® A Division of Cisco Systems, Inc. 10/100/1000 4-Port VPN Router WIRED Model No.
10/100/1000 4-Port VPN Router Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2005 Cisco Systems, Inc. All rights reserved. Other brands and product names are trademarks or registered trademarks of their respective holders.
10/100/1000 4-Port VPN Router Table of Contents Chapter 1: Introduction 1 Welcome What’s in this Guide? 1 2 Chapter 2: Networking Basics 4 An Introduction to LANs The Use of IP Addresses Why do I need a VPN? What is a VPN? 4 4 5 6 Chapter 3: Getting to Know the Router The Front Panel The Back Panel Chapter 4: Connecting the Router Overview Connection Instructions Chapter 5: Setting Up and Configuring the Router Overview How to Access the Web-based Utility System Summary Tab Setup Tab - Network Se
10/100/1000 4-Port VPN Router System Management Tab - Factory Default System Management Tab - Firmware Upgrade System Management Tab - Restart System Management Tab - Setting Backup Port Management Tab - Port Setup Port Management Tab - Port Status Firewall Tab - General Firewall Tab - Access Rules Firewall Tab - Content Filter VPN Tab - Summary VPN Tab - Gateway to Gateway VPN Tab - Client to Gateway VPN Tab - VPN Pass Through Log Tab - System Log Log Tab - System Statistics Wizard Tab Support Tab Logout
10/100/1000 4-Port VPN Router Appendix J: Regulatory Information Appendix K: Contact Information 90 91
10/100/1000 4-Port VPN Router List of Figures Figure 2-1: VPN Router-to-VPN Router VPN Figure 2-2: Computer-to-VPN Router VPN Figure 3-1: Front Panel Figure 3-2: Back Panel Figure 4-1: Example of a Typical Network Figure 5-1: Router’s IP Address Figure 5-2: Login Screen Figure 5-3: System Summary Figure 5-4: Site Map Figure 5-5: Setup Tab - Network Figure 5-6: WAN Connection Type - Obtain an IP Automatically Figure 5-7: WAN Connection Type - Static IP Figure 5-8: WAN Connection Type - PPPoE Figure 5-9: WAN
10/100/1000 4-Port VPN Router Figure 5-24: System Management Tab - DNS Name Lookup Figure 5-25: System Management Tab - Ping Figure 5-26: System Management Tab - Factory Default Figure 5-27: Are You Sure Figure 5-28: System Management Tab - Firmware Upgrade Figure 5-29: System Management Tab - Restart Figure 5-30: System Management Tab - Setting Backup Figure 5-31: Port Management Tab - Port Setup Figure 5-32: Port Management Tab - Port Status Figure 5-33: Firewall Tab - General Figure 5-34: Firewall Tab -
10/100/1000 4-Port VPN Router Figure 5-54: Basic Setup Wizard - Host and Domain Name Figure 5-55: Basic Setup Wizard - Selecting WAN Connection Types Figure 5-56: Basic Setup Wizard - Save Settings Figure 5-57: Access Rule Wizard - What is Access Rules Figure 5-58: Access Rule Wizard - Select the Action Figure 5-59: Access Rule Wizard - Select the Service Figure 5-60: Access Rule Wizard - Select the Source Figure 5-61: Access Rule Wizard - Select the Destination Figure 5-62: Access Rule Wizard - When it Wo
10/100/1000 4-Port VPN Router Chapter 1: Introduction Bandwidth: the transmission capacity of a given device or network Welcome Thank you for choosing the 10/100/1000 4-Port VPN Router. The Linksys 10/100/1000 4-Port VPN Router is an advanced Internet-sharing network solution for your small business needs. Like any router, it lets multiple computers in your office share an Internet connection.
/100/1000 4-Port VPN Router What’s in this Guide? This user guide covers the steps for setting up and using the 10/100/1000 4-Port VPN Router. • Chapter 1: Introduction This chapter describes the 10/100/1000 4-Port VPN Router and this User Guide. • Chapter 2: Networking Basics This chapter describes the basics of networking. • Chapter 3: Getting to Know the 10/100/1000 4-Port VPN Router This chapter describes the physical features of the Router.
10/100/1000 4-Port VPN Router • Appendix H: Specifications This appendix provides the Router’s technical specifications. • Appendix I: Warranty Information This appendix supplies the Router’s warranty information. • Appendix J: Regulatory Information This appendix supplies the Router’s regulatory information. • Appendix K: Contact Information This appendix provides contact information for a variety of Linksys resources, including Technical Support.
10/100/1000 4-Port VPN Router Chapter 2: Networking Basics An Introduction to LANs A Router is a network device that connects two networks together. The Router connects your local area network (LAN), or the group of PCs in your home or office, to the Internet. The Router processes and regulates the data that travels between these two networks. The Router’s Network Address Translation (NAT) technology protects your network of PCs so users on the Internet cannot “see” your PCs.
