Page 1 Wireless-G 802.11g VPN Router with RangeBooster User Guide WIRELESS WRV200 Model No.
Page 2 Wireless-G VPN Router with RangeBooster Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2006 Cisco Systems, Inc. All rights reserved.
Page 3: Table Of Contents
Wireless-G VPN Router with RangeBooster Table of Contents Chapter 1: Introduction Welcome What’s in this Guide? Chapter 2: Planning Your Wireless Network Network Topology Ad-Hoc versus Infrastructure Mode Network Layout Chapter 3: Planning Your Virtual Private Network (VPN) Why do I need a VPN? What is a VPN? Chapter 4: Getting to Know the Wireless-G VPN Router The Back Panel...
Page 4 Appendix A: Troubleshooting Common Problems and Solutions Frequently Asked Questions Appendix B: Wireless Security Security Precautions Security Threats Facing Wireless Networks Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP Overview Before You Begin Using the Linksys QuickVPN Software...
Page 5 Wireless-G VPN Router with RangeBooster Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router Introduction Environment How to Establish a Secure IPSec Tunnel Appendix E: Configuring a Gateway-to-Gateway IPSec Tunnel Overview Before You Begin Configuring the VPN Settings for the VPN Routers Configuring the Key Management Settings Configuring PC 1 and PC 2 Appendix F: Finding the MAC Address and IP Address for your Ethernet Adapter 100...
Page 6 Wireless-G VPN Router with RangeBooster List of Figures Figure 2-1: Network Diagram Figure 3-1: VPN Router to VPN Router Figure 3-2: Computer to VPN Router Figure 4-1: Back Panel Figure 4-2: Front Panel Figure 5-1: Connect to LAN Ports Figure 5-2: Connect to Internet Port Figure 5-3: Connect to Power Port Figure 5-4: Connect to Internet Port Figure 5-5: Connect to Power Port...
Page 7 Wireless-G VPN Router with RangeBooster Figure 6-21: Wireless Security - RADIUS Figure 6-22: Wireless Security - WEP Figure 6-23: Wireless Tab - Wireless Network Access Figure 6-24: Networked Computers Figure 6-25: The Wireless Tab - Advanced Wireless Settings Figure 6-26: Wireless Tab - WDS Figure 6-27: The Firewall Tab - General Figure 6-28: The Firewall Tab - Port Forwarding Figure 6-29: The Firewall Tab - Port Triggering...
Page 8 Wireless-G VPN Router with RangeBooster Figure 6-54: The Administration Tab - Firmware Upgrade Figure 6-55: The Administration Tab - Reboot Figure 6-56: The Status Tab - Router Figure 6-57: The Status Tab - Local Network Figure 6-58: DHCP Active IP Table Figure 6-59: The Status Tab - Wireless Figure 6-60: The Status Tab - System Performance Figure 6-61: The Status Tab - VPN Clients...
Page 9 Wireless-G VPN Router with RangeBooster Figure D-14: Preshared Key Figure D-15: New Preshared Key Figure D-16: Tunnel Setting Tab Figure D-17: Connection Type Tab Figure D-18: Properties Screen Figure D-19: IP Filter List Tab Figure D-20: Filter Action Tab Figure D-21: Authentication Methods Tab Figure D-22: Preshared Key Figure D-23: New Preshared Key Figure D-24: Tunnel Setting Tab...
Page 10 Wireless-G VPN Router with RangeBooster...
Page 11: Chapter 1: Introduction
Chapter 1: Introduction Welcome Thank you for choosing the Linksys Wireless-G VPN Router with RangeBooster. The Wireless-G VPN Router will allow you to network wirelessly better than ever, sharing Internet access, files and fun, easily and securely. How does the Wireless-G VPN Router do all of this? A router is a device that allows access to an Internet connection over a network.
Page 12: What's In This Guide
This appendix explains the risks of wireless networking and some solutions to reduce the risks. • Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP This appendix instructs you on how to use the Linksys QuickVPN software if you are using a Windows 2000 or XP PC.
Page 13 • Appendix M: Regulatory Information This appendix supplies the regulatory information regarding the Router. • Appendix N: Contact Information This appendix provides contact information for a variety of Linksys resources, including Technical Support. Chapter 1: Introduction What’s in this Guide?
Page 14: Chapter 2: Planning Your Wireless Network
Infrastructure mode. The basis of Infrastructure mode centers around an access point or wireless router, such as the Wireless-G VPN Router, which serves as the main point of communications in a wireless network. The Router transmits data to PCs equipped with wireless network adapters, which can roam within a certain radial range of the Router.
Page 15: Figure 2-1: Network Diagram
When you wish to connect your wireless network with your wired network, you can use the Router’s three LAN ports. To add more ports, any of the Router's LAN ports can be connected to any of Linksys's switches (such as the EZXS55W or EZXS88W).
Page 16: Chapter 3: Planning Your Virtual Private Network (Vpn)
Wireless-G VPN Router with RangeBooster Chapter 3: Planning Your Virtual Private Network (VPN) Why do I need a VPN? Computer networking provides a flexibility not available when using an archaic, paper-based system. With this flexibility, however, comes an increased risk in security. This is why firewalls were first introduced. Firewalls help to protect data inside of a local network.
Page 17: What Is A Vpn
The VPN Router creates a “tunnel” or channel between two endpoints, so that data transmissions between them are secure. A computer with the Linksys VPN client software can be one of the two endpoints (refer to “Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP”). If you choose not to run the VPN client software, any computer with the built-in IPSec Security Manager (Microsoft 2000 and XP) allows the VPN Router to create a VPN tunnel using IPSec (refer to “Appendix D: Configuring IPSec between a Windows 2000 or XP PC...
