◆ Multi-user access (up to 253), single-user account
◆ Virtual server with network address translation
◆ Virtual Private Network using PPTP, L2TP, IPSec
User Guide
SMC7004AWBR
Page 2
Page 3
Barricade
™
Wireless Broadband Router
User Guide
From SMC’s Barricade line of Broadband Routers
6 Hughes
Irvine, CA 92618
Phone: (949) 707-2400
August 2001
Part Number: 01-111234-001 R02
Page 4
Copyright
Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable.
However, no responsibility is assumed by SMC for its use, nor for any infringements of patents
or other rights of third parties which may result from its use. No license is granted by
implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to
change specifications at any time without notice.
SMC is a registered trademark; and Barricade is a trademark of SMC Networks, Inc. Other
product and company names are trademarks or registered trademarks of their respective
holders.
Page 5
L
IMITED
Limited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products
to be free from defects in workmanship and materials, under normal use and
service, for the applicable warranty term. All SMC products carry a standard 90-day
limited warranty from the date of purchase from SMC or its Authorized Reseller.
SMC may, at its own discretion, repair or replace any product not operating as
warranted with a similar or functionally equivalent product, during the applicable
warranty term. SMC will endeavor to repair or replace any product returned under
warranty within 30 days of receipt of the product.
The standard limited warranty can be upgraded to a Limited Lifetime* warranty by
registering new products within 30 days of purchase from SMC or its Authorized
Reseller. Registration can be accomplished via the enclosed product registration
card or online via the SMC web site. Failure to register will not affect the standard
limited warranty. The Limited Lifetime warranty covers a product during the Life of
that Product, which is defined as the period of time during which the product is an
“Active” SMC product. A product is considered to be “Active” while it is listed on
the current SMC price list. As new technologies emerge, older technologies become
obsolete and SMC will, at its discretion, replace an older product in its product line
with one that incorporates these newer technologies. At that point, the obsolete
product is discontinued and is no longer an “Active” SMC product. A list of
discontinued products with their respective dates of discontinuance can be found at:
http://www.smc.com/smc/pages_html/support.html
All products that are replaced become the property of SMC. Replacement products
may be either new or reconditioned. Any replaced or repaired product carries
either a 30-day limited warranty or the remainder of the initial warranty, whichever
is longer. SMC is not responsible for any custom software or firmware, configuration
information, or memory data of Customer contained in, stored on, or integrated
with any products returned to SMC pursuant to any warranty. Products returned to
SMC should have any customer-installed accessory or add-on components, such as
expansion modules, removed prior to returning the product for replacement. SMC
is not responsible for these items if they are returned with the product.
Customers must contact SMC for a Return Material Authorization number prior to
returning any product to SMC. Proof of purchase may be required. Any product
returned to SMC without a valid Return Material Authorization (RMA) number
clearly marked on the outside of the package will be returned to customer at
customer's expense. For warranty claims within North America, please call our
toll-free customer support number at (800) 762-4968. Customers are responsible for
all shipping charges from their facility to SMC. SMC is responsible for return
shipping charges from SMC to customer.
W
ARRANTY
v
Page 6
L
IMITED WARRANTY
WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS
WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR
REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE
FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU
OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER
IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING
WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER
PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH
THE SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. SMC
SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND
EXAMINATION DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES NOT
EXIST OR WAS CAUSED BY CUSTOMER'S OR ANY THIRD PERSON'S MISUSE,
NEGLECT, IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS
TO REPAIR, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED
USE, OR BY ACCIDENT, FIRE, LIGHTNING, OR OTHER HAZARD.
LIMITATION OF LIABILITY: IN NO EVENT, WHETHER BASED IN CONTRACT OR
TORT (INCLUDING NEGLIGENCE), SHALL SMC BE LIABLE FOR INCIDENTAL,
CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES OF ANY KIND,
OR FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR OTHER FINANCIAL LOSS
ARISING OUT OF OR IN CONNECTION WITH THE SALE, INSTALLATION,
MAINTENANCE, USE, PERFORMANCE, FAILURE, OR INTERRUPTION OF ITS
PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED RESELLER HAS BEEN ADVISED
OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR
THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR
CONSUMER PRODUCTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY
NOT APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS,
WHICH MAY VARY FROM STATE TO STATE. NOTHING IN THIS WARRANTY
SHALL BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.
* SMC will provide warranty service for one year following discontinuance from the
active SMC price list. Under the limited lifetime warranty, internal and external
power supplies, fans, and cables are covered by a standard one-year warranty from
date of purchase.
vi
SMC Networks, Inc.
6 Hughes
Irvine, CA 92618
Page 7
C
OMPLIANCES
FCC - Class B
This equipment has been tested and found to comply with the limits for a Class B
digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to
provide reasonable protection against harmful interference in a residential
installation. This equipment generates, uses and can radiate radio frequency energy
and, if not installed and used in accordance with instructions, may cause harmful
interference to radio communications. However, there is no guarantee that the
interference will not occur in a particular installation. If this equipment does cause
harmful interference to radio or television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
• Reorient the receiving antenna
• Increase the separation between the equipment and receiver
• Connect the equipment into an outlet on a circuit different from that to which
the receiver is connected
• Consult the dealer or an experienced radio/TV technician for help
EC Conformance Declaration - Class B
SMC contact for these products in Europe is:
SMC Networks Europe,
Edificio Conata II,
Calle Fructuós Gelabert 6-8, 2
08970 - Sant Joan Despí,
Barcelona, Spain.
This information technology equipment complies with the requirements of the
Council Directive 89/336/EEC on the Approximation of the laws of the Member
States relating to Electromagnetic Compatibility and 73/23/EEC for electrical
equipment used within certain voltage limits and the Amendment Directive 93/68/
EEC. For the evaluation of the compliance with these Directives, the following
standards were applied:
RFI Emission: * Limit class B according to EN 55022:1998
* Limit class A for harmonic current emission according to EN 61000-3-2/
1995
* Limitation of voltage fluctuation and flicker in low-voltage supply
system according to EN 61000-3-3/1995
Immunity:* Product family standard according to EN 55024:1998
o
, 4a,
vii
Page 8
* Electrostatic Discharge according to EN 61000-4-2:1995
(Contact Discharge: ±4 kV, Air Discharge: ±8 kV)
* Radio-frequency electromagnetic field according to EN 61000-4-3: 1996
(80 - 1000MHz with 1kHz AM 80% Modulation: 3V/m)
* Electrical fast transient/burst according to EN 61000-4-4:1995(AC/DC
power supply: ±1kV, Data/Signal lines: ±0.5kV)
* Surge immunity test according to EN 61000-4-5:1995 (AC/DC Line to
Line: ±1kV, AC/DC Line to Earth: ±2kV )
* Immunity to conducted disturbances, Induced by radio-frequency
fields: EN 61000-4-6:1996 (0.15 - 80MHz with 1kHz AM 80% Modulation:
3V/m)
* Power frequency magnetic field immunity test according to
EN 61000-4-8:1993 (1A/m at frequency 50Hz)
* Voltage dips, short interruptions and voltage variations immunity test
according to EN 61000-4-11:1994 (>95% Reduction @10ms, 30%
Reduction @500ms, >95% Reduction @5000ms)
LVD:* EN 60950 (A1/1992; A2/1993; A3/1993; A4/1995; A11/1997)
Industry Canada - Class B
This digital apparatus does not exceed the Class B limits for radio noise emissions
from digital apparatus as set out in the interference-causing equipment standard
entitled “Digital Apparatus,” ICES-003 of the Department of Communications.
Cet appareil numérique respecte les limites de bruits radioélectriques applicables
aux appareils numériques de Classe B prescrites dans la norme sur le matériel
brouilleur: “Appareils Numériques,” NMB-003 édictée par le ministère des
Communications.
Important! Before making connections, make sure you have the correct cord set.
Check it (read the label on the cable) against the following:
Operating VoltageCord Set Specifications
120 VoltsUL Listed/CSA Certified Cord Set
Minimum 18 AWG
Type SVT or SJT three conductor cord
Maximum length of 15 feet
Parallel blade, grounding type attachment plug
rated 15A, 125V
240 Volts (Europe only)Cord Set with H05VV-F cord having three
conductors with minimum diameter of 0.75 mm
IEC-320 receptacle
Male plug rated 10A, 250V
The unit automatically matches the connected input voltage. Therefore, no
additional adjustments are necessary when connecting it to any input voltage
within the range marked on the rear panel.