10/100/1000 4-Port VPN Router A DHCP server can either be a designated PC on the network or another network device, such as the Router. By default, the Router’s Internet Connection Type is Obtain an IP automatically (DHCP). The PC or network device obtaining an IP address is called the DHCP client. DHCP frees you from having to assign IP addresses manually every time a new user is added to your network.
10/100/1000 4-Port VPN Router A hacker can use this information to spoof (or fake) a MAC address allowed on the network. With this spoofed MAC address, the hacker can also intercept information meant for another user. 2) Data Sniffing Data “sniffing” is a method used by hackers to obtain network data as it travels through unsecured networks, such as the Internet.
10/100/1000 4-Port VPN Router •VPN Router to VPN Router •Computer (using VPN client software that supports IPSec) to VPN Router The VPN Router creates a “tunnel” or channel between two endpoints, so that data transmissions between them are secure. A computer with VPN client software that supports IPSec can be one of the two endpoints. Any computer with the built-in IPSec Security Manager (Microsoft 2000 and XP) allows the VPN Router to create a VPN tunnel using IPSec).
10/100/1000 4-Port VPN Router Chapter 3: Getting to Know the Router The Front Panel The Router’s LEDs, ports, and Reset button are located on the front panel of the Router. LAN WAN SFP Figure 3-1: Front Panel Ports 1-4 (Gigabit) These four Gigabit (10/100/1000) ports connect to network devices, such as PCs, print servers, or additional switches. 10/100 (WAN) The 10/100 port connects to a cable or DSL modem.
10/100/1000 4-Port VPN Router 1-4 (Gigabit) Green. The Gigabit LEDs serve two purposes. If an LED is continuously lit, the Router is connected to a device through the corresponding port (1, 2, 3, or 4). If the LED is flashing, the Router is actively sending or receiving data over that port. 10/100 Green. The 10/100 LED lights up when the Router is connected to your cable or DSL modem. SFP Green. The SFP (Small Fiber Pluggable) LED lights up when connected to a 10/100 network.
10/100/1000 4-Port VPN Router Chapter 4: Connecting the Router Overview To set up your network, you will do the following: • Connect the Router to one of your PCs according to the instructions in this chapter. • If necessary, configure your PCs to obtain an IP address automatically from the Router, according to “Appendix F: Windows Help”.
10/100/1000 4-Port VPN Router Connection Instructions Hardware: the physical aspect of computers, telecommunications, and other information technology devices 1. Before you begin, make sure that all of your hardware is powered off, including the Router, PCs, hubs, switches, and cable or DSL modem. 2. Connect one end of an Ethernet network cable to one of the numbered ports on the front of the Router. Connect the other end to an Ethernet port on a network device, e.g., a PC, print server, hub, or switch.
10/100/1000 4-Port VPN Router Chapter 5: Setting Up and Configuring the Router Overview The Router comes with a Web-based Utility that allows for easy set up and configuration. This chapter will explain all of the functions in this Utility. (You can access the web-based utility by accessing 192.168.1.1.) There are eleven main tabs in the Utility: System Summary, Setup, DHCP, System Management, Port Management, Firewall, VPN, Log, Wizard, Support, and Logout.
10/100/1000 4-Port VPN Router • MAC Clone. Some ISPs require that you register a MAC address. From this screen, you can “clone” your network adapter's MAC address onto the Router. This prevents you from having to call your ISP to change the registered MAC address to the Router's MAC address. • DDNS. DDNS (Dynamic DNS) service, on this screen, allows you to assign a fixed domain name to a dynamic Internet IP address. This allows you to host your own Web, FTP or other type of TCP/IP server in your network.
10/100/1000 4-Port VPN Router Firewall Tab • General. From this screen, you can configure the Router’s broadest settings for denying or allowing specific users from accessing the Internet. • Access Rules. Access Rules determine how and when network traffic will be allowed access to the network or to the Internet, determining when traffic is allowed to pass through the firewall. • Content Filter. This screen allows you to filter web access by site, keyword and time. VPN Tab • Summary.
10/100/1000 4-Port VPN Router How to Access the Web-based Utility To access the Router’s Web-based Utility, launch Internet Explorer or Netscape Navigator, and enter the Router’s default IP address, 192.168.1.1, in the Address field. Then, press the Enter key. Figure 5-1: Router’s IP Address A Login screen will appear asking you for your User name and Password. Enter admin in the User name field, and enter admin in the Password field. Then, click the OK button.
10/100/1000 4-Port VPN Router Port Statistics You can check the status of any of the Router’s ports simply by clicking the port number on the port diagram. If the port is disabled, it will be red; if enabled, it will be black. If it is connected, it will be green. This will open up a summary table.
