Setting

Enable L2TP Server-

Virtual IP of L2TP Server-

Authentication Protocol-

Tunnel Name-

User Name-

Password-

Click to enable the L2TP Server function.

Enter your Virtual IP address to access the L2PT server.

Select one of the following authentication protocols: PAP, CHAP, MSCHAP.

Current tunnel name.

Enter in the username for the L2TP account.

Enter in the password for the L2TP account.

Page 44

Using the Configuration Menu

Home >VPN Settings >PPTP Server Setting

Enable PPTP Server-

Virtual IP of PPTP Server-

Authentication Protocol-

Tunnel Name-

User Name-

Password-

Click to enable the PPTP Server function.

Enter your Virtual IP address to access thePPPT server.

Select one of the following authentication protocols: PAP, CHAP, MSCHAP.

Current tunnel name.

Enter in the username for the PPTP account.

Enter in the password for the PPTP account.

Page 45

Using the Configuration Menu

Advanced > Virtual Server

The DI-804HV can be configured as a virtual server so that remote users accessing Web or FTP services via the public IP address can be automatically redirected to local servers in the LAN (Local Area Network).

The DI-804HV firewall feature filters out unrecognized packets to protect your LAN network so all computers networked with the DI-804HV are invisible to the outside world. If you wish, you can make some of the LAN computers accessible from the Internet by enabling Virtual Server. Depending on the requested service, the DI-804HV redirects the external service request to the appropriate server within the LAN network.

Name- The name referencing the virtual service.

Private IP-

Protocol Type-

Private Port-

The server computer in the LAN network that will be providing the virtual services.

The protocol used for the virtual service.

The port number of the service used by the Private IP computer.

Public Port- The port number on the WAN side that will be used to access

the virtual service.

Schedule- Select Always, or choose From and enter the time period dur-

ing which the virtual service will be available

Page 46

Using the Configuration Menu

Advanced > Application

Some applications require multiple connections, such as Internet gaming, video conferencing, Internet telephony and others. These applications have difficulties working through NAT (Network Address Translation). Special Applications makes some of these applications work with the DI-804HV. If you need to run applications that require multiple connections, specify the port normally associated with an application in the Trigger field, then enter the public ports associated with the trigger port into the Incoming Ports field.

At the bottom of the screen, there are already defined special applications. To use them, select one from the drop down list and select an ID number you want to use. Then click the “Copy to” button and the router will fill in the appropriate information to the list. You will then need to enable the service. If the mechanism of Special Applications fails to make an application work, try using DMZ host instead.

Note! Only one PC can use each Special Application tunnel.

Enabled-

Trigger Port-

Public Ports-

Select to activate the policy

This is the port used to trigger the application. It can be either a single port or a range of ports.

This is the port number on the WAN side that will be used to access the application. You may define a single port or a range of ports. You can use a comma to add multiple ports or port ranges.

Page 47

Using the Configuration Menu

Advanced > IP Filter

Use IP (Internet Protocol) filters to allow or deny computers access to the Internet based on their IP address.

IP Filter-

Use IP Filters to deny LAN IP addresses access to the internet

Enabled or Disabled-

Click Enabled to apply the filter policy or click Disabled to enter an inactive filter policy (You can reactivate the policy later.)

IP Address-

Enter in the IP address range of the computers that you want the policy to apply to. If it is only a single computer that you want the policy applied to, then enter the IP address of that computer in the Start Source IP and leave the End Source IP blank.

Port Range-

Enter in the port range of the TCP/UDP ports that you want the policy to apply to. If it is only a single port that you want the policy applied to, then enter the port number in the Start Port field and leave the End Port field blank. If you want to use all the ports, you can leave the port range empty.

Schedule-

Select Always, or choose From and enter the time period during which the IP filter policy will be in effect.

Page 48

Using the Configuration Menu

Advanced > MAC Filters

MAC (Media Access Control) Filters are used to deny or allow LAN (Local Area Network) computers from accessing the Internet and network by their MAC address.