Wichtige Sicherheitshinweise (Germany)
1. Bitte lesen Sie diese Hinweise sorgfältig durch.
2. Heben Sie diese Anleitung für den späteren Gebrauch auf.
3. Vor jedem Reinigen ist das Gerät vom Stromnetz zu trennen. Verwenden Sie
keine Flüssigoder Aerosolreiniger. Am besten eignet sich ein angefeuchtetes
Tuch zur Reinigung.
4. Die Netzanschlu ßsteckdose soll nahe dem Gerät angebracht und leicht
zugänglich sein.
5. Das Gerät ist vor Feuchtigkeit zu schützen.
6. Bei der Aufstellung des Gerätes ist auf sicheren Stand zu achten. Ein Kippen
oder Fallen könnte Beschädigungen hervorrufen.
7. Die Belüftungsöffnungen dienen der Luftzirkulation, die das Gerät vor Überhit-
zung schützt. Sorgen Sie dafür, daß diese Öffnungen nicht abgedeckt werden.
8. Beachten Sie beim Anschluß an das Stromnetz die Anschlußwerte.
9. Verlegen Sie die Netzanschlußleitung so, daß niemand darüber fallen kann. Es
sollte auch nichts auf der Leitung abgestellt werden.
10. Alle Hinweise und Warnungen, die sich am Gerät befinden, sind zu beachten.
2
Page 10
C
OMPLIANCES
11. Wird das Gerät über einen längeren Zeitraum nicht benutzt, sollten Sie es vom
Stromnetz trennen. Somit wird im Falle einer Überspannung eine Beschädigung
vermieden.
12. Durch die Lüftungsöffnungen dürfen niemals Gegenstände oder Flüssigkeiten in
das Gerät gelangen. Dies könnte einen Brand bzw. elektrischen Schlag auslösen.
13. Öffnen sie niemals das Gerät. Das Gerät darf aus Gründen der elektrischen
Sicherheit nur von authorisiertem Servicepersonal geöffnet werden.
14. Wenn folgende Situationen auftreten ist das Gerät vom Stromnetz zu trennen
und von einer qualifizierten Servicestelle zu überprüfen:
a. Netzkabel oder Netzstecker sind beschädigt.
b. Flüssigkeit ist in das Gerät eingedrungen.
c. Das Gerät war Feuchtigkeit ausgesetzt.
d. Wenn das Gerät nicht der Bedienungsanleitung entsprechend funktioniert
oder Sie mit Hilfe dieser Anleitung keine Verbesserung erzielen.
e. Das Gerät ist gefallen und/oder das Gehäuse ist beschädigt.
f. Wenn das Gerät deutliche Anzeichen eines Defektes aufweist.
15. Stellen Sie sicher, daß die Stromversorgung dieses Gerätes nach der EN 60950
geprüft ist. Ausgangswerte der Stromversorgung sollten die Werte von AC
7,5-8V, 50-60Hz nicht über oder unterschreiten sowie den minimalen Strom von
1A nicht unterschreiten.
Der arbeitsplatzbezogene Schalldruckpegel nach DIN 45 635 Teil 1000 beträgt
70dB(A) oder weniger.
Congratulations on your purchase of the Barricade™ Wireless
Broadband Router. SMC is proud to provide you with a powerful
yet simple communication device for connecting your local area
network (wired or wireless LAN) to the Internet. For those who
want to surf the Internet at the lowest possible cost, this
Broadband Router provides a convenient and powerful solution.
About the Wireless Barricade
The Wireless Barricade provides Internet access to multiple users
by sharing a single-user account. It serves as a wireless Access
Point, and includes a
connect to an xDSL or Cable
modem. The
protection and Virtual Private Network (VPN) services. It also
provides print services for any client attached to a LAN port.
Wireless Barricade
dual-port WAN interface which allows you to
modem, ISDN TA or PSTN analog
provides
extensive firewall
1
The Wireless Barricade supports dial-on-demand for ISDN/PSTN
service, automatically connecting to the Internet when there are
requests and terminating the connection if no further requests
occur. This dual-port design also supports fail-over Internet access
through the secondary WAN port (i.e., the serial port can be used
for primary or backup Internet access).
This new Wireless Barricade technology provides many
cost-effective functions and management benefits. It is simple to
configure and can be up and running in minutes.
1-1
Page 16
F
EATURES AND BENEFITS
Features and Benefits
•Internet connection to xDSL or Cable modem via a 10 Mbps
WAN port
•Internet connection to ISDN TA or PSTN modem via an RS-232
console port
•Local network connection via 10/100 Mbps Ethernet ports or
11 Mbps wireless interface (supporting up to 128 mobile users)
•802.11b Compliant – interoperable with multiple vendors
•Provides seamless roaming within 802.11b WLAN environment
•Supports 64-bit and 128-bit WEP (Wired Equivalent Privacy)
•Built-in Print Server for any client attached to the LAN
•DHCP for dynamic IP configuration, and DNS for domain name
mapping
•Firewall with client privileges, hacker prevention, and NAT
•NAT also enables multi-user access with a single-user account,
and virtual server functionality (providing protected access to
Internet services such as Web, FTP, mail and Telnet)
•Virtual Private Network support using PPTP, L2TP or IPSec
•Supports CHAP authentication protocol for dial-up
identification
1-2
Page 17
•Supports PPP dial-in connection using standard dial-up
program
•Easy setup through a Web browser on any operating system
that supports TCP/IP
•Compatible with all popular Internet applications
Applications
Many advanced applications are provided by the Wireless Barricade,
such as:
•Flexible LAN Access
The Wireless Barricade provides connectivity to 10/100 Mbps
wired devices as well as 11 Mbps wireless mobile users. The
wireless interface makes it easy to create a network in
difficult-to-wire environments, or to provide quick access to
databases for mobile workers.
I
NTRODUCTION
•Internet Access
This device supports Internet access through an xDSL, Cable,
ISDN or PSTN connection. Since many DSL providers use
PPPoE to establish communications with end users, the
Wireless Barricade includes a built-in client for this protocol,
eliminating the need to install this service on your computer.
•Shared IP Address
The Wireless Barricade provides Internet access for up to 253
users with a shared IP address. Using only one ISP account,
multiple users on your network can browse the Web at the
same time.
1-3
Page 18
A
PPLICATIONS
•Virtual Server
If you have a fixed IP address, you can set up the Wireless
Barricade to act as a virtual host for network address
translation. Remote users access various services at your site
using a constant IP address. Then, depending on the
requested service (or port number), the Wireless Barricade can
route the request to the appropriate server (at another internal
IP address). This secures your network from direct attack by
hackers, and provides more flexible management by allowing
you to change internal IP addresses without affecting outside
access to your network.
•User-Definable Application Sensing Tunnel
You can define special applications that require multiple
connections such as Internet gaming, videoconferencing, and
Internet telephony. The Wireless Barricade can then sense the
application type and open a multi-port tunnel for it.
•DMZ Host Support
1-4
Allows a networked computer to be fully exposed to the
Internet. This function is used when the special application
sensing tunnel feature is insufficient to allow an application to
function correctly.
•Security
The Wireless Barricade supports security features that can
deny Internet access to specified users, or filter all requests for
specific services the administrator does not want to serve. The
Wireless Barricade’s firewall can also block common hacker
attacks, including IP Spoofing, Land Attack, Ping of Death, IP
with zero length, Smurf Attack, UDP port loopback, Snork
Attack, TCP null scan, and TCP SYN flooding.
Page 19
I
NTRODUCTION
•Virtual Private Network
The Wireless Barricade supports three of the most commonly
used VPN protocols – PPTP, L2TP and IPSec. These protocols
allow remote users to establish a secure connection to their
corporate network. If your service provider supports VPNs,
then any of these protocols can be used to create an
authenticated and encrypted tunnel for passing secure data
over the Internet (i.e., a traditionally shared data network).
The VPN protocols supported by the Wireless Barricade are
briefly described below.
•Point-to-Point Tunneling Protocol – Provides a secure
tunnel for remote client access to a PPTP security gateway.
PPTP includes provisions for call origination and flow
control required by ISPs.