10/100/1000 4-Port VPN Router VPN Setting Status VPN Summary: This hyperlink will take you to the Summary page of the VPN Tab. Tunnel(s) Used: This displays the amount of VPN Tunnels used. Tunnel(s) Available: This displays the amount of VPN Tunnels available. Current Connected (The Group Name of GroupVPN) users: This displays the amount of VPN users connected via GroupVPN. (If GroupVPN is disabled, it will show “No Group VPN was defined.
10/100/1000 4-Port VPN Router Setup Tab - Network The Setup screen contains all of the Router’s basic setup functions. These functions can be set from this screen but normally don’t need to be adjusted, as the Router has been designed to be used in most network settings without changing any of the default values. Some users, however, may need to enter additional information in order to connect to the Internet through an ISP (Internet Service Provider) or broadband (DSL, cable modem) carrier.
10/100/1000 4-Port VPN Router Static IP If you have to specify the WAN IP Address, Subnet Mask, Default Gateway Address, and DNS Server, select Static IP. All of this information can be obtained from your ISP. Figure 5-7: WAN Connection Type - Static IP PPPoE (Point-to-Point Protocol over Ethernet) (most DSL users) Your ISP will let you know whether PPPoE should be enabled or not, which will be determined by if they use this protocol. To enable PPPoE: 1.
10/100/1000 4-Port VPN Router Setup Tab - Password The Router's default User Name and Password is admin. For greater network security, you should change the Router's password from this default. If you leave the password field blank, all users on your network will be able to access the Router simply by entering admin into the password field. Old Password: Enter the old password. NOTE: The password cannot be recovered if it is lost or forgotten.
10/100/1000 4-Port VPN Router Setup Tab - DMZ Host The DMZ (Demilitarized Zone) Host feature opens the firewall for one of your network’s users so they can access the Internet to use a special-purpose service such as Internet gaming or video conferencing. This user, however, is unprotected by the firewall. To open the firewall for one network user to access one website, and visa versa, utilize the One-to-One NAT feature. Enter the DMZ Private IP Address to access the DMZ Host settings.
10/100/1000 4-Port VPN Router Port Range Forwarding 1. Select the Service from the pull-down menu, shown in Figure 5-15. 2. If the Service you need is not listed in the menu, please click the Service Management button to add the new Service Name, and enter the Protocol and Port Range. This will open the Service Management screen. Click the Add to List button. Then, click the Save Setting button. Click the Exit button. 3. Enter the IP Address of the server that you want the Internet users to access.
10/100/1000 4-Port VPN Router Setup Tab - UPnP Page UPnP forwarding can be used to set up public services on your network. Windows XP can modify those entries via UPnP when UPnP function is enabled. UPnP Function: Enable this function by selecting Yes. The default setting for this feature is No. To add a UPnP function: 1. Select the Service from the pull-down menu. 2.
10/100/1000 4-Port VPN Router Setup Tab - MAC Clone Some ISPs require that you register a MAC address. The MAC Clone feature “clones” your network adapter's MAC address onto the Router, and prevents you from having to call your ISP to change the registered MAC address to the Router's MAC address. The Router's MAC address is a 12-digit code assigned to a unique piece of hardware for identification. Enter the MAC Address in the User Defined WAN MAC Address field or select MAC Address from this PC.
10/100/1000 4-Port VPN Router Setup Tab - Advanced Routing Dynamic Routing The Router's dynamic routing feature can be used to automatically adjust to physical changes in the network's layout. The Router uses the dynamic RIP protocol, which is a networking protocol to manage network communications or communications between networks. It determines the route that the network packets take based on the fewest number of hops between the source and the destination.
10/100/1000 4-Port VPN Router Static Routing You will need to configure Static Routing if there are multiple routers connected to your network. The static routing function determines the path data follows over your network. Static routing allows different IP domain users to access the Internet through this device. This is an advanced feature. Please proceed with caution. To set up static routing, you should add routing entries in the Router's table that tell the device where to send all incoming packets.
10/100/1000 4-Port VPN Router DHCP Tab - Setup Setup The Router can be used as a DHCP (Dynamic Host Configuration Protocol) server on your network. A DHCP server assigns available IP addresses to each computer on your network automatically. If you choose to enable the DHCP server option, you must configure all of the PCs on your LAN to connect to a DHCP server. (See Appendix F: Windows Help.) Enable DHCP Server: Check the box to enable the DHCP Server.
10/100/1000 4-Port VPN Router DHCP Tab - Status The DHCP Server Status reports the IP of the DHCP Server, the number of Dynamic IP Addresses and Static IP Addresses Used, DHCP Addresses Available and Total Addresses within the Range set. The Client Table shows the information related to each PC on the network: Client Host Name, IP Address, MAC Address, and Leased Time.
