Quick Reference Guide

ManualsBrandsNetgear ManualsModemsNetgear MR814v3

202-10039-01

Version 1.0

June 2004

NETGEAR, Inc.

4500 Great America Parkway

Santa Clara, CA 95054 USA

Reference Manual for the

MR814 v3 Cable/DSL

Wireless Router

Summary of content (162 pages)

PAGE 1
Reference Manual for the MR814 v3 Cable/DSL Wireless Router NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10039-01 Version 1.
PAGE 2
© 2004 by NETGEAR, Inc. All rights reserved. June 2004. Trademarks NETGEAR is a trademark of Netgear, Inc. Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders. Statement of Conditions In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice.
PAGE 3
Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das MR814 v3 Cable/DSL Wireless Router gemäß der im BMPT-AmtsblVfg 243/1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unterliegen. Lesen Sie dazu bitte die Anmerkungen in der Betriebsanleitung.
PAGE 4
iv 202-10039-01
PAGE 5
Contents Chapter 1 About This Manual Audience, Scope, Conventions, and Formats ................................................................1-1 How to Use This Manual ................................................................................................1-2 How to Print this Manual .................................................................................................1-3 Chapter 2 Introduction Key Features of the Router .................................................................
PAGE 6
How to Manually Configure Your Internet Connection ..................................................3-13 Using the Smart Setup Wizard .....................................................................................3-15 NETGEAR product registration, support, and documentation ......................................3-16 Chapter 4 Wireless Configuration Observe Performance, Placement, and Range Guidelines ............................................4-1 Implement Appropriate Wireless Security .............
PAGE 7
Chapter 7 Advanced Configuration of the Router Configuring for Port Forwarding to Local Servers ..........................................................7-1 Adding a Custom Service .........................................................................................7-2 Editing or Deleting a Port Forwarding Entry .............................................................7-3 Local Web and FTP Server Example .......................................................................
PAGE 8
Appendix A Technical Specifications Appendix B Network, Routing, Firewall, and Basics Related Publications ...................................................................................................... B-1 Basic Router Concepts .................................................................................................. B-1 What is a Router? ................................................................................................... B-1 Routing Information Protocol ......................
PAGE 9
Install or Verify Windows Networking Components ................................................. C-4 Enabling DHCP to Automatically Configure TCP/IP Settings in Windows 95B, 98, and Me C-6 Selecting Windows’ Internet Access Method .......................................................... C-8 Verifying TCP/IP Properties .................................................................................... C-8 Configuring Windows NT4, 2000 or XP for IP Networking ............................................
PAGE 10
WPA Wireless Security .................................................................................................. D-8 How Does WPA Compare to WEP? ........................................................................ D-9 How Does WPA Compare to IEEE 802.11i? ........................................................ D-10 What are the Key Features of WPA Security? ...................................................... D-10 WPA Authentication: Enterprise-level User Authentication via 802.
PAGE 11
Chapter 1 About This Manual This chapter describes the intended audience, scope, conventions, and formats of this manual. Audience, Scope, Conventions, and Formats This reference manual assumes that the reader has basic to intermediate computer and Internet skills. However, basic computer network, Internet, firewall, and VPN technologies tutorial information is provided in the Appendices and on the Netgear website. This guide uses the following typographical conventions: Table 1-1.
PAGE 12
Reference Manual for the MR814 v3 Cable/DSL Wireless Router How to Use This Manual The HTML version of this manual includes a variety of navigation features as well as links to PDF versions of the full manual and individual chapters. 2 1 3 Figure 1 -1: HTML version of this manual 1. Left pane. Use the left pane to view the Contents, Index, Search, and Favorites tabs. To view the HTML version of the manual, you must have a version 4 or later browser with JavaScript enabled. 2. Toolbar buttons.
PAGE 13
Reference Manual for the MR814 v3 Cable/DSL Wireless Router How to Print this Manual To print this manual you can choose one of the following several options, according to your needs. • Printing a “How To” Sequence of Steps in the HTML View. Use the Print button on the upper right of the toolbar to print the currently displayed topic. Use this button when a step-by-step procedure is displayed to send the entire procedure to your printer.
PAGE 14
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 4 About This Manual 202-10039-01
PAGE 15
Chapter 2 Introduction This chapter describes the features of the NETGEAR MR814 v3 Cable/DSL Wireless Router. Key Features of the Router The MR814 v3 Cable/DSL Wireless Router with 4-port switch connects your local area network (LAN) to the Internet through an external access device such as a cable modem or DSL modem. The MR814 v3 router provides you with multiple Web content filtering options, plus browsing activity reporting and instant alerts -- both via e-mail.
PAGE 16
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 802.11b Standards-based Wireless Networking The MR814 v3 router includes an 802.11b-compliant wireless access point, providing continuous, high-speed 11 Mbps access between your wireless and Ethernet devices. The access point provides: • 802.11b Standards-based wireless networking at up to 11 Mbps • 64-bit and 128-bit WEP encryption security. • WEP keys can be generated manually or by passphrase. • WPA-PSK support.
PAGE 17
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Security The MR814 v3 router is equipped with several features designed to maintain security, as described in this section. • PCs Hidden by NAT NAT opens a temporary path to the Internet for requests originating from the local network. Requests originating from outside the LAN are discarded, preventing users outside the LAN from finding and directly accessing the PCs on the LAN.
PAGE 18
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • Automatic Configuration of Attached PCs by DHCP The MR814 v3 router dynamically assigns network configuration information, including IP, gateway, and domain name server (DNS) addresses, to attached PCs on the LAN using the Dynamic Host Configuration Protocol (DHCP). This feature greatly simplifies configuration of PCs on your local network.
PAGE 19
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Maintenance and Support NETGEAR offers the following features to help you maximize your use of the MR814 v3 router: • Flash memory for firmware upgrade • Free technical support seven days a week, twenty-four hours a day Package Contents The product package should contain the following items: • • • • MR814 v3 Cable/DSL Wireless Router. AC power adapter. Category 5 (CAT5) Ethernet cable.
PAGE 20
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The Router’s Front Panel The front panel of the MR814 v3 router contains the status lights described below. 0OWER 7IRELESS 4EST )NTERNET 0ORT ,!. 0ORT Figure 2-1: MR814 v3 Front Panel You can use the status lights to verify connections. Viewed from left to right, the table below describes the lights on the front panel of the router. Table 2-1.
PAGE 21
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The Router’s Rear Panel The rear panel of the MR814 v3 Cable/DSL Wireless Router contains these port connections.
