How it Works
Linksys
Loading...
RV016
User Manual
127 pgs3.52 Mb0
User Manual
112 pgs6.94 Mb0
Table of contents
Loading...

Linksys RV016 User Manual

A Division of Cisco Systems, Inc.
®
Model No.
WIRED
RV016
10/100
16-Port VPN Router
User Guide
Copyright and Trademarks
Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2004 Cisco Systems, Inc. All rights reserved.
How to Use this Guide
This User Guide has been designed to make understanding networking with the Router easier than ever. Look for the following items when reading this Guide:
This checkmark means there is a Note of interest and is something you should pay special attention to while using the Router.
This exclamation point means there is a Caution or Warning and is something that could damage your property or the Router.
This question mark provides you with a reminder about something you might need to do while using the Router.
In addition to these symbols, there are definitions for technical terms that are presented like this:
word: definition.
Also, each figure (diagram, screenshot, or other image) is provided with a figure number and description, like this:
Figure 0-1: Sample Figure Description
Figure numbers and descriptions can also be found in the “List of Figures” section in the “Table of Contents”.
RV016-UG-40205A JL
Table of Contents
Chapter 1: Introduction 1
Welcome 1 What’s in this Guide? 2
Chapter 2: Networking Basics 4
An Introduction to LANs 4 The Use of IP Addresses 4 Why do I need a VPN? 5 What is a VPN? 6
Chapter 3: Getting to Know the Router 8
The Front Panel 8 The Back Panel 10
Chapter 4: Connecting the Router 11
Overview 11 Connection Instructions 12
Chapter 5: Configuring the PCs 13
Overview 13 Configuring Windows 98 and Millennium PCs 13 Configuring Windows 2000 PCs 14 Configuring Windows XP PCs 14
Chapter 6: Setting up and Configuring the Router 16
Overview 16 How to Access the Web-based Utility 19 System Summary Tab 19 Setup Tab - Network 22 Setup Tab - Password 25 Setup Tab - Time 25 Setup Tab - DMZ Host 26 Setup Tab - Forwarding 26 Setup Tab - UPnP 28 Setup Tab - One-to-One NAT 29 Setup Tab - MAC Clone 30 Setup Tab - DDNS 31
Setup Tab - Advanced Routing 32 DHCP Tab - Setup 34 DHCP Tab - Status 36 System Management Tab - Multi-WAN 37 System Management Tab - SNMP 40 System Management Tab - Diagnostic 41 System Management Tab - Factory Default 42 System Management Tab - Firmware Upgrade 42 System Management Tab - Restart 43 System Management Tab - Setting Backup 43 Port Management Tab - Port Setup 44 Port Management Tab - Port Status 45 Firewall Tab - General 46 Firewall Tab - Access Rules 47 Firewall Tab - Content Filter 49 VPN Tab - Summary 50 VPN Tab - Gateway to Gateway 52 VPN Tab - Client to Gateway 59 VPN Tab - VPN Pass Through 68 Log Tab - System Log 69 Log Tab - System Statistics 71 Wizard Tab 72 Support Tab 81 Logout Tab 81
Appendix A: Troubleshooting 82
Common Problems and Solutions 82 Frequently Asked Questions 93
Appendix B: Upgrading Firmware 97 Appendix C: Finding the MAC Address and IP Address for Your
Ethernet Adapter 98
Windows 98 or Me Instructions 98 Windows 2000 or XP Instructions 98 For the Router’s Web-based Utility 99
Appendix D: Physical Setup of the Router 100
Setting up the Router 100
Appendix E: Battery Replacement 104
Replacing a Lithium Battery 104
Appendix F: Windows Help 105 Appendix G: Glossary 106 Appendix H: Specifications 113 Appendix I: Warranty Information 114 Appendix J: Regulatory Information 115 Appendix K: Contact Information 116
List of Figures
Figure 2-1: VPN Router-to-VPN Router VPN 7 Figure 2-2: Computer-to-VPN Router VPN 7 Figure 3-1: Front Panel 8 Figure 3-2: Back Panel 10 Figure 4-1: Example of a Typical Network 11 Figure 4-2: Connect a PC 12 Figure 4-3: Connect the Internet 12 Figure 4-4: Connect the DMZ 12 Figure 4-5: Connect the Power 12 Figure 5-1: TCP/IP for Windows 98 and Me 13 Figure 5-2: Obtain an IP address automatically for Windows 98 and Me 13 Figure 5-3: Internet Protocol (TCP/IP) for Windows 2000 14 Figure 5-4: Obtain an IP address automatically for Windows 2000 14 Figure 5-5: Internet Protocol (TCP/IP) for Windows XP 15 Figure 5-6: Obtain an IP address automatically for Windows XP 15 Figure 6-1: Router’s IP Address 19 Figure 6-2: Login Screen 19 Figure 6-3: System Summary 19 Figure 6-4: Site Map 20 Figure 6-5: Port Information 20 Figure 6-6: Setup Tab 22 Figure 6-7: Save New Number of WAN Ports 22 Figure 6-8: Obtain an IP Automatically 23 Figure 6-9: Static IP 23 Figure 6-10: PPPoE 23 Figure 6-11: PPTP 24 Figure 6-12: DMZ 24 Figure 6-13: Password 25