•Layer Two Tunneling Protocol – Includes most of the
features provided by PPTP, but has less overhead and is
more suited for managed networks.
•IP Security – Provides IP network-layer encryption. IPSec
can support large encryption networks (such as the
Internet) by using digital certificates for device
authentication.
1-5
Page 20
A
PPLICATIONS
1-6
Page 21
C
HAPTER
I
NSTALLATION
Before installing the Barricade™ Wireless Broadband Router, verify
that you have all the items listed under “Package Contents.” If any
of the items are missing or damaged, contact your local SMC
distributor. Also be sure that you have all the necessary cabling
before installing the Wireless Barricade. After installing the
Wireless Barricade, refer to the Web-based configuration program
in Chapter 4 for information on configuring the router.
Package Contents
After unpacking the Barricade Wireless Broadband Router, check
the contents of the box to be sure you’ve received the following
components:
•Barricade 4-port Wireless Broadband Router
•Power adapter (5V, 2.4A)
2
•One CAT-5 Ethernet cable
•Four rubber feet
•Installation CD with complete user guide
•Quick Installation Guide
•SMC Warranty Registration Card
Immediately inform your dealer in the event of any incorrect,
missing or damaged parts. If possible, please retain the carton and
original packing materials in case there is a need to return the
product.
2-1
Page 22
I
NSTALLATION
Please fill out and return the Warranty Registration Card to SMC or
register on SMC’s Web site at www.smc.com. The Barricade
Wireless Broadband Router is covered by a limited lifetime
warranty.
Description of Hardware
The Barricade Wireless Broadband Router can be connected to the
Internet or to a remote site using its RJ-45 WAN port or RS-232
serial port. It can be connected directly to your PC or to a local
area network using any of the three Fast Ethernet LAN ports or
through the wireless interface. It can also function as a print server.
Access speed to the Internet depends on your service type.
Full-rate ADSL can provide up to 8 Mbps downstream and 640
Mbps upstream. G.lite (or splitterless) ADSL provides up to 1.5
Mbps downstream and 512 Kbps upstream. Cable modems can
provide up to 36 Mbps downstream and 2 Mbps upstream. ISDN
can provide up to 128 Kbps when using two bearer channels. And
PSTN analog connections can now run up to 56 Kbps. However,
you should note that the actual rate provided by specific service
providers may vary dramatically from these upper limits.
Although access speed to the Internet is determined by the modem
type connected to your Wireless Barricade, data passing between
devices connected to your local area network can run up to
100 Mbps over the Fast Ethernet ports.
The Wireless Barricade includes an LED display on the front panel
for system power and port indications that simplifies installation
and network troubleshooting. It also provides three RJ-45 LAN
ports, one RJ-45 WAN port, one RS-232 serial port, one parallel
printer port, as well as two antennas on the rear panel.
2-2
Page 23
I
NSTALLATION
•Three RJ-45 ports for connection to a 10BASE-T/100BASE-TX
Ethernet Local Area Network (LAN). These ports can autonegotiate the operating speed to 10/100 Mbps, the mode to
half/full duplex, and the pin signals to MDI/MDI-X (i.e.,
allowing these ports to be connected to any network device
with straight-through cable). These ports can be connected
directly to a PC or to a server equipped with an Ethernet
network interface card, or to a networking device such as an
Ethernet hub or switch.
•One RJ-45 port for connection to an xDSL or Cable modem.
This port is fixed at 10 Mbps, full duplex. Use a Category 5
cable to connect this WAN port to a xDSL or Cable modem.
•One RS-232 seri a l port to connect to an ISDN T erminal Adap ter
(TA) or to a PSTN analog modem.
•One parallel printer port that can be connected to a printer.
This printer can then be shared by any LAN/WLAN users.
•Two antennas (dipole, omni-directional).
2-3
Page 24
I
NSTALLATION
The following figure shows the components of the Wireless Barricade:
LAN1PWR WLAN WAN23
SMC7004AWBR
Link
Activity
RESET
PRINTERCOM
Figure 2-1. Front and Rear Panels
ItemDescription
LEDsPower, WLAN, WAN and LAN port status indicators.
(See Verify Port Status on page 2-11.)
Wireless
Antennas
Reset
Button
Printer
Port
COM
Port
WAN
Port
LAN
Ports
Dual antennas provide optimal reception by dynamically
choosing the best antenna for each client.
Use this button to reset the power and restore the default
factory settings.
Parallel port (25-pins, D-type, female). Connect the shared
printer to this port.
Serial port (9-pins, D-type, male). Connect your ISDN TA or
56K analog modem to this port.
WAN port (RJ-45). Connect your Cable modem, xDSL modem,
or an Ethernet router to this port.
Fast Ethernet ports (RJ-45). Connect devices on your local area
network to these ports (such as a PC, hub or switch).
2-4
1
WAN
23
5V
2A MAX
Page 25
ItemDescription
Power
Inlet
Connect the included power adapter to this inlet.
Warning: The included power adapter is DC 5V/2A. Using
the wrong type of power adapter may cause damage.
System Requirements
You must have an Internet Service Provider (ISP) that meets the
following minimum requirements:
•Internet access from your local telephone company or ISP
using an xDSL modem, Cable modem, ISDN TA, or PSTN
analog modem. You may also have access over the telephone
system to an analog modem at another site.
•A PC using a fixed IP address or dynamic IP address assignment
via DHCP, as well as a Gateway server address and DNS server
address from your service provider.
•For wired LAN connection, you need a computer equipped
with a 10 Mbps, 100 Mbps, or 10/100 Mbps Fast Ethernet card,
or a USB-to-Ethernet converter. For wireless LAN connections,
each computer must have an 11 Mbps wireless adapter.
I
NSTALLATION
•TCP/IP network protocol installed on each PC that needs to
access the Internet.
•A Java-enabled Web browser, such as Microsoft Internet
Explorer 5.0 or above or Netscape Communicator 4.0 or above
installed on one PC at your site for configuring the Wireless
Barricade.
2-5
Page 26
I
NSTALLATION
Connect the System
The Wireless Barricade can be positioned at any convenient
location in your office or home. No special wiring or cooling
requirements are needed. You should, however comply with the
following guidelines:
•Keep the Wireless Barricade away from any heating devices.
•Do not place the Wireless Barricade in a dusty or wet
environment.
You should also remember to turn off the power, remove the
power cord from the outlet, and keep your hands dry when you
install the Wireless Barricade.
Basic Installation Procedure
1. Connect the LAN: You can connect the Wireless Barricade to
your PC, or to a hub or switch. Run Ethernet cable
the LAN ports on the rear of the Wireless Barricade to
computer’s
You can also connect the Wireless Barricade to your PC (using
a wireless client adapter) via radio signals. Position both
antennas on the back of the Wireless Barricade into the desired
positions. For more effective coverage, you may want to
position one antenna along the vertical axis and the other
antenna along the horizontal axis. (The antennas emit
signals along the toroidal plane – and thus provide more
effective coverage when positioned along alternate axes.)
network adapter or to another network device.
from one of
your
2. Connect the WAN: Prepare an Ethernet cable for connecting
Wireless Barricade to a Cable/xDSL modem or Ethernet
the
router. Prepare a serial
Barricade to an ISDN TA or PSTN modem.
cable for connecting the Wireless
2-6
Page 27
I
NSTALLATION
3. Connect your printer: Use standard parallel printer cable to
connect your printer to the printer port on the Wireless Barricade.
4.
Power on
: Connect the power adapter to the Wireless Barricade.
Internet
Internet
Access
Device
SMC7004AWBR
Wireless Broadband Router
3
2
Link
1
LAN
Activity
WAN
WLAN
PWR
SMC7004AWBR
Notebook with
Wireless PC Card
SOHO Office or Residence
Figure 2-2. Connecting the Wireless Barricade
Attach to Your Network Using Ethernet Cabling
The three LAN ports on the Wireless Barricade can auto-negotiate
the connection speed to 10 Mbps Ethernet or 100 Mbps Fast
Ethernet, as well as the transmission mode to half-duplex or
full-duplex. These LAN ports also support auto-configuration for
pin signals (auto-MDI/MDI-X) that allows you to use
straight-through cable for connecting the Wireless Barricade to any
network device. (See Appendix B for details on wiring.)
