2.4 GHz Wireless-G 802.11g WIRELESS Model No.
Wireless-G VPN Router with RangeBooster Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2006 Cisco Systems, Inc. All rights reserved. Other brands and product names are trademarks or registered trademarks of their respective holders.
Wireless-G VPN Router with RangeBooster Table of Contents Chapter 1: Introduction 1 Welcome What’s in this Guide? 1 2 Chapter 2: Planning Your Wireless Network Network Topology Ad-Hoc versus Infrastructure Mode Network Layout Chapter 3: Planning Your Virtual Private Network (VPN) Why do I need a VPN? What is a VPN? Chapter 4: Getting to Know the Wireless-G VPN Router The Back Panel The Front Panel Chapter 5: Connecting the Wireless-G VPN Router Overview Wired Connection to a PC Wireless Connection t
Wireless-G VPN Router with RangeBooster The Firewall Tab - Port Forwarding The Firewall Tab - Port Triggering The Firewall Tab - DMZ The Firewall Tab - Access Restriction The Firewall Tab - URL Filtering The VPN Tab The VPN Tab - VPN Client Access The VPN Tab - VPN Passthrough The VPN Tab - IPSec VPN The VPN Tab - VPN Summary The QoS Tab - Application-based QoS The QoS Tab - Port-based QoS The Administration Tab - Management The Administration Tab - Log The Administration Tab - Diagnostics The Administrati
Wireless-G VPN Router with RangeBooster Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router Introduction Environment How to Establish a Secure IPSec Tunnel Appendix E: Configuring a Gateway-to-Gateway IPSec Tunnel Overview Before You Begin Configuring the VPN Settings for the VPN Routers Configuring the Key Management Settings Configuring PC 1 and PC 2 84 84 84 85 95 95 95 96 98 99 Appendix F: Finding the MAC Address and IP Address for your Ethernet Adapter 100 Windows 98
Wireless-G VPN Router with RangeBooster List of Figures Figure 2-1: Network Diagram Figure 3-1: VPN Router to VPN Router Figure 3-2: Computer to VPN Router Figure 4-1: Back Panel Figure 4-2: Front Panel Figure 5-1: Connect to LAN Ports Figure 5-2: Connect to Internet Port Figure 5-3: Connect to Power Port Figure 5-4: Connect to Internet Port Figure 5-5: Connect to Power Port Figure 6-1: Login Screen Figure 6-2: Setup Tab - Automatic Configuration - DHCP Figure 6-3: Internet Connection Type - Static IP Figu
Wireless-G VPN Router with RangeBooster Figure 6-21: Wireless Security - RADIUS Figure 6-22: Wireless Security - WEP Figure 6-23: Wireless Tab - Wireless Network Access Figure 6-24: Networked Computers Figure 6-25: The Wireless Tab - Advanced Wireless Settings Figure 6-26: Wireless Tab - WDS Figure 6-27: The Firewall Tab - General Figure 6-28: The Firewall Tab - Port Forwarding Figure 6-29: The Firewall Tab - Port Triggering Figure 6-30: The Firewall Tab - DMZ Figure 6-31: The Firewall Tab - Access Restric
Wireless-G VPN Router with RangeBooster Figure 6-54: The Administration Tab - Firmware Upgrade Figure 6-55: The Administration Tab - Reboot Figure 6-56: The Status Tab - Router Figure 6-57: The Status Tab - Local Network Figure 6-58: DHCP Active IP Table Figure 6-59: The Status Tab - Wireless Figure 6-60: The Status Tab - System Performance Figure 6-61: The Status Tab - VPN Clients Figure C-1: Access Restrictions - VPN Client Access Screen Figure C-2: Setup Wizard - Welcome Screen Figure C-3: QuickVPN Desk
Wireless-G VPN Router with RangeBooster Figure D-14: Preshared Key Figure D-15: New Preshared Key Figure D-16: Tunnel Setting Tab Figure D-17: Connection Type Tab Figure D-18: Properties Screen Figure D-19: IP Filter List Tab Figure D-20: Filter Action Tab Figure D-21: Authentication Methods Tab Figure D-22: Preshared Key Figure D-23: New Preshared Key Figure D-24: Tunnel Setting Tab Figure D-25: Connection Type Figure D-26: Rules Figure D-27: Local Computer Figure D-28: VPN Tab Figure E-1: Diagram of All
Wireless-G VPN Router with RangeBooster
Wireless-G VPN Router with RangeBooster Chapter 1: Introduction Welcome Thank you for choosing the Linksys Wireless-G VPN Router with RangeBooster. The Wireless-G VPN Router will allow you to network wirelessly better than ever, sharing Internet access, files and fun, easily and securely. How does the Wireless-G VPN Router do all of this? A router is a device that allows access to an Internet connection over a network.
Wireless-G VPN Router with RangeBooster You should always use the Setup CD-ROM when you first install the Router. If you do not wish to run the Setup Wizard on the Setup CD-ROM, then use the instructions in this Guide to help you connect the Wireless-G VPN Router, set it up, and configure it to bridge your different networks. These instructions should be all you need to get the most out of the Wireless-G VPN Router with RangeBooster.
Wireless-G VPN Router with RangeBooster • Appendix E: Configuring VPN Tunnels This appendix describes how to configure VPN IPSec tunnels using the VPN Routers and a VPN client. • Appendix F: Finding the MAC Address and IP Address for your Ethernet Adapter. This appendix describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC filtering and/or MAC address cloning feature of the Router. It also explains how to find the IP address for your computer.
