2
3
Copyright
This document, as well as the software described in it, is furnished under license and may be used or copied only in
accordance with the terms of the license. The content of this document is furnished for informational use only, it is
subject to change without notice, and it does not represent a commitment on the part of Corinex Communications
Corp.
Corinex Communications Corp. assumes no responsibility or liability for any errors or inaccuracies that may appear in
this document.
It is our policy to enhance our products as new technologies, hardware components, software and firmware become
available; therefore, the information contained in this document is subject to change without notice.
Some features, functions, and operations described in this document may not be included and sold in certain
countries due to government regulations or marketing policies.
The use of the product or its features described in this document may be restricted or regulated by law in some
countries. If you are unsure which restrictions or regulations apply, you should consult your regional Corinex office or
the authorized reseller.
Published by:
Corinex Communications Corp.
World Trade Center
404-999 Canada Place
Vancouver, B.C.
Canada V6C 3E2
Tel.: +1 604 692 0520
Fax: +1 604 694 0061
Corinex is a registered trademark of Corinex Communications Corp.
Apple, MAC OS X are either registered trademarks or trademarks of Apple Computer, Inc. in the U.S.A. and/or other
countries.
Microsoft, MS-DOS, MS, Windows are either registered trademarks or trademarks of Microsoft Corporation in the
U.S.A. and/or other countries.
All products or company names mentioned herein may be the trademarks of their respective owners.
Copyright (c) 2001-2004 by Corinex Communications Corp.
NOTE: This equipment has been tested and found to comply with the limits for a Class B information technology
equipment. These limits are designed to provide reasonable protection against harmful interference in a residential
installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in
accordance with the instructions, may cause harmful interference to radio communications. However, there is no
guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference,
the end user is advised to take adequate measures.
4
End User License Agreement
CORINEX COMMUNICATIONS CORPORATION
This End User License Agreement (“EULA”) is a legal agreement between you and
CORINEX COMMUNICATIONS CORPORATION (“CORINEX”) with regard to the
copyrighted Software provided with this EULA.
Use of any software and related documentation (“Software”) provided with a CORINEX
hardware product, or made available by downloading or otherwise to you by CORINEX
in whatever form or media, will constitute your acceptance of these terms, unless
separate terms are provided by the software supplier, in which case certain additional or
different terms may apply. If you do not agree with the terms of this EULA, do not
download, install, copy or use the Software.
1. Licence Grant. CORINEX grants to you a personal, non-transferable and nonexclusive right to use the copy of the Software provided with this EULA. You agree you
will not copy the Software except as necessary to use it on a single hardware product
system. You agree that you may not copy the written materials accompanying the
Software. Modifying, translating, renting, copying, transferring or assigning all or part of
the Software, or any rights granted hereunder, to any other persons, and removing any
proprietary notices, labels or marks from the Software is strictly prohibited. Furthermore,
you hereby agree not to create derivative works based on the Software. You may
permanently transfer all of your rights under this EULA, provided you retain no copies,
you transfer all of the Software, and the recipient agrees to the terms of this EULA. If the
Software is an upgrade, any transfer must include all prior versions of the Software.
2. Copyright. The Software is licensed, not sold. You acknowledge that no title to the
intellectual property in the Software is transferred to you. You further acknowledge that
title and full ownership rights to the Software will remain the exclusive property of
Corinex Communications Corporation and/or its suppliers, and you will not acquire any
rights to the Software, except as expressly set forth above. All copies of the Software
will contain the same proprietary notices as contained in or on the Software.
3. Reverse Engineering. You agree that you will not attempt, and if you are a
corporation, you will use your best efforts to prevent your employees and contractors
from attempting to reverse compile, modify, translate or disassemble the Software in
whole or in part. Any failure to comply with the above or any other terms and conditions
contained herein will result in the automatic termination of this license and the reversion
of the rights granted hereunder to CORINEX.
5
4. Disclaimer of Warranty. The Software is provided “AS IS“ without warranty of any
kind. CORINEX and its suppliers disclaim and make no express or implied warranties
and specifically disclaim warranties of merchantability, fitness for a particular purpose
and non-infringement of third-party rights. The entire risk as to the quality and
performance of the Software is with you. Neither CORINEX nor its suppliers warrant that
the functions contained in the Software will meet your requirements or that the operation
of the Software will be uninterrupted or error-free.
5. Limitation of Liability. Corinex’s entire liability and your exclusive remedy under this
EULA shall not exceed the price paid for the Software, if any. In no event shall
CORINEX or its suppliers be liable to you for any consequential, special, incidental or
indirect damages of any kind arising out of the use or inability to use the software, even
if CORINEX or its supplier has been advised of the possibility of such damages, or any
claim by a third party.
6. Applicable Laws. This EULA will be governed by the laws of Canada, excluding its
conflict of law provisions.
7. Export Laws. This EULA involves products and/or technical data that may be
controlled under any applicable export control laws, and regulation, and may be subject
to any approval required under such laws and regulations.
8. Precedence. Except as set out above, where separate terms are provided by the
software supplier, then, subject to this EULA, those terms also apply and prevail, to the
extent of any inconsistency with this EULA.
6
Content
Copyright ......................................................................................................................... 4
End User License Agreement.......................................................................................... 5
Content ............................................................................................................................ 7
1.
Introduction............................................................................................................... 8
2.
Product Specification.............................................................................................. 11
3.
Installation Overview .............................................................................................. 16
4.
Corinex Wireless to Powerline Router G Configuration .......................................... 34
5.
Powerline Setup through the Ethernet Interface using Corinex Setup Tool............ 72
6.
Setup of Router SNMP Powerline Agent on the OPM Management Station .......... 78
7.
Setup of Router SNMP Powerline Agent on the OMH Software............................. 83
Appendix A: Troubleshooting......................................................................................... 86
Appendix B: Wireless Security....................................................................................... 93
Appendix C: Glossary.................................................................................................. 101
Appendix D: How to Ping your ISP’s E-mail and Web addresses................................ 110
Appendix E: Finding the MAC address and IP address for your Ethernet Adapter...... 112
7
1. Introduction
Congratulations to your choice of Corinex Wireless to Powerline Router G. The Router
allows you to set up a home or small business network to share your high-speed
Internet connection using either Ethernet cabling, Powerline or Wireless connection.
1.1 Powerline Routing Overview
The Corinex Wireless to Powerline Router G provides a convenient Internet access and
distribution capability for broadband service providers and users alike, using any
incoming high speed signal, whether by A/DSL, cable, satellite or fiber optics as access
and using the existing electrical wires as distribution media. This product enables
multiple users in small to medium size offices and homes to share one broadband
account and experience a high speed networking capability for data, voice, audio
and video, without pulling new wires. The embedded Network Address Translation
(NAT) feature enables the usage of a private set of IP addresses, which the Router
translates into a single public IP address. The Router can also act as a DHCP server by
automatically allocating a dynamic IP address to each piece of equipment, which
connects by a communications port, like Ethernet, USB, 802.11b or 802.11g to the
network. The Router has four LANs 10/100M, one WAN 10/100M Ethernet, one
powerline port and one Wireless 802.11b/g port. The Router can act as the "bridge"
between the access side of the network and its specific wire requirements and the
distribution side of the network, which uses the existing electrical wires to move the
signals to every electrical outlet and makes those signals available to wired or portable
devices or uses the wireless type of connection also. The Corinex Wireless to Powerline
Router G supports the Corinex Powerline and CableLAN product family, which include:
• Corinex Powerline Ethernet Adapter
• Corinex Powerline USB Adapter
• Corinex Powerline Ethernet Wall Mount
• Corinex Powerline Dual Ethernet Wall Mount
• Corinex CableLAN Adapter
• Corinex Powerline Router
• Corinex Wireless to Powerline Access Point
The Router‘s connection to the electrical wires (powerline) is based upon the HomePlug
1.0 industry standard. This standard warrants a robust and reliable performance for all
HomePlug certified devices connected to the network. The reliability is made possible by
the use of the Orthogonal Frequency Division Multiplexing (OFDM) technology. This
multi-carrier modulation scheme allows devices to dynamically "surf the channel" –
instantly shifting data from one carrier to another, looking for the least noise affected
carrier to bring the signal to its destination. All Corinex Powerline and CableLAN
products have been optimized for low-latency, high-reliability networking applications
and use the HomePlug certified Powerline networking technology, which supports data
rates up to 14 Mbps.
8
The Corinex Wireless to Powerline Router G also fully complies with the IEEE 802.3 and
802.3u 10/100M standard and offers static and dynamic IP routing mode operation,
NAT, DHCP, MAC and IP filtering functionality. The Router supports a wide range of
communications protocols and works seamlessly with all major access technologies,
including A/DSL and Cable modems with PPPoE (PPP over Ethernet), as well as "Direct
Connection" type service. The Corinex Wireless to Powerline Router G has advanced
firewalling features, which protect home/SOHO networks from unwanted access.
The Corinex Wireless to Powerline Router G offers a convenient way to create a simple
network through the existing power lines of a home or office with the additional ability to
provide you with wireless access to your network. Corinex Wireless to Powerline Router
G offers several levels of security, including with 64/128-bit WEP encryption and 802.11i
(WPA /WPA-PSK) for the wireless pass-through and 56-bit DES encryption for the
Powerline pass-through. Enhanced security management functions, such as
Wireless/Wired 802.1x, and Embedded RADIUS Server, guarantee that your data
always is secured. The high data rate enables high quality video or any high bandwidth
service to wherever there is a power outlet. Using the web-based user interface (UI), the
device is easily set up and maintained. All functions can be configured with the UI via
web browsers.
Corinex Wireless to Powerline Router G uses 56-bit DES encryption with key
management for secured powerline communications applications. End user equipment,
which uses Corinex adapters to connect to the network, can run on Windows
98/ME/2000/NT/XP, Linux and MAC operating systems and use the full range of the
Router’s networking features.
1.2 Corinex Wireless to Powerline Router G Features
The Corinex Wireless to Powerline Router G contains an HTTP server with a web
configurable SNMP Agent. This enables you to connect to it, and configure it, using your
web browser. Every Corinex Powerline, CableLAN and Wireless product, no matter
where it is located in the network, can be managed by the Corinex Open Powerline
Management software or by using a web browser. Corinex offers a one-stop-shop
experience and offers this for networking solutions in homes, apartments and
condominiums, small to medium size offices, schools, hospitals, conference centers or
shopping malls. For hotels, Corinex has developed a special management software
called Corinex Open Management for Hotels.
1.2.1 Main Functions
•
•
•
•
•
•
Supports 802.11g Wireless LAN
Supports HomePlug 1.0 Powerline network
Simultaneous operation on 802.11g wireless LAN and Powerline network
Enhanced Security Management Functions: Port Filtering, MAC and IP Address
Filtering, Wireless/Wired 802.1x, Embedded RADIUS Server
Supports 64/128 bits WEP Key in Wireless 802.11g LAN
Supports 56-bits DES Key for Powerline network
9
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
The Wireless 11g operation provides data rate at 6, 9, 12, 18, 24, 36, 48, 54Mbps
with auto fallback at 11b data rate at 1, 2, 5.5, and 11Mbps.
For 802.11g, supports 11 channels for North America, 13 for Europe (ETSI) and
14 for Japan
Supports Wireless Distribution System (WDS) –Wireless Bridge, Wireless
Repeater
Supports 802.11i – WPA / TKIP, AES, PSK
Easily Configurable through your networked PC’s Web browser
Administrators can block specific internal users’ Internet access with filtering and
802.1x
TCP, UDP, ICMP, IGMP
IEEE 802.1D (self learning transparent bridge)
IEEE 802.1D Spanning Tree Protocol
DDNS, DNS Proxy, DHCP Server/Client
HTTP Server (Basic Realm Support)
Transparent HTTP Proxy
SNMP V1/V2c Agent
Remote administration and remote upgrades available over the Internet
Supports Universal Plug and Play (UPnP)
Supports Traffic and Event Logging
Support for NTP (Network Time Protocol) for Synchronizing with a Real-Time
Server
1.2.2 Hardware
• 802.3 10/100 Base-T
• 802.11g Wireless LAN
• HomePlug 1.0 Powerline network
1.2.3 Security
• Password protected configuration or management sessions for web access
• Built-in HTTP Server for setup and easy remote management via any browser
• Wireless/Wired 802.1x
1.3 Package Content
This Package Includes:
• Corinex Wireless to Powerline Router G
• Installation CD-ROM (including Corinex Wireless to Powerline Router G User Guide)
• Wireless antenna
• Power Cord
• 2 Ethernet cables (RJ-45)
• Quick Start Guide
10
As we do constant improvement of our products, it can happen that we have newer
versions of software tools than those included on the Installation CD. If you want to
check and/or download the latest versions of software for your Corinex product, just
click the www.corinex.com/download
Enclosed CD Content:
- Corinex Wireless to Powerline Router G Quick Start Guide
- Corinex Wireless to Powerline Router G User Guide (this document)
- Powerline Setup Tool for Windows, MAC OS X and Linux
- Acrobat Reader
1.4 Requirements
•
•
•
•
•
•
IBM Compatible PC or Macintosh computer (needed for initial configuration of the
Router)
AC 220/110 V power outlet
Broadband Connection (DSL, Cable) or Internet device with 10/100
Ethernet connection
Ethernet, Powerline and/or Wireless connection for each computer
Windows 98/ME/2000/NT/XP, Mac OS X or Linux operating system for
computers sharing the Internet connection
Web browser supporting JavaScript for the Router management
2. Product Specification
This section defines the hardware and software specifications
2.1 Hardware Features
2.1.1 Hardware Parameters
Memory type
SDRAM:
FLASH:
16MB SDRAM (4MB x 32 Bits)
2MB NOR-Flash (16Bits)
Ethernet Interfaces
•
•
LAN: 4 x 10/100 Mbps Ethernet Port (RJ-45)
WAN: 1 x 10/100 Mbps Ethernet Port (RJ-45)
Electrical Parameters
One AC power connector for both Powerline networking and power supply
11
Input Voltage:
Line Frequency:
AC 100V~240V
60/50Hz (USA/Europe)
Wireless Parameters
Peak Gain of the Antenna
802.11g:
2.4 GHz => 2dBi
Transmitted Power
802.11g:
Typ. 14dBm @ Normal Temp Range
Receive Sensitivity
802.11g:
11Mbps @ -80 dBm
54Mbps @ -66 dBm Typical
Environmental Parameters
Operation
Storage
Operating Temperature: 0ºC to 40ºC (32ºF to 104ºF)
Operating Humidity 10% to 85% Non-Condensing
Storage Temp: -20ºC to 70ºC (-4ºF to 158ºF)
Storage Humidity 5% to 90% Non-Condensing
EMI/EMC
FCC Part 15B, UL, CE (EMI, EMC, Safety)
2.2 Physical Details
Fig.2.1 Corinex Wireless to Powerline Router G
12
Front Panel
Fig.2.2 Corinex Wireless to Powerline Router G - front panel
LED Definition:
System
Power: Green On: The Power LED illuminates when the Corinex Wireless to Powerline
Router G is powered on
WAN
ACT: Green On: Link
Blinking: receiving/transmitting data
LAN
LINK /ACT: Green On: Link
Blinking: receiving/transmitting data
Powerline
ACT: Green: Blinking: receiving/transmitting data
Off: No data transmitted to Powerline
COL: Green: Blinking when collision is occurred on this port.
WLAN (11G)
ACT: Green: Steady on when link is ready
Blinking: receiving/transmitting data through 802.11g WLAN interface
Rear Panel
Fig.2.3 Corinex Wireless to Powerline Router G rear panel
13
Reset Switch
Push = reboot (Press the button no longer than 5 sec)
Hold until all the LED have been lightened = Reboot & Restore to default settings
LAN Ports
For linking computers or other Ethernet devices, e.g. a hub/switch
LAN: 4 x 10/100 Mbps Ethernet Port (RJ-45)
WAN Port
For linking to the Ethernet port of a cable/DSL modem
WAN: 1 x 10/100 Mbps Ethernet Port (RJ-45)
Antenna
For connection to wireless devices based upon the 802.11b/g standard
Power Inlet
The device is equipped with power supply. It serves the both: powerline network
connection and power supply.