At the bottom of the screen, there is a list of MAC addresses from the DHCP client computers connected to the DI-804HV. To use them, select one from the drop down list. Then click the “Apply” button and the DI-804HV will fill in the appropriate information to the list.

Disabled MAC Filter- Select this option if you do not want to use MAC filters.

Only allow computers with MAC address listed below to access the network-

Select this option to only allow computers that are in the list to access the network and Internet. All other computers will be denied access to the network and Internet.

Only deny computers with MAC address listed below to access the network-

Select this option to only deny computers that are in the list to access the network and Internet. All other computers will be allowed access to the network and Internet.

MAC Address-

Enter the MAC Address of the client that will be filtered

Page 49

Using the Configuration Menu

Advanced > URL Blocking

Use URL Blocking to deny LAN computers from accessing specific web sites by its URL. A URL is a specially formatted text string that defines a location on the Internet. If any part of the URL contains the blocked word, the site will not be accessible and the web page will not display.

Disabled URL Blocking-

Select this option if you do not want to use URL Blocking.

Page 50

Using the Configuration Menu

Advanced > Domain Blocking

Use Domain Blocking to allow or deny computers access to specific Internet domains whether it is through www, ftp, snmp, etc.

Disabled Domain Blocking-

Select this option if you do not want to use Domain Blocking.

Allow users to access all domains except “Blocked Domains”-

Select this option to allow users to access the specified Internet domains listed below. Users will be denied access to all other Internet domains.

Deny users to access all domains except “Permitted Domains”-

Select this option to deny users to access the specified Internet domains listed below. Users will be allowed access to all other Internet domains.

Page 51

Using the Configuration Menu

Advanced > Firewall

Firewall Rules is an advance feature used to deny or allow traffic from passing through the device. It works in the same way as IP Filters with additional settings. You can create more detailed rules for the device.

Enabled or Disabled-

Click Enabled to apply the filter policy or click Disabled to enter an inactive filter policy (You can reactivate the policy later).

Name-

Enter the name of the Firewall Rule.

Action-

Select Allow or Deny to allow or deny traffic to pass through the DI-804HV.

Source-

Choose between a LAN or WAN source. An asterisk signifies the selection of both sources.

IP Start-

The starting IP address for the filter policy. Leaving the field blank selects all IPs.

IP End-

The ending IP address for the filter policy. Leaving the field blank sleects all IPs.

Destination-

Choose between a LAN or WAN destination. An asterisk signifies the selection of both destinations.

Page 52

Using the Configuration Menu

Advanced > Firewall Continued

IP Address-

Protocol-

Select one of the following protocols: TCP, UDP, or ICMP

Port Range-

Schedule-

Select Always, or choose From and enter the time period during which the virtual ser- vice will be available

Page 53

Using the Configuration Menu

Advanced > SNMP

SNMP (Simple Network Management Protocol) is a widely used network monitoring and control protocol that reports activity on each network device to the administrator of the network. SNMP can be used to monitor traffic and statistics of the DI-804HV. The DI804HV supports SNMP v1 or v2c

Enable SNMP-

Local-

Remote-

Get Community-

Set Community-

SNMP v1-

SNMP v2-

(Simple Network Management Protocol)

LAN (Local Area Network)

WAN (Wide Area Network)

Enter the password public in this field to allow “Read only” access to network administration using SNMP. You can view the network, but no configuration is possible wth this setting.

Enter the password private in this field to gain “Read and Write” access to the network using SNMP software. The administrator can configure the network with this setting.

Simple Network Management Protocol (SNMP) is an applica-

tion layer protocl that facilitates the exchange of management

information between nework devices.

Enhanced version of SNMP v1 with additional protocol opera-

tions such as UDP, IP, CLNS, DDP, and IPX.

Page 54

Using the Configuration Menu

Tools > DDNS

DDNS (Dynamic Domain Name System) keeps dynamic IP addresses (e.g., IP addresses assigned by a DHCP capable router or server) linked to a domain name. Users who have a Dynamic DNS account may use this feature on the DI-804HV.