Page 18: Figure 3-1: Vpn Router To Vpn Router
ISP. Her notebook computer has the Linksys VPN client software, which is configured with her office's IP address. She accesses the Linksys VPN client software and connects to the VPN Router at the central office. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the businesswoman now has a secure Figure 3-1: VPN Router to VPN Router connection to the central office's network, as if she were physically connected.
Page 19: Chapter 4: Getting To Know The Wireless-G Vpn Router
Wireless-G VPN Router with RangeBooster Chapter 4: Getting to Know the Wireless-G VPN Router The Back Panel The Router’s ports, where a network cable is connected, are located on the back panel. Power The Power port is where you will connect the power adapter. Figure 4-1: Back Panel Reset Button There are two ways to reset the Router's factory defaults.
Page 20: The Front Panel
Wireless-G VPN Router with RangeBooster The Front Panel The Router's LEDs, where information about network activity is displayed, are located on the front panel. Figure 4-2: Front Panel Power Green. The Power LED lights up when the Router is powered on. Red.
Page 21: Chapter 5: Connecting The Wireless-G Vpn Router
Wireless-G VPN Router with RangeBooster Chapter 5: Connecting the Wireless-G VPN Router Overview To begin installation of the Router, you will connect the Router to your PCs, other network devices, and cable or DSL modem. If you want to use a PC with an Ethernet adapter to configure the Router, go to “Wired Connection to a PC.”...
Page 22: Wireless Connection To A Pc
6. For initial access to the Router through a wireless connection, make sure the PC’s wireless adapter has its SSID set to linksys (the Router’s default setting) and its WEP encryption disabled. After you have accessed the Router, you can change the Router and this PC’s adapter settings to match your usual network settings.
Page 23: Chapter 6: Configuring The Wireless-G Vpn Router
Chapter 6: Configuring the Wireless-G VPN Router Overview Linksys recommends using the Setup CD-ROM for first-time installation of the Router. If you do not wish to run the Setup Wizard on the Setup CD-ROM, then follow the steps in this chapter and use the Router’s Web-based Utility to configure the Router.
Page 24 Wireless-G VPN Router with RangeBooster • Wireless Network Access. This screen displays your network access list. • Advanced Wireless Settings. For advanced users, you can alter data transmission settings on this screen. • WDS. This tab is used for Wireless Distribution System (WDS). Firewall •...
Page 25: How To Access The Web-Based Utility
Wireless-G VPN Router with RangeBooster Administration • Management. Alter the Router’s password, its access privileges, SNMP settings, and UPnP settings. • Log. If you want to view or save activity logs, click this tab. • Diagnostics. Use this screen to check the connection between the Router and a PC. •...
Page 26: Figure 6-3: Internet Connection Type - Static Ip
Wireless-G VPN Router with RangeBooster Internet Setup The Internet Setup section configures the Router for your Internet connection type. This information can be obtained from your ISP. Internet Connection Type The Router supports four connection types: Automatic Configuration - DHCP (the default connection type), PPPoE, Static IP, and PPTP.
Page 27: Figure 6-5: Internet Connection Type - Pptp
Wireless-G VPN Router with RangeBooster User Name and Password. Enter the User Name and Password provided by your ISP. Then, enter the Password again to confirm it. Auth Type: Select from two authentication protocols as required by your ISP: Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).
Page 28: Figure 6-6: Internet Connection Type - L2Tp
Wireless-G VPN Router with RangeBooster due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. If you wish to activate Connect on Demand, click the radio button.
Page 29 Wireless-G VPN Router with RangeBooster is down, then the Router will automatically re-establish the connection. To use this option, click the radio button next to Keep Alive. The default Redial Period is 30 seconds. Click the Save Settings button. Then click the Status tab, and click the Connect button. Optional Settings (Required by some ISPs) Some of these settings may be required by your ISP.
Page 30: Figure 6-7: Static Table
Wireless-G VPN Router with RangeBooster Start IP Address. Enter a value for the DHCP server to start with when issuing IP addresses. This value must be 192.168.1. 2 or greater, but smaller than 192.168.1.254, because the default IP address for the Router is 192.168.1.1, and 192.168.1.255 is the broadcast IP address.
Page 31: The Setup Tab - Ddns
Wireless-G VPN Router with RangeBooster VLAN No. Select the VLAN number to associate with the desired port. When you have finished making changes to the screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. The Setup Tab - DDNS The Router offers a Dynamic Domain Name System (DDNS) feature.
Page 32: The Setup Tab - Mac Address Clone
Wireless-G VPN Router with RangeBooster Status. The status of the DDNS service connection is displayed here. When you have finished making changes to the screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. The Setup Tab - MAC Address Clone The Router’s MAC address is a 12-digit code assigned to a unique piece of hardware for identification, like a social security number.
Page 33: The Setup Tab - Advanced Routing
Wireless-G VPN Router with RangeBooster The Setup Tab - Advanced Routing The Advanced Routing screen allows you to configure the dynamic and static routing settings. Advanced Routing Operation Mode. Select Gateway or Router from the drop-down menu. If this Router is hosting your network’s connection to the Internet, keep the default, Gateway, which will also enable NAT.