10/100/1000 4-Port VPN Router System Management Tab - Diagnostic The Router has two built-in tools that will help with troubleshooting network problems. DNS Name Lookup The Domain Name Service (DNS) allows to look up websites by entering an easily remembered host name, such as www.RV0041.com, instead of numerical TCP/IP addresses to access Internet resources. The Router has a DNS lookup tool that will return the numerical TCP/IP address of a host name.
10/100/1000 4-Port VPN Router System Management Tab - Factory Default The Factory Default button can be used to clear all of your configuration information and restore the Router to its factory default settings. Only use this feature if you wish to discard all other configuration preferences. Click the Return to Factory Default Setting button if you want to restore the Router to the factory default settings.
10/100/1000 4-Port VPN Router System Management Tab - Restart When restarting the Router, you should use this Restart tool. Restarting with this button will send out a log file before the box is reset. Select the Active Firmware Version or Backup Firmware Version. Click the Restart Router button to restart the Router and, when asked to confirm, click OK.
10/100/1000 4-Port VPN Router Port Management Tab - Port Setup From this screen, you can configure the connection status for the WAN port, such as Priority, Speed, Duplex and Auto Negotiation, as well as Priority and VLAN Group for LAN ports. The Speed and Duplex will always Auto Negotiate on LAN ports. Basic Per Port Config. This screen is divided by the LAN ports and the WAN ports. The port information and modifications are displayed according to the following columns.
10/100/1000 4-Port VPN Router Auto Negotiation: If enabled, the WAN port will be set as auto negotiated, which will automatically manage speed and throughput. Auto-negotiation is not supported with the SFP interface. The speed will be always 100Mbps, and users have to configure the Duplex. Half-Duplex: data transmission that can occur in two directions over a single line, but only one direction at a time.
10/100/1000 4-Port VPN Router Firewall Tab - General From the Firewall Tab, you can configure the Router to deny or allow users from accessing the Internet or even network servers. You can set up different packet filters for different users within your network based on their network Port number or access from the Internet based on their IP addresses. Firewall: The Firewall function is enabled by default. If this function is disabled, SPI, DoS, Block WAN Request will also be disabled.
10/100/1000 4-Port VPN Router Firewall Tab - Access Rules Network Access Rules evaluate the network traffic's Source IP address, Destination IP address, and IP protocol type to decide if the IP traffic is allowed to pass through the firewall. Use extreme caution when creating or deleting Network Access Rules, keeping in mind not to disable all firewall protection or block all access to the Internet.
10/100/1000 4-Port VPN Router Time: This displays the hours (in military time) during which the Rules apply. Day: This displays the day(s) on which the Rule applies. Edit: Clicking the Edit button will open the Add a New Access Rule screen, where you can edit any of your custom rule’s settings. Delete: Clicking the TrashCan icon will delete this Rule. Click the Restore to Default Rules to restore the Network Access Rules to their default settings.
10/100/1000 4-Port VPN Router Editing an Access Rule To Edit an Access Rule, click the Edit button on the Access Rule screen. The Edit screen looks very much like the screen for adding a new Access Rule. Enter your changes and click the Save Settings button to save the Service Management settings or click the Cancel Changes button to undo your changes. When your settings are correct, a screen will let you know that settings are successful. Click the Return button to return to the previous screen.
10/100/1000 4-Port VPN Router VPN Tab - Summary Summary The VPN Summary displays summary information about the VPN (Virtual Private Network), along with the Tunnel Status and GroupVPN Status. Summary: It shows the number of Tunnel(s) Used and Tunnel(s) Available. The 10/100/1000 4-port VPN Router supports 50 tunnels. Detail: Click the Detail button to see detail of the VPN Summary. Tunnel Status: Add New Tunnel: Click the Add New Tunnel button to add a Gateway to Gateway or Client to Gateway tunnel.
10/100/1000 4-Port VPN Router Tunnel Test: Click the Connect button to verify the tunnel status. The test result will be updated in Status. If the tunnel is connected, a Disconnect button will be available so you can disconnect the VPN connection. Config.: This includes options for editing the tunnel, by clicking Edit, or deleting the tunnel, by clicking the Trash Can. Tunnel(s) Enable and Tunnel(s) Defined: This will show the amount of tunnels enabled and tunnels defined.
10/100/1000 4-Port VPN Router VPN Tab - Gateway to Gateway This screen allows you to create VPN tunnels between VPN routers. You can reach this page by clicking the Gateway to Gateway tab. Tunnel No.: This shows the number assigned to this tunnel, from 1~50, depending on how many tunnels you have already set up. Tunnel Name: Enter the Tunnel Name, such as LA Office, Branch Site, Corporate Site, etc.
10/100/1000 4-Port VPN Router Dynamic IP + E-mail Addr.(USER FQDN) Authentication: This setting uses a dynamic IP address, which is constantly changing. In addition, the tunnel is confirmed through use of an email address. Only one email address can be used for one tunnel and may not be applied to another tunnel.These settings must match the Remote Group Setup on the other end of the tunnel. Local Security Group Type. Select the local LAN user(s) that can use this VPN tunnel.