Wireless-G VPN Router with RangeBooster Chapter 2: Planning Your Wireless Network Network Topology A wireless local area network (WLAN) is exactly like a regular local area network (LAN), except that each computer in the WLAN uses a wireless device to connect to the network. Computers in a WLAN share the same frequency channel and SSID, which is an identification name shared by the wireless devices belonging to the same wireless network.
Wireless-G VPN Router with RangeBooster The Wireless-G VPN Router is compatible with all 802.11b and 802.11g adapters, such as the Notebook Adapters (WPC54G, WPC11) for your laptop computers, PCI Adapter (WMP54G, WMP11) for your desktop PC, and USB Adapter (WUSB54G, WUSB11) when you want to enjoy USB connectivity. The Router will also communicate with the Wireless PrintServer (WPS54GU2, WPS11) and Wireless Ethernet Bridges (WET54G, WET11).
Wireless-G VPN Router with RangeBooster Chapter 3: Planning Your Virtual Private Network (VPN) Why do I need a VPN? Computer networking provides a flexibility not available when using an archaic, paper-based system. With this flexibility, however, comes an increased risk in security. This is why firewalls were first introduced. Firewalls help to protect data inside of a local network.
Wireless-G VPN Router with RangeBooster data to a new destination. Even though the data is not received by its intended recipient, it appears that way to the person sending the data. These are only a few of the methods hackers use and they are always developing more. Without the security of your VPN, your data is constantly open to such attacks as it travels over the Internet.
Wireless-G VPN Router with RangeBooster and the Router”). Other versions of Microsoft operating systems require additional, third-party VPN client software applications that support IPSec to be installed. VPN Router to VPN Router An example of a VPN Router-to-VPN Router VPN would be as follows. At home, a telecommuter uses his VPN Router for his always-on Internet connection. His router is configured with his office's VPN settings.
Wireless-G VPN Router with RangeBooster Chapter 4: Getting to Know the Wireless-G VPN Router The Back Panel The Router’s ports, where a network cable is connected, are located on the back panel. Power The Power port is where you will connect the power adapter. Figure 4-1: Back Panel Reset Button There are two ways to reset the Router's factory defaults.
Wireless-G VPN Router with RangeBooster The Front Panel The Router's LEDs, where information about network activity is displayed, are located on the front panel. Figure 4-2: Front Panel Power Green. The Power LED lights up when the Router is powered on. DMZ Red. The DMZ LED lights up when the Router has an available DMZ port. If the LED is flashing, the Router is sending or receiving data over the DMZ port. Internet Green.
Wireless-G VPN Router with RangeBooster Chapter 5: Connecting the Wireless-G VPN Router Overview To begin installation of the Router, you will connect the Router to your PCs, other network devices, and cable or DSL modem. If you want to use a PC with an Ethernet adapter to configure the Router, go to “Wired Connection to a PC.” If you want to use a PC with a wireless adapter to configure the Router, go to “Wireless Connection to a PC.” Wired Connection to a PC 1.
Wireless-G VPN Router with RangeBooster Wireless Connection to a PC If you want to use a wireless connection to access the Router, follow these instructions: 1. Make sure that all of your network’s hardware is powered off, including the Router, PCs, and cable or DSL modem. 2. Connect an Ethernet network cable from your cable or DSL modem to the Internet port on the Router’s rear panel. 3. Power on the cable or DSL modem. 4.
Wireless-G VPN Router with RangeBooster Chapter 6: Configuring the Wireless-G VPN Router Overview Linksys recommends using the Setup CD-ROM for first-time installation of the Router. If you do not wish to run the Setup Wizard on the Setup CD-ROM, then follow the steps in this chapter and use the Router’s Web-based Utility to configure the Router. For advanced users, you may configure the Router’s advanced settings through the Web-based Utility.
Wireless-G VPN Router with RangeBooster • Wireless Network Access. This screen displays your network access list. • Advanced Wireless Settings. For advanced users, you can alter data transmission settings on this screen. • WDS. This tab is used for Wireless Distribution System (WDS). Firewall • General. On this screen, you can configure a variety of filters to enhance the security of your network. • Port Forwarding.
Wireless-G VPN Router with RangeBooster Administration • Management. Alter the Router’s password, its access privileges, SNMP settings, and UPnP settings. • Log. If you want to view or save activity logs, click this tab. • Diagnostics. Use this screen to check the connection between the Router and a PC. • Factory Defaults. If you want to restore the Router’s factory defaults, then use this screen. • Firmware Upgrade. Click this tab if you want to upgrade the Router’s firmware. • Reboot.
Wireless-G VPN Router with RangeBooster Internet Setup The Internet Setup section configures the Router for your Internet connection type. This information can be obtained from your ISP. Internet Connection Type The Router supports four connection types: Automatic Configuration - DHCP (the default connection type), PPPoE, Static IP, and PPTP. Each Basic Setup screen and available features will differ depending on what kind of connection type you select.
Wireless-G VPN Router with RangeBooster User Name and Password. Enter the User Name and Password provided by your ISP. Then, enter the Password again to confirm it. Auth Type: Select from two authentication protocols as required by your ISP: Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). Connect on Demand: Max Idle Time. You can configure the Router to cut the Internet connection after it has been inactive for a specified period of time (Max Idle Time).