PAGE 22
Reference Manual for the MR814 v3 Cable/DSL Wireless Router range, interference, signal quality, and security to the picture. To help overcome potential barriers to successfully using home networks, the table below identifies how to accomplish such things as connecting to a wireless network, assuring appropriate security measures are taken, browsing the Internet through your wireless connection, exchanging files with other computers and using printers in the combined wireless and wired network. Table 2-1.
PAGE 23
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Table 2-1. A Road Map for How to Get There From Here If I Want To? What Do I Do? What’s Needed? How Do I? Share Windows PC files and printers at home in a combined wireless and wired network. 1. Use the Windows Printers and Fax features to locate available printers in the combined wireless and wired network in your home.
PAGE 24
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 2-10 Introduction 202-10039-01
PAGE 25
Chapter 3 Connecting the Router to the Internet This chapter describes how to set up the router on your local area network (LAN) and connect to the Internet. You will find out how to configure your MR814 v3 Cable/DSL Wireless Router for Internet access using the Setup Wizard, or how to manually configure your Internet connection. Follow these instructions to set up your router. Prepare to Install Your Router • Observe the wireless placement and range guidelines in the Reference Manual.
PAGE 26
Reference Manual for the MR814 v3 Cable/DSL Wireless Router c. Locate the Ethernet cable (cable 1 in the diagram) that connects your PC to the modem. &DEOH A ,QWHUQHW FRPSXWHU PRGHP Figure 3-1: Disconnect the Ethernet cable from the computer d. Disconnect the cable at the computer end only, point A in the diagram. e. Look at the label on the bottom of the router. Locate the Internet port.
PAGE 27
Reference Manual for the MR814 v3 Cable/DSL Wireless Router f. Note: Place the MR814 v3 router in a location which conforms to the “Observe Performance, Placement, and Range Guidelines” on page 4-1. The stand provided with the router provides a convenient, space-saving way of installing the router. Avoid stacking it on other electronic equipment.
PAGE 28
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 0OWER 4EST 7IRELESS )NTERNET 0ORT ,!. 0ORT Figure 3-4: Verify the connections according to the status lights on the router d. Check the router status lights to verify the following: • Power: The power light should turn solid green. If it does not, see “Troubleshooting Tips” on page 3-8. • Test: The test light blinks when the router is first turned on then goes off. If after 2 minutes it is still on, see “Troubleshooting Tips” on page 3-8.
PAGE 29
Reference Manual for the MR814 v3 Cable/DSL Wireless Router In its factory default state, the router will automatically display the NETGEAR Smart Wizard configuration assistant welcome page. Figure 3-5: NETGEAR Smart Wizard configuration assistant Note: If you do not see this page, clear the browser cache by going to the Internet Explorer Tools menu, Internet Options, and clicking Delete Files, then selecting the Delete all offline files check box and clicking Ok.
PAGE 30
Reference Manual for the MR814 v3 Cable/DSL Wireless Router c. Follow the instructions on the screen to enable the wireless feature. Figure 3-6: Enable the wireless feature d. Enable your wireless network, click Next to proceed, then click Done to finish. If you have trouble connecting to the Internet, see “Troubleshooting Tips” on page 3-8 to correct basic problems. Note: The Smart Wizard configuration assistant only appears when the router is in its factory default state.
PAGE 31
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Now, Set Up a Computer for Wireless Connectivity You are now connected to the Internet and the wireless feature of the router is enabled! Next, configure your wireless computer. 1. CONFIGURE THE COMPUTER’S WIRELESS ADAPTER SETTINGS :LUHOHVV $GDSWHU LQ D 1RWHERRN &RPSXWHU Figure 3-7: Configure wireless computer NETGEAR, Inc.
PAGE 32
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Troubleshooting Tips Here are some tips for correcting simple problems you may have. Be sure to restart your network in this sequence: 1) Turn off the modem, router, and computer; 2) Turn on the modem, wait two minutes; 3) Turn on the router and wait 1 minute; 4) Turn on the computer. Make sure the Ethernet cables are securely plugged in.
PAGE 33
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Overview of How to Access the Router The table below describes how you access the router, depending on the state of the router. Table 3-1.
PAGE 34
Reference Manual for the MR814 v3 Cable/DSL Wireless Router How to Log On to the Router After Configuration Settings Have Been Applied 1. Connect to the router by typing http://www.routerlogin.net in the address field of your browser, then click Enter. 2. For security reasons, the router has its own user name and password. When prompted, enter admin for the router user name and password for the router password, both in lower case letters.
PAGE 35
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Figure 3-9: Login result: MR814 v3 home page The browser will then display the MR814 v3 settings home page. When the router is connected to the Internet, click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the router. If you do not click Logout, the router will wait 5 minutes after there is no activity before it automatically logs you out.
PAGE 36
Reference Manual for the MR814 v3 Cable/DSL Wireless Router How to Bypass the Configuration Assistant 1. When the router is in the factory default state, type http://www.routerlogin.net/basicsetting.htm in the address field of your browser, then click Enter. When the router is in the factory default state, a user name and password are not required. 2. The browser will then display the MR814 v3 settings home page shown in “Login result: MR814 v3 home page” on page 3-11.
PAGE 37
Reference Manual for the MR814 v3 Cable/DSL Wireless Router How to Manually Configure Your Internet Connection You can manually configure your router using the menu below, or you can allow the Setup Wizard to determine your configuration as described in the previous section. ISP Does Not Require Login ISP Does Require Login Figure 3-10: Browser-based configuration Basic Settings menus You can manually configure the router using the Basic Settings menu shown in Figure 3-10 using these steps: 1.
PAGE 38
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 2. For security reasons, the router has its own user name and password. When prompted, enter admin for the router user name and password for the router password, both in lower case letters. 3. Click Basic Settings on the Setup menu. 4. If your Internet connection does not require a login, click No at the top of the Basic Settings menu and fill in the settings according to the instructions below.
PAGE 39
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Note: After you finish setting up your router, you will no longer need to launch the ISP’s login program on your computer in order to access the Internet. When you start an Internet application, your router will automatically log you in. a. Select you Internet service provider from the drop-down list. Figure 3-11: Basic Settings ISP list Note: Not all ISPs are listed here. The ones on this list have special requirements. b.
PAGE 40
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 2. For security reasons, the router has its own user name and password. When prompted, enter admin for the router user name and password for the router password, both in lower case letters. To change the password, see “Changing the Administrator Password” on page 6-8 Note: The router user name and password are not the same as any user name or password you may use to log in to your Internet connection.
PAGE 41
Chapter 4 Wireless Configuration This chapter describes how to configure the wireless features of your MR814 v3 router. In planning your wireless network, you should consider the level of security required. You should also select the physical placement of your firewall in order to maximize the network speed. For further information on wireless networking, refer to in Appendix D, “Wireless Networking Basics.