Page 34: Figure 6-13: Routing Table Entry List
Wireless-G VPN Router with RangeBooster building a route to an entire network, be sure that the network portion of the IP address is set to 0. For example, the Router’s standard IP address is 192.168.1.1. Based on this address, the address of the routed network is 192.168.1, with the last digit determining the Router’s place on the network.
Page 35: The Wireless Tab - Basic Wireless Settings
(use any of the characters on the keyboard). Make sure this setting is the same for all points in your wireless network. For added security, you should change the default SSID (linksys-g) to a unique name. TX Rate Limitation. The rate of data transmission should be set depending on the speed of your wireless network.
Page 36: The Wireless Tab - Wireless Security
Wireless-G VPN Router with RangeBooster The Wireless Tab - Wireless Security The Wireless Security settings configure the security of your wireless network. There are eight wireless security mode options supported by the Router: WPA-Personal, WPA2-Personal, WPA Enterprise, WPA2 Enterprise, WPA2- Personal-Mixed, WPA2-Enterprise Mixed, RADIUS, and WEP.
Page 37: Figure 6-17: Wireless Security - Wpa Enterprise
Wireless-G VPN Router with RangeBooster WPA Enterprise. This option features WPA used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to the Router.) Enter the RADIUS server’s IP address. Select TKIP or AES from the WPA Algorithm drop-down menu.
Page 38: Figure 6-19: Wireless Security - Wpa2 Personal Mixed
Wireless-G VPN Router with RangeBooster WPA2 Personal Mixed. WPA2 Personal Mixed gives you either WPA-Personal (TKIP) or PSK2 (AES) encryption. Enter a Shared Secret of 8-63 characters. Then enter a Key Renewal period, which instructs the Router how often it should change the encryption keys. Figure 6-19: Wireless Security - WPA2 Personal Mixed WPA2 Enterprise Mixed.
Page 39: Figure 6-21: Wireless Security - Radius
Wireless-G VPN Router with RangeBooster RADIUS. This option features WEP used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to the Router.) First, enter the RADIUS server’s IP address and port number in the RADIUS Server IP Address and RADIUS Server Port fields.
Page 40: The Wireless Tab - Wireless Network Access
Wireless-G VPN Router with RangeBooster The Wireless Tab - Wireless Network Access This screen allows you to control access to your wireless network for each SSID. Wireless Network Access Access List. To allow the designated computers to access your network, select the Permit to access radio button.
Page 41: The Wireless Tab - Advanced Wireless Settings
Wireless-G VPN Router with RangeBooster The Wireless Tab - Advanced Wireless Settings This tab is used to set up the Router’s advanced wireless functions. These settings should only be adjusted by an advanced user as incorrect settings can reduce wireless performance. Advanced Wireless Settings AP Isolation.
Page 42: Figure 6-26: Wireless Tab - Wds
Wireless-G VPN Router with RangeBooster Fragmentation Threshold. In most cases, this value should remain at its default value of 2346. It specifies the maximum size for a packet before data is fragmented into multiple packets. If you experience a high packet error rate, you may slightly increase the Fragmentation Threshold.
Page 43: The Firewall Tab - General
Wireless-G VPN Router with RangeBooster The Firewall Tab - General When you click the Security tab, you will see the General screen. The Router’s firewall enhances the security of your network. You can implement a Stateful Packet Inspection (SPI) firewall, block anonymous Internet requests, and enable block mechanisms.
Page 44: The Firewall Tab - Port Forwarding
Wireless-G VPN Router with RangeBooster The Firewall Tab - Port Forwarding The Port Forwarding screen sets up public services on your network, such as web servers, ftp servers, e-mail servers, or other specialized Internet applications. (Specialized Internet applications are any applications that use Internet access to perform functions such as videoconferencing or online gaming.
Page 45: The Firewall Tab - Port Triggering
Wireless-G VPN Router with RangeBooster The Firewall Tab - Port Triggering Port Triggering is used for special Internet applications whose outgoing ports differ from the incoming ports. For this feature, the Router will watch outgoing data for specific port numbers. The Router will remember the IP address of the computer that sends a transmission requesting data, so that when the requested data returns through the Router, the data is pulled back to the proper computer by way of IP address and port mapping rules.
Page 46: The Firewall Tab - Dmz
Wireless-G VPN Router with RangeBooster The Firewall Tab - DMZ The DMZ screen allows one local PC to be exposed to the Internet for use of a special-purpose service such as Internet gaming and videoconferencing through Software DMZ. Whereas Port Range Forwarding can only forward a maximum of 10 ranges of ports, DMZ hosting forwards all the ports for one PC at the same time.
Page 47: The Firewall Tab - Access Restriction
Wireless-G VPN Router with RangeBooster The Firewall Tab - Access Restriction The Access Restriction screen allows you to block or allow specific kinds of Internet usage and traffic during specific days and times. Internet Access Policy. Access can be managed by a policy. Use the settings on this screen to establish an access policy (after the Save Settings button is clicked).
Page 48: The Firewall Tab - Url Filtering