DDNS- When an IP address is automatically assigned by a DHCP server,

DDNS automatically updates the DNS server. Select Disabled or Enabled

Provider-

Host Name-

Username/Email-

Password/Key-

Select from the pull-down menu

Enter the Host name

Enter the username or email address

Enter the password or key

Page 55

Using the Configuration Menu

Advanced > Routing

Dynamic Routing-

RIP v1-

RIP v2-

Dynamic Routing Settings allow the VPN Router to route IP packets to another network automatically. The RIP protocol is applied, and broadcasts the routing information to other routers on the network regularly. By default, it is set to disable. Check to enable (RIPv1 / RIPv2) protocol.

Protocol in which the IP address is routed through the internet.

Enhanced version of RIP v1with added features such as Authentication, Routing Domain, Next Hop Fowarding, and Subnetmask Exchange.

Page 56

Using the Configuration Menu

Advanced > DMZ

If you have a computer that cannot run Internet applications properly from behind the DI-804HV, then you can allow that computer to have unrestricted Internet access. Enter the IP address of that computer as a DMZ (Demilitarized Zone) host with unrestricted Internet access. Adding a client to the DMZ may expose that computer to a variety of security risks; so only use this option as a last resort.

Page 57

Using the Configuration Menu

Tools> Admin

You can change the admin and user passwords here. It is recommended that you change the admin password from the default setting. The default passwords are blank (no password).

Password-

Remote Management-

IP Address-

Port-

To change the passwords, enter the new password twice to confirm.

Remote Management allows the device to be configured through the WAN (Wide Area Network) port from the Internet using a web browser. A username and password is still required to access the browser-based management interface.

Internet IP Address of the computer that has access to the DI-804HV. If the IP Address is set to 0.0.0.0, this allows all Internet IP addresses to access the DI-804HV.

The port number used to access the DI-804HV. E.g., http://x.x.x.x:8080, where x.x.x.x. is the WAN IP address of the DI-804HV and 8080 is the port used for the Web Management interface.

Page 58

Using the Configuration Menu

Tools> Time

Set the time here by entering it manually or use NTP (Network Time Protocol.) NTP is standard protocol on the Internet that synchronizes the time settings accurately for the DI-804HV.

Enable NTP-

Default NTP server-

Time Zone-

Set Device Date and Time-

Select to enable NTP and synchronize the time settings on your network using an NTP server

If you are enabling NTP, please enter the link to the default server.

Select your time zone from the pull-down menu

If you are entering the time manually, select the correct Year; Month; Day; Hour; Minute and Second

Page 59

Using the Configuration Menu

Tools > System

The current system settings can be saved as a file onto the local hard drive. The saved file or any other saved setting file created by the DI-804HV can be uploaded into the unit. To reload a system settings file, click on Browse to search the local hard drive for the file to be used. The device can also be reset back to factory default settings by clicking on the Reset to Default button. Use the restore feature only if necessary. This will erase previously saved settings for the unit. Make sure to save your system settings to the hard drive before doing a factory restore.

Save Settings to Local Hard Drive-

Load Settings from Local Hard Drive-

Restore to Factory Default Settings-

Click Backup Setting to save the current settings to the local Hard Drive

Click Browse to find the settings file, then click Load

Click Restore to Default to restore the factory default settings

Page 60

Using the Configuration Menu

Tools > Firmware

You can upgrade the firmware by using this tool. First, check the D-Link support site for firmware updates at http://support.dlink.com. Make sure that the firmware you want to use is saved on the local hard drive of your computer. Click on Browse to search the local hard drive for the firmware that you downloaded from the D-Link website to be used for the update. Upgrading the firmware will not change any of your system settings but it is recommended that you save your system settings before doing a firmware upgrade.

Browse-

Note! Do not power off the unit when it is being upgraded. When the upgrade is complete, the unit will be restarted automatically.

