Netgear orporated WGT624V3 User Manual
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Setting the MTU Size
The normal MTU (Maximum Transmit Unit) value for most Ethernet networks is 1500 Bytes,
1492 Bytes for PPPoE connections, or 1436 for PP TP connections. For some ISPs you may need to
reduce the MTU. But this is rarely required, and should not be done unless you are sure it is
necessary for your ISP connection.
Any packets sent through the router that are larger than the configured MTU size will be
repackaged into smaller packets to meet the MTU requirement. To change the MTU size:
1. Under MTU Size, enter a new size between 64 and 1500.
2. Click Apply to save the new configuration.
Advanced Configuration of the Router 7-9
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Using the LAN IP Setup Options
The second feature category under the Advanced heading is LAN IP Setup. This menu allows
configuration of LAN IP services such as DHCP and RIP. From the Main Menu of the browser
interface, under Advanced, click on LAN IP Setup to view the LAN IP Setup menu, shown below.
Figure 7-6: LAN IP Setup Menu
Configuring LAN TCP/IP Setup Parameters
The router is shipped preconfigured to use private IP addresses on the LAN side, and to act.as a
DHCP server. The router’s default LAN IP configuration is:
• LAN IP addresses—192.168.0.1
• Subnet mask—255.255.255.0
7-10 Advanced Configuration of the Router
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
These addresses are part of the IETF-designated private address range for use in private networks,
and should be suitable in most applications. If your network has a requirement to use a different IP
addressing scheme, you can make those changes in this menu.
The LAN IP parameters are:
• IP Address
This is the LAN IP address of the router.
• IP Subnet Mask
This is the LAN Subnet Mask of the router. Combined with the IP address, the IP Subnet Mask
allows a device to know which other addresses are local to it, and which must be reached
through a gateway or router.
• RIP Direction
RIP (Router Information Protocol) allows a router to exchange routing information with other
routers. The RIP Direction selection controls how the router sends and receives RIP packets.
Both is the default.
— When set to Both or Out Only, the router will broadcast its routing table periodically.
— When set to Both or In Only, it will incorporate the RIP information that it receives.
— When set to None, it will not send any RIP packets and will ignore any RIP packets
received.
• RIP Version
This controls the format and the broadcasting method of the RIP packets that the router sends.
(It recognizes both formats when receiving.) By default, this is set for RIP-1.
— RIP-1 is universally supported. RIP-1 is probably adequate for most networks, unless you
have an unusual network setup.
— RIP-2 carries more information. RIP-2B uses subnet broadcasting.
Note: If you change the LAN IP address of the router while connected through the
browser, you will be disconnected. You must then open a new connection to the new IP
address and log in again.
Advanced Configuration of the Router 7- 11
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Using the Router as a DHCP server
By default, the router will function as a DHCP (Dynamic Host Configuration Protocol) server,
allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to
the router's LAN. The assigned default gateway address is the LAN address of the router. IP
addresses will be assigned to the attached computers from a pool of addresses specified in this
menu. Each pool address is tested before it is assigned to avoid duplicate addresses on the LAN.
For most applications, the default DHCP and TCP/IP settings of the router are satisfactory. See “IP
Configuration by DHCP” on page B-10 for an explanation of DHCP and information about how to
assign IP addresses for your network.
If another device on your network will be the DHCP server, or if you will manually configure the
network settings of all of your computers, clear the ‘Use router as DHCP server’ check box.
Otherwise, leave it checked.
Specify the pool of IP addresses to be assigned by setting the Starting IP Address and Ending IP
Address. These addresses should be part of the same IP address subnet as the router’s LAN IP
address. Using the default addressing scheme, you should define a range between 192.168.0.2 and
192.168.0.253, although you may wish to save part of the range for devices with fixed addresses.
The router will deliver the following parameters to any LAN device that requests DHCP:
• An IP Address from the range you have defined
• Subnet Mask
• Gateway IP Address (the router’s LAN IP address)
• Primary DNS Server (if you entered a Primary DNS address in the Basic Settings menu;
otherwise, the router’s LAN IP address)
• Secondary DNS Server (if you entered a Secondary DNS address in the Basic Settings menu
Using Address Reservation
When you specify a reserved IP address for a computer on the LAN, that computer will always
receive the same IP address each time it access the router ’s DHCP server. Reserved IP addresses
should be assigned to servers that require permanent IP settings.
To reserve an IP address:
1. Click the Add button.
7-12 Advanced Configuration of the Router
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
In the IP Address box, type the IP address to assign to the computer or server.
2.
(choose an IP address from the router’s LAN subnet, such as 192.168.0.X)
3. Type the MAC Address of the computer or server.
(Tip: If the computer is already present on your network, you can copy its MAC address from
the Attached Devices menu and paste it here.)