Wireless-G VPN Router with RangeBooster due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. If you wish to activate Connect on Demand, click the radio button. In the Max Idle Time field, enter the number of minutes you want to have elapsed before your Internet connection terminates. Keep Alive Option: Redial Period. If you select this option, the Router will periodically check your Internet connection.
Wireless-G VPN Router with RangeBooster is down, then the Router will automatically re-establish the connection. To use this option, click the radio button next to Keep Alive. The default Redial Period is 30 seconds. Click the Save Settings button. Then click the Status tab, and click the Connect button. Optional Settings (Required by some ISPs) Some of these settings may be required by your ISP. Verify with your ISP before making any changes. Host Name and Domain Name.
Wireless-G VPN Router with RangeBooster Start IP Address. Enter a value for the DHCP server to start with when issuing IP addresses. This value must be 192.168.1. 2 or greater, but smaller than 192.168.1.254, because the default IP address for the Router is 192.168.1.1, and 192.168.1.255 is the broadcast IP address. Number of Address. Enter the maximum number of PCs that you want the DHCP server to assign IP addresses to. This number cannot be greater than 253.
Wireless-G VPN Router with RangeBooster VLAN No. Select the VLAN number to associate with the desired port. When you have finished making changes to the screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. The Setup Tab - DDNS ddns: allows the hosting of a website, FTP server, or e-mail server with a fixed domain name (e.g., www.xyz.com) and a dynamic IP address The Router offers a Dynamic Domain Name System (DDNS) feature.
Wireless-G VPN Router with RangeBooster Status. The status of the DDNS service connection is displayed here. When you have finished making changes to the screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. The Setup Tab - MAC Address Clone The Router’s MAC address is a 12-digit code assigned to a unique piece of hardware for identification, like a social security number.
Wireless-G VPN Router with RangeBooster The Setup Tab - Advanced Routing The Advanced Routing screen allows you to configure the dynamic and static routing settings. Advanced Routing Operation Mode. Select Gateway or Router from the drop-down menu. If this Router is hosting your network’s connection to the Internet, keep the default, Gateway, which will also enable NAT. If you have a different router hosting your Internet connection, then select Router.
Wireless-G VPN Router with RangeBooster building a route to an entire network, be sure that the network portion of the IP address is set to 0. For example, the Router’s standard IP address is 192.168.1.1. Based on this address, the address of the routed network is 192.168.1, with the last digit determining the Router’s place on the network. Therefore you would enter the IP address 192.168.1.0 if you wanted to route to the Router’s entire network, rather than just to the Router. Subnet Mask.
Wireless-G VPN Router with RangeBooster The Wireless Tab - Basic Wireless Settings The basic settings for wireless networking are configured on this screen. Wireless Network Wireless Network Mode. From this drop-down menu, you can select the wireless standards running on your network. If you have both 802.11g and 802.11b devices in your network, keep the default setting, Mixed. If you have only 802.11g devices, select G-Only. If you have only 802.11b devices, select B-Only. If you do not have any 802.
Wireless-G VPN Router with RangeBooster The Wireless Tab - Wireless Security The Wireless Security settings configure the security of your wireless network. There are eight wireless security mode options supported by the Router: WPA-Personal, WPA2-Personal, WPA Enterprise, WPA2 Enterprise, WPA2Personal-Mixed, WPA2-Enterprise Mixed, RADIUS, and WEP. (WPA stands for Wi-Fi Protected Access, which is a security standard stronger than WEP encryption.
Wireless-G VPN Router with RangeBooster WPA Enterprise. This option features WPA used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to the Router.) Enter the RADIUS server’s IP address. Select TKIP or AES from the WPA Algorithm drop-down menu. Enter the RADIUS server’s port number, along with the Shared Secret key, which is the key shared between the Router and the server.
Wireless-G VPN Router with RangeBooster WPA2 Personal Mixed. WPA2 Personal Mixed gives you either WPA-Personal (TKIP) or PSK2 (AES) encryption. Enter a Shared Secret of 8-63 characters. Then enter a Key Renewal period, which instructs the Router how often it should change the encryption keys. Figure 6-19: Wireless Security - WPA2 Personal Mixed WPA2 Enterprise Mixed. This option features WPA2 used in coordination with a RADIUS server.
Wireless-G VPN Router with RangeBooster RADIUS. This option features WEP used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to the Router.) First, enter the RADIUS server’s IP address and port number in the RADIUS Server IP Address and RADIUS Server Port fields. Enter the key shared between the Router and the server in the Shared Secret field. To indicate which WEP key to use, select the appropriate Default Transmit Key number.
Wireless-G VPN Router with RangeBooster The Wireless Tab - Wireless Network Access This screen allows you to control access to your wireless network for each SSID. Wireless Network Access Access List. To allow the designated computers to access your network, select the Permit to access radio button. To block the designated computers from accessing your wireless network, select the Prevent from accessing radio button. Click Disabled to disable the access function. MAC 1-16.
Wireless-G VPN Router with RangeBooster The Wireless Tab - Advanced Wireless Settings This tab is used to set up the Router’s advanced wireless functions. These settings should only be adjusted by an advanced user as incorrect settings can reduce wireless performance. Advanced Wireless Settings AP Isolation. This isolates all wireless clients and wireless devices on your network from each other. Wireless devices will be able to communicate with the Router but not with each other.