PAGE 42
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Implement Appropriate Wireless Security Note: Indoors, computers can connect over 802.11 wireless networks at ranges of up to 300 feet. Such distances can allow for others outside of your immediate area to access your network. Unlike wired network data, your wireless data transmissions can be received well beyond your walls by anyone with a compatible adapter. For this reason, use the security features of your wireless equipment.
PAGE 43
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • • Turn Off the Wireless LAN. If you disable the wireless LAN, wireless devices cannot communicate with the router at all. You might choose to turn off the wireless the LAN when you are away and the others in the household all use wired connections. Turn Off the Broadcast of the Wireless Network Name SSID. If you disable broadcast of the SSID, only devices that have the correct SSID can connect.
PAGE 44
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Figure 4-2: Wireless Settings menu • • • • Name (SSID). The SSID is also known as the wireless network name. Enter a value of up to 32 alphanumeric characters. In a setting where there is more than one wireless network, different wireless network names provide a means for separating the traffic. Any device you want to participate in a particular wireless network will need to use this SSID for that network.
PAGE 45
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Table 4-1. Security Options Field Description Disable No wireless security. WEP WEP offers the following options: • Automatic Normally, this can be left to the default setting of automatic. When set to Automatic, the MR814 v3 will make a best effort attempt to use whatever options the wireless station is using. If this fails, you may need to configure this setting so that the MR814 v3 router and wireless stations match.
PAGE 46
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Advanced Wireless Settings To configure the advanced wireless settings of your firewall, click the Wireless Setup link in the Advanced section of the main menu of the browser interface. The Wireless Settings menu will appear, as shown below. Figure 4-3: Advanced Wireless Settings menu • Allow Broadcast of Name (SSID). If you disable broadcast of the SSID, only devices that have the correct SSID can connect.
PAGE 47
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Information to Gather Before Changing Basic Wireless Settings Before customizing your wireless settings, print this form and record the following information. If you are working with an existing wireless network, the person who set up or is responsible for the network will be able to provide this information. Otherwise, you will choose the settings for your wireless network.
PAGE 48
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • If WPA-PSK Authentication is Used. – Passphrase: ______________________________ These characters are case sensitive. Enter a word or group of printable characters. When you use WPA-PSK, the other devices in the network will not connect unless they are set to WPA-PSK as well and are configured with the correct Passphrase. Use the procedures described in the following sections to configure the MR814 v3. Store this information in a safe place.
PAGE 49
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 3. Choose a suitable descriptive name for the wireless network name (SSID). In the SSID box, enter a value of up to 32 alphanumeric characters. The default SSID is NETGEAR. Note: The SSID is case sensitive; NETGEAR is not the same as nETgear. Also, the SSID of any wireless access adapters must match the SSID you configure in the MR814 v3 Cable/DSL Wireless Router. If they do not match, you will not get a wireless connection to the MR814 v3. 4.
PAGE 50
Reference Manual for the MR814 v3 Cable/DSL Wireless Router How to Configure WEP To configure WEP data encryption, follow these steps: Note: If you use a wireless computer configure WEP settings, you will be disconnected when you click on Apply. You must then either configure your wireless adapter to match the router WEP settings or access the router from a wired computer to make any further changes. Log in to the MR814 v3 firewall at http://www.routerlogin.
PAGE 51
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Select the Authentication Type and Encryptions strength from the drop-down lists. 5. You can manually or automatically program the four data encryption keys. These values must be identical on all computers and Access Points in your network. • Automatic - Enter a word or group of printable characters in the Passphrase box and click the Generate button. The passphrase is case sensitive; NETGEAR is not the same as nETgear.
PAGE 52
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Figure 4-6: WPA Settings menu Enter a word or group of 8-63 printable characters in the Password Phrase box. 3. Click Apply to save your settings. 2. How to Restrict Wireless Access by MAC Address To restrict access based on MAC Addresses, follow these steps: 1. Log in to the MR814 v3 firewall at http://www.routerlogin.
PAGE 53
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Figure 4-7: Wireless Card Access List Setup 4. Click the Turn Access Control On check box. 5. Click Add to add a wireless device to the wireless access control list. The Wireless Card Access Setup menu displays. 6. Then, either select from the list of available wireless cards the MR814 v3 has found in your area, or enter the MAC address and device name for a device you plan to use.
PAGE 54
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 4-14 Wireless Configuration 202-10039-01
PAGE 55
Chapter 5 Content Filtering This chapter describes how to use the content filtering features of the MR814 v3 Cable/DSL Wireless Router to protect your network. These features can be found by clicking on the Content Filtering heading in the Main Menu of the browser interface. Content Filtering Overview The MR814 v3 Cable/DSL Wireless Router provides you with Web content filtering options, plus browsing activity reporting and instant alerts via e-mail.
PAGE 56
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Blocking Access to Internet Sites The MR814 v3 router allows you to restrict access based on web addresses and web address keywords. Up to 255 entries are supported in the Keyword list. The Block Sites menu is shown in Figure 5-1 below: Figure 5-1: Block Sites menu To enable keyword blocking, select either “Per Schedule” or “Always”, then click Apply. If you want to block by schedule, be sure that a time period is specified in the Schedule menu.
PAGE 57
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • If the keyword “.com” is specified, only Web sites with other domain suffixes (such as .edu or .gov) can be viewed. • If you wish to block all Internet browsing access during a scheduled period, enter the keyword “.” and set the schedule in the Schedule menu. To specify a Trusted User, enter that PC’s IP address in the Trusted User box and click Apply.
PAGE 58
Reference Manual for the MR814 v3 Cable/DSL Wireless Router To specify a service for blocking, click Add. The Add Services menu will appear, as shown below: Figure 5-3: Add Services menu From the Service Type list, select the application or service to be allowed or blocked. The list already displays several common services, but you are not limited to these choices. To add any additional services or applications that do not already appear, select User Defined.
PAGE 59
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Configuring Services Blocking by IP Address Range Under “Filter Services For”, you can block the specified service for a single PC, a range of PCs (having consecutive IP addresses), or all PCs on your network. Scheduling When Blocking Will Be Enforced The MR814 v3 router allows you to specify when blocking will be enforced. The Schedule menu is shown below: Figure 5-4: Schedule menu • Use this schedule for blocking content.
PAGE 60
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Viewing Logs of Web Access or Attempted Web Access The log is a detailed record of what Web sites you have accessed or attempted to access. Up to 128 entries are stored in the log. Log entries will only appear when keyword blocking is enabled, and no log entries will be made for the Trusted User. An example is shown below: Figure 5-5: Logs menu Log entries are described in Table 5-1 Table 5-1.
PAGE 61
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Log action buttons are described in Table 5-2 Table 5-2. Log action buttons Field Description Refresh Click this button to refresh the log screen. Clear Log Click this button to clear the log entries. Send Log Click this button to email the log immediately.
