Linksys WRVS4400N User Manual
  1. Manuals
  2. Brands
  3. Linksys Manuals
  4. Wireless Router
  5. WRVS4400N - Small Business Wireless-N Gigabit Security...
  6. User manual

Linksys WRVS4400N User Manual

Wireless-n gigabit security router with vpn business series
Hide thumbs Also See for WRVS4400N:
Table of Contents

Advertisement

Quick Links

See also: Product Data , User Manual
Wireless-N Gigabit Security
Router with VPN
with Ports
4-portuter
Model No. WRVS4400N
Wireless
Model No.
Model No.
Model No.
Model No.
USER GUIDE
BUSINESS SERIES

Advertisement

Table of Contents
loading

Related Manuals for Linksys WRVS4400N

Summary of Contents for Linksys WRVS4400N

  • Page 1 Wireless-N Gigabit Security Router with VPN with Ports 4-portuter Model No. WRVS4400N Wireless Model No. Model No. Model No. Model No. USER GUIDE BUSINESS SERIES...
  • Page 2 Wireless-N Gigabit Security Router with VPN Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2006 Cisco Systems, Inc. All rights reserved.

  • Page 3: Table Of Contents

    Wireless-N Gigabit Security Router with VPN Table of Contents Chapter 1: Introduction Welcome What’s in this Guide? Chapter 2: Networking and Security Basics An Introduction to LANs The Use of IP Addresses The Intrusion Prevention System (IPS) Chapter 3: Planning Your Virtual Private Network (VPN) Why do I need a VPN? What is a VPN? Chapter 4: Getting to Know the Router...
  • Page 4 Wireless-N Gigabit Security Router with VPN Common Problems and Solutions Frequently Asked Questions Appendix B: Using the Linksys QuickVPN Software for Windows 2000 or XP 99 Overview Before You Begin Installing the Linksys QuickVPN Software Using the Linksys QuickVPN Software...
  • Page 5 Wireless-N Gigabit Security Router with VPN List of Figures Figure 2-1: Example network Figure 2-2: IPS Scenarios Figure 3-1: VPN Router to VPN Router Figure 3-2: Computer to VPN Router Figure 4-1: Front Panel Figure 4-2: Back Panel Figure 4-3: Stackable Position and its Antenna Setup Figure 4-4: Standalone Position and its Antenna Setup Figure 5-1: Example of a Typical Network Figure 5-2: Connect a PC...
  • Page 6 Wireless-N Gigabit Security Router with VPN Figure 6-11: Setup - LAN Figure 6-12: Setup - DMZ Figure 6-13: Setup - MAC Address Clone Figure 6-14: Setup - Advanced Routing Figure 6-15: Setup - Advanced Routing (Routing Table) Figure 6-16: Setup - Time Figure 6-17: Wireless - Basic Wireless Settings Figure 6-18: Wireless - Wireless Security (Disabled) Figure 6-19: Wireless - Wireless Security (WPA-Personal)
  • Page 7 Wireless-N Gigabit Security Router with VPN Figure 6-41: VPN - IPsec VPN Figure 6-42: VPN Tunnel Summary Figure 6-43: View VPN Tunnel Log Figure 6-44: IPsec VPN Advanced Settings Figure 6-45: VPN - VPN Client Accounts Figure 6-46: VPN - VPN Passthrough Figure 6-47: QoS - Application Based Figure 6-48: Port-based Figure 6-49: Administration - Management...
  • Page 8 Wireless-N Gigabit Security Router with VPN Figure 6-71: LAN ARP Table Figure 6-72: Status - Wireless LAN Figure 6-73: Status - System Performance Figure 6-74: Status - VPN Clients Figure 6-75: Status - IPsec VPN Figure B-1: VPN Client Accounts Screen Figure B-2: QuickVPN Desktop Icon Figure B-3: QuickVPN Tray Icon - No Connection Figure B-4: QuickVPN Software - Profile...

  • Page 9: Chapter 1: Introduction

    4-Port full-duplex 10/100/1000 Ethernet switch to connect four PCs directly, or you can connect more hubs and switches to create as big a network as you need. Like any wireless router, it lets multiple computers in your office share an Internet connection through both wired and wireless connections. It can also be used as an intranet router to aggregate traffic to a company backbone network.

  • Page 10: What's In This Guide

    Wireless-N Gigabit Security Router with VPN. • Appendix B: Using the Linksys QuickVPN Software for Windows 2000 or XP This appendix instructs you on how to use the Linksys QuickVPN software if you are using a Windows 2000 or XP PC.
  • Page 11 • Appendix H: Regulatory Information This appendix supplies the regulatory information regarding the Router. • Appendix I: Contact Information This appendix provides contact information for a variety of Linksys resources, including Technical Support. Chapter 1: Introduction What’s in this Guide?

  • Page 12: Chapter 2: Networking And Security Basics

    IP broadcast domain and its interference. In this case, you need one WRVS4400N for each subnetwork and you can connect all the WAN ports to a second level Router or switch to the Internet. Note that the second level Router only forwards data packets through a wired network so you don’t have to use the Wireless-N Gigabit Security Router.

  • Page 13: The Use Of Ip Addresses

    Wireless-N Gigabit Security Router with VPN Figure 2-1: Example network The Use of IP Addresses IP stands for Internet Protocol. Every device in an IP-based network, including PCs, print servers, and routers, requires an IP address to identify its location, or address, on the network. This applies to both the Internet and LAN connections.
  • Page 14 Wireless-N Gigabit Security Router with VPN A static IP address is a fixed IP address that you assign manually to a PC or other device on the network. Since a static IP address remains valid until you disable it, static IP addressing ensures that the device assigned it will always have that same IP address until you change it.