Wireless-G VPN Router with RangeBooster Fragmentation Threshold. In most cases, this value should remain at its default value of 2346. It specifies the maximum size for a packet before data is fragmented into multiple packets. If you experience a high packet error rate, you may slightly increase the Fragmentation Threshold. Setting the Fragmentation Threshold too low may result in poor network performance. Only minor reduction of the default value is recommended.
Wireless-G VPN Router with RangeBooster The Firewall Tab - General When you click the Security tab, you will see the General screen. The Router’s firewall enhances the security of your network. You can implement a Stateful Packet Inspection (SPI) firewall, block anonymous Internet requests, and enable block mechanisms. General DoS Prevention. Denial of Service (DoS) Prevention checks incoming packets before allowing them to enter your network. To use this feature, select Enabled from the drop-down menu.
Wireless-G VPN Router with RangeBooster The Firewall Tab - Port Forwarding The Port Forwarding screen sets up public services on your network, such as web servers, ftp servers, e-mail servers, or other specialized Internet applications. (Specialized Internet applications are any applications that use Internet access to perform functions such as videoconferencing or online gaming. Some Internet applications may not require any forwarding.
Wireless-G VPN Router with RangeBooster The Firewall Tab - Port Triggering Port Triggering is used for special Internet applications whose outgoing ports differ from the incoming ports. For this feature, the Router will watch outgoing data for specific port numbers.
Wireless-G VPN Router with RangeBooster The Firewall Tab - DMZ The DMZ screen allows one local PC to be exposed to the Internet for use of a special-purpose service such as Internet gaming and videoconferencing through Software DMZ. Whereas Port Range Forwarding can only forward a maximum of 10 ranges of ports, DMZ hosting forwards all the ports for one PC at the same time. Software DMZ.
Wireless-G VPN Router with RangeBooster The Firewall Tab - Access Restriction The Access Restriction screen allows you to block or allow specific kinds of Internet usage and traffic during specific days and times. Internet Access Policy. Access can be managed by a policy. Use the settings on this screen to establish an access policy (after the Save Settings button is clicked). Selecting a policy from the drop-down menu will display that policy’s settings.
Wireless-G VPN Router with RangeBooster To modify a service, select it from the list on the right. Change its name, protocol setting, or port range. Then click the Modify button. To delete a service, select it from the list on the right. Then click the Delete button. When you are finished making changes on the Port Services screen, click the Apply button to save changes. If you want to cancel your changes, click the Cancel button.
Wireless-G VPN Router with RangeBooster The VPN Tab Virtual Private Networking (VPN) is a security measure that creates a secure connection between two remote locations. The security is created by the very specific settings for the connection. The VPN Tab allows you to configure your VPN settings to make your network more secure. The VPN Tab - VPN Client Access The Router offers a QuickVPN Client utility for Windows 2000 or XP.
Wireless-G VPN Router with RangeBooster When you have finished making changes to the screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. For help information, click More. The VPN Tab - VPN Passthrough This tab is used to allow VPN tunnels to pass through the Router’s firewall using IPSec, L2TP, or PPTP protocols. VPN PassThrough IPSec Passthrough.
Wireless-G VPN Router with RangeBooster The VPN Tab - IPSec VPN The VPN Router creates a tunnel or secure channel between two endpoints, so that the transmitted data or information between these endpoints is secure. Tunnel Entry. To establish this tunnel, select the tunnel you wish to create from the drop-down box. It is possible to create up to 5 gateway-to-gateway tunnels. VPN Tunnel. Click Enabled to enable the selected VPN Tunnel. Tunnel Name. Once the tunnel is enabled, enter the name of the tunnel.
Wireless-G VPN Router with RangeBooster Remote Secure Group The Remote Secure Group is the computer(s) on the remote end of the tunnel that can access the tunnel. From the drop-down menu, select Subnet, to include the entire network for the tunnel; select IP address if you want a specific computer; IP Range, if you want to include a range of IP addresses; select Host, if the VPN will terminate at the Router, instead of the PC; or Any, to allow any computer to access the tunnel.
Wireless-G VPN Router with RangeBooster it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel. Or, you may choose to disable this feature. Authentication. Authentication acts as another level of security. There are two types of authentication: MD5 and SHA (SHA is recommended because it is more secure). As with encryption, either of these may be selected, provided that the VPN device at the other end of the tunnel is using the same type of authentication.
Wireless-G VPN Router with RangeBooster Authentication Method. You can select MD5 or SHA1 authentication method to generate IPSec Authentication Header (AH) during ISAKMP. Group. This is for Diffie-Hellman key negotiation. There are 7 groups available for ISAKMP SA establishment. Group 1024, 1536, 2048, 3072, 4096, 6144, and 8192 represent different bits used in Diffie-Hellman mode operation. The default value is 1024. ISAKMP Key Lifetime(s).
Wireless-G VPN Router with RangeBooster If IKE failed more than _times, block this unauthorized IP for _ seconds. This feature is enabled by default. It enables the Router to block unauthorized IP addresses. Specify the number of times IKE must fail before the Router blocks that unauthorized IP address. IPComp Compression. You can click the IPComp Compression checkbox to enable IP compression to be done before encryption. Anti-replay.
