Linksys BEFSX41 User Manual
  1. Manuals
  2. Brands
  3. Linksys Manuals
  4. Network Router
  5. BEFSX41 - Instant Broadband EtherFast Cable/DSL Firewall...
  6. User manual

Linksys BEFSX41 User Manual

Broadband firewall router with 4-port switch/vpn endpoint
Hide thumbs Also See for BEFSX41:
Table of Contents

Advertisement

Quick Links

See also: Product Data
A Division of Cisco Systems, Inc.
Broadband Firewall Router
with 4-Port Switch/VPN
Endpoint
WIRED
BEFSX41
Model No.
®

User Guide

Advertisement

Table of Contents
loading

Related Manuals for Linksys BEFSX41

Summary of Contents for Linksys BEFSX41

  • Page 1: User Guide

    ® A Division of Cisco Systems, Inc. Broadband Firewall Router with 4-Port Switch/VPN User Guide Endpoint WIRED BEFSX41 Model No.
  • Page 2 Broadband Firewall Router with 4-Port Switch/VPN Endpoint Copyright and Trademarks Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2004 Cisco Systems, Inc. All rights reserved.

  • Page 3: Table Of Contents

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Table of Contents Chapter 1: Introduction Welcome What’s in this Guide? Chapter 2: Your Virtual Private Network (VPN) Why do I need a VPN? What is a Virtual Private Network? Computer (using VPN client software that supports IPSec) to VPN Router Chapter 3: Getting to Know the Router The Back Panel The Front Panel...
  • Page 4 Broadband Firewall Router with 4-Port Switch/VPN Endpoint Windows 98 or Me Instructions Windows 2000 or XP Instructions For the Router’s Web-based Utility Appendix D: Windows Help Appendix E: Maximizing VPN Security Appendix F: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway Introduction Environment...
  • Page 5 Broadband Firewall Router with 4-Port Switch/VPN Endpoint List of Figures Figure 2-1: VPN Router to VPN Router Figure 2-2: Computer to VPN Router Figure 3-1: Back Panel Figure 3-2: Front Panel Figure 4-1: Example of a Typical Network Figure 4-2: Connect a PC Figure 4-3: Connect the Internet Figure 4-4: Connect the Power Figure 5-1: The Router’s IP Address...
  • Page 6 Broadband Firewall Router with 4-Port Switch/VPN Endpoint Figure 5-21: Remote Security Gateway Figure 5-22: Key Management Figure 5-23: Advanced VPN Tunnel Setup Figure 5-24: Restrict Access Tab Figure 5-25: Summary Figure 5-26: List of PCs Figure 5-27: Port Services Figure 5-28: Applications & Gaming Tab - Port Range Figure 5-29: Applications &...
  • Page 7 Broadband Firewall Router with 4-Port Switch/VPN Endpoint Figure F-5: Filters Properties Figure F-6: New Rule Properties Figure F-7: IP Filter List Figure F-8: Filters Properties Figure F-9: New Rule Properties Figure F-10: IP Filter List Tab Figure F-11: Filter Acton Tab Figure F-12: Security Methods Tab Figure F-13: Authentication Methods Figure F-14: Preshared Key...

  • Page 8: Chapter 1: Introduction

    At the core of this Router, is a standard, Linksys Router, providing you the ability to share your broadband, Internet access within your network. This also comes with the protection of a firewall and the easy setup and broadband: an always-on, fast Internet connection configuration you’ve come to expect from a Linksys Router.

  • Page 9: What's In This Guide

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint What’s in this Guide? This user guide covers everything you’ll need to know about the Router. In addition to giving directions in the Chapters about how to set it up and use it, several Appendices are provided for further information. •...
  • Page 10 • Appendix K: Regulatory Information This appendix supplies the regulatory information regarding the Router. • Appendix L: Contact Information This appendix provides contact information for a variety of Linksys resources, including Technical Support. Chapter 1: Introduction What’s in this Guide?

  • Page 11: Chapter 2: Your Virtual Private Network (Vpn)

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Chapter 2: Your Virtual Private Network (VPN) Why do I need a VPN? VPN (Virtual Private Network): a security Computer networking provides a flexibility not available when using an archaic, paper-based system. With this measure to protect data as it leaves one flexibility, however, comes an increased risk in security.