  • Page 15: The Intrusion Prevention System (Ips)

    Wireless-N Gigabit Security Router with VPN The Intrusion Prevention System (IPS) 1000+ Figure 2-2: IPS Scenarios IPS is an advanced technology to protect your network from malicious attacks. IPS works together with your SPI Firewall, IP Based Access List (IP ACL), Network Address Port Translation (NAPT), and Virtual Private Network (VPN) to achieve the highest amount of securities.
  • Page 16 Wireless-N Gigabit Security Router with VPN The P2P (peer to peer) and IM (instant messaging) control allows the system administrator to prevent network users from using those protocols to communicate with people over the Internet. This helps the administrators to set up company policies on how to use their Internet bandwidth wisely.

  • Page 17: Chapter 3: Planning Your Virtual Private Network (Vpn)

    Wireless-N Gigabit Security Router with VPN Chapter 3: Planning Your Virtual Private Network (VPN) Why do I need a VPN? Computer networking provides a flexibility not available when using an archaic, paper-based system. With this flexibility, however, comes an increased risk in security. This is why firewalls were first introduced. Firewalls help to protect data inside of a local network.

  • Page 18: What Is A Vpn

    The VPN Router creates a “tunnel” or channel between two endpoints, so that data transmissions between them are secure. A computer with the Linksys VPN client software can be one of the two endpoints (refer to “Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP”). If you choose not to run the VPN client...

  • Page 19: Figure 3-1: Vpn Router To Vpn Router

    ISP. Her notebook computer has the Linksys VPN client software, which is configured with her office's Off-site IP address. She accesses the Linksys VPN client software and connects to the VPN Router at the central office. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the businesswoman now has a secure connection to the central office's network, as if she were physically connected.

  • Page 20: Chapter 4: Getting To Know The Router The Front Panel

    Wireless-N Gigabit Security Router with VPN Chapter 4: Getting to Know the Router The Front Panel The Router’s LEDs are located on the front panel of the Router. Figure 4-1: Front Panel LEDs POWER Green. The POWER LED lights up when the Router is powered on. The LED flashes when the Router runs a diagnostic test.
  • Page 21 Wireless-N Gigabit Security Router with VPN DIAG Red. The DIAG LED lights up when the system is not ready. The LED light goes off when the system is ready. The Diag LED blinks during Firmware upgrades. Green/Red. The IPS LED lights up when the IPS function is enabled. The LED light is off when the IPS functions are disabled.

  • Page 22: The Back Panels

    Wireless-N Gigabit Security Router with VPN The Back Panels The Router’s ports and Reset button are located on the back panel of the Router. Figure 4-2: Back Panel Reset Button The Reset button can be used in one of two ways: If the Router is having problems connecting to the Internet, press the Reset button for just a second with a paper clip or a pencil tip.

  • Page 23: Antennas And Positions

    Wireless-N Gigabit Security Router with VPN Antennas and Positions The Access Point can be placed in three different positions. It can be either stackable, standalone, or wall-mount. Antenna The Access Point has three non-detachable 2dBi omni-directional antennas. The three antennas have a base that can rotate 90 degrees when in the standing position. The three antennas will all be used to support 2X3 MIMO diversity in wireless-N mode.

  • Page 24: Chapter 5: Connecting The Router

    Wireless-N Gigabit Security Router with VPN Chapter 5: Connecting the Router Overview To set up your network, you will do the following: • Connect the Router to one of your PCs according to the instructions in this chapter. • By default, Windows 98, 2000, Millennium, and XP computers are set to obtain an IP address automatically, so unless you have changed the default setting, then you will not need to configure your PCs.

  • Page 25: Connection Instructions

    Wireless-N Gigabit Security Router with VPN Connection Instructions 1. Before you begin, make sure that all of your hardware is powered off, including the Router, PCs, hubs, switches, and cable or DSL modem. 2. Connect one end of an Ethernet network cable to one of the numbered ports on the back of the Router. Connect the other end to an Ethernet port on a network device, e.g., a PC, print server, hub, or switch.

  • Page 26: Placement Options

    There are three ways to place the Wireless-N Router. The first way is to place it horizontally on a surface, so it sits on its four rubber feet. The second way is to stand the Wireless Router vertically on a surface. The third way is to mount it on a wall.

  • Page 27: Figure 5-7: Mounting Dimensions

    3. Line up the Wireless Router so that the wall-mount slots line up with the two screws. 4. Place the wall-mount slots over the screws and slide the Wireless Router down until the screws fit snugly into the wall-mount slots.

  • Page 28: Chapter 6: Setting Up And Configuring The Router

    Chapter 6: Setting Up and Configuring the Router Overview The Wireless Router has been designed to be functional right out of the box with the default settings. However, if you'd like to change these settings, the Wireless Router can be configured through your web browser with the Web-based Utility.