Wireless-G VPN Router with RangeBooster The VPN Tab - VPN Summary This page summarizes the comprehensive details of IPSec VPN Tunnels that include Tunnel Name, Remote Gateway, Remote Group, Local Group, Key Methods, Tunnel Status, and Start/Stop/Detail Connection. Each field displays information according to a pre-configured value of IPSec tunnel separately, and each IPSec tunnel can be easily commanded to start/stop connection here.
Wireless-G VPN Router with RangeBooster NAT-T : The Tunnel enables the NAT-Traversal to allow the remote initiator that is behind the NAT to construct this IPSec Tunnel. Start/Stop/Restart Connection. You can manually start/stop IPSec connection according to pre-configured tunnel settings. If the pre-configured type of remote gateway or remote group is either Any or NAT-Traversal, Detail button can also examine Remote Security Gateway information. Detail. Each Tunnel has a Detail button.
Wireless-G VPN Router with RangeBooster The QoS Tab - Application-based QoS Quality of Service (QoS) ensures better service to high-priority service. Application-based QoS involves Internet traffic, which may involve demanding, real-time applications, such as videoconferencing. To enable Application-based QoS, you can select either Priority Queue or Bandwidth Allocation. Priority Queue. Application-based QoS manages information as it is transmitted from LAN to WAN.
Wireless-G VPN Router with RangeBooster The QoS Tab - Port-based QoS Port-based QoS ensures better service to a specific LAN port. Priority. Select the QoS priority for each LAN port. High/Low setting will queue all egress packets from this port according to its priority value. If you select High for the specific port, the packets received from this port would be put into High Priority Queue. Flow Control.
Wireless-G VPN Router with RangeBooster The Administration Tab - Management The Management screen allows you to change the Router’s access settings as well as configure the SNMP and UPnP (Universal Plug and Play) features. Admin Password To ensure the Router’s security, you will be asked for your password when you access the Router’s Web-based Utility. The default user name and password is admin. User Name. You should change the default user name to one of your choice. Router Password.
Wireless-G VPN Router with RangeBooster SNMP SNMP, Simple Network Management Protocol, is a network protocol that provides network administrators with the ability to monitor the status of the Router and receive notification of any critical events as they occur on the network. To enable SNMP, check the Enabled box. To configure SNMP, complete all fields on this screen. To disable the SNMP agent, remove the checkmark. Identification Contact.
Wireless-G VPN Router with RangeBooster Backup and Restore Backup Configurations. To back up the Routers configuration, click this button and follow the on-screen instructions. Restore Configurations. To restore the Routers configuration, click this button and follow the on-screen instructions. (You must have previously backed-up the Router's configuration.
Wireless-G VPN Router with RangeBooster The Administration Tab - Log When you click the Administration tab, you will see the Log screen. The Log screen provides you with options for email alerts and a log of all incoming and outgoing URLs or IP addresses for your Internet connection. Log Email Alert. To enable the Router to send email alerts in the event of Denial of Service attacks and the like, select Enabled. If you do not wish to have email alerts, select Disabled.
Wireless-G VPN Router with RangeBooster The Administration Tab - Diagnostics The Diagnostcs allow you to check the connections of your network components. Ping Test Ping Test Parameters IP or URL Address. Enter the IP or URL address of the network device whose connection status you wish to test. Packet Size. Enter the size of the ping packets. Times to Ping. Enter the number of times that you want to ping the device: 5, 10, 15. or Unlimited.
Wireless-G VPN Router with RangeBooster The Administration Tab - Factory Defaults Note: Do not restore the factory defaults unless you are having difficulties with the Router and have exhausted all other troubleshooting measures. Once the Router is reset, you will have to re-enter all of your configuration settings. The Factory Defaults screen allows you to restore the Router’s configuration to its factory default settings. Restore Factory Defaults.
Wireless-G VPN Router with RangeBooster The Status Tab - Router The Router screen displays information about the Router and its current settings. The on-screen information will vary depending on the Internet Connection Type selected on the Setup Tab. Information Hardware Version. This shows the installed version and date of the hardware. Software Version. This shows the installed version and date of the software. Current Time. The current time is displayed here. MAC Address.
Wireless-G VPN Router with RangeBooster The Status Tab - Local Network The Local Network screen displays information about the local network. Local Network Local MAC Address. The MAC Address of the Router’s LAN (local area network) interface is displayed here. IP Address. The Router’s local IP Address is shown here. Subnet Mask. The Router’s Subnet Mask is shown here. DHCP Server DHCP Server. The status of the DHCP server on the Router is displayed here.
Wireless-G VPN Router with RangeBooster The Status Tab - Wireless The Wireless screen displays status information about your wireless network. Wireless Mode. As selected from the Wireless tab, this will display the wireless mode (Mixed, G-Only, or Disabled) used by the network. Wireless Channel. As entered on the Wireless tab, this will display the channel on which your wireless network is broadcasting. SSID MAC Address.
Wireless-G VPN Router with RangeBooster The Status Tab - System Performance The System Performance screen displays status information about network traffic for the Internet, wireless activities, and wired connectivity. System Performance Internet/Wireless Statistics for the network traffic on the Internet connection and wireless connectivity are shown in five separate columns. Connection. The status of the connection is shown here. Packets Received. The number of packets received is displayed here.