2.3 Software Features
2.3.1 General Features of the Corinex Wireless to Powerline Router G
Feature
Protocol Support
Power-line network
Wireless LAN (802.11g)
Security
Additional Information
• TCP/IP
• ICMP
• PPPoE (PAP / CHAP)
• PPTP (Microsoft PPTP Client)
• Static Routing Protocol
• Dynamic Routing Protocol (RIPv1 / RIPv2)
• Wireless Distribution System (WDS)
• Broadcom AfterBurner (125Mbps High Speed Mode)
• VPN tunnel passing support (PPTP, L2TP, IPsec)
• 14 Mbps
• 56 bits DES Key
• Wired 802.1x (EAP-MD5)
• SSID, Full Channels Support
• 64/128 bits WEP on 802.11g
• 802.11i – WPA / AES, TKIP, PSK
• Wireless 802.1x
• WDS with WPA/PSK
• Broadcom AfterBurner (125Mbps High Speed Mode)
• Stateful Inspection (SPI) Firewall
• MAC & IP filtering
• 802.1Q Tagged VLAN
14
•
•
Management
Other Features
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
QoS – 802.1P, TOS
Wireless 802.1x (EAP-MD5, EAP-PEAP, EAP-LEAP,
EAP-TLS, EAP-TTLS)
Wired 802.1x (EAP-MD5)
802.11i – WPA / AES, TKIP, PSK
56Bit DES Key for Powerline
Embedded HTTP Daemon
SNMP v1/v2c Agent
Embedded RADIUS Server (EAP-MD5 only)
Firmware upgrade through Web browser
Zebra & RIPD Terminal (CISCO-like CLI)
UPNP IGD 1.0
DHCP Server/Client
Dynamic DNS client
DNS Proxy
Transparent HTTP Proxy
NTP (Network Time Protocol)
Syslog
2.4 Safety Labels
Content of the Label on the Bottom of the Corinex Wireless to Powerline Router G
The label shows the voltage and current values for your Router. It also shows both MAC
Addresses (WAN & LAN) and serial number (SN), as well as the network Password
required for remote Powerline password change as defined in the Corinex Open
Powerline Management Software or Corinex Open Management for Hotels.
15
3. Installation Overview
This part of the User Guide will assist you with your initial installation and configuration
of your network and help you with settings, which you need to configure for your Internet
connection to be shared through Ethernet, Powerline or Wireless media.
Fig.3.1 Corinex Powerline Network Installation Example
The next chapters will explain to you how to connect your Corinex Wireless to Powerline
Router G in three easy steps.
Step 1: Connecting the Router – First you need to connect cables and connect the
Router both to the power and to the Internet connection; and, optionally to your Ethernet
connected computers.
Step 2: Connecting the Computers – Then you will need to connect the computers to
the Router, in order to be able to configure the settings of the Router. These steps differ
between Ethernet, Powerline and Wireless connection and also it differs between
different sorts of operating systems and computers.
Step 3: Configuring the Router – The last step required is to configure your Corinex
Wireless to Powerline Router G settings according to your Internet connection.
3.1 Step 1: Connecting the Router
16
In this Step, you will connect the Corinex Wireless to Powerline Router G to your
Internet connection (cable or DSL modem) and to the computers in your home or
business environment sharing the Internet connection.
A. Connect your Internet connection (cable or DSL modem) to its proper connector—the
coaxial jack for cable, or the phone jack for DSL (follow the instructions from your cable
or DSL modem’s installation guide).
B. Use the Ethernet cable that had been supplied as part of the shipment of your
Corinex Wireless to Powerline Router G. Connect this Ethernet cable from the LAN or
Ethernet port of the Internet connection (cable or DSL modem) to the WAN port of the
Corinex Wireless to Powerline Router G.
C. Use the Ethernet cable that had been used to connect your Internet connection
(cable or DSL modem) to your computer. Connect this Ethernet cable to your computer’s
Ethernet adapter. Connect the other end of the cable to the LAN port on the back of the
Corinex Wireless to Powerline Router G.
Note: If your Computer’s Ethernet adapter is not set up, please refer to the Ethernet
adapter’s user guide for more information.
D. Connect the power cable to the Corinex Wireless to Powerline Router G, and then
plug the power cable into a power outlet
Turn on the Internet connection (cable or DSL modem). Then turn on the computer you
wish to use to configure the Corinex Wireless to Powerline Router G.
3.2 Step 2: Configuring Computers
The instructions in this chapter will help you to configure each of your computers to be
able to communicate with the Corinex Wireless to Powerline Router G.
This process differs between Ethernet, Powerline and Wireless connected computers,
and also differs between different operating systems.
If you have a Powerline connected computer proceed to A, if you have an Ethernet
connected computer, proceed to B, and if you have Wireless connected computer
proceed to C.
A. Using the Powerline Connection
Please refer to the Manual of your Powerline Adapter to establish a Powerline
connection between the Corinex Wireless to Powerline Router G and the other
Powerline Adapters. Use the default Powerline (NEK) password "HomePlug", as this is
the factory default password setting for the Corinex Wireless to Powerline Router G.
When you are using the Corinex Setup Tool to configure your powerline adapter, you
can check, whether your Adapter has a powerline connection to the Corinex Powerline
Router by searching in the last window of the Corinex Setup Tool for the MAC address
17
of the Router. You will find the MAC address of your Corinex Powerline Router on the
label on the bottom of the Router’s plastic cover (MAC PLC/SN). Proceed to B.
Fig.3.2 Corinex Setup Tool
B. Using the Ethernet Connection
Next you will need to configure your TCP/IP settings so that your computer will obtain an
IP (or TCP/IP) address automatically (called DHCP). Computers use IP addresses to
communicate with each other across a network or the Internet.
Find out which operating system your computer is running, such as Windows 95, 98,
Millennium, 2000, XP, Linux or Macintosh OS or other operating system. Then follow the
instructions for configuring the TCP/IP networking in the following section.
Configuring Windows XP PCs
1. Click the Start button, open the Control Panel. From there, click the Network
Connections icon and then the Network Connections window appears.
2. Select the Local Area Connection icon for the applicable adapter (Ethernet
adapter or Powerline - usually the first adapter listed). Double-click the Local
Area Connection.
18
Fig.3.3 Local Area Connection Status
3. The Local Area Connection Status screen will appear. Click the Properties
button.
4. Select Internet Protocol (TCP/IP) and click the Properties button.
Fig.3.4 Local Area Connection Properties
19
5. Select Obtain an IP address automatically and click the OK button. Click the
OK button again (or the Close button if no settings were changed) to complete
the computer configuration.
Fig.3.5 Internet Protocol (TCP/IP) Properties
6. If you do not have DHCP server on the network or it is switched off, then select
Use the following IP address. Set the IP address manually in the format
10.0.0.X and mask 255.255.255.0 of local TCP/IP settings. In the Default
gateway box, set the gateway address. The default is 10.0.0.2.
20
Fig.3.6 Internet Protocol (TCP/IP) Properties
7. Check the radio button for Use the following DNS server addresses. In the
Preferred DNS server and Alternate DNS server boxes, type the IP addresses
of DNS Server provided by your ISP.
8. Click OK button in the TCP/IP Properties window to complete the PC
configuration, and click Close or the OK button to close the Network window.
Configuring Windows 2000 PCs
1. Go to the network screen by clicking the Start button. Click Settings and then
Control Panel. From there, double-click the Network and Dial-up Connections
icon.
2. Select the Network and Dial-up Connections icon for the applicable Ethernet
adapter (usually it is the first Local Area Connection listed). Do not choose a
TCP/IP entry which name mentions DUN, PPPoE, VPN, or AOL. Double click the
Local Area Connection.
3. The Local Area Connection Status screen will appear, as shown in Figure 3.7.
Click the Properties button.
21
Fig.3.7 Local Area Connection Status
4. Select Internet Protocol (TCP/IP), as shown in Figure 3.8, and click the
Properties button.
Fig.3.8 Local Area Connection Properties
5. Obtain an IP address automatically, as shown in Figure 3.9, then click the OK
button.
22
Fig.3.9 Internet Protocol (TCP/IP) Properties
6. If you do not have DHCP server on the network or it is switched off, then select
Use the following IP address. Set the IP address manually in the format
10.0.0.X and mask 255.255.255.0 of local TCP/IP settings. In the Default
gateway box, set the gateway address. The default is 10.0.0.2.
Fig.3.10 Internet Protocol (TCP/IP) Properties
7. Click OK button in the TCP/IP Properties window to complete the PC
configuration, and click Close or the OK button to close the Network window.
23
Configuring Windows 98 and Millennium PCs
1. Go to the network screen by clicking the Start button. Click Settings and then
Control Panel. From there, double-click the Network icon.
2. On the Configuration tab, select the TCP/IP line for the applicable Ethernet
adapter, as shown in Figure 3.11.
Fig.3.11 Local Network
Do not choose a TCP/IP entry that mention DUN, PPPoE, VPN, or AOL names. If the
word TCP/IP appears by itself, select this line. (If there is no TCP/IP line listed, refer
to Appendix D: Installing the TCP/IP Protocol or your Ethernet Adapter’s User Guide
to install TCP/IP now.) Click the Properties button.3. Click the IP Address tab and
select Obtain an IP address automatically, as shown in Figure 3.12.
3. Click the IP Address tab and select Obtain an IP address automatically, as
shown in Figure 3.12.
24
Fig.3.12 Obtain the IP Address
4. If you do not have DHCP server on the network, then select Use the following IP
address. Set the IP address manually in the format 10.0.0.X and mask
255.255.255.0 of local TCP/IP settings and click the OK button.
Fig.3.13 Set the IP Address
25
5. Now click the Gateway tab. In the Default Gateway box, set the gateway
address. The default is 10.0.0.2.
Fig.3.14 TCP/IP Properties Gateway
6. Click the OK button again. Windows may ask you for the original Windows
installation disk or additional files. Supply them by pointing to the correct file
location, e.g., D:\win98, D:\win9x, c:\windows\options\cabs, etc. (if "D" is the letter
of your CD-ROM drive).
7. Windows may ask you to restart your PC. Click the Yes button. If Windows does
not ask you to restart, restart your computer anyway.
Configuring Linux PCs
To access the Internet via the Corinex Wireless to Powerline Router G, it is only
necessary to set the Corinex Wireless to Powerline Router G as the "Gateway". Setup
differs between various Linux distributions, we are giving the Mandrake as an example,
check your distribution, how to change IP settings.
Note: Ensure that you are logged in as "root" before attempting any changes, or you will
be asked for root login and password later during configuration.
DHCP Client
The procedure below may vary according to your version of Linux and
X windows shell.
26
1. Start your X Windows Shell
Fig.3.15 TCP/IP Configuring Linux
2. Select Control Center (Fig. 3.15). If you are not logged as root, the following
screen will appear. Enter your root password.
Fig.3.16 Entering root Password
3. The following screen (Fig. 3.17) will appear. Select Network & Internet.
27
Fig.3.17 Configuring Linux Control Center
4. In the following screen (Fig. 3.18) select DrakConnect (for setting up network &
Internet connection).
Fig.3.18 Configuring Linux Control Center
5. Select the Interface entry for your Network card. Normally, this will be called
"eth0".
28
Fig.3.19 Configuring Linux Control Center Selecting Network card
6. Click the Wizard button then on next dialogue (Fig.3.20) click on the Next button.
Fig.3.20 Network Configuration Wizard
7. Select LAN connection (Fig.3.21) and click on Next button.
29
Fig.3.21 Network Configuration Wizard Choosing the Connection Type
8. On the next screen select Automatic IP. Click on the Next buttons on all screens
until you click Finish.
Fig.3.22 Network Configuration Wizard Automatic IP selection
Fixed IP Address
By default, most Linux installations use a fixed IP Address. If you wish to continue using
a fixed IP Address, make the following changes to your configuration.
•
Set the IP address manually in the format 10.0.0.X and Netmask 255.255.255.0
30
•
•
Set your Default Gateway to the IP Address of the Corinex Wireless to Powerline
Router G. The default is 10.0.0.2.
Ensure your DNS (Name Server) settings are correct.
Fig.3.23 Network Configuration Wizard Static IP address
Configuring Macintosh clients
With Macintosh computers, the procedure is as follows:
1. Open the Network Control Panel in System Preferences.
Fig.3.24 System Preferences
2. Select Ethernet from the pop-up menu.
31
Fig.3.25 Network
3. Select Using DHCP from the TCP/IP tab, field Configure. The DHCP Client ID
field can be left blank.
Fig.3.26 Network TCP/IP Using DHCP
4. Close the Network panel, saving your settings.
32
Note:
If using manually assigned IP addresses instead of DHCP, the required changes are:
•
•
•
Set the IP address manually in the format 10.0.0.X and Subnet Mask
255.255.255.0
Set Router address field to the Corinex Wireless to Powerline Router G IP
address. The default is 10.0.0.2.
Ensure your DNS settings are correct.
Fig.3.27 TCP/IP settings – Manually
Configuring other clients
For fixed IP Addresses:
Ensure the Gateway field for your network port is set to the IP address of the Corinex
Wireless to Powerline Router G
Ensure your DNS (Name Server) settings are correct.
For DHCP:
Ensure the TCP/IP address settings of your Network port are set to DHCP or Automatic
33
C. Using the Wireless Connection
You may need to reconfigure some wireless settings to ensure that all settings match
between wireless devices based on 802.11g standard.
Note: Different wireless settings will disable wireless network connections between
wireless adapters.
Default Wireless Interface Settings are:
SSID: corinex
Channel: 11
WEP: Disabled
Note: WEP is disabled by default for an easier installation. For enhanced security
purposes, it is recommended that you later (after successful configuration) enable WEP
on all wireless devices.
Find out which operating system is running your computer, like Windows 95, 98,
Millennium, 2000, XP, Linux or Macintosh OS X or any other operating system. Then
follow the instructions for configuring the TCP/IP networking for your system in the
previous section. The settings of the TCP/IP level for each platform are similar to the
procedure as described in the previous section “Using the Ethernet Connection”.
4. Corinex Wireless to Powerline Router G Configuration
4.1 Overview
For your convenience, use the Corinex Wireless to Powerline Router G web-based utility
to configure it. This chapter will explain all of the functions of this utility. The utility can be
accessed via Microsoft Internet Explorer, Netscape Navigator, Opera or other web
browsers to set up Ethernet, Wireless, or Powerline computer connections to the
Corinex Wireless to Powerline Router G. This utility has a consistent design for all of its
screens. It consists of screen selection tabs on the top part of screen and the display
screen.
NOTE: The appearance of the user interface screenshots displayed in the following part
of this document may vary due to the firmware version currently available in your device.
It is recommended that you check for the latest firmware version on the Corinex web
site: www.corinex.com
34
TABS
SCREEN
Fig. 4.1 TABS and SCREEN
As you click on the selection tabs, different screens will be displayed.
For a network setup, most users only have to use the following tabs of the utility:
• WAN - enter the settings provided by your ISP.
• Basic – In this section the user can setup the Corinex Wireless to Powerline
Router G the login settings. The default username is admin and password is
admin, too. To protect the Corinex Wireless to Powerline Router G, change the
password from its default.
The Basic, LAN, WAN, Status, Filters, Routing, Wireless, Powerline, Security and
Firmware tabs are available for setup of the Corinex Wireless to Powerline Router G.
Each of these tabs groups have several similar settings, of which you can choose to
access display screens. The display screen consists of one or more entry fields
containing current values of the settings. By changing these values you can configure
the device. Most of the screens have an Apply and Cancel button. The Apply button
will enter the settings from the screen into the Corinex Wireless to Powerline Router G.
The Cancel button will erase all provided changes.
35
4.2 Password Entry
To access the web-based utility of the Router, launch Internet Explorer or other web
browser, and enter the Router’s default IP address, 10.0.0.2, in the Address field, as
shown in Fig. 4.2 and press Enter. Enter this value in the following format http://10.0.0.2
Fig. 4.2 HTTP Address field
Note: Make sure that the TCP/IP settings of your network interface are configured
correctly!
After this, a password requested page shown in Fig. 4.3 will appear (non-Windows XP
users will see a similar screen). Enter admin in the User Name field and enter admin in
the Password field. Then click the OK button.
Fig. 4.3 Login window
4.3 Basic Tabs
The first screen that appears displays the Basic tab. This allows you to change the
Corinex Wireless to Powerline Router G general settings. Change these settings as
described here and click the Apply button to apply your changes or Cancel to cancel
your changes. The Restore Default option will restore all of the settings in the Router to
the factory default settings. To restore the factory default settings, click the Restore
Default button. To restart or reboot the device, press the Reboot button. Restarting or
rebooting the router will not delete any of your configuration settings.
36
Fig. 4.4 Basic settings window
In the Router Username field you can change the management access password to the
Router. For that you will need to enter both the current password in the Router
37
Password field. Default username and password from the factory is admin (password is
case sensitive). You can also define the Router WAN Port address for the access to the
Router from the WAN side.
Router Mode
Some applications may require the complete disabling of Network Address Translation
(NAT) and switching the router to a Bridge mode. For enabling this mode, select it from
the combo-box. We recommend to switch off the firewall as well. If you want to switch
the router back to default mode and enable NAT, select the mode Router.