  • Page 29: How To Access The Web-Based Utility

    Then, configure your PC to obtain IP address automatically through a DHCP server. 2. Although it is not recommended, you can also connect your PC wirelessly to the Wireless Router. Then, configure the wireless interface of your PC to obtain IP address automatically through a DHCP server. It is not recommended, because you can easily lose your connection through wireless configuration changes.
  • Page 30 Wireless-N Gigabit Security Router with VPN • MAC Address Clone. Some ISPs require that you register a MAC address. This feature clones your network adapter's MAC address onto the Router, which prevents you from having to call your ISP to change the registered MAC address to the Router's MAC address.
  • Page 31 Wireless-N Gigabit Security Router with VPN • Port Range Triggering. Use this screen to set up triggered ranges and forwarded ranges to allow special Internet applications to pass through this NAT Router. • Service. Use this screen to define customized IP applications based on TCP or UDP. The user-defined service type will be available when defining IP based ACL rules.
  • Page 32 Wireless-N Gigabit Security Router with VPN • Firmware Upgrade. Use this screen to upgrade the Router’s firmware. You will use this tab for advanced configuration on built-in Intrusion Prevention System (IPS) inside the Router. • Configure. Enable or disable IPS functions from this screen. •...

  • Page 33: Setup Tab

    Wireless-N Gigabit Security Router with VPN Setup Tab The Setup screen contains all of the Router’s basic setup functions. The Router can be used in most network settings without changing any of the default values. Some users may need to enter additional information in order to connect to the Internet through an ISP (Internet Service Provider) or broadband (DSL, cable modem) carrier.

  • Page 34: Figure 6-2: Setup - Wan (Dhcp)

    The WAN Setup screen provides Internet Connection Type and DDNS configurations on the WAN port of the Wireless Router. Before starting, you need to find out the Internet Connection Type and settings used by your ISP. If the Router is used as an Intranet Router, you can mostly use the default settings. If you want to use the dynamic DNS feature, you will need to sign up for a DDNS service.

  • Page 35: Figure 6-4: Setup - Wan (Pppoe)

    Wireless-N Gigabit Security Router with VPN PPPoE Most DSL-based ISPs use PPPoE (Point-to-Point Protocol over Ethernet) to establish Internet connections. If you are connected to the Internet through a DSL line, check with your ISP to see if they use PPPoE. If they do, you will have to enable PPPoE.

  • Page 36: Figure 6-6: Setup - Wan (Heart Beat Signal)

    Wireless-N Gigabit Security Router with VPN Connect on Demand: Max Idle Time. You can configure the Router to cut the Internet connection after it has been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again.

  • Page 37: Figure 6-7: Setup - Wan (L2Tp)

    Wireless-N Gigabit Security Router with VPN L2TP Layer 2 Tunneling Protocol (L2TP) is a service that tunnels Point-to-Point Protocol (PPP) across the Internet. It is used mostly in European countries. Check with your ISP for the necessary setup information. IP Address. This is the Router’s IP address, when seen from the WAN, or the Internet. Your ISP will provide you with the IP Address you need to specify here.

  • Page 38: Figure 6-8: Setup - Wan (Optional Settings)

    Wireless-N Gigabit Security Router with VPN Optional Settings (Required by some ISPs) This section is common for all the Internet Connection Types. Some of these settings may be required by your ISP. Verify with your ISP before making any changes. Host Name: Some ISPs, usually cable ISPs, require a host name as identification.

  • Page 39: Figure 6-9: Setup - Wan (Dyndns.org)

    Wireless-N Gigabit Security Router with VPN DDNS The Router offers a Dynamic Domain Name System (DDNS) feature. DDNS lets you assign a fixed host and domain name to a dynamic Internet IP address. It is useful when you are hosting your own website, FTP server, or other server behind the Router.

  • Page 40: Figure 6-11: Setup - Lan

    Wireless-N Gigabit Security Router with VPN The LAN Setup section allows you to change the Router’s local network settings for the four Ethernet ports. IPv4 The Router’s Local IPv4 Address and Subnet Mask are shown here. In most cases, you can keep the defaults. Local IP Address.
  • Page 41 Wireless-N Gigabit Security Router with VPN WINS. The Windows Internet Naming Service (WINS) performs name resolution function (similar to DNS) in the Windows network environment. It can help you to determine the IP address of a remote Windows PC from its computer name.

  • Page 42: Figure 6-12: Setup - Dmz

    Wireless-N Gigabit Security Router with VPN The DMZ screen allows one local PC to be exposed to the Internet for use of a special-purpose service, such as Internet gaming and video-conferencing. DMZ hosting forwards traffic to all the ports for the specified PC simultaneously, unlike Port Range Forwarding that can only forward a maximum of 10 ranges of ports.

  • Page 43: Figure 6-14: Setup - Advanced Routing

    Wireless-N Gigabit Security Router with VPN Advanced Routing Operating Mode Select the Operating mode in which the Router will function. Internet Gateway. This is the normal mode of operation. This allows all devices on your LAN to share the same WAN (Internet) IP address.

  • Page 44: Figure 6-15: Setup - Advanced Routing (Routing Table)

    Wireless-N Gigabit Security Router with VPN Static Routing Sometimes you will prefer to use static routes to build your routing table instead of using dynamic routing protocols. Static routes do not require CPU resources to exchange routing information with a peer router. You can also use static routes to reach peer routers that do not support dynamic routing protocols.

  • Page 45: Figure 6-16: Setup - Time

    Wireless-N Gigabit Security Router with VPN Time You can either define your Router’s time manually or automatically through Time Server. The default is Automatically. Manually If you wish to enter the time and date manually, select the Date from the drop-down fields and enter the hour, minutes, and seconds in the Time field using 24 hour format (example 10:00pm would be entered 22:0:0).

  • Page 46: Wireless Tab

    Wireless Channel. Select the appropriate channel to be used between your Wireless Router and your client devices. The default is channel 6. You can also select Auto so that your Wireless Router will select the channel with the lowest amount of wireless interference while the system is booting up. Auto channel selection will start...
  • Page 47 For the Wireless-N 40MHz channel option (see Wireless - Advanced Wireless Settings Tab), the Wireless Router will automatically select the adjacent 20MHz channel to combine them into a wider channel. SSID Broadcast. This option allows the SSID to be broadcast on your network. You may want to enable this function while configuring your network, but make sure that you disable it when you are finished.

