D Link SL2640RD, DSL2640R, SL2640RA1 Users Manual
Section 3 – Configuration
Basic Wireless
T o disable the wireless interface: click in the Deactivated option next to
Access Point: and click the SAVE button. This will immediately disable
the wireless access point; it is not necessary to restart the access point to
make this change.
If the wireless interface has been disabled: click in the Activated
option next to Access Point: and click the SAVE button. This will
immediately disable the wireless access point; it is not necessary to
restart the access point to make this change.
The SSID can be changed to suit your wireless network. Remember that
any wireless device using the access point must have the same SSID and
use the same channel. The SSID can be a continuous character string
(i.e. no spaces) of up to 16 characters in length. The Channel ID: may be
changed to channels that are available in yo ur region. Chann els a vaila ble
for wireless LAN communication are subject to regional and national
regulation. Click the SAVE button to save any change to the Channel.
Wireless Security
The wireless security features are used to limit access to the device or to
encrypt data and shared information. The available standardized security
for wireless LAN includes WEP and WPA Wireless security is configured
with the Wirel e ss Settings menu located in the Home directory.
In the Wireless Settings menu, select the type of security you want to
configure. The menu will change to present the settings specific to the
method being configured. The Router’s wireless security options include
three levels of WEP encryption and WPA with a user configured Pre
Shared Key (PSK).
Configure the wireless security arrangement to suit your 802.11g
environment and click the SAVE button. The settings will go into effect
immediately. There is no need to restart the access point.
The table below provides a summary of the settings in the Wireless
Settings menu.
Note: Before enabling any security function for wireless operation,
you may want to test the Router’s access point first to verify that
wireless workstations can associate with it and use it for Internet
access.
D-Link DSL-2640R User Manual 28
Section 3 – Configuration
WEP Encryption
WEP (Wireless Encryption Protocol or Wired Equivalent Privacy)
encryption can be enabled for security and privacy. WEP encrypts the
data portion of each fra me transmitted from the wireless adapter using
one of the predefined keys. Decryption of the data contained in each
packet can only be done if the both t he receiver and transm itter have t he
correct key.
By default authentication is disabled on the access point. To enable
WEP, select the WEP-64Bits or WEP-128Bits option, configure the
WEP Encryption Keys as desired and click the SAVE button. The
encryption key setup is described below.
Encryption Keys
WEP Keys may be configured using Hex or ASCII characters. There are
two levels of encryption available, each level requires a different number
of characters. Select Hex or ASCII from the Key Type drop-down menu.
Hex or Hexadecimal digits are defined as the numerical digits 0 – 9 and
the letters A – F (upper and lower case are recognized as the same
digit). ASCII cha rac ters in cl ude num be rs and lette rs but no spaces. An
upper case ASCII character is NOT recognized as the same lower case
character, and therefore must be configured exactly as typed for all
wireless nodes using the access point. The length of the key depends
on the level of encryption used.
Select the Key Length from the drop-down menu. The available key
lengths are 64 or 128-bit encryption. In the spaces provided, type in Key
1, Key 2, Key 3 and Key 4. The length of the character string used of
the keys depends on the level (Key Length) of encryption selected.
Only one key can be active. The ac ti ve key is selected by clicking the
radio button for the key you want to use.
Click the SAVE button when you have configured WEP as desired to put
the changes into effect.
D-Link DSL-2640R User Manual 29
Section 3 – Configuration
WPA Settings
WPA uses an encryption method combined with an authentication
procedure that requires an acceptance of a pre-configured
password. WPA or Wireless Protection Access is an improved
standard of wireless security. The ROUTER also supports two
common encryption types TKIP and AES.
To configure WPA settings, select the Authentication Type option
WPA-PSK to use TKIP encryption or select WPA2-PSK to use
AES encryption. The encryption algorithm TKIP (Temporal Key
Integrity Protocol) uses per packet key generation (based on
WEP), while AES (Advanced Encryption Standard) is a blockbased encryption method. Both methods require entry of a
pre-shared key to allow association. Type a password from 8 to 64
characters long in the Pre-Shared Key field.