Use twisted-pair cable to connect any of the three LAN ports on
the Wireless Barricade to an Ethernet adapter on your PC.
Otherwise, you can cascade any of LAN ports on the Wireless
Barricade to an Ethernet hub or switch, and then connect your PC
or other network equipment to the hub or switch. When inserting
an RJ-45 plug, be sure the tab on the plug clicks into position to
ensure that it is properly seated.
2-7
Page 28
I
NSTALLATION
Warning: Do not plug a phone jack connector into any RJ-45
port. This may damage the Wireless Barricade. Instead,
use only twisted-pair cables with RJ-45 connectors that
conform with FCC standards.
Notes: 1. Use 100-ohm shielded or unshielded twisted-pair cable
with RJ-45 connectors for all connections. Use Category
3, 4 or 5 for connections that operate at 10 Mbps, and
Category 5 for connections that operate at 100 Mbps.
2. Make sure each twisted-pair cable does not exceed 100
meters (328 feet).
RESET
PRINTERCOM
1
WAN
23
Figure 2-3. Making LAN Connections
Attach to Your Network Using Radio Signals
Install a wireless network adapter in each computer that will be
connected to the Internet or your local network via radio signals.
SMC currently offers several wireless network cards, including the
SMC2602W Wireless PCI card and the SMC2632W Wireless PC card.
Rotate both antennas on the back of the Wireless Barricade to the
desired position. For more effective coverage, position one
antenna along the vertical axis and the other along the horizontal
axis. Try to place the Wireless Barricade in a position that is
located in the center of
higher you place the antenna,
your wireless network. Normally, the
the better the performance. Ensure
that the Wireless Barricade’s location provides optimal reception
throughout your home or office.
2-8
5V
2A MAX
Page 29
I
NSTALLATION
Computers equipped with a wireless adapter can communicate
with each other as an independent wireless LAN by configuring
each computer to the same radio channel. However, the Wireless
Barricade can provide access to your wired/wireless LAN or to the
Internet for all wireless workstations. Each wireless PC in this
network infrastructure can talk to any computer in the wireless
group via a radio link, or access other computers or network
resources in the wired LAN infrastructure or over the Internet via
the Wireless Barricade.
The wireless infrastructure configuration not only extends the
accessibility of wireless PCs to the wired LAN, but also doubles the
effective wireless transmission range for wireless PCs by
retransmitting incoming radio signals through the Wireless
Barricade.
A wireless infrastructure can be used for access to a central
database, or for connection between mobile workers, as shown in
the following figure:
Wired to Wireless
Network Extension
Internet
Internet
Access
Device
PWR
SMC7004AWBR
Wireless Broadband Router
PC with Wireless
PCI Adapter
SMC7004AWBR
Notebook with Wireless
PC Card Adapter
3
2
Link
1
LAN
Activity
WAN
WLAN
Wired LAN
Figure 2-4. Making WLAN Connections
2-9
Page 30
I
NSTALLATION
Attach the Wireless Barricade to the Internet
If Internet services are provided through an xDSL or Cable
modem, use unshielded or shielded twisted-pair Ethernet cable
(Category 3 or greater) with RJ-45 plugs to connect the broadband
modem directly to the WAN port on the Wireless Barricade. Use
either straight-through or crossover cable depending on the port
type provided by the modem (see Appendix B).
For ISDN
service, attach the access device to the RS-232 serial port on the
Wireless Barricade.
or PSTN
PRINTERCOM
RESET
ISDN TA/
PSTN Modem
ISP
(Primary or
Backup)
WAN123
5V
2AMAX
ISP
(Primary)
DSL/Cable
Modem
Figure 2-5. Making WAN Connections
Note: When connecting to the WAN port, use 100-ohm Category
3, 4 or 5 shielded or unshielded twisted-pair cable with
RJ-45 connectors at both ends for all connections.
Connect the Wireless Barricade to a Printer
If you connect a printer to the Wireless Barricade, all the computer
users connected to your LAN can have access to the printer.
Connect a standard parallel printer cable to the Printer port on the
Wireless Barricade, and configure the printer server as described
on page 6-1.
2-10
Page 31
Connecting the Power Adapter
Plug the power adapter into the power socket on the Wireless
Barricade, and the other end into a power outlet. Check the
indicator marked Power on the front panel to be sure it is on. If
the Power i
Appendix A
ndicator does not light up, refer to Troubleshooting in
.
Verify Port Status
I
NSTALLATION
Check the power and port indicators as shown in the following table
LEDCondition Status
Power
(Green)
WLAN
(Green)
WAN
(Green)
LAN
Link
(Green)
Activity
(Amber)
On Wireless Barricade is receiving power.
OnThe Wireless Barricade has established a valid
wireless connection.
On The WAN port has established a valid network
connection.
On The indicated LAN port has established a valid
network connection.
Flashing The indicated LAN port is transmitting or
receiving traffic.
.
2-11
Page 32
I
NSTALLATION
2-12
Page 33
C
HAPTER
C
ONFIGURING
C
LIENT
TCP/IP Configuration
To access the Internet through the Barricade™ Wireless Broadband
Router, you must configure the network settings of the computers
on your LAN to use the same IP subnet as the Wireless Barricade.
The default network settings for the Wireless Barricade are:
IP Address: 192.168.2.1
Subnet Mask: 255.255.255.0
Note: These settings can be changed to fit your network
requirements, but you must first configure at least one
computer as described in Chapter 5 to access the Wireless
Barricade’s Web configuration interface. (See Chapter 4 for
information on configuring the Wireless Barricade.)
If you have not previously configured TCP/IP for your computer,
refer to “Installing TCP/IP Protocol in Your PC” on page 5-1.
3
PC
S
All PCs connected to the Wireless Barricade must be set to the
same IP subnet as the Wireless Barricade. The default IP address
pool of the Wireless Barricade is 192.168.2.X (where X means
2–254) and the subnet mask is 255.255.255.0. You can set the IP
address for client PCs either by automatically obtaining an IP
address from the Wireless Barricade’s DHCP service or by manual
configuration. See “Setting TCP/IP to Work with the Barricade” on
page 5-3.
3-1
Page 34
P
RINTER CLIENT INSTALLATION
Printer Client Installation
If you need to provide print services for devices attached to the
Wireless Barricade, then install the Port Monitor program from the
CD (for Windows 95/98/NT), and configure
each network station. The Wireless Barricade
Windows 95/98/ME/NT/2000 and Unix platforms. Refer to
Chapter 6: “Configuring Printer Services.”
the print server on
print server supports
3-2
Page 35
C
HAPTER
C
ONFIGURING THE
After you have configured TCP/IP on a client computer, you can
use a Web browser to configure the Barricade
Broadband Router. The Wireless Barricade can be configured by
any Java-supported browser including Internet Explorer 4.0 or
above, or Netscape Navigator 4.0 or above. Using the Web
management interface, you can configure the Wireless Barricade
and view statistics to monitor network activity.
To access the Wireless Barricade’s management interface, enter the
IP address of the Wireless Barricade in your Web browser’s “Address” field (http://192.168.2.1). The Wireless Barricade login
screen will appear. Leave the Password field blank and click on
“login.” (There is no password by default.) The home page
displays the Main Menu on the left-hand side of the screen and
descriptive information on the right-hand side. The Main Menu
links are used to navigate to other menus that display
configuration parameters and statistics.
B
ARRICADE
™ Wireless
4
4-1
Page 36
N
AVIGATING THE WEB BROWSER INTERFACE
Navigating the Web Browser Interface
The Wireless Barricade’s management interface includes four key
menus – Status, Help, Tools, and Setup. The Status and Help
menus provide general information on the current settings and
how to configure the Wireless Barricade. The Setup menu is used
to configure the LAN, WAN and wireless interface, as well as other
advanced functions. The Tools menu is used to reset the Wireless
Barricade, restore the factory settings, or upgrade firmware.
Setting a Password
If this is your first time to access the Wireless Barricade, you
should define a new Administrator password, record it and put it
in a safe place. From the Main Menu, select “Setup,” then “Change
Password” and follow the instructions on the screen (see page
4-6). Note that passwords can consist of 3 to 12 alphanumeric
characters and are case-sensitive.
Making Configuration Changes
Configurable parameters have a dialog box or a drop-down list.