  • Page 48: Figure 6-18: Wireless - Wireless Security (Disabled)

    TKIP or AES. The default is TKIP. WPA Shared Key. Enter a WPA Shared Key of 8-63 characters. Key Renewal Timeout. Enter a Key Renewal Timeout period, which instructs the Wireless Router how often it should change the encryption keys. The default is 3600 seconds.

  • Page 49: Figure 6-20: Wireless - Wireless Security (Wpa2-Personal)

    WPA Algorithms. WPA2 always uses AES for data encryption. WPA Shared Key. Enter a WPA Shared Key of 8-63 characters. Key Renewal Timeout. Enter a Key Renewal Timeout period, which instructs the Wireless Router how often it should change the encryption keys. The default is 3600 seconds.

  • Page 50: Figure 6-22: Wireless - Wireless Security (Wpa-Enterprise)

    Shared Secret. Enter the Shared Secret key used by the Wireless Router and RADIUS server. Figure 6-22: Wireless - Wireless Security (WPA-Enterprise) Key Renewal Timeout. Enter a Key Renewal Timeout period, which instructs the Wireless Router how often it should change the encryption keys. The default is 3600 seconds. WPA2-Enterprise This option features WPA2 used in coordination with a RADIUS server for client authentication.

  • Page 51: Figure 6-24: Wireless - Wireless Security (Wpa2-Enterprise Mixed)

    Shared Secret. Enter the Shared Secret key used by the Wireless Router and RADIUS server. Key Renewal Timeout. Enter a Key Renewal Timeout period, which instructs the Wireless Router how often it should change the encryption keys. The default is 3600 seconds.

  • Page 52: Figure 6-26: Wireless - Wireless Connection Control

    Wireless Router, or you can allow only specific client devices to connect to the Wireless Router. The client devices are specified by their MAC addresses. The default is to allow only specific client devices.

  • Page 53: Figure 6-28: Wireless - Advanced Wireless Settings

    This screen allows you to configure the advanced settings for the Wireless Router. The Wireless-N Router adopts several new parameters to adjust the channel bandwidth and guard intervals to improve the data rate dynamically. Linksys recommends to let your Wireless Router automatically adjust the parameters for maximum data throughput.
  • Page 54 11g clients performance will be affected by setting to this mode. IOT Mode. Interoperability Mode. Enabling this mode will help this AP to communicate with Linksys retail client cards (e.g. WPC300N) at 11n rates. This mode is a temporary measure to cope with implementation differences on 802.11n draft specification.

  • Page 55: Firewall Tab

    Wireless-N Gigabit Security Router with VPN Firewall Tab The Firewall Tab allows you to configure software security features like SPI (Stateful Packet Inspection) Firewall, IP based Access List, restriction LAN users on Internet (WAN port) access, and NAPT (Network Address Port Translation) Settings (only works when NAT is enabled) to limited services to specific ports.
  • Page 56 Wireless-N Gigabit Security Router with VPN Restrict WEB Features Block. Select the Web features that you wish to restrict. All those features could place security concern to your PCs on the LAN side. You have to balance your needs on those applications and security. The default is unselected.

  • Page 57: Figure 6-30: Firewall - Ip Based Acl

    Wireless-N Gigabit Security Router with VPN IP Based ACL This screen shows a summary of configured IP based Access List. The Access List is used to restrict traffic going through the Router either from WAN or LAN port. There are two ways to restrict data traffic. You can block specific types of traffic according to your ACL definitions.

  • Page 58: Figure 6-32: Firewall - Ip Based Acl (Service Definition)

    Wireless-N Gigabit Security Router with VPN Source: This is the source IP address to be matched against. You can define a Single IP address, a Range of IP addresses (start IP and end IP), a Network (IP Prefix and Network Mask), or ANY IP addresses. Destination: This is the destination IP address to be matched against.
  • Page 59 Wireless-N Gigabit Security Router with VPN Log Prefix: This string will be attached in front of the log for the matched event. Source Interface: Select LAN, WAN, or ANY interface. Source: The source IP address to be matched against. You can define a Single IP address, a Range of IP addresses (start IP and end IP), a Network (IP Prefix and Network Mask), or ANY IP addresses.

  • Page 60: Figure 6-34: Firewall - Internet Access Policy

    Wireless-N Gigabit Security Router with VPN Internet Access Policy Access to the Internet can be managed by policies. A policy consists of four components. You need to define the PCs (MAC or IP address) to apply this policy, either Deny or Allow Internet service, what time and date to enable this policy, and what URLs or Keywords to apply this policy.

  • Page 61: Figure 6-35: Firewall - Internet Access Policy Summary

    Wireless-N Gigabit Security Router with VPN 7. If you wish to block access to Web sites, use the Website Blocking by URL Address or Website Blocking by Keyword feature. • Website Blocking by URL Address. Enter the URL or Domain Name of the web sites you wish to block. •...

  • Page 62: Figure 6-37: Firewall - Single Port Forwarding

    Wireless-N Gigabit Security Router with VPN Single Port Forwarding This is one of the NAPT (Network Address Port Translation) feature. Use the Single Port Forwarding screen when you want to open specific services (that use single port). This allows users on the Internet to access this server by using the WAN port address and the matched external port number.