Wireless MAC Address Filter
MAC address device filtering on the wireless LAN can be activated
and configured to allow exclusive association or deny association
with the access point.
To use MAC address filtering, click to select the Activated option
and specify the MAC addresses allowed or denied association in
the entry fields provided. Up to 8 MAC addresses can be added to
the list. Select the action to be performed on the MAC addresses in
the list. Choose Allow Association to allow association to only the
MAC address listed. This option will filter or deny association to
any device not listed. Alternatively the Deny Association option
will deny association to only the MAC addresses listed.
Click SAVE to apply and save the new filtering rules. MAC address
filtering can be Deactivated at any time, the MAC addresses in the
list remain until they are deleted by the administrator. A MAC
address on the list can be removed by highlighting it with cursor,
pressing the Delete key on your keyboard and pressing SAVE.
D-Link DSL-2640R User Manual 30
Section 3 – Configuration
Advanced Setup
The Advanced Setup folder contains windows for Routing, NAT and ADSL.
Firewall
This menu allows the Router to enforc e specific
policies intended to protect the private network against
certain types of attacks.
To enable the firewall feature, select the Enabled
option and click SAVE.
To enable the Stateful Packet Inspection feature,
select the Enabled option and click SAVE.
Routing
Use Static Routing to specify a route used for data
traffic within your Ethernet LAN or to route data on the
WAN. This specifies that all packets destined for a
particular network or subnet use a predetermined
gateway.
To add a static route to a specific destination IP on the
local network, click the ADD ROUTE button to view
the setup window.
D-Link DSL-2640R User Manual 31
Section 3 – Configuration
To add a static route to a specific destination IP on the
local network, enter a Destination IP Address, select
a suitable IP Subnet Mask, and type in the Gateway
IP Address. Click SAVE to enter the new static route
in the table below. The route becomes active
immediately upon creation. The Metric field
determines the number of hops or routers that will be
allowed to route traffic.
NAT
The Router features include policy-based Network
Address Translation (NAT) for greater flexiblity and
control of NAT functions. The user can customize port
mapping for a single global IP address or full feature
NAT support for mapping multiple global IP addresses
to servers or clients on the LAN. Single User
Account (SUA) NAT is enabled by default. Using the
default settings, NAT will function for Routed
connections without any additional configuration. NA T
is disabled automatically when the device is operating
in pure Bridge mode.
To customize NAT settings for IP address mapping,
use the NAT window located in the Advanced Setup
directory.
D-Link DSL-2640R User Manual 32
Section 3 – Configuration
Note that if the NAT Status in the window above
indicates “Deactivated,” the user must first activate
NAT on the Internet menu. Click SA VE and the
window above will appear. The IP Address Mapping
(for Multiple IP Service) link only appears when the
Multiple option is selected under Number of IPs.
DMZ
Since some applications are not compatible with NAT,
the Router supports use of a DMZ IP address for a
single host on the LAN. This IP address is not
protected by NAT and will therefore be visible to
agents on the Internet with the right type of software.
Keep in mind that any client PC in the DMZ will be
exposed to various types of security risks. If you use
the DMZ, take measures (such as client-based virus
protection) to protect the remaining client PCs on your
LAN from possible contamination throu gh the DMZ.
To designate a DMZ IP address, select the Enabled
radio button, type in the DMZ Host P Addr es s of the
server or device on your LAN, and click the SAVE
button. To remove DMZ status from the designated IP
address, select the Disabled radio button and click
SAVE. It will be necessary to save the settings and
reboot the Router before the DMZ is activated.
D-Link DSL-2640R User Manual 33
Section 3 – Configuration
Virtual Server
To customize inbound port mapping of NAT for a
Single User Account using one global IP address,
select the Single option under Number of IPs and
click the Virtual Server link.
By default, NAT will map all ports according to the
traditional IP NA T protocol. However, the user may opt
to map specific ports or a range of ports to a specified
IP address on the LAN. It is also possible to map all
ports to a specified LAN IP address. You will use this
same window if you are using NAT for a multiple
number of IPs.
