Chapter 5: Configuring the Wireless-G Broadband Router. Linksys WRT54GS

Wireless-G Broadband Router with SpeedBooster

Chapter 5: Configuring the Wireless-G Broadband Router

Overview

You should always use the Setup CD-ROM when first installing the Router. If you do not wish to run the Setup

Wizard on the Setup CD-ROM, you can use the Web-based Utility to configure the Router. For advanced users, you may configure the Router’s advanced settings through the Web-based Utility.

This chapter will describe each web page in the Utility and each page’s key functions. The utility can be accessed via your web browser through use of a computer connected to the Router. For a basic network setup, most users will use these two screens of the Utility:

• Basic Setup. On the Basic Setup screen, enter the settings provided by your ISP.

• Management. Click the Administration tab and then the Management tab. The Router’s default password is

admin. To secure the Router, change the Password from its default.

There are seven main tabs: Setup, Wireless, Security, Access Restrictions, Applications & Gaming, Administration, and Status. Additional tabs will be available after you click one of the main tabs.

To access the Web-based Utility, launch Internet Explorer or Netscape Navigator, and enter the Router’s default IP address, 192.168.1.1, in the Address field. Then, press Enter.

A password request page will appear. (Non-Windows XP users will see a similar screen.) Leave the User Name field blank. The first time you open the Web-based Utility, use the default password admin. (You can set a new password from the Administration tab’s Management screen.) Click the OK button to continue.

NOTE: When first installing the Router, you should use the Setup Wizard on the Setup CD-ROM. If you want to configure advanced settings, use this chapter to learn about the Web-based Utility.

HAVE YOU: Enabled TCP/IP on your PCs? PCs communicate over the network with this protocol.

Refer to “Appendix D: Windows Help” for more information on TCP/IP.

Figure 5-1: Password Screen

Chapter 5: Configuring the Wireless-G Broadband Router

Overview

13


The Setup Tab - Basic Setup

The first screen that appears displays the Setup tab. This allows you to change the Router's general settings.

Change these settings as described here and click the Save Settings button to apply your changes or Cancel

Changes to cancel your changes.

Internet Setup

The Internet Setup section configures the Router to your Internet connection. Most of this information can be obtained through your ISP.

Internet Connection Type

Choose the type of Internet connection your ISP provides from the drop down menu.

• DHCP. By default, the Router’s Internet Connection Type is set to Automatic Configuration - DHCP, which should be kept only if your ISP supports DHCP or you are connecting through a dynamic IP address.

• Static IP. If you are required to use a permanent IP address to connect to the Internet, select Static IP.

Internet IP Address. This is the Router’s IP address, when seen from the Internet. Your ISP will provide you with the IP Address you need to specify here.

Subnet Mask. This is the Router’s Subnet Mask, as seen by users on the Internet (including your ISP). Your

ISP will provide you with the Subnet Mask.

Gateway. Your ISP will provide you with the Gateway Address, which is the ISP server’s IP address.

DNS. Your ISP will provide you with at least one DNS (Domain Name System) Server IP Address.

Figure 5-2: Setup Tab - Basic Setup

Figure 5-3: DHCP Connection Type



Figure 5-4: Static IP Connection Type

static ip address: a fixed address assigned to a computer or device connected to a network.

14


• PPPoE. Some DSL-based ISPs use PPPoE (Point-to-Point Protocol over Ethernet) to establish Internet connections. If you are connected to the Internet through a DSL line, check with your ISP to see if they use

PPPoE. If they do, you will have to enable PPPoE.

User Name and Password. Enter the User Name and Password provided by your ISP.

Connect on Demand: Max Idle Time. You can configure the Router to cut the Internet connection after it has been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. If you wish to activate Connect on Demand, click the radio button. In the Max Idle Time field, enter the number of minutes you want to have elapsed before your Internet connection terminates.

Keep Alive Option: Redial Period. If you select this option, the Router will periodically check your Internet connection. If you are disconnected, then the Router will automatically re-establish your connection. To use this option, click the radio button next to Keep Alive. In the Redial Period field, you specify how often you want the Router to check the Internet connection. The default Redial Period is 30 seconds.

• PPTP. Point-to-Point Tunneling Protocol (PPTP) is a service that applies to connections in Europe only.