  • Page 63: Figure 6-38: Port Range Forwarding

    Wireless-N Gigabit Security Router with VPN Port Range Forwarding This is one of the NAPT (Network Address Port Translation) features. The Port Range Forwarding screen allows you to set up public services on your network, such as web servers, ftp servers, e-mail servers, or other specialized Internet applications that use one or multiple port numbers (e.g.

  • Page 64: Figure 6-39: Port Range Triggering

    This is one of the NAPT (Network Address Port Translation) feature. Port Range Triggering is used for special applications that can request a port to be opened on demand. For this feature, the Wireless Router will watch outgoing packets for specific port numbers. This will trigger the Wireless Router to allow the incoming packets within the specified forwarding range and forward those packets to the triggering PC.

  • Page 65: Figure 6-40: Firewall - Services

    Wireless-N Gigabit Security Router with VPN Service This screen allows users to define new service types based on TCP or UDP. The new service will be added to the summary table below. It will also show up in the service drop-down menu under Edit IP ACL Rule screen. Name: Define the new service name.

  • Page 66: Vpn Tab

    VPN Tab IPsec VPN Use this screen to create VPN tunnels between the Router to the remote Router. All Linksys Routers with IPsec VPN support can be used as a remote Router (e.g. RVS4000, WRV54G, RV042). The Router supports VPN tunnels using IPsec (IP Security) technologies.
  • Page 67 Wireless-N Gigabit Security Router with VPN Remote Security Gateway. Select the remote gateway WAN port IP Address that can use this VPN tunnel. This may be a Single IP address or Any addresses. If is set, the Router acts as responder and accepts request from any remote Gateway.

  • Page 68: Figure 6-43: View Vpn Tunnel Log

    Wireless-N Gigabit Security Router with VPN Manual Encryption Algorithm. The Encryption method determines the complexity to encrypt/decrypt data packets. Only 3DES is supported. Notice that both sides must use the same Encryption method. Encryption Key. This field specifies a key used to encrypt and decrypt data packets. Both characters and hexadecimal values are acceptable in this field.

  • Page 69: Figure 6-44: Ipsec Vpn Advanced Settings

    Wireless-N Gigabit Security Router with VPN Advanced Settings button. If the Key Exchange Method is Auto (IKE), this button provides access to some additional settings relating to IKE. Use this if the Router is unable to establish a VPN tunnel to the remote VPN Gateway;...
  • Page 70 Wireless-N Gigabit Security Router with VPN degrades performance. While this unit is in seconds, it is common to use periods over an hour (3600 seconds) for the SA Life Time. Change these settings as described here and click Save Settings to apply your changes, or click Cancel Changes to cancel your changes.

  • Page 71: Figure 6-45: Vpn - Vpn Client Accounts

    VPN Client Accounts You can allow remote users to easily establish a VPN connection to your Router using the Linksys QuickVPN client utility without using a compatible VPN Router with IPsec VPN settings. This is achieved by creating user accounts on the Router and authenticate users through Username and Password.

  • Page 72: Figure 6-46: Vpn - Vpn Passthrough

    Wireless-N Gigabit Security Router with VPN VPN Passthrough This screen allows users to use their own VPN algorithms to connect to their remote Routers. The Wireless Router will just pass the traffic through. IPsec Passthrough. Internet Protocol Security (IPsec) is a suite of protocols used to implement secure exchange of packets at the IP layer.

  • Page 73: Qos Tab

    Wireless-N Gigabit Security Router with VPN QoS Tab QoS (Quality of Service) allows you to prioritize network traffic using either Application-based priority (such as Web browsing applications, FTP applications, etc.) or Port-based priority, which allows you to assign priorities to the four physical network ports.

  • Page 74: Figure 6-48: Port-Based

    Wireless-N Gigabit Security Router with VPN Change these settings as described here and click Save Settings to apply your changes, or click Cancel Changes to cancel your changes. Help information is displayed on the right-hand side of the screen, and click More for additional details.

  • Page 75: Administration Tab

    Other accounts are not created by default so you can leave them alone. Make sure to change the first user account username and password when you configure your Wireless Router for the first time.

  • Page 76: Figure 6-50: Administration - Log

    (Firewall, VPN, System, and ACL). You can configure the Wireless Router to send the event log to you through e-mail, upload the log to syslog server, or view the log locally on the Wireless Router.

  • Page 77: Figure 6-52: Administration - Diagnostics

    Wireless-N Gigabit Security Router with VPN Diagnostics Ping Test Parameters Ping Target IP. Enter the IP address or URL that you want to ping. Ping Size. Enter the size of the packet you want to use. Number of Pings. Enter the number of times you wish to ping the target device. Ping Interval.

  • Page 78: Figure 6-54: Trace Route Test Screen

    Wireless-N Gigabit Security Router with VPN Config Management Save Configuration Save Configuration to File button. Click this button to save your Wireless Router’s current configuration to a file on your PC. Enter the file name on the Windows screen that appears. Restore Configuration Select a previously saved configuration file to restore the configuration to the Wireless Router.

  • Page 79: Figure 6-56: Administration - Factory Default

    Click OK to continue. Another screen will appear while the system reboots. Firmware Upgrade To upgrade firmware, download the latest firmware for the product from Linksys.com, extract it to your computer, and perform the steps below: 1. File. Type in the name of the extracted firmware upgrade file or click Browse to locate the file from the file system.

  • Page 80: Ips Tab

    Signature Update. To protect your local network from the latest Internet threats, you are encouraged to upgrade the IPS Signature file bi-weekly. First, you need to download the Signature file from www.linksys.com to your PC. Then you can select this file by clicking the Browse button. Use the Upgrade button to start an upgrade.

