D-Link VDI-604 User Manual
TM
D-Link Express EtherNetwork
4-Port Ethernet Broadband Router
Manual
VDI-604
Building Networks for People
Contents
Introduction
.........................................................................................3
Package Contents.........................................................................7
Hardware Description..................................................................8
Reset......................................................................................................9
Getting Started...............................................................................10
Configuring the VDI-604..........................................................11
Using the Configuration Menu.............................................12
Troubleshooting.............................................................................41
Networking Basics.......................................................................47
Technical Specifications...........................................................77
Warranty.............................................................................................79
-2-
Introduction
The D-Link Express EtherNetwork VDI-604 is a 4-port Ethernet
Broadband Router. The D-Link VDI-604 enables users to quickly and
easily share a high speed Internet connection. The D-Link VDI-604 also
incorporates many advanced features, traditionally found in more
expensive routers.
The VDI-604 is compatible with most popular operating systems, including
Macintosh, Linux and Windows, and can be integrated into an existing
network. This Manual is designed to help you connect the D-Link
Express EtherNetwork VDI-604 to a high speed Internet connection and 4
Ethernet PC connections.
This manual provides a quick introduction to Broadband Router
Technology, Firewalls, and Local Area Networking. Please take a moment
to read through this manual and get acquainted with these various
technologies.
Features and Benefits
Ethernet Switch
Allows you to quickly and easily share an Internet connection with multiple
computers and devices.
VPN supported
Supports multiple and concurrent IPSec and PPTP pass-through sessions,
so multiple users behind the VDI-604 can access corporate networks
through various VPN clients more securely.
Advanced Firewall & Parental Control Features
The Web-Based user interface displays a number of advanced
network
management features including:
Content Filtering
Easily applied content filtering based on Mac Address, IP Address, URL
and/or Domain Name.
Filter Scheduling
These filters can also be scheduled to be active on certain days or for a
duration of hours or minutes.
-3-
Network Address Translation
NAT allows you to share a single IP Address and protects you from
outside intruders gaining access to your private network.
DHCP Server Supported
All of the networked computers can retrieve TCP/IP settings automatically
from the VDI-604.
Web-Based Management
VDI-604 is configurable through any network computer’s web browser
using Netscape or Internet Explorer.
Access Control Supported
Allows you to assign different access rights for different users.
Virtual Server Supported
Enables you to expose WWW, FTP and other services on your LAN to be
accessible to Internet users.
Special Application Supported
Special applications requiring multiple connections, like Internet gaming,
video conferencing, Internet telephony and so on. The VDI-604 can sense
the application type and open a multi-port tunnel for it.
DMZ Host Supported
Allows a networked computer to be fully exposed to the Internet. This
function is used when the Special Application feature is insufficient to
allow an application to function correctly.
-4-
Technology Introduction
Introduction to Broadband Router Technology
A router is a device that forwards data packets from a source to a
destination. Routers forward data packets using IP addresses and not a
MAC address. A router will forward data from the Internet to a particular
computer on your LAN.
The information that makes up the Internet gets moved around using
routers. When you click on a link on a web page, you send a request to a
server to show you the next page. The information that is sent and
received from your computer is moved from your computer to the server
using routers. A router also determines the best route that your
information should follow to ensure that the information is delivered
properly.
A router controls the amount of data that is sent through your network by
eliminating information that should not be there. This provides security for
the computers connected to your router, because computers from the
outside cannot access or send information directly to any computer on
your network. The router determines which computer the information
should be forwarded to and sends it. If the information is not intended for
any computer on your network, the data is discarded. This keeps any
unwanted or harmful information from accessing or damaging your
network.
Introduction to Firewalls
A firewall is a device that sits between your computer and the Internet that
prevents unauthorized access to or from your network. A firewall can be a
computer using firewall software or a special piece of hardware built
specifically to act as a firewall. In most circumstances, a firewall is used to
prevent unauthorized Internet users from accessing private networks or
corporate LAN’s and Intranets.
A firewall watches all of the information moving to and from your network
and analyzes each piece of data. Each piece of data is checked against a
set of criteria that the administrator configures. If any data does not meet
the criteria, that data is blocked and discarded. If the data meets
criteria, the data is passed through. This method is called packet filtering.
A firewall can also run specific security functions based on the type of
application or type of port that is being used. For example, a firewall can
be
configured to work with an FTP or Telnet server. Or a firewall can be
configured to work with specific UDP or TCP ports to allow certain
applications or games to work properly over the Internet.
-5-
the
Introduction to Local Area Networking
Local Area Networking (LAN) is the term used when connecting several
computers together over a small area such as a building or group of
buildings. LAN’s can be connected over large areas. A collection of LAN’s
connected over a large area is called a Wide Area Network (WAN).
