Barricade™ Plus Wireless Cable/DSL Broadband Router with VPN Wireless Cable/DSL Broadband Router with VPN ◆ ◆ ◆ ◆ EZ 3-Click Installation Wizard IEEE 802.11b Compliant Wireless Operation at 11, 5.
Barricade™ Plus Wireless Cable/DSL Broadband Router User Guide From SMC’s Barricade line of Broadband Routers Sept 2002 Revision Number: R01
COMPLIANCES FCC - Class B This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with instructions, may cause harmful interference to radio communications.
COMPLIANCES EC Conformance Declaration - Class B SMC contact for these products in Europe is: SMC Networks Europe, Edificio Conata II, Calle Fructuós Gelabert 6-8, 2o, 4a, 08970 - Sant Joan Despí, Barcelona, Spain.
COMPLIANCES Safety Compliance Underwriters Laboratories Compliance Statement Important! Before making connections, make sure you have the correct cord set.
COMPLIANCES Gerät gelangen. Dies könnte einen Brand bzw. elektrischen Schlag auslösen. 13. Öffnen sie niemals das Gerät. Das Gerät darf aus Gründen der elektrischen Sicherheit nur von authorisiertem Servicepersonal geöffnet werden. 14. Wenn folgende Situationen auftreten ist das Gerät vom Stromnetz zu trennen und von einer qualifizierten Servicestelle zu überprüfen: a. b. c. d. Netzkabel oder Netzstecker sind beschädigt. Flüssigkeit ist in das Gerät eingedrungen. Das Gerät war Feuchtigkeit ausgesetzt.
COMPLIANCES viii
TABLE OF CONTENTS TABLE OF CONTENTS 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-1 About the Wireless Barricade Plus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3 2 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
TAB LE OF CONTENTS LAN Gateway and DHCP Settings . . . . . . . . . . . . . . . . . . . . . . 4-19 Wireless Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-20 Configuring Client Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-25 5 Configuring Client TCP/IP . . . . . . . . . . . . . . . . . . . . . 5-1 Installing TCP/ IP Protocol in Your PC . . . . . . . . . . . . . . . . . . . . . . . . . 5-1 Windows 95/ 98/ME . . . . . . . . . . . . . . . . . . . . . .
CHAPTER 1 INTRODUCTION Congratulations on your purchase of the Barricade™ Plus Wireless Cable/ DSL Broadband Router. SMC is proud to provide you with a powerful yet simple communication device for connecting your local area network (LAN) to the Internet. For those who want to surf the Internet in the most secure way, this Wireless Cable/DSL Broadband Router provides a convenient and powerful solution.
FEATURES AND BENEFITS Features and Benefits 1-2 • Internet connection to xDSL or cable modem via a 10/100 Mbps WAN port • Local network connection via 10/100 Mbps Ethernet ports or 11 Mbps wireless interface (supporting up to 128 mobile users) • 802.11b Compliant – interoperable with multiple vendors • Provides seamless roaming within 802.
INTRODUCTION Applications Many advanced applications are provided by the Wireless Barricade Plus, such as: • Flexible LAN Access The Wireless Barricade Plus provides connectivity to 10/ 100 Mbps wired devices as well as 11 Mbps wireless mobile users. The wireless interface makes it easy to create a network in difficult-to-wire environments, or to provide quick access to databases for mobile workers. • Internet Access This device supports Internet access through an xDSL, or Cable connection.
APPLICATIONS • Virtual Server If you have a fixed IP address, you can set up the Wireless Barricade Plus to act as a virtual host using network address translation (NAT). Remote users access various services at your site using a constant IP address. Then, depending on the requested service (or port number), the Wireless Barricade Plus can route the request to the appropriate server (at another internal IP address).
INTRODUCTION the incoming traffic is allowed. If no match is found, the incoming traffic is discarded. • Virtual Private Network (VPN) The Wireless Barricade Plus supports two of the most commonly used VPN protocols – PPTP and IPSec. These protocols allow remote users to establish a secure connection to their corporate network. If your service provider supports VPNs, then any of these protocols can be used to create an authenticated and encrypted tunnel for passing secure data over the Internet (i.e.
APPLICATIONS 1-6
CHAPTER 2 INSTALLATION Before installing the Barricade™ Plus Wireless Cable/DSL Broadband Router, verify that you have all the items listed under “Package Contents.” If any of the items are missing or damaged, contact your local SMC distributor. Also be sure that you have all the necessary cabling before installing the Wireless Barricade Plus. After installing the Wireless Barricade Plus, refer to the Web-based configuration program in Chapter 4 for information on configuring the router.
INSTALLATION Please fill out and return the Warranty Registration Card to SMC or register on SMC’s Web site at www.smc-europe.com. The Wireless Barricade Plus Wireless Cable/DSL Broadband Router is covered by a limited lifetime warranty. Description of Hardware The Wireless Barricade Plus can be connected to the Internet or to a remote site using its RJ-45 WAN port.
INSTALLATION • Three RJ-45 ports for connection to a 10BASE-T/100BASE-TX Ethernet Local Area Network (LAN). These ports can autonegotiate the operating speed to 10/100 Mbps, the mode to half/full duplex, and the pin signals to MDI/MDI-X (i.e., allowing these ports to be connected to any network device with straight-through cable). These ports can be connected directly to a PC or to a server equipped with an Ethernet network interface card, or to a networking device such as an Ethernet hub or switch.
INSTALLATION Item Description LEDs Power, WLAN, WAN and LAN port status indicators. (See Verify Port Status on page 2-11.) Wireless Antennas Dual antennas provide optimal reception by dynamically choosing the best antenna for each client. Reset Button Use this button to reset the power and restore the default factory settings. WAN Port WAN port (RJ-45). Connect your Cable modem, xDSL modem, or an Ethernet router to this port. LAN Ports Fast Ethernet ports (RJ-45).