Wireless-G VPN Router with RangeBooster Dropped Packets Received. The number of dropped packets received is displayed here. Click the Refresh button to update the on-screen information. Help information is shown on the right-hand side of the screen. The Status Tab - VPN Clients The VPN Client Status screen displays status information about the Router’s QuickVPN clients. VPN Summary VPN Client Users Display. Select the group of VPN client users whose information you wish to see. No.
Wireless-G VPN Router with RangeBooster Appendix A: Troubleshooting This appendix consists of two parts: “Common Problems and Solutions” and “Frequently Asked Questions.” Provided are possible solutions to problems that may occur during the installation and operation of the Router. Read the descriptions below to help you solve your problems. If you can’t find an answer here, check the Linksys website at www.linksys.com. Common Problems and Solutions 1.
Wireless-G VPN Router with RangeBooster • For Windows 2000: 1. Click Start, Settings, and Control Panel. Double-click Network and Dial-Up Connections. 2. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option. 3. In the Components checked are used by this connection box, highlight Internet Protocol (TCP/IP), and click the Properties button. Select Use the following IP address option. 4.
Wireless-G VPN Router with RangeBooster For Windows NT 4.0: • Click Start, Settings, and Control Panel. Double-click the Network icon. • Click the Protocol tab, and double-click on TCP/IP Protocol. • When the window appears, make sure you have selected the correct Adapter for your Ethernet adapter and set it for Obtain an IP address from a DHCP server. • Click the OK button in the TCP/IP Protocol Properties window, and click the Close button in the Network window. • Restart the computer if asked.
Wireless-G VPN Router with RangeBooster 4. Make sure the cable connecting from your cable or DSL modem is connected to the Router’s Internet port. Verify that the Status page of the Router’s web-based utility shows a valid IP address from your ISP. 5. Turn off the computer, Router, and cable/DSL modem. Wait 30 seconds, and then turn on the Router, cable/DSL modem, and computer. Check the Status tab of the Router’s web-based utility to see if you get an IP address. 5.
Wireless-G VPN Router with RangeBooster 7. I need to set up a server behind my Router and make it available to the public. To use a server like a web, ftp, or mail server, you need to know the respective port numbers they are using. For example, port 80 (HTTP) is used for web; port 21 (FTP) is used for FTP, and port 25 (SMTP outgoing) and port 110 (POP3 incoming) are used for the mail server. You can get more information by viewing the documentation provided with the server you installed.
Wireless-G VPN Router with RangeBooster 2. Enter any name you want to use for the Customized Application. 3. Enter the External Port range of the service you are using. For example, if you want to host Unreal Tournament (UT), you would enter the range 7777 to 27900. 4. Check the protocol you will be using, TCP and/or UDP. 5. Enter the IP address of the PC or network device that you want the port server to go to. For example, if the web server’s Ethernet adapter IP address is 192.168.1.
Wireless-G VPN Router with RangeBooster 10. I forgot my password, or the password prompt always appears when I am saving settings to the Router. • Reset the Router to factory default by pressing the Reset button for 10 seconds and then releasing it. If you are still getting prompted for a password when saving settings, then perform the following steps: 1. Access the Router’s web-based utility by going to http://192.168.1.1 or the IP address of the Router.
Wireless-G VPN Router with RangeBooster 14. The firmware upgrade failed, and/or the Power LED is flashing. The upgrade could have failed for a number of reasons. Follow these steps to upgrade the firmware and/or make the Power LED stop flashing: • If the firmware upgrade failed, use the TFTP program (it was downloaded along with the firmware). Open the pdf that was downloaded along with the firmware and TFTP program, and follow the pdf’s instructions.
Wireless-G VPN Router with RangeBooster • If your difficulties continue, change the Size to different values. Try this list of values, one value at a time, in this order, until your problem is solved: 1462 1400 1362 1300 17. The Power LED flashes continuously. The Power LED lights up when the device is first powered up. Meantime, the system will boot up itself and check for proper operation. After finishing the checking procedure, the LED remains steady to show that the system is working fine.
Wireless-G VPN Router with RangeBooster Does the Router support IPX or AppleTalk? No. TCP/IP is the only protocol standard for the Internet and has become the global standard for communications. IPX, a NetWare communications protocol used only to route messages from one node to another, and AppleTalk, a communications protocol used on Apple and Macintosh networks, can be used for LAN to LAN connections, but those protocols cannot connect from the Internet to a LAN.
Wireless-G VPN Router with RangeBooster How do I get Half-Life: Team Fortress to work with the Router? The default client port for Half-Life is 27005. The computers on your LAN need to have “+clientport 2700x” added to the HL shortcut command line; the x would be 6, 7, 8, and on up. This lets multiple computers connect to the same server. One problem: Version 1.0.1.6 won’t let multiple computers with the same CD key connect at the same time, even if on the same LAN (not a problem with 1.0.1.3).
Wireless-G VPN Router with RangeBooster then the Connection tab. Make sure that Internet Explorer is set to Never dial a connection. For Netscape Navigator, click Edit, Preferences, Advanced, and Proxy. Make sure that Netscape Navigator is set to Direct connection to the Internet. What is DMZ Hosting? Demilitarized Zone (DMZ) allows one IP address (computer) to be exposed to the Internet. Some applications require multiple TCP/IP ports to be open.
Wireless-G VPN Router with RangeBooster Can I run an application from a remote computer over the wireless network? This will depend on whether or not the application is designed to be used over a network. Consult the application’s documentation to determine if it supports operation over a network. What is the IEEE 802.11b standard? It is one of the IEEE standards for wireless networks. The 802.