  • Page 81: Figure 6-59: Ips - P2P / Im

    Wireless-N Gigabit Security Router with VPN P2P/IM This tab allows the system administrator to set up policies on using P2P or IM software across the Internet. Peer to Peer When users download files from the Internet by Peer to Peer (P2P) software, the WAN port bandwidth will be occupied.

  • Page 82: Figure 6-60: Ips - Report

    Wireless-N Gigabit Security Router with VPN Report This screen provides the network history status, including network traffic and attack counts, through diagram and tables. Report Diagram: Twenty-four hour diagram displays network traffic and attacks. Attacker Displays the IP Address of attackers and the frequency (number of times) of the attacks in a table. Attacked Category Displays the category (type) of attack and the frequency (number of times) of the attacks in a table.

  • Page 83: Figure 6-62: Ips - Information

    Wireless Router that protects against malicious threats. Last Time Upload. This displays when the signature patterns file in the Wireless Router were last updated. Protect Scope. Displays a list of the categories of attacks that the IPS feature in the Router protects against.

  • Page 84: L2 Switch Tab

    VLAN Configuration The Wireless Router supports Port-based VLAN. You can assign each port to one of the four VLANs or VLAN Trunk. The VLAN tags are attached internally inside the switch. No packets will leave the switch with VLAN tags.

  • Page 85: Figure 6-64: L2 Switch - Radius

    RADIUS Secret. Indicates the Key string used for authenticating and encrypting all RADIUS communications between the Wireless Router and the RADIUS server. This key must match the RADIUS server’s configuration. Administration State. Specifies if each port needs RADIUS authentication. The defaults are Force Authorized so no authentication is needed.

  • Page 86: Figure 6-66: L2 Switch - Port Settings

    Wireless-N Gigabit Security Router with VPN Port Settings Port. Specifies the number of the four LAN ports. Link. Displays the port duplex mode (Full or Half) and speed (10/100/1000 Mbps). Full indicates that the interface supports transmission between the device and its link partner in both directions simultaneously. Half indicates that the interface supports transmission between the device and the client in only one direction at a time.

  • Page 87: Figure 6-67: L2 Switch - Cable Diagnostics

    Wireless-N Gigabit Security Router with VPN Cable Diagnostics This screen provides a utility to help troubleshoot ethernet-cable-related connectivity issues. Port. Select the port number, then click the Apply button and the diagnostics will start. Pair. Each cable consists of eight pins (four pairs). Cable Length.

  • Page 88: Status Tab

    Performance, VPN client connections, and IPsec VPN connections. WAN / Gateway This screen provides some basic information on the Wireless Router (e.g. firmware version, time) and WAN port MAC/IP address and connection status. Firmware Version. Displays the current firmware version.

  • Page 89: Figure 6-69: Status - Lan

    DHCP Client Table button. Click this button to open the DHCP Client Table screen, which shows you which PCs have been assigned an IP address from the Wireless Router’s DHCP server. You will see a list of DHCP clients (PCs and other network devices) with the following information: Client Host Name, IP Address, MAC Address, and the length of time (in second) before its assigned IP address expires.

  • Page 90: Figure 6-72: Status - Wireless Lan

    Wireless-N Gigabit Security Router with VPN Wireless LAN This screen provides some basic information on the Wireless LAN of this Wireless Router. MAC Address. Displays the MAC address on the Wireless LAN interface. Network Mode. Displays the Wireless network operating mode (e.g. B/G/N-Mixed).

  • Page 91: Figure 6-73: Status - System Performance

    Wireless-N Gigabit Security Router with VPN System Performance This screen provides data packet statistics on the LAN switch and Wireless LAN of the Router. All LAN Ports / WLAN The All LAN Ports column shows the aggregate traffic statistics from all four LAN ports. Packets Received.

  • Page 92: Figure 6-74: Status - Vpn Clients

    VPN Clients This screen displays the VPN Clients’ connection status. VPN Clients are configured under VPN->VPN Client Accounts and provide users that are running Linksys QuickVPN to establish a IPsec connection with a remote Wireless Router. Username. Displays the username of the VPN Client.

  • Page 93: Appendix A: Troubleshooting

    Appendix A: Troubleshooting This appendix provides solutions to problems that may occur during the installation and operation of the Router. Read the descriptions below to help solve your problems. If you can't find an answer here, check the Linksys website at www.linksys.com.
  • Page 94 Wireless-N Gigabit Security Router with VPN For Windows 2000: A. Click Start, Settings, and Control Panel. Double-click Network and Dial-Up Connections. B. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option. C.
  • Page 95 Wireless-N Gigabit Security Router with VPN 2. I want to test my Internet connection. A. Check your TCP/IP settings. For Windows 98 and Millennium: Refer to Windows Help for details. Make sure Obtain IP address automatically is selected in the settings. For Windows 2000: 1.
  • Page 96 E. In the command prompt, type ping www.linksys.com and press the Enter key. • If you get a reply, the computer is connected to the Internet. If you cannot open a webpage, try the ping command from a different computer to verify that your original computer is not the cause of the problem.
  • Page 97 Refer to “Problem #7, I need to set up online game hosting or use other Internet applications” for details. Check the Linksys website at www.linksys.com for more information. 6. I need to set up a server behind my Router.
  • Page 98 Wireless-N Gigabit Security Router with VPN documentation provided with the server you installed. Follow these steps to set up port forwarding through the Router’s Web-based Utility. We will be setting up web, ftp, and mail servers. A. Access the Router’s Web-based Utility by going to http://192.168.1.1 or the IP address of the Router. Go to the Firewall =>...
  • Page 99 Wireless-N Gigabit Security Router with VPN “Appendix E: Finding the MAC Address and IP Address for Your Ethernet Adapter” for details on getting an IP address. Then check the Enable checkbox for the entry. Consider the examples below: Application Start and End 7777 to 27900 Halflife 27015 to 27015...
  • Page 100 12. I need to upgrade the firmware. In order to upgrade the firmware with the latest features, you need to go to the Linksys website and download the latest firmware at www.linksys.com. Follow these steps: Appendix A: Troubleshooting...
  • Page 101 The upgrade could have failed for a number of reasons. Follow these steps to upgrade the firmware: A. Use the Linksys TFTP program to upgrade the firmware. Go to the Linksys website at http://www.linksys.com and download the TFTP program, which will be listed with the firmware.
  • Page 102 Wireless-N Gigabit Security Router with VPN 15. I can't access my email, web, or VPN, or I am getting corrupted data from the Internet. The Maximum Transmission Unit (MTU) setting may need to be adjusted. By default, the MTU is set at 1500. For most DSL users, it is strongly recommended to use MTU 1492.