Once a configuration change has been made on a page, be sure to
click the “Enter” button at the bottom of the page to confirm the
new setting.
Note: To ensure proper screen refresh after a command entry, be
sure that Internet Explorer 5.0 is configured as follows:
Under the menu “Tools / Internet Options / General /
Temporary Internet Files / Settings,” the setting for “Check
for newer versions of stored pages” should be “Every visit
to the page.”
4-2
Page 37
C
ONFIGURING THE BARRICADE
Main Menu
Using the Web management interface, you can define system
parameters, manage and control the Wireless Barricade and its
ports, or monitor network conditions. The following table briefly
describes the selections available from this program.
MenuDescription
Setup MenuConfigures TCP/IP settings and client services.
Change PasswordSets the password for administrator access.
Set Time ZoneSets the local time zone.
LANSets the TCP/IP configuration for the Wireless
Barricade LAN interface and all DHCP clients.
WANSpecifies the Internet connection type: (1)
DHCP host configuration, (2) fixed IP and
gateway address, (3) PPPoE configuration, or
(4) dial-up modem.
DNSSpecifies DNS servers to use for domain name
WirelessConfigures the radio frequency, domain, and
Advanced SettingsConfigures a variety of packet filtering and
resolution.
encryption for wireless communications.
specialized functions, including:
Firewall
Virtual Server
Special Application
Client Filtering
MAC Filtering
Misc
4-3
Page 38
M
AIN MENU
MenuDescription
Status MenuDisplays connection status, key interface
INTERNETDisplays WAN connection type and status.
GATEWAYDisplays system IP settings, the status for
INFORMATIONDisplays the number of attached clients, the
Security LogDisplays any illegal attempts to access your
DHCP Client Log Displays information on all DHCP clients
Tools MenuContains options to reset the system, restore
Reset BarricadeReboots the system and retains all of your
Restore Factory Defaults Restores all configuration settings to the
Update Firmware Upgrades the system with the latest firmware
Help MenuContains information for product support,
settings, as well as the firmware and hardware
version numbers.
DHCP, and Firewall services, as well as the
wireless interface settings.
firmware versions, the physical MAC address
for each media interface, as well as the
hardware version and serial number.
network.
attached to your network.
configuration settings, or update system
firmware.
configuration settings.
factory defaults
obtained from SMC’s website at
www.smc.com
troubleshooting, and network terminology.
4-4
Page 39
C
ONFIGURING THE BARRICADE
Networking and Client Services
Use the Setup menu to configure the LAN interface (including
TCP/IP parameters for the Wireless Barricade’s gateway address,
DHCP address pool for dynamic client address allocation), the
WAN connection options, DNS domain name mapping, the
wireless interface, and other advanced services.
You can use the Setup Wizard by clicking the “Enter” button at the
bottom of the page and changing the required settings, or you can
select the specific items you need to change from the Setup menu
on the left side of the screen.
4-5
Page 40
N
ETWORKING AND CLIENT SERVICES
Change Password
Use this menu to restrict management access based on a specific
password. You must enter a password to access the configuration
options provided by the menus. By default, there is no password.
So, please assign a password to the Administrator as soon as
possible, and store it in a safe place.
Passwords can contain from 3–12 alphanumeric characters, and are
case sensitive.
Note: If your password is lost, or you cannot gain access to the
management interface, press the Reset button on the front
panel (holding it down for at least five seconds) to restore
the factory defaults.
4-6
Page 41
C
ONFIGURING THE BARRICADE
Set Time Zone
Set the time zone for the Wireless Barricade. This information is
used for log entries and client filtering.
LAN Gateway and DHCP Settings
Configure the gateway address of the Wireless Barricade. To
dynamically assign the IP address for client PCs, enable the DHCP
Server, set the lease time, and then specify the address range. Also
remember to configure all of your client PCs for dynamic address
allocation.
Valid IP addresses consist of four numbers, and are separated by
periods. The first three fields are the network portion, and can be
4-7
Page 42
N
ETWORKING AND CLIENT SERVICES
from 0–255, while the last field is the host portion and can be from
1–254. However, remember not to include the gateway address of
the Wireless Barricade in the client address pool.
The Domain Name is optional, but this information may be
specified so that it can be passed to the client PCs.
WAN Configuration
Specify the WAN connection type required by your Internet
Service Provider, then click “More Configuration” to provide
detailed configuration parameters for the selected connection type.
Specify one of the first three options to configure a WAN
connection through the RJ-45 port (i.e., a connection to an xDSL
modem or Cable modem). Specify the “Dial-up on Demand”
option to configure a WAN connection through the serial port (i.e.,
a connection to an ISDN TA or PSTN modem).
Note: If WAN connections are configured for both the RJ-45 and
serial port, the serial port will be used as a backup Internet
connection if the primary RJ-45 WAN connection fails.
4-8
Page 43
C
ONFIGURING THE BARRICADE
Dynamic IP Address – DHCP
The Host Name is optional, but may be required by some ISPs.
The default MAC address is set to the WAN’s
the Wireless Barricade. Use this address when registering
service, and do not change it unless required by your ISP. You can
use the “Clone MAC Address” button to copy the MAC address of
the Ethernet Card installed by your ISP (in your PC) and replace
the WAN MAC address with this MAC address.
physical interface on
for Internet
Static IP Address – Fixed IP
If your Internet Service Provider has assigned a fixed address,
enter the assigned address and subnet mask for the Wireless
Barricade, then enter the gateway address of your ISP.
4-9
Page 44
N
ETWORKING AND CLIENT SERVICES
Note: You may need a fixed address if you want to provide
Internet services, such as a Web server or FTP server.
PPP over Ethernet – PPPoE
Enter the PPPoE user name and password assigned by your ISP.
The Service Name is normally optional, but may be required by
some providers.
4-10
Page 45
C
ONFIGURING THE BARRICADE
Dial-up on Demand – Modem
If you are accessing the Internet via an ISDN TA or PSTN modem
attached to the serial port on the Wireless Barricade, then you must
specify your account information on this screen as described below.
Check if you only use a dial-up modem to connect to the Internet. –
If the serial port is used for primary Internet access, then mark this
item. If not marked, then this connection will only be used for
backup access if the primary WAN link fails.
Dial-Up Service Phone Number – Enter the phone number your
service provider has given to you for Internet access.
Dial-Up Account Information – Enter your ISP account user name
and password.
Has your Internet Service Provider given you an IP address? –
If you are assigned a dynamic IP address every time you dial up,
mark “No” for this item. However, if your ISP has assigned a fixed
4-11
Page 46
N
ETWORKING AND CLIENT SERVICES
IP address for you to use, mark “Yes” for this item and enter the IP
address and subnet mask.
Note: If your ISP has given you a secondary phone number, or if
you have a secondary Internet service account, then fill in
the relevant fields under “Secondary Dial-up.”
DNS Configuration
Domain Name Servers are used to map an IP address to the
equivalent domain name (e.g., www.smc.com). Your ISP should
provide the IP address for one or more domain name servers.
Enter those addresses on this screen.
4-12
Page 47
C
ONFIGURING THE BARRICADE
Wireless Configuration
To configure the Wireless Barricade as a wireless access point for
wireless clients (either stationary or roaming), all you need to do is
define the radio channel, the domain identifier, and encryption
options.
You can use the Setup Wizard by clicking the “Enter” button at the
bottom of the page and changing the required settings, or you can
select “Channel and SSID” or “Encryption” from the Setup menu
on the left side of the screen.
Channel and SSID
You must specify a common radio channel and service domain
(i.e., Service Set ID) to be used by the Wireless Barricade and all of
your wireless clients. Be sure you configure all of your clients to
the same values.
4-13
Page 48
N
ETWORKING AND CLIENT SERVICES
Encryption
If you are transmitting sensitive data across wireless channels, you
should enable encryption. Encryption requires you to use the same
set of encryption/decryption keys for the Wireless Barricade and
all of your wireless clients. You can choose between standard
64-bit or the more robust 128-bit encryption keys. However, please
be aware that the extra processing time required for encryption
may affect the throughput for wireless communications.