10/100/1000 4-Port VPN Router IP + E-mail Addr. (USER FQDN) Authentication: This selection affords a greater amount of security because each side of the tunnel must use the same IP Address as well as the same email. Only one email address can be used for one tunnel and may not be applied to another tunnel.These settings must match the Remote Group Setup on the other end of the tunnel. If you know the static IP address of remote VPN device, select IP address from drop-down menu.
10/100/1000 4-Port VPN Router processed. The hexadecimal values is acceptable, and the valid range is 100~ffffffff. Each tunnel must have a unique Inbound SPI and Outbound SPI. No two tunnels share the same SPI. The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel, and vice versa Encryption: There are two methods of encryption, DES and 3DES. The Encryption method determines the length of the key used to encrypt/decrypt ESP packets.
10/100/1000 4-Port VPN Router Phase 1 Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method determines a method to authenticate the ESP packets. Both sides must use the same Authentication method. MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA is a one-way hashing algorithm that produces a 160-bit digest. SHA is recommended because it is more secure, and both sides must use the same Authentication method.
10/100/1000 4-Port VPN Router Advanced For most users, the settings on the VPN page should be satisfactory. This device provides an advanced IPSec setting page for some special users such as reviewers. Click the Advanced button to link you to that page. Advanced settings are only for IKE with Preshared Key mode of IPSec. Aggressive Mode: There are two types of Phase 1 exchanges: Main mode and Aggressive mode.
10/100/1000 4-Port VPN Router VPN Tab - Client to Gateway With Tunnel Enabled This screen allows you to create VPN tunnels from remote PCs (with Linksys VPN Client Software) to VPN routers. You can reach this page by clicking the Client to Gateway tab or from the Mode Choose screen (figure 5-44). Tunnel No.: This shows the number assigned to this tunnel, from 1~5, depending on how many tunnels you have already set up. Tunnel Name: Enter the Tunnel Name, such as LA Office, Branch Site, Corporate Site, etc.
10/100/1000 4-Port VPN Router name can be used for one tunnel and may not be applied to another tunnel.These settings must match the Remote Group Setup on the other end of the tunnel. If you know the static IP address of remote VPN device, select IP address from drop-down menu. If you don't know the static IP address of remote VPN device, but the domain name of remote VPN device is known, you can select IP by DNS Resolved, and enter the real domain name on the Internet.
10/100/1000 4-Port VPN Router the Internet. RV0041 will get the IP address of remote VPN device by DNS Resolved, and IP address of remote VPN device will be displayed on VPN Status of Summary page. IP + Domain Name (FQDN) Authentication: f you know the static IP address of remote client, select IP address from drop-down menu.
10/100/1000 4-Port VPN Router Domain Name (FQDN) (Fully Qualified Domain Name): Enter the Domain Name of the Remote Client. When the Remote Client requests to create a tunnel with the Router, the Router will act as a responder. The Domain Name must match the local settings of the Remote Client. E-mail Address (User FQDN): Enter the Email Address of the Remote Client. When the Remote Client requests to create a tunnel with the Router, the Router will act as a responder.
10/100/1000 4-Port VPN Router Encryption Key: This field specifies a key used to encrypt and decrypt IP traffic, and the Encryption Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Encryption Key. If DES is selected, the Encryption Key is 16-bit. If users do not fill up to 16-bit, this field will be filled up to 16-bit automatically by 0. If 3DES is selected, the Encryption Key is 48-bit.
10/100/1000 4-Port VPN Router Phase 2 DH Group: There are three groups of different prime key lengths. Group1 is 768 bits, Group2 is 1,024 bits and Group 5 is 1,536 bits. If network speed is preferred, select Group 1. If network security is preferred, select Group 5. You can choose the different Group with the Phase 1 DH Group you chose.
10/100/1000 4-Port VPN Router Compress (Support IP Payload compression Protocol (IP Comp) The Router supports IP Payload Compression Protocol. IP Payload Compression is a protocol to reduce the size of IP datagrams. If Compress is enabled, the Router will propose compression when initiating a connection. If the responders reject this propose, the Router will not implement the compression. When the Router works as a responder, the Router will always accept compression even without enabling compression.
10/100/1000 4-Port VPN Router Log Tab - System Log The System Log screen allows to configure the Router’s log, keeping track of the Router’s performance. Syslog Enable Syslog: Checking this box enables the Logging feature, called Syslog. Syslog Server: In addition to the standard event log, the Router can send a detailed log to an external Syslog server. Syslog is an industry-standard protocol used to capture information about network activity.