After you have downloaded the new firmware, click Browse in this window to locate the firmware update on your hard drive. Click Apply to complete the firmware upgrade.

Page 61

Using the Configuration Menu

Tools > Misc

Ping Test-

Restart Device-

Block WAN Ping-

SPI Mode-

DoS-

In the open box, enter an URL (i.e. www.dlink.com) or an IP address and click on Ping to test your internet connection.

Click Reboot to restart the unit.

Click Enable to block the WAN ping. Computers on the Internet will not get a reply back from the DI-804HV when it is being “ping”ed. This may help to increase security.

When this feature is enabled, the router will record the packet information passed through the router such as IP address, port address, ACK, SEQ number, and so on. The router will also check every incoming packet to detect if it is valid.

When DoS is enabled, the router will prevent Denial of Service attacks on all computers connected to the DI-804HV.

Page 62

Using the Configuration Menu

Tools > Misc Continued...

UPnP-

VPN PassThrough-

Non-standard FTP port-

UPnP is short for Universal Plug and Play which is a networking architecture that provides compatibility among networking equipment, software, and peripherals. The DI-804HV is a UPnP enabled router and will only work with other UPnP devices/softwares. If you do not want to use the UPnP Functionality, it can be disabled by selecting “Disabled”.

The device supports VPN (Virtual Private Network) pass-through for both PPTP (Point-to-Point Tunneling Protocol) and IPSec (IP Security). ONce VPN pass-through is enabled, there is no need to open up virtual services. Multiple VPN connections can be made through the device. This is useful when you have many VPN clients on the LAN.

If an FTP server you want to access is not using the standard port 21, then enter in the port number that the FTP server is using instead.

Page 63

Using the Configuration Menu

Status > Device Info

This screen displays information about the DI-804HV

DHCP Renew-

DHCP Release-

Click to refresh IP addresses sent from the DHCP server.

Click to release IP addreses sent from the DHCP server.

Page 64

Using the Configuration Menu

Status > Log

This screen displays activities occurring on the DI-804HV.

First Page-

Last Page-

Previous-

Next-

Clear-

Log Settings-

Click First Page to go to the first page of the log.

Click Last Page to go to the last page of the log.

Click Previous to go to the previous page of the log.

Click Next to go to the next page of the log.

Click Clear to clear the current page of the log.

Click for advanced features (see next page.)

Page 65

Using the Configuration Menu

Status > Log Settings

E-Mail Alert-

SMTP Server IP-

Email Address-

Send Mail Now-

IP Address of the Syslog Server-

Log Type- Select the types of activity to log. By default, all values are

The DI-804HV can be set up to send the log files to a specific email address.

Enter in the IP address of the mail server.

Enter in the email address of the recipient who will receive the email log.

Click to send mail immediately.

Enter in the IP address of a syslog server within the network. Click Enable to activate the policy. The DI-804HV will send all of it’s logs to the specified syslog server.

selected.

Page 66

Using the Configuration Menu

Status > Stats

In Stats section, traffic statistics are displayed.

Refresh-

Reset-

WAN-

LAN-

This will update the page.

This will reset the packet counter to zero.

Displays Received / Transmitted packets from the WAN port.

Displays Received / Transmitted packets from the LAN port.

Page 67

Using the Configuration Menu

Help

This screen displays the complete Help menu. For help at anytime, click the Help tab in the Configuration menu.

Page 68

Networking Basics

Using the Network Setup Wizard in Windows XP

In this section you will learn how to establish a network at home or work, using Microsoft Windows XP.

Note: Please refer to websites such as

and http://www.microsoft.com/windows2000 for information about networking

computers using Windows 2000, ME or 98.

Go to Start>Control Panel>Network Connections Select Set up a home or small office network

http://www.homenethelp.com

When this screen appears, Click Next.

Page 69

Networking Basics

Please follow all the instructions in this window:

Click Next

In the following window, select the best description of your computer. If your computer connects to the internet through a gateway/router, select the second option as shown.