Figure 6-14: Time - Automatic 25 Figure 6-15: Time - Manual 25 Figure 6-16: DMZ Host 26 Figure 6-17: Forwarding 26 Figure 6-18: Service Management 27 Figure 6-19: UPnP 28 Figure 6-20: One-to-One NAT 29 Figure 6-21: MAC Clone 30 Figure 6-22: Edit MAC Clone 30 Figure 6-23: DDNS 31 Figure 6-24: Edit DDNS 31 Figure 6-25: Advanced Routing 32 Figure 6-26: DHCP Setup 34 Figure 6-27: DHCP Status 36 Figure 6-28: Multi-WAN Load Balance 37 Figure 6-29: Save New Mode 37 Figure 6-30: Intelligent Balancer - Edit Load Balance 37 Figure 6-31: IP Group (By Users) 38 Figure 6-32: IP Group (By Users) - Edit Load Balance 38 Figure 6-33: SNMP 40 Figure 6-34: DNS Name Lookup 41 Figure 6-35: Ping 41 Figure 6-36: Factory Default 42 Figure 6-37: Confirm Return to Factory Default Settings 42 Figure 6-38: Firmware Upgrade 42 Figure 6-39: Restart 43 Figure 6-40: Setting Backup 43 Figure 6-41: Port Setup 44 Figure 6-42: Port Status 45 Figure 6-43: General Firewall 46
Figure 6-44: Access Rules 47 Figure 6-45: Add a New Access Rule 48 Figure 6-46: Content Filter 49 Figure 6-47: VPN Summary 50 Figure 6-48: VPN Tunnel Details 50 Figure 6-49: Types of VPN Tunnels 50 Figure 6-50: GroupVPN List 51 Figure 6-51: Gateway to Gateway 52 Figure 6-52: Local Security Gateway Type - IP Only 53 Figure 6-53: Local Security Gateway Type -
IP + Domain Name (FQDN) Authentication 53
Figure 6-54: Local Security Gateway Type -
IP + E-mail Addr. (USER FQDN) Authentication 53
Figure 6-55: Local Security Gateway Type -
Dynamic IP + Domain Name (FQDN) Authentication 53
Figure 6-56: Local Security Gateway Type -
Dynamic IP + E-mail Addr. (USER FQDN) Authentication 53 Figure 6-57: Local Security Group Type - IP 53 Figure 6-58: Local Security Group Type - Subnet 53 Figure 6-59: Local Security Group Type - IP Range 54 Figure 6-60: Remote Security Gateway Type - IP Only 54 Figure 6-61: Remote Security Gateway Type -
IP + Domain Name (FQDN) Authentication 54 Figure 6-62: Remote Security Gateway Type -
IP + E-mail Addr. (USER FQDN) Authentication 54 Figure 6-63: Remote Security Gateway Type -
Dynamic IP + Domain Name (FQDN) Authentication 55 Figure 6-64: Remote Security Gateway Type -
Dynamic IP + E-mail Addr. (USER FQDN) Authentication 55 Figure 6-65: Remote Security Group Type - IP 55
Figure 6-66: Remote Security Group Type - Subnet 55 Figure 6-67: Remote Security Group Type - IP Range 55 Figure 6-68: IPSec Setup - IKE with Preshared Key 56 Figure 6-69: IPSec Setup - Manual 57 Figure 6-70: IKE with Preshared Key - Advanced 58 Figure 6-71: Client to Gateway 59 Figure 6-72: Local Security Gateway Type - IP Only 60 Figure 6-73: Local Security Gateway Type -
IP + Domain Name (FQDN) Authentication 60 Figure 6-74: Local Security Gateway Type -
IP + E-mail Addr. (USER FQDN) Authentication 61 Figure 6-75: Local Security Gateway Type -
Dynamic IP + Domain Name (FQDN) Authentication 61 Figure 6-76: Local Security Gateway Type -
Dynamic IP + E-mail Addr. (USER FQDN) Authentication 61 Figure 6-77: Local Security Group Type - IP 61 Figure 6-78: Local Security Group Type - Subnet 61 Figure 6-79: Local Security Group Type - IP Range 61 Figure 6-80: Remote Client for VPN Tunnel - IP Only 62 Figure 6-81: Remote Client for VPN Tunnel -
IP + Domain Name (FQDN) Authentication 62 Figure 6-82: Remote Client for VPN Tunnel -
IP + E-mail Addr. (User FQDN) Authentication 62 Figure 6-83: Remote Client for VPN Tunnel -
Dynamic IP + Domain Name (FQDN) Authentication 62 Figure 6-84: Remote Client for VPN Tunnel -
Dynamic IP + E-mail Addr. (User FQDN) Authentication 63 Figure 6-85: Remote Client for Group VPN - Domain Name (FQDN) 63 Figure 6-86: Remote Client for Group VPN - E-mail Address (USER FQDN) 63 Figure 6-87: Remote Client for Group VPN - Microsoft XP/2000 VPN Client 63
Figure 6-88: IPSec Setup - IKE with Preshared Key 64 Figure 6-89: IPSec Setup - Manual 65 Figure 6-90: IKE with Preshared Key - Advanced 66 Figure 6-91: VPN Pass Through 68 Figure 6-92: System Log 69 Figure 6-93: View All Logs 70 Figure 6-94: View VPN Log 70 Figure 6-95: View Outgoing Log Table 70 Figure 6-96: View Incoming Log Table 70 Figure 6-97: System Statistics 71 Figure 6-98: Wizard 72 Figure 6-99: Basic Setup Wizard - Change Number of WAN Ports 72 Figure 6-100: Change Number of WAN Ports 72 Figure 6-101: Save Settings 73 Figure 6-102: Basic Setup Wizard - Edit Network Settings 73 Figure 6-103: Host and Domain Name 73 Figure 6-104: WAN Connection Type 74 Figure 6-105: Obtain an IP Automatically 74 Figure 6-106: Static IP 75 Figure 6-107: Static IP - DNS Servers 75 Figure 6-108: PPPoE 76 Figure 6-109: PPPoE - Connect on Demand or Keep Alive 76 Figure 6-110: DMZ 77 Figure 6-111: Save Settings 77 Figure 6-112: Access Rules 78 Figure 6-113: Action 78 Figure 6-114: Service 79 Figure 6-115: Log 79 Figure 6-116: Source 79 Figure 6-117: Destination 80