Firewall
Your Router is equipped with a firewall that will protect your network from a wide array of
common hacker attacks including Ping of Death (PoD) and Denial of Service (DoS)
attacks. You can enable the Firewall feature by selecting from drop down menu. You
prevent your network from being “pinged,” or detected, by other Internet users. The
Firewall feature also reinforces your network security by hiding your network ports. You
can turn the firewall function off if it is interfering with an application’s function. Turning
off the firewall protection will not leave your network completely vulnerable to hacker
attacks, but it is recommended that you turn on the firewall whenever possible. This
feature is enabled by default.
You can enable/disable the Firewall in the Firewall Enable/Disable field.
Time Zone Setting
If required, you can setup the Time Zone. Change the time zone in which your network
functions from this pull down menu. In the part NTP Servers you can choose the IP
address of predefined time servers or you can type in the IP address of your own time
server for receiving the time synchronization.
SNMP Agent
38
Corinex SNMP v1/v2c Agent allows a SNMP management software (like the Corinex
Open Powerline Management or Corinex Open Management for Hotels software) to
retrieve reports from the networked device. These reports are based upon the defined
objects in the Management Information Base (MIB). The agent queries, reports, and sets
MIB variables based upon directions from the NMS or upon pre-set alarm conditions.
Corinex SNMP v1/v2c will work with the most popular NMS solutions such as HP
OpenView and SunNet Manager. Because the Corinex SNMP v1/v2c Agent is bilingual,
it can communicate with an NMS that is running either SNMP Version 1 or Version 2c.
You can set the SNMP Agent for the SNMP management software to Enabled in the
SNMP v1/v2c Agent drop down menu. Then you can also change the Read-Only
Community and Read-Write Community strings in the corresponding fields. Default
values are public and netman, and we are recommending you to change them, as they
are well known and enable others to configure your Router from other computers.
You can also define the trap server IP address in the V2c Trape Receiver filed.
HTTP Proxy settings
Using a proxy server leads to reduced bandwidth usage and thus helps keeping the
network-related costs lower. If you want to use Proxy server you must enter the required
parameters in to the following fields.
Transparent HTTP Proxy - You can Enable or Disable the HTTP Proxy by selecting
from drop down menu.
Remote HTTP Proxy Server Address - Enter the Remote HTTP Proxy Server IP
address in this field.
Remote HTTP Proxy Server Port – Enter the number of the HTTP proxy server port
DDNS Settings
The Router offers a Dynamic Domain Name System (DDNS) feature. DDNS lets you
assign a fixed host and domain name to a dynamic Internet IP address. It is useful when
you are hosting your own website, FTP server, or other server behind the Router. To
39
use the service, you must first apply an account from several free Web servers such as
www.dyndns.org, or www.TZO.com
DDNS Service - You can Enable or Disable the DDNS Service by selecting from drop
down menu.
DDNS Username - Enter the User Name for your DDNS account
DDNS Password - Enter the Password for your DDNS account.
DDNS Service Provider - From this pull-down menu, enter the DDNS service with
which you have membership.
DDNS Desired Host Name/Domain Name –Enter the DDNS URL address assigned by
the DDNS service.
DDNS Desired MX – The DDNS server system also supports MX records. These can
be used for pointing incoming mail to your domains (such as john.com) to the proper
mail server.
Note: The DESTINATION ADDRESS of an MX record MUST be a domain name and
NOT simply an IP address.
You can also Backup MX service by selecting true (for backup) or false (for no backup)
option from the drop down menu.
DDNS Sub-system - You can choose a subsystem name from dyndns, statdns, or
custom.
DDNS Wildcard – Wildcard option (only for DynDNS.org)
Some DDNS servers support the wildcard feature which allows the hostname,
*.yourhost.dyndns.org, to be aliased to the same IP address as yourhost.dyndns.org.
This feature is useful when there are multiple servers inside and you want users to be
able to use things such as www.yourhost.dyndns.org and still reach your hostname.
40
When using wildcard, you simply enter yourhost.dyndns.org in the DDNS Desired Host
Name/Domain Name.
Syslog IP Address
You can set the Syslog IP Address to the LAN IP of the machine running the syslog
daemon, or to broadcast the Logs to the LAN (x.x.x.255).
UPnP
Universal Plug and Play (UPnP) helps devices, such as Internet appliances and
computers, access the network and connect to other devices as needed. UPnP devices
can automatically discover the services from other registered UPnP devices on the
network.
You can Enable or Disable the UPnP (automatic device configuration) feature by
selecting from drop down menu. The default setting for UPnP is disabled. If disabled, the
router will not allow any device to automatically control the resources, such as port
forwarding (mapping), of the router.
Note: If you use applications such as multi-player gaming, peer-to-peer connections,
real time communications such as instant messaging, or remote assistance (a feature in
Windows XP), you should enable UPnP.
In the Connection Logging field you can select appropriate setting from the drop down
menu. The four options are offered: Disabled, Denied, Accepted or Both.
Press the Apply button to put all changes in the Basic settings window into effect.
After you press the Apply button, the notification screen will appear. This screen notifies
you of any errors that were detected while changing the router's settings. If all values
were inserted correctly and you do not see any error messages (Validating values...done
and also Committing values...done) your configuration has been updated. Reboot the
system to enable the new configuration or continue without restarting the device by
pressing the Continue button.
41
4.4 LAN Tabs
Select the LAN settings from the main tabs. The following screen will appear:
Fig. 4.5 LAN settings window
In this screen you can change the settings of your local area network.
Router IP
MAC Address – shows the MAC Address of the LAN interface
In the IP Address and Subnet Mask fields you can change the IP address of the LAN
interface of your Router. The default value is 10.0.0.2, mask 255.255.255.0. You see
also the MAC Address of the LAN interface.
42
DHCP Server
DHCP is Enabled by factory default. If you already have a DHCP server on your
network, or you don’t want a DHCP server, then select the Disable from drop down
menu (no other DHCP features will be available).
Using the DHCP Starting IP Address and DHCP Ending IP Address you can change
the values of the IP addresses assigned to the DHCP clients. The DHCP address
assignment can expire if the address is not used. This value can be defined in the DHCP
Lease time field in seconds.
Active DHCP Leases shows all active DHCP leases with each computer's name, IPaddress,
Hardware
address,
and
when
its
lease
expires.
Spanning Tree
Corinex Wireless to Powerline Router G supports 802.1d Spanning Tree Protocol to
prevent network loops. Select Enable to enable the Spanning Tree Daemon or Disable
to disable the Spanning Tree Daemon from drop down menu.
Static Routing
Static Routes provide additional routing information to your router. Under normal
circumstances, the router has adequate routing information after it has been configured
for Internet access, and you do not need to configure additional static routes. You must
configure static routes only for unusual cases such as when you have multiple routers or
use multiple IP subnets in your network.
43
To add or edit Static Routes:
1. Type the Destination IP Address of the final destination.
4. Type the IP Subnet Mask for this destination. If the destination is a single host,
type 255.255.255.255.
5. Type the Gateway IP Address, which must be a router on the same LAN
segment as the router.
6. Type a number between 1 and 15 as the Metric value. This represents the
number of routers between your network and the destination. Usually, a setting of
2 or 3 works, but if this is a direct connection, set it to 1.
After you have entered the values in this screen, you can set them up by clicking on the
Apply button. After you press the Apply button, the notification screen will appear. This
screen notifies you of any errors that were detected while changing the router's settings.
If all values were inserted correctly and you do not see any errors message (Validating
values...done and also Committing values...done), your configuration has been updated.
Reboot the system to enable the new configuration or continue without restarting the
device by pressing the Continue button.
44
4.5 WAN Tabs
Select the WAN settings from the main tabs. The following screen will appear:
Fig. 4.6 WAN settings window
45
In this screen you can change the WAN settings of your network.
You can select the Connection type. You can use the Default Connection type or you
can create the new connection by clicking on the New button. You are also able to
delete some type of connections by selecting the connection which you want to remove
by pressing the Delete button. You can also enter a short description of the connection
in the Description field. Then select the Interface type from the drop down menu and
choose the type of protocol that you want to use for WAN connection.
The Corinex Wireless to Powerline Router G supports four WAN connection types:
DHCP (Obtain IP address dynamically), Static, PPPoE, and PPTP. The setup will differ
according to the type of your Internet connection. You can select a Protocol type from
the drop down menu from DHCP, Static, PPPoE, PPTP, and Disabled. You can also
select the Primary connection type.
Follow the instructions for your connection type below.
DHCP
•
•
•
Select DHCP from the Protocol drop down menu.
If your ISP gave you the Host Name, enter it into the Host Name field.
Some ISPs require you to change your Routers MAC address into your previously
connected Ethernet card. Click on MAC Address field and change it.
•
Click on Apply button.
46
Static
•
•
•
Select Static from the Protocol drop down menu.
Enter the IP address, Subnet Mask and Gateway Address according to the
information provided to you through your ISP.
If your ISP provided you with specific DNS settings you need to change them by
clicking Click here to enter your DNS Settings.
Set the IP address of the WINS Servers to use for resolving NetBIOS names.
•
Click on Apply button.
•
PPPoE
•
•
•
•
•
•
•
•
Select PPPoE from the Protocol drop down menu.
Enter the PPPoE Username, PPPoE Password, and Service Name (Optional)
according to the information provided to you through your ISP.
Set the name of the PPPoE Service Name and PPPoE Access Concentrator, if
required by your ISP.
Determine whether the PPPoE link should be automatically disconnected if no
traffic has been observed for the period specified by PPPoE Max Idle Time or
not.
Set the number of seconds to wait before disconnecting the PPPoE link if PPPoE
Connect on Demand:is Enabled.
Set whether the PPPoE link should be automatically restored if it is lost. This
setting has no effect it PPPoE Connect on Demand is Enabled.
Sets the maximum number of bytes that the PPPoE interface will receive in single
Ethernet frame. The default value is 1492.
Change the MTU only if your ISP specifically requires a different setting than
1492. Then enter the required size in the MTU field.
47
•
Click on Apply button.
PPTP
•
•
•
•
•
•
•
•
Select PPTP type of connection from the Protocol drop down menu.
Enter the IP address to the PPTP Gateway Address, set the PPTP Username,
and PPTP Password for authentication.
Determine whether the PPTP link should be automatically disconnected if no
traffic has been observed for the period by PPTP Max Idle Time or not.
In the PPTP Max Idle Time input field, set the number of seconds to wait before
disconnection the PPTP link if PPTP Connect on Demand is Enabled.
In the PPTP Keep Alive drop down menu you can set whether the PPTP link
should be automatically restored if it is lost. This setting has no effect if PPTP
Connect on Demand is Enabled.
If the PPTP Connect on Demand is Enabled, you can set the number of
seconds to wait before disconnecting the PPTP link in the PPTP Redial Period
input field.
In the PPTP MRU input field, set the maximum number of bytes that the PPTP
interface will receive in a single Ethernet frame.
In the PPTP MTU input field, set the maximum number of bytes that the PPTP
interface will transmit in a single Ethernet frame.
48
•
Click on Apply button.
The Connection Status shows you the state of connection and the IP Address
Expired In shows you the IP address lease info.
Static Routing
Static Routes provide additional routing information to your router. Under normal
circumstances, the router has adequate routing information after it has been configured
for Internet access, and you do not need to configure additional static routes. You must
configure static routes only for unusual cases such as when having multiple routers or
using multiple IP subnets located in your network.
To add or edit Static Routes:
1. Type the Destination IP Address of the final destination.
2. Type the IP Subnet Mask for this destination. If the destination is a single host,
type 255.255.255.255.
3. Type the Gateway IP Address, which must be a router on the same LAN
segment as the router.
4. Type a number between 1 and 15 as the Metric value. This represents the
number of routers between your network and the destination. Usually, a setting of
2 or 3 works, but if this is a direct connection, set it to 1.
49
After you have entered the values in this screen, you can set them up by clicking on the
Apply button. After you press the Apply button, the following screen will appear. This
screen notifies you of any errors that were detected while changing the router's settings.
If all values were inserted correctly and you do not see any errors message (Validating
values...done and also Committing values...done) your configuration has been updated.
Reboot the system to enable the new configuration or continue without restarting the
device by pressing the Continue button.
4.6 Status Tabs
Select the Status settings from the main tabs. The following screen will appear:
Fig. 4.7 Status window
The System Up Time shows you the system up time since the Router last booted. The
Connection Log gives you information about log of recent connection attempts.
50
4.7 Filters Tabs
Select the Filters settings from the main tabs. The following screen will appear:
Fig. 4.8 Filters settings window
51
This page allows you to configure LAN filters for the router. The LAN machines affected
by the filters will not be able to communicate through the WAN but will be able to
communicate with each other and with the router itself.
In the LAN MAC Filter Mode field select whether client with the specified MAC address
are allowed or denied access to the router and the WAN. If you want to disable this
feature select Disable.
To filter LAN users or packets from the LAN machines with the specified MAC
addresses use the LAN MAC Filters option. The MAC address must be added in format
XX:XX:XX:XX:XX:XX.
In the LAN Client Filters part you can filter packets from IP address destined to certain
port ranges during the specified time. You can set the range of IP address in the LAN IP
Address Range field, then select the type of protocol (TCP or UDP) in the Protocol
field, and set the Destination Port Range. In the following fields set the time period for
which you want to configure the filtering. You can turn on the filtering by checking the
Enabled check box.
After you have entered the values in this screen, you can set them up by clicking on the
Apply button. After you press the Apply button, the notification screen will appear. This
screen notifies you of any errors that were detected while changing the router's settings.
If all values were inserted correctly and you do not see any error messages (Validating
values...done and also Committing values...done) your configuration has been updated.
Reboot the system to enable the new configuration or continue without restarting the
device by pressing the Continue button.
52
4.8 Routing Tabs
Select the Routing settings from the main tabs. The following screen will appear:
Fig. 4.9 Routing settings window
53
This chapter describes how to configure RIP (Routing Information Protocol).
One of the protocols used by a router to build and maintain a picture of the network is
the Routing Information Protocol (RIP). Using RIP, routers periodically update one
another and check for changes to add to the routing table. The Corinex Wireless to
Powerline Router G router supports both the older RIPv1 and the newer RIPv2
protocols. Among other improvements, RIPv2 supports subnet and multicast protocols.
RIP is not required for most home applications.
If you want to use the Dynamic Routing – RIP functionality, you must enable this
feature by selecting Enabled from the drop down menu. In that case you must define
the RIP Password and then choose the RIP Version.
This controls the format and the broadcasting method of the RIP packets that the router
sends. (It recognizes both formats when receiving.) By default, this is set for RIPv2.
• RIP-1 is universally supported. RIP-1 is probably adequate for most networks,
unless you have an unusual network setup.
• RIP-2 carries more information. RIP-2 uses subnet broadcasting.
Two RIP modes are offered in the RIP Mode field:
• Router with RIP on WAN interface
• Gateway with RIP on both WAN & LAN interfaces
Port Forwarding
Corinex Wireless to Powerline Router G creates a firewall between your internal network
and the Internet. A firewall keeps unwanted traffic from the Internet away from your LAN
computers. A ‘tunnel’ can be created through your firewall so that the computers on the
Internet can communicate to one of the computers on your LAN on a single port. This is
handy for running web servers, game servers, ftp servers, or even video conferencing.
This is called port forwarding. One of your computers could run a web server (port 80)
while another computer could run an FTP server (port 23) - both on the same IP
address.
Port Forwards allows you to specify configuration for forwarding packets from the ports
in the first range on the WAN side to the LAN connected devices with the specified IP
and address and port range. You can turn on the port forwarding by checking the
Enabled check box.
54
In this part or the Routing tab, you can configure the automatic forward connections.
The Application Specific Port Forwards allows you to configure the Outbound and
Inbound protocols and ports.
In the Outbound Protocol box, select the protocol (UDP or TCP) for the outbound ports
and enter the outbound port range in the Outbound Port Start and Outbound Port
End boxes. In the Outbound port box, type the number of the outbound port. The
outbound port should be specified as one number from 0 to 65535. To determine which
port the program uses, consult the documentation for the program. In the Inbound
Protocol box, select the protocol type (UDP or TCP) for the inbound ports. In the
Inbound port(s) box, type the inbound port. The inbound port can be a single port or
you can define up to two ranges of ports, which shall be defined in the Inbound Port
Start/End or To Port Start/End fields. The inbound port should be specified as one
number from 0 to 65535. You can turn on the filtering by checking the Enabled check
box.
DMZ
A DMZ (DeMilitarized Zone) Host is a host without firewall protection. It allows a
computer to be exposed to unrestricted 2-way communication for Internet games, video
conferencing, Internet telephony, and other special applications. This function is typically
used to allow a web server, FTP server, etc. to be accessible to users on the Internet.
You need to enter the local IP address in the DMZ IP Address field. This feature
forwards all other incoming WAN packets to the LAN connected device with the
specified IP address.