INSTALLATION • TCP/IP network protocol installed on each PC that needs to access the Internet. • A Java-enabled Web browser, such as Microsoft Internet Explorer 5.0 or above or Netscape Communicator 4.0 or above installed on one PC at your site for configuring the Wireless Barricade Plus. Connect the System The Wireless Barricade Plus can be positioned at any convenient location in your office or home. No special wiring or cooling requirements are needed.
INSTALLATION Basic Installation Procedure 1. Connect the LAN: You can connect the Wireless Barricade Plus to your PC, or to a hub or switch. Run Ethernet cable from one of the LAN ports on the rear of the Wireless Barricade Plus to your computer’s network adapter or to another network device. You can also connect the Wireless Barricade Plus to your PC (using a wireless client adapter) via radio signals. Position both antennas on the back of the Wireless Barricade Plus into the desired positions.
INSTALLATION Attach to Your Network Using Ethernet Cabling The three LAN ports on the Wireless Barricade Plus can auto-negotiate the connection speed to 10 Mbps Ethernet or 100 Mbps Fast Ethernet, as well as the transmission mode to half-duplex or full-duplex. These LAN ports also support auto-configuration for pin signals (auto-MDI/MDI-X) that allows you to use straight-through cable for connecting the Wireless Barricade Plus to any network device. (See Appendix B for details on wiring.
INSTALLATION Notes: 1. Use 100-ohm shielded or unshielded twisted-pair cable with RJ-45 connectors for all connections. Use Category 3, 4 or 5 for connections that operate at 10 Mbps, and Category 5 for connections that operate at 100 Mbps. 2. Make sure each twisted-pair cable does not exceed 100 meters (328 feet). RESET WAN 1 2 3 9V 2 A MAX Figure 2-3.
INSTALLATION computer to the same radio channel. However, the Wireless Barricade Plus can provide access to your wired/wireless LAN or to the Internet for all wireless workstations. Each wireless PC in this network infrastructure can talk to any computer in the wireless group via a radio link, or access other computers or network resources in the wired LAN infrastructure or over the Internet via the Wireless Barricade Plus.
INSTALLATION Attach the Wireless Barricade Plus to the Internet If Internet services are provided through an xDSL or cable modem, use unshielded or shielded twisted-pair Ethernet cable (Category 3 or greater) with RJ-45 plugs to connect the broadband modem directly to the WAN port on the Wireless Barricade Plus. Use either straight through or crossover cabling depending on the port type provided by the modem (see Appendix B). RESET WAN 1 2 3 9V 2 A MAX DSL/Cable Modem ISP (Primary) Figure 2-5.
INSTALLATION Verify Port Status Check the power and port indicators as shown in the following table. LED Condition Status Power (Green) On Wireless Barricade Plus is receiving power. WLAN (Green) On The Wireless Barricade Plus has established a valid wireless connection. WAN (Green) On The WAN port has established a valid network connection. Link (Green) On The indicated LAN port has established a valid network connection.
INSTALLATION 2-12
CHAPTER 3 CONFIGURING CLIENT PCS TCP/IP Configuration To access the Internet through the Barricade™ Plus Wireless Cable/DSL Broadband Router, you must configure the network settings of the computers on your LAN to use the same IP subnet as the Wireless Barricade Plus. The default network settings for the Wireless Barricade Plus are: Gateway IP Address: 192.168.2.1 Subnet Mask: 255.255.255.
TCP/IP CONFIGURATION 3-2
CHAPTER 4 CONFIGURING THE WIRELESS BARRICADE PLUS After you have configured TCP/IP on a client computer, you can use a Web browser to configure the Barricade™ Plus Wireless Cable/DSL Broadband Router. The Wireless Barricade Plus can be configured by any Java-supported browser including Internet Explorer 4.0 or above, or Netscape Navigator 4.0 or above. Using the Web management interface, you can configure the Wireless Barricade Plus and view statistics to monitor network activity.
NAVIGATING THE WEB BROWSER INTERFACE The home page displays the “Setup Wizard” and “Advanced Setup” options. Navigating the Web Browser Interface The Wireless Barricade Plus’ management interface features a Setup Wizard and an Advanced Setup section. Use the Setup Wizard if you want to quickly setup the Wireless Barricade Plus for use with a cable modem or DSL modem.
CONFIGURING THE WIRELESS BARRICADE PLUS Making Configuration Changes Configurable parameters have a dialog box. Once a configuration change has been made on a page, be sure to click the “Apply” or “Next” button at the bottom of the page to enable the new setting. To ensure proper screen refresh after a command entry, be sure that Internet Explorer 5.
SETUP WIZARD Cable Modem Your ISP may have given you a host name. If so, enter it into this field. Click “Finish” to complete the setup. The Status page will open to allow you to view the connection status, as well as other information. See “Status” on page 4-50 for details.
CONFIGURING THE WIRELESS BARRICADE PLUS Fixed-IP xDSL Some xDSL Internet Service Providers may assign a fixed (static) IP address for your gateway. If you have been provided with this information, choose this option and enter the assigned IP address, subnet mask, gateway IP, and DNS IP addresses for the Wireless Barricade Plus. Click “Finish” to complete the setup. The Status page will open to allow you to view the connection status, as well as other information. See “Status” on page 4-50 for details.
SETUP W IZARD PPPoE Enter the PPPoE user name and password assigned by your Service Provider. The Service Name is normally optional, but may be required by some ser vice providers. Leave the Maximum Transmission Unit (MTU) onthe default value (1492) unless you have a particular reason to change it. Enter a Maximum Idle Time (in minutes) to define a maximum period of time for which the Internet connection is maintained during inactivity.
