LINKSYS WRT55AGV2 Users Manual

Dual-Band Wireless A+G Broadband Router

Router’s ability to catch all Wireless-G transmissions but will severely decrease performance. If you do not want to use CTS Protection Mode at all, select Disabled.

Frame Burst Mode. Enabling this option should provide your network with greater performance, depending on the manufacturer of your wireless products. If you are not sure how to use this option, keep the default, Enabled.

Beacon Interval. The default value is 100. The Beacon Interval value indicates the frequency interval of the beacon. A beacon is a packet broadcast by the Router to synchronize the wireless network.

DTIM Interval. This value indicates the interval of the Delivery Traffic Indication Message (DTIM). A DTIM field is a countdown field informing clients of the next window for listening to broadcast and multicast messages. When the Router has buffered broadcast or multicast messages for associated clients, it sends the next DTIM with a DTIM Interval value. Its clients hear the beacons and awaken to receive the broadcast and multicast messages. The default value is 1.

Fragmentation Threshold. This value specifies the maximum size for a packet before data is fragmented into multiple packets. If you experience a high packet error rate, you may slightly increase the Fragmentation Threshold. Setting the Fragmentation Threshold too low may result in poor network performance. Only minor reduction of the default value is recommended. In most cases, it should remain at its default value of 2346.

RTS Threshold. Should you encounter inconsistent data flow, only minor reduction of the default value, 2347, is recommended. If a network packet is smaller than the preset RTS threshold size, the RTS/CTS mechanism will not be enabled. The Router sends Request to Send (RTS) frames to a particular receiving station and negotiates the sending of a data frame. After receiving an RTS, the wireless station responds with a Clear to Send (CTS) frame to acknowledge the right to begin transmission. The RTS Threshold value should remain at its default value of 2347.

Change these settings as described here and click the Save Settings button to apply your changes or Cancel Changes to cancel your changes. Help information is shown on the right-hand side of the screen. For additional information, click More.

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Wireless Tab - Advanced Wireless Settings

Dual-Band Wireless A+G Broadband Router

The Security Tab - Firewall

The Firewall screen offers the Block Anonymous Internet Requests feature. The use of this feature enhances the security of your network.

Firewall

Block Anonymous Requests. When enabled, this feature keeps your network from being “pinged,” or detected, by other Internet users. It also reinforces your network security by hiding your network ports. Both functions of this feature make it more difficult for outside users to work their way into your network. This feature is enabled by default. Select Disabled to allow anonymous Internet requests.

Change this setting as described here and click the Save Settings button to apply your change or Cancel

Changes to cancel your change. Help information is shown on the right-hand side of the screen.

The Security Tab - VPN Passthrough

Use the settings on this tab to allow VPN tunnels using IPSec, L2TP, or PPTP protocols to pass through the Router’s firewall.

VPN Passthrough

IPSec Passthrough. Internet Protocol Security (IPSec) is a suite of protocols used to implement secure exchange of packets at the IP layer. IPSec Pass-Through is enabled by default. To disable IPSec Passthrough, select

Disabled. L2TP Passthrough. Layer 2 Tunneling Protocol is the method used to enable Point-to-Point sessions via the

Internet on the Layer 2 level. L2TP Pass-Through is enabled by default. To disable L2TP Passthrough, select

Disabled. PPTP Passthrough. Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point Protocol (PPP) to be

tunneled through an IP network. PPTP Pass-Through is enabled by default. To disable PPTP Passthrough, select Disabled.

Figure 5-16: Security Tab - Firewall

Figure 5-17: Security Tab - VPN Passthrough

vpn: a security measure to protect data as it leaves one network and goes to another over the Internet.

ipsec: a VPN protocol used to implement secure exchange of packets at the IP layer.

pptp: a VPN protocol that allows the Point to Point Protocol (PPP) to be tunneled through an IP network. This protocol is also used as a type of broadband connection in Europe.

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Security Tab - Firewall

Dual-Band Wireless A+G Broadband Router

The Access Restrictions Tab - Internet Access Policy

The Internet Access Policy screen allows you to block or allow specific kinds of Internet usage and traffic , such as Internet access, designated applications, websites, and inbound traffic during specific days and times.

Internet Access Policy

Access Policy. Access can be managed by a policy. Use the settings on this screen to establish an access policy (after the Save Settings button is clicked). Selecting a policy from the drop-down menu will display that policy’s settings. To delete a policy, select that policy’s number and click the Delete This Policy button. To view all the policies, click the Summary button.

On the Summary screen, the policies are listed with the following information: No., Policy Name, Access, Days, Time, and status (Enabled). You can change the type of access, days, and times of a policy. To activate a policy, click the Enabled checkbox. To delete a policy, click its Delete button. Click the Save Settings button to save your changes, or click the Cancel Changes button to cancel your changes. To return to the Internet Access Policy tab, click the Close button. To view the list of PCs for a specific policy, click the Edit List button.