4. Click Apply to enter the reserved address into the table.
Note: The reserved address will not be assigned until the next time the computer contacts the
router's DHCP server. Reboot the computer or access its IP configuration and force a DHCP
release and renew.
To edit or delete a reserved address entry:
1. Click the button next to the reserved address you want to edit or delete.
2. Click Edit or Delete.
Using a Dynamic DNS Service
If your network has a permanently assigned IP address, you can register a domain name and ha ve
that name linked with your IP address by public Domain Name Servers (DNS). However, if your
Internet account uses a dynamically assigned IP address, you will not know in advance what your
IP address will be, and the address can change frequently. In this case, you can use a commercial
dynamic DNS service, who will allow you to register your domain to their IP address, and will
forward traffic directed at your domain to your frequently-changing IP address.
Note: If your ISP assigns a private WAN IP address (such as 192.168.x.x or 10.x.x.x),
the dynamic DNS service will not work because private addresses will not be routed on
the Internet.
The router contains a client that can connect to many popular dynamic DNS services. You can
select one of these services and obtain an account with them. Then, whenever your ISP-assigned
IP address changes, your router will automatically contact your dynamic DNS service provider,
log in to your account, and register your new IP address.
From the Main Menu of the browser interface, under Advanced, click on Dynamic DNS. To
configure Dynamic DNS:
Advanced Configuration of the Router 7- 13
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Register for an account with one of the dynamic DNS service providers whose names appear
1.
in the ‘Select Service Provider’ box. For example, for dyndns.org, go to www.dyndns.org.
2. Select the Use a dynamic DNS service check box.
3. Select the name of your dynamic DNS Service Provider.
4. Type the Host Name (or domain name) that your dynamic DNS service provider gave you.
5. Type the User Name for your dynamic DNS account.
6. Type the Password (or key) for your dynamic DNS account.
7. If your dynamic DNS provider allows the use of wildcards in resolving your URL, you may
select the Use wildcards check box to activate this feature.
For example, the wildcard feature will cause *.yourhost.dyndns.org to be aliased to the same
IP address as yourhost.dyndns.org
8. Click Apply to save your configuration.
Configuring Static Routes
Static Routes provide additional routing information to your router. Under normal circumstances,
the router has adequate routing information after it has been configured for Internet access, and
you do not need to configure additional static routes. You must configure static routes only for
unusual cases such as multiple routers or multiple IP subnets located on your network.
From the Main Menu of the browser interface, under Advanced, click on Static Routes to view the
Static Route menu, shown below.
Figure 7-7. Static Route Summary Table
7-14 Advanced Configuration of the Router
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
To add or edit a Static Route:
1. Click the Add button to open the Add/Edit Menu, shown below.
Figure 7-8. Static Route Entry and Edit Menu
2.
Type a route name for this static route in the Route Name box under the table.
(This is for identification purposes only.)
3. Select Private if you want to limit access to the LAN only. The static route will not be reported
in RIP.
4. Select Active to make this route effective.
5. Type the Destination IP Address of the final destination.
6. Type the IP Subnet Mask for this destination.
If the destination is a single host, type 255.255.255.255.
7. T ype the Gateway IP Address, which must be a router on the same LAN segment as the router.
8. Type a number between 1 and 15 as the Metric value.
This represents the number of routers between your network and the destination. Usu ally, a
setting of 2 or 3 works, but if this is a direct connection, set it to 1.
9. Click Apply to have the static route entered into the table.
As an example of when a static route is needed, consider the following case:
• Your primary Internet access is through a cable modem to an ISP.
• You have an ISDN rou t er on your home network for connecting to the company where
you are employed. This router’s address on your LAN is 192.168.0.100.
• Your company ’s network is 134.177.0.0.
Advanced Configuration of the Router 7- 15
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
When you first configured your router, two implicit static routes were created. A default route was
created with your ISP as the gateway, and a second static route was created to your local network
for all 192.168.0.x addresses. With this configuration, if you attempt to access a device on the
134.177.0.0 network, your router will forward your request to the ISP. The ISP forwards your
request to the company where you are employed, and the request will likely be denied by the
company’s firewall.
In this case you must define a static route, telling your router that 134.177.0.0 should be accessed
through the ISDN router at 192.168.0.100. The static route would look like Figure 7-8.
In this example:
• The Destination IP Address and IP Subnet Mask fields specify that this static route applies to
all 134.177.x.x addresses.
• The Gateway IP Address fields specifies that all traffic for these addresses should be
forwarded to the ISDN router at 192.168.0.100.
• A Metric value of 1 will work since the ISDN router is on the LAN.
• Private is selected only as a precautionary security measure in case RIP is activated.
Enabling Remote Management Access
Using the Remote Management page, you can allow a user or users on the Internet to configure,
upgrade and check the status of your WGR624v3 router.