CONFIGURING THE WIRELESS BARRICADE PLUS Advanced Setup Menu Selecting the “Advanced Setup” displays the main menu on the left-hand side of the screen and descriptive information on the right-hand side. The Main Menu links are used to navigate to other menus that display configuration parameters and statistics. Navigating the Web Browser Interface The Wireless Barricade Plus’ advanced management interface includes ten key menus – System, WAN, LAN, Wireless, NAT, Firewall, VPN, SNMP, Tools, and Status.
NAVIGATING THE WEB BROWSER INTERFACE While the Tools menu is used to backup the Wireless Barricade Plus, restore the factory settings, update the firmware, or reset the Wireless Barricade Plus. The Status menu is used to see the connection status for the Wireless Barricade Plus’ WAN/LAN interfaces, firmware, and hardware version numbers, any illegal attempts to access your network, as well as information on all DHCP client PCs currently connected on your network.
CONFIGURING THE WIRELESS BARRICADE PLUS Menu Description Firewall Menu Configures a variety of packet filtering and specialized functions, including: • Access Control • URL Blocking • Schedule Rule • Intusion Detection • DMZ (Demilitarized Zone) VPN Menu Provides Virtual Private Network tunneling capability for secure Internet communication. IPsec Configures inbound Security Association (SA). PPTP • Authorizes remote users using the PPTP tunneling protocol.
NAVIGATING THE WEB BROWSER INTERFACE Menu Description Status Menu Displays WAN/LAN connection status, firmware and hardware version numbers, as well as information on all DHCP client PCs connected. Help Button Contains information for product support, troubleshooting, and network terminology. Home Button Go to the overview page of this Web management interface. Logout Button Exit the Wireless Barricade Plus system.
CONFIGURING THE WIRELESS BARRICADE PLUS System Settings Set Time Zone Set the time zone for the Wireless Barricade Plus. This information is used for log entries and client filtering.
SYSTEM SETTINGS Setting a Password If this is your first time to access the Wireless Barricade Plus, you should define a new password, record it and put it in a safe place. From the “Advanced Setup” menu, select “System” and click on “Password Settings” and follow the instructions on the screen. Use this menu to restrict management access based on a specific password.
CONFIGURING THE WIRELESS BARRICADE PLUS Note: If your password is lost, or you cannot gain access to the management interface, press the Reset button on the front panel (holding it down for at least five seconds) to restore the factory defaults. Remote Management By default, management access is only available to users on your local network. However, you can also manage the Wireless Barricade Plus from a remote host by adding the IP address of an administrator to this screen.
NETWORKING AND CLIENT SERVICES Networking and Client Services You can use the “Setup Wizard” to change the required settings, or you can select the basic configuration items you need to change from the “Setup Wizard” screen. Use the “Advanced Setup” menu to configure the WAN connection options, the LAN interface (including TCP/IP parameters for the Wireless Barricade Plus’ gateway address, DHCP address pool for dynamic client address allocation), and other advanced services.
CONFIGURING THE WIRELESS BARRICADE PLUS Dynamic IP Address – DHCP The Host Name is optional, but may be required by some ISPs. The default MAC address is set to the WAN’s physical interface on the Wireless Barricade Plus. Use this address when registering for Internet service, and do not change it unless required by your ISP.
N ETWORKING AN D CLIE NT SER V ICES PPP over Ethernet - PPPoE Enter the PPP oE user name and password assigned by your ISP. The Service Name is nor mally optional, but may be required by some providers . Specify the value of MTU (Maximum Transmission Unit) for pro per Internet access such as browsing web s ites and using E-mail. (Default: 14 92) Enter the maximum idle time for the Wireless Barricade Plus (in seconds ).
CONFIGURING THE WIRELESS BARRICADE PLUS Static IP Address – Fixed IP If your Internet Service Provider has assigned a fixed address, enter the assigned address and subnet mask for the Wireless Barricade Plus, then enter the gateway address of your ISP. Note: You may need a fixed address if you want to provide Internet services, such as a Web server or FTP server.
NETWORKING AND CLIENT SERVICES DNS Configuration Domain Name Servers are used to map an IP address to the equivalent domain name (e.g., www.smc.com). Your ISP should provide the IP address for one or more domain name servers. Enter those addresses on this screen.
CONFIGURING THE WIRELESS BARRICADE PLUS LAN Gateway and DHCP Settings Configure the gateway address of the Wireless Barricade Plus. To dynamically assign the IP address for client PCs, enable the DHCP Server, set the lease time, and then specify the address range. Also remember to configure all of your client PCs for dynamic address allocation. Valid IP addresses consist of four numbers, and are separated by periods.
NETWORKING AND CLIENT SERVICES Wireless Configuration To configure the Wireless Barricade Plus as a wireless access point for wireless clients (either stationary or roaming), all you need to do is define the radio channel, the Service Set identifier (SSID), and encryption options.
CONFIGURING THE WIRELESS BARRICADE PLUS Channel and SSID You must specify a common radio channel and SSID (Service Set ID) to be used by the Wireless Barricade Plus and all of your wireless clients. Be sure you configure all of your clients to the same values. ESSID: The Service Set ID. This should be set to the same value as other wireless devices in your network. Note: The SSID is case sensitive and can consist of up to 32 alphanumeric characters.
NETWORKING AND CLIENT SERVICES Channel: The radio channel through which the Wireless Barricade Plus communicates to PCs in its BSS. (Default: “Auto”) Note: The available channel settings are limited to local regulations, which determine the number of channels that are available. Encryption If you are transmitting sensitive data across wireless channels, you should enable Wired Equivalent Privacy (WEP) encryption.
CONFIGURING THE WIRELESS BARRICADE PLUS You can automatically generate encryption keys or you can manually enter the keys. For automatic 64-bit security, you enter a passphrase that is used to create four keys (as shown below). The automatic 128-bit security generates a single key by entering a passphrase.