Wireless-G VPN Router with RangeBooster To modify a service, select it from the list on the right. Change its name, protocol setting, or port range. Then click the Modify button. To delete a service, select it from the list on the right. Then click the Delete button. When you are finished making changes on the Port Services screen, click the Apply button to save changes.
Page 49: The Vpn Tab
Wireless-G VPN Router with RangeBooster The VPN Tab Virtual Private Networking (VPN) is a security measure that creates a secure connection between two remote locations. The security is created by the very specific settings for the connection. The VPN Tab allows you to configure your VPN settings to make your network more secure.
Page 50: The Vpn Tab - Vpn Passthrough
Wireless-G VPN Router with RangeBooster When you have finished making changes to the screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes. For help information, click More. The VPN Tab - VPN Passthrough This tab is used to allow VPN tunnels to pass through the Router’s firewall using IPSec, L2TP, or PPTP protocols.
Page 51: The Vpn Tab - Ipsec Vpn
Wireless-G VPN Router with RangeBooster The VPN Tab - IPSec VPN The VPN Router creates a tunnel or secure channel between two endpoints, so that the transmitted data or information between these endpoints is secure. Tunnel Entry. To establish this tunnel, select the tunnel you wish to create from the drop-down box. It is possible to create up to 5 gateway-to-gateway tunnels.
Page 52: Figure 6-38: Local Secure Group - Ip Address And Remote Secure Group - Ip Address
Wireless-G VPN Router with RangeBooster Remote Secure Group The Remote Secure Group is the computer(s) on the remote end of the tunnel that can access the tunnel. From the drop-down menu, select Subnet, to include the entire network for the tunnel; select IP address if you want a specific computer;...
Page 53: Figure 6-41: Key Exchange Method - Auto(Ike)
Wireless-G VPN Router with RangeBooster it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel. Or, you may choose to disable this feature. Authentication. Authentication acts as another level of security. There are two types of authentication: MD5 and SHA (SHA is recommended because it is more secure).
Page 54 Wireless-G VPN Router with RangeBooster Authentication Method. You can select MD5 or SHA1 authentication method to generate IPSec Authentication Header (AH) during ISAKMP. Group. This is for Diffie-Hellman key negotiation. There are 7 groups available for ISAKMP SA establishment. Group 1024, 1536, 2048, 3072, 4096, 6144, and 8192 represent different bits used in Diffie-Hellman mode operation.
Page 55: Figure 6-43: Global Nat Traversal Advanced Settings
Wireless-G VPN Router with RangeBooster If IKE failed more than _times, block this unauthorized IP for _ seconds. This feature is enabled by default. It enables the Router to block unauthorized IP addresses. Specify the number of times IKE must fail before the Router blocks that unauthorized IP address.
Page 56: The Vpn Tab - Vpn Summary
Wireless-G VPN Router with RangeBooster The VPN Tab - VPN Summary This page summarizes the comprehensive details of IPSec VPN Tunnels that include Tunnel Name, Remote Gateway, Remote Group, Local Group, Key Methods, Tunnel Status, and Start/Stop/Detail Connection. Each field displays information according to a pre-configured value of IPSec tunnel separately, and each IPSec tunnel can be easily commanded to start/stop connection here.
Page 57 Wireless-G VPN Router with RangeBooster NAT-T : The Tunnel enables the NAT-Traversal to allow the remote initiator that is behind the NAT to construct this IPSec Tunnel. Start/Stop/Restart Connection. You can manually start/stop IPSec connection according to pre-configured tunnel settings. If the pre-configured type of remote gateway or remote group is either Any or NAT-Traversal, Detail button can also examine Remote Security Gateway information.
Page 58: The Qos Tab - Application-Based Qos
Wireless-G VPN Router with RangeBooster The QoS Tab - Application-based QoS Quality of Service (QoS) ensures better service to high-priority service. Application-based QoS involves Internet traffic, which may involve demanding, real-time applications, such as videoconferencing. To enable Application-based QoS, you can select either Priority Queue or Bandwidth Allocation.
Page 59: The Qos Tab - Port-Based Qos
Wireless-G VPN Router with RangeBooster The QoS Tab - Port-based QoS Port-based QoS ensures better service to a specific LAN port. Priority. Select the QoS priority for each LAN port. High/Low setting will queue all egress packets from this port according to its priority value.
Page 60: The Administration Tab - Management
Wireless-G VPN Router with RangeBooster The Administration Tab - Management The Management screen allows you to change the Router’s access settings as well as configure the SNMP and UPnP (Universal Plug and Play) features. Admin Password To ensure the Router’s security, you will be asked for your password when you access the Router’s Web-based Utility.
Page 61 Wireless-G VPN Router with RangeBooster SNMP SNMP, Simple Network Management Protocol, is a network protocol that provides network administrators with the ability to monitor the status of the Router and receive notification of any critical events as they occur on the network.
Page 62 Wireless-G VPN Router with RangeBooster Backup and Restore Backup Configurations. To back up the Routers configuration, click this button and follow the on-screen instructions. Restore Configurations. To restore the Routers configuration, click this button and follow the on-screen instructions. (You must have previously backed-up the Router's configuration.) When you have finished making changes on this screen, click the Save Settings button to save the changes, or click the Cancel Changes button to undo your changes.