Note: Be sure to change the router's default configuration password to a very secure
password. The ideal password should contain no dictionary words from any language,
and should be a mixture of letters (both upper and lower case), numbers, and symbols.
Your password can be up to 30 characters.
To configure your router for Remote Management:
1. Select the Turn Remote Management On check box.
2. Specify what external addresses will be allowed to access the router’s remote management.
Note: For enhanced security, restrict access to as few external IP addresses as practical.
a. To allow access from any IP address on the Internet, select Everyone.
7-16 Advanced Configuration of the Router
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
To allow access from a range of IP addresses on the Internet, select IP address range.
b.
Enter a beginning and ending IP address to define the allowed range.
c. To allow access from a single IP address on the Internet, select Only this computer.
Enter the IP address that will be allowed access.
3. Specify the Port Number that will be used for accessing the management interface.
Web browser access normally uses the standard HTTP service port 80. For greater security,
change the remote management Web interface to a custom port by entering that number in the
box provided. Choose a number between 1024 and 65535, but do not use the number of any
common service port. The default is 8080, which is a common alternate for HTTP.
4. Click Apply to have your changes take effect.
Note: When accessing your router from the Internet, you will type your router's WAN IP address
into your browser's Address (in IE) or Location (in Netscape) bo x, follo wed by a colo n (:) and the
custom port number. For example, if your external address is 134.177.0.123 and you use port
number 8080, you must enter http://134.177.0.123:8080 in your browser.
Using Universal Plug and Play (UPnP)
Universal Plug and Play (UPnP) helps devices, such as Internet appliances and computers,
access the network and connect to other devices as needed. UPnP devices can
automatically discover the services from other registered UPnP devices on the network.
Figure 7-9. UPnP Menu
Advanced Configuration of the Router 7- 17
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
From the Main Menu of the browser interface, under Advanced, click on UPnP. Set up UPnP
according to the guidelines below.
Turn UPnP On: UPnP can be enabled or disabled for automatic device configuration. The default
setting for UPnP is disabled. If disabled, the router will not allow any device to automatically
control the resources, such as port forwarding (mapping), of the router.
Note: If you use applications such as multi-player gaming, peer-to-peer connections, real time
communications such as instant messaging, or remote assistance (a feature in Windows XP), you
should enable UPnP.
Advertisement Period: The Advertisement Period is how often the router will broadcast its UPnP
information. This value can range from 1 to 1440 minutes. The default period is 30 minutes.
Shorter durations will ensure that control points have current device status at the expense of
additional network traffic. Longer durations may compromise the freshness of the device status
but can significantly reduce network traffic.
Advertisement Time To Live: The time to live for the advertisement is measured in hops (steps)
for each UPnP packet sent. The time to live hop count is the number of steps a broadcast packet is
allowed to propagate for each UPnP advertisement before it disappears. The number of hops can
range from 1 to 255. The default value for the advertisement time to live is 4 hops, which should
be fine for most home networks. If you notice that some devices are not being updated or reached
correctly, then it may be necessary to increase this value a little.
UPnP Portmap Table: The UPnP Portmap Table displays the IP address of each UPnP device
that is currently accessing the router and which ports (Internal and External) that device has
opened. The UPnP Portmap Table also displays what type of port is opened and if that port is still
active for each IP address.
7-18 Advanced Configuration of the Router
July 2004 202-10036-01
Chapter 8
Troubleshooting
This chapter gives information about troubleshooting your 108 Mbps Wireless Firewall Router
WGR624v3. After each problem description, instructions are provided to help you diagnose
and solve the problem.
Basic Functioning
After you turn on power to the router, the following sequence of events should occur:
1. When power is first applied, verify that the Power light is on.
2. After approximately 10 seconds, verify that:
a. The power light is solid green.
b. The LAN port lights are lit for any local ports that are connected.
c. The Internet port light is lit.
If a port’s light is lit, a link has been established to the connected device. If a LAN port is
connected to a 100 Mbps device, verify that the port’ s light i s green. If the port is 10 Mbps, the
light will be amber.
If any of these conditions does not occur, refer to the appropriate following section.
Power Light Not On
If the Power and other lights are off when your router is turned on:
• Make sure that the power cord is properly connected to your router and that the power supply
adapter is properly connected to a functioning power outlet.
• Check that you are using the 12 V DC 1A power adapter supplied by NETGEAR for this
product.
If the error persists, you have a hardware problem and should conta ct technical support.
Troubleshooting 8-1
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Lights Never Turn Off
When the router is turned on, the lights turns on for about 10 seconds and then turn off. If all the
lights stay on, there is a fault within the router.
If all lights are still on one minute after power up:
• Cycle the power to see if the router recovers.