Figure 6-118: Scheduling 80 Figure 6-119: Save Settings 80 Figure 6-120: Support 81 Figure 6-121: Logout 81 Figure B-1: Upgrade Firmware 97 Figure C-1: IP Configuration Screen 98 Figure C-2: MAC Address/Adapter Address 98 Figure C-3: MAC Address/Physical Address 99 Figure C-4: MAC Clone 99 Figure C-5: Edit MAC Clone 99 Figure D-1: Mounting Brackets 100 Figure D-2: Attaching the Brackets to the Router and Rack-Mounting
the Router 101 Figure D-3: Wall-Mounting the Router 102 Figure D-4: Wall-Mounting Hardware 103

Chapter 1: Introduction

Welcome
Thank you for choosing the 10/100 16-Port VPN Router. The Linksys 10/100 16-Port VPN Router is an advanced Internet-sharing network solution for your small business needs. Like any router, it lets multiple computers in your office share an Internet connection, but the 16 ports on this Router feature unprecedented versatility. Two are dedicated Internet ports that let you connect a second Internet line as a backup to ensure that you're never disconnected. Or, you can use both Internet ports at the same time, and let the router balance your office's requirements between them for maximum bandwidth efficiency.
Not enough? Up to five of the thirteen full-duplex switched 10/100 Ethernet ports can be reconfigured as Internet ports, for an up to seven-port failover or load balanced redundancy! Finally, a dedicated DMZ port gives you a publicly accessible channel so you can set up a web or FTP server, unimpeded by the powerful security features of the Router.
The Virtual Private Network (VPN) capability creates encrypted “tunnels” through the Internet, allowing up to 50 remote office or traveling users to securely connect into your office network from off-site. Users connecting through a VPN tunnel are attached to your company's network -- with secure access to files, e-mail, and your intranet -- just as if they were in the building. You can also use the VPN capability to allow users on your small office network to securely connect out to a corporate network.
The 10/100 16-Port VPN Router can serve as a DHCP server, and has a powerful SPI firewall to protect your PCs against intruders and most known Internet attacks. It can be configured to filter internal users' access to the Internet, and has IP address filtering so you can specify exactly who has access to your network. Configuration is a snap with the web browser-based configuration utility.
As the heart of your small office network, the connection-redundant Linksys 10/100 16-Port VPN Router gives you the connection reliability your business needs.
Use the instructions in this Guide to help you connect the Router , set it up, and configure it to bridge your different networks. These instructions should be all you need to get the most out of the 10/100 16-Port VPN Router.
Ethernet: an IEEE standard network protocol that specifies how data is placed on and retrieved from a common transmission medium.
VPN (Virtual Private Network): A security measure to protect data as it leaves one network and goes to another over the Internet.
Chapter 1: Introduction Welcome
1
What’s in this Guide?
This user guide covers the steps for setting up and using the 10/100 16-Port VPN Router.
• Chapter 1: Introduction
This chapter describes the 10/100 16-Port VPN Router applications and this User Guide.
• Chapter 2: Networking Basics
This chapter describes the basics of networking.
• Chapter 3: Getting to Know the 10/100 16-Port VPN Router
This chapter describes the physical features of the Router.
• Chapter 4: Connecting the 10/100 16-Port VPN Router
This chapter instructs you on how to connect the Router to your network.
• Chapter 5: Configuring the PCs
This chapter explains how to configure the PCs for your network.
• Chapter 6: Setting up and Configuring the Router
This chapter explains how to use the Web-based Utility to set up the Router and configure its settings.
• Appendix A: Troubleshooting
This appendix describes some problems and solutions, as well as frequently asked questions, regarding installation and use of the 10/100 16-Port VPN Router.
• Appendix B: Upgrading Firmware
This appendix instructs you on how to upgrade the firmware on your Router if you should need to do so.
• Appendix C: Finding the MAC Address and IP Address for your Ethernet Adapter.
