Linksys BEFVP41 User Manual
  1. Manuals
  2. Brands
  3. Linksys Manuals
  4. Network Router
  5. BEFVP41 - EtherFast Cable/DSL VPN Router
  6. User manual
Linksys BEFVP41 User Manual

Linksys BEFVP41 User Manual

Instant broadband series etherfast cable/dsl vpn router with 4-port 10/100 switch
Hide thumbs Also See for BEFVP41:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Product Data
Enlarged version
Instant Broadband™ Series
®
EtherFast
Cable/DSL
VPN Router with
4-Port 10/100 Switch
Use this guide to install: BEFVP41
User Guide

Advertisement

Table of Contents
loading

Related Manuals for Linksys BEFVP41

Summary of Contents for Linksys BEFVP41

  • Page 1 Instant Broadband™ Series ® EtherFast Cable/DSL VPN Router with 4-Port 10/100 Switch Use this guide to install: BEFVP41 User Guide...
  • Page 2 Linksys reserves the right to revise or update its products, software, or documentation without obligation to notify any individ- ual or entity.

  • Page 3: Table Of Contents

    Appendix A: Troubleshooting Common Problems and Solutions Frequently Asked Questions Appendix B: Maximizing VPN Security Appendix C: Configuring IPSec between a Windows 2000 or XP PC and a Linksys Cable/DSL VPN Router Introduction Environment Step One: Create an IPSec Policy...

  • Page 4: Chapter 1: Introduction

    ® ® Cable/DSL VPN Router with 4-Port 10/100 ® Cable/DSL VPN Router from Linksys is the perfect solution for ® Cable/DSL VPN Router also boasts an impressive array of fea- ® Cable/DSL VPN Router the perfect solution for your broadband...

  • Page 5: Chapter 2: Your Virtual Private Network (Vpn)

    A VPN, or Virtual Private Network, is a connection between two endpoints - a VPN Router, for instance - in different networks that allows private data to be sent securely over a shared or public network, such as the Internet. This estab- lishes a private network that can send data securely between these two locations or networks.
  • Page 6 For additional information and instructions about creating your own VPN, please visit Linksys’s website at www.linksys.com or refer to “Appendix C: Configuring IPSec between a Windows 2000 or XP PC and the VPN Router.”...

  • Page 7: Chapter 3: Getting To Know The Etherfast

    Cable/DSL VPN Router with 4-Port 10/100 Switch The Cable/DSL VPN Router’s Rear Panel The rear panel of the VPN Router, shown in Figure 3-1, is where all of the Router’s connections are made. Figure 3-1 The WAN (Wide Area Network) Port is where you will connect your Cable or DSL modem.

  • Page 8: Cable/Dsl Vpn Router With 4-Port 10/100 Switch

    Server PCs, or printers. If you are using the VPN Router to share your cable or DSL Internet connection, contact your ISP to see if they have assigned your home a static IP address.

  • Page 9: Connecting Everything Together & Booting Up

    6. Turn on the cable or DSL modem. Figure 4-1 7. Press the Reset button on the Router’s front panel with a paper clip or a pen- cil. Hold the button in until the Diag LED lights up and then turns off. This will restore the Router’s factory default settings.

  • Page 10: Chapter 5: Configuring Your Network

    6. Windows will ask you to restart the PC. Click the Yes button. Repeat these steps for each PC on your network. When all of your PCs are configured, proceed to the next page, “Configuring the Cable/DSL Cable/DSL VPN Router with 4-Port 10/100 Switch ® Figure 5-2...

  • Page 11: Configuring The Cable/Dsl Vpn Router

    Figure 5-4.) Click the OK button. If the screen does not appear, make sure your network adapter is working properly, the network cable is connected, and the Link LED is lit up on the Router. Restart the computer to obtain an IP address automatically.
  • Page 12 ® Figure 5-6 Figure 5-7 EtherFast Cable/DSL VPN Router with 4-Port 10/100 Switch ® D. Click the Apply and Continue buttons to save the settings, or click the Cancel button to clear the settings and start over. E. When you are finished, click the Status tab, and then click the Connect button to start the connection.

  • Page 13: Chapter 6: The Cable/Dsl Vpn Router's Web-Based Utility

    7. Restart your computers so that they can obtain the Router’s new settings. If you need advanced setting information, please refer to “Chapter 6: The Cable/DSL VPN Router’s Web-based Utility” or the Linksys support web- site at support.linksys.com. Congratulations! You’ve suc- cessfully configured the Router.