• Clear the router’s configuration to factory defaults. This will set the router’s IP address to
192.168.0.1. This procedure is explained in “Restoring the Default Configuration and
Password” on page 8-7.
If the error persists, you might have a hardware problem and should contact technical support.
LAN or WAN Port Lights Not On
If either the LAN lights or Internet light do not light when the Ethernet connection is made, check
the following:
• Make sure that the Ethernet cable connections are secure at the router and at the hub or
workstation.
• Make sure that power is turned on to the connected hub or workstation.
• Be sure you are using the correct cable:
— When connecting the router’s Internet port to a cable or DSL modem, use the cable that
was supplied with the cable or DSL modem. This cable could be a standard
straight-through Ethernet cable or an Ethernet crossover cable.
8-2 Troubleshooting
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Troubleshooting the Web Configuration Interface
If you are unable to access the router’s Web Configuration interface from a computer on your local
network, check the following:
• Check the Ethernet connection between the computer and the router as described in the
previous section.
• Make sure your computer’s IP address is on the same subnet as the router. If you are using the
recommended addressing scheme, your computer’s address should be in the range of
192.168.0.2 to 192.168.0.254. Refer to “Verifying TCP/IP Properties” on page C-8 or
“Verifying TCP/IP Properties for Macintosh Computers” on page C-19 to find your
computer’s IP address. Follow the instructions in Appendix C to configure your computer.
Note: If your computer’s IP address is shown as 169.254.x.x: Recent versions of Windows
and MacOS will generate and assign an IP address if the computer cannot reach a DHCP
server. These auto-generated addresses are in the range of 169.254.x.x. If your IP address is in
this range, check the connection from the computer to the router and reboot your computer.
• If your router’s IP address has been changed and you don’t know the current IP address, clear
the router’s configuration to factory defaults. This will set the router’s IP address to
192.168.0.1. This procedure is explained in “Restoring the Default Configuration and
Password” on page 8-7.
• Make sure your browser has Java, JavaScript, or ActiveX enabled. If you are using Internet
Explorer, click Refresh to be sure the Java applet is loaded.
• Try quitting the browser and launching it again.
• Make sure you are using the correct login information. The factory default login name is
admin and the password is password. Make sure that CAPS LOCK is off when entering this
information.
If the router does not save changes you have made in the Web Configuration Interface, check the
following:
• When entering configuration settings, be sure to click the APPLY button before moving to
another menu or tab, or your changes are lost.
• Click the Refresh or Reload button in the Web browser. The changes may have occurred, but
the Web browser may be caching the old configuration.
Troubleshooting 8-3
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Troubleshooting the ISP Connection
If your router is unable to access the Internet, you should first determine whether the router is able
to obtain a WAN IP address from the ISP. Unless you have been assigned a static IP address, your
router must request an IP address from the ISP. You can determine whether the request was
successful using the Web Configuration Manager.
To check the WAN IP address:
1. Launch your browser and select an external site such as www.netgear.com
2. Access the Main Menu of the router’s configuration at http://www.routerlogin.net.
3. Under the Maintenance heading, select Router Status
4. Check that an IP address is shown for the WAN Port
If 0.0.0.0 is shown, your router has not obtained an IP address from your ISP.
If your router is unable to obtain an IP address from the ISP, you may need to force your cable or
DSL modem to recognize your new router by performing the following procedure:
1. Turn off power to the cable or DSL modem.
2. Turn off power to your router.
3. Wait five minutes and reapply power to the cable or DSL modem.
4. When the modem’s lights indicate that it has reacquired sync with the ISP, reapply power to
your router.
5. Then restart your computer.
If your router is still unable to obtain an IP address from the ISP, the problem may be one of the
following:
• Your ISP may require a login pro gram.
Ask your ISP whether they require PPP over Ethernet (PPPoE) or some other type of login.
• If your ISP requires a login, you may have incorrectly set the login name and password.
• Your ISP may check for your computer's host name.
Assign the computer Host Name of your ISP account as the Account Name in the Basic
Settings menu.
• Your ISP only allows one Ethernet MAC address to connect to Internet, and may check for
your computer’s MAC address. In this case:
8-4 Troubleshooting
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Inform your ISP that you have bought a new network device, and ask them to use the router’s
MAC address.
OR
Configure your router to spoof your computer’s MAC address. This can be done in the Basic
Settings menu. Refer to “How to Bypass the Configuration Assistant” on page 3-12.
If your router can obtain an IP address, but your computer is unable to load any Web pages from
the Internet:
• Your computer may not recognize any DNS server addresses.
A DNS server is a host on the Internet that translates Internet names (such as www addresses)
to numeric IP addresses. Typically your ISP will provide the addresses of one or two DNS
servers for your use. If you entered a DNS address during the router’s configuration, reboot
your computer and verify the DNS address as described in “Install or Verify Windows
Networking Components” on page C-9. Alternatively, you may configure your computer
manually with DNS addresses, as explained in your operating system documentation.