4-14
Page 49
C
ONFIGURING THE BARRICADE
You can automatically generate encryption keys or you can
manually enter the keys. For automatic 64-bit security, you enter a
passphrase that is used to create four keys (as shown below). The
automatic 128-bit security generates a single key by entering a
passphrase. To manually configure the keys, enter five
hexadecimal pairs for each 64-bit key, or enter 13 pairs for the
single 128-bit key. (A hexadecimal digit is a number or letter in the
range 0-9 or A-F.)
If you use encryption, then configure the same keys used for the
Wireless Barricade on each of your wireless clients. Note that the
Wired Equivalent Privacy (WEP) protects data transmitted between
wireless nodes, but does not protect any transmissions over your
wired network or over the Internet.
4-15
Page 50
N
ETWORKING AND CLIENT SERVICES
Configuring Client Services
The Wireless Barricade includes a broad range of client services,
including firewall protection, network address translation, virtual
server, connection support for special applications, and restricted
Internet access for specified clients. You can configure these
functions using the Setup Wizard by clicking “Enter” at the bottom
of the Advanced Settings screen, or by selecting specific items
from the menu on the left of the screen.
Firewall Protection
The Wireless Barricade’s firewall can block common hacker
attacks, including IP Spoofing, Land Attack, Ping of Death, IP with
zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP
null scan, and TCP SYN flooding. The firewall does not
significantly affect system performance, so we advise leaving it
enabled to protect your network users.
4-16
Page 51
C
ONFIGURING THE BARRICADE
Virtual Server
If you configure the Wireless Barricade as a virtual server, remote
users accessing services such as Web or FTP at your local site via
public IP addresses can be automatically redirected to local servers
configured with private IP addresses. In other words, depending
on the requested service (TCP/UDP port number), the Wireless
Barricade redirects the external service request to the appropriate
server (located at another internal IP address).
The WAN interface must have a fixed IP address to utilize this
function. For example, if you set Type/Public Port to TCP/80
(HTTP or Web) and the Private IP/Port to 192.168.2.2/80, then all
4-17
Page 52
N
ETWORKING AND CLIENT SERVICES
HTTP request from outside users will be transferred to 192.168.2.2.
Therefore, by just entering the IP Address provided by the ISP,
Internet users can access the service they need at the local address
to which you redirect them.
Some of the more common TCP service ports include:
HTTP: 80, FTP: 21, Telnet: 23 and POP3: 110.
Enabling Special Applications
Some applications require multiple connections, such as Internet
gaming, videoconferencing, Internet telephony and others. These
applications cannot work with Network Address Translation (NAT)
enabled. If you need to run applications that require multiple
connections, use the following screen to specify the additional
public ports to be opened for each application.
4-18
Page 53
C
ONFIGURING THE BARRICADE
Specify the port normally associated with an application in the
“Trigger Port” field, select the protocol type as TCP or UDP, then
enter the public ports associated with the trigger port to open
them for inbound traffic.
Note: If an application still cannot function correctly after
enabling multiple ports via the Special Application screen,
you may have to open the client PC for full Internet access
using the DMZ Host option on the “Misc” screen.
Client Filtering
You can filter Internet access for local clients based on IP address,
application type (i.e., HTTP port), and time of day.
For example, this screen shows that clients in the address range
192.168.2.50-99 are permanently restricted from using FTP (Port
21), while clients in the address range 192.168.2.110-119 are
blocked from browsing the Internet from Monday through Friday.
4-19
Page 54
N
ETWORKING AND CLIENT SERVICES
MAC Filtering
You can filter Internet access for local wired and wireless clients
based on MAC address.
MAC Address Control: Every client that connects to the network
has a unique MAC (Media Access Control) address on his or her
Ethernet adapter. An administrator can have more control—and
more security—over the network by specifying which MAC
addresses are allowed to access the Wireless Barricade. You can
enable this feature by checking the “Enabled” box.
Connection Control: Connection control allows an administrator
to allow or deny clients access to the Wireless Barricade and the
Internet. Check “Connection control” to control which of the wired
AND wireless clients will be able to “connect” to the Wireless
Barricade and to the Internet. If a client is denied “connection” to
this device, it means that the client can’t access the Internet and
some network resources. Choose “Allow” or “Deny” to allow or
deny clients whose MAC addresses are not listed in the “Control
table.”
4-20
Page 55
C
ONFIGURING THE BARRICADE
When a wired client is allowed to “Connect” to the Wireless
Barricade, it means that it has full access to the Internet and
network resources.
When a wired client is not allowed to “Connect” to the Wireless
Barricade, it means that it CAN communicate with the other clients
on the wired LAN, but CANNOT:
•Connect to the Internet
•Use the Print Server function
•Communicate with the clients on the wireless LAN
•Use the Wireless Barricade’s Web configuration
Association Control: The Association process is the exchange of
information between wireless clients and a wireless access point to
establish a link between them. A wireless client is capable of
transmitting and receiving data to an access point only after the
association process is sucessfully completed.
Association control allows an administrator to allow or deny
wireless clients from linking to the Wireless Barricade. Check
“Association control” to control which of the wireless clients will
be able to “associate” to the wireless LAN. If a client is denied
“association” to the wireless LAN, it means that the client can’t
send or receive any data through the Wireless Barricade. Choose
“Allow” or “Deny” to allow or deny clients whose MAC addresses
are not listed in the “Control table.”
When a wireless client is allowed to “Associate” to the wireless
LAN, and “Connect” to the Wireless Barricade, that means it can
have full access to the Internet and network resources.
4-21
Page 56
N
ETWORKING AND CLIENT SERVICES
When a wireless client is NOT allowed to “Associate” to the
wireless LAN, it means that it CANNOT:
•Communicate with any others clients on the LAN (neither wired
nor wireless)
•Connect to the Internet
•Use the Print Server function
•Use the Wireless Barricade’s Web configuration
•“Connect” to the Wireless Barricade
When a wireless client is allowed to “Associate” to the wireless
LAN, but NOT “Connect” to the Wirelss Barricade, it means that it
can communicate with others clients on the wireless LAN, but
CANNOT:
•Communicate with any clients on the wired LAN
•Connect to the Internet
•Use the Print Server function
•Use the Wireless Barricade’s Web configuration
Association control has no effect on wired clients.
4-22
Page 57
C
ONFIGURING THE BARRICADE
Miscellaneous Settings – Misc
The Wireless Barricade also allows you set a timeout for
administrator access, prevent external PINGs from causing security
problems, set up remote management, and configure a Virtual
DMZ Host.
Administrator Time-out – Enter a time-out setting in minutes for
administrator access protection.
Discard PING from WAN side – You can enhance your network
security by preventing any PING on the Barricade’s WAN port from
being routed to the network.
Remote Management – By default, management access is only
available to users on your local network. However, you can also
manage the Wireless Barricade from a remote host by adding the
IP address of an administrator to this screen.
Note: If you specify an IP address of 0.0.0.0, any host can manage
the Wireless Barricade.
Virtual DMZ Host – If you have a client PC that cannot run an
Internet application properly from behind the NAT firewall or after
configuring the Special Applications function, then you can open
the client up to unrestricted two-way Internet access.
4-23
Page 58
N
ETWORKING AND CLIENT SERVICES
Enter the IP address of a DMZ host to this screen. Adding a client
to the DMZ (Demilitarized Zone) may expose your local network
to a variety of security risks, so only use this option as a last resort.
4-24
Page 59
C
ONFIGURING THE BARRICADE
Viewing Network and Device Status
You can use the following screen to display the connection status for
the WAN/WLAN/LAN interfaces, firmware and hardware version
numbers, any illegal attempts to access your network, as well as
information on all DHCP clients connected to your network.
The following items are included in this screen:
FieldDescription
INTERNETDisplays WAN connection type and status.
ReleaseClick on this button to release the WAN IP address.
RenewClick on this button to renew the WAN IP address.
GATEWAYDisplays system IP settings, the status for DHCP, and
INFORMATIONDisplays the number of attached clients, the firmware
Firewall services, as well as the wireless interface
settings.
versions, the physical MAC address for each media
interface, as well as the hardware version and serial
number.
4-25
Page 60
U
SING SYSTEM TOOLS
FieldDescription
Security LogDisplays any illegal attempts to access your network.
SaveClick on this button to save the security log to a file.
ClearClick on this button to clear the security log.
DHCP Client Log Displays information on all DHCP clients on your
network.
Using System Tools
You can use the “Tools” menu to reboot the Wireless Barricade,
restore factory settings, or update firmware.