On the List of PCs screen, you can select a PC by MAC Address or IP Address. You can also enter a range of IP Addresses if you want this policy to affect a group of PCs. After making your changes, click the Save Settings button to apply your changes or Cancel Changes to cancel your changes. Click the Close button to exit this screen.

Figure 5-18: Access Restrictions Tab - Internet

Access Policy

To create an Internet Access policy:

1. Select a number from the Access Policy drop-down menu.

2. Enter a Policy Name in the field provided.

3. To enable this policy, select Enabled from the Status drop-down menu.

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Access Restrictions Tab - Internet Access Policy

Figure 5-19: Summary

Dual-Band Wireless A+G Broadband Router

4. Click the Edit List button to select which PCs will be affected by the policy . The List of PCs screen will appear. You can select a PC b y MAC Address or IP Address. You can also enter a range of IP Addresses if you want this policy to affect a group of PCs. After making your changes, click the Save Settings button to apply your changes or Cancel Changes to cancel your changes. Then click the Close button.

5. Click the appropriate option, Deny or Allow, depending on whether you want to block or allow Internet access for the PCs you listed on the List of PCs screen.

6. Decide which days and what times you want this policy to be enforced. Select the individual days during which the policy will be in effect, or select Everyday. Then enter a range of hours and minutes during which the policy will be in effect, or select 24 Hours.

7. You can filter access to various applications accessed over the Internet, such as FTP or telnet, by selecting up to three applications from the drop-down menus next to Blocked Application Port.

Each drop-down menu offers a choice of ten preset applications (select None if you do not want to use any of the applications). For the preset applications you select, the appropriate range of ports will automatically be displayed.

If the application you want to block is not listed or you want to edit an application’s settings, then select Custom from the drop-down menu. Enter the port range you want to block. Then select its protocol(s), TCP and/or UDP.

8. Click the Save Settings button to save the policy’s settings. To can c el the policy’s settings, click the Cancel

Changes button.

Figure 5-20: List of PCs

tcp: a network protocol for transmitting data that requires acknowledgement from the recipient of data sent.

udp: a network protocol for transmitting data that does not require acknowledgement from the recipient of the data that is sent.

Help information is shown on the right-hand side of the screen. For additional information, click More.

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Access Restrictions Tab - Internet Access Policy

Dual-Band Wireless A+G Broadband Router

The Applications and Gaming Tab - Port Range Forwarding

The Port Range Forwarding screen allows you to set up public services on your network, such as web servers, ftp servers, e-mail servers, or other specialized Internet applications. (Specialized Internet applications are any applications that use Internet access to perform functions such as videoconferencing or online gaming. Some Internet applications may not require any forwarding.)

Before using forwarding, you should assign static IP addresses to the designated PCs.

Port Range Forwarding

To forward a port, enter the information on each line for the criteria required. Descriptions of each criteria are described here.

Application Name. Each drop-down menu offers a choice of ten preset applications (select None if you do not want to use any of the preset applications). Select up to five preset applications. For custom applications, enter the name of your application in one of the available fields.

The preset applications are among the most widely used Internet applications. They include the following: FTP (File Transfer Protocol). A protocol used to transfer files over a TCP/IP network (Internet, UNIX, etc.). For

example, after developing the HTML pages for a website on a local machine, they are typically uploaded to the web server using FTP.

Figure 5-21: Applications and Gaming Tab - Port

Range Forwarding

Telnet. A terminal emulation protocol commonly used on Internet and TCP/IP-based networks. It allows a user at

a terminal or computer to log onto a remote device and run a program. SMTP (Simple Mail Transfer Protocol). The standard e-mail protocol on the Internet. It is a TCP/IP proto c ol that

defines the message format and the message transfer agent (MTA), which stores and forwards the mail. DNS (Domain Name System). The way that Internet domain names are located and translated into IP addresses. A

domain name is a meaningful and easy-to-remember “handle” for an Internet address. TFTP (Trivial File Transfer Protocol). A version of the TCP/IP FTP protocol that has no directory or password

capability. Finger. A UNIX command widely used on the Internet to find out information about a particular user, such as a

telephone number, whether the user is currently logged on, and the last time the user was logged on. The person being “fingered” must have placed his or her profile on the system in order for the information to be available. Fingering requires entering the full user@domain address.

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Applications and Gaming Tab - Port Range Forwarding

Dual-Band Wireless A+G Broadband Router

HTTP (HyperT ext Transport Protocol). The communications protocol used to connect to servers on the World Wide

Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client web browser.

POP3 (Post Office Protocol 3). A standard mail server commonly used on the Internet. It provides a message store that holds incoming e-mail until users log on and download it. POP3 is a simple system with little selectivity. All pending messages and attachments are downloaded at the same time. POP3 uses the SMTP messaging protocol.