• Your computer may not have the router configured as its TCP/IP gateway.
If your computer obtains its information from the router by DHCP, reboot the computer and
verify the gateway address as described in “Install or Verify Windows Networking
Components” on page C-9.
Troubleshooting a TCP/IP Network Using a Ping Utility
Most TCP/IP terminal devices and routers contain a ping utility that sends an echo request packet
to the designated device. The device then responds with an echo reply. Troubleshooting a TCP/IP
network is made very easy by using the ping utility in your computer or workstation.
Testing the LAN Path to Your Router
You can ping the router from your computer to verify that the LAN path to your router is set up
correctly.
To ping the router from a running Windows 95 or later:
1. From the Windows toolbar, click on the Start button and select Run.
2. In the field provided, type Ping followed by the IP address of the router, as in this example:
ping 192.168.0.1
Troubleshooting 8-5
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Click on OK.
3.
You should see a message like this one:
Pinging <IP address> with 32 bytes of data
If the path is working, you see this message:
Reply from < IP address >: bytes=32 time=NN ms TTL=xxx
If the path is not working, you see this message:
Request timed out
If the path is not functioning correctly, you could have one of the following problems:
• Wrong physical connections
— Make sure the LAN port LED is on. If the LED is off, follow the instructions in “LAN
or WAN Port Lights Not On” on page 8-2.
— Check that the corresponding Link LEDs are on for your network interface card and
for the hub ports (if any) that are connected to your workstation and router.
• Wrong network configuration
— Verify that the Ethernet card driver software and TCP/IP software are both installed
and configured on your computer or workstation.
— Verify that the IP address for your router and your workstation are correct and that the
addresses are on the same subnet.
Testing th e Path from Your Computer to a Remote Device
After verifying that the LAN path works correctly, test the path from your computer to a remote
device. From the Windows run menu, type:
PING -n 10 <IP address>
where <IP address> is the IP address of a remote device such as your ISP’s DNS server.
If the path is functioning correctly, replies as in the previous section are displayed. If you do not
receive replies:
— Check that your computer has the IP address of your router listed as the default gateway. If
the IP configuration of your computer is assigned by DHCP, this information will not be
visible in your computer’s Network Control Panel. Verify that the IP address of the router
is listed as the default gateway as described in “Install or Verify Windows Networking
Components” on page C-9.
8-6 Troubleshooting
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
— Check to see that the network address of your computer (the portion of the IP address
specified by the netmask) is different from the network address of the remote device.
— Check that your cable or DSL modem is connected and functioning.
— If your ISP assigned a host name to your computer, enter that host name as the Account
Name in the Basic Settings menu.
— Your ISP could be rejecting the Ethernet MAC addresses of all but one of your computers.
Many broadband ISPs restrict access by only allowing traffic from the MAC address of
your broadband modem, but some ISPs additionally restrict access to the MAC address of
a single computer connected to that modem. If this is the case, you must configure your
router to “clone” or “spoof” the MAC address from the authorized computer. Refer to
“How to Bypass the Configuration Assistant” on page 3-12.
Restoring the Default Configuration and Password
This section explains how to restore the factory default configuration settings, changing the
router’s administration password to password and the IP address to 192.168.0.1. You can erase the
current configuration and restore factory defaults in two ways:
• Use the Erase function of the router (see “Erasing the Configuration” on page 6-7).
• Use the Default Reset button on the rear panel of the router. Use this method for cases when
the administration password or IP address is not known.
To restore the factory default configuration settings without knowing the administration password
or IP address, you must use the Default Reset button on the rear panel of the router.
1. Press and hold the Default Reset button until the power light blinks on (about 10 seconds).
2. Release the Default Reset button and wait for the router to reboot.
If the wireless router fails to restart or the power light continues to blink or turns solid amber,
the unit may be defective. If the error persists, you might have a hardware problem and should
contact technical support.
Troubleshooting 8-7
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Problems with Date and Time
The E-Mail menu in the Content Filtering section displays the current date and time of day. The
WGR624v3 router uses the Network Time Protocol (NTP) to obtain the current time from one of
several Network Time Servers on the Internet. Each entry in the log is stamped with the date and
time of day. Problems with the date and time function can include:
• Date shown is January 1, 2000. Cause: The router has not yet successfully reached a Network
Time Server. Check that your Internet access settings are configured correctly. If you have just
completed configuring the router , wait at least five minutes and check the date and time again.
• Time is off by one hour. Cause: The router does not automatically sense Daylight Savings
Time. In the E-Mail menu, check or uncheck the box marked “Adjust for Daylight Savings
Time”.