Specify Internet IP Address. This is the Router’s IP address, as seen from the Internet. Your ISP will provide you with the IP Address you need to specify here.

Subnet Mask. This is the Router’s Subnet Mask, as seen by users on the Internet (including your ISP). Your

ISP will provide you with the Subnet Mask.

Gateway. Your ISP will provide you with the Gateway Address.






Figure 5-5: PPPoE Connection Type

pppoe: a type of broadband connection that provides authentication (username and password) in addition to data transport

Figure 5-6: PPTP Connection Type

15


• HeartBeat Signal. HeartBeat Signal (HBS) is a service that applies to connections in Australia only.


Heart Beat Server. This is the IP address that the Router has, when seen from the Internet. Your ISP will provide you with the IP Address you need to specify here.



Optional Settings

Some of these settings may be required by your ISP. Verify with your ISP before making any changes.

Router Name. In this field, you can type a name of up to 39 characters to represent the Router.

Host Name/Domain Name. These fields allow you to supply a host and domain name for the Router. Some

ISPs, usually cable ISPs, require these names as identification. You may have to check with your ISP to see if your broadband Internet service has been configured with a host and domain name. In most cases, leaving these fields blank will work.

MTU. MTU is the Maximum Transmission Unit. It specifies the largest packet size permitted for Internet transmission. The default setting, Manual, allows you to enter the largest packet size that will be transmitted.

The recommended size, entered in the Size field, is 1492. You should leave this value in the 1200 to 1500 range.

To have the Router select the best MTU for your Internet connection, select Auto.

Network Setup

The Network Setup section changes the settings on the network connected to the Router’s Ethernet ports.

Wireless Setup is performed through the Wireless tab.

Figure 5-7: HeartBeat Signal Connection Type

Figure 5-8: Optional Settings

packet: a funit of data sent over a network



16


Router IP

This presents both the Router’s IP Address and Subnet Mask as seen by your network.

Network Address Server Settings (DHCP)

The settings allow you to configure the Router’s Dynamic Host Configuration Protocol (DHCP) server function.

The Router can be used as a DHCP server for your network. A DHCP server automatically assigns an IP address to each computer on your network. If you choose to enable the Router’s DHCP server option, you must configure all of your network PCs to connect to a DHCP server (the Router), and make sure there is no other DHCP server on your network.

DHCP Server. DHCP is enabled by factory default. If you already have a DHCP server on your network, or you don’t want a DHCP server, then click the Disable radio button (no other DHCP features will be available).

Starting IP Address. Enter a value for the DHCP server to start with when issuing IP addresses. Because the

Router’s default IP address is 192.168.1.1, the Starting IP Address must be 192.168.1.2 or greater, but smaller than 192.168.1.253. The default Starting IP Address is 192.168.1.100.

Maximum Number of DHCP Users. Enter the maximum number of PCs that you want the DHCP server to assign

IP addresses to. This number cannot be greater than 253. The default is 50.

Client Lease Time. The Client Lease Time is the amount of time a network user will be allowed connection to the

Router with their current dynamic IP address. Enter the amount of time, in minutes, that the user will be “leased” this dynamic IP address. After the time is up, the user will be automatically assigned a new dynamic IP address.

The default is 0 minutes, which means one day.

Static DNS (1-3). The Domain Name System (DNS) is how the Internet translates domain or website names into

Internet addresses or URLs. Your ISP will provide you with at least one DNS Server IP Address. If you wish to use another, type that IP Address in one of these fields. You can type up to three DNS Server IP Addresses here. The

Router will use these for quicker access to functioning DNS servers.

WINS. The Windows Internet Naming Service (WINS) manages each PC’s interaction with the Internet. If you use a WINS server, enter that server’s IP Address here. Otherwise, leave this blank.

Time Setting

Change the time zone in which your network functions from this pull-down menu. (You can even automatically adjust for daylight savings time.)

Figure 5-9: Router IP

Figure 5-10: Network Address Server Settings

dynamic ip address: a temporary IP address assigned by a DHCP server

Figure 5-11: Time Setting



17


The Setup Tab - DDNS

The Router offers a Dynamic Domain Name System (DDNS) feature. DDNS lets you assign a fixed host and domain name to a dynamic Internet IP address. It is useful when you are hosting your own website, FTP server, or other server behind the Router. Before you can use this feature, you need to sign up for DDNS service at www.dyndns.org or www.TZO.com, DDNS service providers.