PAGE 62
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • Turn e-mail notification on Check this box if you wish to receive e-mail logs and alerts from the router. • Your outgoing mail server Enter the name of your ISP’s outgoing (SMTP) mail server (such as mail.myISP.com). You may be able to find this information in the configuration menu of your e-mail program. If you leave this box blank, log and alert messages will not be sent via e-mail.
PAGE 63
Chapter 6 Maintenance This chapter describes how to use the maintenance features of your MR814 v3 Cable/DSL Wireless Router. These features can be found by clicking on the Maintenance heading in the Main Menu of the browser interface. Viewing Router Status Information The Router Status menu provides a limited amount of status and usage information. From the Main Menu of the browser interface, click on Maintenance, then select System Status to view the System Status screen, shown below.
PAGE 64
Reference Manual for the MR814 v3 Cable/DSL Wireless Router This screen shows the following parameters: Table 6-1. Router Status Fields Field Description Account Name This field displays the Host Name assigned to the router. Firmware Version This field displays the router firmware version. Internet Port These parameters apply to the Internet (WAN) port of the router. MAC Address This field displays the Media Access Control address being used by the Internet (WAN) port of the router.
PAGE 65
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Click on the “Show Connection Status” button to display the connection status, as shown below. Figure 6-2: Connection Status screen This screen shows the following statistics:. Table 6-2: Connection Status Items Item Description IP Address The WAN (Internet) IP Address assigned to the router. Subnet Mask The WAN (Internet) Subnet Mask assigned to the router.
PAGE 66
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Click on the “Show Statistics” button to display router usage statistics, as shown below. Figure 6-3: Router Statistics screen This screen shows the following statistics: Table 6-3: Router Statistics Items Item Description Port The statistics for the WAN (Internet) and LAN (local) ports. For each port, the screen displays: Status The link status of the port.
PAGE 67
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Viewing a List of Attached Devices The Attached Devices menu contains a table of all IP devices that the router has discovered on the local network. From the Main Menu of the browser interface, under the Maintenance heading, select Attached Devices to view the table, shown below. Figure 6-4: Attached Devices menu For each device, the table shows the IP address, NetBIOS Host Name (if available), and Ethernet MAC address.
PAGE 68
Reference Manual for the MR814 v3 Cable/DSL Wireless Router From the Main Menu of the browser interface, under the Maintenance heading, select the Settings Backup heading to bring up the menu shown below. Figure 6-5: Settings Backup menu Three options are available, and are described in the following sections. Restoring and Backing Up the Configuration The Restore and Backup options in the Settings Backup menu allow you to save and retrieve a file containing your router’s configuration settings.
PAGE 69
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Erasing the Configuration It is sometimes desirable to restore the router to a known blank condition. This can be done by using the Erase function, which will restore all factory settings. After an erase, the router's password will be password, the LAN IP address will be 192.168.0.1, and the router's DHCP client will be enabled. To erase the configuration, click the Erase button.
PAGE 70
Reference Manual for the MR814 v3 Cable/DSL Wireless Router From the Main Menu of the browser interface, under the Maintenance heading, select the Router Upgrade heading to display the menu shown below. Figure 6-6: Router Upgrade menu To upload new firmware: 1. Download and unzip the new software file from NETGEAR. 2. In the Router Upgrade menu, click the Browse button and browse to the location of the binary (.BIN) upgrade file 3. Click Upload.
PAGE 71
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The default password for the router’s Web Configuration Manager is password. Netgear recommends that you change this password to a more secure password. From the Main Menu of the browser interface, under the Maintenance heading, select Set Password to bring up the menu shown below. Figure 6-7: Set Password menu To change the password, first enter the old password, and then enter the new password twice. Click Apply.
PAGE 72
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 6-10 Maintenance 202-10039-01
PAGE 73
Chapter 7 Advanced Configuration of the Router This chapter describes how to configure the advanced features of your MR814 v3 Cable/DSL Wireless Router. These features can be found under the Advanced heading in the Main Menu of the browser interface. Configuring for Port Forwarding to Local Servers Although the router causes your entire local network to appear as a single machine to the Internet, you can make a local server (for example, a web server or game server) visible and available to the Internet.
PAGE 74
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Use the Port Forwarding menu to configure the router to forward incoming protocols to computers on your local network. In addition to servers for specific applications, you can also specify a Default DMZ Server to which all other incoming protocols are forwarded. The DMZ Server is configured in the Security Menu.
PAGE 75
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Editing or Deleting a Port Forwarding Entry To edit or delete a Port Forwarding entry, follow these steps. 1. In the table, select the button next to the service name. 2. Click Edit or Delete. Local Web and FTP Server Example If a local PC with a private IP address of 192.168.0.33 acts as a Web and FTP server, configure the Ports menu to forward HTTP (port 80) and FTP (port 21) to local address 192.168.0.
PAGE 76
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 4. Type the same port number in the End Port box that you typed in the Start Port box. 5. Type the IP address of the additional computer in the Server IP Address box. 6. Click Apply. Some online games and videoconferencing applications are incompatible with NAT. The MR814 v3 router is programmed to recognize some of these applications and to work properly with them, but there are other applications that may not function well.
PAGE 77
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The WAN Setup menu, shown below lets you configure a Default DMZ Server. Figure 7-2: WAN Setup menu. To assign a computer or server to be a Default DMZ server, follow these steps: Click WAN Setup link on the Advanced section of the main menu. Type the IP address for that server. To remove the default DMZ server, replace the IP address numbers with all zeros. 3. Click Apply. 1. 2.
PAGE 78
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Using the LAN IP Setup Options The second feature category under the Advanced heading is LAN IP Setup. This menu allows configuration of LAN IP services such as DHCP and RIP. From the Main Menu of the browser interface, under Advanced, click on LAN IP Setup to view the LAN IP Setup menu, shown below.
PAGE 79
Reference Manual for the MR814 v3 Cable/DSL Wireless Router These addresses are part of the IETF-designated private address range for use in private networks, and should be suitable in most applications. If your network has a requirement to use a different IP addressing scheme, you can make those changes in this menu. The LAN IP parameters are: • IP Address This is the LAN IP address of the router. • IP Subnet Mask This is the LAN Subnet Mask of the router.
PAGE 80
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Using the Router as a DHCP server By default, the router will function as a DHCP (Dynamic Host Configuration Protocol) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to the router's LAN. The assigned default gateway address is the LAN address of the router. IP addresses will be assigned to the attached PCs from a pool of addresses specified in this menu.