This appendix describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC address cloning feature of the Router.
• Appendix D: Physical Setup of the Router
This appendix describes the physical setup of the Router, including installation of the mounting brackets.
• Appendix E: Battery Replacement
This appendix explains how to replace the Router’s battery.
• Appendix F: Windows Help
This appendix describes how you can use Windows Help for instructions about networking, such as installing the TCP/IP protocol.
Chapter 1: Introduction What’s in this Guide?
2
• Appendix G: Glossary
This appendix gives a brief glossary of terms frequently used in networking.
• Appendix H: Specifications
This appendix provides the technical specifications for the Router.
• Appendix I: Warranty Information
This appendix supplies the warranty information for the Router.
• Appendix J: Regulatory Information
This appendix supplies the regulatory information regarding the Router.
• Appendix K: Contact Information
This appendix provides contact information for a variety of Linksys resources, including Technical Support.
Chapter 1: Introduction What’s in this Guide?
3

Chapter 2: Networking Basics

An Introduction to LANs
A Router is a network device that connects two networks together. The Router connects your local area network (LAN), or the group of PCs in your home or office, to the Internet. The
Router processes and regulates the data that travels between these two networks. The Router’s Stateful Packet Inspection (SPI) firewall and Network Address Translation (NAT) technology protects
your network of PCs so users on the Internet cannot “see” your PCs. This is how your LAN remains private. The Router protects your network by inspecting the first packet coming in through the Internet port before delivery to the final destination on one of the Ethernet ports. The Router inspects Internet port services like the web server, ftp server, or other Internet applications, and, if allowed, it will forward the packet to the appropriate PC on the LAN side.
The Use of IP Addresses
IP stands for Internet Protocol. Every device in an IP-based network, including PCs, print servers, and routers, requires an IP address to identify its location, or address, on the network. This applies to both the Internet and LAN connections.
There are two ways of assigning IP addresses to your network devices. A static IP address is a fixed IP address that you assign manually to a PC or other device on the network. Since a
static IP address remains valid until you disable it, static IP addressing ensures that the device assigned it will always have that same IP address until you change it. Static IP addresses are commonly used with network devices such as server PCs or print servers.
If you use the Router to share your cable or DSL Internet connection, contact your ISP to find out if they have assigned a static IP address to your account. If so, you will need that static IP address when configuring the Router. You can get the information from your ISP.
A dynamic IP address is automatically assigned to a device on the network. These IP addresses are called dynamic because they are only temporarily assigned to the PC or other device. After a certain time period, they expire and may change. If a PC logs onto the network (or the Internet) and its dynamic IP address has expired, the DHCP server will assign it a new dynamic IP address.
LAN (Local Area Network): the computers and networking products that make up the network in your home or office.
NAT (Network Address Translation): NAT technology translates IP addresses of a local area network to a different IP address for the Internet.
SPI (Stateful Packet Inspection) firewall: a technology that inspects
every incoming packet of information before allowing it to enter the network.
Static IP address: a fixed address assigned to a computer or device that is connected to a network.
Dynamic IP address: a temporary IP address assigned by a DHCP server.
DHCP (Dynamic Host Configuration Protocol): a protocol that lets one
device on a local network, known as a DHCP server, assign temporary IP addresses to the other network devices, typically computers.
Chapter 2: Networking Basics An Introduction to LANs
4
A DHCP server can either be a designated PC on the network or another network device, such as the Router. By default, the Router’s Internet Connection Type is Obtain an IP automatically (DHCP).
The PC or network device obtaining an IP address is called the DHCP client. DHCP frees you from having to assign IP addresses manually every time a new user is added to your network.
For DSL users, many ISPs may require you to log on with a user name and password to gain access to the Internet. This is a dedicated, high-speed connection type called Point to Point Protocol over Ethernet (PPPoE). PPPoE is similar to a dial-up connection, but PPPoE does not dial a phone number when establishing a connection. It also will provide the Router with a dynamic IP address to establish a connection to the Internet.
By default, a DHCP server (on the LAN side) is enabled on the Router. If you already have a DHCP server running on your network, you MUST disable one of the two DHCP servers. If you run more than one DHCP server on your network, you will experience network errors, such as conflicting IP addresses. To disable DHCP on the Router, see the Basic Setup section in “Chapter 6: Setting up and Configuring the Router.”
Why do I need a VPN?
Computer networking provides a flexibility not available when using an archaic, paper-based system. With this flexibility, however, comes an increased risk in security. This is why firewalls were first introduced. Firewalls help to protect data inside of a local network. But what do you do once information is sent outside of your local network, when e-mails are sent to their destination, or when you have to connect to your company's network when you are out on the road? How is your data protected?
That is when a VPN can help. VPNs are called Virtual Private Networks because they secure data moving outside of your network as if it were still within that network.
When data is sent out across the Internet from your computer, it is always open to attacks. Y ou may already ha ve a firewall, which will help protect data moving around or held within your network from being corrupted or intercepted by entities outside of your network, but once data moves outside of your network -- when you send data to someone via e-mail or communicate with an individual over the Internet -- the firewall will no longer protect that data.