8-8 Troubleshooting
July 2004 202-10036-01
Appendix A
Technical Specifications
This appendix provides technical specifications for the 108 Mbps Wireless Firewall Router WGR624v3.
Network Protocol and Standards Compatibility
Data and Routing Protocols: TCP/IP, RIP-1, RIP-2, DHCP
PPP over Ethernet (PPPoE)
Power Adapter
North America: 120V, 60 Hz, input
United Kingdom, Australia: 240V, 50 Hz, input
Europe: 230V, 50 Hz, input
Japan: 100V, 50/60 Hz, input
All regions (output): 12 V DC @ 1A output, 22W maximum
Physical Specifications
Dimensions: 28 x 175 x 119 mm (1.1 x 6.89 x 4.68 in.)
Weight: 0.3 kg (0.66 lb)
Environmental Specifications
Operating temperature: 0° to 40° C (32º to 104º F)
Operating humidity: 90% maximum relative humidity, noncondensing
Electromagnetic Emissions
Meets requirements of: FCC Part 15 Class B
VCCI Class B
EN 55 022 (CISPR 22), Class B
C-Tick N10947
Interface Specifications
LAN: 10BASE-T or 100BASE-Tx, RJ-45
WAN: 10BASE-T or 100BASE-Tx, RJ-45
Technical Specifications A-1
June 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Wireless
Radio Data Rates 1, 2, 5.5, 6, 9, 12, 18, 24, 36, 48, and 54 Mbps
Auto Rate Sensing
Frequency 2.4-2.5Ghz
Data Encoding: 802.11b: Direct Sequence Spread Spectrum (DSSS)
802.11g: Orthogonal Frequency Division Multiplexing (OFDM)
Maximum Computers Per Wireless
Network:
Operating Frequency Ranges: 2.412~2.462 GHz (US) 2.457~2.462 GHz (Spain)
802.11 Security: 40-bits (also called 64-bits) and 128-bits WEP and WPA
Limited by the amount of wireless network traffic generated by each
node. Typically 30-70 nodes.
2.412~2.484 GHz (Japan)2.457~2.472 GHz (France)
2.412~2.472 GHz (Europe ETSI)
A-2 Technical Specifications
June 2004 202-10036-01
Appendix B
Network, Routing, Firewall, and Basics
This chapter provides an overview of IP networks, routing, and networking.
Related Publications
As you read this document, you may be directed to various RFC documents for further
information. An RFC is a Request For Comment (RFC) published by the Internet Engineering
T ask Force (IETF), an open organization that defines the architecture and operation of the Internet.
The RFC documents outline and define the standard protocols and procedures for the Internet. The
documents are listed on the World Wide Web at www.ietf.org and are mirrored and indexed at
many other sites worldwide.
Basic Router Concepts
Large amounts of bandwidth can be provided easily and relatively inexpensively in a local area
network (LAN). However, providing high bandwidth between a local network and the Internet can
be very expensive. Because of this expense, Internet access is usually provided by a slower-speed
wide-area network (WAN) link such as a cable or DSL modem. In order to make the best use of the
slower WAN link, a mechanism must be in place for selecting and transmitting only the data traffic
meant for the Internet. The function of selecting and forwarding this data is performed by a router.
What is a Router?
A router is a device that forwards traffic between networks based on network layer information in
the data and on routing tables maintained by the router. In these routing tables, a router builds up a
logical picture of the overall network by gathering and exchanging information with other routers
in the network. Using this information, the router chooses the best path for forwarding network
traffic.
Routers vary in performance and scale, number of routing protocols su pported, and types of
physical WAN connection they support. The 108 Mbps Wireless Firewall Router WGR624v3 is a
small office router that routes the IP protocol over a single-user broadband connection.
Network, Routing, Firewall, and Basics B-1
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
Routing Information Protocol
One of the protocols used by a router to build and maintain a picture of the network is the Routing
Information Protocol (RIP). Using RIP, routers periodically update one another and check for
changes to add to the routing table.
The WGR624v3 router supports both the older RIP-1 and the newer RIP-2 protocols. Among
other improvements, RIP-2 supports subnet and multicast protocols. RIP is not required for most
home applications.
IP Addresses and the Internet
Because TCP/IP networks are interconnected across the world, every machine on the Internet must
have a unique address to make sure that transmitted data reaches the correct destination. Blocks of
addresses are assigned to organizations by the Internet Assigned Numbers Authority (IANA).
Individual users and small organizations may obtain their addresses either from the IANA or from
an Internet service provider (ISP). You can contact IANA at www.iana.org.
The Internet Protocol (IP) uses a 32-bit address structure. The address is usually written in dot
notation (also called dotted-decimal notation), in which each group of eight bits is written in
decimal form, separated by decimal points.