  • Page 12: What Is A Virtual Private Network

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint data to a new destination. Even though the data is not received by its intended recipient, it appears that way to the person sending the data. These are only a few of the methods hackers use and they are always developing more. Without the security of your VPN, your data is constantly open to such attacks as it travels over the Internet.

  • Page 13: Computer (Using Vpn Client Software That Supports Ipsec) To Vpn Router

    For additional information and instructions about creating your own VPN, please visit Linksys’s website at www.linksys.com or refer to “Appendix F: Configuring IPSec between a Windows 2000 or XP PC and the VPN Router.”...

  • Page 14: Chapter 3: Getting To Know The Router

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Chapter 3: Getting to Know the Router The Back Panel The Router’s ports and the Reset button are located on the back panel of the Router. Figure 3-1: Back Panel Internet This Internet port connects to your cable or DSL modem. port: the connection point on a computer or networking device used for plugging in cables These four Ethernet ports connect to network devices, such as PCs, print servers, or...

  • Page 15: The Front Panel

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint The Front Panel The Router’s LEDs, which inform you about network activities, are located on the front panel. Figure 3-2: Front Panel Power Green. The Power LED lights up when the Router is powered on. If the LED is flashing, the Router is running a diagnostic test.

  • Page 16: Chapter 4: Connecting The Router

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Chapter 4: Connecting the Router Overview To set up your network, do the following: • Connect the Router to one of your PCs. IP Address: the address used to identify a • If necessary, configure your PCs to obtain an IP address automatically from the Router. (By default, Windows computer or device on a network 98, 2000, Millennium, and XP computers are set to obtain an IP address automatically, so unless you have changed the default setting, then you will not need to configure your PCs.)

  • Page 17: Connection Instructions

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Connection Instructions 1. Before you begin, make sure that all of your hardware is powered off, including the Router, PCs, hubs, switches, and cable or DSL modem. 2. Connect one end of an Ethernet network cable to one of the numbered ports on the back of the Router. Connect the other end to an Ethernet port on a network device, e.g., a PC, print server, hub, or switch.

  • Page 18: Chapter 5: Using The Router's Web-Based Utility

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Chapter 5: Using The Router’s Web-based Utility Overview For your convenience, you can use the Router’s Web-based Utility to administer the Router. This chapter will explain all of the functions in this Utility. The Utility can be accessed via Microsoft Internet Explorer or Netscape Navigator through the use of a computer connected with an Ethernet cable to the Router.
  • Page 19 Broadband Firewall Router with 4-Port Switch/VPN Endpoint • VPN. To enable and setup VPN Passthrough and configure up to two VPN tunnels, use this screen. Access Restrictions • Internet Access. From this screen, you will be able to manage Internet access, blocking websites, from your network.

  • Page 20: Accessing The Utility

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Accessing the Utility To access the Web-based Utility of the Router, launch Internet Explorer or Netscape Navigator, and enter the Router’s default IP address, 192.168.1.1, in the Address field. Press the Enter key. Figure 5-1: The Router’s IP Address A screen will appear asking you for your User name and password.

  • Page 21: Figure 5-4: Dhcp Connection Type

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Connection Type: Obtain an IP automatically - DHCP By default, the Router’s Internet Connection Type is set to Obtain an IP automatically and it should be used only if your ISP supports DHCP. Host Name/Domain Name.

  • Page 22: Figure 5-6: Pppoe Connection Type

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Connection Type: PPPoE NOTE: For DSL users, if you need to enable PPPoE support, remember to remove any PPPoE applications that are installed on your PCs. Some DSL-based ISPs use PPPoE (Point-to-Point Protocol over Ethernet) to establish Internet connections for end-users.

  • Page 23: Figure 5-7: Ras Connection Type

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Connection Type: RAS (for SingTel) Remote Access Service (RAS) is a service that applies to connections in Singapore only. For users in Singapore, check with Singtel for information on RAS. User Name and Password. Enter the User Name and Password supplied by Singtel. RAS Plan.