NETWORKING AND CLIENT SERVICES If you use encryption, configure the same keys used for the Wireless Barricade Plus on each of your wireless clients. Note that the Wired Equivalent Privacy (WEP) protects data transmitted between wireless nodes, but does not protect any transmissions over your wired network or over the Internet.
CONFIGURING THE WIRELESS BARRICADE PLUS Configuring Client Services The Wireless Barricade Plus includes a broad range of client services, including firewall protection, VPN tunneling capability, network address translation, virtual server, address mapping, DMZ, and restricted Internet access for specified clients. You can configure these functions by selecting specific items from the menu on the left of the screen.
NETWORKING AND CLIENT SERVICES Address Mapping Use the “Address Mapping” option to limit the number of public IP addresses required from the ISP and maintain the privacy and security of the local network.
CONFIGURING THE WIRELESS BARRICADE PLUS Virtual Server 4-27
NETWORKING AND CLIENT SERVICES If you configure the Wireless Barricade Plus as a virtual server, remote users accessing services such as Web or FTP at your local site via public IP addresses can be automatically redirected to local servers configured with private IP addresses. In other words, depending on the requested service (TCP/UDP port number), the Wireless Barricade Plus redirects the external service request to the appropriate server (located at another internal IP address).
CONFIGURING THE WIRELESS BARRICADE PLUS Firewall Protection The Wireless Barricade Plus’ firewall can provide the access control of connected client PCs, block common hacker attacks, including IP Spoofing, Land Attack, Ping of Death, IP with zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP null scan, and TCP SYN flooding. The firewall does not significantly affect system performance, so we advise setting it enabled to protect your network users by selecting “Enable” on the screen.
NETWORKING AND CLIENT SERVICES Access Control Using this option allows you to specify different privileges for the client PCs (up to 32 computers).
CONFIGURING THE WIRELESS BARRICADE PLUS Note: Click on “Add PC” and define the appropriate settings for client PC services (as shown in the following screen).
NETWORKING AND CLIENT SERVICES URL Blocking Using the above screen to block access to the Web sites specified in the table.
CONFIGURING THE WIRELESS BARRICADE PLUS Schedule Rule You can filter Internet access for local clients based on the “Rule Name,” and time of day.
NETWORKING AND CLIENT SERVICES 1. Click on “Add Schedule Rule” 2. Define the appropriate settings for a schedule rule (as shown in the following screen). 3. Click “OK” and then the “APPLY” button to save your settings.
CONFIGURING THE WIRELESS BARRICADE PLUS Intrusion Detection 4-35
NETWORKING AND CLIENT SERVICES The Intrusion Detection feature of the Wireless Barricade Plus limits the access of the incoming traffic from the WAN port. When the SPI feature is turned on, all the incoming packets will be blocked unless certain types of traffic types are checked by the users. When the user checkes certain types of traffic, only the particular type of traffic initiated from the Internal LAN will be allowed.
CONFIGURING THE WIRELESS BARRICADE PLUS By using the above inspected information and timeout/threshold critieria, the Wireless Barricade Plus provides the following DoS attack preventions: Ping of Death (Ping flood) attack, SYN flood attack, IP fragment attack (Teardrop Attack), Brute-force attack, Land Attack, IP Spoofing attack, IP with zero length, TCP null scan (Port Scan Attack), UDP port loopback, Snork Attack etc..
NETWORKING AND CLIENT SERVICES DMZ (Demilitarized Zone) If you have a client PC that cannot run an Internet application properly from behind the firewall, then you can open the client up to unrestricted two-way Internet access. Enter the IP address of a DMZ host to this screen. Adding a client to the DMZ (Demilitarized Zone) may expose your local network to a variety of security risks, so only use this option as a last resort.
CONFIGURING THE WIRELESS BARRICADE PLUS Virtual Private Networks (VPN) Tunnel VPN provides a flexible and secure network to the authenticate users through IPsec (IP Security) and PPTP (Point-to-Point Tunneling Protocol) sessions.
NETWORKING AND CLIENT SERVICES IPsec IPsec is a set of protocols that offers more secure security services in the extranet VPNs. On the IPsec screen, select “Yes” in the “Enable IPsec” field for using the IPsec service, and choose the appropriate tunnel (Tunnel 1 - 3) as required. Then you have to define the authentication algorithms of the Security Association (SA) by entering appropriate values in the “Inbound SA” and “Outbound SA” fields for using IPsec security control. Notes: 1.
CONFIGURING THE WIRELESS BARRICADE PLUS PPTP Point-to-Point Tunneling Protocol (PPTP) allows the secure remote access over the Internet by simply dialing in a local point provided by an ISP.
N ETWORKING AN D CLIE NT SER V ICES Click “Edit” on the screen to setup a PPTP session. Using the above screen allows client PCs to establish a normal PPTP session and provides hassle-free configuration of the PPTP client on each client PC. For detailled information contact your local SMC support team.
CONFIGURING THE WIRELESS BARRICADE PLUS SNMP Use the SNMP configuration screen to display and modify parameters for the Simple Network Management Protocol (SNMP). A computer attached to the network, called a Network Management Station (NMS), can be used to access this information. Access rights to the agent are controlled by community strings. To communicate with the Wireless Barricade Plus, the NMS must first submit a valid community string for authentication.
NETWORKING AND CLIENT SERVICES Community Community: A community name authorized for management access. Access: Management access is restricted to Read only or Read/ Write. Valid: Sets administrative status of entry to enabled or disabled. Note: Up to 5 community names may be entered.
CONFIGURING THE WIRELESS BARRICADE PLUS Trap IP Address: IP address of the trap manager. Community: A community specified for trap management. Version: Sets trap status of entry to disabled, or enabled with V1 or V2c.
NETWORKING AND CLIENT SERVICES Tools You can use the “Tools” menu to restore factory settings, update firmware, or reboot the Wireless Barricade Plus.