Note: A DMZ is far easier to set up than port forwarding but exposes your entire
computer to the Internet. Sometimes TCP/IP applications require very specialized IP
configurations that are difficult to set up or are not supported by your router. In this case,
placing your computer in the DMZ is the only way to get the application working. Placing
55
a computer in the DMZ should be considered ‘temporary’ because your firewall is no
longer able to provide any security to it.
Port forwarding can sometimes be difficult to configure, but provides a relatively safe
way of running a server from behind a firewall. Since only a single port (or small series
of ports) is exposed to the Internet, the computer is easier to secure. Additionally, port
forwarding allows you to run multiple kinds of servers from different computers on your
LAN.
After you have entered the values in this screen, you can set them up by clicking on the
Apply button. After you press the Apply button, the notification screen will appear. This
screen notifies you of any errors that were detected while changing the router's settings.
If all values were inserted correctly and you do not see any error messages (Validating
values...done and also Committing values...done) your configuration has been updated.
Reboot the system to enable the new configuration or continue without restarting the
device by pressing the Continue button.
56
4.9 Wireless Tabs
Select the Wireless settings from the main tabs. The following screen will appear:
Fig. 4.10 Wireless settings window
57
In this screen, you can view and change the settings of the wireless interface on your
Corinex Wireless to Powerline Router G.
The first drop-down list allows you to select the Wireless Interface you want to
configure. The default interface is names “corinex” followed by the MAC address of the
wireless part of the router.
Network SSID
SSID is the name or identification of your wireless network. Only users who have the
same SSID set in the wireless network card settings, can connect to your network. The
SSID can be up to 32 characters long and is case sensitive.
Network Type
An access point can broadcast its SSID to all wireless clients nearby, so they have a
chance to see the network and connect to it. However, this can lead to a security breach
in case your wireless communication is not encrypted. If you don’t want the access point
to periodically broadcast its SSID to others, please set this field to “Closed”. Otherwise
set it to “Open”.
AP Isolation
An access point can have multiple associated wireless clients. If you want to let the
clients communicate with each other through the access point, set this field to “Off”.
Otherwise, set it to “On”.
Country
The regulatory domains in certain countries don’t allow to use all 14 channels for
wireless communication. Please set this field according to your location for not violating
local regulations.
Radio
This setting allows you to enable or disable the wireless part of your router. When
disabled, the router acts like a standard Ethernet/Powerline router without any wireless
features.
Band
This setting allows you to set the frequency band used for wireless communication. For
the 802.11g standard the 2.4 GHz band is used.
58
Channel
There are multiple channels (frequency carriers) which can be used for wireless
communication. The channel availability may be limited according to regulations in your
country. You can set this field to “Auto” which forces the access point to choose the first
available channel for communication, or choose a channel manually to prevent any
interference with other wireless networks in range.
54gTM mode
The 54gTM mode is the maximum performance implementation of the 802.11g protocol,
allowing data rates up to 54 Mbps and preserving the standard compliance at the same
time. Set this to 54g Auto for the most compatibility with other wireless systems. In this
mode, both 802.11b and 802.11g clients can connect to the access point. If your
network consists only of 54gTM compliant clients, you can set 54g Performance for
maximum performance. This will exclude all 802.11b clients from connecting to the
access point. The third option – 54g LRS (Limited Rate Support) can be used in case
you experience any problems with connecting to the access point. The last option is
802.11b Only, which is used in situations where only 802.11b and no 802.11g devices
are present.
54g Protection
The 802.11 standard provides a method to enable coexistence of 802.11g and 802.11b
devices in the same network without interfering. This means the devices supporting
different standards will not communicate at the same time. However, this reduces the
network performance. If you have only 802.11g compliant or compatible devices in your
network, you can set this field to “Off” which will improve performance. Otherwise set it
to “Auto”.
Rate
Set the maximum transmit rate. The wireless device will be forced to communicate at the
selected rate.
Basic Rate Set
You can set the basic rates to allow connection of wireless clients supporting all these
data rates. You can choose from “Default” which means 1, 2, 5.5 or 11 Mbps in case of
802.11b mode or 6, 12 and 24 Mbps in 802.11g mode; “All” which enables all supported
data rates (1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48 and 54 Mbps) or “1 & 2 Mbps” to allow
compatibility with older 802.11 devices.
59
Multicast Rate
This Multicast Rate option forces the multicast/broadcast transmission rate for the
Corinex Wireless to Powerline Router G to a particular speed. You can choose the
appropriate Rate from the drop down list in the Multicast Rate field.
Fragmentation Threshold
This setting specifies the maximum size for a packet before it is fragmented into multiple
packets. The default setting is 2346 and should be lowered only if you encounter high
data losses. However, setting this value very low may cause lower performance.
RTS Threshold
This value specifies the maximum size of a packet, sending of which won’t inflict the
negotiation (RTS/CTS) between the sending and the receiving stations about the
transmission of the packet. If the size of the packet is larger than this threshold, the
sending station sends a RTS (Right to Send) packet to the receiving station, and after it
receives the CTS frame (Clear to Send), it will send the packet. This value is set to 2347
bytes by default.
DTIM Interval
This setting indicates the interval of the Delivery Traffic Indication Message. It is a
countdown, telling the clients when they should listen for broadcast and multicast
transmissions. Anytime the access points has broadcast or multicast data to transmit, it
will inform all associated clients about the transmission, so that they can “wake up” to
listen to the transmission. The default value is 3 milliseconds and can be set to the
values from 0 to 255 milliseconds.
60
Beacon Interval
This specifies the periodic interval at which the access point sends a beacon. The
default value is 100 milliseconds and can be between 0 and 65536 milliseconds.
Enable ExpressTM Technology
The ExpressTM technology introduces frame-bursting techniques for improving
performance of the wireless networks. This should always be enabled, as it improves
performance in any environment, including homogenous 802.11b or 802.11g network, or
combination of standards. Only if you experience problems, disable the ExpressTM.
Enable AfterBurner Technology
Afterburner technology is an enhancement for the 54g™ platform, Broadcom's
maximum performance implementation of the IEEE 802.11g standard. If you turn On the
AfterBurner Technology the Corinex Wireless to Powerline Router G provides up to 40
percent greater throughput than typical standard 802.11g without impacting the
performance of neighboring wireless LANs.
When you enable the AfterBurner Technology, it may happen that the following screen
will appear. Click on the OK button to continue.
WDS Operation Mode
The wireless part of the Corinex Wireless to Powerline Router G can work in two modes.
The Wireless Bridge mode allows WDS operation of the device. WDS (Wireless
Distribution System) allows you to extend your network by connecting multiple access
points (and their networks) together. None of the WDS enabled devices can act as an
access point, this means it cannot provide connectivity to wireless clients. Selecting
Wireless Bridge disables Access Point functionality. Only the Wireless Bridge
Functionality will be available.
61
Selecting Wireless Repeater enables the Access Point and Bridge functionality.
Wireless bridge functionality will be available and wireless stations will be able to
associate to the Corinex Wireless to Powerline Router G.
Bridge Restrict
If Disabled, any wireless bridge can connect to your access point. If you enable this
feature, only four wireless bridges listed by their MAC addresses in the ‘Remote Bridges’
table, can connect to your access point.
Remote Bridges
In case you enabled the ‘Bridge Restrict’ feature, in this table you can specify the four
wireless bridges that are granted to connect to your access point.
MAC Restrict Mode
This function specifies whether the wireless clients listed in the table below can or
cannot connect to the access point. By selecting the option “Allow”, only the specified
clients can connect to your access point. If you select the option “Deny”, all clients other
than the specified ones can connect. You can disable this filtering by selecting the
option “Disabled”.
MAC Addresses
This feature allows or denies wireless access to clients with the specified MAC
addresses. The MAC address format is XX:XX:XX:XX:XX:XX.
Authenticated Stations
In this part you can see the stations which authenticated to the Corinex Wireless to
Powerline Router G device.
After you have entered the values in this screen, you can set them up by clicking on the
Apply button. After you press the Apply button, the notification screen will appear. This
screen notifies you of any errors that were detected while changing the router's settings.
If all values were inserted correctly and you do not see any error messages (Validating
values...done and also Committing values...done) your configuration has been updated.
62
Reboot the system to enable the new configuration or continue without restarting the
device by pressing the Continue button.
4.10
Powerline Tabs
Select the Powerline settings from the main tabs. The following screen will appear:
<TREBA NOVY OBRAZOK – v 1.3.1beta2 pribudli nejake veci>
The Corinex Wireless to Powerline Router G is configured to work seamlessly with other
Corinex Powerline products right out of the box. All Powerline devices must use the
same Powerline password if they should communicate together over Powerline. If the
passwords are not the same, reconfigure the devices to ensure that all devices have the
same passwords.
Note: For Corinex Wireless to Powerline Router G, the default Network Encryption
Key is "HomePlug". The 56-bit DES encryption is always enabled for Powerline data
security as default.
This part of the tab enables you to configure the Powerline settings. You can Enable or
Disable the Powerline interface in the HomePlug Enabled field.
In the Device ID field you can see the DEK (Default Encryption Key) of the adapter. The
user can find the DEK number on the bottom side of each Powerline device.
In the Network Password field, you can enter the powerline password for your Router.
The password can be 4-24 characters long. The letters of the password are displayed as
asterisks. As soon as you change anything in the password, the checkbox below the
password field will indicate, that after clicking "Apply", the new password will be set.
63
In the Remote Powerline Device List you can see the information about the MAC
Address and Data Rate as measurement with the powerline protocol for all adapters
the Router can reach in the Powerline network.
Press the Apply button to put all changes in the Powerline settings window into effect.
After you press the Apply button, the notification screen will appear. This screen notifies
you of any errors that were detected while changing the router's settings. If all values
were inserted correctly and you do not see any error messages (Validating values...done
and also Committing values...done) your configuration has been updated. Reboot the
system to enable the new configuration or continue without restarting the device by
pressing the Continue button.
64
4.11
Security Tabs
Select the Security settings from the main tabs. The following screen will appear.
Fig. 4.11 Security settings window
65
In this screen, you can configure all security features of your Corinex Wireless to
Powerline Router G.
The router can act either as RADIUS Server or RADIUS Client, connecting to another
RADIUS server on the network. The embedded server allows client authorization using
the EAP-MD5 protocol. You can specify which authentication method will be used for the
both Ethernet and wireless part of your router. The following section of this manual will
show you how to connect to a secure network or secure your own wired and wireless
network.
External RADIUS server
In this section you can set the parameters of the authorization by an external RADIUS
server.
RADIUS Server IP Address
Here you can enter the IP address of the remote RADIUS server.
RADIUS Port
Specifies the UDP port where the RADIUS server listens for client requests. By default it
is set to 1812, but depends on the actual server.
RADIUS Key
Here you can enter the shared secret. The shared secret is a key by which the server
and the clients recognize each other and is used for secure transmission of user
passwords.
Internal Embedded RADIUS Server
In this section you can set the parameters for the internal RADIUS server.
Embedded RADIUS Server
You can either Disable or Enable the embedded RADIUS server. As you can see below
this field, the Embedded RADIUS IP address of the server is 10.0.0.2 by default, and
the server listens on the UDP Embedded RADIUS Port 1812.
RADIUS Key
66
Here you can enter the shared secret. The shared secret is a key by which the server
and the clients recognize each other and is used for secure transmission of user
passwords.
Embedded RADIUS Username & Embedded RADIUS Password
These two fields specify the authentication settings. Only clients, who provide this
information to the server, are granted to connect.
Wired Authentication
Wired 802.1x
Here you can either Disable or Enable authentication for users connecting through the
Ethernet and Powerline interfaces of the router.
Wired 802.1x RADIUS server
For users connecting through Ethernet or Powerline, you can select whether to pass the
authentication requests to an External RADIUS Server, or to the Embedded RADIUS
Server.
Wireless Authentication
In this section, you can set the security settings for users connecting through the
Wireless Interface. You can set which RADIUS server to use, network authentication
method and enter passwords for authentication.
Wireless Interface
Here you can select which wireless interface you want to manage. By default the name
of the interface is “corinex” followed by the MAC address of the wireless part of your
router.
Wireless 802.1x RADIUS server
You can select whether to use the External RADIUS Server, or the Embedded
RADIUS Server for authentication.
Network Authentication
The default is set to Open, which allows either Open System or Shared Key
authentication to be used. With Open System authentication, the sender and the
recipient do NOT use a WEP key for authentication. With Shared Key authentication,
the sender and recipient use a WEP key for authentication. Set the network
67
authentication method. 802.1X and WPA require that valid RADIUS parameters are set.
WPA-PSK requires a valid WPA Pre-Shared Key to be set.
WPA Encryption
WPA gives you three encryption methods, TKIP and AES or TKIP+AES, with dynamic
encryption keys. Select the type of algorithm, TKIP, AES or TKIP+AES, enter a WPA
Pre-Shared Key of 8-32 characters, and enter a Group Key Renewal period, which
instructs the Router how often it should change the encryption keys. Set the Network
Key Rotation Interval in seconds. Leave blank or set zero to disable the rotation.
WEP Encryption
WEP is a basic encryption method, not as secure as WPA. To use WEP, select a WEP
key and a level of WEP encryption and either generate a WEP key through the
Passphrase or enter the WEP key manually.
The WEP Encryption field enables or disables WEP data encryption. Selecting
Enabled enables WEP data encryption and requires that a valid network key is set and
selected unless 802.1X is enabled.
WEP Encryption Type
You can select between 64 bit and 128 bit WEP type of encryption.
WEP Passphrase
68
In this field enter the passphrase (up to 32 characters) and press the Generate keys
button to automatically fill the keys. After pressing the Generate keys button the
following alert window will appear.
Note: Please follow the instructions displayed in the alert window to successfully set up
WEP encryption on the wireless clients.
Network Key 1 – 4
WEP network keys enable you to create an encryption scheme for wireless LAN
transitions. Manually enter a set of values (do not leave the field blank). If you use 64-bit
WEP encryption, then each key must consist of exactly 5 ASCII or 10 hexadecimal
characters in length. If you use 128-bit WEP encryption, than each key must consist of
exactly 13 ASCII or 26 hexadecimal characters in length. Valid hexadecimal characters
are “0-9” and “A-F”. In the Current Network Key field you can select which network key
is used for encryption outbound data and/or authenticating client.
After you have entered the values in this screen, you can set them up by clicking on the
Apply button. After you press the Apply button, the notification screen will appear. This
screen notifies you of any errors that were detected while changing the router's settings.
If all values were inserted correctly and you do not see any error messages (Validating
values...done and also Committing values...done) your configuration has been updated.
69
Reboot the system to enable the new configuration or continue without restarting the
device by pressing the Continue button.
4.12
Firmware Tabs
Select the Firmware settings from the main tabs. The following screen will appear:
Fig. 4.12 Firmware settings window
Boot Loader Version info shows you the current version of the Boot Loader and the OS
Version give you and information about the current version of the Firmware (OS) which
has your Corinex Wireless to Powerline Router G.
Firmware upgrade feature enables you to change/upgrade the Firmware (Router’s
internal software) through by the file found on the Corinex Support Web page or sent to
you by the Corinex Technical Support. Click on the Choose button and select the
firmware file in the following dialogue.
Note: Be sure that you are entering the valid firmware file, because with entering the
wrong file you will most probably destroy the internal Router firmware and it will be
required to repair it in the factory. These repairs are not included in the warranty. Also be
sure that you don’t switch the computer or Router off in the time of the file transfer. It is
also strongly recommended to save your settings into the file, as most upgrades will
have the default factory settings.
70
Fig. 4.13 Choose file
After selecting the firmware file, click the Open button and then (in the display screen)
Upgrade button.
Note: After successful firmware upgrade we recommend you to reset the Corinex
Wireless to Powerline Router G to factory default settings.
71
5. Powerline Setup through the Ethernet Interface using Corinex
Setup Tool
If you want to change the password on the powerline interface without using web-based
utility, you can change it using the Corinex Setup Tool. The computer running Corinex
Setup Tool must be connected directly or through the hub to one of the Ethernet LAN
ports of the Router (Figure 5.1). Because the LAN side of the Router is a switch,
Powerline management messages come through to the Powerline port of the Router.
Fig.5.1 Configuration of the Powerline port through the Ethernet
Then by using the Corinex Setup Tool, you can discover the Powerline port of the
Router, as it will appear in the first window of the Tool. Make sure, you are configuring
the Powerline port of the Router, not any other adapter that Corinex Setup Tool may find
in the network.
5.1 Installing the Setup Tool
1. Insert the installation CD. The CD should automatically start the installation
process. If the installation program does not start automatically, start the
application by selecting My Computer, usually found on the desktop or laptop
start up screen. Navigate to the CD drive and double click on the drive. The
Installation CD menu (Fig.5.2) will appear. Click on Install Setup Tool.
Fig.5.2 Installation CD menu
72
Note: By clicking on Read Documentation you can read the manuals and additional
documents included on the Installation CD.