DDNS Service. From this pull-down menu, enter the DDNS service with which you have membership.

User Name. Enter the User Name for your DDNS account

Password. Enter the Password for your DDNS account.

Host Name. The is the DDNS URL assigned by the DDNS service.

Internet IP Address. This is the Router’s current IP Address as seen on the Internet.

Status. This displays the status of the DDNS connection.



Figure 5-12: Setup Tab - DDNS

ddns: allows the hosting of a website, FTP server, or e-mail server with a fixed domain name (e.g., www.xyz.com) and a dynamic IP address


The Setup Tab - DDNS

18


The Setup Tab - MAC Address Clone

A MAC address is a 12-digit code assigned to a unique piece of hardware for identification. Some ISPs will require you to register a MAC address in order to access the Internet. If you do not wish to re-register the MAC address with your ISP, you may assign the MAC address you have currently registered with your ISP to the Router with the MAC Address Clone feature.

Enable/Disable. To have the MAC Address cloned, click the radio button beside Enable.

User Defined Entry. Enter the MAC Address registered with your ISP here.

Clone Your PC’s MAC Address. Clicking this button will clone the MAC address.



Figure 5-13: Setup Tab - MAC Address Clone


The Setup Tab - MAC Address Clone

19


The Setup Tab - Advanced Routing

This tab is used to set up the Router’s advanced functions. Operating Mode allows you to select the type(s) of advanced functions you use. Dynamic Routing will automatically adjust how packets travel on your network. Static

Routing sets up a fixed route to another network destination.

Operating Mode. Select the mode in which this Router will function. If this Router is hosting your network’s connection to the Internet, select Gateway. If another Router exists on your network, select Router. When Router is chosen, Dynamic Routing will be enabled.

Dynamic Routing. This feature enables the Router to automatically adjust to physical changes in the network’s layout and exchange routing tables with the other router(s). The Router determines the network packets’ route based on the fewest number of hops between the source and the destination. This feature is Disabled by default.

From the drop-down menu, you can also select LAN & Wireless, which performs dynamic routing over your

Ethernet and wireless networks. You can also select WAN, which performs dynamic routing with data coming from the Internet. Finally, selecting Both enables dynamic routing for both networks, as well as data from the Internet.

Static Routing. To set up a static route between the Router and another network, select a number from the Static

Routing drop-down list. (A static route is a pre-determined pathway that network information must travel to reach a specific host or network.) Enter the information described below to set up a new static route. (Click the Delete This

Entry button to delete a static route.)

Enter Route Name. Enter a name for the Route here, using a maximum of 25 alphanumeric characters.

Destination LAN IP. The Destination LAN IP is the address of the remote network or host to which you want to assign a static route.

Subnet Mask. The Subnet Mask determines which portion of a Destination LAN IP address is the network portion, and which portion is the host portion.

Default Gateway. This is the IP address of the gateway device that allows for contact between the Router and the remote network or host.

Interface. This interface tells you whether the Destination IP Address is on the LAN & Wireless (Ethernet and wireless networks), the WAN (Internet), or Loopback (a dummy network in which one PC acts like a network— necessary for certain software programs).

Click the Show Routing Table button to view the Static Routes you’ve already set up.



Figure 5-14: Setup Tab - Advanced Routing (Gateway)

Figure 5-15: Setup Tab - Advanced Routing (Router)

default gateway: a device that forwards

Internet traffic from your local area network


The Setup Tab - Advanced Routing

20


The Wireless Tab - Basic Wireless Settings

The basic settings for wireless networking are set on this screen.

Wireless Network Mode. From this drop-down menu, you can select the wireless standards running on your network. If you have both 802.11g and 802.11b devices in your network, keep the default setting, Mixed. If you have only 802.11g devices, select G-Only. If you have only 802.11b devices, select B-Only. If you do not have any

802.11g and 802.11b devices in your network, select Disable. SpeedBooster works automatically with all settings, providing the added bonus of increased speed across your entire network and even greater speed when using SpeedBooster products only.

Wireless Network Name (SSID). The SSID is the network name shared among all points in a wireless network.