  • Page 24: Figure 5-8: Pptp Connection Type

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Connection Type: PPTP Point to Point Tunneling Protocol (PPTP) is a service that applies to connections in Europe and Israel only. IP Address. This is the IP address that the Router has, when seen from the Internet. Your ISP will provide you with the IP Address you need to specify here.

  • Page 25: Figure 5-9: Heart Beat Signal Connection Type

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Connection Type: Heart Beat Signal Heart Beat Signal is a service used in Australia only. If you are using a Heart Beat Signal connection, check with your ISP for the necessary setup information. User Name and Password.

  • Page 26: Figure 5-10: L2Tp Connection Type

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Connection Type: L2TP Use L2TP as a service only if requested by your ISP. Server IP Address. This is the IP address that the Router has, when seen from the Internet. Your ISP will provide you with the IP Address you need to specify here.

  • Page 27: Figure 5-11: Network Setup

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Network Setup Router IP The values for the Router’s Local IP Address and Subnet Mask are shown here. In most cases, keeping the default values will work. Local IP Address. The default value is 192.168.1.1. Subnet Mask.

  • Page 28: Figure 5-12: Setup Tab - Dyndns.org

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint DDNS The Router offers a Dynamic Domain Name System (DDNS) feature. DDNS lets you assign a fixed host and domain name to a dynamic Internet IP address. It is useful when you are hosting your own website, FTP server, or other server behind the Router.

  • Page 29: Figure 5-14: Setup Tab - Mac Address Clone

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint MAC Address Clone The Router’s MAC address is a 12-digit code assigned to a unique piece of hardware for identification, like a social security number. If your ISP requires MAC address registration, find your adapter’s MAC address by following the instructions in “Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter.”...

  • Page 30: Figure 5-15: Setup Tab - Advanced Routing

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Advanced Routing The Advanced Routing screen allows you to configure the Network Address Translation (NAT), dynamic routing, and static routing settings. Dynamic Routing NAT. NAT is a security feature that is enabled by default. It enables the Router to translate IP addresses of your local area network to a different IP address for the Internet.

  • Page 31: Figure 5-16: The Routing Table

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Subnet Mask. The Subnet Mask (also known as the Network Mask) determines which portion of an IP address is the network portion, and which portion is the host portion. Take, for example, a network in which the Subnet Mask is 255.255.255.0.

  • Page 32: The Security Tab

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint The Security Tab The Security tab is the second tab listed atop the Web-based Utility. This tab is divided into two screens: Firewall and VPN. Each of these screens is described in detail below. Firewall When you click Security, you will see the Firewall screen.

  • Page 33: Figure 5-18: Security Tab - Vpn

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Filter Multicast. Multicasting allows for multiple transmissions to specific recipients at the same time. If multicasting is permitted, then the Router will allow IP multicast packets to be forwarded to the appropriate computers. Select Enabled to filter multicasting, or Disabled to disable this feature. Filter Internet NAT Redirection.

  • Page 34: Figure 5-19: Vpn Tunnel

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint The Router creates a tunnel or channel between two endpoints, so that the data or information between these endpoints is secure. To establish this tunnel, select the tunnel you wish to create in the Select Tunnel Entry drop-down box.

  • Page 35: Figure 5-21: Remote Security Gateway

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint IP Address. If you select IP Address, enter the IP Address of the VPN device at the other end of the tunnel. The remote VPN device can be another VPN Router, a VPN Server, or a computer with VPN client software that supports IPSec.

  • Page 36: Figure 5-23: Advanced Vpn Tunnel Setup

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint you may optionally select to have the key expire at the end of a time period of your choosing. Enter the number of seconds you’d like the key to be useful, or leave it blank for the key to last indefinitely. Manual Key Management.
  • Page 37 Broadband Firewall Router with 4-Port Switch/VPN Endpoint Encryption. Select the length of the key used to encrypt/decrypt ESP packets. There are two choices: DES and 3DES. 3DES is recommended because it is more secure. Authentication. Select the method used to authenticate ESP packets. There are two choices: MD5 and SHA. SHA is recommended because it is more secure.