Page 63: The Administration Tab - Log
Wireless-G VPN Router with RangeBooster The Administration Tab - Log When you click the Administration tab, you will see the Log screen. The Log screen provides you with options for email alerts and a log of all incoming and outgoing URLs or IP addresses for your Internet connection. Email Alert.
Page 64: The Administration Tab - Diagnostics
Wireless-G VPN Router with RangeBooster The Administration Tab - Diagnostics The Diagnostcs allow you to check the connections of your network components. Ping Test Ping Test Parameters IP or URL Address. Enter the IP or URL address of the network device whose connection status you wish to test. Packet Size.
Page 65: The Administration Tab - Factory Defaults
The Firmware Upgrade screen allows you to upgrade the Router’s firmware. Do not upgrade the firmware unless you are experiencing problems with the Router or the new firmware has a feature you want to use. Before upgrading the firmware, download the Router’s firmware upgrade file from the Linksys website, www.linksys.com. Then extract the file.
Page 66: The Status Tab - Router
Wireless-G VPN Router with RangeBooster The Status Tab - Router The Router screen displays information about the Router and its current settings. The on-screen information will vary depending on the Internet Connection Type selected on the Setup Tab. Information Hardware Version. This shows the installed version and date of the hardware. Software Version.
Page 67: The Status Tab - Local Network
Wireless-G VPN Router with RangeBooster The Status Tab - Local Network The Local Network screen displays information about the local network. Local Network Local MAC Address. The MAC Address of the Router’s LAN (local area network) interface is displayed here. IP Address.
Page 68: Figure 6-59: The Status Tab - Wireless
Wireless-G VPN Router with RangeBooster The Status Tab - Wireless The Wireless screen displays status information about your wireless network. Wireless Mode. As selected from the Wireless tab, this will display the wireless mode (Mixed, G-Only, or Disabled) used by the network.
Page 69: The Status Tab - System Performance
Wireless-G VPN Router with RangeBooster The Status Tab - System Performance The System Performance screen displays status information about network traffic for the Internet, wireless activities, and wired connectivity. System Performance Internet/Wireless Statistics for the network traffic on the Internet connection and wireless connectivity are shown in five separate columns.
Page 70: The Status Tab - Vpn Clients
Wireless-G VPN Router with RangeBooster Dropped Packets Received. The number of dropped packets received is displayed here. Click the Refresh button to update the on-screen information. Help information is shown on the right-hand side of the screen. The Status Tab - VPN Clients The VPN Client Status screen displays status information about the Router’s QuickVPN clients.
Page 71: Appendix A: Troubleshooting
Provided are possible solutions to problems that may occur during the installation and operation of the Router. Read the descriptions below to help you solve your problems. If you can’t find an answer here, check the Linksys website at www.linksys.com.
Page 72 Wireless-G VPN Router with RangeBooster • For Windows 2000: 1. Click Start, Settings, and Control Panel. Double-click Network and Dial-Up Connections. 2. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option. 3.
Page 73 Wireless-G VPN Router with RangeBooster For Windows NT 4.0: • Click Start, Settings, and Control Panel. Double-click the Network icon. • Click the Protocol tab, and double-click on TCP/IP Protocol. • When the window appears, make sure you have selected the correct Adapter for your Ethernet adapter and set it for Obtain an IP address from a DHCP server.
Page 74 • Your VPN may require port 500/UDP packets to be passed to the computer that is connecting to the IPSec server. Refer to “Problem #8, I need to set up online game hosting or use other Internet applications” for details. • Check the Linksys website for more information at www.linksys.com. Appendix A: Common Problems and Solutions...
Page 75 Wireless-G VPN Router with RangeBooster 7. I need to set up a server behind my Router and make it available to the public. To use a server like a web, ftp, or mail server, you need to know the respective port numbers they are using. For example, port 80 (HTTP) is used for web;...
Page 76 Wireless-G VPN Router with RangeBooster 2. Enter any name you want to use for the Customized Application. 3. Enter the External Port range of the service you are using. For example, if you want to host Unreal Tournament (UT), you would enter the range 7777 to 27900. 4.
Page 77 Router to the factory default settings. In other words, the Router will revert to its original factory configuration. 13. I need to upgrade the firmware. In order to upgrade the firmware with the latest features, you need to go to the Linksys website and download the latest firmware at www.linksys.com. • Follow these steps: 1.
Page 78 Wireless-G VPN Router with RangeBooster 14. The firmware upgrade failed, and/or the Power LED is flashing. The upgrade could have failed for a number of reasons. Follow these steps to upgrade the firmware and/or make the Power LED stop flashing: •...
Page 79: Frequently Asked Questions
Wireless-G VPN Router with RangeBooster • If your difficulties continue, change the Size to different values. Try this list of values, one value at a time, in this order, until your problem is solved: 1462 1400 1362 1300 17. The Power LED flashes continuously. The Power LED lights up when the device is first powered up.