2. The following welcome screen will be displayed. Click Next to continue.
Fig.5.3 Setup Tool
3. The next screen will ask where the Setup Tool should be installed. Click Next to
continue.
Fig.5.4 Select Destination Directory
73
4. This screen will ask where Setup should place the program’s shortcuts. Select the
Start Menu Folder or simply click Next.
Fig.5.5 Select Start Menu Folder
5. The following screen will appear to inform you that Setup is ready to begin
installing the Setup Tool on your computer. Click Install.
Fig.5.6 Ready to Install
74
After the installation is finished, the Setup Tool will start automatically. Refer to chapter
5.3 for further instructions.
5.2 Testing the Setup
To verify that the connection is working correctly, use the standard Ping utility. In
Windows, click on menu Start -> Run, then write the command ping IPADDRESS -t,
where IPADDRESS is the IP address of the computer to which the Router is connected
to, e.g. ping 192.168.4.1 -t (This command will be stopped by pressing keys CTRL+C).
•
•
•
•
Ping the IP address of the computer to which the Router is connected. If this fails,
there is a problem with the Ethernet network card or with the TCP/IP protocol.
Repeat the same process with the other computers on the Powerline network.
If all nodes can ping themselves, try pinging another Powerline device on the
network. If this fails, there is a problem with connections on the Powerline. Try to
check the connection to the AC outlet or use a different AC outlet.
If the setup does not work, refer to the troubleshooting guide, but first, try
unplugging the Powerline device and reboot the computer as this sometimes fixes
the problem.
5.3 Running the Setup Tool
The setup so far allows transmission of data encrypted with a universal key. To set your
private and personal encryption keys for the network, run the Corinex Setup Tool
provided on the CD. This prevents anyone from intercepting your transmitted data.
The Setup Tool allows the user to setup a private and secure powerline network. Follow
the steps of this guide on the screen and your secure network will be set up correctly.
1. Make sure that your Corinex Wireless to Powerline Router G is connected to the
computer and start the Setup Tool from the Start menu by selecting the software
folder and select Corinex Setup Tool. The following screen will appear.
75
Fig.5.6 Select Local Powerline Adapter
2. Detecting the device takes a few seconds. If there are more locally connected
powerline devices, select the device you want to configure from the list. Click
Next.
3. Now the following screen should be displayed. This is the screen where your
network password is selected. Choose a password between 4 and 24 characters,
the password is case sensitive so remember exactly how it was typed as it will be
needed for the next device being set up. Type your password in the Network
Encryption Key box and click Next. If you don’t want to use encryption, uncheck
the box Encrypt frames.
Fig.5.7 Choose Network Encryption Key
76
4. Click Next again to program the Corinex Wireless to Powerline Router G with the
new encryption key. This will take a few seconds. The next screen will look similar
to the following screen. The white box will list the MAC addresses of all other
installed powerline devices on the network that are programmed with your chosen
network password. If no other devices have been programmed, the list will be
empty. If you use also other than Corinex HomePlug certified devices in the
network, these devices may be set at the default status. This default setting
makes sure that HomePlug devices find each other in a network and connect and
communicate automatically with each other. In order to generate your private and
secure network, all HomePlug certified devices in the network must be set to the
same network encryption key, either to the default key "HomePlug" or your own
selection.
Fig.5.7 Configured devices
The adapter with the MAC address 00:50:C2:02:12:95 acts as local device in the
network and identifies the devices shown under Device Address in the window as
belonging to the network. The function and performance of the devices between the
local device / adapter 00:50:C2:02:12:95 and the devices identified in the network is
displayed in the window under Connection Quality.
5. All devices in your network must be programmed with the same network
encryption key. Run this utility on all computers with a Powerline networking
device attached. If you have a Powerline device that is not normally connected to
a computer, it must first be connected to a computer and set up with a network
encryption key.
77
6. Setup of Router SNMP Powerline Agent on the OPM Management
Station
Corinex Open Powerline Management (OPM) is a powerful and versatile network
management software tool that allows the operators to configure, monitor and test all
Powerline devices across their entire network. Corinex Open Powerline Management is
based on SNMP (Simple Network Management Protocol) - a standard protocol for
enhanced management and testing of communication devices. The management is
independent from any hardware configuration and as a no-worry system, designed for
future network expansion with support for HomePlug standard certified Powerline
devices. The Corinex Open Powerline Management software answers a wide - ranging
need of service providers, when they expand their services based upon the new
Powerline devices in the network.
Corinex Open Powerline Management offers easy to use and intuitive step-by-step
navigation for an authorized user or network administrator and gives users easier
implementation by installing Powerline Agents within a Powerline network.
We suppose you have the OPM already installed, we refer you to the OPM User and
Installation Guide.
To add a Router’s agent into the OPM running on the management station PC, you need
to start the OPM wizard by clicking the Add button in the OPM main window (Fig. 6.1) to
start the Add wizard.
Fig.6.1 Corinex Open Management main window
78
Adding a Local Network
After clicking on the Add button in the main window (Fig. 6.1), the wizard will appear and
the administrator has to choose the option Add Local Network as shown in Fig 6.2
Fig. 6.2 Add Wizard - Option Add Local Network
After the Next button click, choose a name for the Local Network (text field Name, for
example "floor1" as shown in Fig. 6.3), than click the Finish button.
Fig. 6.3 Adding a Local Network - choosing a name for a Local Network
After clicking on the Finish button, a Local Network named "floor 1" will be created and
you will be asked if you want to add a Powerline network.
79
Adding a Powerline Network
Use the same wizard (Add button in the main window, fig 1) to define a new Powerline
network. In the wizard window, click on the option Add Powerline Network (Fig 6.4).
Fig. 6.4 Adding Powerline Network - Option Add Powerline Network
Then choose a name for the Powerline Network (text field Name, for example "powerline
1" as shown in Fig. 6.5). The Local network list allows you to choose a Local Network
(necessary, if there is more than one). A Completing dialogue will be displayed by the
Next button click.
Fig. 6.5 Adding Powerline Network - choosing a name for a Powerline Network
After clicking on the Finish button in completing dialogue, you will be able to add a
Powerline device. Also you can choose a Local and Powerline network (i.e. "floor 1" and
"Powerline 1" as in Fig. 6.6).
80
Adding a Powerline Device
To manage a Powerline Network, the network must contain a minimum of one Powerline
device, a computer running OPM software and one networking Agent (running on a
router or Computer). To add another powerline device, start the wizard by clicking the
Add button in the main window (Fig. 6.1). Then choose the Powerline Device option
(Fig. 6.6). Then choose Local and Powerline network where you want to assign device
(i.e. "floor 1" and "Powerline 1" as in Fig. 6.6).
Fig. 6.6 Adding a Powerline Device
By clicking on the Next button you will be asked to fill more information into the Add
Powerline device window. If you need to add a Powerline device that is not connected to
the Powerline now, you need to click on the Enter MAC address manually check box
and fill MAC address field with valid MAC address (e.g. "00:0B:C2:12:13:14"). This
action will give the possibility to remember the Powerline devices for future reference
and use in an associated network structure.
Fig. 6.7 Adding a Powerline Device - choosing Local and Powerline networks
81
In the following window you have to fill Powerline agent's settings (Fig. 6.8). Default
Powerline Agent configuration values will appear, assuming the Agent is running on a
local PC. If the Powerline Agent is not running on a local PC, which can be a host to a
Powerline Agent (in this case the Corinex Wireless to Powerline Router G), the name or
IP address of that device should be written to the text field Address. The default IP
address of the Corinex Wireless to Powerline Router G is 10.0.0.2. The insertions for the
fields: Port, Read and Write community must be in accordance with the naming of the
Powerline Agent's settings and after inserting these names and number settings, you
must click on the Finish button to continue.
Fig. 6.8 Adding Powerline Device - Powerline Agent settings
If the Agent's settings are correct, the Choose Powerline adapter dialog may appear if
agent can access more than one powerline network. If this happened, choose the
desired device from the accessible devices list and click on the OK button (Fig. 6.9)
Fig. 6.9 Adding Powerline Device - Select device from list
After clicking on wizard's Finish button (Fig. 6.8) or OK button in Choose Powerline
device window (Fig. 6.9), the main window Tree view will contain new device (Fig. 6.10)
as recognized by the network. In a few seconds (max. 25) the next devices, which are
part of the same Powerline network, will appear.
82
Fig. 6.10 Adding Powerline Device – finished
This procedure has to be repeated until all devices in the network are registered, before
the network can be managed effectively.
7. Setup of Router SNMP Powerline Agent on the OMH Software
Corinex Open Management for Hotels is a powerful and versatile network management
software tool that allows the operators to configure, monitor and test all Powerline or
CableLAN devices across their entire network. Corinex Open Management for Hotels is
based on SNMP (Simple Network Management Protocol) - a standard protocol for
enhanced management and testing of communication devices. The management is
independent from any hardware configuration and as a no-worry system, designed for
future network expansion with support for HomePlug standard certified Powerline
devices. The Corinex Open Management for Hotels software answers a wide - ranging
need of service providers, when they expand their services based upon new Powerline
or CableLAN devices in the network.
We suppose you have the OMH software already installed, we refer you to the OMH
User and Installation Guide.
83
To add a Router’s agent into the OMH software running on the management station PC,
you need to configure the SNMP Node.
Configuration of the SNMP Node
Fig.7.1 Corinex Open Management for Hotels main window
When the user wants to add the new SNMP node, the Plug-ins->SNMP Node->Add
option must be selected from the Main menu. The following window will appear as it is
shown on Fig. 7.2.
Fig. 7.2 Add SNMP Node Window
84
After choosing desired plug-in and clicking Ok button the following window will appear
as shown on Fig. 7.3.
Fig. 7.3 SNMP Agent Settings Window
In “Agent” section you need to specify the IP address or name of the SNMP agent.
Default SNMP Node configuration values will appear, assuming the Agent is running on
a local PC or in Corinex device. If the user wants to use the SNMP Agent which is
running on a Corinex Wireless to Powerline Router G device, the name or IP address of
this device must be written in to the text field Agent Address. The default IP address of
the Corinex Wireless to Powerline Router G is 10.0.0.2. The insertions for the fields:
Port, Read and Write community must be in accordance with the naming of the Agent’s
settings In “Connection” section you need to specify the Timeout and the number of
Retries for the SNMP communication. In “Node” section you need to specify a unique
name for the new SNMP node. Then, after inserting these names and number settings,
you must click on the Add button after clicking on this button, the new SNMP node will
be added as selected plug-in.
85
Fig. 7.4 Adding SNMP Node – finished
The main window Tree view will contain new device (Fig.7.4) as recognized by the
network. This procedure has to be repeated until all devices in the network are
registered, before the network can be managed effectively.
Appendix A: Troubleshooting
A.1 Troubleshooting Guide
This section provides possible solutions to problems regarding the installation and
operation of the Corinex Wireless to Powerline Router G. Read the description below to
solve your problems. If you can not find an answer here, check the Corinex website at
www.corinex.com
Computer networking can sometimes be "tricky" when many components must work
together to function properly for the ultimate network system. The problems are usually
easy to fix with the right tools. The following tools, available on your computer or the
Corinex CD, will get you started.
• Setup Tool (from the Corinex Wireless to Powerline Router G Installation CD)
86
• Ping (from the command prompt)
• ipconfig (WinNT/2000/XP), winipcfg (Win9x/Me) (from the command prompt) – for PC
If it just doesn’t work...
1. Check that the Power LED on the Corinex Wireless to Powerline Router G if it is on, if
not:
• Check the AC cord.
• Make sure the AC outlet is working by plugging something else into it. If this
works, try another outlet. If this fails as well, try 2. – 4.
2. Check the Ethernet cables:
The Corinex Wireless to Powerline Router G has a LEDs on the LAN part of the
Ethernet side labeled LINK/ACT. If it is not on:
• Check if the device at the other end of the Ethernet cable is switched on.
• Try a different Ethernet cable.
3. Check that the devices exist on the network:
Start the Setup Tool, click Next and see if all devices on your network are found. If all
devices are listed, skip this section. If a device is missing:
• Make sure all computers have active current network slot.
• Make sure the Corinex Powerline Adapters are plugged straight into the power
socket.
• Unplug all Corinex Powerline Adapters and plug them back in again, one by one.
Run the Setup Tool again.
• The devices may be programmed with different passwords. Setup all devices with
a new password as described in the previous chapter.
4. Check that TCP/IP detects the Corinex Wireless to Powerline Router G:
From the command prompt, run ping and type the computer name or IP address of the
computer you are working on [ping your computer name]. This should return 4 good
packets. Now try to ping another computer on the network. If a timeout occurs:
• Go into the TCP/IP properties and check that the buttons for automatically
obtaining IP addresses and gateway are checked. If not, make sure that both
computers are on the same subnet.
• Run ipconfig /all from the command prompt on all computers to verify that all
computers have valid IP addresses on the same subnet.
• The IP tables may be corrupted, reboot all computers and try again. If these tests
work, you have basic connectivity and can use all network services. If this does
not work, you may have a faulty device. Please contact your reseller or local
distributor.
I have got all that, it still doesn’t work...
87
• Make sure that your TCP/IP settings are set to automatically obtaining IP address and
gateway address. If the DHCP server is not running on the network, than set the TCP/IP
configuration manually as described in the chapter 3.2.
• Switch off all computers and unplug the Powerline devices, now plug your Powerline
Adapter back into power socket before switching on your computer. This will ensure that
the computer’s IP address will be obtained from the Router.
• Now open the web browsers, if the „Not Found“ page appears, try to check your LAN
settings in the Internet Options of your web browser.
It works but it is slow...
A slow connection is almost always due to poor electrical connection.
• Make sure the device is plugged straight into the socket and not into a power splitter
or extension cord.
• Try another outlet
Wireless part…
The Link LED for Wireless status does not light up on the Access Point.
• When the Wireless port detects a WLAN connection, the Link LED will blinking. Check
the Wireless adapter on your computer to see if connection and adapter work properly.
Check the Wireless configuration of the Wireless adapter on your computer.
See Chapter: Using the Wireless Connection.
I am getting interference between my other 2.4GHz wireless devices and my
wireless network.
You can take several steps:
• Change the channel of the other 2.4GHz Wireless devices or the Access Point so that
they can use different channels.
• Move wireless devices farther away from the Access Point space.
I can not connect to other computers through the Wireless on my Powerline
network or to the Internet.
• Make sure the IP address and TCP/IP protocol are set up correctly for all Wireless or
Powerline networked computers. For more information on IP addresses, see Appendix
C: IP Addressing.
• Make sure all devices are configured by using the Corinex Setup Tool. The network
password must be the same for all devices in order to communicate with each other.
See Chapter: Powerline Setup using Corinex Setup Tool.
Check that the devices exist on the powerline network.
Start the Setup Tool Program, click Next and see if all devices are found on your
network. If all devices are listed, skip this section. If a device is missing:
• Make sure all computers have only one active network slot.
• Make sure the Corinex Powerline Adapters are plugged straight into the Powerline
network through power cable.
88
• Unplug all Corinex Powerline Adapters and plug them back in again, one by one. Then
run the Setup Tool Program again.
• The devices might be programmed with different passwords. Set up all devices with a
new password as described in the section Powerline Setup through the Ethernet
Interface using Corinex Setup Tool.
If you still have the trouble, you might contact the Corinex “help desk” by sending an email to support@corinex.com. Make sure to inform as about the following items:
- describing your problem
- reporting the device types and manufacturing numbers of your network adapters
- giving us a phone number under which you may be reached, inclusive a convenient
time to call
A.2 Frequently Asked Questions
What is the maximum number of IP addresses that the Router will support?
The Router will support up to 253 IP addresses.
Where is the Router installed on the network?
In a typical environment, the Router is installed between the cable/DSL modem and the
LAN. Plug the Router into the cable/DSL modem’s Ethernet port.
Does the Router support IPX or AppleTalk?
No. TCP/IP is the only protocol standard for the Internet and has become the global
standard for communications.
IPX, a NetWare communications protocol used only to route messages from one node to
another, and AppleTalk, a communications protocol used on Apple and Macintosh
networks, can be used for LAN to LAN connections, but those protocols cannot connect
from the Internet to a LAN.
Does the Internet connection of the Router support 100Mbps Ethernet?
The Router’s current hardware design supports up to 100Mbps Ethernet on WAN port
however, the Internet connection speed will vary depending on the speed of your
broadband connection. The Router also supports 100Mbps over the auto-sensing Fast
Ethernet 10/100 switch on the LAN side of the Router.
What is Network Address Translation and what is it used for?
Network Address Translation (NAT) translates multiple IP addresses on the private LAN
to one public address that is sent out to the Internet. This adds a level of security since
the address of a PC connected to the private LAN is never transmitted on the Internet.