Click Next

Page 70

Networking Basics

Enter a Computer description and a Computer name (optional.)

Click Next

Enter a Workgroup name. All computers on your network should have the same Workgroup name.

Click Next

Page 71

Networking Basics

Please wait while the Network Setup Wizard applies the changes.

When the changes are complete, click Next.

Please wait while the Network Setup Wizard configures the computer. This may take a few minutes.

Page 72

Networking Basics

In the window below, select the option that fits your needs. In this example, Create a Network Setup Disk has been selected. You will run this disk on each of the

computers on your network. Click Next.

Insert a disk into the Floppy Disk Drive, in this case drive A.

Page 73

Networking Basics

Please read the information under Here’s how in the screen below. After you complete the Network Setup Wizard you will use the Network Setup Disk to run the Network

Setup Wizard once on each of the computers on your network. To continue click Next.

Page 74

Networking Basics

Please read the information on this screen, then click Finish to complete the Network Setup Wizard.

The new settings will take effect when you restart the computer. Click Yes to restart the computer.

You have completed configuring this computer. Next, you will need to run the Network Setup Disk on all the other computers on your network. After running the Network Setup Disk on all your computers, your new wireless network will be ready to use.

Page 75

Networking Basics

Naming your Computer

To name your computer, please follow these directions: In Windows XP:

Click Start (in the lower left corner of the screen)



Right-click on My Computer



Select Properties and click



Select the Computer



Name Tab in the System Properties window.



You may enter a Computer Description if you

wish; this field is optional.

To rename the computer



and join a domain, Click Change.

Page 76

Networking Basics

Naming your Computer



In this window, enter the

Computer name

Select Workgroup and enter



the name of the Workgroup

All computers on your network



must have the same Workgroup name.

Click OK



Checking the IP Address in Windows XP

The wireless adapter-equipped computers in your network must be in the same IP Address range (see Getting Started in this manual for a definition of IP Address Range.) To check on the IP Address of the adapter, please do the following:

Right-click on the



Local Area Connection icon

in the task bar

Click on Status



Page 77

Networking Basics

Checking the IP Address in Windows XP

This window will appear.

Click the



Support tab

Click Close



Assigning a Static IP Address in Windows XP/2000

Note: Residential Gateways/Broadband Routers will automatically assign IP Addresses to the computers on the network, using DHCP (Dynamic Host Configuration Protocol) technology. If you are using a DHCP-capable Gateway/Router you will not need to assign Static IP Addresses.

If you are not using a DHCP capable Gateway/Router, or you need to assign a Static IP Address, please follow these instructions:



Go to Start



Double-click on

Control Panel

Page 78

Networking Basics

Assigning a Static IP Address in Windows XP/2000

Double-click on



Network Connections

Right-click on Local Area



Connections

Click on Properties



Page 79

Networking Basics

Assigning a Static IP Address in Windows XP/2000



Click on Internet Protocol (TCP/IP)



Click Properties

In the window below, input your IP



address, subnet mask, default gateway and DNS server address.

(The IP Addresses on your network must be within the same range. For example, if one computer has an IP Address of 192.168.0.2, the other computers should have IP Addresses that are sequential, like 192.168.0.3 and 192.168.0.4. The subnet mask must be the same for all the computers on the network.)

IP Address:

e.g., 192.168.0.2

Subnet Mask:

255.255.255.0

Enter the LAN IP address of the Wireless Router. (D-Link wireless routers have a LAN IP address of 192.168.0.1)

Select Use the following DNS



server addresses.

Enter the LAN IP address of the Wireless Router. (D-Link wireless routers have a LAN IP address of 192.168.0.1)



Click OK

The DNS server information will be supplied by your ISP (Internet Service Provider.)