CONFIGURING THE WIRELESS BARRICADE PLUS Configuration Tools The “Backup” option allows you to save your Wireless Barricade Plus’ configuration to a file named config.bin on your PC. You can then click on the “Restore” radio button to restore the saved backup configuration file. Selecting the “Restore to Factory Defaults” can restore the factory settings.
NETWORKING AND CLIENT SERVICES Firmware Upgrade Use this screen to update the latest firmware using a file provided by SMC. Note: For latest firmware version information, visit SMC’s Web site at http://www.smc-europe.com.
CONFIGURING THE WIRELESS BARRICADE PLUS Reset If the Wireless Barricade Plus stops responding, you can click on the “Apply” button to refresh the gateway. The saved configurations of the Wireless Barricade Plus will not be changed back to factory default settings after resetting the gateway. Note: If you use the reset button on the rear panel, the Wireless Barricade Plus performs a power reset and restores the factory settings.
NETWORKING AND CLIENT SERVICES Status You can use the following screen to display WAN/LAN connection status, firmware and hardware version numbers, as well as information on all DHCP clients connected to your network.
CONFIGURING THE WIRELESS BARRICADE PLUS The following items are included in this screen: Field Description INTERNET Displays WAN connection type and status. GATEWAY Displays system IP settings, as well as DHCP, NAT, PPTP Client and PPTP Server Firewall. INFORMATION Displays the number of attached clients, the firmware versions, the physical MAC address for each media interface, as well as the hardware version and serial number. Release Click on this button to disconnect from the Internet.
NETWORKING AND CLIENT SERVICES 4-52
CHAPTER 5 CONFIGURING CLIENT TCP/IP If you have not previously installed the TCP/IP protocol on your client PCs, refer to the following section. If you need information on how to configure a TCP/IP address on a PC, refer to “Setting TCP/IP to Work with the Wireless Barricade Plus” on page 5-5. Installing TCP/IP Protocol in Your PC Windows 95/98/ME 1. Click the “Start” button and choose “Settings,” then click “Control Panel.” 2.
INSTALLING TCP/IP PROTOCOL IN YOUR PC 5. Select the “Microsoft” item in the manufacturers list. And choose “TCP/IP” in the Network Protocols. Click the “OK” button to return to the Network window. 6. The TCP/IP protocol will be listed in the Network window. Click “OK” to complete the install procedure and restart your PC to enable the TCP/IP protocol.
CONFIGURING CLIENT TCP/IP Windows 2000 1. Click the “Start” button and choose “Settings,” then click “Control Panel.” 2. Double click the “Network and Dial-up Connections” icon, then “Local Area Connection” icon, and press the “Properties” button in the “General” tab. 3. Click the “install...” button to add the network component to your PC. 4. Double click on “Protocol” to add the TCP/IP protocol.
INSTALLING TCP/IP PROTOCOL IN YOUR PC 5. Choose “Internet Protocol (TCP/IP)” in the Network Protocols. Click the “OK” button to return to the Network window. 6. The TCP/IP protocol will be listed in the Network window. Click “OK” to complete the install procedure.
CONFIGURING CLIENT TCP/IP Setting TCP/IP to Work with the Wireless Barricade Plus Windows 95/98/ME 1. Click the “Start” button and choose “Settings,” then click “Control Panel.” 2. Double click the “Network” icon. Select the TCP/IP line that has been assigned to your network card in the “Configuration” tab of the Network window. 3. Click the “Properties” button to set the TCP/IP protocol for the Wireless Barricade Plus. 4.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS Windows 2000 1. Click the “Start” button and choose “Settings,” then click “Control Panel.” 2. Double click the “Network and Dial-up Connections” icon, then “Local Area Connection” icon, and press the “Properties” button in the “General” tab. 3. Select the TCP/IP line that has been assigned to your network card in the “Local Area Connection Properties” window. 4. Click the “Properties” button to set the TCP/IP protocol for the Wireless Barricade Plus.
CONFIGURING CLIENT TCP/IP Windows XP 1. Click the “start” button and choose “Control Panel.” 2. Select the “Network and Internet Connections” icon, then click the “Network Connections” icon, and double click on the “LAN or High-Speed Internet.” 3. Press the “Properties” button in the “General” tab. 4. Select the TCP/IP line that has been assigned to your network card in the “Local Area Connection Properties” window. 5. Click the “Properties” button to set the TCP/IP protocol for the Wireless Barricade Plus.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS Configuring Your Computer with Windows 95/98/ME You may find that the instructions here do not exactly match your version of Windows. This is because these steps and screenshots were created from Windows 98. Windows 95 and Windows Millennium Edition are very similar, but not identical, to Windows 98. Step 1.
CONFIGURING CLIENT TCP/IP 2. From "Control Panel," double-click the "Network" icon. 3. In the "Network" window, under the "Configuration" tab, double-click the "TCP/IP" entry that is listed with your network card.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 4. Select the "IP Address" tab. If "Obtain an IP address automatically" is already selected, your computer is already configured for DHCP. Click "Cancel" to close each window, and skip to Step 2 "Disable HTTP Proxy." 5. Locate your IP address and Subnet Mask. Record them in the spaces provided below. 6. Click the "Gateway" tab and record the numbers listed under "Installed gateways.
CONFIGURING CLIENT TCP/IP 7. Click the "DNS Configuration" tab. Locate the DNS servers listed under "DNS Server Search Order." Record the listed addresses. 8. After writing down your settings, check to make sure you have recorded them correctly. Click the "IP Address" tab and then click "Obtain an IP address automatically." Click OK. 9. Windows may need your Windows 95/98/ ME CD to copy some files. After it finishes copying, it will then prompt you to restart your system.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS Internet Explorer 1. Open Internet Explorer and click the stop button. Click "Tools," then "Internet Options." 2. In the "Internet Options" window click the "Connections" tab. Next, click the "LAN Settings..." button. 3. Clear all the checkboxes. 4. Click "OK," and then click "OK" again to close the "Internet Options" window.