NNTP (Network News Transfer Protocol). The protocol used to connect to Usenet groups on the Internet. Usenet newsreaders support the NNTP protocol.

SNMP (Simple Network Management Protocol). A widely used network monitoring and control protocol. Data is passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc.) to the workstation console used to oversee the network. The agents return information contained in a MIB (Management Information Base), which is a data structure that defines what is obtainable from the device and what can be controlled (turned off, on, etc.).

Start/End. This is the port range. Enter the port number or range of external ports used by the server or Internet application. Check with the software documentation of the Internet application for more information.

Protocol. Select the protocol(s) used for this application, TCP and/or UDP. To IP Address. For each application, enter the IP address of the PC running the specific application. Enabled. Click the Enabled checkbox to enable port forwarding for the relevant application. Change these settings as described here and click the Save Settings button to apply your changes or Cancel

Changes to cancel your changes. Help information is shown on the right-hand side of the screen. For additional information, click More.

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Applications and Gaming Tab - Port Range Forwarding

Dual-Band Wireless A+G Broadband Router

The Applications & Gaming Tab - Port Range Triggering

The Port Range Triggering screen allows the Router to watch outgoing data for specific port numbers. The IP address of the computer that sends the matching data is remembered by the Router, so that when the requested data returns through the Router, the data is pulled back to the proper computer by way of IP address and port mapping rules.

Port Range Triggering

Application Name. Enter the application name of the trigger. Triggered Range. For each application, list the triggered port number range. Check with the Internet application

documentation for the port number(s) needed. In the first field, enter the starting port number of the Triggered Range. In the second field, enter the ending port number of the Triggered Range.

Forwarded Range. For each application, list the forwarded port number range. Check with the Internet application documentation for the port number(s) needed. In the first field, enter the starting port number of the Forwarded Range. In the second field, enter the ending port number of the Forwarded Range.

Enabled. Click the Enabled checkbox to enable port range triggering for the relevant application. Change these settings as described here and click the Save Settings button to apply your changes or Cancel

Changes to cancel your changes. Help information is shown on the right-hand side of the screen. For additional information, click More.

Figure 5-22: Applications and Gaming Tab -

Port Triggering

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Applications & Gaming Tab - Port Range Triggering

Dual-Band Wireless A+G Broadband Router

The Applications and Gaming Tab - DMZ

The DMZ feature allows one network user to be exposed to the Internet for use of a special-purpose service such as Internet gaming or videoconferencing. DMZ hosting forwards all the ports at the same time to one PC. The Port Range Forwarding feature is more secure because it only opens the ports you want to have opened, while DMZ hosting opens all the ports of one computer, exposing the computer to the Internet.

Any PC whose port is being forwarded must have its DHCP client function disabled and should have a new static IP address assigned to it because its IP address may change when using the DHCP function.

DMZ

To expose one PC, select Enabled.

Internet Source IP Address. If you want to allow any Internet IP address to access the exposed computer , select Any IP Address. If you want to allow a specific IP address or range of IP addresses to access the exposed

computer, select the second option and enter the IP address or range of IP addresses in the fields provided. Destination Host IP Address. Enter the IP address of the computer you want to expose. Change these settings as described here and click the Save Settings button to apply your changes or Cancel

Changes to cancel your changes. Help information is shown on the right-hand side of the screen. For additional information, click More.

Figure 5-23: Applications and Gaming Tab - DMZ

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Applications and Gaming Tab - DMZ

Dual-Band Wireless A+G Broadband Router

The Applications and Gaming Tab - QoS

QoS (Quality of Service) manages information as it is transmitted and received. It ensures better service to highpriority types of Internet traffic, which may involve demanding, real-time applications, such as videoconferencing. QoS can also prioritize traffic for a specific device or the Router’s LAN ports.

Qos (Quality of Service)

There are three types of QoS available, Application Port Priority, MAC Address Priority, and LAN Port Priority.

Application Port Priority

Depending on the settings of the QoS screen, this feature will assign information a specific priority for up to five preset applications and up to five additional applications that you specify.

example, after developing the HTML pages for a website on a local machine, they are typically uploaded to the web server using FTP.

Figure 5-24: Applications and Gaming Tab - QOS

Telnet. A terminal emulation protocol commonly used on Internet and TCP/IP-based networks. It allows a user at

a terminal or computer to log onto a remote device and run a program. SMTP (Simple Mail Transfer Protocol). The standard e-mail protocol on the Internet. It is a TCP/IP proto c ol that

domain name is a meaningful and easy-to-remember “handle” for an Internet address. TFTP (Trivial File Transfer Protocol). A version of the TCP/IP FTP protocol that has no directory or password

capability. Finger. A UNIX command widely used on the Internet to find out information about a particular user, such as a

Chapter 5: Configuring the Dual-Band Wireless A+G Broadband Router The Applications and Gaming Tab - QoS

+ 21 hidden pages