10/100/1000 4-Port VPN Router General Log You can receive alert logs for any of these events when you check its box on the screen: System Error Messages, Deny Policies, Allow Policies, Content Filtering, Data Inspection, Authorized Login, Configuration Changes. View System Log: Click this button to view all logs: System Log, Access Log, Firewall Log, or VPN Log. Outgoing Log Table: Click this button to view information about the outgoing logs: LAN IP, Destination URL/IP and Service/Port number.
10/100/1000 4-Port VPN Router Wizard Tab Use this tab to access the Router’s two Setup Wizards: the Basic Setup Wizard and the Access Rule Setup Wizard. They will help you to set up the Router to access the Internet and set up a Firewall security policy, or Access Rule. Figure 5-52: Wizard tab Basic Setup 1. Click the Launch Now button to run the Basic Setup Wizard to quickly set up the Router to access the Internet. 2. From the first screen a WAN interface.
10/100/1000 4-Port VPN Router 4. You will now need to set up the connection types for the WAN ports. These WAN Connection Types were shown in Figures 5-6 through 5-11, and can be referred back to for help. If you chose Obtain an IP automatically, select Use DNS Server provided by ISP (default) or Use the Following DNS Server Addresses, if you want to enter a specific IP. Click Next to continue. Click Previous if you want to return to the previous screen. Click Exit if you want to exit the wizard.
10/100/1000 4-Port VPN Router Access Rule Setup You can access this Setup Wizard through the Wizard tab (shown in Figure 5-54) or by clicking the Wizard button on the Add New Access Rule screen. 1. From the Wizard tab, click the Launch Now button to run the Access Rule Wizard to help you easily set up the Firewall security policy for the Router. 2. The first screen to appear explains the Access Rules. Click Next to continue. Click Exit if you want to exit the wizard.
10/100/1000 4-Port VPN Router 4. Next select the service from the drop-down menu that will be allowed or denied from the Service menu. Click Next to continue. Click Previous if you want to return to the previous screen. Click Exit if you want to exit the wizard. Figure 5-59: Access Rule Wizard Select the Service 5. From the next screen, select the Source from the Ethernet drop-down menu. Then, select the users from the drop-down menu, Any, single, or Range. Click Next to continue.
10/100/1000 4-Port VPN Router 6. Next, choose the destination, either Any, Single, or Range, from the drop-down menu. Click Next to continue. Click Previous if you want to return to the previous screen. Click Exit if you want to exit the wizard. Figure 5-61: Access Rule Wizard Select the Destination 7. From the next screen, select the scheduling for the rule, Always, if the Rule is always in effect, or Scheduling, if you want to define a range for a specific time and day of the week.
10/100/1000 4-Port VPN Router Support Tab On Line Manual Click the On Line Manual button, and it will link to the Support page of the Linksys website. Click the Downloads button from the Technical Support menu, then select the RV0041 from the drop-down menu, select your operating system, then click Downloads for this Product. Click User Guide. Linksys Web Site Click the Linksys Web Site button, and it will link to the Support page of the Linksys Web Site, www.linksys.com.
10/100/1000 4-Port VPN Router Appendix A: Troubleshooting This appendix provides solutions to problems that may occur during the installation and operation of the Router. Read the descriptions below to help solve your problems. If you can't find an answer here, check the Linksys website at www.linksys.com. Common Problems and Solutions 1. I need to set a static IP address on a PC. The Router, by default, assigns an IP address range of 192.168.1.100 to 192.168.1.149 using the DHCP server on the Router.
10/100/1000 4-Port VPN Router For Windows 2000: A. Click Start, Settings, and Control Panel. Double-click Network and Dial-Up Connections. B. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option. C. In the Components checked are used by this connection box, highlight Internet Protocol (TCP/IP), and click the Properties button. Select Use the following IP address option. D.
10/100/1000 4-Port VPN Router 2. I want to test my Internet connection. A. Check your TCP/IP settings. For Windows 98 and Millennium: Refer to Windows Help for details. Make sure Obtain IP address automatically is selected in the settings. For Windows 2000: 1. Click Start, Settings, and Control Panel. Double-click Network and Dial-Up Connections. 2. Right-click the Local Area Connection that is associated with the Ethernet adapter you are using, and select the Properties option. 3.
10/100/1000 4-Port VPN Router • For Windows 2000 and XP, click Start and Run. In the Open field, type cmd. Press the Enter key or click the OK button. C. In the command prompt, type ping 192.168.1.1 and press the Enter key. • If you get a reply, the computer is communicating with the Router. • If you do NOT get a reply, check the cable, and make sure Obtain an IP address automatically is selected in the TCP/IP settings for your Ethernet adapter. D.
10/100/1000 4-Port VPN Router 4. I am not able to access the Router’s Web-based Utility Setup page. A. Refer to “Problem #2, I want to test my Internet connection” to verify that your computer is properly connected to the Router. B. Refer to “Appendix B: Finding the MAC Address and IP Address for Your Ethernet Adapter” to verify that your computer has an IP Address, Subnet Mask, Gateway, and DNS. C. Set a static IP address on your system; refer to “Problem #1: I need to set a static IP address.” D.