192 168 0 1

Page 80

Networking Basics

Assigning a Static IP Address with Macintosh OSX

Go to the Apple Menu and se-



lect System Preferences



cClick on Network

Select Built-in Ethernet in the



Show pull-down menu

Select Manually in the Con-



figure pull-down menu

Input the Static IP Address,



the Subnet Mask and the Router IP Address in the ap-

propriate fields

Click Apply Now



Page 81

Networking Basics

Selecting a Dynamic IP Address with Macintosh OSX



Go to the Apple Menu and select System Preferences

Click on Network



Select Built-in Ethernet in the



Show pull-down menu

Select Using DHCP in the



Configure pull-down menu

Click Apply Now



The IP Address, Subnet



mask, and the Router’s IP Address will appear in a few

seconds

Page 82

Networking Basics

Adding and Sharing Printers in Windows XP

After you have run the Network Setup Wizard on all the computers in your network (please see the Network Setup Wizard section at the beginning of Networking Basics,) you can use the Add Printer Wizard to add or share a printer on your network.

Whether you want to add a local printer (a printer connected directly to one computer,) share an LPR printer (a printer connected to a print server) or share a network printer (a printer connected to your network through a Gateway/Router,) use the Add Printer Wizard. Please follow the directions below:

First, make sure that you have run the Network Setup Wizard on all of the computers on your network.

On the following pages, we will show you these 3 ways to use the Add Printer Wizard:

1. Adding a local printer

2. Sharing an network printer

3. Sharing an LPR printer

(Other Networking Tasks)

For help with other tasks, that we have not covered here, in home or small office networking, see Using the Shared Documents folder and Sharing files and folders in the Help and Support Center in Microsoft Windows XP.

Page 83

Networking Basics

Adding a local printer (a printer connected directly to a computer)

A printer that is not shared on the network and is connected directly to one computer is called a local printer. If you do not need to share your printer on a network, follow

these directions to add the printer to one computer.

Go to



Start> Printers

and Faxes

Click on Add a printer



Page 84

Networking Basics

Adding a local printer



Click Next

Select Local printer



attached to this computer

(Deselect Automati-



cally detect and install my Plug and Play printer if it has been

selected.)

Click Next



Select Use the follow-



ing port:

From the pull-down menu



select the correct port

for your printer

(Most computers use the LPT1: port, as shown in the illustration.)

Click Next



Page 85

Networking Basics

Adding a local printer

Select and highlight



the correct driver for your printer.

Click Next



(If the correct driver is not displayed, insert the CD or floppy disk that came with your printer and click Have Disk.)

At this screen, you



can change the name of the printer (optional.)

Click Next



Select Yes, to print a



test page. A successful printing will confirm that you have chosen the

correct driver.

Click Next



Page 86

Networking Basics

Adding a local printer

This screen gives you information about your printer.

Click Finish

When the test page has printed,

Click OK

Page 87

Networking Basics

Adding a local printer

Go to Start> Printers



and Faxes

A successful installation will display the printer icon as shown at right.

You have successfully added a local printer.

Sharing a network printer

After you have run the Network Setup Wizard on all the computers on your network, you can run the Add Printer Wizard on all the computers on your network. Please follow these directions to use the Add Printer Wizard to share a printer on your

network:

Go to Start>



Printers and Faxes

Page 88

Networking Basics

Sharing a network printer



Click on

Add a printer

Click Next



Select



Network Printer

Click Next



Page 89

Networking Basics

Sharing a network printer

Select Browse for



a printer

Click Next



Select the printer you would like to share

Click Next



Click Finish



Page 90

Networking Basics

Sharing a network printer

To check for proper



installation:

Go to Start > Printers



and Faxes

The printer icon will appear at right, indicating proper installation.

You have completed adding the printer.

To share this printer on your network:

Remember the printer



name



Run the Add Printer Wizard on all the

computers on your network



Make sure you have already run the

Network Setup Wizard on all the

network computers

After you run the Add Printer Wizard on all the computers in the network, you can share the printer.