At this point, your data becomes open to hackers using a variety of methods to steal not only the data you are transmitting but also your network login and security data. Some of the most common methods are as follows:
1. MAC Address Spoofing Packets transmitted over a network, either your local network or the Internet, are preceded by a packet header.
These packet headers contain both the source and destination information for that packet to transmit efficiently.
VPN (Virtual Private Network): A security measure to protect data as it leaves one network and goes to another over the Internet.
NOTE: Since the Router is a device that connects two networks, it needs two IP addresses—one for the LAN, and one for the Internet. In this User Guide, you’ll see references to the “Internet IP address” and the “LAN IP address.”
Since the Router uses NAT technology, the only IP address that can be seen from the Internet for your network is the Router’s Internet IP address. However, even this Internet IP address can be blocked, so that the Router and network seem invisible to the Internet.
Chapter 2: Networking Basics Why do I need a VPN?
5
A hacker can use this information to spoof (or fake) a MAC address allowed on the network. With this spoofed MAC address, the hacker can also intercept information meant for another user.
2. Data Sniffing Data “sniffing” is a method used by hackers to obtain network data as it travels through unsecured networks,
such as the Internet. Tools for just this kind of activity, such as protocol analyzers and network diagnostic tools, are often built into operating systems and allow the data to be viewed in clear text.
3. Man in the middle attacks Once the hacker has either sniffed or spoofed enough information, he can now perform a “man in the middle”
attack. This attack is performed, when data is being transmitted from one network to another, by rerouting the data to a new destination. Even though the data is not received by its intended recipient, it appears that way to the person sending the data.
These are only a few of the methods hackers use and they are always developing more. Without the security of your VPN, your data is constantly open to such attacks as it travels over the Internet. Data travelling over the Internet will often pass through many different servers around the world before reaching its final destination. That's a long way to go for unsecured data and this is when a VPN serves its purpose.
What is a VPN?
A VPN, or Virtual Private Network, is a connection between two endpoints - a VPN Router, for instance - in different networks that allows private data to be sent securely over a shared or public network, such as the Internet. This establishes a private network that can send data securely between these two locations or networks.
This is done by creating a “tunnel”. A VPN tunnel connects the two PCs or networks and allows data to be transmitted over the Internet as if it were still within those networks. Not a literal tunnel, it is a connection secured by encrypting the data sent between the two networks.
VPN was created as a cost-effective alternative to using a private, dedicated, leased line for a private network. Using industry standard encryption and authentication techniques - IPSec, short for IP Security - the VPN creates a secure connection that, in effect, operates as if you were directly connected to your local network. Virtual Private Networking can be used to create secure networks linking a central office with branch offices, telecommuters, and/or professionals on the road (travelers can connect to a VPN Router using any computer with VPN client software that supports IPSec, such as SSH Sentinel.)
There are two basic ways to create a VPN connection:
Chapter 2: Networking Basics What is a VPN?
6
• VPN Router to VPN Router
• Computer (using VPN client software that supports IPSec) to VPN Router The VPN Router creates a “tunnel” or channel between two endpoints, so that data transmissions between them
are secure. A computer with VPN client software that supports IPSec can be one of the two endpoints. Any computer with the built-in IPSec Security Manager (Microsoft 2000 and XP) allows the VPN Router to create a VPN tunnel using IPSec). Other versions of Microsoft operating systems require additional, third-party VPN client software applications that support IPSec to be installed.
VPN Router to VPN Router
An example of a VPN Router-to-VPN Router VPN would be as follows. (See Figure 2-1.) At home, a telecommuter uses his VPN router for his always-on Internet connection. His router is configured with his office's VPN settings. When he connects to his office's 10/100 16-Port VPN Router, the two routers create a VPN tunnel, encrypting and decrypting data. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the telecommuter now has a secure connection to the central office's network, as if his computer were physically connected.
Computer to VPN Router
The following is an example of a computer-to-VPN Router VPN. (See Figure 2-2.) In her hotel room, a traveling businesswoman dials up her ISP. Her notebook computer has VPN client software that is configured with her office's VPN settings. She accesses the VPN client software that supports IPSec and connects to the 10/100 16-Port VPN Router at the central office. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the businesswoman now has a secure connection to the central office's network, as if her computer were physically connected.
For additional information and instructions about creating your own VPN, please visit Linksys’s website at www.linksys.com.
Chapter 2: Networking Basics What is a VPN?
Figure 2-1: VPN Router-to-VPN Router VPN
Figure 2-2: Computer-to-VPN Router VPN
7

Chapter 3: Getting to Know the Router

The Front Panel
The Router’s LEDs, Ethernet ports, and Reset button are located on the front panel of the Router.
Figure 3-1: Front Panel
LEDs
DIAG Orange. The DIAG LED lights up when the system is not ready. The LED turns off when
the system is ready.
System Green. The System LED lights up when the Router is powered on. When the LED is
flashing, the Router is running a diagnostic test.
LAN/Act (1-13) Green. Each LAN/Act LED serves two purposes. If the LED is continuously lit, the Router
is connected to a device through the corresponding port (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13). If the LED is flashing, the Router is actively sending or receiving data over that port.