For example, the following binary address:
11000011 00100010 00001100 00000111
is normally written as:
195.34.12.7
The latter version is easier to remember and easier to enter into your computer.
In addition, the 32 bits of the address are subdivided into two parts. The first part of the address
identifies the network, and the second part identifies the host node or station on the network. The
dividing point may vary depending on the address range and the application.
There are five standard classes of IP addresses. These address classes have different ways of
determining the network and host sections of the address, allowing for different numbers of hosts
on a network. Each address type begins with a unique bit pattern, which is used by the TCP/IP
software to identify the address class. After the address class has been determined, the software
can correctly identify the host section of the address. The follow figure shows the three main
address classes, including network and host sections of the address for each address type.
B-2 Network, Routing, Firewall, and Basics
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
C
N
C
C
lass A
etwork Node
lass B
Network Node
lass C
Network Node
Figure B-1: Three Main Address Classes
The five address classes are:
• Class A
Class A addresses can have up to 16,777,214 hosts on a single network. They use an eight-bit
network number and a 24-bit node number. Class A addresses are in this range:
1.x.x.x to 126.x.x.x.
• Class B
Class B addresses can have up to 65,354 hosts on a network. A Class B address uses a 16-bit
network number and a 16-bit node number. Class B addresses are in this range:
128.1.x.x to 191.254.x.x.
• Class C
Class C addresses can have 254 hosts on a network. Class C addresses use 24 bits for the
network address and eight bits for the node. They are in this range:
192.0.1.x to 223.255.254.x.
• Class D
Class D addresses are used for multicasts (messages sent to many hosts). Class D addresses are
in this range:
224.0.0.0 to 239.255.255.255.
• Class E
Class E addresses are for experimental use.
Network, Routing, Firewall, and Basics B-3
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
This addressing structure allows IP addresses to uniquely identify each physical network and each
node on each physical network.
For each unique value of the network portion of the address, the base address of the range (host
address of all zeros) is known as the network address and is not usually assigned to a host. Also,
the top address of the range (host address of all ones) is not assigned, but is used as the broadcast
address for simultaneously sending a packet to all hosts with the same network address.
Netmask
In each of the address classes previously described, the size of the two parts (network address and
host address) is implied by the class. This partitioning scheme can also be expressed by a netmask
associated with the IP address. A netmask is a 32-bit quantity that, when logically combined (using
an AND operator) with an IP address, yields the network address. For instance, the netmasks for
Class A, B, and C addresses are 255.0.0.0, 255.255.0.0, and 255.255.255.0, respectively.
For example, the address 192.168.170.237 is a Class C IP address whose network portion is the
upper 24 bits. When combined (using an AND operator) with the Class C netmask, as shown here,
only the network portion of the address remains:
11000000 10101000 10101010 11101101 (192.168.170.237)
combined with:
11111111 11111111 11111111 00000000 (255.255.255.0)
Equals:
11000000 10101000 10101010 00000000 (192.168.170.0)
As a shorter alternative to dotted-decimal notation, the netmask may also be expressed in terms of
the number of ones from the left. This number is appended to the IP address, following a backward
slash (/), as “/n.” In the example, the address could be written as 192.168.170.237/24, indicating
that the netmask is 24 ones followed by 8 zeros.
Subnet Addressing
By looking at the addressing structures, you can see that even with a Class C address, there are a
large number of hosts per network. Such a structure is an inefficient use of addresses if each end of
a routed link requires a different network number . It is unlikely that the smaller office LANs would
have that many devices. You can resolve this problem by using a technique known as subnet
addressing.
B-4 Network, Routing, Firewall, and Basics
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
C
Subnet addressing allows us to split one IP network address into smaller multiple physical
networks known as subnetworks. Some of the node numbers are used as a subnet number instead.
A Class B address gives us 16 bits of node numbers translating to 64,000 nodes. Most
organizations do not use 64,000 nodes, so there are free bits that can be reassigned. Subnet
addressing makes use of those bits that are free, as shown below.
lass B
Network Subnet Node
Figure B-2: Example of Subnetting a Class B Address
A Class B address can be effectively translated into multiple Class C addresses. For example, the
IP address of 172.16.0.0 is assigned, but node addresses are limited to 255 maximum, allowing
eight extra bits to use as a subnet address. The IP address of 172.16.97.235 would be interpreted as
IP network address 172.16, subnet number 97, and node number 235. In addition to extending
the number of addresses available, subnet addressing provides other benefits. Subnet addressing
allows a network manager to construct an address scheme for the network by using different
subnets for other geographical locations in the network or for other departments in the
organization.