To specify NAT mapping, type in the port or range of
ports used for mapping in the Start Port Number and
End Port Number columns and enter the LAN Local
IP Address of the server or system used for the
selected ports. To map a single port, type the port
number in both Start and End port entry fields. Click
the SAVE button to apply the NAT port mapping and
save the settings.
D-Link DSL-2640R User Manual 34
Section 3 – Configuration
IP Address Mapping
The Router allows the user to setup policies used for
inbound or outbound port mapping to one or multiple
global IP addresses. This may be desirable on
networks that maintain multiple global IP addresses,
multiple virtual connections or where servers on the
network must respond to connection re quest s from the
WAN.
To configure the mapping rules, select the select the
Multiple option under Number of IPs on the NAT
menu and click the IP Address Mapping (for
Multiple IP Service) link.
To edit a rule, use the Rule Index drop-down menu.
One you have made the desired changes, click the
SAVE button.
Rule Types:
One-to-One
Many-to-One
Many-to-Many No Overload
Use this for mapping a single global IP address to a single private internal IP address. In this
case, IP mapping is done for both inbound and outbound traffic.
This is essentially the same as SUA NAT. Multiple private internal IP addresses are mapped to
a single global IP address. Mapping occurs for outbound traffic.
Many-to-Many Overload In this case, IP mapping is done for outbound traffic from multiple
private internal IP addresses to a shared pool of multiple global IP addresses.
IP mapping is also done for outbound traffic from multiple private internal IP addresses to a
pool of global IP addresses, however each internal IP address will connect to a single global IP
address from the pool. In other words each available global IP address is allowed connection to
only one internal IP address at a time.
D-Link DSL-2640R User Manual 35
Section 3 – Configuration
QoS
Quality of Service or QoS assigns a priority level to
data packets to make sure ti m e sensi ti ve netwo rk
applications operate smoothly with minimal delay.
QoS enables applications such as VoIP (voice-over
Internet Protocol) or video conferencing to function
well on networks that may have multiple simultaneous
transmissions of many types of data. Since much of
the traffic is not significantly affected by slight
transmission delay, QoS is used to give preference to
traffic that is affe c ted by delay.
QoS implementation on the Router instead uses four
queues that can be mapped to and assigned priority.
QoS protocols supported on the Router include IEEE
802.1p, Differentiated Services Code Point (DiffServ)
weighted scheduling, IP Type of Service (IP ToS) as
well as application specific and VLAN Group QoS
mapping. To implement QoS on the Router, select the
preferred protocol used fo r QoS and map the priority
scheduling used to the four queues used on the
Router.
To enable QoS, select the QoS: Activated option, and
select the type of QoS mapping used. Use Queue #1
for the lowest priority traffic, and Queue #4 for the
highest priority traffic.
D-Link DSL-2640R User Manual 36
Section 3 – Configuration
802.1p
IP QoS
Application QoS
VLAN Group
QoS
To implement QoS mapping for IEEE 802.1p priority, select the Activated option and configure mapping for the 8 priority levels
defined by 802.1p priority. 802.1p user priority 0 is the lowest priority while 7 is the highest.
To implement QoS mapping for IP QoS, select the Activated option and configure mapping for one of two types of IP QoS, IP
ToS (Type of Service) or DiffServ:
IP ToS assigns 0 for the lowest priority and 7 for the highest.
DiffServ uses 64 levels with 0 being the lowest, 63 the highest. DiffServ QoS mapping requires mapping for all 64 levels.
If a level is not mapped a popup box informs the user that the level has not been assigned.
To implement Application Qo S mappi n g, select the Activated option and configure queue assignment for applicatio ns. The
default applications mappi ng for vo ice a nd vide o app lica tion s set the hig hest pri ori ty for voi ce an d sec ond h ighes t for vi deo. The
queue assignment and RTP port ranges may be changed if desired. Queues may also be assigned for IGMP packets and
general data packets (i.e. all other traffic).
To implement VLAN Group QoS mapping, select the Activated option and configure mapping for VLAN groups using the VLAN
group identification number (VID) for queue mapping. This can be used together with VLAN assignment for different virtual
connections (PVCs) for QoS mapping to the PVCs. See below for more information on how VLANs can be used on the Router.
D-Link DSL-2640R User Manual 37
Loading...