LAN/Act LEDs 9-13 and Internet/Act LEDs 3-7 represent the dual-function ports, which can be used as LAN or Internet ports. These are LAN ports 9-13 (white print) or Internet ports 3-7 (dark print) on the Router’s front panel.
Internet/Act (1-7) Green. Each Internet/Act LED serves two purposes. If the LED is continuously lit, the
Router is connected to an Internet device, such as a cable or DSL modem, through the corresponding port. If the LED is flashing, the Router is actively sending or receiving data over that port.
Chapter 3: Getting to Know the Router The Front Panel
8
Internet/Act LEDs 1 and 2 are labeled Internet because they can be used only as Internet ports.
DMZ Orange. The DMZ LED serves two purposes. If the LED is continuously lit, the Router is
connected to a DMZ host through the DMZ port. If the LED is flashing, the Router is actively sending or receiving data over that port.
Ports
1-13 (LAN) These thirteen LAN Ethernet ports connect to network devices, such as PCs, print
servers, or additional switches. LAN ports 9-13 can also be used as Internet ports.
Internet (1-7) The seven Internet Ethernet ports connect to an Internet device, such as a cable or DSL
modem. Internet ports 1 and 2 are labeled Internet because they can be used only as Internet
ports. When used as an additional Internet port, it connects to a cable or DSL modem. Internet ports 3-7 can also be used as LAN ports.
DMZ The DMZ Ethernet port connects to a hub, switch, or public server.
Button
Reset Button The Reset button can be used in one of two ways:
If the Router is having problems connecting to the Internet, press the Reset button with a paper clip or a pencil tip for four seconds. This performs a warm reset, similar to rebooting your PC. You will see the Diag LED flash slowly until the warm reset is complete.
If you are experiencing extreme problems with the Router and have tried all other troubleshooting measures, press and hold in the Reset button for ten seconds. This will restore the factory defaults and clear all of the Router’s settings, such as port range forwarding entries or a new password. Y ou will see the Diag LED flash quickly until the factory defaults have been restored.
Chapter 3: Getting to Know the Router The Front Panel
9
The Back Panel
The Router’s Power port is located on the back panel of the Router.
Figure 3-2: Back P anel
Power The Power port is where you connect the p ower adapter.
Proceed to “Chapter 4: Connecting the Router.”
Chapter 3: Getting to Know the Router The Back Panel
10

Chapter 4: Connecting the Router

Overview
To set up your network, you will do the following:
• Connect the Router to one of your PCs according to the instructions in this chapter.
• If necessary, configure your PCs to obtain an IP address automatically from the Router, according to “Chapter 5: Configuring the PCs. ” (By default, Windows 98, 2000, Millennium, and XP computers are set to obtain an IP address automatically, so unless you have changed the default setting, then you will not need to configure your PCs.)
• Set up and configure the Router with the setting(s) provided by your Internet Service Provider (ISP) according to “Chapter 6: Set up and Configure the Router.”
The installation technician from your ISP should have left the setup information with you after installing your broadband connection. If not, you can call your ISP to request the information. Once you have the setup information for your specific type of Internet connection, then you can begin installation and setup of the Router.
Internet
Chapter 4: Connecting the Router Overview
Cable or DSL
Modem
Figure 4-1: Example of a Typical Network
10/100 16-Port
VPN Router
Notebook with
Ethernet Adapter
PC with
Ethernet Adapter
11
Connection Instructions
1. Before you begin, make sure that all of your hardware is powered off, including the Router, PCs, hubs, switches, and cable or DSL modem.
2. Connect one end of an Ethernet network cable to one of the numbered ports on the front of the Router (see Figure 4-2). Connect the other end to an Ethernet port on a network device, e.g., a PC, print server, hub, or switch.
Repeat this step to connect more PCs or other network devices to the Router.
3. Connect your cable or DSL modem’s Ethernet cable to one of the Router’s Internet ports. Repeat this step to connect additional Internet devices to the Router’s other Internet ports.
4. If you want to use the DMZ port, connect an Ethernet cable to it, and connect the other end to the appropriate network device, such as a public server.
Figure 4-2: Connect a PC
5. Power on the cable or DSL modem and the other network device(s).
6. Connect the included power cord to the Router’s Power port on the back of the Router, as shown in Figure 4­4, and then plug the power cord into an electrical outlet.
The System LED on the front panel will light up as soon as the power adapter is connected properly.
If you need to configure your PCs, proceed to “Chapter 5: Configuring the PCs.” Otherwise, proceed to
“Chapter 6: Setting up and Configurin g the Router.”
Chapter 4: Connecting the Router Connection Instructions
Figure 4-3: Connect the Internet
Figure 4-4: Connect the DMZ
Figure 4-5: Connect the Power
12

Chapter 5: Configuring the PCs

Overview
The instructions in this chapter will help you configure each of your computers so they will be able to communicate with the Router. Each PC must be set to obtain an IP address (or TCP/IP) address automatically (called DHCP). Computers use IP addresses to communicate with each other across a network or the Internet.
Note: These instructions apply only to Windows 98, Millennium, 2000, or XP computers. By default, Windows 98, 2000, Millennium, and XP have TCP/IP installed and are set to obtain an IP address automatically. If you ha ve not made any c hanges to your PC’s default network settings, then proceed to “Chapter 6: Setting up and Configuring the Router.”