Page 80 Does the Router support any operating system other than Windows 95, Windows 98SE, Windows Millennium, Windows 2000, or Windows XP? Yes, but Linksys does not, at this time, provide technical support for setup, configuration or troubleshooting of any non-Windows operating systems.
Page 81 How will I be notified of new Router firmware upgrades? All Linksys firmware upgrades are posted on the Linksys website at www.linksys.com, where they can be downloaded for free. To upgrade the Router’s firmware, use the System tab of the Router’s web-based utility. If the Router’s Internet connection is working well, there is no need to download a newer firmware version, unless...
Page 82 Wireless-G VPN Router with RangeBooster then the Connection tab. Make sure that Internet Explorer is set to Never dial a connection. For Netscape Navigator, click Edit, Preferences, Advanced, and Proxy. Make sure that Netscape Navigator is set to Direct connection to the Internet. What is DMZ Hosting? Demilitarized Zone (DMZ) allows one IP address (computer) to be exposed to the Internet.
Page 83 Wireless-G VPN Router with RangeBooster Can I run an application from a remote computer over the wireless network? This will depend on whether or not the application is designed to be used over a network. Consult the application’s documentation to determine if it supports operation over a network. What is the IEEE 802.11b standard? It is one of the IEEE standards for wireless networks.
Page 84 Wireless-G VPN Router with RangeBooster What is infrastructure mode? When a wireless network is set to infrastructure mode, the wireless network is configured to communicate with a wired network through a wireless access point. What is roaming? Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single access point.
Page 85 Wireless-G VPN Router with RangeBooster What is DSSS? What is FHSS? And what are their differences? Frequency-Hopping Spread-Spectrum (FHSS) uses a narrowband carrier that changes frequency in a pattern that is known to both transmitter and receiver. Properly synchronized, the net effect is to maintain a single logical channel.
Page 86 Wireless-G VPN Router with RangeBooster How many channels/frequencies are available with the Router? There are eleven available channels, ranging from 1 to 11 (in North America). If your questions are not addressed here, refer to the Linksys website, www.linksys.com. Appendix A: Frequently Asked Questions...
Page 87: Appendix B: Wireless Security
Wireless-G VPN Router with RangeBooster Appendix B: Wireless Security Linksys wants to make wireless networking as safe and easy for you as possible. The current generation of Linksys products provide several network security features, but they require specific action on your part for implementation.
Page 88 This includes hackers. So, don’t broadcast the SSID. Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.
Page 89 These security recommendations should help keep your mind at ease while you are enjoying the most flexible and convenient technology Linksys has to offer. Appendix B: Wireless Security Security Threats Facing Wireless Networks...
Page 90: Appendix C: Using The Linksys Quickvpn Software For Windows 2000 Or Xp
Windows 2000 or XP Overview The Linksys Wireless-G VPN Router offers a free QuickVPN software program for computers running Windows 2000 or XP. (Computers running other operating systems will have to use a third-party VPN software program.) This guide describes how to install and use the Linksys QuickVPN software.
Page 91: Figure C-2: Setup Wizard - Welcome Screen
7. Double-click the .exe file, and follow the on-screen instructions. Then proceed to the next section, “Using the Linksys QuickVPN Software.” Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP Before You Begin Figure C-2: Setup Wizard - Welcome Screen...
Page 92: Using The Linksys Quickvpn Software
NOTE: You can change your password only if you have been granted that privilege by your system administrator. 1. Double-click the Linksys QuickVPN software icon on your desktop or in the system tray. 2. The login screen will appear. Enter a name for your profile.
Page 93: Figure C-9: Quickvpn Quickvpn Software - Status
Click the OK button to save your new password. Click the Cancel button to cancel your change. For information, click the Help button. Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP Using the Linksys QuickVPN Software...
Page 94: Appendix D: Configuring Ipsec Between A Windows 2000 Or Xp Computer And The Router
Wireless-G VPN Router with RangeBooster Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router Introduction This document demonstrates how to establish a secure IPSec tunnel using preshared keys to join a private network inside the Router and a Windows 2000 or XP computer. You can find detailed information on configuring the Windows 2000 server at the Microsoft website: Microsoft KB Q252735 - How to Configure IPSec Tunneling in Windows 2000 http://support.microsoft.com/support/kb/articles/Q252/7/35.asp...
Page 95: How To Establish A Secure Ipsec Tunnel
Wireless-G VPN Router with RangeBooster How to Establish a Secure IPSec Tunnel Step 1: Create an IPSec Policy 1. Click the Start button, select Run, and type secpol.msc in the Open field. The Local Security Setting screen will appear. 2. Right-click IP Security Policies on Local Computer (Win XP) or IP Security Policies on Local Machine (Win 2000), and click Create IP Security Policy.
Page 96: Figure D-4: Ip Filter List
Wireless-G VPN Router with RangeBooster 3. The IP Filter List screen should appear. Enter an appropriate name, such as win->Router, for the filter list, and de-select the Use Add Wizard check box. Then, click the Add button. 4. The Filters Properties screen will appear. Select the Addressing tab. In the Source address field, select My IP Address.