CONFIGURING CLIENT TCP/IP Netscape 1. Open Netscape and click the stop button. Click "Edit," then click "Preferences..." 2. In the "Preferences" window, under "Category" double-click "Advanced," then click "Proxies." Select "Direct connection to the Internet." Click "OK." 3. Repeat these steps for each Windows 95/98/Me computer connected to your Wireless Barricade Plus. Step 3.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 1. Click "Start," then "Run..." 2. Type "WINIPCFG" and click "OK." It may take a minute or two for the "IP Configuration" window to appear. 3. From the drop-down menu, select your network card. Click "Release" and then "Renew." Verify that your IP address is now 192.168.2.xxx, your Subnet Mask is 255.255.255.0 and your Default Gateway is 192.168. 2.1. These values confirm that your Wireless Barricade Plus is functioning.
CONFIGURING CLIENT TCP/IP Configuring Your Computer with Windows 2000 Step 1. Configure TCP/IP Settings After you have completed the hardware setup, you need to configure your computer to connect to your Wireless Barricade Plus. You also need to determine how your ISP issues your IP address. Many ISPs issue these numbers automatically, using a networking technology known as Dynamic Host Configuration Protocol, or DHCP.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 2. Double-click the "Network & Dial-Up Connections" icon. 3. Double-click the icon that corresponds to the connection to your Wireless Barricade Plus. 4. Click "Properties.
CONFIGURING CLIENT TCP/IP 5. Double-click "Internet Protocol (TCP/IP)." 6. All the information that you need to record is on the "Internet Protocol (TCP/IP) Properties" dialog box. Use the spaces below to record the information. If "Obtain an IP address automatically" and "Obtain DNS server address automatically" are already selected, your computer is already configured for DHCP. Click "Cancel" to close each window, and skip to Step 2 "Disable HTTP Proxy.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 7. Select "Obtain an IP address automatically" and then select "Obtain DNS server address automatically." Then click "OK." Click "OK" or "Close" to close each window. TCP/IP Configuration Setting IP Address Subnet Mask Primary DNS Server Secondary DNS Server Default Gateway ____.____.____.____ ____.____.____.____ ____.____.____.____ ____.____.____.____ ____.____.____.____ Step 2.
CONFIGURING CLIENT TCP/IP 2. In the "Internet Options" window click the "Connections" tab. Next, click the "LAN Settings..." button. 3. Clear all the checkboxes. 4. Click "OK," and then click "OK" again to close the "Internet Options" window. Netscape 1. Open Netscape and click the stop button. Click "Edit," then click "Preferences...
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 2. In the "Preferences" window, under "Category" double-click "Advanced," then click "Proxies." Select "Direct connection to the Internet." Click "OK." Step 3. Obtain IP Settings From Your Wireless Barricade Plus Now that you have configured your computer to connect to your Wireless Barricade Plus, it needs to obtain new network settings.
CONFIGURING CLIENT TCP/IP 2. In the "Command Prompt" window, type "IPCONFIG / RELEASE" and press the key. 3. Type "IPCONFIG /RENEW" and press the key. Verify that your IP address is now 192.168.2.xxx (2-255), your Subnet Mask is 255.255.255.0 and your Default Gateway is 192.168.2.1. These values confirm that your Wireless Barricade Plus is functioning. Type "EXIT" and press to close the "Command Prompt" window.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS Configuring Your Computer with Windows XP Step 1. Configure TCP/IP Settings After you have completed the hardware setup, you need to configure your computer to connect to your Wireless Barricade Plus. You also need to determine how your ISP issues your IP address. Many ISPs issue these numbers automatically, using a networking technology known as Dynamic Host Configuration Protocol, or DHCP.
CONFIGURING CLIENT TCP/IP 2. Select the “Network and Internet Connections” icon, then click the “Network Connections” icon. 3. Double click on the “LAN or High-Speed Internet.” 4. Click "Properties.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 5. Double-click "Internet Protocol (TCP/IP)." 6. All the information that you need to record is on the "Internet Protocol (TCP/IP) Properties" dialog box. Use the spaces below to record the information. If "Obtain an IP address automatically" and "Obtain DNS server address automatically" are already selected, your computer is already configured for DHCP. Click "Cancel" to close each window, and skip to Step 2 "Disable HTTP Proxy.
CONFIGURING CLIENT TCP/IP 7. Select "Obtain an IP address automatically" and then select "Obtain DNS server address automatically." Then click "OK." Click "OK" or "Close" to close each window. TCP/IP Configuration Setting IP Address Subnet Mask Primary DNS Server Secondary DNS Server Default Gateway ____.____.____.____ ____.____.____.____ ____.____.____.____ ____.____.____.____ ____.____.____.____ Step 2.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 2. In the "Internet Options" window click the "Connections" tab. Next, click the "LAN Settings..." button. 3. Clear all the checkboxes. 4. Click "OK," and then click "OK" again to close the "Internet Options" window.
CONFIGURING CLIENT TCP/IP Step 3. Obtain IP Settings From Your Wireless Barricade Plus Now that you have configured your computer to connect to your Wireless Barricade Plus, it needs to obtain new network settings. By releasing any old IP settings and renewing them with settings from your Wireless Barricade Plus, you will also verify that you have configured your computer correctly. 1. From the Windows desktop, click the "Start" button, then "Programs," then "Accessories," and then click "Command Prompt.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 2. In the "Command Prompt" window, type "IPCONFIG / RELEASE" and press the key. 3. Type "IPCONFIG /RENEW" and press the key. Verify that your IP address is now 192.168.2.xxx (2-255), your Subnet Mask is 255.255.255.0 and your Default Gateway is 192.168.2.1. These values confirm that your Wireless Barricade Plus is functioning. Type "EXIT" and press to close the "Command Prompt" window.