PAGE 81
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 2. In the IP Address box, type the IP address to assign to the PC or server. (choose an IP address from the router’s LAN subnet, such as 192.168.0.X) 3. Type the MAC Address of the PC or server. (Tip: If the PC is already present on your network, you can copy its MAC address from the Attached Devices menu and paste it here.) 4. Click Apply to enter the reserved address into the table.
PAGE 82
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 2. Select the Use a dynamic DNS service check box. 3. Select the name of your dynamic DNS Service Provider. 4. Type the Host Name (or domain name) that your dynamic DNS service provider gave you. 5. Type the User Name for your dynamic DNS account. 6. Type the Password (or key) for your dynamic DNS account. 7.
PAGE 83
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 1. Click the Add button to open the Add/Edit Menu, shown below. Figure 7-5. Static Route Entry and Edit Menu 2. Type a route name for this static route in the Route Name box under the table. (This is for identification purpose only.) 3. Select Private if you want to limit access to the LAN only. The static route will not be reported in RIP. 4. Select Active to make this route effective. 5.
PAGE 84
Reference Manual for the MR814 v3 Cable/DSL Wireless Router When you first configured your router, two implicit static routes were created. A default route was created with your ISP as the gateway, and a second static route was created to your local network for all 192.168.0.x addresses. With this configuration, if you attempt to access a device on the 134.177.0.0 network, your router will forward your request to the ISP.
PAGE 85
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 3. b. To allow access from a range of IP addresses on the Internet, select IP address range. Enter a beginning and ending IP address to define the allowed range. c. To allow access from a single IP address on the Internet, select Only this PC. Enter the IP address that will be allowed access. Specify the Port Number that will be used for accessing the management interface. Web browser access normally uses the standard HTTP service port 80.
PAGE 86
Reference Manual for the MR814 v3 Cable/DSL Wireless Router From the Main Menu of the browser interface, under Advanced, click on UPnP. Set up UPnP according to the guidelines below. Turn UPnP On: UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP is disabled. If disabled, the router will not allow any device to automatically control the resources, such as port forwarding (mapping), of the router.
PAGE 87
Chapter 8 Troubleshooting This chapter gives information about troubleshooting your MR814 v3 Cable/DSL Wireless Router. After each problem description, instructions are provided to help you diagnose and solve the problem. Basic Functioning After you turn on power to the router, the following sequence of events should occur: 1. When power is first applied, verify that the Power light 2. After approximately 10 seconds, verify that: is on. a. The power light is solid green. b.
PAGE 88
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Lights Never Turn Off When the router is turned on, the lights turns on for about 10 seconds and then turn off. If all the lights stay on, there is a fault within the router. If all lights are still on one minute after power up: • Cycle the power to see if the router recovers. • Clear the router’s configuration to factory defaults. This will set the router’s IP address to 192.168.0.1.
PAGE 89
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Troubleshooting the Web Configuration Interface If you are unable to access the router’s web Configuration interface from a computer on your local network, check the following: • Check the Ethernet connection between the computer and the router as described in the previous section. • Make sure your computer’s IP address is on the same subnet as the router.
PAGE 90
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Troubleshooting the ISP Connection If your router is unable to access the Internet, you should first determine whether the router is able to obtain a WAN IP address from the ISP. Unless you have been assigned a static IP address, your router must request an IP address from the ISP. You can determine whether the request was successful using the web Configuration Manager. To check the WAN IP address: 1.
PAGE 91
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Inform your ISP that you have bought a new network device, and ask them to use the router’s MAC address. OR Configure your router to spoof your computer’s MAC address. This can be done in the Basic Settings menu. Refer to “How to Bypass the Configuration Assistant” on page 3-12. If your router can obtain an IP address, but your computer is unable to load any web pages from the Internet: • Your computer may not recognize any DNS server addresses.
PAGE 92
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 3. Click on OK. You should see a message like this one: Pinging with 32 bytes of data If the path is working, you see this message: Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see this message: Request timed out If the path is not functioning correctly, you could have one of the following problems: • Wrong physical connections — Make sure the LAN port LED is on.
PAGE 93
Reference Manual for the MR814 v3 Cable/DSL Wireless Router — Check to see that the network address of your computer (the portion of the IP address specified by the netmask) is different from the network address of the remote device. — Check that your cable or DSL modem is connected and functioning. — If your ISP assigned a host name to your computer, enter that host name as the Account Name in the Basic Settings menu.
PAGE 94
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Problems with Date and Time The E-Mail menu in the Content Filtering section displays the current date and time of day. The MR814 v3 router uses the Network Time Protocol (NTP) to obtain the current time from one of several Network Time Servers on the Internet. Each entry in the log is stamped with the date and time of day. Problems with the date and time function can include: • Date shown is January 1, 2000.
PAGE 95
Appendix A Technical Specifications This appendix provides technical specifications for the MR814 v3 Cable/DSL Wireless Router.
PAGE 96
Reference Manual for the MR814 v3 Cable/DSL Wireless Router VCCI Class B EN 55 022 (CISPR 22), Class B Interface Specifications LAN: 10BASE-T or 100BASE-Tx, RJ-45 WAN: 10BASE-T, RJ-45 Wireless Radio Data Rate 1, 2, 5.5, 11Mbps Auto Rate Sensing Frequency 2.4-2.5Ghz Data Encoding: Direct Sequence Spread Spectrum (DSSS) 802.11b Operating Range @ 11 Mbps @ 5.
PAGE 97
Appendix B Network, Routing, Firewall, and Basics This chapter provides an overview of IP networks, routing, and networking. Related Publications As you read this document, you may be directed to various RFC documents for further information. An RFC is a Request For Comment (RFC) published by the Internet Engineering Task Force (IETF), an open organization that defines the architecture and operation of the Internet.
PAGE 98
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Routing Information Protocol One of the protocols used by a router to build and maintain a picture of the network is the Routing Information Protocol (RIP). Using RIP, routers periodically update one another and check for changes to add to the routing table. The MR814 v3 router supports both the older RIP-1 and the newer RIP-2 protocols. Among other improvements, RIP-2 supports subnet and multicast protocols.
PAGE 99
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Class A Network Node Class B Network Node Class C Network Node 7261 Figure B-1: Three Main Address Classes The five address classes are: • Class A Class A addresses can have up to 16,777,214 hosts on a single network. They use an eight-bit network number and a 24-bit node number. Class A addresses are in this range: 1.x.x.x to 126.x.x.x. • Class B Class B addresses can have up to 65,354 hosts on a network.
PAGE 100
Reference Manual for the MR814 v3 Cable/DSL Wireless Router This addressing structure allows IP addresses to uniquely identify each physical network and each node on each physical network. For each unique value of the network portion of the address, the base address of the range (host address of all zeros) is known as the network address and is not usually assigned to a host.