  • Page 14: Setup

    EtherFast ® DHCP As shown in Figure 6-3, this is the Router’s default setting. Tt should only be used if your ISP supports DHCP. Static IP If you are required to use a permanent IP address, then enable Static IP, as shown in Figure 6-4.
  • Page 15 Figure 6-5. User Name and Password Enter your ISP’s User Name and Password. Connect on Demand and Max Idle Time You can configure the Router to cut your connection with your ISP after a specified period of time (Max Idle Time).

  • Page 16: Vpn

    IP Address you need to specify here. Figure 6-7 Subnet Mask This is the Router’s Subnet Mask, as seen by external users on the Internet (including your ISP). Your ISP will provide you with the Subnet Mask. Default Gateway Address Your ISP will provide you with the Default Gateway Address.
  • Page 17 ® Cable/DSL VPN Router with 4-Port 10/100 Switch Note: It is possible to set up the VPN Router using any combination of the three settings under Local Secure Group and the five settings under Remote Secure Group. For instance, when Subnet is chosen on the local end of the tunnel, Subnet does not have to be chosen at the remote end.
  • Page 18 VPN device. Make sure that you have entered the IP Address correctly, or the connection cannot be made. Remember, this is NOT the IP Address of the local VPN Router, but the IP Address of the remote VPN Router or device with which you wish to communicate.
  • Page 19 Figure 6-16, the VPN device at the other end of the tunnel will accept a request from any IP address. The remote VPN device can be another VPN Router, a VPN Server, or a computer with VPN client software that sup- ports IPSec. If the remote user has an unknown or dynamic IP address (such as a professional on the road or a telecommuter using DHCP or PPPoE), then Any should be selected.
  • Page 20 If, for any reason, you experience a temporary disconnection, the connection will be re-established as long as the settings on both ends of the tunnel stay the same. ® Cable/DSL VPN Router with 4-Port 10/100 Switch Figure 6-20...
  • Page 21 Aggressive mode. Main mode is recommended because it is more secure. No matter which mode is selected, the VPN Router will accept both Main and Aggressive requests from the remote VPN device. Encryption Select the length of the key used to encrypt/decrypt ESP packets.

  • Page 22: Password

    SNMP Community names, and restore default settings on the Router. Router Password You should set a password for the Router, unique for you but that you will remember. When you first power up the Router, the default Password setting is admin.

  • Page 23: Status

    ISP. Click Disconnect if you want to cut your connection to your ISP. LAN These fields display the Router’s current IP Address and Subnet Mask, as seen by users on your internal network, as well as the status of the Router’s DHCP server function. This option is either enabled or disabled.

  • Page 24: Dhcp

    DHCP Figure 6-25 From the DHCP screen, shown in Figure 6-25, you can configure the Router as a DHCP Server. A DHCP (Dynamic Host Configuration Protocol) Server automatically assigns IP addresses to each computer on your network. Unless you already have one, you should set up the Router as a DHCP server.

  • Page 25: Log

    Clicking on any of the topics in the bar on the left will give you help informa- tion about that topic. Clicking on the Linksys Website link in the center area will take you to Linksys’s website, provided you are connected to the Internet. If the link does not take you to the Linksys website, you may alternately type www.linksys.com...
  • Page 26 To upgrade the Router’s firmware: 1. Download the latest firmware version from the Linksys website (www.linksys.com). 2. Go to the Help screen. 3. Click Upgrade Firmware. The page shown in Figure 6-28 will appear. Figure 6-28 5. Click the Browse button to find the firmware upgrade file that you down- loaded from the Linksys website.

  • Page 27: Filters

    Click the Apply button and then the Continue button to save your changes. Using Multicast Pass Through This feature allows for multiple transmissions to specific recipients at the same time. Select Enable to support the feature, or Disable to keep the Router from multicasting. Cable/DSL VPN Router with 4-Port 10/100 Switch ®...

  • Page 28: Forwarding

    From the Forwarding tab, shown in Figure 6-31, you can set up public services on your network, such as web servers, ftp servers, or e-mail servers. When users send this type of request to your network via the Internet, the Router will forward those requests to the appropriate PC. Before using Forwarding, you...

  • Page 29: Dynamic Routing

    The IP address of the comput- er that sends the matching data is remembered by the Router, so that when the requested data returns through the firewall, the data is pulled back to the prop- er computer by way of IP address and port mapping rules.

  • Page 30: Static Routing

    Static Routing Figure 6-34 If the Router is connected to more than one network, it may be necessary to set up a static route between them. This can be done from the Static Routing screen, shown in Figure 6-34. A static route is a pre-determined pathway that network information must travel to reach a specific host or network.