CONFIGURING CLIENT TCP/IP Configuring Your Computer with Windows NT 4.0 Step 1. Configure TCP/IP Settings After you have completed the hardware setup, you need to configure your computer to connect to your Wireless Barricade Plus. You need to determine how your ISP issues your IP address. Many ISPs issue these numbers automatically using a networking technology known as Dynamic Host Configuration Protocol, or DHCP.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 2. Double-click the "Network" icon. 3. Select the "Protocols" tab. 4. Double-click "TCP/ IP Protocol.
CONFIGURING CLIENT TCP/IP 5. Select the "IP Address" tab. 6. In the "Adapter" drop-down list, be sure your Ethernet adapter is selected. If "Obtain an IP address automatically" is already selected, your computer is already configured for DHCP. Click "Cancel" to close each window, and skip to Step 2 "Disable HTTP Proxy." 7. In the "TCP/IP Properties" dialog box, click the IP address tab to locate your IP address, Subnet Mask, and Default Gateway. Record these values in the space provided below. 8.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 9. After writing down your IP settings, click the IP address tab. Select "Obtain IP address automatically" and click OK. Click OK again to close the "Network" window. 10. Windows may copy some files, and will then prompt you to restart your system. Click "Yes" and your computer will shut down and restart. TCP/IP Configuration Setting IP Address Subnet Mask Primary DNS Server Secondary DNS Server Default Gateway 5-32 ____.____.____.____ ____.____.
CONFIGURING CLIENT TCP/IP Step 2. Disable HTTP Proxy You will need to verify that the "HTTP Proxy" feature of your Web browser is disabled. This is so that your Web browser will be able to view the configuration pages inside your Wireless Barricade Plus. The following steps are for Internet Explorer and for Netscape. Determine which browser you use and follow the appropriate steps. Internet Explorer 1. Open Internet Explorer and click the stop button. Click "Tools," then "Internet Options." 2.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 3. Clear all the checkboxes. 4. Click "OK," and then click "OK" again to close the "Internet Options" window. Netscape 1. Open Netscape and click the stop button. Click "Edit," then click "Preferences..." 2. In the "Preferences" window, under "Category" double-click "Advanced," then click "Proxies." Select "Direct connection to the Internet." Click "OK.
CONFIGURING CLIENT TCP/IP Step 3. Obtain IP Settings From Your Wireless Barricade Plus Now that you have configured your computer to connect to your Wireless Barricade Plus, it needs to obtain new network settings. By releasing any old IP settings and renewing them with settings from your Wireless Barricade Plus, you will also verify that you have configured your computer correctly. 1. From the Windows desktop, click the "Start" button, then "Programs," and then select "Command Prompt." 2.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 3. Type "IPCONFIG /RENEW" and press the key. Verify that your IP address is now 192.168.2.xxx, your Subnet Mask is 255.255.255.0 and your Default Gateway is 192.168.2.1. These values confirm that your Wireless Barricade Plus is functioning. 4. Type "EXIT" and press to close the "Command Prompt" window. Configuring Your Macintosh Computer You may find that the instructions here do not exactly match your screen.
CONFIGURING CLIENT TCP/IP Here is what to do: 1. Pull down the Apple Menu. Click "Control Panels" and select TCP/IP. 2. In the TCP/IP dialog box, make sure that "Ethernet" is selected in the "Connect Via:" field.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS If "Using DHCP Server" is already selected in the "Configure" field, your computer is already configured for DHCP. Close the TCP/IP dialog box, and skip to Step 2 "Disable HTTP Proxy." 3. All the information that you need to record is on the "TCP/IP" dialog box. Use the space below to record the information. 4. After writing down your IP settings, select "Using DHCP Server" in the "Configure" field and close the window. 5.
CONFIGURING CLIENT TCP/IP Internet Explorer 1. Open Internet Explorer and click the stop button. Click "Edit" and select "Preferences." 2. In the Internet Explorer Preferences window, under Network, select Proxies. 3. Uncheck all checkboxes and click OK.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS Netscape 1. Open Netscape and click the stop button. Click "Edit" and select "Preferences." 2. In the "Preferences" dialog box, In the left-hand column labeled "Category," select "Advanced." Under the "Advanced" category, select "Proxies." 3. Select "Direct Connection to the Internet" and click OK.
CONFIGURING CLIENT TCP/IP Step 3. Obtain IP Settings From Your Wireless Barricade Plus Now that you have configured your computer to connect to your Wireless Barricade Plus, it needs to obtain new network settings. By releasing any old IP settings and renewing them with settings from your Wireless Barricade Plus, you will also verify that you have configured your computer correctly. 1. Pull down the Apple Menu. Click "Control Panels" and select TCP/IP.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 2. In the TCP/IP window, your new settings will be shown. Verify that your IP address is now 192.168.2.xxx, your Subnet Mask is 255.255.255.0 and your Default Gateway is 192.168.2.1. These values confirm that your Wireless Barricade Plus is functioning. 3. Close the TCP/IP window.
CONFIGURING CLIENT TCP/IP Dynamic IP Allocation via a DHCP Server Select “Obtain an IP address automatically” in the IP Address tab. Do not input any values under the “Gateway” tab, and choose “Disable DNS” in the “DNS Configuration” tab. These settings will be automatically configured by the DHCP server. Click “OK” and reboot your system to implement the changes.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS Manual IP Configuration 1. Select “Specify an IP address” in the “IP Address” tab. Select an IP address based on the default network 192.168.2.X (where X is between 1 and 254), and use 255.255.255.0 for the Subnet Mask. 2. In the “Gateway” tab, add the IP address of the Wireless Barricade Plus (default: 192.168.2.1) in the “New gateway” field and click “Add.” 3.