Note: If you use the Reset button on the front panel, the Wireless
Barricade performs a power reset and restores the factory
settings.
The “Backup Settings” button allows you to save your Wireless
Barricade’s current configuration to a file named “config.bin” on
your PC. You can then click on the “Restore Settings” button to
restore the saved configuration to the Barricade.
4-26
Page 61
C
HAPTER
C
ONFIGURING
If you have not previously installed the TCP/IP protocol on your
client PCs, refer to the following section. If you need information
on how to configure a TCP/IP address on a PC, refer to “Setting
TCP/IP to Work with the Barricade” on page 5-3.
Installing TCP/IP Protocol in Your PC
1. Click the Start button and choose Settings, then click Control
Panel.
2. Double click the Network icon and select the Configuration tab
in the Network window.
C
LIENT
TCP/IP
5
3. Click the
4. Double click Protocol to add the TCP/IP protocol.
Add
button to add the network component to your PC.
5-1
Page 62
I
NSTALLING
TCP/IP P
5. Select the Microsoft item in the manufacturers list. And choose
TCP/IP in the Network Protocols. Click the OK button to return
to the Network window.
6. The TCP/IP protocol will be listed in the Network window.
Click OK to complete the install procedure and restart your PC
to enable the TCP/IP protocol.
ROTOCOL IN YOUR
PC
5-2
Page 63
C
ONFIGURING CLIENT
TCP/IP
Setting TCP/IP to Work with the Barricade
1. Click the Start button and choose Settings, then click Control
Panel.
2. Double click the Network icon. Select the TCP/IP line that has
been assigned to your network card in the Configuration tab
of the Network window.
3. Click the Properties button to set the TCP/IP protocol for the
Wireless Barricade.
4. You can dynamically assign TCP/IP address settings to a client,
or you can manually configure a client with address settings to
meet your specific network requirements. (Note that the
default IP address of the Wireless Barricade is 192.168.2.1.)
5-3
Page 64
S
ETTING
TCP/IP TO W
ORK WITH THE BARRICADE
Dynamic IP Allocation via a DHCP Server
Select Obtain an IP address automatically in the IP Address tab.
Do not input any values under the Gateway tab, and choose
Disable DNS in the DNS Configuration tab. These settings will be
automatically configured by the DHCP server. Click OK and reboot
your system to implement the changes.
5-4
Page 65
C
ONFIGURING CLIENT
Manual IP Configuration
1. Select Specify an IP address in the IP Address tab. Select an IP
address based on the default network 192.168.2.X (where X is
between 1 and 254), and use 255.255.255.0 for the subnet mask.
2.
In the
Gateway
(default: 192.168.2.1) in the New gateway field and click Add.
3.
In the
DNS Configuration
and click Add. This automatically relays DNS requests to the
DNS server(s) provided by your ISP. Otherwise, add specific
DNS servers into the
tab, add the IP address of the Wireless Barricade
tab, add the IP address for the Barricade
DNS Server Search Order
field and click
TCP/IP
Add
.
5-5
Page 66
S
ETTING
TCP/IP TO W
4. After finishing TCP/IP setup, click OK, and then reboot the
computer. After that, set up other PCs on the LAN according to
the procedures described above.
ORK WITH THE BARRICADE
Verifying Your TCP/IP Connection
After installing the TCP/IP communication protocol and
configuring an IP address in the same network with the Barricade,
you can use the Ping command to check if your computer is
successfully connected to the Wireless Barricade. The following
example shows how the Ping procedure can be executed in an
MS-DOS window. First, execute the Ping command:
ping 192.168.2.1
If the following messages appear:
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=2ms TTL=64
a communication link between your computer and the Wireless
Barricade has been successfully established.
Otherwise, if you get the following messages,
Pinging 192.168.2.1 with 32 bytes of data:
Request timed out.
there may be something wrong in your installation procedure.
Check the following items in sequence:
1. Is the Ethernet cable correctly connected between the Wireless
Barricade and your computer?
The LAN LED on the Wireless Barricade and the Link LED of
the network card on your computer must be on.
2. Is TCP/IP properly configured on your computer?
If the IP address of the Wireless Barricade is 192.168.2.1, the IP
address of your PC must be from 192.168.2.2 - 192.168.2.254
and the default gateway must be 192.168.2.1.
5-6
Page 67
C
ONFIGURING CLIENT
If you can successfully Ping the Wireless Barricade, then you are
now ready to connect to the Internet!
TCP/IP
5-7
Page 68
S
ETTING
TCP/IP TO W
ORK WITH THE BARRICADE
5-8
Page 69
C
HAPTER
C
ONFIGURING
If you want to use the print server built into the Wireless
Barricade, then you must first install the Port Monitor program as
described in the following section for Windows 95/98/ME/NT/
2000.
To configure the Wireless Barricade Print Server for Windows
95/98/ME/NT/2000 or Unix, see “Configure the Print Server” on
page 6-4.
P
RINTER
S
ERVICES
Install the Printer Port Monitor
Skip this section if you are using Unix.
For Windows 95/98/ME/NT/2000 clients, you need to install the
port monitor program as described in this section.
6
1. Insert the installation CD-ROM into your CD-ROM drive. Under
the PrintSvr directory, run the “setup.exe” program. The SMC
Port Monitor installation program advises you to close all other
Windows programs currently running on your computer. Click
Next to continue.
6-1
Page 70
I
NSTALL THE PRINTER PORT MONITOR
2. The next screen indicates that the print client uses TCP/IP
network protocol to monitor print requests. Click Next.
3. Select the destination folder and click on the Next button. The
setup program will then begin to install the programs into the
destination folder.
6-2
Page 71
C
ONFIGURING PRINTER SERVICES
4. Select the Program Folder that will contain the program icon
for uninstalling the port monitor, and then click Next.
5. Enter the printer port name that will be used to identify the
port monitor in your system, and press Next.
6. When the setup program finishes installing the port monitor,
select the item to restart your computer and then click OK.
7. After rebooting your computer, add the Wireless Barricade
print server to your system as described in the following
section.
6-3
Page 72
C
ONFIGURE THE PRINT SERVER
Configure the Print Server
The Wireless Barricade’s print server supports Microsoft Windows
95/98/ME/NT/2000 and Unix. If you are using Windows 95/98/
ME/NT/2000, first install the port monitor as described in the
previous section before adding the Wireless Barricade’s print
server to your operating system.
Configure the Network Printer in Windows 95/98/ME/
2000
1. On a Windows 95/98/ME/2000 platform, open the Printers
the
window in
Printer
icon.
My Computer
menu, and double-click the
Add
2. Follow the prompts to add a Local printer to your system.
6-4
Page 73
C
ONFIGURING PRINTER SERVICES
3. Specify the printer type attached to the Wireless Barricade.
4. Select the monitored port. The default port name is “SMC100”
and then click the Configure Port button.
5. Enter the IP address of the Wireless Barricade and click OK,
and then click Next in the Add Printer Wizard dialog box.
6. Continue following the prompts to finish installing the Wireless
Barricade print server. The printer type you specified will now
be added to your Printers menu.
6-5
Page 74
C
ONFIGURE THE PRINT SERVER
Configure the Network Printer in Windows NT
1. On a Windows NT platform, open the Printers window in
My Computer menu, and double-click the
2. Follow the prompts to add a local printer to your system.
Add Printer
the
icon.
6-6
Page 75
C
ONFIGURING PRINTER SERVICES
3. Select the monitored port. The default port name is “SMC100.”
Then click the Configure Port button.
4. Enter the IP address of the Wireless Barricade and click OK,
and then click Next in the Add Printer Wizard dialog box.
5. Specify the printer type attached to the Wireless Barricade.
6. Continue following the prompts to finish installing the Wireless
Barricade print server. The printer type you specified will now
be added to your Printers menu.
6-7
Page 76
C
ONFIGURE THE PRINT SERVER
Configure the Network Printer in Unix Systems
Follow the traditional configuration procedure on Unix platforms
to set up the Wireless Barricade print server. The printer name is
“lpt1.”
6-8
Page 77
A
PPENDIX
T
ROUBLESHOOTING
This appendix describes common problems you may encounter
and possible solutions. The Wireless Barricade can be easily
monitored through panel indicators to identify problems. If you
cannot resolve any connection problems after checking the
indicators, then refer to the other sections in the following table.