Wireless-G VPN Router with RangeBooster What is infrastructure mode? When a wireless network is set to infrastructure mode, the wireless network is configured to communicate with a wired network through a wireless access point. What is roaming? Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single access point.
Wireless-G VPN Router with RangeBooster What is DSSS? What is FHSS? And what are their differences? Frequency-Hopping Spread-Spectrum (FHSS) uses a narrowband carrier that changes frequency in a pattern that is known to both transmitter and receiver. Properly synchronized, the net effect is to maintain a single logical channel. To an unintended receiver, FHSS appears to be short-duration impulse noise. Direct-Sequence SpreadSpectrum (DSSS) generates a redundant bit pattern for each bit to be transmitted.
Wireless-G VPN Router with RangeBooster How many channels/frequencies are available with the Router? There are eleven available channels, ranging from 1 to 11 (in North America). If your questions are not addressed here, refer to the Linksys website, www.linksys.com.
Wireless-G VPN Router with RangeBooster Appendix B: Wireless Security Linksys wants to make wireless networking as safe and easy for you as possible. The current generation of Linksys products provide several network security features, but they require specific action on your part for implementation. So, keep the following in mind whenever you are setting up or using your wireless network.
Wireless-G VPN Router with RangeBooster SSID. There are several things to keep in mind about the SSID: 1. Disable Broadcast 2. Make it unique 3. Change it often Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID. Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.
Wireless-G VPN Router with RangeBooster WPA Pre-Shared Key. If you do not have a RADIUS server, select the type of algorithm, TKIP or AES, enter a password in the Pre-Shared key field of 8-64 characters, and enter a Group Key Renewal period time between 0 and 99,999 seconds, which instructs the Router or other device how often it should change the encryption keys. WPA RADIUS. WPA used in coordination with a RADIUS server.
Wireless-G VPN Router with RangeBooster Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP Overview The Linksys Wireless-G VPN Router offers a free QuickVPN software program for computers running Windows 2000 or XP. (Computers running other operating systems will have to use a third-party VPN software program.) This guide describes how to install and use the Linksys QuickVPN software.
Wireless-G VPN Router with RangeBooster Installing the LInksys QuickVPN Software NOTE: If you have the Wireless-G VPN Router Setup CD-ROM available, then follow these instructions: 1. Insert the Setup CD-ROM into your CD-ROM drive. The Setup Wizard should run automatically, and the Welcome screen should appear. If it does not, click Start and then Run. In the field provided, enter D:\setup.exe (if “D” is the letter of your CD-ROM drive). 2. Click Install QuickVPN Software.
Wireless-G VPN Router with RangeBooster Using the Linksys QuickVPN Software NOTE: You can change your password only if you have been granted that privilege by your system administrator. Figure C-3: QuickVPN Desktop Icon Figure C-4: QuickVPN Tray Icon - No Connection 1. Double-click the Linksys QuickVPN software icon on your desktop or in the system tray. 2. The login screen will appear. Enter a name for your profile. Then enter the User Name and Password you have been assigned.
Wireless-G VPN Router with RangeBooster 4. When your QuickVPN connection is established, the status screen will appear, and the QuickVPN tray icon will turn green. It will display the IP address of the remote end of the VPN tunnel, the time and date the VPN tunnel began, and the total length of time the VPN tunnel has been active. To terminate the VPN tunnel, click the Disconnect button. If you want to change your password, click the Change Password button. For information, click the Help button.
Wireless-G VPN Router with RangeBooster Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router Introduction This document demonstrates how to establish a secure IPSec tunnel using preshared keys to join a private network inside the Router and a Windows 2000 or XP computer. You can find detailed information on configuring the Windows 2000 server at the Microsoft website: Microsoft KB Q252735 - How to Configure IPSec Tunneling in Windows 2000 http://support.microsoft.
Wireless-G VPN Router with RangeBooster How to Establish a Secure IPSec Tunnel Step 1: Create an IPSec Policy 1. Click the Start button, select Run, and type secpol.msc in the Open field. The Local Security Setting screen will appear. Figure D-1: Local Security Screen 2. Right-click IP Security Policies on Local Computer (Win XP) or IP Security Policies on Local Machine (Win 2000), and click Create IP Security Policy. 3. Click the Next button, and then enter a name for your policy (for example, to_Router).
Wireless-G VPN Router with RangeBooster 3. The IP Filter List screen should appear. Enter an appropriate name, such as win->Router, for the filter list, and de-select the Use Add Wizard check box. Then, click the Add button. Figure D-4: IP Filter LIst 4. The Filters Properties screen will appear. Select the Addressing tab. In the Source address field, select My IP Address. In the Destination address field, select A specific IP Subnet, and fill in the IP Address: 192.168.1.0 and Subnet mask: 255.255.255.0.
Wireless-G VPN Router with RangeBooster Filter List 2: Router ->win 7. The New Rule Properties screen will appear. Select the IP Filter List tab, and make sure that win -> Router is highlighted. Then, click the Add button. 8. The IP Filter List screen should appear. Enter an appropriate name, such as Router->win for the filter list, and de-select the Use Add Wizard check box. Click the Add button. Figure D-7: IP Filter List 9. The Filters Properties screen will appear. Select the Addressing tab.