Find out which operating system your computer is running, such as Windows 98, Millennium, 2000, or XP. If you’re not sure, you can find out by clicking the Start button. On the left side of the taskbar, it will say which operating system your computer is using.
You may need to do this for each computer you are connecting to the Router. The next few pages tell you, step by step, how to configure your network settings based on the type of Windows
operating system you are using. Make sure that an Ethernet card or adapter has been successfully installed in each PC you will configure. Once you’ve configured your computers, proceed to “Chapter 6: Setting up and Configuring the Router.”
Configuring Windows 98 and Millennium PCs
1. Click the Start button. Click Settings and then Control Panel. From there, double-click the Network icon.
2. On the Configuration tab, select the TCP/IP line for the applicable Ethernet adapter, as shown in Figure 5-1. Do not choose a TCP/IP entry whose name mentions Dial-Up Adapter, PPPoE, VPN, or AOL. If the word TCP/IP appears by itself, select that line. (If there is no TCP/IP line listed, refer to Windows Help or your Ethernet adapter’s documentation to install TCP/IP now.) Click the Properties button.
3. Click the IP Address tab and select Obtain an IP address automatically, as shown in Figure 5-2.
4. Now click the Gateway tab to ensure that the Installed Gateway field is left blank. Click the OK button.
Chapter 5: Configuring the PCs Overview
Figure 5-1: TCP/IP for Windows 98
and Me
Figure 5-2: Obtain an IP address
automatically for Windows 98
and Me
13
5. Click the OK button again. Windows may ask you for the original Windows installation disk or additional files. Supply them by pointing to the correct file location, e.g., D:\win98, D:\win9x, c:\windows\options\cabs, etc. (if “D” is the letter of your CD-ROM drive).
6. Windows may ask you to restart your PC. Click the Yes button. If Windows does not ask you to restart, restart your computer anyway.
Go to “Chapter 6: Setting up and Configuring the Router.”
Configuring Windows 2000 PCs
1. Click the Start button. Click Settings and then Contr ol Panel. From there, double-click the Network and Dial-up Connections icon.
2. Select the Local Area Connection icon for the applicable Ethernet adapter (usually it is the first Local Area Connection listed). Double-click the Local Area Connection. Click the Properties button.
3. Select Internet Protocol (TCP/IP), and click the Properties button. See Figure 5-3.
4. Select Obtain an IP address automatically (see Figure 5-4). Once the new windows appears, click the OK button. Click the OK button again to complete the PC configuration.
5. Restart your computer.
Go to “Chapter 6: Setting up and Configuring the Router.”
Configuring Windows XP PCs
The following instructions assume you are running Windows XP with the default interface. If you are using the Classic interface (where the icons and menus look like previous Windows versions), follow the instructions for Windows 2000.
1. Click the Start button. Click Settings and then Control Pan el. Clic k the Network and Internet Connections icon and then the Network Connections icon.
2. Select the Local Area Connection icon for the applicable Ethernet adapter (usually it is the first Local Area Connection listed). Double-click the Local Area Connection. Click the Properties button.
Figure 5-3: Internet Protocol
(TCP/IP) for Windows 2000
Figure 5-4: Obtain an IP address
automatically for Windows 2000
Chapter 5: Configuring the PCs Configuring Windows 2000 PCs
14
3. Select Internet Protocol (TCP/IP), and click the Properties button. See Figure 5-5.
4. Select Obtain an IP address automatically (see Figure 5-6). Once the new window appears, click the OK button. Click the OK button again (or the Close button if any settings were changed) to complete the PC configuration.
5. Restart your computer.
Go to “Chapter 6: Setting up and Configuring the Router.”
Figure 5-5: Internet Protocol
(TCP/IP) for Windows XP
Chapter 5: Configuring the PCs Configuring Windows XP PCs
Figure 5-6: Obtain an IP address
automatically for Windows XP
15

Chapter 6: Setting up and Configuring the Router

Overview
For your convenience, use the Router’s W eb-based Utility to set it up and configur e it. This chapter will explain all of the functions in this Utility.
There are eleven main tabs in the Utility: System Summary, Setup, DHCP, System Management, Port Management, Firewall, VPN, Log, Wizard, Support, and Logout. Additional tabs will be available after you click one of the main tabs. The tabs are described below:
System Summary Tab
The System Summary tab displays the Router’s current status and settings. This information is read-only. If you click any underlined text, the related setup page will appear.
Setup Tab
• Network. Enter the Internet connection and network settings on this screen.
• Password. You can change the Router’s passw ord on this screen. It is strongly recommended that you change the Router's password from the default.
• Time. On this screen, configur e the Router’s time settings. You can set the time, select a time zone, enable or disable the Daylight Savings feature, and configure the NTP (Network Time Protocol) settings.
• DMZ Host. The DMZ (Demilitarized Zone) Host feature allows one local user to be exposed to the Internet for use of a special-purpose service such as Internet gaming or video conferencing.
• Forwarding. Port forwarding can be used to set up public services on your network. Y ou may use this function to establish a web server or FTP server via an IP gateway.
• UPnP. UPnP (Universal Plug and Play) forwarding can be used to set up public services on your network.