A LAN consists of multiple computers connected to each other. There are
many types of media that can connect computers together. The most
common media is CAT5 cable (UTP or STP twisted pair wire.) On the
other hand, wireless networks do not use wires; instead they
communicate over radio waves. Each computer must have a Network
Interface Card (NIC), which communicates the data between computers.
A NIC is usually a 10Mbps network card, or 10/100Mbps network card, or
a wireless network card.
Most networks use hardware devices such as hubs or switches that each
cable can be connected to in order to continue the connection between
computers. A hub simply takes any data arriving through each port and
forwards the data to all other ports. A switch is more sophisticated, in that
a switch can determine the destination port for a specific piece of data. A
switch minimizes network traffic overhead and speeds up the
communication over a network.
Networks take some time in order to plan and implement correctly. There
are many ways to configure your network. You may want to take some
time to determine the best network set-up for your needs.
-6-
Package Contents
VDI-604 Ethernet Broadband Router
Power Adapter
2 Ethernet Cables
Note: Using a power supply with a different voltage rating will damage and void the warranty for this
product. If any of the above items are missing, please contact your reseller.
-7-
Hardware Description
Front Panel
Power
WAN
LAN
Power
WAN
LAN
Link/Act.
Power indicator will light Green.
WAN status indicator will light Green when there is good
physical WAN connection.
Link status indicators light Green. The LED flickers when the
corresponding port is sending or receiving data.
-8-
Hardware Description
Rear Panel
Reset
LAN
Reset
LAN
PORTS*
1-4
WAN*
Power
*All ports (both LAN & WAN) are Auto-MDIX. All ports auto-sense cable
types to accommodate Straight-through or Cross-over cable.
Used to restore the VDI-604 back to factory default settings.
LAN port sockets (CAT5 Ethernet RJ-45 cable). The LED
glows steadily when a port is connected to a hub, switch or
network-adapter-equipped computer in your local area network
(LAN.)
WAN port socket (CAT5 Ethernet RJ-45 cable). This is where
you will connect to your high speed Internet access
Connect one end of your included power adapter to the power
port and the other end into your power outlet.
WAN
Reset
To reset the system settings to factory defaults, please follow these steps:
1. Leave the device powered on, do not disconnect the power
2. Press the reset button and hold (use a paper-clip)
3. Keep the button pressed about 10 seconds
4. Release the button
The VDI-604 will then automatically reboot itself.
Power
-9-
Getting Started
Installation Location
The VDI-604 can be positioned at any convenient place in your office or
house. No special wiring or cooling requirements are needed. However,
you should comply with the following guidelines:
Place the VDI-604 on a flat horizontal plane.
Keep away from any heating devices.
Do not place in a dusty or wet environment.
The recommended operational specifications of the VDI-604 are:
Temperature 32
Humidity 5 % ~ 90 %
In addition, remember to turn off the power, remove the power cord from
the outlet, and keep your hands dry when you install the hardware.
Network Settings
To use the VDI-604 correctly, you have to properly configure the network
settings of your computers. The default IP address of the VDI-604 is
192.168.0.1, and the default subnet mask is 255.255.255.0. These
addresses can be changed as needed, but the default values are used in
this manual. If the TCP/IP environment of your computer has not yet been
configured, you can refer to Configuring Your PCs to Connect to the
VDI-604 to configure it.
For example:
1. Configure your computer IP as 192.168.0.3, subnet mask as
255.255.255.0 and gateway as 192.168.0.1
Or more conveniently
2. Configure your computers to obtain TCP/IP settings automatically
from the DHCP server feature of the VDI-604
Since the IP address of the VDI-604 is 192.168.0.1, the IP address of
your computer must be 192.168.0.X (where “X” is a number between 2
and 254.) Each computer on your network must have a different IP
address within that range. The default gateway must be 192.168.0.1 (the
IP address of the VDI-604).
o
F ~ 131o F
-10-
Configuring the VDI-604
The VDI-604 provides an embedded Web-based management utility
making it operating system independent. You can configure your VDI-604
through the Netscape Communicator or Internet Explorer browser in MS
Windows, Macintosh, Linux or UNIX based platforms. All that is needed is
a web browser such as Internet Explorer or Netscape Navigator version 4
and higher with Java Script enabled.
Start-up and Log in
Activate your web browser and type in the IP address of the VDI-604 into
the Location (for Netscape) or Address (for IE) field and press “Enter.”
The default IP address of the VDI-604 is 192.168.0.1
For example: http://192.168.0.1
After the connection is established, the
logon screen will pop up. To log in as
an administrator, enter the username of
“admin” and the password of “password” . Click the OK button. If the
password is correct, the web-management interface will appear.