  • Page 38: The Restrict Access Tab

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint The Restrict Access Tab The Access Restrictions tab allows you to block or allow network access as well as manage specific kinds of Internet usage. Internet Access Internet Access Policy. Access is managed by a policy. An access policy is established with the settings on this screen (after Save Settings is clicked).

  • Page 39: Figure 5-26: List Of Pcs

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint 2. If you wish to deny or allow Internet access for those PCs you listed on the List of PCs screen, click the option. 3. You can filter access to various services accessed over the Internet, such as FTP or Telnet, by selecting a service from the drop-down menus next to Blocked Services.

  • Page 40: The Applications & Gaming Tab

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint The Applications & Gaming Tab The Applications & Gaming tab allows you to manage ports that are used for various applications and gaming over the Internet. Port Range Forwarding When you click the Applications & Gaming tab, you will see the Port Range Forwarding screen. Port Range Forwarding sets up public services on your network, such as web servers, ftp servers, e-mail servers, or other specialized Internet applications.

  • Page 41: Port Triggering

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Port Triggering The Port Triggering screen allows the Router to watch outgoing data for specific port numbers. The IP address of the computer that sends the matching data is remembered by the Router, so that when the requested data returns through the Router, the data is pulled back to the proper computer by way of IP address and port mapping rules.

  • Page 42: Upnp Forwarding

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint UPnP Forwarding The UPnP Forwarding screen displays preset application settings as well as options to customize port services for other applications. UPnP Forwarding Application. This provides ten preset applications. You can specify up to five additional applications in the available fields.
  • Page 43 Broadband Firewall Router with 4-Port Switch/VPN Endpoint NNTP (Network News Transfer Protocol). The protocol used to connect to Usenet groups on the Internet. NNTP (Network News Transfer Protocol): The protocol Usenet newsreaders support the NNTP protocol. used to connect to Usenet groups on the Internet SNMP (Simple Network Management Protocol).

  • Page 44: Dmz

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint From the DMZ Host tab you can set Port 4/DMZ to DMZ or Ethernet connection. Any user on the Internet can access incoming or outgoing data from the DMZ host without the use of firewall protection. This feature is used for special-purpose services such as Internet gaming and videoconferencing.

  • Page 45: The Administration Tab

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint The Administration Tab Management When you click the Administration tab, you will see the Management screen. This screen allows you to change the Router’s access settings as well as configure the UPnP (Universal Plug and Play) features. Router Password Local Router Access To ensure the Router’s security, you will be asked for your password when you access the Router’s Web-...

  • Page 46: Figure 5-33: Administration Tab - Log

    Logviewer IP Address. For a permanent record of these logs, Logviewer software must be used. This software is downloadable from the Linksys website, www.linksys.com. The Logviewer saves all incoming and outgoing activity in a permanent file on your PC’s hard drive. In the Logviewer IP Address field, enter the fixed IP address of the PC running the Logviewer software.

  • Page 47: Figure 5-35: Administration Tab - Diagnostics

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Diagnostics Diagnostics allow you to check the connections of your network components as well as locations outside your network via the Internet. Ping Target IP. This is the IP Address of the PC or network component, or location outside of your network, that you wish to test.

  • Page 48: Figure 5-36: Administration Tab - Factory Defaults

    Firmware Upgrade The Firmware Upgrade screen allows you to upgrade the Router’s firmware. Before upgrading the firmware, download the Router’s firmware upgrade file from the Linksys website, www.linksys.com. Then extract the file. File Path. In the field provided, enter the name of the extracted firmware upgrade file, or click the Browse button to find this file.

  • Page 49: The Status Tab

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint The Status Tab When you click the Status tab, you will see the Router screen. It displays information about the Router and its settings. Router Information Firmware Version. This displays the Router’s firmware number. MAC Address.

  • Page 50: Figure 5-39: Status Tab - Local Network

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Local Network The Local Network screen displays information about the local network. Local MAC Address. The MAC Address of the Router’s LAN (local area network) interface is displayed here. IP Address. The Router’s local IP Address is shown here. Subnet Mask.