CONFIGURING CLIENT TCP/IP 4. After finishing TCP/IP setup, click “OK,” and then reboot the computer. After that, set up other PCs on the LAN according to the procedures described above. Verifying Your TCP/IP Connection After installing the TCP/IP communication protocol and configuring an IP address in the same network with the Wireless Barricade Plus, you can use the “Ping” command to check if your computer is successfully connected to the Wireless Barricade Plus.
SETTING TCP/IP TO WORK WITH THE WIRELESS BARRICADE PLUS 2. Is TCP/IP properly configured on your computer? If the IP address of the Wireless Barricade Plus is 192.168.2.1, the IP address of your PC must be from 192.168.2.2 - 192.168.2.254 and the Default Gateway must be 192.168.2.1.
APPENDIX A TROUBLESHOOTING This appendix describes common problems you may encounter and possible solutions to them. The Wireless Barricade Plus can be easily monitored through panel indicators to identify problems. If you cannot resolve any connection problems after checking the indicators, then refer to the other sections in the following table. Troubleshooting Chart Symptom Action LED Indicators Power LED is Off • External power supply has failed or is disconnected.
TROUBLESHOOTING Troubleshooting Chart Symptom Action LED Indicators Link LED is Off • Verify that the Wireless Barricade Plus and attached device are powered on. • Be sure the cable is plugged into both the Wireless Barricade Plus and the corresponding device. • Verify that the proper cable type is used and that its length does not exceed the specified limits. • Be sure that the network interface on the attached device is configured for the proper communication speed and duplex mode.
TROUBLESHOOTING Troubleshooting Chart Symptom Action Management Problems Cannot connect using the Web browser Forgot or lost the password • Be sure to have configured the Wireless Barricade Plus with a valid IP address, subnet mask and default gateway. • Check that you have a valid network connection to the Wireless Barricade Plus and that the port you are using has not been disabled. • Check the network cabling between the management station and the Wireless Barricade Plus.
TROUBLESHOOTING A-4
APPENDIX B CABLES Ethernet Cable Specifications Cable Types and Specifications Cable Type Max. Length Connector 10BASE-T Cat. 3, 4, 5 100-ohm UTP 100 m (328 ft) RJ-45 100 m (328 ft) RJ-45 100BASE-TX Cat. 5 100-ohm UTP Twisted-pair Cable Caution: DO-NOT plug a phone jack connector into any RJ-45 port. Use only twisted-pair cables with RJ-45 connectors that conform with FCC standards. For 10BASE-T/100BASE-TX connections, a twisted-pair cable must have two pairs of wires.
CABLES Figure B-1 illustrates how the pins on the RJ-45 connector are numbered. Be sure to hold the connectors in the same orientation when attaching the wires to the pins. Figure B-1. RJ-45 Connector Pin Numbers Straight-through Cable Straight-Through RJ-45 Pin Assignments End 1 End 2 1 (TD+) 1 (TD+) 2 (TD-) 2 (TD-) 3 (RD+) 3 (RD+) 6 (RD-) 6 (RD-) Pins 4, 5, 7 and 8 are not connected.
CABLES RJ-45 Port Pin Assignments All LAN ports on the Wireless Barricade Plus support automatic MDI/ MDI-X configuration. This means that the pin signals in use will depend on whether the LAN port is operating in MDI or MDI-X mode. However, the WAN port is configured only for MDI-X mode.
CABLES B-4
APPENDIX C SPECIFICATIONS LAN Interface 10BASE-T/100BASE-TX 3 RJ-45 ports WAN Interface 10BASE-T/100BASE-TX, 1 RJ-45 port WLAN Interface Standard: IEEE 802.11b, Direct Sequence Spread Spectrum (DSSS) Transmission Rate: 11 Mbps, automatic fallback to 5.5, 2 or 1 Mbps Maximum Channels: US/Canada: 11, Europe (ETSI): 13 Range: Up to 304.8m (1000 ft) Frequency: (US/Canada/Europe) 2.400-2.4835 GHz, Japan: 2.471-2.497 GHz Sensitivity: 1, 2, 5.
SPECIFICATIONS Maximum Current 0.04A RMS max.@110V/240V Power Consumption 5 Watts max.
SPECIFICATIONS Compliances CE Mark Emissions FCC Class B VCCI Class B Industry Canada Class B EN55022 (CISPR 22) Class B C-Tick - AS/NZS 3548 (1995) Class B Immunity EN 61000-3-2/3 EN 61000-4-2/3/4/5/6/8/11 Safety UL 1950 EN60950 (TÜV) CSA 22.2 No.
SPECIFICATIONS C-4
APPENDIX D ORDERING INFORMATION Barricade Plus Broadband Firewall Router Products SMC7004FW 4-port Cable/DSL Broadband Router - WAN/LAN SMC7004WFW 4-port Wireless Cable/DSL Broadband Router - WAN/LAN/WLAN D-1
ORDERING INFORMATION D-2
LIMITED WARRANTY SMC's Limited Warranty Statement Limited Warranty Statement: SMC Networks Europe ("SMC") warrants its products to be free from defects in workmanship and materials, under normal use and service, for the applicable warranty term. All SMC products carry a standard 2 year limited warranty from the date of purchase from SMC or its Authorized Reseller.
LIMITED WARRANTY WARRANTIES EXCLUSIVE: IF A SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, CUSTOMER'S SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESSED OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
LIMITED WARRANTY Full Installation Manual Full installation manuals are provided on the Installation CD-Rom. Manuals in other languages than those included on the CD-Rom are provided on www.smc-europe.com (section support). Firmware and Drivers For latest driver, technical information and bug-fixes please visit www.smc-europe.com (section support). Contact SMC Contact details for your relevant countries are available on www.smc-europe.com and www.smc.com.