Page 97: Figure D-7: Ip Filter List
Wireless-G VPN Router with RangeBooster Filter List 2: Router ->win 7. The New Rule Properties screen will appear. Select the IP Filter List tab, and make sure that win -> Router is highlighted. Then, click the Add button. 8. The IP Filter List screen should appear. Enter an appropriate name, such as Router->win for the filter list, and de-select the Use Add Wizard check box.
Page 98: Figure D-10: Ip Filter List Tab
Wireless-G VPN Router with RangeBooster Step 3: Configure Individual Tunnel Rules Tunnel 1: win->Router 1. From the IP Filter List tab, click the filter list win->Router. 2. Click the Filter Action tab, and click the filter action Require Security radio button. Then, click the Edit button.
Page 99: Figure D-13: Authentication Methods
Wireless-G VPN Router with RangeBooster 4. Select the Authentication Methods tab, and click the Edit button. 5. Change the authentication method to Use this string to protect the key exchange (preshared key), and enter the preshared key string, such as XYZ12345. Click the OK button. 6.
Page 100: Figure D-16: Tunnel Setting Tab
Wireless-G VPN Router with RangeBooster 7. Select the Tunnel Setting tab, and click The tunnel endpoint is specified by this IP Address radio button. Then, enter the Router’s WAN IP Address. 8. Select the Connection Type tab, and click All network connections. Then, click the OK or Close button to finish this rule.
Page 101: Figure D-19: Ip Filter List Tab
Wireless-G VPN Router with RangeBooster 10. Go to the IP Filter List tab, and click the filter list Router->win. 11. Click the Filter Action tab, and select the filter action Require Security. Then, click the Edit button. From the Security Methods tab, verify that the Negotiate security option is enabled, and deselect the Accept unsecured communication, but always respond using IPSec check box.
Page 102: Figure D-22: Preshared Key
Wireless-G VPN Router with RangeBooster 13. Change the authentication method to Use this string to protect the key exchange (preshared key), and enter the preshared key string, such as XYZ12345. (This is a sample key string. Yours should be a key that is unique but easy to remember.) Then click the OK button.
Page 103: Figure D-25: Connection Type
Wireless-G VPN Router with RangeBooster 16. Click the Connection Type tab, and select All network connections. Then click the OK or Close button to finish. Figure D-25: Connection Type 17. From the Rules tab, click the OK or Close button to return to the screen showing the security policies. Figure D-26: Rules Step 4: Assign New IPSec Policy In the IP Security Policies on Local Machine window, right-click the policy named to_Router, and click Assign.
Page 104: Figure D-28: Vpn Tab
Wireless-G VPN Router with RangeBooster Step 5: Create a Tunnel Through the Web-Based Utility 1. Open your web browser, and enter 192.168.1.1 in the Address field. Press the Enter key. 2. When the User name and Password fields appear, enter the default user name and password, admin. Press the Enter key.
Page 105: Appendix E: Configuring A Gateway-To-Gateway Ipsec Tunnel
Wireless-G VPN Router with RangeBooster Appendix E: Configuring a Gateway-to-Gateway IPSec Tunnel Overview This appendix explains how to configure an IPSec VPN tunnel between two VPN Routers by example. Two PCs are used to test the liveliness fo the tunnel. Figure E-1: Diagram of All VPN Tunnels Before You Begin The following is a list of equipment you need:...
Page 106: Configuring The Vpn Settings For The Vpn Routers
Wireless-G VPN Router with RangeBooster Configuring the VPN Settings for the VPN Routers Configuring VPN Router 1 Follow these instructions for the first VPN Router, designated VPN Router 1. The other VPN Router is designated VPN Router 2. 1. Launch the web browser for a networked PC, designated PC 1. 2.
Page 107: Figure E-4: Security - Vpn Screen (Vpn Tunnel)
Wireless-G VPN Router with RangeBooster Configuring VPN Router 2 Follow similar instructions for VPN Router 2. 1. Launch the web browser for a networked PC, designated PC 2. 2. Enter the VPN Router’s local IP address in the Address field (default is 192.168.1.1). Then press Enter. 3.
Page 108: Configuring The Key Management Settings
Wireless-G VPN Router with RangeBooster Configuring the Key Management Settings Configuring VPN Router 1 Following these instructions for VPN Router 1. 1. On the IPSec VPN screen, select 3DES from the Encryption drop-down menu. 2. Select MD5 from the Authentication drop-down menu. 3.
Page 109: Configuring Pc 1 And Pc 2
Wireless-G VPN Router with RangeBooster Configuring VPN Router 2 For VPN Router 2, follow the same instructions in the previous section, “Configuring VPN Router 1.” Configuring PC 1 and PC 2 1. Set PC 1 and PC 2 to be DHCP clients (refer to Windows Help for more information). 2.
Page 110: Appendix F: Finding The Mac Address And Ip Address For Your Ethernet Adapter
Wireless-G VPN Router with RangeBooster Appendix F: Finding the MAC Address and IP Address for your Ethernet Adapter This section describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC filtering and/or MAC address cloning feature of the Router. You can also find the IP address of your computer’s Ethernet adapter.
Page 111: Windows 2000 Or Xp Instructions
Wireless-G VPN Router with RangeBooster Windows 2000 or XP Instructions 1. Click Start and Run. In the Open field, enter cmd. Press the Enter key or click the OK button. Note: The MAC address is also called the Physical Address. 2.
Page 112: Appendix G: Snmp Functions