Page 91

Networking Basics

Sharing an LPR printer

To share an LPR printer (using a print server,) you will need a Print Server such as the DP-101P+. Please make sure that you have run the Network Setup Wizard on all the computers on your network. To share an LPR printer, please follow these

directions:



Go to Start > Printers and Faxes

Click on Add



a Printer

The screen to the right will appear

Click Next



Select



Local Printer...

Click Next



Page 92

Networking Basics

Sharing an LPR printer



This screen will show you information about your

printer.

Click Finish



Select the printer you are adding from the list

of Printers.

Insert the printer driver disk that



came with your printer.

Click Have Disk



If the printer driver is already installed, do the following:

Select Keep existing



driver

Click Next



Page 93

Networking Basics

Sharing an LPR printer

You can rename your printer if



you choose. It is optional.

Please remember the name of



your printer. You will need this information when you use the Add Printer Wizard on the other computers on your network.

Click Next



Select Yes, to print a test page.



Click Next



This screen will display information about your printer.



Click Finish to complete the addition of the printer.

Please run the Add Printer



Wizard on all the computers on your network in order to

share the printer.

Note: You must run the Network Setup Wizard on all the computers on your network before you run the Add Printer Wizard.

Page 94

Resetting the DI-804HV to the Factory Default Settings

After you have tried other methods for troubleshooting your network, you may choose to Reset the DI-804HV to the factory default settings.

To hard-reset the D-Link DI-804HV to the Factory Default Settings, please do the following:

Locate the Reset button on the back of the DI-804HV



Use a paper clip to press the Reset button and



power on.

Hold for about 5 seconds (don’t hold too long) and



then release. (Or, release when M1 and M2 flash at the same time.)

 After you have completed the above steps, the DI-804HV

will be reset to the factory default settings

Page 95

Technical Specifications

Standards

IEEE 802.3 10BASET-T Ethernet



IEEE 802.3u 100BASE-TX Fast Ethernet



IEEE 802.3x Flow Control



ANSI/IEEE 802.3 NWay auto-negotiation



VPN Pass Through Function

PPTP



L2TP



IPSec



Device Management

Web-Based – Internet Explorer 6x or later; Netscape Navigator 6x or



LEDs

Operating Temperature

later; or other Java- enabled browsers.

WAN



LAN



COM



41°F to 131°F ( 5°C to 55°C)



Humidity

10-90%



Power

DC 5V



Dimensions

L = 7.56 inches (192mm)



W = 4.65 inches (48mm)



H = 1.22 inches (31mm)



Weight

~10.8 oz. (0.3 kg)



Ports

4 x NWay 10BASE-T/100BASE-TX Fast Ethernet LAN (Media Auto Sensing)



1 x NWay 10BASE-T/100BASE-TX Fast Ethernet WAN (Media Auto Sensing)



1 Com Port (Dial-Up Modem)

Page 96

Frequently Asked Questions

Why can´t I access the web based configuration?

When entering the IP Address of the DI-804HV (192.168.0.1), you are not connecting to the Internet or have to be connected to the Internet. The device has the utility builtin to a ROM chip in the device itself. Your computer must be on the same IP subnet to connect to the web-based utility.

To resolve difficulties accessing a web utility, please follow the steps below.

Step 1

you do not get a solid link light, try using a different cable or connect to a different port on the device if possible. If the computer is turned off, the link light may not be on.

Verify physical connectivity by checking for solid link lights on the device. If

What type of cable should I be using?

The following connections require a Crossover Cable:

Computer to Computer Computer to Uplink Port Computer to Access Point Computer to Print Server Computer/XBOX/PS2 to DWL-810 Computer/XBOX/PS2 to DWL-900AP+ Uplink Port to Uplink Port (hub/switch) Normal Port to Normal Port (hub/switch)

The following connections require a Straight-through Cable:

Computer to Residential Gateway/Router Computer to Normal Port (hub/switch) Access Point to Normal Port (hub/switch) Print Server to Normal Port (hub/switch) Uplink Port to Normal Port (hub/switch)

Rule of Thumb: ”If there is a link light, the cable is right.”