  • Page 103: Frequently Asked Questions

    Wireless-N Gigabit Security Router with VPN • If the PCs are configured correctly, but still not working, check the Router. Ensure that it is connected and powered on. Connect to it and check its settings. (If you cannot connect to it, check the LAN and power connections.) •...
  • Page 104 ISP. Does the Router support any operating system other than Windows 98, Millennium, 2000, or XP? Yes, but Linksys does not, at this time, provide technical support for setup, configuration or troubleshooting of any non-Windows operating systems.
  • Page 105 Reset the Router by holding down the Reset button for ten seconds. Reset your cable or DSL modem by powering the unit off and then on. Obtain and flash the latest firmware release that is readily available on the Linksys website, www.linksys.com.
  • Page 106 Under the Firewall => Single Port Forwarding tab, set port forwarding to 113 for the PC on which you are using mIRC. If your questions are not addressed here, refer to the Linksys website, www.linksys.com. Appendix A: Troubleshooting Frequently Asked Questions...

  • Page 107: Appendix B: Using The Linksys Quickvpn Software For Windows 2000 Or Xp

    Windows 2000 or XP Overview The Linksys Wireless-N Gigabit Security Router with VPN offers a free QuickVPN software program for computers running Windows 2000 or XP. (Computers running other operating systems will have to use a third-party VPN software program.) This guide describes how to install and use the Linksys QuickVPN software.

  • Page 108: Installing The Linksys Quickvpn Software

    6. Save the zip file to your PC, and extract the .exe file. 7. Double-click the .exe file, and follow the on-screen instructions. Then proceed to the next section, “Using the Linksys QuickVPN Software.” Appendix B: Using the Linksys QuickVPN Software for Windows 2000 or XP Installing the Linksys QuickVPN Software...

  • Page 109: Using The Linksys Quickvpn Software

    NOTE: You can change your password only if you have been granted that privilege by your system administrator. 1. Double-click the Linksys QuickVPN software icon on your desktop or in the system tray. 2. The login screen will appear. Enter a name for your profile.

  • Page 110: Figure B-8: Quickvpn Software - Status

    Click the OK button to save your new password. Click the Cancel button to cancel your change. For information, click the Help button. Appendix B: Using the Linksys QuickVPN Software for Windows 2000 or XP Using the Linksys QuickVPN Software...

  • Page 111: Appendix C: Configuring A Gateway-To-Gateway Ipsec Tunnel

    Wireless-N Gigabit Security Router with VPN Appendix C: Configuring a Gateway-to-Gateway IPSec Tunnel Overview This appendix explains how to configure an IPSec VPN tunnel between two VPN Routers by example. Two PCs are used to test the liveliness of the tunnel. You can think of the VPN Router1, Internet, VPN Router2 as a big virtual router that connects PC1 on LAN1 and PC2 on LAN2.

  • Page 112: Configuring The Vpn Settings For The Vpn Routers

    Wireless-N Gigabit Security Router with VPN Configuring the VPN Settings for the VPN Routers Configuring VPN Router 1 Follow these instructions for the first VPN Router, designated VPN Router 1. The other VPN Router is designated VPN Router 2. 1. Launch the web browser for a networked PC, designated PC 1. 2.
  • Page 113 Wireless-N Gigabit Security Router with VPN Configuring VPN Router 2 Follow similar instructions for VPN Router 2. 1. Launch the web browser for a networked PC, designated PC 2. 2. Enter the VPN Router’s local IP address in the Address field (default is 192.168.1.1). Then press Enter. 3.

  • Page 114: Configuring The Key Management Settings

    Wireless-N Gigabit Security Router with VPN Configuring the Key Management Settings Configuring VPN Router 1 Following these instructions for VPN Router 1. 1. On the IPSec VPN screen, select 3DES from the Encryption drop-down menu. 2. Select MD5 from the Authentication drop-down menu. 3.

  • Page 115: Configuring Pc 1 And Pc 2

    Wireless-N Gigabit Security Router with VPN Configuring VPN Router 2 For VPN Router 2, follow the same instructions in the previous section, “Configuring VPN Router 1.” Configuring PC 1 and PC 2 1. Set PC 1 and PC 2 to be DHCP clients (refer to Windows Help for more information). 2.