Wireless-G VPN Router with RangeBooster Step 3: Configure Individual Tunnel Rules Tunnel 1: win->Router 1. From the IP Filter List tab, click the filter list win->Router. Figure D-10: IP Filter List Tab 2. Click the Filter Action tab, and click the filter action Require Security radio button. Then, click the Edit button. Figure D-11: Filter Action Tab 3.
Wireless-G VPN Router with RangeBooster 4. Select the Authentication Methods tab, and click the Edit button. Figure D-13: Authentication Methods 5. Change the authentication method to Use this string to protect the key exchange (preshared key), and enter the preshared key string, such as XYZ12345. Click the OK button. Figure D-14: Preshared Key 6. This new Preshared key will be displayed. Click the Apply button to continue, if it appears on your screen; otherwise, proceed to the next step.
Wireless-G VPN Router with RangeBooster 7. Select the Tunnel Setting tab, and click The tunnel endpoint is specified by this IP Address radio button. Then, enter the Router’s WAN IP Address. Figure D-16: Tunnel Setting Tab 8. Select the Connection Type tab, and click All network connections. Then, click the OK or Close button to finish this rule. Figure D-17: Connection Type Tab Tunnel 2: Router->win 9.
Wireless-G VPN Router with RangeBooster 10. Go to the IP Filter List tab, and click the filter list Router->win. Figure D-19: IP Filter List Tab 11. Click the Filter Action tab, and select the filter action Require Security. Then, click the Edit button. From the Security Methods tab, verify that the Negotiate security option is enabled, and deselect the Accept unsecured communication, but always respond using IPSec check box. Select Session key Perfect Forward Secrecy, and click the OK button.
Wireless-G VPN Router with RangeBooster 13. Change the authentication method to Use this string to protect the key exchange (preshared key), and enter the preshared key string, such as XYZ12345. (This is a sample key string. Yours should be a key that is unique but easy to remember.) Then click the OK button. Figure D-22: Preshared Key 14. This new Preshared key will be displayed. Click the Apply button to continue, if it appears on your screen; otherwise, proceed to the next step.
Wireless-G VPN Router with RangeBooster 16. Click the Connection Type tab, and select All network connections. Then click the OK or Close button to finish. Figure D-25: Connection Type 17. From the Rules tab, click the OK or Close button to return to the screen showing the security policies. Figure D-26: Rules Step 4: Assign New IPSec Policy In the IP Security Policies on Local Machine window, right-click the policy named to_Router, and click Assign. A green arrow appears in the folder icon.
Wireless-G VPN Router with RangeBooster Step 5: Create a Tunnel Through the Web-Based Utility 1. Open your web browser, and enter 192.168.1.1 in the Address field. Press the Enter key. 2. When the User name and Password fields appear, enter the default user name and password, admin. Press the Enter key. 3. From the Setup tab, click the VPN tab. 4. From the VPN tab, select the tunnel you wish to create in the Select Tunnel Entry drop-down box. Then click Enabled.
Wireless-G VPN Router with RangeBooster Appendix E: Configuring a Gateway-to-Gateway IPSec Tunnel Overview This appendix explains how to configure an IPSec VPN tunnel between two VPN Routers by example. Two PCs are used to test the liveliness fo the tunnel.
Wireless-G VPN Router with RangeBooster Configuring the VPN Settings for the VPN Routers Configuring VPN Router 1 Follow these instructions for the first VPN Router, designated VPN Router 1. The other VPN Router is designated VPN Router 2. 1. Launch the web browser for a networked PC, designated PC 1. 2. Enter the VPN Router’s local IP address in the Address field (default is 192.168.1.1). Then press Enter. 3. A password request page will appear. (Non-Windows XP users will see a similar screen.
Wireless-G VPN Router with RangeBooster Configuring VPN Router 2 Follow similar instructions for VPN Router 2. 1. Launch the web browser for a networked PC, designated PC 2. 2. Enter the VPN Router’s local IP address in the Address field (default is 192.168.1.1). Then press Enter. 3. A password request page will appear. (Non-Windows XP users will see a similar screen.) Complete the User Name and Password fields (admin is the default user name and password). Then click the OK button. 4.
Wireless-G VPN Router with RangeBooster Configuring the Key Management Settings Configuring VPN Router 1 Following these instructions for VPN Router 1. 1. On the IPSec VPN screen, select 3DES from the Encryption drop-down menu. 2. Select MD5 from the Authentication drop-down menu. 3. Keep the default Key Exchange Method, Auto(IKE). 4. Select Pre-Shared Key, and enter a string for this key., e.g. 13572468. 5. For the PFS setting, select Enabled. 6.
Wireless-G VPN Router with RangeBooster Configuring VPN Router 2 For VPN Router 2, follow the same instructions in the previous section, “Configuring VPN Router 1.” Configuring PC 1 and PC 2 1. Set PC 1 and PC 2 to be DHCP clients (refer to Windows Help for more information). 2. Verify that PC 1 and PC 2 can ping each other (refer to Windows Help for more information). If the computers can ping each other, then you know the VPN tunnel is configured correctly.
Wireless-G VPN Router with RangeBooster Appendix F: Finding the MAC Address and IP Address for your Ethernet Adapter This section describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC filtering and/or MAC address cloning feature of the Router. You can also find the IP address of your computer’s Ethernet adapter. This IP address is used for the Router’s filtering, forwarding, and/or DMZ features.