-11-
Using the Configuration Menu
Setup Wizard
The Setup Wizard page is the first page that appears when logging into
the web-based management interface. The Setup Wizard is a utility used
to quickly configure the VDI-604. It will guide you through four quick and
basic steps to help you connect to your Ihigh speed Internet access . You
will be connected to your ISP (Internet Service Provider) and have
Internet access within minutes.
WAN
WAN is short for Wide Area Network. The WAN settings can be referred
to as the Public settings. All IP information in the WAN settings are public
IP addresses which are accessible on the Internet.
The WAN settings consist of three options: Dynamic IP Address, Static
IP Address, and PPPoE. Select the appropriate option and fill in the
information needed to connect to your ISP.
-12-
HOME > WAN > DYNAMIC IP Address
Choose Dynamic IP Address to obtain IP address information
automatically from your ISP. Select this option if your ISP does not give
you any IP numbers to use.
Host Name: The Host Name field is optional but may be required by
some ISPs. The host name is the device name of the Broadband Router.
MAC Address: The default MAC address is set to the WAN's physical
interface MAC address on the Broadband Router. You can use the "Clone
MAC Address" button to copy the MAC address of the Ethernet Card
installed by your ISP and replace the WAN MAC address with this MAC
address. It is not recommended that you change the default MAC address
unless required by your ISP.
-13-
HOME > WAN > Static IP Address
Choose Static IP Address if all WAN IP information is provided to you by
your ISP. You will need to enter in the IP address, subnet mask, gateway
address, and DNS address(es) provided to you by your ISP. Each IP
address entered in the fields must be in the appropriate IP form, which are
four IP octets separated by a dot (x.x.x.x). The Router will not accept the
IP address if it is not in this format.
IP Address: Public IP address provided by your ISP.
Subnet Mask: Subnet mask provided by your ISP.
ISP Gateway Address: Public IP address of your ISP that you are
connecting to.
Primary DNS Address: Primary DNS (Domain Name Server) IP provided
by your ISP
Secondary DNS Address: optional
-14-
HOME > WAN > PPPOE
Please be
sure sure to
remove any
existing
PPPoE Client
Software
installed on
your
computers.
1492
Choose PPPoE (Point to Point Protocol over Ethernet) if you’re ISP uses PPPoE
connection. Your ISP will provide you with a username and password. . Select
Dynamic PPPoE to obtain an IP address automatically for your PPPoE
connection. Select Static PPPoE to use a static IP address for your PPPoE
connection.
Dynamic PPPoE: PPPoE connection where you will receive an IP
address automatically from your ISP
Static PPPoE: PPPoE connection where you have an assigned (static) IP
address
User Name: Your PPPoE username provided by your ISP
Password: Your PPPoE password provided by your ISP
Retype Password: Re-enter PPPoE password
Service Name: Enter the service name provided by your ISP. (optional)
IP Address: This option is only available for Static PPPoE. Enter in the
static IP address for the PPPoE connection.
Primary DNS Address: Primary DNS IP provided by your ISP
Secondary DNS Address: optional
-15-
Maximum Idle Time: The amount of time of inactivity before
disconnecting your PPPoE session. Enter a Maximum Idle Time (in
minutes) to define a maximum period of time for which the Internet
connection is maintained during inactivity. If the connection is inactive for
longer than the defined Maximum Idle Time, then the connection will be
dropped. Either set this to zero or enable Auto-reconnect to disable this
feature.
MTU: MTU stands for Maximum Transmission Unit. For PPPoE
connections, you may need to change the MTU settings in order to work
correctly with your ISP.
Auto-Reconnect: If enabled, the Broadband Router will automatically
connect to your ISP after your system is restarted or if the connection is
dropped.
-16-
HOME > LAN
LAN is short for Local Area Network. This is considered your internal
network. These are the IP settings of the LAN interface for the VDI-604.
These settings may be referred to as Private settings. You may change
the LAN IP address if needed. The LAN IP address is private to your
internal network and cannot be seen on the Internet.
IP Address: The IP address of the LAN interface. The default IP address
is 192.168.0.1.
Subnet Mask: The subnet mask of the LAN interface. The default subnet
mask is 255.255.255.0.
Local Domain Name: This field is optional. Enter in the your local domain
name.
-17-
HOME > DHCP
DHCP stands for Dynamic Host Configuration Protocol. The VDI-604 has
a built-in DHCP server. The DHCP Server will automatically assign an IP
address to the computers on the LAN/private network. Be sure to set your
computers to be DHCP clients by setting their TCP/IP settings to “Obtain
an IP Address Automatically.” When you turn your computers on, they will
automatically load the proper TCP/IP settings provided by the VDI-604.
The DHCP Server will automatically allocate an unused IP address from
the IP address pool to the requesting computer. You must specify the
starting and ending address of the IP address pool.
Starting IP Address: The starting IP address for the DHCP server’s IP
assignment.