Furthermore, NAT allows the Router to be used with low cost Internet accounts, such as
DSL or cable modems, when only one TCP/IP address is provided by the ISP. The user
may have many private addresses behind this single address provided by the ISP.
Can multiple gamers on the LAN get on one game server and play simultaneously
with just one public IP address?
It depends on which network game or what kind of game server you are using. For
example, Unreal Tournament supports multi-login with one public IP.
How can I block corrupted FTP downloads?
89
If you are experiencing corrupted files when you download a file with your FTP client, try
using another FTP program.
If all else fails in the installation, what can I do?
Reset the Router by holding down the reset button until the Power LED fully turns on
and off (Press the button no longer than 5 sec). Reset your cable or DSL modem by
powering the unit off and then on. Obtain and flash the latest firmware release that is
readily available on the Corinex website, www.corinex.com.
How will I be notified of new Router firmware upgrades?
All Corinex firmware upgrades are posted on the Corinex website at www.corinex.com,
where they can be downloaded for free. To upgrade the Router’s firmware, use the
Firmware tab of the Router’s web-based utility. If the Router’s Internet connection is
working well, there is no need to download a newer firmware version, unless that version
contains new features that you would like to use. Downloading a more current version of
Router firmware will not enhance the quality or speed of your Internet connection, and
may disrupt your current connection stability.
Will the Router function in a Macintosh environment?
Yes, but the Router’s setup pages are accessible only through Internet Explorer 4.0 or
Netscape Navigator 4.0 or higher for Macintosh.
I am not able to get the web configuration screen for the Router. What can I do?
You may have to remove the proxy settings on your Internet browser, e.g., Netscape
Navigator or Internet Explorer. Or remove the dial-up settings on your browser. Check
with your browser documentation, and make sure that your browser is set to connect
directly and that any dial-up is disabled. For Internet Explorer, click Tools, Internet
Options, and then the Connection tab. Make sure that Internet Explorer is set to Never
dial a connection. For Netscape Navigator, click Edit, Preferences, Advanced, and
Proxy. Make sure that Netscape Navigator is set to Direct connection to the Internet.
Is the Router cross-platform compatible?
Any platform that supports Ethernet and TCP/IP is compatible with the Router.
Does the Router pass PPTP packets or actively route PPTP sessions?
The Router allows PPTP packets to pass through.
What are the advanced features of the Router?
The Router’s advanced features include Advanced Wireless settings, Filters, Port
Forwarding, Routing and DDNS
Can the Router act as my DHCP server?
Yes. The Router has DHCP server software built-in.
Can I run an application from a remote computer over the wireless network?
This will depend on whether or not the application is designed to be used over a
network. Consult the application’s documentation to determine if it supports operation
over a network.
What is the IEEE 802.11g standard?
It is one of the IEEE standards for wireless networks. The 802.11g standard allows
wireless networking hardware from different manufacturers to communicate, provided
that the hardware complies with the 802.11g standard. The 802.11g standard states a
maximum data transfer rate of 54Mbps and an operating frequency of 2.4GHz.
What IEEE 802.11b features are supported?
The product supports the following IEEE 802.11b functions:
• CSMA/CA plus Acknowledge protocol
90
• Multi-Channel Roaming
• Automatic Rate Selection
• RTS/CTS feature
• Fragmentation
• Power Management
What is ad-hoc mode?
When a wireless network is set to ad-hoc mode, the wireless-equipped computers are
configured to communicate directly with each other. The ad-hoc wireless network will not
communicate with any wired network.
What is infrastructure mode?
When a wireless network is set to infrastructure mode, the wireless network is
configured to communicate with a wired network through a wireless access point.
What is ISM band?
The FCC and their counterparts outside of the U.S. have set aside bandwidth for
unlicensed use in the ISM (Industrial, Scientific and Medical) band. Spectrum in the
vicinity of 2.4 GHz, in particular, is being made available worldwide. This presents a truly
revolutionary opportunity to place convenient high-speed wireless capabilities in the
hands of users around the globe.
What is Spread Spectrum?
Spread Spectrum technology is a wideband radio frequency technique developed by the
military for use in reliable, secure, mission-critical communications systems. It is
designed to trade off bandwidth efficiency for reliability, integrity, and security. In other
words, more bandwidth is consumed than in the case of narrowband transmission, but
the trade-off produces a signal that is, in effect, louder and thus easier to detect,
provided that the receiver knows the parameters of the spread-spectrum signal being
broadcast. If a receiver is not tuned to the right frequency, a spread-spectrum signal
looks like background noise. There are two main alternatives,
Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum
(FHSS).
What is DSSS?
Direct-Sequence Spread- Spectrum (DSSS) generates a redundant bit pattern for each
bit to be transmitted. This bit pattern is called a chip (or chipping code). The longer the
chip, the greater the probability that the original data can be recovered. Even if one or
more bits in the chip are damaged during transmission, statistical techniques embedded
in the radio can recover the original data without the need for retransmission. To an
unintended receiver, DSSS appears as low power wideband noise and is rejected
(ignored) by most narrowband receivers.
Would the information be intercepted while transmitting on air?
Instant wireless products feature two-fold protection in security. On the hardware side,
as with Direct Sequence Spread Spectrum technology, it generates security feature of
scrambling. On the software side, instant wireless products offer the encryption function
(WEP) to enhance security and access control. Users can set it up depending upon their
needs. Can instant wireless products support file and printer sharing? Instant wireless
products perform the same function as LAN products. Therefore, instant wireless
products can work with NetWare, Windows NT/2000, or other LAN operating systems to
support printer or file sharing.
What is WEP?
91
WEP is Wired Equivalent Privacy, a data privacy mechanism based on a 64-bit or 128bit shared key algorithm, as described in the IEEE 802.11 standard.
What is a MAC Address?
The Media Access Control (MAC) address is a unique number assigned by the
manufacturer to any Ethernet networking device, such as a network adapter, that allows
the network to identify it at the hardware level. For all practical purposes, this number is
usually permanent. Unlike IP addresses, which can change every time a computer logs
onto the network, the MAC address of a device stays the same, making it a valuable
identifier for the network.
How do I reset the Router to default?
Press and hold the Reset button on the back panel until all the LED has been lightened
(for about ten seconds). This will reset the Router to its default settings.
How do I resolve issues with signal loss?
There is no way to know the exact range of your wireless network without testing. Every
obstacle placed between the Router and a wireless PC will create signal loss. Lead
glass, metal, concrete floors, water and walls will inhibit the signal and reduce range.
Start with the Router and your wireless PC in the same room and move it away in small
increments to determine the maximum range in your environment. You may also try
using different channels, as this may eliminate interference affecting only one channel.
I have excellent signal strength, but I cannot see my network.
WEP is probably enabled on the Router, but not on your wireless adapter (or vice
versa). Verify that the same WEP keys and levels (64 or 128) are being used on all
nodes of your wireless network.
How many channels/frequencies are available with the Router?
There are fourteen available channels, ranging from 1 to 14. For 802.11g we support 11
channels for North America, 13 for Europe (ETSI) and 14 for Japan.
Do the Corinex powerline products cause interference with other home
networking or powerline products?
No. The Corinex powerline products can co-exist with phone line and wireless
networking technologies.
How do the Instant Powerline products handle node addressing in the network?
The Corinex Powerline products adhere to standard Ethernet addressing protocols using
the destination and source of MAC addressing.
How can your technology be beneficial in general?
General benefits are inexpensiveness, fastness and reliably manageable installation.
How can your technology be beneficial for me as Internet provider?
Our technology lowers the costs, and adds manageability.
How can your technology be beneficial for me as Internet user?
Lower the cost, reach points where there is no other alternative.
In which frequency band operates your Powerline technology?
Our Powerline technology operates in 4-21 MHz spectrum using OFDM modulation.
Can I manage Powerline devices remotely?
Yes, you can manage all of our devices remotely by using Open Powerline Management
software (OPM) or you can use the Corinex Open Management for Hotels.
If your questions are not addressed here, refer to the Corinex website, www.corinex.com
92
A.3 Corinex Authorized Powerline Partners Program
We also advise you to visit our Corinex Authorized Powerline Partners Program web
page (cappp.corinex.com), as you can find here valuable information about complex
applications and installations, along with the partners in your area that provide
installation services.
Appendix B: Wireless Security
A Brief Overview
Whenever data - in the form of files, emails, or messages - is transmitted over your
wireless network, it is open to attacks. Wireless networking is inherently risky because it
broadcasts information on radio waves. Just like signals from your cellular or cordless
phone can be intercepted, signals from your wireless network can also be compromised.
What are the risks inherent in wireless networking? Read on.
What Are The Risks?
Computer network hacking is nothing new. With the advent of wireless networking,
hackers use methods both old and new to do everything from stealing your bandwidth to
stealing your data. There are many ways this is done, some simple, some complex. As a
wireless user, you should be aware of the many ways they do this.
Every time a wireless transmission is broadcast, signals are sent out from your wireless
PC or access point, but not always directly to its destination. The receiving PC or access
point can hear the signal because it is within that radius. Just as with a cordless phone,
cellular phone, or any kind of radio device, anyone else within that radius, who has their
device set to the same channel or bandwidth can also receive those transmission.
Wireless networks are easy to find. Hackers know that, in order to join a wireless
network, your wireless PC will typically first listen for "beacon messages". These are
identifying packets transmitted from the wireless network to announce its presence to
wireless nodes looking to connect. These beacon frames are unencrypted and contain
much of the network's information, such as the network's SSID (Service Set Identifier)
and the IP address of the network PC or access point. The SSID is analogous to the
network's name. With this information broadcast to anyone within range, hackers are
often provided with just the information they need to access that network.
One result of this, seen in many large cities and business districts, is called
"Warchalking". This is the term used for hackers looking to access free bandwidth and
free Internet access through your wireless network. The marks they chalk into the city
streets are well documented in the Internet and communicate exactly where available
wireless bandwidth is located for the taking.
Even keeping your network settings, such as the SSID and the channel, secret won't
prevent a hacker from listening for those beacon messages and stealing that
93
information. This is why most experts in wireless networking strongly recommend the
use of WEP (Wired Equivalent Privacy). WEP encryption scrambles your wireless
signals so they can only be recognized within your wireless network.
But even WEP has its problems. WEP's encryption algorithm is referred to as "simple",
which also means "weak", because the technology that scrambles the wireless signal
isn't too hard to crack for a persistent hacker.
There are five common ways that hackers can break into your network and steal your
bandwidth as well as your data. The five attacks are popularly known as:
1. Passive Attacks
2. Jamming Attacks
3. Active Attacks
4. Dictionary-building or Table Attacks
5. Man-in-the-Middle Attacks
Passive Attacks
There's no way to detect a passive attack because the hacker is not breaking into your
network. He is simply listening (eavesdropping, if you will) to the information your
network broadcasts. There are applications easily available on the Internet that can
allow a person to listen into your wireless network and the information it broadcasts.
Information such as MAC addresses, IP addresses, usernames, passwords, instant
message conversations, emails, account information, and any data transmitted
wirelessly, can easily be seen by someone outside of your network because it is often
broadcast in clear text. Simply put, any information transmitted on a wireless network
leaves both the network and individual users vulnerable to attack. All a hacker needs is
a "packet sniffer", software available on the Internet, along with other freeware or
shareware hacking utilities available on the Internet, to acquire your WEP keys and
other network information to defeat security.
Jamming Attacks
Jamming Attacks, when a powerful signal is sent directly into your wireless network, can
effectively shut down your wireless network. This type of attack is not always intentional
and can often come about simply due to the technology. This is especially possible in
the 2.4 GHz frequency, where phones, baby monitors, and microwave ovens can create
a great deal of interference and jam transmissions on your wireless network. One way to
resolve this is by moving your wireless devices into the 5 GHz frequency, which is
dedicated solely to information transmissions.
Active Attacks
Hackers use Active Attacks for three purposes: 1) stealing data, 2) using your network,
and 3) modifying your network so it's easier to hack in the next time.
In an Active Attack, the hacker has gained access to all of your network settings (SSID,
WEP keys, etc.) and is in your network. Once in your wireless network, the hacker has
access to all open resources and transmitted data on the network. In addition, if the
94
wireless network's access point is connected to a switch, the hacker will also have
access to data in the wired network.
Further, spammers can use your Internet connection and your ISP's mail server to send
tens of thousands of emails from your network without your knowledge.
Lastly, the hacker could make hacking into your network even easier by changing or
removing safeguards such as MAC address filters and WEP encryption. He can even
steal passwords and user names for the next time he wants to hack in.
Dictionary-Building or Table Attacks
Dictionary-building, or Table attacks, is a method of gaining network settings (SSID,
WEP keys, etc.) by analyzing about a day's worth of network traffic, mostly in the case of
business networks. Over time, the hacker can build up a table of network data and be
able to decrypt all of your wireless transmissions. This type of attack is more effective
with networks that transmit more data, such as businesses.
Man-in-the-Middle Attacks
A hacker doesn't need to log into your network as a user - he can appear as one of the
network's own access points, setting himself up as the man-in-the-middle. To do this,
the hacker simply needs to rig an access point with your network's settings and send out
a stronger signal that your access point. In this way, some of your network's PCs may
associate with this rogue access point, not knowing the difference, and may begin
sending data through it and to this hacker.
The trade-off for the convenience and flexibility wireless networking provides is the
possibility of being hacked into through one of the methods described here. With
wireless networks, even with WEP encryption, open to the persistent hacker, how can
you protect your data? The following section will tell you how to do just that.
B.1 Maximizing Wireless Security
Security experts will all tell you the same thing: Nothing is guaranteed. No technology is
secure by itself. An unfortunate axiom is that building the better mousetrap can often
create a better mouse. This is why, in the examples below, your implementation and
administration of network security measures is the key to maximizing wireless security.
No preventative measure will guarantee network security but it will make it more difficult
for someone to hack into your network. Often, hackers are looking for an easy target.
Making your network less attractive to hackers, by making it harder for them to get in,
will make them look elsewhere.
How do you do this? Before discussing WEP and WPA, let's look at a few security
measures often overlooked.
95
A. Common Sense Solutions
1) Network Content
Now that you know the risks assumed when networking wirelessly, you should view
wireless networks as you would the Internet. Don't host any systems or provide access
to data on a wireless network that you wouldn't put on the Internet.
2) Network Layout
When you first lay out your network, keep in mind where your wireless PCs are going to
be located and try to position your access point(s) towards the center of that network
radius. Remember that access points transmit indiscriminately in a radius; placing an
access point at the edge of the physical network area reduces network performance and
leaves an opening for any hacker smart enough to discover where the access point is
transmitting.
This is an invitation for a man-in-the-middle attack, as described in the previous section.
To perform this type of attack, the hacker has to be physically close to your network. So,
monitoring both your network and your property is important. Furthermore, if you are
suspicious of unauthorized network traffic, most wireless products come with a log
function, with which you can view activity on your network and verify if any unauthorized
users have had access.
3) Network Devices
With every wireless networking device you use, keep in mind that network settings
(SSID, WEP keys, etc.) are stored in its firmware. If they get into the hands of a hacker,
so do all of your settings. So keep an eye on them.
4) Administrator passwords
Your network administrator is the only person who can change network settings. If a
hacker gets a hold of the administrator's password, he, too, can change those settings.
So, make it harder for a hacker to get that information. Change the administrator's
password regularly.
5) SSID
There are a few things you can do to make your SSID more secure:
a. Disable Broadcast
b. Make it unique
c. Change it often
96
Most wireless networking devices will give you the option of broadcasting the SSID. This
is a option for convenience, allowing anyone to log into your wireless network. In this
case, however, anyone includes hackers. So don't broadcast the SSID.
A default SSID is set on your wireless devices by the factory. (The Corinex default SSID
is "corinex".) Hackers know these defaults and can check these against your network.
Change your SSID to something unique and not something related to your company or
the networking products you use.
Changing your SSID regularly will force any hacker attempting to gain access to your
wireless network to start looking for that new SSID.
With these three steps in mind, please remember that while SSIDs are good for
segmenting networks, they fall short with regards to security. Hackers can usually find
them quite easily.
6) MAC addresses
Enable MAC address filtering if your wireless products allow it. MAC address filtering will
allow you to provide access to only those wireless nodes with certain MAC addresses.
This makes it harder for a hacker using a random MAC address or spoofing (faking) a
MAC address.
7) Firewalls
Once a hacker has broken into your wireless network, if it is connected to your wired
network, they'll have access to that, too. This means that the hacker has effectively used
your wireless network as a backdoor through your firewall, which you've put in place to
protect your network from just this kind of attack via the Internet.
You can use the same firewall technology to protect your wired network from hackers
coming in through your wireless network as you did for the Internet. Rather than
connecting your access point to an unprotected switch, swap those out for a router with
a built-in firewall. The router will show the access point coming in through its WAN port
and its firewall will protect your network from any transmissions entering via your
wireless network. PCs unprotected by a firewall router should at least run firewall
software, and all PCs should run up-to-date antiviral software.