• One-to-One NAT. One-to-One NAT (Network Address Translation) creates a relationship that maps valid external addresses to internal addresses hidden by NAT.
• MAC Clone. Some ISPs require that you register a MAC address. This feature “clones” your network adapter's MAC address onto the Router , so you don’t have to call your ISP and change the registered MAC address to the Router's MAC address.
Chapter 6: Setting up and Configuring the Router Overview
16
• DDNS. DDNS (Dynamic Domain Name Service) service allows you to assign a fixed domain name to a dynamic WAN IP address. This allows you to host your own web, FTP, or other type of TCP/IP server in your LAN.
• Advanced Routing. On this screen, you can enable the Router’s dynamic routing feature so it will automatically adjust to physical changes in the network's layout. You can also set up static routes.
DHCP Tab
• Setup. You can enable/disable the DHCP server, set up client lease time, configure the DHCP IP range, assign static IP addresses to specific clients, assign DNS server(s) to clients, and enter the WINS server IP address.
• Status. A Status page is available to review the status of the DHCP server and its clients.
System Management Tab
• Multi-WAN. There are two modes provided for the Load Balance function – Intelligent Balancer (Auto Mode) and IP Group (By Users).
• SNMP. SNMP (Simple Network Management Protocol) is a network protocol that provides network administrators with the ability to monitor the status of the Router and receive notification of any critical events as they occur on the network. (SNMP can only be used to monitor and configure the Router from inside the local network.)
• Diagnostic. The Router has two built-in tools that will help with troubleshooting network problems.
• Factory Default. Use this screen to clear all of your configuration information and restore the Router to its factory default settings. Only use this feature if you want to remove all of your custom configuration settings.
• Firmware Upgrade. You can use this screen to upgrade the Router’s firmware to the latest version.
• Restart. The recommended method of restarting the Router is to use the Restart tool available on this page. When you use this method, the Router will send out your log file before it is reset.
• Setting Backup. This tab allows you to make a backup file of your configuration file for the Router.
Port Management Tab
• Port Setup. You can configure the connection settings for each port, such as priority, speed, duplex, and auto negotiation.
• Port Status. You can select a port number to view its settings.
Chapter 6: Setting up and Configuring the Router Overview
17
Firewall Tab
• General. Use this screen to enable or disable various firewall and security features, including SPI (Stateful Packet Inspection), DoS (Denial of Service), and Remote Management.
• Access Rules. Access Rules evaluate the network traffic's source IP address, destination IP address, and IP protocol type to decide whether the IP traffic is allowed to pass through the firewall. You can set up custom Access Rules from this screen.
• Content Filter. This tab allows you to filter web access according to a list of forbidden domains and a schedule.
VPN T ab
• Summary. This screen displays the Summary, Tunnel Status, and GroupVPN Status settings and information.
• Gateway to Gateway. Use this screen to create a new tunnel between two VPN devices.
• Client to Gateway. From this screen, create a new tunnel between a local VPN device and a mobile user , or set up a Group VPN.
• VPN Pass Through. This tab allows you to disable IPSec, PPTP, and/or L2TP Pass Through.
Log Tab
• System Log. The System Log displays the syslog, e-mail alert, and log settings.
• System Statistics. This tab displays the system statistics.
Wizard Tab
• Wizard. Use this tab to access two Setup Wizards, the Basic Setup Wizard and Access Rule Setup Wizard.
Support Tab
• Support. Use this screen to conveniently access this User Guide and the Linksys website.
Logout Tab
• Logout. Click the Logout tab to exit the Utility.
Chapter 6: Setting up and Configuring the Router Overview
18
How to Access the Web-based Utility
To access the Web-based Utility of the Router, launch Internet Explorer or Netscape Navigator, and enter the Router’s default IP address, 192.168.1.1, in the Address field, as shown in Figure 6-1. Press the Enter key.
A screen will appear asking you for your User Name and Password, as shown in Figure 6-2. Enter admin in the
User Name field, and enter admin in the Password field. Then click the OK button.
System Summary Tab
The first screen that appears is the System Summary tab, which displays the Router’s current status and settings. (See Figure 6-3.) This information is read-only. Underlined text is hyperlinked to related setup pages, so if you click a hyperlink, the related setup screen will appear. On the right-hand side of this screen and all other screens of the Utility is a link to the Site Map, which has links to all of the Utility’s tabs. Clic k the Si te M ap button to view the Site Map, which is shown in Figure 6-4. Then, click the desired tab.
System Information
Serial Number. The serial number of the Router. Firmware version. The current version number of the firmware installed on the Router. CPU. The type and speed of the processor installed on the Router. DRAM. The size of DRAM installed on the Router’s motherboard. Flash. The size of flash memory installed on the Router’s board.
Figure 6-1: Router’s IP Address
Figure 6-2: Login Screen
System Up Time. The length of time in days, hours, and minutes that the Router has been active. The current time and date are also displayed.
Configuration
If you need help to set up the Router, click the Setup Wizard button. For more details, see the Wizard T ab section.
Chapter 6: Setting up and Configuring the Router How to Access the Web-based Utility
Figure 6-3: System Summary
19
Loading...
+ 97 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use