  • Page 31: Dmz Host

    From the MAC Address Clone screen, shown in Figure 6-36, you can change the Router’s WAN Mac Address. The Router’s MAC address is a 12-digit code assigned to a unique piece of hardware for identification, like a social security number. Some ISPs require that you register the MAC address of your network card/adapter, which was connected to your cable or DSL modem during installation.

  • Page 32: Appendix A: Troubleshooting

    Router. If your situation is described here, the problem should be solved by applying the corresponding solution. If you can’t find an answer here, check the Linksys website at www.linksys.com. 1. I need to set a static IP address on a PC.
  • Page 33 E. Select the use the following IP address radio button. Enter a unique IP address that is not used by any other computer on the network connected to the Router. You can only use an IP address in the ranges 192.168.1.2 to 192.168.1.99 and 192.168.1.151 to 192.168.1.254.
  • Page 34 F. Turn off the computer, Router, and cable/DSL modem. Wait 30 seconds, and then turn on the Router, cable/DSL modem, and computer. Check the Status tab of the Router’s Web-based Utility to see if you get an IP address. 4. I am not able to access the Web-based Utility’s Setup page.
  • Page 35 Internet application. This would require you to set up the Router to deliver incoming packets or data to a specific com- puter. This also applies to the Internet applications you are using. The best way to get the information on what port services to use is to go to the website of the online game or application you want to use.
  • Page 36 In order to upgrade the firmware with the latest features, you need to go to the Linksys website and download the latest firmware at www.linksys.com. Follow these steps: A. Go to the Linksys website at http://www.linksys.com and download the latest firmware. B. To upgrade the firmware, follow the steps in the Help section found in “Chapter 6: The Cable/DSL VPN Router’s Web-based Utility.”...
  • Page 37 This may not always work, so you may need to re-establish connec- tion periodically. A. To connect to the Router, go to the Web-based Utility, as shown in “Chapter 6: The Cable/DSL VPN Router’s Web-based Utility” B. Enter the password, if asked. (The default password is admin.) C.

  • Page 38: Frequently Asked Questions

    SNMP software. MIB data files will be available on the Linksys web site: www.linksys.com. Can I use firmware for other routers with the BEFVP41? No. If you attempt to use other router's firmware, you could damage the Router. Only use firmware specifically written for the BEFVP41 as posted on the Linksys web site: www.linksys.com.
  • Page 39 ISP. Does the Router support any operating system other than Windows 95, Windows 98, Windows 2000, Windows NT, or Windows XP? Yes, but Linksys does not, at this time, provide technical support for setup, configuration or troubleshoot- ing of any non-Windows operating systems.
  • Page 40 How do I get mIRC to work with the Router? Under the Port Range Forwarding tab, set port forwarding to 113 for the PC on which you are using mIRC. If your questions are not addressed here, refer to the Linksys website, Cable/DSL VPN Router with 4-Port 10/100 Switch ®...

  • Page 41: Appendix B: Maximizing Vpn Security

    Series EtherFast ® As secure as the VPN Router makes your data, there are still more ways to max- imize security. The following are a few suggestions on how to increase data security beyond the VPN Router. 1) Maximize security on your other networks. Install firewall routers for your Internet connections, and use the most up-to-date security measures for wireless networking.

  • Page 42: Appendix C: Configuring Ipsec Between A

    Introduction This document demonstrates how to establish a secure IPSec tunnel using pre- shared keys to join a private network inside the VPN Router and a Windows 2000 or XP PC. You can find detailed information on configuring the Windows...

  • Page 43: Step Two: Build Filter Lists

    4. The Filters Properties Figure C-3 Cable/DSL VPN Router with 4-Port 10/100 Switch ® appropriate name, such as win->router, for the filter list, and de-select the Use Add Wizard check box. Then, click the Add button. Figure C-4 screen will appear, as shown in Figure C-5.
  • Page 44 Windows 2000) button on the IP Filter List window. Filter List 2: router=>win 7. The New Rule Properties screen will appear, as shown in Figure C-6. Select the IP Filter List tab, and make sure that win -> router is highlighted. Then, click the Add button. Figure C-6...

  • Page 45: Step Three: Configure Individual Tunnel Rules

    IP Filer List tab selected, as shown in Figure C-9. There should now be a listing for “router -> win” and “win -> router”. Click the OK (for WinXP) or Close (for Win2000) button on the IP Filter List window.
  • Page 46 EtherFast ® 5. Change the authentica- Figure C-12 6. This new Preshared Figure C-13 Cable/DSL VPN Router with 4-Port 10/100 Switch ® tion method to Use this string to protect the key exchange (pre- shared key), as shown in Figure C-14, and...
  • Page 47 ® Tunnel 2: router->win 9. In the new policy’s Figure C-16 10. Go to the IP Filter List Figure C-17 Cable/DSL VPN Router with 4-Port 10/100 Switch ® properties screen, shown in Figure C-18, make sure that “win -> router” is select and deselect the Use Add Wizard check box.
  • Page 48 Series EtherFast ® 13. Change the authenti- Figure C-20 14. This new Preshared Figure C-21 Cable/DSL VPN Router with 4-Port 10/100 Switch ® cation method to Use this string to protect the key exchange (preshared key), and enter the preshared...