  • Page 51: Appendix A: Troubleshooting

    Provided are possible solutions to problems regarding the installation and operation of the Router. If your situation is described here, the problem should be solved by applying the corresponding solution. If you can’t find an answer here, check the Linksys website at www.linksys.com. Common Problems and Solutions 1.
  • Page 52 Broadband Firewall Router with 4-Port Switch/VPN Endpoint For Windows 2000: A. Click Start, Settings, and open the Control Panel. Double-click Network and Dial-Up Connections. B. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option.
  • Page 53 Broadband Firewall Router with 4-Port Switch/VPN Endpoint 2. I want to test my Internet connection. A. Check your TCP/IP settings. If you do not know how to do this, refer to Appendix D: Windows Help. B. Open a command prompt. •...
  • Page 54 Refer to “Problem #7, I need to set up online game hosting or use other Internet applications” for details. Check the Linksys website for more information at www.linksys.com. 6. I need to set up a server behind my Router.
  • Page 55 Broadband Firewall Router with 4-Port Switch/VPN Endpoint A. Access the Router’s Web-based Utility by going to http://192.168.1.1 or the IP address of the Router. Go to the Applications & Gaming => Port Range Forwarding tab. B. Enter any name you want to use for the Application. C.
  • Page 56 Broadband Firewall Router with 4-Port Switch/VPN Endpoint E. Enter the IP address of the PC or network device that you want the port server to go to. For example, if the web server’s Ethernet adapter IP address is 192.168.1.100, you would enter 100 in the field provided. Check “Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter”...
  • Page 57 Broadband Firewall Router with 4-Port Switch/VPN Endpoint 9. I forgot my password, or the password prompt always appears when saving settings to the Router. Reset the Router to factory default by pressing the Reset button for 30 seconds and then releasing it. If you are still getting prompted for a password when saving settings, then perform the following steps: A.
  • Page 58 Broadband Firewall Router with 4-Port Switch/VPN Endpoint 12. I need to upgrade the firmware. In order to upgrade the firmware with the latest features, you need to go to the Linksys website and download the latest firmware at www.linksys.com. Follow these steps: A.
  • Page 59 Broadband Firewall Router with 4-Port Switch/VPN Endpoint 15. I can't access my email, web, or VPN, or I am getting corrupted data from the Internet. The Maximum Transmission Unit (MTU) setting may need to be adjusted. By default, the MTU is set at 1500. Most DSL users should use MTU 1492.

  • Page 60: Frequently Asked Questions

    MIB (Management Information Base) is a data file that works in tangent with third-party SNMP software in managing the Router. To use MIB files in tangent with third-party SNMP software, follow the instructions that come with the thirty-party SNMP software. MIB data files will be available on the Linksys web site: www.linksys.com.
  • Page 61 ISP. Does the Router support any operating system other than Windows 98, Windows 2000,or Windows XP? Yes, but Linksys does not, at this time, provide technical support for setup, configuration or troubleshooting of any non-Windows operating systems.
  • Page 62 Force your Ethernet adapter to 10Mbps, and turn off the “Auto-negotiate” feature of your Ethernet adapter as a temporary measure. (Please look at the Network Control Panel in your Ethernet adapter’s Advanced Properties tab.) Make sure that your proxy setting is disabled in the browser. Check our website at www.linksys.com for more information.
  • Page 63 How do I get mIRC to work with the Router? Under the Port Range Forwarding tab, set port forwarding to 113 for the PC on which you are using mIRC. If your questions are not addressed here, refer to the Linksys website, www.linksys.com. Appendix A: Troubleshooting...

  • Page 64: Appendix B: Upgrading Firmware

    Router. To upgrade the Router’s firmware, follow these instructions: 1. Download the Router’s firmware upgrade file from the Linksys website, www.linksys.com. 2. Extract the file on your computer. 3. Click the Administration tab and then the Firmware Upgrade tab of the Router’s Web-based Utility.

  • Page 65: Appendix C: Finding The Mac Address And Ip Address For Your Ethernet Adapter

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter This section describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC filtering and/or MAC address cloning feature of the Router.