PAGE 101
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Subnet addressing allows us to split one IP network address into smaller multiple physical networks known as subnetworks. Some of the node numbers are used as a subnet number instead. A Class B address gives us 16 bits of node numbers translating to 64,000 nodes. Most organizations do not use 64,000 nodes, so there are free bits that can be reassigned. Subnet addressing makes use of those bits that are free, as shown below.
PAGE 102
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The following table lists the additional subnet mask bits in dotted-decimal notation. To use the table, write down the original class netmask and replace the 0 value octets with the dotted-decimal value of the additional subnet bits. For example, to partition your Class C network with subnet mask 255.255.255.0 into 16 subnets (4 bits), the new subnet mask becomes 255.255.255.240. Table 8-1.
PAGE 103
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • So that hosts recognize local IP broadcast packets When a device broadcasts to its segment neighbors, it uses a destination address of the local network address with all ones for the host address. In order for this scheme to work, all devices on the segment must agree on which bits comprise the host address.
PAGE 104
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The following figure illustrates a single IP address operation. Private IP addresses assigned by user IP addresses assigned by ISP 192.168.0.2 192.168.0.3 192.168.0.1 172.21.15.105 Internet 192.168.0.4 192.168.0.
PAGE 105
Reference Manual for the MR814 v3 Cable/DSL Wireless Router If a device sends data to another station on the network and the destination MAC address is not yet recorded, ARP is used. An ARP request is broadcast onto the network. All stations on the network receive and read the request. The destination IP address for the chosen station is included as part of the message so that only the station with this IP address responds to the ARP request. All other stations discard the request.
PAGE 106
Reference Manual for the MR814 v3 Cable/DSL Wireless Router IP Configuration by DHCP When an IP-based local area network is installed, each computer must be configured with an IP address. If the computers need to access the Internet, they should also be configured with a gateway address and one or more DNS server addresses. As an alternative to manual configuration, there is a method by which each computer on the network can automatically obtain this configuration information.
PAGE 107
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Stateful Packet Inspection Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to ensure secure firewall filtering to protect your network from attacks and intrusions. Since user-level applications such as FTP and web browsers can create complex patterns of network traffic, it is necessary for the firewall to analyze groups of network connection states.
PAGE 108
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Table B-1. UTP Ethernet cable wiring, straight-through Pin Wire color Signal 1 Orange/White Transmit (Tx) + 2 Orange Transmit (Tx) - 3 Green/White Receive (Rx) + 4 Blue 5 Blue/White 6 Green 7 Brown/White 8 Brown Receive (Rx) - Category 5 Cable Quality Category 5 distributed cable that meets ANSI/EIA/TIA-568-A building wiring standards can be a maximum of 328 feet (ft.
PAGE 109
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Inside Twisted Pair Cables For two devices to communicate, the transmitter of each device must be connected to the receiver of the other device. The crossover function is usually implemented internally as part of the circuitry in the device. Computers and workstation adapter cards are usually media-dependent interface ports, called MDI or uplink ports.
PAGE 110
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Figure B-6: Category 5 UTP Cable with Male RJ-45 Plug at Each End Note: Flat “silver satin” telephone cable may have the same RJ-45 plug. However, using telephone cable results in excessive collisions, causing the attached port to be partitioned or disconnected from the network.
PAGE 111
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The MR814 v3 router incorporates Auto UplinkTM technology (also called MDI/MDIX). Each LOCAL Ethernet port will automatically sense whether the Ethernet cable plugged into the port should have a normal connection (e.g. connecting to a computer) or an uplink connection (e.g. connecting to a router, switch, or hub). That port will then configure itself to the correct configuration.
PAGE 112
Reference Manual for the MR814 v3 Cable/DSL Wireless Router B-16 Network, Routing, Firewall, and Basics 202-10039-01
PAGE 113
Appendix C Preparing Your Network This appendix describes how to prepare your network to connect to the Internet through the MR814 v3 Cable/DSL Wireless Router and how to verify the readiness of broadband Internet service from an Internet service provider (ISP).
PAGE 114
Reference Manual for the MR814 v3 Cable/DSL Wireless Router For the initial setup of your router, you will need to connect a computer to the router. This computer has to be set to automatically get its TCP/IP configuration from the router via DHCP. Note: For help with DHCP configuration, please use the Windows TCP/IP Configuration Tutorials on the MR814 v3 Resource CD (2230-10095-01 ), or in this appendix.
PAGE 115
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Record Your Internet Connection Information Print this page. Fill in the configuration parameters from your Internet Service Provider (ISP). ISP Login Name: The login name and password are case sensitive and must be entered exactly as given by your ISP. Some ISPs use your full e-mail address as the login name. The Service Name is not required by all ISPs.
PAGE 116
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Most operating systems include the software components you need for networking with TCP/IP: • Windows® 95 or later includes the software components for establishing a TCP/IP network. • Windows 3.1 does not include a TCP/IP component. You need to purchase a third-party TCP/ IP application package such as NetManage Chameleon. • Macintosh Operating System 7 or later includes the software components for establishing a TCP/IP network.
PAGE 117
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The Network window opens, which displays a list of installed components: You must have an Ethernet adapter, the TCP/IP protocol, and Client for Microsoft Networks. Note: It is not necessary to remove any other network components shown in the Network window in order to install the adapter, TCP/IP, or Client for Microsoft Networks. If you need to install a new adapter, follow these steps: a. Click the Add button. b.
PAGE 118
Reference Manual for the MR814 v3 Cable/DSL Wireless Router d. Select TCP/IP, and then click OK. If you need Client for Microsoft Networks: 3. a. Click the Add button. b. Select Client, and then click Add. c. Select Microsoft. d. Select Client for Microsoft Networks, and then click OK. Restart your PC for the changes to take effect.
PAGE 119
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Locate your Network Neighborhood icon. • If the Network Neighborhood icon is on the Windows desktop, position your mouse pointer over it and right-click your mouse button. • If the icon is not on the desktop, • Click Start on the task bar located at the bottom left of the window. • Choose Settings, and then Control Panel. • Locate the Network Neighborhood icon and click on it. This will open the Network panel as shown below.
PAGE 120
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • By default, the IP Address tab is open on this window. • Verify the following: Obtain an IP address automatically is selected. If not selected, click in the radio button to the left of it to select it. This setting is required to enable the DHCP server to automatically assign an IP address. • Click OK to continue. Restart the PC. Repeat these steps for each PC with this version of Windows on your network.
PAGE 121
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 2. Type winipcfg, and then click OK. The IP Configuration window opens, which lists (among other things), your IP address, subnet mask, and default gateway. 3. From the drop-down box, select your Ethernet adapter. The window is updated to show your settings, which should match the values below if you are using the default TCP/IP settings that NETGEAR recommends for connecting through a router or gateway: • The IP address is between 192.168.0.