  • Page 49: Step Four: Assign New Ipsec Policy

    2000) button to finish. Instant Broadband Series ® Figure C-24 Figure C-25 EtherFast Cable/DSL VPN Router with 4-Port 10/100 Switch ® 17. From the Rules tab, shown in Figure C- 26, click the OK button to return to the secpol screen.

  • Page 50: Step Five: Create A Tunnel Through The Web-Based Utility

    Step Five: Create a Tunnel Through the Web-Based Utility Note: Further details on this step can be found in the VPN Tab section in “Chapter 6: The Cable/DSL VPN Router’s Web-Based Utility”. 1. Open your web browser, and enter 192.168.1.1 in the Address field. Press the Enter key.

  • Page 51: Appendix D: Snmp Functions

    IP addresses, which are the true addresses on the Internet. For example, www.linksys.com is actually 206.135.116.3. Type it into your web browser and you will wind up at the Linksys home page every time. IP and web addresses, however, can sometimes be long and hard to remember.
  • Page 52 3. Replace your ISP’s abbreviated server address with this extended web address in the corresponding Internet application (web browser, e-mail application, etc.). Once you have replaced the brief server address with the true server address, the Router should have no problem accessing the Internet through that Internet application.

  • Page 53: Appendix F: Installing The Tcp/Ip Protocol

    8. Click OK. Windows may ask for original Windows installation files. Supply them as needed (e.g.: c:\windows\options\cabs., D:\win98, D:\win95, D:\win9x, etc.) 9. Windows will ask you to restart the PC. Click Yes. Cable/DSL VPN Router with 4-Port 10/100 Switch ® Figure F-2 Figure F-3...

  • Page 54: Appendix G: Finding The Mac Address And Ip Address For Your Ethernet Adapter

    This section describes how to find the MAC address for your Ethernet adapter to do either MAC Filtering or MAC Address Cloning for the Router and ISP. You can also find the IP address of your computer’s Ethernet adapter. The IP address is used for filtering, forwarding, and DMZ.
  • Page 55 Series EtherFast ® When entering the information using the Router’s Web-based Utility, you will type the 12-digit MAC address in this format, XXXXXXXXXXXX without the hyphens for MAC Filtering. See Figure G-6. When entering information for MAC Address Cloning, type the 12-digit MAC address (see Figure G-7).

  • Page 56: Appendix H: Glossary

    Linksys DES encryption uses a 56-bit key. DHCP (Dynamic Host Configuration Protocol) - A protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
  • Page 57 IP addresses. Dynamic Routing - The ability for a router to forward data via a different route based on the current conditions of the communications circuits. For example, it can adjust for overloaded traffic or failing lines and is much more flexible than static routing, which uses a fixed forwarding path.
  • Page 58 - mIRC runs under Windows and provides a graphical interface for log- ging onto IRC servers and listing, joining and leaving channels. Multicasting - Sending data to a group of nodes instead of a single destination. Cable/DSL VPN Router with 4-Port 10/100 Switch ®...
  • Page 59 Port - A pathway into and out of the computer or a network device such as a switch or router. For example, the serial and parallel ports on a personal com- puter are external sockets for plugging in communications lines, modems and printers.
  • Page 60 Data is passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc.) to the workstation console used to oversee the net- work. The agents return information contained in a MIB (Management Information Base), which is a data structure that defines what is obtainable from the device and what can be controlled (turned off, on, etc.).

  • Page 61: Appendix I: Specifications

    Tunneling Protocol), L2TP (Layer 2 Tunneling Protocol), and IPSec (Internet Protocol Security). VPN endpoint - VPN end point capability within a router provides the ability to initiate a VPN tunnel to some other location that supports either a VPN client or has VPN end point capability.

  • Page 62: Appendix J: Warranty Information

    Instant Broadband Series EtherFast ® Appendix K: Contact Information For help with the installation or operation of this product, contact Linksys Technical Support at one of the phone numbers or Internet addresses below. Sales Information Technical Support RMA Issues Email...
  • Page 63 © Copyright 2003 Linksys, All Rights Reserved.

Table of Contents