Wireless-G VPN Router with RangeBooster Appendix G: SNMP Functions SNMP (Simple Network Management Protocol) is a widely-used network monitoring and control protocol. Data is passed from a SNMP agent, such as the VPN Router, to the workstation console used to oversee the network. The Router then returns information contained in a MIB (Management Information Base), which is a data structure that defines what is obtainable from the device and what can be controlled (turned off, on, etc.).
Page 113: Appendix H: Upgrading Firmware
After you upgrade its firmware, you will have to re-enter all of your configuration settings. To upgrade the Router’s firmware, follow these instructions: 1. Download the Router’s firmware upgrade file from the Linksys website, www.linksys.com. 2. Extract the file on your computer.
Page 114: Appendix I: Windows Help
Wireless-G VPN Router with RangeBooster Appendix I: Windows Help Almost all wireless products require Microsoft Windows. Windows is the most used operating system in the world and comes with many features that help make networking easier. These features can be accessed through Windows Help and are described in this appendix.
Page 115: Appendix J: Glossary
This glossary contains some basic networking terms you may come across when using this product. For more advanced terms, see the complete Linksys glossary at http://www.linksys.com/glossary. Access Point - A device that allows wireless-equipped computers and other devices to communicate with a wired network.
Page 116 Wireless-G VPN Router with RangeBooster DMZ (Demilitarized Zone) - Removes the Router's firewall protection from one PC, allowing it to be “seen” from the Internet. DNS (Domain Name Server) - The IP address of your ISP's server, which translates the names of websites into IP addresses.
Page 117 Passphrase - Used much like a password, a passphrase simplifies the WEP encryption process by automatically generating the WEP encryption keys for Linksys products. Ping (Packet INternet Groper) - An Internet utility used to determine whether a particular IP address is online.
Page 118 Wireless-G VPN Router with RangeBooster RJ-45 (Registered Jack-45) - An Ethernet connector that holds up to eight wires. Roaming - The ability to take a wireless device from one access point's range to another without losing the connection. Router - A networking device that connects multiple networks together. Server - Any computer whose function in a network is to provide user access to files, printing, communications, and other services.
Page 119 Wireless-G VPN Router with RangeBooster TKIP (Temporal Key Integrity Protocol) - a wireless encryption protocol that provides dynamic encryption keys for each packet transmitted. Topology - The physical layout of a network. TX Rate - Transmission Rate. Upgrade - To replace existing software or firmware with a newer version. Upload - To transmit a file over a network.
Page 120: Appendix K: Specifications
Wireless-G VPN Router with RangeBooster Appendix K: Specifications Standards 802.11b, 802.11g, 802.3, 802.3u, 801.1x Ports Internet, Ethernet (1-4), Power Buttons Reset Cabling Type UTP CAT 5 or better LEDs Power, DMZ, Internet, Wireless, Ethernet (1, 2, 3, 4), , Transmit Power 19 dBm Security Features WEP, WPA, WPA2...
Page 121: Appendix L: Warranty Information
Your exclusive remedy and Linksys' entire liability under this warranty will be for Linksys at its option to repair or replace the Product or refund Your purchase price less any rebates. This limited warranty extends only to the original purchaser.
Page 122: Appendix M: Regulatory Information
Wireless-G VPN Router with RangeBooster Appendix M: Regulatory Information FCC Statement This product has been tested and complies with the specifications for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Page 123 User Information for Consumer Products Covered by EU Directive 2002/96/EC on Waste Electric and Electronic Equipment (WEEE) This document contains important information for users with regards to the proper disposal and recycling of Linksys products. Consumers are required to comply with this notice for all electronic products bearing the following symbol:...
Page 124 Wireless-G VPN Router with RangeBooster Appendix M: Regulatory Information...
Page 125 Wireless-G VPN Router with RangeBooster Appendix M: Regulatory Information...
Page 126 Wireless-G VPN Router with RangeBooster Appendix M: Regulatory Information...
Page 127 Wireless-G VPN Broadband Router For more information, visit www.linksys.com. Appendix M: Regulatory Information...
Page 128: Appendix N: Contact Information
Can't find information about a product you want to buy on the web? Do you want to know more about networking with Linksys products? Give our advice line a call at: Or fax your request in to: If you experience problems with any Linksys product,...

Linksys WRV200 User Manual

Chapter 1: Introduction

Chapter 2: Planning Your Wireless Network

Chapter 3: Planning Your Virtual Private Network (VPN)

Chapter 4: Getting to Know the Wireless-G VPN Router

Chapter 5: Connecting the Wireless-G VPN Router

Chapter 6: Configuring the Wireless-G VPN Router

Appendix A: Troubleshooting

Appendix B: Wireless Security

Appendix C: Using the Linksys Quickvpn Software for Windows 2000 or XP

Appendix D: Configuring Ipsec between a Windows 2000 or XP Computer and the Router

Appendix E: Configuring a Gateway-To-Gateway Ipsec Tunnel

Appendix F: Finding the MAC Address and IP Address for Your Ethernet Adapter

Appendix G: SNMP Functions

Appendix H: Upgrading Firmware

Appendix I: Windows Help

Appendix J: Glossary

Appendix K: Specifications

Appendix L: Warranty Information

Appendix M: Regulatory Information

Appendix N: Contact Information

Quick Links

Related Manuals for Linksys WRV200

Summary of Contents for Linksys WRV200

Table of Contents