  • Page 116: Appendix D: Finding The Mac Address And Ip Address For Your Ethernet Adapter

    Wireless-N Gigabit Security Router with VPN Appendix D: Finding the MAC Address and IP Address for Your Ethernet Adapter This section describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC address cloning feature of the Router. You can also find the IP address of your computer’s Ethernet adapter. This IP address is used for the Router’s filtering, forwarding, and/or DMZ features.

  • Page 117: For The Router's Web-Based Utility

    Wireless-N Gigabit Security Router with VPN 3. Write down the Physical Address as shown on your computer screen (Figure D-3); it is the MAC address for your Ethernet adapter. This appears as a series of numbers and letters. The MAC address/Physical Address is what you will use for MAC address cloning or MAC filtering. NOTE: The MAC address is also called the Physical Address.

  • Page 118: Appendix E: Glossary

    Wireless-N Gigabit Security Router with VPN Appendix E: Glossary Adapter - A device that adds network functionality to your PC. AES (Advanced Encryption Standard) - A security method that uses symmetric 128-bit block data encryption. Backbone - The part of a network that connects most of the systems and networks together, and handles the most data.
  • Page 119 Wireless-N Gigabit Security Router with VPN DDNS (Dynamic Domain Name System) - Allows the hosting of a website, FTP server, or e-mail server with a fixed domain name (e.g., www.xyz.com) and a dynamic IP address. Default Gateway - A device that forwards Internet traffic from your local area network. DHCP (Dynamic Host Configuration Protocol) - A networking protocol that allows administrators to assign temporary IP addresses to network computers by “leasing”...
  • Page 120 Wireless-N Gigabit Security Router with VPN Firmware - The programming code that runs a networking device. Fragmentation -Breaking a packet into smaller units when transmitting over a network medium that cannot support the original size of the packet. FTP (File Transfer Protocol) - A protocol used to transfer files over a TCP/IP network. Full Duplex - The ability of a networking device to receive and transmit data simultaneously.
  • Page 121 Wireless-N Gigabit Security Router with VPN Multicasting - Sending data to a group of destinations at once. NAT (Network Address Translation) - NAT technology translates IP addresses of a local area network to a different IP address for the Internet. Network - A series of computers or devices connected for the purpose of data sharing, storage, and/or transmission between users.
  • Page 122 Wireless-N Gigabit Security Router with VPN Software - Instructions for the computer. A series of instructions that performs a particular task is called a “program”. SOHO (Small Office/Home Office) - Market segment of professionals who work at home or in small offices. SPI (Stateful Packet Inspection) Firewall - A technology that inspects incoming packets of information before allowing them to enter the network.
  • Page 123 Wireless-N Gigabit Security Router with VPN VPN (Virtual Private Network) - A security measure to protect data as it leaves one network and goes to another over the Internet. WAN (Wide Area Network)- The Internet. WINIPCFG - A Windows 98 and Me utility that displays the IP address for a particular networking device. Appendix E: Glossary...

  • Page 124: Appendix F: Specifications

    Wireless-N Gigabit Security Router with VPN Appendix F: Specifications Model WRVS4400N Standards IEEE802.11n draft, 802.11g, 802.11b, 802.3u, 802.1X Ports 10/100/1000 Base-T Ethernet, 12VDC Power Buttons Reset Cabling Type UTP CAT 5 LEDs Power, Diag, IPS (Blinks RED - Internal attack,...
  • Page 125 Wireless-N Gigabit Security Router with VPN Event Logging Event Logging: Local, Syslog, E-mail Alerts Web F/W upgrade Firmware Upgradable Through Web-Browser Diagnostics DIAG LED for Flash and RAM failure; Ping Test for network diagnostics Security 5 QuickVPN Tunnels for remote client access 5 IPSec Gateway-to-Gateway Tunnels for branch office connectivity 3DES Encryption MD5/SHA1 Authentication...
  • Page 126 Wireless-N Gigabit Security Router with VPN Queues 4 queues Network VLAN Support Port-based VLAN DHCP DHCP Server, DHCP Client, DHCP Relay Agent DNS Relay, Dynamic DNS (DynDNS, TZO) Any host IP address on LAN side Routing Static and RIP v1,v2 Environmental Device Dimensions 7.8 x 5.16 x 7.8 inches...

  • Page 127: Appendix G: Warranty Information

    Your exclusive remedy and Linksys' entire liability under this warranty will be for Linksys at its option to repair or replace the Product or refund Your purchase price less any rebates.

  • Page 128: Appendix H: Regulatory Information

    Wireless-N Gigabit Security Router with VPN Appendix H: Regulatory Information FCC Statement This product has been tested and complies with the specifications for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
  • Page 129 User Information for Consumer Products Covered by EU Directive 2002/96/EC on Waste Electric and Electronic Equipment (WEEE) This document contains important information for users with regards to the proper disposal and recycling of Linksys products. Consumers are required to comply with this notice for all electronic products bearing the following symbol:...
  • Page 130 Wireless-N Gigabit Security Router with VPN Appendix H: Regulatory Information...
  • Page 131 Wireless-N Gigabit Security Router with VPN Appendix H: Regulatory Information...
  • Page 132 Wireless-N Gigabit Security Router with VPN Appendix H: Regulatory Information...
  • Page 133 Wireless-N Gigabit Security Router with VPN For more information, visit www.linksys.com. Appendix H: Regulatory Information...

  • Page 134: Appendix I: Contact Information

    Can't find information about a product you want to buy on the web? Do you want to know more about networking with Linksys products? Give our advice line a call at: Or fax your request in to: If you experience problems with any Linksys product,...

Table of Contents