  • Page 66: Figure C-3: Mac Address/Physical Address

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint 3. Write down the Physical Address as shown on your computer screen; it is the MAC address for your Ethernet adapter. This appears as a series of numbers and letters. The MAC address/Physical Address is what you will use for MAC address cloning or MAC filtering. Note: The MAC address is also called the Physical Address.

  • Page 67: Appendix D: Windows Help

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Appendix D: Windows Help All networking products require Microsoft Windows. Windows is the most used operating system in the world and comes with many features that help make networking easier. These features can be accessed through Windows Help and are described in this appendix.

  • Page 68: Appendix E: Maximizing Vpn Security

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Appendix E: Maximizing VPN Security Just as you maximized your network security with a firewall router, you should also maximize security for your data with the VPN Router. IPSec is compatible with most VPN endpoints and ensures privacy and authentication for data, while authenticating user identification.
  • Page 69 Broadband Firewall Router with 4-Port Switch/VPN Endpoint 4. Maximize encryption and authentication. Use 3DES encryption and SHA authentication whenever possible. 5. Manage your pre-shared keys. Change pre-shared keys regularly. Data transmission over the Internet is a hole in network security that is often overlooked. With VPN maximized, along with the use of a firewall router and wireless security, you can secure your data even when it leaves your network.

  • Page 70: Appendix F: Configuring Ipsec Between A Windows 2000 Or

    ADSL Gateway with 4-Port Switch Appendix F: Configuring IPSec between a Windows 2000 or XP Computer and the Router Introduction This document demonstrates how to establish a secure IPSec tunnel using preshared keys to join a private NOTE: Keep a record of any changes you make. network inside the Router and a Windows 2000 or XP computer.

  • Page 71: Figure F-1: Local Security Screen

    ADSL Gateway with 4-Port Switch How to Establish a Secure IPSec Tunnel Step 1: Create an IPSec Policy 1. Click the Start button, select Run, and type secpol.msc in the Open field. The Local Security Setting screen will appear as shown in Figure F-1. Figure F-1: Local Security Screen 2.

  • Page 72: Figure F-4: Ip Filter List

    ADSL Gateway with 4-Port Switch 3. The Filters Properties screen will appear, as shown in Figure F-5. Select the Addressing tab. In the Source address field, select My IP Address. In the Destination address field, select A specific IP Subnet, and fill in the IP Address: 192.168.1.0 and Subnet mask: 255.255.255.0.

  • Page 73: Figure F-7: Ip Filter List

    ADSL Gateway with 4-Port Switch 7. The IP Filter List screen should appear, as shown in Figure F-7. Enter an appropriate name, such as Router- >win for the filter list, and de-select the Use Add Wizard check box. Click the Add button. 8.

  • Page 74: Figure F-10: Ip Filter List Tab

    ADSL Gateway with 4-Port Switch Step 3: Configure Individual Tunnel Rules Tunnel 1: win->Router 1. From the IP Filter List tab, shown in Figure F-10, click the filter list win->Router. 2. Click the Filter Action tab (as in Figure F-11), and click the filter action Require Security radio button. Then, click the Edit button.

  • Page 75: Figure F-13: Authentication Methods

    ADSL Gateway with 4-Port Switch 4. Select the Authentication Methods tab, shown in Figure F-13, and click the Edit button. 5. Change the authentication method to Use this string to protect the key exchange (preshared key), as shown in Figure F-14, and enter the preshared key string, such as XYZ12345. Click the OK button. Figure F-13: Authentication Methods 6.

  • Page 76: Figure F-16: Tunnel Setting Tab

    ADSL Gateway with 4-Port Switch 7. Select the Tunnel Setting tab, shown in Figure F-16, and click The tunnel endpoint is specified by this IP Address radio button. Then, enter the Router’s WAN IP Address. 8. Select the Connection Type tab, as shown in Figure F-17, and click All network connections. Then, click the OK or Close button to finish this rule.

  • Page 77: Figure F-19: Ip Filter List Tab

    ADSL Gateway with 4-Port Switch 10. Go to the IP Filter List tab, and click the filter list Router->win, as shown in Figure F-19. 11. Click the Filter Action tab, and select the filter action Require Security, as shown in Figure F-20. Then, click the Edit button.