Page 97

Frequently Asked Questions (continued)

Why can´t I access the web based configuration? (continued)

What type of cable should I be using? (continued)

What´s the difference between a crossover cable and a straight-through cable?

The wiring in crossover and straight-through cables are different. The two types of cable have different purposes for different LAN configurations. EIA/TIA 568A/568B define the wiring standards and allow for two different wiring color codes as illustrated in the following diagram.

*The wires with colored backgrounds may have white stripes and may be denoted that way in diagrams found elsewhere.

How to tell straight-through cable from a crossover cable:

The main way to tell the difference between the two cable types is to compare the wiring order on the ends of the cable. If the wiring is the same on both sides, it is straight-through cable. If one side has opposite wiring, it is a crossover cable.

All you need to remember to properly configure the cables is the pinout order of the two cable ends and the following rules:

A straight-through cable has identical ends A crossover cable has different ends

It makes no functional difference which standard you follow for straight-through cable ends, as long as both ends are the same. You can start a crossover cable with either standard as long as the other end is the other standard. It makes no functional difference which end is which. The order in which you pin the cable is important. Using a pattern other than what is specified in the above diagram could cause connection problems.

When to use a crossover cable and when to use a straight-through cable:

Computer to Computer – Crossover Computer to an normal port on a Hub/Switch – Straight-through Computer to an uplink port on a Hub/Switch - Crossover Hub/Switch uplink port to another Hub/Switch uplink port – Crossover

Hub/Switch uplink port to another Hub/Switch normal port - Straight-through

Page 98

Frequently Asked Questions (continued)

Why can´t I access the web based configuration? (continued)

Step 2 Disable any Internet security software running on the computer. Software

firewalls like Zone Alarm, Black Ice, Sygate, Norton Personal Firewall, etc. might block access to the configuration pages. Check the help files included with your firewall software for more information on disabling or configuring it.

Step 3 Configure your Internet settings.

Go to Start>Settings>Control Panel. Double click the Internet Options Icon. From the Security tab, click the button to restore the settings to their defaults.

Click to the Connection tab and set the dialup option to Never Dial a Connection. Click

the LAN Settings button

Nothing should be checked. Click OK

Go to the Advanced tab and click the button to restore these settings to their

defaults

Click OK. Go to the desktop and close any open windows

Page 99

Frequently Asked Questions (continued)

Why can´t I access the web based configuration? (continued)

Step 4 Check your IP Address. Your computer must have an IP Address in the same

range of the device you are attempting to configure. Most D-Link devices use the

192.168.0.X range.

How can I find my IP Address in Windows 95, 98, or ME?

Step 1 Click on Start, then click on Run.

Step 2 The Run Dialogue Box will appear. Type winipcfg in the window as shown

then click OK.

Step 3 The IP Configuration window will appear, displaying your Ethernet

Adapter Information.

 Select your adapter from the drop down menu.  If you do not see your adapter in the drop down menu, your adapter is

not properly installed.

Step 4 After selecting your adapter, it will display your IP Address, subnet

mask, and default gateway.

Step 5 Click OK to close the IP Configuration window

Page 100

Frequently Asked Questions (continued)

Why can´t I access the web based configuration? (continued)

Step 4 (continued) Check your IP Address. Your computer must have an IP Address

in the same range of the device you are attempting to configure. Most D-Link devices use the 192.168.0.X range.

How can I find my IP Address in Windows 2000/XP?

Step 1 Click on Start and select Run.

Step 2 Type cmd then click OK.

Step 3 From the Command Prompt, enter ipconfig. It will return your IP

Address, subnet mask, and default gateway

Step 4 Type exit to close the command prompt.

100

D-Link DI-804HV User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Package Contents

Introduction

Getting Started

Using the Configuration Menu

Networking Basics

Resetting the DI-804HV to the Factory Default Settings

Technical Specifications

Frequently Asked Questions