10/100/1000 4-Port VPN Router documentation provided with the server you installed. Follow these steps to set up port forwarding through the Router’s Web-based Utility. We will be setting up web, ftp, and mail servers. A. Access the Router’s Web-based Utility by going to http://192.168.1.1 or the IP address of the Router. Go to the Setup => Forwarding tab. B. Select the Service from the pull-down menu.
10/100/1000 4-Port VPN Router example, if you have a web server, you would enter the range 80 to 80. Click the Add to List button. Then click the Save Setting button. Click the Exit button. C. Enter the IP Address of the server that you want the Internet users to access. For example, if the web server’s Ethernet adapter IP address is 192.168.1.100, you would enter 100 in the field provided.
10/100/1000 4-Port VPN Router 9. I forgot my password, or the password prompt always appears when saving settings to the Router. Reset the Router to factory defaults by pressing the Reset button for ten seconds and then releasing it. If you are still getting prompted for a password when saving settings, then perform the following steps: A. Access the Router’s web interface by going to http://192.168.1.1 or the IP address of the Router. Enter the default password admin, and click the Setup => Password tab.
10/100/1000 4-Port VPN Router A. Go to the Linksys website at http://www.linksys.com and download the latest firmware, or use the Web-based Utility to be automatically redirected to the download webpage. Go to System Management Firmware Upgrade, and click the Firmware Download from Linksys Web Site button. Select the Router from the pull-down menu and choose the firmware from the options. A. Extract the firmware file on your computer. B.
10/100/1000 4-Port VPN Router F. You may see the login status display as Connecting. Press the F5 key to refresh the screen, until you see the login status display as Connected. If the connection is lost again, follow steps E and F to re-establish connection. 15. I can't access my email, web, or VPN, or I am getting corrupted data from the Internet. The Maximum Transmission Unit (MTU) setting may need to be adjusted. By default, the MTU is set at 1500.
10/100/1000 4-Port VPN Router 17. When I enter a URL or IP address, I get a time-out error or am prompted to retry. • Check if other PCs work. If they do, ensure that your workstation’s IP settings are correct (IP Address, Subnet Mask, Default Gateway, and DNS). Restart the computer that is having a problem. • If the PCs are configured correctly, but still not working, check the Router. Ensure that it is connected and powered on. Connect to it and check its settings.
10/100/1000 4-Port VPN Router Does the Router support any operating system other than Windows 98, Millennium, 2000, or XP? Yes, but Linksys does not, at this time, provide technical support for setup, configuration or troubleshooting of any non-Windows operating systems. Does the Router support ICQ send file? Yes, with the following fix: click ICQ menu => preference => connections tab=>, and check I am behind a firewall or proxy. Then set the firewall time-out to 80 seconds in the firewall setting.
10/100/1000 4-Port VPN Router If all else fails in the installation, what can I do? Reset the Router by holding down the Reset button for ten seconds. Reset your cable or DSL modem by powering the unit off and then on. Obtain and flash the latest firmware release that is readily available on the Linksys website, www.linksys.com. How can I be notified of new Router firmware upgrades? All Linksys firmware upgrades are posted on the Linksys website at www.linksys.com, where they can be downloaded for free.
10/100/1000 4-Port VPN Router How many ports can be simultaneously forwarded? Theoretically, the Router can establish 4,000 sessions at the same time, but you can only forward 30 ranges of ports. Does the Router replace a modem? Is there a cable or DSL modem in the Router? No, this version of the Router must work in conjunction with a cable or DSL modem. Which modems are compatible with the Router? The Router is compatible with virtually any cable or DSL modem that supports Ethernet.
10/100/1000 4-Port VPN Router Appendix B: Finding the MAC Address and IP Address for Your Ethernet Adapter This section describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC address cloning feature of the Router. You can also find the IP address of your computer’s Ethernet adapter. This IP address is used for the Router’s filtering, forwarding, and/or DMZ features.
10/100/1000 4-Port VPN Router 3. Write down the Physical Address as shown on your computer screen; it is the MAC address for your Ethernet adapter. This appears as a series of numbers and letters. The MAC address/Physical Address is what you will use for MAC address cloning or MAC filtering. Note: The MAC address is also called the Physical Address. The example in Figure C-3 shows the Ethernet adapter’s IP address as 192.168.1.100. Your computer may show something different.
10/100/1000 4-Port VPN Router Appendix C: Physical Setup of the Router This section describes the physical setup of the Router, including the installation of the mounting brackets. Setting up the Router You can set the Router on a desktop, install it in a rack with attached brackets, or mount it on the wall. Placement of the Router Set the Router on a desktop or other flat, secure surface. Do not place excessive weight on top of the Router that could damage the Router.