  • Page 78: Figure F-22: Preshared Key

    ADSL Gateway with 4-Port Switch 13. Change the authentication method to Use this string to protect the key exchange (preshared key), and enter the preshared key string, such as XYZ12345, as shown in Figure F-22. (This is a sample key string. Yours should be a key that is unique but easy to remember.) Then click the OK button.

  • Page 79: Figure F-25: Connection Type

    ADSL Gateway with 4-Port Switch 16. Click the Connection Type tab, shown in Figure F-25, and select All network connections. Then click the OK or Close button to finish. 17. From the Rules tab, shown in Figure F-26, click the OK or Close button to return to the secpol screen. Figure F-25: Connection Type Step 4: Assign New IPSec Policy In the IP Security Policies on Local Computer window, shown in Figure F-27, right-click the policy named...

  • Page 80: Figure F-28: Vpn Tab

    ADSL Gateway with 4-Port Switch Step 5: Create a Tunnel Through the Web-Based Utility 1. Open your web browser, and enter 192.168.1.1 in the Address field. Press the Enter key. 2. When the User name and Password field appears, enter the default user name and password admin. Press the Enter key.

  • Page 81: Appendix G: Snmp Functions

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Appendix G: SNMP Functions SNMP (Simple Network Management Protocol) is a widely-used network monitoring and control protocol. Data is passed from a SNMP agent, such as the VPN Router, to the workstation console used to oversee the network. The Router then returns information contained in a MIB (Management Information Base), which is a data structure that defines what is obtainable from the device and what can be controlled (turned off, on, etc.).

  • Page 82: Appendix H: Glossary

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Appendix H: Glossary Adapter - A device that adds network functionality to your PC. Bit - A binary digit. Boot - To start a device and cause it to start executing instructions. Bridge - A device that interconnects different networks together. Broadband - An always-on, fast Internet connection.
  • Page 83 Broadband Firewall Router with 4-Port Switch/VPN Endpoint DSL (Digital Subscriber Line) - An always-on broadband connection over traditional phone lines. Dynamic IP Address - A temporary IP address assigned by a DHCP server. Encryption - Encoding data transmitted in a network. Ethernet - IEEE standard network protocol that specifies how data is placed on and retrieved from a common transmission medium.
  • Page 84 Broadband Firewall Router with 4-Port Switch/VPN Endpoint Mbps (MegaBits Per Second) - One million bits per second; a unit of measurement for data transmission. mIRC - An Internet Relay Chat program that runs under Windows. Multicasting - Sending data to a group of destinations at once. NAT (Network Address Translation) - NAT technology translates IP addresses of a local area network to a different IP address for the Internet.
  • Page 85 Broadband Firewall Router with 4-Port Switch/VPN Endpoint Static Routing - Forwarding data in a network via a fixed path. Subnet Mask - An address code that determines the size of the network. Switch - 1. A data switch that connects computing devices to host computers, allowing a large number of devices to share a limited number of ports.

  • Page 86: Appendix I: Specifications

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Appendix I: Specifications Standards: IEEE 802.3, IEEE 802.3u Ports: One 10/100 RJ-45 Internet Port, Four 10/100 RJ-45 Ethernet Ports, One Power Port Buttons Reset Cabling Type: UTP Category 5 or better LEDs Power, DMZ, Ethernet, Internet Dimensions: 7.32"...

  • Page 87: Appendix J: Warranty Information

    Your exclusive remedy and Linksys' entire liability under this warranty will be for Linksys at its option to repair or replace the Product or refund Your purchase price less any rebates.

  • Page 88: Appendix K: Regulatory Information

    Broadband Firewall Router with 4-Port Switch/VPN Endpoint Appendix K: Regulatory Information FCC STATEMENT This product has been tested and complies with the specifications for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.

  • Page 89: Appendix L: Contact Information

    Can't find information about a product you want to buy on the web? Do you want to know more about networking with Linksys products? Give our advice line a call at: 800-546-5797 (LINKSYS) Or fax your request in to:...

Table of Contents