PAGE 122
Reference Manual for the MR814 v3 Cable/DSL Wireless Router DHCP Configuration of TCP/IP in Windows XP, 2000, or NT4 You will find there are many similarities in the procedures for different Windows systems when using DHCP to configure TCP/IP. The following steps will walk you through the configuration process for each of these versions of Windows. DHCP Configuration of TCP/IP in Windows XP Locate your Network Neighborhood icon. • Select Control Panel from the Windows XP new Start Menu.
PAGE 123
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • Now you should be at the Local Area Network Connection Status window. This box displays the connection status, duration, speed, and activity statistics. • Administrator logon access rights are needed to use this window. • Click the Properties button to view details about the connection. • The TCP/IP details are presented on the Support tab page. • Select Internet Protocol, and click Properties to view the configuration information.
PAGE 124
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • Verify that the Obtain an IP address automatically radio button is selected. • Verify that Obtain DNS server address automatically radio button is selected. • Click the OK button. This completes the DHCP configuration of TCP/ IP in Windows XP. Repeat these steps for each PC with this version of Windows on your network.
PAGE 125
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • Click on the My Network Places icon on the Windows desktop. This will bring up a window called Network and Dial-up Connections. • Right click on Local Area Connection and select Properties. • The Local Area Connection Properties dialog box appears. • Verify that you have the correct Ethernet card selected in the Connect using: box.
PAGE 126
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • With Internet Protocol (TCP/IP) selected, click on Properties to open the Internet Protocol (TCP/IP) Properties dialogue box. • Verify that • Obtain an IP address automatically is selected. • Obtain DNS server address automatically is selected. • Click OK to return to Local Area Connection Properties. • Click OK again to complete the configuration process for Windows 2000. Restart the PC.
PAGE 127
Reference Manual for the MR814 v3 Cable/DSL Wireless Router DHCP Configuration of TCP/IP in Windows NT4 Once you have installed the network card, you need to configure the TCP/IP environment for Windows NT 4.0. Follow this procedure to configure TCP/IP with DHCP in Windows NT 4.0. • Choose Settings from the Start Menu, and then select Control Panel. This will display Control Panel window. • Double-click the Network icon in the Control Panel window. The Network panel will display.
PAGE 128
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • Highlight the TCP/IP Protocol in the Network Protocols box, and click on the Properties button.
PAGE 129
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • The TCP/IP Properties dialog box now displays. • Click the IP Address tab. • Select the radio button marked Obtain an IP address from a DHCP server. • Click OK. This completes the configuration of TCP/IP in Windows NT. Restart the PC. Repeat these steps for each PC with this version of Windows on your network. Verifying TCP/IP Properties for Windows XP, 2000, and NT4 To check your PC’s TCP/IP configuration: 1.
PAGE 130
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • 4. The default gateway is 192.168.0.1 Type exit Configuring the Macintosh for TCP/IP Networking Beginning with Macintosh Operating System 7, TCP/IP is already installed on the Macintosh. On each networked Macintosh, you will need to configure TCP/IP to use DHCP. MacOS 8.6 or 9.x 1. From the Apple menu, select Control Panels, then TCP/IP. The TCP/IP Control Panel opens: 2.
PAGE 131
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 2. If not already selected, select Built-in Ethernet in the Configure list. 3. If not already selected, Select Using DHCP in the TCP/IP tab. 4. Click Save. Verifying TCP/IP Properties for Macintosh Computers After your Macintosh is configured and has rebooted, you can check the TCP/IP configuration by returning to the TCP/IP Control Panel. From the Apple menu, select Control Panels, then TCP/IP.
PAGE 132
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Verifying the Readiness of Your Internet Account For broadband access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using a cable modem or DSL modem. This modem must be a separate physical box (not a card) and must provide an Ethernet port intended for connection to a Network Interface Card (NIC) in a computer. Your firewall does not support a USB-connected broadband modem.
PAGE 133
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • An IP address and subnet mask • A gateway IP address, which is the address of the ISP’s router • One or more domain name server (DNS) IP addresses • Host name and domain suffix For example, your account’s full server names may look like this: mail.xxx.yyy.com In this example, the domain suffix is xxx.yyy.com. If any of these items are dynamically supplied by the ISP, your firewall automatically acquires them.
PAGE 134
Reference Manual for the MR814 v3 Cable/DSL Wireless Router If an IP address appears under Installed Gateways, write down the address. This is the ISP’s gateway address. Select the address and then click Remove to remove the gateway address. 6. Select the DNS Configuration tab. If any DNS server addresses are shown, write down the addresses. If any information appears in the Host or Domain information box, write it down. Click Disable DNS. 7.
PAGE 135
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Restarting the Network Once you’ve set up your computers to work with the firewall, you must reset the network for the devices to be able to communicate correctly. Restart any computer that is connected to the firewall. After configuring all of your computers for TCP/IP networking and restarting them, and connecting them to the local network of your MR814 v3 router, you are ready to access and configure the firewall.
PAGE 136
Reference Manual for the MR814 v3 Cable/DSL Wireless Router C-24 Preparing Your Network 202-10039-01
PAGE 137
Appendix D Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The MR814 v3 router conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.11b standard for wireless LANs (WLANs). On an 802.11b wireless link, data is encoded using direct-sequence spread-spectrum (DSSS) technology and is transmitted in the unlicensed radio spectrum at 2.5GHz.
PAGE 138
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Ad Hoc Mode (Peer-to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can generally communicate with any other node. There is no Access Point involved in this configuration.
PAGE 139
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The radio frequency channels used are listed in Table 8-3: Table 8-3. 802.11 Radio Frequency Channels Channel Center Frequency Frequency Spread 1 2412 MHz 2399.5 MHz - 2424.5 MHz 2 2417 MHz 2404.5 MHz - 2429.5 MHz 3 2422 MHz 2409.5 MHz - 2434.5 MHz 4 2427 MHz 2414.5 MHz - 2439.5 MHz 5 2432 MHz 2419.5 MHz - 2444.5 MHz 6 2437 MHz 2424.5 MHz - 2449.5 MHz 7 2442 MHz 2429.5 MHz - 2454.5 MHz 8 2447 MHz 2434.5 MHz - 2459.
PAGE 140
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Authentication and WEP The absence of a physical connection between nodes makes the wireless links vulnerable to eavesdropping and information theft. To provide a certain level of security, the IEEE 802.11 standard has defined two types of authentication methods, Open System and Shared Key. With Open System authentication, a wireless PC can join any network and receive any messages that are not encrypted.