10/100/1000 4-Port VPN Router Line up the bracket holes with the holes in the Router and attach with the screws, using four on each side of the Router. After the brackets are attached to the Router by screws, you can rack-mount it. Attach the Router to the rack with two screws on each side.
10/100/1000 4-Port VPN Router Wall-Mounting the Router The Router has two holes on the bottom for wall-mounting. The horizontal distant between the two holes is 3.701 in (94mm). Install two screws or nails into the wall, 3.701 in (94 mm) apart. After the nails are secured on the wall, line up the Router’s holes with the screws on the wall to wall-mount it. The suggested mounting hardware is shown in Figure D-4.
10/100/1000 4-Port VPN Router Figure C-4: Wall-Mounting Hardware Appendix C: Physical Setup of the Router Setting up the Router 80
10/100/1000 4-Port VPN Router Appendix D: Battery Replacement This section instructs the user on battery replacement. Replacing a Lithium Battery The Router has a lithium battery, number CR2032, on its main circuit board. This battery has an operating life of about 1~2 years. When the battery loses its charge, the Router cannot update the correct time except when connected to the NTP Server. WARNING: The lithium battery can explode if replaced incorrectly.
10/100/1000 4-Port VPN Router Appendix E: Upgrading Firmware You can use the Router’s Web-based Utility to upgrade the firmware; however, if you do so, you may lose the settings you have configured on the Router. To upgrade the Router’s firmware, follow these instructions: 1. Download the Router’s firmware upgrade file from the Linksys website, www.linksys.com or click the Firmware Download from Linksys Web Site button. Select the Router from the pull-down menu and choose the firmware from the options. 2.
10/100/1000 4-Port VPN Router Appendix F: Windows Help All Linksys networking products require Microsoft Windows. Windows is the most used operating system in the world and comes with many features that help make networking easier. These features can be accessed through Windows Help and are described in this appendix. TCP/IP Before a computer can communicate with the Router, TCP/IP must be enabled.
10/100/1000 4-Port VPN Router Appendix G: Glossary Adapter - A device that adds network functionality to your PC. Bandwidth - The transmission capacity of a given device or network. Bit - A binary digit. Boot - To start a device and cause it to start executing instructions. Broadband - An always-on, fast Internet connection. Browser - An application program that provides a way to look at and interact with all the information on the World Wide Web.
10/100/1000 4-Port VPN Router Encryption - Encoding data to prevent it from being read by unauthorized people. Ethernet - A network protocol that specifies how data is placed on and retrieved from a common transmission medium. Firewall - Security measures that protect the resources of a local network from intruders. Firmware - 1. In network devices, the programming that runs the device. 2.
10/100/1000 4-Port VPN Router NAT (Network Address Translation) - NAT technology translates IP addresses of a local area network to a different IP address for the Internet. Network - A series of computers or devices connected for the purpose of data sharing, storage, and/or transmission between users. Node - A network junction or connection point, typically a computer or work station. Packet - A unit of data sent over a network.
10/100/1000 4-Port VPN Router Switch - 1. Device that is the central point of connection for computers and other devices in a network, so data can be shared at full transmission speeds. 2. A device for making, breaking, or changing the connections in an electrical circuit. TCP/IP (Transmission Control Protocol/Internet Protocol) - A network protocol for transmitting data that requires acknowledgement from the recipient of data sent. Telnet - A user command and TCP/IP protocol used for accessing remote PCs.
10/100/1000 4-Port VPN Router Appendix H: Specifications Standards IEEE 802.3, 802.3u Ports 4 10/100/100 Gigabit Ports, 1 10/100 RJ-45 Internet Port, 1 SFP Port Button Reset Cabling Type Ethernet Category 5 LEDs System, Internet, SFP, Diag, 1-4 UPnP able/cert Yes Security Features SPI Firewall, DES and 3DES Encryption for IPSec VPN Tunnel Dimensions (W x H x D) 11" x 1.75" x 9.50" (279.4 mm x 44.45 mm x 241.3 mm) Unit Weight 52 oz. (1.47 kg) Power Input: AC100~240V, 0.8A; Output: DC 3.
10/100/1000 4-Port VPN Router Appendix I: Warranty Information LIMITED WARRANTY Linksys warrants to the original end user purchaser (“You”) that, for a period of one year, (the “Warranty Period”) Your Linksys product will be free of defects in materials and workmanship under normal use. Your exclusive remedy and Linksys's entire liability under this warranty will be for Linksys at its option to repair or replace the product or refund Your purchase price less any rebates.
10/100/1000 4-Port VPN Router Appendix J: Regulatory Information FCC STATEMENT This product has been tested and complies with the specifications for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
10/100/1000 4-Port VPN Router Appendix K: Contact Information Need to contact Linksys? Visit us online for information on the latest products and updates to your existing products at: http://www.linksys.com or ftp.linksys.