Although the preceding example uses the entire third octet for a subnet address, note that you are
not restricted to octet boundaries in subnetting. To create more network numbers, you need only
shift some bits from the host address to the network address. For instance, to partition a Class C
network number (192.68.135.0) into two, you shift one bit from the host address to the network
address. The new netmask (or subnet mask) is 255.255.255.128. The first subnet has network
number 192.68.135.0 with hosts 192.68.135.1 to 129.68.135.126, and the second subnet has
network number 192.68.135.128 with hosts 192.68.135.129 to 192.68.135.254.
Note: The number 192.68.135.127 is not assigned because it is the broadcast address
of the first subnet. The number 192.68.135.128 is not assigned because it is the network
address of the second subnet.
Network, Routing, Firewall, and Basics B-5
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
The following table lists the additional subnet mask bits in dotted-decimal notation. To use the
table, write down the original class netmask and replace the 0 value octets with the dotted-decimal
value of the additional subnet bits. For example, to partition your Class C network with subnet
mask 255.255.255.0 into 16 subnets (4 bits), the new subnet mask becomes 255.255.255.240.
Table 8-1. Netmask Notation Translation Table for One Octet
Number of Bits Dotted-Decimal Value
1 128
2 192
3 224
4 240
5 248
6 252
7 254
8 255
The following table displays several common netmask values in both the dotted-decimal and the
masklength formats.
Table 8-2. Netmask Formats
Dotted-Decimal Masklength
255.0.0.0 /8
255.255.0.0 /16
255.255.255.0 /24
255.255.255.128 /25
255.255.255.192 /26
255.255.255.224 /27
255.255.255.240 /28
255.255.255.248 /29
255.255.255.252 /30
255.255.255.254 /31
255.255.255.255 /32
Configure all hosts on a LAN segment to use the same netmask for the following reasons:
B-6 Network, Routing, Firewall, and Basics
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
• So that hosts recognize local IP broadcast packets
When a device broadcasts to its segment neighbors, it uses a destination address of the local
network address with all ones for the host address. In order for this scheme to work, all devices
on the segment must agree on which bits comprise the host address.
• So that a local router or bridge recognizes which addresses are local and which are remote
Private IP Addresses
If your local network is isolated from the Internet (for example, when using NAT), you can assign
any IP addresses to the hosts without problems. However, the IANA has reserved the following
three blocks of IP addresses specifically for private networks:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
Choose your private network number from this range. The DHCP server of the WGR624v3 router
is preconfigured to automatically assign private addresses.
Regardless of your particular situation, do not create an arbitrary IP address; always follow the
guidelines explained here. For more information about address assignment, refer to RFC 1597,
Address Allocation for Private Internets, and RFC 1466, Guidelines for Management of IP
Address Space. The Internet Engineering Task Force (IETF) publishes RFCs on its Web site at
www.ietf.org.
Single IP Address Operation Using NAT
In the past, if multiple computers on a LAN needed to access the Internet simultaneously , you had
to obtain a range of IP addresses from the ISP. This type of Internet account is more costly than a
single-address account typically used by a single user with a modem, rather than a router. The
WGR624v3 router employs an address-sharing method called Network Address Translation
(NAT). This method allows several networked computers to share an Internet account using only a
single IP address, which may be statically or dynamically assigned by your ISP.
The router accomplishes this address sharing by translating the internal LAN IP addresses to a
single address that is globally unique on the Internet. The internal LAN IP addresses can be either
private addresses or registered addresses. For more information about IP address translation, refer
to RFC 1631, The IP Network Address Translator (NAT).
Network, Routing, Firewall, and Basics B-7
July 2004 202-10036-01
Reference Manual for the 108 Mbps Wireless Firewall Router WGR624v3
1
1
1
1
The following figure illustrates a single IP address operation.
Private IP addresses
assigned by user
IP addresses
92.168.0.2
assigned by ISP
92.168.0.3
92.168.0.4
92.168.0.5
192.168.0.1 172.21.15.105
Internet
Figure B-3: Single IP Address Operation Using NAT
This scheme offers the additional benefit of firewall-like protection because the internal LAN
addresses are not available to the Internet through the translated connection. All incoming
inquiries are filtered out by the router. This filtering can prevent intruders from probing your
system. However, using port forwarding, you can allow one computer (for example, a Web server)
on your local network to be accessible to outside users.
MAC Addresses and Address Resolution Protocol
An IP address alone cannot be used to deliver data from one LAN device to another. To send data
between LAN devices, you must convert the IP address of the destination device to its media
access control (MAC) address. Each device on an Ethernet network has a unique MAC address,
which is a 48-bit number assigned to each device by the manufacturer. The technique that
associates the IP address with a MAC address is known as address resolution. Internet Protocol
uses the Address Resolution Protocol (ARP) to resolve MAC addresses.
B-8 Network, Routing, Firewall, and Basics
July 2004 202-10036-01
Loading...