Ending IP Address: The ending IP address for the DHCP server’s IP
assignment.
Lease Time: The length of time for the IP lease.
-18-
ADVANCED > VIRTUAL SERVER
The VDI-604 can be configured as a virtual server so that remote users
accessing Web or FTP services via the public IP address can be
automatically redirected to local servers in the LAN network.
The VDI-604 firewall feature filters out unrecognized packets to protect
your LAN network so all computers networked with the VDI-604 are
invisible to
computers accessible from the Internet by enabling Virtual Server.
Depending on the requested service, the VDI-604 redirects the external
service request to the appropriate server within the LAN network.
The VDI-604 is also capable of port-redirection meaning incoming traffic
the outside world. If you wish, you can make some of the LAN
-19-
to a particular port may be redirected to a different port on the server
computer.
Each virtual service that is created will be listed at the bottom of the
screen in the Virtual Servers List. There are already pre-defined virtual
services already in the table. You may use them by enabling them and
assigning the server IP to use that particular virtual service.
Name: The name referencing the virtual service.
Private IP: The server computer in the LAN network that will be providing
the virtual services.
Private Port: The port number of the service used by the Private IP
computer.
Protocol Type: The protocol used for the virtual service.
Public Port: The port number on the WAN side that will be used to
access the virtual service.
Schedule: The schedule of time when the virtual service will be enabled.
The schedule may be set to Always, which will allow the particular service
to always be enabled. If it is set to Time, select the time frame for the
service to be enabled. If the system time is outside of the scheduled time,
the service will we disabled.
Example #1:
If you have a Web server that you wanted Internet users to access at all
times, you would need to enable it. Web (HTTP) server is on LAN
computer 192.168.0.25. HTTP uses port 80, TCP.
Name: Web Server
Private IP: 192.168.0.25
Protocol Type: TCP
Private Port: 80
Public Port: 80
Schedule: always
-20-
Click on this icon to edit the virtual service.
Click on this icon to delete the virtual service.
Example #2:
If you have an FTP server that you wanted Internet users to
access by WAN port 2100 and only during the weekends, you would need
to enable it as such. FTP server is on LAN computer 192.168.0.30. FTP
uses port 21, TCP.
Name: FTP Server
Private IP: 192.168.0.30
Protocol Type: TCP
Private Port: 21
Public Port: 2100
Schedule: From: 01:00AM to 01:00AM, Sat to Sun
All Internet users who want to access this FTP Server must connect to it from
port 2100. This is an example of port redirection and can be useful in cases
where there are many of the same servers on the LAN network.
-21-
ADVANCED > APPLICATIONS
Some applications require multiple connections, such as Internet gaming,
video conferencing, Internet telephony and others. These applications
have difficulties working through NAT (Network Address Translation).
Special Applications makes some of these applications work with the
VDI-604. If you need to run applications that require multiple connections,
specify the port normally associated with an application in the "Trigger
Port" field, select the protocol type as TCP or UDP, then enter the public
ports associated with the trigger port to open them for inbound traffic.
The VDI-604 provides some predefined applications in the table on the
bottom of the web page. Select the application you want to use and
enable it.
Note! Only one PC can use each Special Application tunnel.
Trigger Name: This is the name referencing the special application.
Trigger Port: This is the port used to trigger the application. It can be
either a single port or a range of ports.
-22-
Trigger Type: This is the protocol used to trigger the special application.
Public Port: This is the port number on the WAN side that will be used to
access the application. You may define a single port or a range of ports.
You can use a comma to add multiple ports or a hyphen to add port
ranges.
Public Type: This is the protocol used for the special application.
-23-
ADVANCED > FILTERS > IP FILTERS
Filters
Filters are used to deny or allow LAN computers from accessing the Internet. The
VDI-604 can be setup to deny internal computers by their IP or MAC addresses.
The VDI-604 can also block users from accessing restricted web sites.
IP Filters
Use IP Filters to deny LAN IP addresses from accessing the Internet. You can
deny specific port numbers or all ports for the specific IP address.
IP: The IP address of the LAN computer that will be denied access to the
Internet.
Port: The single port or port range that will be denied access to the Internet.
Schedule: This is the schedule of time when the IP Filter will be enabled.
-24-
ADVANCED > FILTERS > MAC FILTERS
Use MAC Filters to allow or deny LAN computers by their MAC
addresses from accessing the Internet. You can either manually add a
MAC address or select the MAC address from the list of clients that are
currently connected to the Broadband Router.
-25-
ADVANCED > FILTERS > URL BLOCKING
URL Blocking is used to deny LAN computers from accessing specific
web sites by its URL. A URL is a specially formatted text string that
defines a location on the Internet. If any part of the URL contains the
blocked word, the site will not be accessible and the web page will not
display.
-26-
Loading...