B. WEP
Wired Equivalent Privacy (WEP) is often looked upon as a panacea for wireless security
concerns. This is overstating WEP's ability. Again, this can only provide enough security
to make a hacker's job more difficult.
WEP encryption implementation was not put in place with the 802.11 standard. This
means that there are about as many methods of WEP encryption as there are providers
of wireless networking products. In addition, WEP is not completely secure. One piece of
97
information still not encrypted is the MAC address, which hackers can use to break into
a network by spoofing (or faking) the MAC address.
Programs exist on the Internet that are designed to defeat WEP. The best known of
these is AirSnort. In about a day, AirSnort can analyze enough of the wireless
transmissions to crack the WEP key. Just like a dictionary-building attack, the best
prevention for these types of programs is by not using static settings, periodically
changing WEP keys, SSID, etc.
There are several ways that WEP can be maximized:
a) Use the highest level of encryption possible
b) Use multiple WEP keys
c) Change your WEP key regularly
Current encryption technology offers 64-bit and 128-bit WEP encryption. If you are using
64-bit WEP, swap out your old wireless units for 128-bit encryption right away. Where
encryption is concerned, the bigger and more complex, the better. A WEP key is a string
of hexadecimal characters that your wireless network uses in two ways. First, nodes in
your wireless network are identified with a common WEP key. Second, these WEP keys
encrypt and decrypt data sent over your wireless network. So, a higher level of security
ensures that hackers will have a harder time breaking into your network.
Setting one, static WEP key on your wireless network leaves your network open the
threats even as you think it is protecting you. While it is true that using a WEP key
increases wireless security, you can increase it further by using multiple WEP keys.
Keep in mind that WEP keys are stored in the firmware of wireless cards and access
points and can be used to hack into the network if a card or access point falls into the
wrong hands. Also, should someone hack into your network, there would be nothing
preventing someone access to the entire network, using just one static key.
The solution, then, is to segment your network up into multiple groups. If your network
had 80 users and you used four WEP keys, a hacker would have access to only ¼ of
your wireless network resources. In this way, multiple keys reduce your liability.
Finally, be sure to change your WEP key regularly, once a week or once a day. Using a
"dynamic" WEP key, rather than one that is static, makes it even harder for a hacker to
break into your network and steal your resources.
WEP Encryption
WEP encryption for the Corinex Wireless to Powerline Router G is configured through
the Web-Utility's Security tab. Select WEP from the dropdown menu of Security Mode
(Fig. 9.1).
98
Fig. 9.1 WEP
Select WEP keys (1-4) will be used when the Router sends data. The user can also
select the number of Current Network Key. Make sure the receiving device is using the
same key.
The WEP Key can be generated using your passphrase or you can enter it manually.
If you wish to enter the WEP Key manually, type the key into the appropriate Key field
on the left. The WEP key must consist of the letters "A" through "F" and the numbers "0"
through "9" and should be 10 characters in length for 64-bit encryption or 26 characters
in length for 128-bit encryption. All points in your wireless network must use the same
WEP key to utilize WEP encryption.
C. WPA
Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi
security. Two modes are available: Pre-Shared Key and RADIUS. Pre-Shared Key gives
you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which
utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to
provide protection against hackers, and AES (Advanced Encryption System), which
utilizes a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication
Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic
TKIP, AES, or WEP.
WPA is accessed through the Web-Utility's Security Tab. Choose one of the following
Security Modes from the drop-down menu.
WPA Pre-Shared Key
If you do not have a RADIUS server, Select the type of algorithm, TKIP, AES or
TKIP+AES, enter a password in the Pre-Shared key field of 8-32 characters, and enter a
99
Group Key Renewal period time between 0 and 99,999 seconds, which instructs the
Router how often it should change the encryption keys.
WPA RADIUS
WPA used in coordination with a RADIUS server. (This should only be used when a
RADIUS server is connected to the Router.) First, select the type of WPA algorithm,
TKIP or AES. Enter the RADIUS server’s IP Address and port number, along with a key
shared between the Router and the server. Last, enter a Group Key Renewal period,
which instructs the Router how often it should change the encryption keys.
Fig. 9.2 WPA and Radius
100
Appendix C: Glossary
10BaseT - An Ethernet standard that uses twisted wire pairs. 100BaseTX - IEEE
physical layer specification for 100 Mbps over two pairs of Category 5 UTP or STP wire.
1000BASE-T - A 100 Mbps technology based on the Ethernet/CD network access
method. Provides half-duplex (CSMA/CD) and full-duplex 1000 Mbps Ethernet service
over Category 5 links as defined by ANSI/TIA/EIA-568-A. Topology rules for 1000BASET are the same as those used for 100BASE-T. Category 5 link lengths are limited to 100
meters by the ANSI/TIA/EIA-568-A cabling standard. Only one CSMA/CD repeater will
be allowed in a collision domain.
802.11b - An IEEE wireless networking standard that specifies a maximum data transfer
rate of 11Mbps and an
operating frequency of 2.4GHz.
802.11g - An IEEE wireless networking standard that specifies a maximum data transfer
rate of 54Mbps, an
operating frequency of 2.4GHz, and backward compatibility with 802.11b devices.
Access Point - Device that allows wireless-equipped computers and other devices to
communicate with a wired
network. Also used to expand the range of a wireless network.
Adapter - Printed circuit board that plugs into a PC to add to capabilities or connectivity
to a PC. In a networked environment, a network interface card (NIC) is the typical
adapter that allows the PC or server to connect to the intranet and/or Internet.
Asymmetrical Digital Subscriber Line (ASDL) - A new standard for transmitting at
speeds up to 7 Mbps over a single copper pair.
Auto-negotiate - To automatically determine the correct settings. The term is often used
with communications and networking. For example, Ethernet 10/100 cards, hubs, and
switches can determine the highest speed of the node they are connected to and adjust
their transmission rate accordingly.
Ad-hoc - A group of wireless devices communicating directly with each other (peer-topeer) without the use of
an access point.
Backbone – The part of a network that connects most of the systems and networks
together and handles the most data.
Bandwidth – 1. Measure of the information capacity of a transmission channel, in terms
of how much data the facility can transmit in a fixed amount of time; expressed in bits
per second (bps). 2. The difference between the highest and lowest frequencies of a
band that can be passed by a transmission medium without undue distortion, such as
the AM band 535 to 1705 kilohertz.
Baseband - Transmission scheme in which the entire bandwidth, or data-carrying
capacity, of a medium (such as a coaxial cable) is used to carry a single digital pulse, or
signal, between multiple users. Because digital signals are not modulated, only one kind
of data can be transmitted at a time. Contrast with broadband.
Baud (Bite at Unit Density) - A measure of the speed of transmission of data; number
of elements transmitted per second.
101
Beacon Interval - The frequency interval of the beacon, which is a packet broadcast by
a router to synchronize a wireless network.
Bit – A binary digit. The value—0 or 1—used in the binary numbering system. Also, the
smallest form of data.
Boot – To cause the computer to start executing instructions. Personal computers
contain built-in instructions in a ROM chip that are automatically executed on startup.
These instructions search for the operating system, load it, and pass control to it.
Bridge/Router- A device that can provide the functions of a bridge, router, or both
concurrently. Bridge/router can route one or more protocols, such as TCP/IP and/or
XNS, and bridge all other traffic.
Broadband - A data-transmission scheme in which multiple signals share the bandwidth
of a medium. This allows the transmission of voice, data, and video signals over a single
medium. Cable television uses broadband techniques to deliver dozens of channels over
one cable.
Broadcast Domain - Defines the set of all devices which will receive broadcast frames
originating from any device within the set. Broadcast domains are normally bounded by
routers.
Browser - A browser is an application program that provides a way to look at and
interact with all the information on the World Wide Web or PC. The word “browser”
seems to have originated prior to the Web as a generic term for user interfaces that let
you browse text files online.
Buffer - A storage area used for handling data in transit. Buffers are often used to
compensate for differences in processing speed between network devices.
Byte - The fundamental unit that a computer uses in its operation. It is a group of
adjacent binary digits, usually 8, often used to represent a single character.
Cable Modem - A device that connects a computer to the cable television network,
which in turn connects to the Internet. Once connected, cable modem users have a
continuous connection to the Internet. Cable modems feature asymmetric transfer rates:
around 36 Mbps downstream (from the Internet to the computer), and from 200 Kbps to
2 Mbps upstream (from the computer to the Internet).
Caching – 1. Speeds information processing by storing information from a transaction to
use for later transactions. 2. Storing or buffering data in a temporary location, so that the
information can be retrieved quickly by an application program.
Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) - A method of data
transfer that is used to prevent data loss in a network.
Carrier Sense Multiple Access/Collision Detection (CSMA/CD) -A channel access
mechanism wherein devices wishing to transmit first check the channel for a carrier. If
no carrier is sensed for some period of time, devices can transmit. If two devices
transmit simultaneously, a collision occurs and is detected by all colliding devices, which
subsequently delays their retransmissions for some random length of time. CSMA/CD
access is used by Ethernet /IEEE 802.3 and HomePlug.
CAT 3 - ANSI/EIA (American National Standards Institute/Electronic Industries
Association) Standard 568 is one of several standards that specify “categories” (the
singular is commonly referred to as “CAT”) of twisted pair cabling systems (wires,
junctions, and connectors) in terms of the data rates that they can sustain. CAT 3 cable
has a maximum throughput of 16 Mbps and is
usually utilized for 10BaseT networks.
102
CAT 5 - ANSI/EIA (American National Standards Institute/Electronic Industries
Association) Standard 568 is one of several standards that specify “categories” (the
singular is commonly referred to as “CAT”) of twisted pair cabling systems (wires,
junctions, and connectors) in terms of the data rates that they can sustain. CAT 5 cable
has a maximum throughput of 100 Mbps and is usually utilized for 100BaseTX networks.
CAT 5e - The additional cabling performance parameters of return loss and farend
crosstalk (FEXT) specified for 1000BASE-T and not specified for 10BASE-T and
100BASE-TX are related to differences in the signaling implementation. 10BASE-T and
100BASE-TX signaling is unidirectional—signals are transmitted in one direction on a
single wire pair. In contrast, Gigabit Ethernet is bi-directional—signals are transmitted
simultaneously in both directions on the same wire pair; that is, both the transmit and
receive pair occupy the same wire pair.
CPU (Central Processing Unit) - The computing part of the computer. Also called the
“processor,” it is made up of the control unit and ALU.
Daisy Chain - Connected in series, one after the other. Transmitted signals go to the
first device, then to the second, and so on.
Database - A database is a collection of data that is organized so that its contents can
easily be accessed, managed, and updated.
Data Packet - One frame in a packet-switched message. Most data communications is
based on dividing the transmitted message into packets. For example, an Ethernet
packet can be from 64 to 1518 bytes in length.
Default Gateway - The routing device used to forward all traffic that is not addressed to
a station within the local subnet.
Demodulation - Opposite of modulation; the process of retrieving data from a
modulated carrier wave.
DHCP (Dynamic Host Configuration Protocol) - A protocol that lets network
administrators centrally manage and automate the assignment of Internet Protocol (IP)
addresses in an organization's network. Using the Internet’s set of protocol (TCP/IP),
each machine that can connect to the Internet needs a unique IP address. When an
organization sets up its computer users with a connection to the Internet, an IP address
must be assigned to each machine. Without DHCP, the IP address must be entered
manually at each computer and, if computers move to another location in another part of
the network, a new IP address must be entered. DHCP lets a network administrator
supervise and distribute IP addresses from a central point and automatically sends a
new IP address when a computer is plugged into a different place in the network. DHCP
uses the concept of a “lease” or amount of time that a given IP address will be valid for a
computer. The lease time can vary depending on how long a user is likely to require the
Internet connection at a particular location. It’s especially useful in education and other
environments where users change frequently. Using very short leases, DHCP can
dynamically reconfigure networks in which there are more computers than there are
available IP addresses. DHCP supports static addresses for computers containing Web
servers that need a permanent IP address.
DMZ - (DeMilitarized Zone) allows one IP address (or computer) to be exposed to the
Internet. Some applications require multiple TCP/IP ports to be open. It is recommended
that you set your computer with a static IP address if you want to use DMZ Hosting.
DNS - Domain Name System (DNS). The distributed name/address mechanism used in
the Internet..
103
Domain - A subnetwork comprised of a group of clients and servers under the control of
one security database. Dividing LANs into domains improves performance and security.
Download - To receive a file transmitted over a network. In a communications session,
download means receive, and upload means transmit.
DSL - (Digital Subscriber Line) - An always-on broadband connection over traditional
phone lines.
Driver - A workstation or server software module that provides an interface between a
network interface card and the upper-layer protocol software running in the computer; it
is designed for a specific NIC, and is installed during the initial installation of a networkcompatible client or server operating system.
DSSS (Direct-Sequence Spread-Spectrum) - DSSS generates a redundant bit pattern
for each bit to be transmitted. This bit pattern is called a chip (or chipping code). The
longer the chip, the greater the probability that the original data can be recovered. Even
if one or more bits in the chip are damaged during transmission, statistical techniques
embedded in the radio can recover the original data without the need for retransmission.
To an unintended receiver, DSSS appears as low power wideband noise and is rejected
(ignored) by most narrowband receivers.
DTIM - (Delivery Traffic Indication Message) - A message included in data packets that
can increase wireless efficiency.
Dynamic IP Address - An IP address that is automatically assigned to a client station in
a TCP/IP network, typically by a DHCP server. Network devices that serve multiple
users, such as servers and printers, are usually assigned static IP addresses.
Dynamic Routing - The ability for a router to forward data via a different route based on
the current conditions of the communications circuits. For example, it can adjust for
overloaded traffic or failing lines and is much more flexible than static routing, which
uses a fixed forwarding path.
Encapsulation - The wrapping of data in a particular protocol header. For example,
Ethernet data is wrapped in a specific Ethernet header before network transit.
Encryption - Applying a specific algorithm to data in order to alter the data’s
appearance and prevent other devices from reading information. Decryption applies the
algorithm in reverse to restore the data to its original form.
Ethernet - A baseband LAN specification invented by Xerox Corporation and developed
jointly by Xerox, Intel, and Digital Equipment Corporation. Ethernet networks operate at
10 Mbps using CSMA/CD to run over coaxial cable. Ethernet is similar to a series of
standards produced by IEEE referred to as IEEE 802.3.
Fast Ethernet - A 100 Mbps technology based on the 10Base-T Ethernet CSMA/CD
network access method.
Firewall - A firewall is a set of related programs, located at a network gateway server,
which protects the resources of a network from users from other networks. (The term
also implies the security policy that is used with the programs.) An enterprise with an
intranet that allows its workers access to the wider Internet installs a firewall to prevent
outsiders from accessing its own private data resources and for controlling what outside
resources to which its own users have access. Basically, a firewall, working closely with
a router, examines each network packet to determine whether to forward it toward its
destination.
Firmware - Programming that is inserted into programmable read-only memory, thus
becoming a permanent part of a computing device.
104
Fragmentation - Breaking a packet into smaller units when transmitting over a network
medium that cannot support the original size of the packet.
FTP (File Transfer Protocol) – 1. An IP application protocol for transferring files
between network nodes. 2. An Internet protocol that allows a user on one host to
transfer files to and from another host over a network.
Full Duplex - The ability of a networking device to receive and transmit data
simultaneously.
Gateway - A system that interconnects networks.
Half Duplex - Data transmission that can occur in two directions over a single line, but
only one direction at a time.
Hardware - The physical aspect of computers, telecommunications, and other
information technology devices.
HTTP (HyperText Transport Protocol) - The communications protocol used to connect to
servers on the World Wide Web.
IEEE (The Institute of Electrical and Electronics Engineers) - An independent institute
that develops networking standards.
Infrastructure - Currently installed computing and networking equipment.
Infrastructure Mode - Configuration in which a wireless network is bridged to a wired
network via an access point.
IP (Internet Protocol) - A protocol used to send data over a network.
IP Address - The address used to identify a computer or device on a network.
IPCONFIG - A utility that provides for querying, defining and managing IP addresses
within a network. A commonly used utility, under Windows NT and 2000, for configuring
networks with static IP addresses.
IPSec (Internet Protocol Security) - A VPN protocol used to implement secure exchange
of packets at the IP layer.
IRQ (Interrupt ReQuest) - hardware interrupt on a PC. There are 16 IRQ lines used to
signal the CPU that a peripheral event has started or terminated. Except for PCI
devices, two devices cannot use the same line.
ISM band - Radio band used in wireless networking transmissions.
ISP - An ISP (Internet service provider) is a company that provides individuals and
companies access to the Internet and other related services such as website building
and virtual hosting.