Troubleshooting Chart
SymptomAction
LED Indicators
Power LED is Off• External power supply has failed or is
disconnected.
•Check connections between the Wireless
Barricade, the external power supply, and the
wall outlet.
•If the power indicator does not turn on when the
power cord is plugged in, you may have a
problem with the power outlet, power cord, or
external power supply.
However, if the unit powers off after running for
a while, check for loose power connections,
power losses or surges at the power outlet.
If you still cannot isolate the problem, then the
external power supply may be defective. In this
case, contact SMC Technical Support for
assistance.
A
A-1
Page 78
T
ROUBLESHOOTING
Troubleshooting Chart
SymptomAction
LED Indicators
Link LED is Off•Verify that the Wireless Barricade and attached
device are powered on.
•Be sure the cable is plugged into both the
Wireless Barricade and the corresponding
device.
•Verify that the proper cable type is used and its
length does not exceed specified limits.
•Be sure that the network interface on the
attached device is configured for the proper
communication speed and duplex mode.
•Check the adapter on the attached device and
cable connections for possible defects. Replace
any defective adapter or cable if necessary.
Network Connection Problems
Cannot Ping the
Wireless Barricade
from the attached
LAN, or the Wireless
Barricade cannot Ping
any device on the
attached LAN
A-2
•Verify that IP addresses are properly configured.
For most applications, you should use the
Wireless Barricade’s DHCP function to
dynamically assign IP addresses to any host on
the attached LAN. However, if you manually
configure any IP addresses on the LAN, verify
that the same network address (network
component of the IP address) and subnet mask
are used for both the Wireless Barricade and
attached LAN devices.
•Be sure the device you want to ping (or from
which you are pinging) has been configured for
TCP/IP.
Page 79
Troubleshooting Chart
SymptomAction
T
ROUBLESHOOTING
Mobile users cannot
access the Wireless
Barricade
Management Problems
Cannot connect using
the Web browser
Forgot or lost the
password
Printer Server
The printer cannot
print or prints garbage
•Make sure that the Wireless Barricade and all
mobile users are configured to use the same
radio channel, wireless domain (SSID), and
encryption keys.
•Ensure that all mobile users are within range of
the Wireless Barricade as specified in Appendix
C.
•Be sure to have configured the Wireless
Barricade with a valid IP address, subnet mask
and default gateway.
•Check that you have a valid network connection
to the Wireless Barricade and that the port you
are using has not been disabled.
•Check network cabling between the
management station and the Wireless Barricade.
•Press the RESET button on the rear panel to
restore the factory defaults.
•Make sure the parallel cable between the
Wireless Barricade and printer is connected and
is in good condition
A-3
Page 80
T
ROUBLESHOOTING
A-4
Page 81
A
PPENDIX
C
Ethernet Cable
Specifications
Cable Types and Specifications
CableTypeMax. LengthConnector
10BASE-TCat. 3, 4, 5 100-ohm UTP100 m (328 ft)RJ-45
100BASE-TX Cat. 5 100-ohm UTP100 m (328 ft)RJ-45
Twisted-pair Cable
Caution: DO-NOT plug a phone jack connector into any RJ-45
port. Use only twisted-pair cables with RJ-45 connectors
that conform with FCC standards.
For 10BASE-T/100BASE-TX connections, a twisted-pair cable
must have two pairs of wires. Each wire pair is identified by two
different colors. For example, one wire might be red and the other,
red with white stripes. Also, an RJ-45 connector must be attached
to both ends of the cable. All RJ-45 ports on the Wireless Barricade,
except for the WAN port, support automatic MDI/MDI-X
configuration. This means that you can use straight-through cable
to attach the LAN ports to any network device. However, when
connecting the WAN port to a broadband modem, you will need to
use either straight-through or crossover cable, depending on the
port type used on the modem.
B
ABLES
B-1
Page 82
C
ABLES
Figure B-1 illustrates how the pins on the RJ-45 connector are
numbered. Be sure to hold the connectors in the same orientation
when attaching the wires to the pins.
Figure B-1. RJ-45 Connector Pin Numbers
Straight-through Cable
Straight-Through RJ-45 Pin Assignments
End 1
1 (TD+)1 (TD+)
2 (TD-)2 (TD-)
3 (RD+)3 (RD+)
6 (RD-)6 (RD-)
Pins 4, 5, 7 and 8 are not connected.
End 2
Crossover Cable
End 1
1 (TD+)3 (RD+)
2 (TD-)6 (RD-)
3 (RD+)1 (TD+)
6 (RD-)2 (TD-)
Pins 4, 5, 7 and 8 are not connected.
B-2
Crossover RJ-45 Pin Assignments
End 2
Page 83
RJ-45 Port Pin Assignments
All LAN ports on the Wireless Barricade support automatic MDI/
MDI-X configuration. This means that the pin signals in use will
depend on whether the LAN port is operating in MDI or MDI-X
mode. However, the WAN port is configured only for MDI-X mode.
PinMDI Signal Name*MDI-X Signal Name*
1Transmit Data (TD+)Receive Data (RD+)
2Transmit Data (TD-)Receive Data (RD-)
3Receive Data (RD+)Transmit Data (TD+)
6Receive Data (RD-)Transmit Data (RD-)
Pins 4, 5, 7 and 8 are not connected.
* The “+” and “-” signs represent the polarity of the wires that make
up each wire pair.
C
ABLES
B-3
Page 84
C
ABLES
Serial Port Pin Assignments
The DB-9 serial port on the rear panel is used to connect the
Wireless Barricade to an ISDN TA or PSTN modem. The pin
assignments used to connect to this port are provided in the
following tables.
The DB-25 parallel port on the Wireless Barricade’s rear panel is
used to connect the Wireless Barricade to a printer. When a printer
is attached to this port, any PCs attached to the Wireless
Barricade’s LAN ports can pass files to the printer. The pin
assignments used to connect to the printer port are provided in the
following table.
25
Figure B-3. DB-25 Printer Port Pin Numbers
DB-25 Printer Port Pin Assignments
PinSignal NameDirection
1-Strobe To printer
2+Data 0 To printer
3+Data 1 To printer
4+Data 2 To printer
5+Data 3 To printer
6+Data 4 To printer
7+Data 5 To printer
8+Data 6 To printer
9+Data 7 To printer
10- ACKTo print server
11+ BusyTo print server
12+ Paper EndTo print server
13+ SelectTo print server
14- Auto FeedNo connection
15- ErrorTo print server
16- InitTo printer
17- SelectNo connection
18-25GNDGround
B-6
Page 87
A
PPENDIX
S
PECIFICATIONS
WAN I nte r fa ce
10BASE-T, 1 RJ-45 port
Serial, 1 RS-232 DB-9 connector
LAN Interface
10BASE-T/100BASE-TX
3 RJ-45 ports
WLAN Interface
Standard: IEEE 802.11b, Direct Sequence Spread Spectrum (DSSS)
Transmission Rate: 11 Mbps, automatic fallback to 5.5, 2 or 1 Mbps
Maximum Channels: US/Canada: 11, Europe (ETSI): 13
Range: Up to 1000 ft (304.8m)
Frequency: (US/Canada/Europe) 2.400-2.4835 GHz
Sensitivity: 1, 2, 5.5 Mbps: -80 dBm; 11 Mbps: -76 dBm typical
Modulation: CCK, BPSK, QPSK
Encryption: 64-bit/128-bit WEP
Maximum Clients: 128
C
Printer Interface
Parallel
1 DB-25 printer port
C-1
Page 88
S
PECIFICATIONS
Management
Web management
Advanced Features
Dynamic IP Address Configuration – DHCP, DNS
Firewall – Client privileges, hacker prevention and logging, NAT
Virtual Private Network – PPTP, L2TP, IPSec pass-through
Backup Internet Connection –
Operating 32 to 104°F (0 to 40°C)
Storage -40 to 158°F (-40 to 70°C)
Humidity
5% to 95% (noncondensing)
Compliances
CE Mark
Emissions
FCC Class B
VCCI Class B
Industry Canada Class B
EN55022 (CISPR 22) Class B
C-Tick - AS/NZS 3548 (1995) Class B
ETS 300 328
MPT RCR STD-33
EN 61000-3-2/3