PAGE 141
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • Shared Key Authentication requires that the station and the access point have the same WEP Key to authenticate. These two authentication procedures are described below. Open System Authentication The following steps occur when two devices use Open System Authentication: 1. The station sends an authentication request to the access point. 2. The access point authenticates the station. 3.
PAGE 142
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 5. The station connects to the network. If the decrypted text does not match the original challenge text (i.e., the access point and station do not share the same WEP Key), then the access point will refuse to authenticate the station and the station will be unable to communicate with either the 802.11b network or Ethernet network. This process is illustrated in below. 802.
PAGE 143
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 3. Use WEP for Authentication and Encryption: A transmitting 802.11b device encrypts the data portion of every packet it sends using a configured WEP Key. The receiving 802.11b device decrypts the data using the same WEP Key. For authentication purposes, the 802.11b network uses Shared Key Authentication. Note: Some 802.11b access points also support Use WEP for Authentication Only (Shared Key Authentication without data encryption).
PAGE 144
Reference Manual for the MR814 v3 Cable/DSL Wireless Router WEP Configuration Options The WEP settings must match on all 802.11b devices that are within the same wireless network as identified by the SSID. In general, if your mobile clients will roam between access points, then all of the 802.11b access points and all of the 802.11b client adapters on the network must have the same WEP settings.
PAGE 145
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected Access products. Starting August of 2003, all new Wi-Fi certified products will have to support WPA. NETGEAR will implement WPA on client and access point products and make this available in the second half of 2003. Existing Wi-Fi certified products will have one year to add WPA support or they will loose their Wi-Fi certification. The 802.
PAGE 146
Reference Manual for the MR814 v3 Cable/DSL Wireless Router How Does WPA Compare to IEEE 802.11i? WPA will be forward compatible with the IEEE 802.11i security specification currently under development. WPA is a subset of the current 802.11i draft and uses certain pieces of the 802.11i draft that are ready to bring to market today, such as 802.1x and TKIP. The main pieces of the 802.11i draft that are not included in WPA are secure IBSS (Ad-Hoc mode), secure fast handoff (for specialized 802.
PAGE 147
Reference Manual for the MR814 v3 Cable/DSL Wireless Router The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared key is an authentication method that uses a statically configured pass phrase on both the stations and the access point. This obviates the need for an authentication server, which in many home and small office environments will not be available nor desirable.
PAGE 148
Reference Manual for the MR814 v3 Cable/DSL Wireless Router WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS Wireless LAN WPA enabled wireless client with “supplicant” WPA enabled Access Point using pre-shared key or 802.1x Wired Network with Optional 802.
PAGE 149
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Client with a WPAenabled wireless adapter and supplicant (Win XP, Funk, Meetinghouse, etc.) For example, a RADIUS server For example, a WPA-enabled AP 1 2 3 4 6 5 7 Figure D-2: 802.1x Authentication Sequence The AP sends Beacon Frames with WPA information element to the stations in the service set. Information elements include the required authentication method (802.1x or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES).
PAGE 150
Reference Manual for the MR814 v3 Cable/DSL Wireless Router 3. The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (e.g., RADIUS). 4.
PAGE 151
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Temporal Key Integrity Protocol (TKIP) WPA uses TKIP to provide important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. TKIP also provides for the following: • • • The verification of the security configuration after the encryption keys are determined.
PAGE 152
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Is WPA Perfect? WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the Message Integrity Code (MIC) check within 60 seconds of each other then the network is under an active attack, and as a result, the access point employs counter measures, which includes disassociating each station using the access point.
PAGE 153
Reference Manual for the MR814 v3 Cable/DSL Wireless Router • • • • • The new WPA information element To advertise their support of WPA, wireless APs send the beacon frame with a new 802.11 WPA information element that contains the wireless AP's security configuration (encryption algorithms and wireless security configuration information). The WPA two-phase authentication Open system, then 802.1x (EAP with RADIUS or preshared key).
PAGE 154
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Changes to Wireless Client Programs Wireless client programs must be updated to permit the configuration of WPA authentication (and preshared key) and the new WPA encryption algorithms (TKIP and the optional AES component). To obtain the Microsoft WPA client program, visit the following Microsoft Web site.
PAGE 155
Glossary 10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring. 100BASE-Tx IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring. 802.11b IEEE specification for wireless networking at 11 Mbps using direct-sequence spread-spectrum (DSSS) technology and operating in the unlicensed radio spectrum at 2.5GHz. Denial of Service attack DoS. A hacker attack designed to prevent your computer or network from operating or communicating.
PAGE 156
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Internet Protocol The main internetworking protocol used in the Internet. Used in conjunction with the Transfer Control Protocol (TCP) to form TCP/IP. LAN See local area network. local area network LAN. A communications network serving users within a limited area, such as one floor of a building. A LAN typically connects multiple personal computers and shared network devices such as storage and printers.
PAGE 157
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Point-to-Point Protocol PPP. A protocol allowing a computer using TCP/IP to connect directly to the Internet. RFC Request For Comment. Refers to documents published by the Internet Engineering Task Force (IETF) proposing standard protocols and procedures for the Internet. RFCs can be found at www.ietf.org. RIP See Routing Information Protocol. router A device that forwards data between networks.
PAGE 158
Reference Manual for the MR814 v3 Cable/DSL Wireless Router Glossary 4 202-10039-01
PAGE 159
Index Numerics D 802.
PAGE 160
front panel 2-6, 2-7 log sending 5-7 fully qualified domain name (FQDN) 4-6 log entries 5-6 Flash memory, for firmware upgrade 2-1 Logout 3-11, 3-12 G gateway address C-22 H Half Life 7-3 host name 3-14 M MAC address 8-7, B-8 spoofing 3-14, 8-5 Macintosh C-21 configuring for IP networking C-18 DHCP Client ID C-18 Obtaining ISP Configuration Information C-22 I masquerading C-20 IANA contacting B-2 MDI/MDI-X wiring B-14 MDI/MDI-X B-15 IETF B-1 Web site address B-7 metric 7-11 infrastructure mo
PAGE 161
port filtering 5-3 Secondary DNS Server 3-14 Port Forwarding 7-1 security 2-1, 2-3 port forwarding behind NAT B-8 service numbers 5-4 Port Forwarding Menu 7-1 Setup Wizard 3-1 port numbers 5-3 Shared Key authentication D-4 PPP over Ethernet 2-4, C-20 SMTP 5-8 PPPoE 2-4, C-20 spoof MAC address 8-5 Primary DNS Server 3-14 SSID 2-8, 4-4, 4-9, D-2 protocols Address Resolution B-8 DHCP 2-4, B-10 Routing Information 2-3, B-2 support 2-1 Start Port 7-2 publications, related B-1 subnet addressing
PAGE 162
WinPOET C-20 Wired Equivalent Privacy.