LAN (Local Area Network) - The computers and networking products that make up the
network in your home or
office.
Latency - The time delay between when the first bit of a packet is received and the last
bit is forwarded.
MAC Address - The MAC (Media Access Control) address is a unique number
assigned by the manufacturer to any Ethernet networking device, such as a network
adapter, that allows the network to identify it at the hardware level.
Mbps (MegaBits Per Second) - One million bits per second; unit of measurement for
data transmission.
Multicasting - Sending data to a group of destinations at once.
NAT - NAT (Network Address Translation) is the translation of an Internet Protocol
address (IP address) used within one network to a different IP address known within
105
another network. One network is designated the inside network and the other is the
outside.
NetBEUI (NetBIOS Extended User Interface) - The transport layer for NetBIOS.
NetBIOS and NetBEUI were originally part of a single protocol suite that was later
separated. NetBIOS sessions can be transported over NetBEUI, TCP/IP, and SPX/IPX
protocols.
NetBIOS - The native networking protocol in DOS and Windows networks. Although
originally combined with its transport layer protocol (NetBEUI), NetBIOS today provides
a programming interface for applications at the session layer (layer 5). NetBIOS can ride
over NetBEUI, its native transport, which is not routable, or over TCP/IP and IPX/SPX,
which are routable protocols. NetBIOS computers are identified by a unique 15character name, and Windows machines (NetBIOS machines) periodically broadcast
their names over the network so that Network Neighborhood can catalog them. For
TCP/IP networks, NetBIOS names are turned into IP addresses via manual
configuration in an LMHOSTS file or a WINS server. There are two NetBIOS modes.
The Datagram mode is the fastest mode, but does not guarantee delivery. It uses a selfcontained packet with send and receive name, usually limited to 512 bytes. If the
recipient device is not listening for messages, the datagram is lost. The Session mode
establishes a connection until broken. It guarantees delivery of messages up to 64KB
long.
Network - A system that transmits any combination of voice, video, and/or data between
users.
Network Mask - also known as the “Subnet Mask.”
NIC (Network Interface Card) - A board installed in a computer system, usually a PC,
to provide network communication capabilities to and from that computer system. Also
called an adapter.
Node - A network junction or connection point, typically a computer or work station.
Notebook (PC) - A notebook computer is a battery-powered personal computer
generally smaller than a briefcase that can easily be transported and conveniently used
in temporary spaces such as on airplanes, in libraries, at temporary offices, and at
meetings. A notebook computer, sometimes called a laptop computer, typically weighs
less than five pounds and is three inches or less in thickness.
OFDM (Orthogonal Frequency Division Multiplexing) - A type of modulation technology
that separates the data stream into a number of lower-speed data streams, which are
then transmitted in parallel. Used in 802.11a, 802.11g, and powerline networking.
Packet - A unit of data sent over a network.
Packet Filtering - Discarding unwanted network traffic based on its originating address
or range of addresses or its type (e-mail, file transfer, etc.)
Passphrase - Used much like a password, a passphrase simplifies the WEP encryption
process by automatically generating the WEP encryption keys for Corinex products.
Ping (Packet INternet Groper) - An Internet utility used to determine whether a
particular IP address is online. It is used to test and debug a network by sending out a
packet and waiting for a response.
Plug-and-Play - The ability of a computer system to configure expansion boards and
other devices automatically without requiring the user to turn off the system during
installation.
106
Port - A pathway into and out of the computer or a network device such as a switch or
router. For example, the serial and parallel ports on a personal computer are external
sockets for plugging in communications lines, modems, and printers.
Port Mirroring - Port mirroring, also known as a roving analysis port, is a method of
monitoring network traffic that forwards a copy of each incoming and outgoing packet
from one port of a network switch to another port where the packet can be studied. A
network administrator uses port mirroring as a diagnostic tool or debugging feature,
especially when fending off an attack. It enables the administrator to keep close track of
switch performance and alter it if necessary. Port mirroring can be managed locally or
remotely.
PPPoE (Point to Point Protocol over Ethernet) - A method used mostly by DSL
providers for connecting personal computers to a broadband modem for Internet access.
It is similar to how a dial-up connection works but at higher speeds and quicker access.
PPTP (Point-to-Point Tunneling Protocol) - A protocol (set of communication rules)
that allows corporations to extend their own corporate network through private “tunnels”
over the public Internet. Effectively, a corporation uses a wide area network as a single
large local area network. A company no longer needs to lease its own lines for widearea communication but can securely use the public networks. This kind of
interconnection is known as a virtual private network (VPN).
Preamble - Part of the wireless signal that synchronizes network traffic.
Print Server - A hardware device that enables a printer to be located anywhere in the
network.
RIP (Routing Information Protocol) - A simple routing protocol that is part of the
TCP/IP protocol suite. It determines a route based on the smallest hop count between
source and destination. RIP is a distance vector protocol that routinely broadcasts
routing information to its neighboring routers and is known to waste bandwidth.
AppleTalk, DECnet, TCP/IP, NetWare, and VINES all use incompatible versions of RIP.
RJ-11 (Registered Jack-11) - A telephone connector that holds up to six wires. The RJ11 is the common connector used to plug a telephone into a wall.
RJ-45 (Registered Jack-45) - An Ethernet connector that holds up to eight wires.
Router - A networking device that connects multiple networks together, such as a local
network and the Internet.
Roaming - The ability to take a wireless device from one access point's range to
another without losing the connection.
RTS (Request To Send) - A packet sent when a computer has data to transmit. The
computer will wait for a CTS (Clear To Send) message before sending data.
Server - Any computer whose function in a network is to provide user access to files,
printing, communications, and other services.
SNMP (Simple Network Management Protocol) - A widely used network monitoring and
control protocol.
Software - Instructions for the computer. A series of instructions that performs a
particular task is called a “program.” The two major categories of software are “system
software” and “application software.” System software is made up of control programs
such as the operating system and database management system (DBMS). Application
software is any program that processes data for the user. A common misconception is
that software is data. It is not. Software tells the hardware how to process the data.
107
SOHO (Small Office/Home Office) - Market segment of professionals who work at
home or in small offices.
Spread Spectrum - Wideband radio frequency technique used for more reliable and
secure data transmission.
SSID (Service Set IDentifier) - Your wireless network's name.
Static IP Address - A fixed address assigned to a computer or device that is connected
to a network.
Static Routing - Forwarding data in a network via a fixed path. Static routing cannot
adjust to changing line conditions as can dynamic routing.
Storage - The semi-permanent or permanent holding place for digital data.
Subnet Mask - The method used for splitting IP networks into a series of subgroups, or
subnets. The mask is a binary pattern that is matched up with the IP address to turn part
of the host ID address field into a field for subnets.
Swapping - Replacing one segment of a program in memory with another and restoring
it back to the original when required.
Switch - 1. Device that is the central point of connection for computers and other
devices in a network, so data can be shared at full transmission speeds. 2. A device for
making, breaking, or changing the connections in an electrical circuit.
TCP (Transmission Control Protocol) - A method (protocol) used along with the
Internet Protocol (Internet Protocol) to send data in the form of message units between
computers over the Internet. While IP takes care of handling the actual delivery of the
data, TCP takes care of keeping track of the individual units of data (called packets) that
a message is divided into for efficient routing through the Internet.
TCP/IP - Transmission Control Protocol/Internet Protocol (TCP/IP) is the basic
communication language or protocol of the Internet. It can also be used as a
communications protocol in a private network (either an intranet or an extranet). When
you are set up with direct access to the Internet, your computer is provided with a copy
of the TCP/IP program just as every other computer that you may send messages to or
get information from also has a copy of TCP/IP.
Telnet - A user command and TCP/IP protocol used for accessing remote PCs.
TFTP (Trivial File Transfer Protocol) - A version of the TCP/IP FTP protocol that has
no directory or password capability.
Throughput - The amount of data moved successfully from one place to another in a
given time period.
Topology - A network’s topology is a logical characterization of how the devices on the
network are connected and the distances between them. The most common network
devices include hubs, switches, routers, and gateways. Most large networks contain
several levels of interconnection, the most important of which include edge connections,
backbone connections, and wide-area connections.
TX Rate – Transmission Rate.
UDP (User Datagram Protocol) - A communications method (protocol) that offers a
limited amount of service when messages are exchanged between computers in a
network that uses the Internet Protocol (IP). UDP is an alternative to the Transmission
Control Protocol (TCP) and, together with IP, is sometimes referred to as UDP/IP. Like
the Transmission Control Protocol, UDP uses the Internet Protocol to actually get a data
unit (called a datagram) from one computer to another. Unlike TCP, however, UDP does
not provide the service of dividing a message into packets (datagrams) and
108
reassembling it at the other end. Specifically, UDP doesn't provide sequencing of the
packets that the data arrives in. This means that the application program that uses UDP
must be able to make sure that the entire message has arrived and is in the right order.
Network applications that want to save processing time because they have very small
data units to exchange (and therefore very little message reassembling to do) may
prefer UDP to TCP.
Upgrade - To replace existing software or firmware with a newer version.
Upload - To send a file transmitted over a network. In a communications session,
upload means transmit, and download means receive.
URL (Uniform Resource Locator) - The address that defines the route to a file on the
Web or any other Internet facility. URLs are typed into the browser to access Web
pages, and URLs are embedded within the pages themselves to provide the hypertext
links to other pages.
UTP - Unshielded twisted pair is the most common kind of copper telephone wiring.
Twisted pair is the ordinary copper wire that connects home and many business
computers to the telephone company. To reduce crosstalk or electromagnetic induction
between pairs of wires, two insulated copper wires are twisted around each other. Each
signal on twisted pair requires both wires. Since some telephone sets or desktop
locations require multiple connections, twisted pair is sometimes installed in two or more
pairs, all within a single cable.
VLAN (Virtual LAN) - A logical association that allows users to communicate as if they
were physically connected to a single LAN, independent of the actual physical
configuration of the network.
Virtual Server - Multiple servers that appear as one server, or one system image, to the
operating system or for network administration.
VPN (Virtual Private Network) - A security measure to protect data as it leaves one
network and goes to another over the Internet.
WAN - A communications network that covers a wide geographic area, such as a state
or country.
WEP (Wired Equivalent Privacy) - A data privacy mechanism based on a 64-bit shared
key algorithm, as described in the IEEE 802.11 standard.
WINIPCFG - Configuration utility based on the Win32 API for querying, defining, and
managing IP addresses within a network. A commonly used utility for configuring
networks with static IP addresses.
WLAN (Wireless Local Area Network) - A group of computers and associated devices
that communicate with each other wirelessly.
Workgroup - Two or more individuals that share files and databases.
109
Appendix D: How to Ping your ISP’s E-mail and Web addresses
Virtually all Internet addresses are configured with words or characters (e.g.,
www.corinex.com, www.yahoo.com, etc.) However, recently these Internet addresses
are assigned to IP addresses, which are the true addresses on the Internet. For
example, www.corinex.com is recently 81.0.193.56 at the time of producing this manual.
If you type this address into your web browser, you will end up at the Corinex home
page every time.
Some servers translate the URL to an IP address, so called DNS (Domain Name
System) Servers. However, IP and web addresses can be long and hard to remember
sometimes. From this reason, certain ISPs will shorten their server addresses to single
words or codes on their users’ web browser or e-mail configurations. If your ISP’s email
and web server addresses are configured with single words (www, e-mail, home, pop3,
etc.) rather than entire Internet addresses or IP addresses, the Access Point may have
problems by sending or receiving mail and by accessing the Internet.
The solution is to determine the true web addresses behind your ISPs code words. You
can determine the IP and web addresses of your ISP’s servers by “pinging” them.
Important: If you don’t have your ISP’s web and e-mail IP addresses, you must either
get them from your ISP or follow these steps prior to connecting your Corinex Wireless
to Powerline Access Point to your network.
D.1 Step One: Pinging an IP Address
The first step to determining your ISP’s web and e-mail server address is to ping its IP
address.
1. Power on the computer and the cable or DSL modem, and restore the network
configuration set by your ISP if you have changed it.
2. Click Start, then Run, and type command. This will bring up the DOS window.
3. At DOS command prompt, type ping corinex.com (assuming that your desired
IP address location is configured as corinex.com) and press Enter. As an
example, the following data information on Figure 11.1., taken from a ping of
Microsoft Network e-mail server, will be displayed.
110
Fig. 11.1 Pinging
4. Write down the IP address returned by the ping command. (In the example
above: 81.0.193.56) This IP address is the actual IP address of the mail server, or
any other value you have pinged.
D.2 Step Two: Pinging for a Web Address
While the above-mentioned IP address could perform as your e-mail server address, it
might not be permanent. IP addresses change very much often. Web addresses,
however, usually don’t. This is the reason, why you are likely to have fewer problems by
configuring your system with web addresses rather than IP addresses. Follow the
instructions below to find the web address assigned to the IP address you just pinged.
1. At the DOS command prompt, type ping -a 81.0.193.56, where 81.0.193.56is the
IP address you just pinged. Information such as the following data will be
displayed.
Fig. 11.2 Pinging
111
2. Write down the web address returned by the ping command (In the example in
Fig. 11.2 corinex.com is the web address). This web address is the web address
assigned to the IP address you just pinged. While the IP address of mail could
change conceivably, it is presumably that this web address will not.
3. Replace your ISP’s abbreviated server address with this extended web address in
the corresponding Internet application (web browser, e-mail application, etc.).
Once you have replaced the brief server address with the true server address, the
Access Point should have no problem accessing the Internet through this Internet
application.
Appendix E: Finding the MAC address and IP address for your
Ethernet Adapter
This section describes how to find the MAC address of your Ethernet adapter of your
computer to do either MAC Filtering or MAC Address Cloning for the Router and ISP.
You can also find the IP address of your computer’s Wireless or Ethernet adapter. The
IP address is used for filtering, forwarding, and DMZ. In this appendix follow the next
steps to find the MAC address or IP address for your adapter of your Windows 95, 98,
Me, NT, 2000, XP, Linux or Macintosh Computer.
E.1 For Windows 95, 98, and ME:
1. Click Start and Run. In the Open field, enter winipcfg, as shown in Figure 12.1.
Then press the Enter key or the OK button.
Fig. 12.1 Running winipcfg
112
2. When the IP Configuration window appears, select the Wireless or Ethernet
adapter you are using to connect to the Corinex Wireless to Powerline Router G
via a Ethernet, Wireless or through the Powerline, as shown in Fig. 12.1.
3. Write down the Adapter Address as shown on your computer screen (see Figure
7.1). This is the MAC address for your Wireless or Ethernet adapter and will be
shown as a series of numbers and letters. The MAC address/Adapter Address is
what you will use for MAC Address Cloning or MAC Filtering.
This example shows the IP address of your Wireless adapter as 10.101.2.38. Your
computer may show something different.
E.2 For Windows NT, 2000, and XP:
The following steps show an alternative way of obtaining the MAC and IP address for
your Wireless or Ethernet adapter.
1. Click Start and Run. In the Open field, enter cmd. Press Enter key or click the OK
button.
Fig. 11.2 Running ipconfig
2. In the command prompt, enter ipconfig /all. Then press Enter key.
3. Write down the Physical Address as shown on your computer screen (Figure
11.2); it is the MAC address for your Wireless or Ethernet adapter. This will
appear as a series of letters and numbers. The MAC address/Physical Address is
what you will use for MAC Address Cloning or MAC Filtering.
113
The example in Figure 11.2 shows the IP address of your Wireless adapter as
192.168.1.10. Your computer might show something different.
Note: The MAC address is also called Physical Address.
When entering the information using the Access Point’s web-based utility, you will type
the 12-digit MAC address in this format, XX:XX:XX:XX:XX:XX without the hyphens for
MAC Filtering.
When entering information for MAC Address Cloning, type the 12-digit MAC address.
E.3 For Linux PC:
From the Start Button on Desktop bar, choose Terminals->Xterm (or any other
convenient terminal).
Fig. 11.3 Starting Terminal
Login as superuser by issuing su command, then press Enter. Provide the password,
and press Enter. Enter ifconfig, press Enter. In the field Hwaddr is the requested MAC
Address.
114
Fig. 11.4 Running ifconfig
Login as superuser, by issuing su command, and then press Enter. Provide the
password, and press Enter again. Enter iwconfig, and then press Enter. You can see
the wireless port parameters.
Fig. 11.5 Running iwconfig
115
E.4 For Macintosh OS X computer:
1. In Applications open Utilities.
Fig. 11.6 Applications
2. In Utilities select Network Utility
116
Fig. 11.7 Utilities
3. Select the interface connected to the Corinex Wireless to Powerline Router G
through the Ethernet or through the Wireless. In this section you can see the
wireless connection type.
Fig. 11.8 Network Utility
4. The field Hardware Address contains the MAC Address of selected interface.
117