The SSID must be identical for all devices in the wireless network. It is case-sensitive and must not exceed 32 characters (use any of the characters on the keyboard). Make sure this setting is the same for all points in your wireless network. For added security, you should change the default SSID (linksys) to a unique name.

Wireless Channel. Select the appropriate channel from the list provided to correspond with your network settings. All devices in your wireless network must be broadcast on the same channel in order to function correctly.

Wireless SSID Broadcast. When wireless clients survey the local area for wireless networks to associate with, they will detect the SSID broadcast by the Router. To broadcast the Router's SSID, keep the default setting,

Enable. If you do not want to broadcast the Router's SSID, then select Disable.



Figure 5-16: Wireless Tab - Basic Wireless Settings

NOTE: SpeedBooster ONLY works in Infrastructure

Mode.


The Wireless Tab - Basic Wireless Settings

21


The Wireless Tab - Wireless Security

The Wireless Security settings configure the security of your wireless network. There are four wireless security mode options supported by the Router: WPA Pre-Shared Key, WPA RADIUS, RADIUS, and WEP. (WPA stands for Wi-

Fi Protected Access, which is a security standard stronger than WEP encryption. WEP stands for Wired Equivalent

Privacy, while RADIUS stands for Remote Authentication Dial-In User Service.) These four are briefly discussed here. For detailed instructions on configuring wireless security for the Router, turn to “Appendix B: Wireless

Security.”

WPA Pre-Shared Key. WPA gives you two encryption methods, TKIP and AES, with dynamic encryption keys.

Select the type of algorithm, TKIP or AES. Enter a WPA Shared Key of 8-63 characters. Then enter a Group Key

Renewal period, which instructs the Router how often it should change the encryption keys.

WPA RADIUS. This option features WPA used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to the Router.) First, select the type of WPA algorithm you want to use, TKIP or AES. Enter the RADIUS server’s IP Address and port number, along with a key shared between the Router and the server. Last, enter a Key Renewal Timeout, which instructs the Router how often it should change the encryption keys.

IMPORTANT: If you are using WPA, always remember that each device in your wireless network MUST use the same WPA method and shared key, or else the network will not function properly.

Figure 5-17: Wireless Tab - Wireless Security

(WPA Pre-Shared Key)



Figure 5-18: Wireless Tab - Wireless Security

(WPA RADIUS)

radius: a protocol that uses an authentication server to control network access

22


RADIUS. This option features WEP used in coordination with a RADIUS server. (This should only be used when a

RADIUS server is connected to the Router.) First, enter the RADIUS server’s IP Address and port number, along with a key shared between the Router and the server. Then, select a Default Transmit Key (choose which Key to use), and a level of WEP encryption, 64 bits 10 hex digits or 128 bits 26 hex digits. Last, either generate a

WEP key using the Passphrase or enter the WEP key manually.

WEP. WEP is a basic encryption method, which is not as secure as WPA. To use WEP, select a Default Transmit

Key (choose which Key to use), and a level of WEP encryption, 64 bits 10 hex digits or 128 bits 26 hex digits.

Then either generate a WEP key using the Passphrase or enter the WEP key manually.


Changes to cancel your changes. For detailed instructions on configuring wireless security for the Router, turn to

“Appendix B: Wireless Security.”

IMPORTANT: If you are using WEP encryption, always remember that each device in your wireless network MUST use the same WEP encryption method and encryption key, or else your wireless network

Figure 5-19: Wireless Tab - Wireless Security (RADIUS)



Figure 5-20: Wireless Tab - Wireless Security (WEP)

23


The Wireless Tab - Wireless MAC Filter

Wireless access can be filtered by using the MAC addresses of the wireless devices transmitting within your network’s radius.

Wireless MAC Filter. To filter wireless users by MAC Address, either permitting or blocking access, click Enable.

If you do not wish to filter users by MAC Address, select Disable.

Prevent. Clicking this button will block wireless access by MAC Address.

Permit Only. Clicking this button will allow wireless access by MAC Address.

Edit MAC Address Filter List. Clicking this button will open the MAC Address Filter List. On this screen, you can list users, by MAC Address, to whom you wish to provide or block access. For easy reference, click the Wireless

Client MAC List button to display a list of network users by MAC Address.



Figure 5-21: Wireless Tab - Wireless MAC Filter


The Wireless Tab - Wireless MAC Filter

Figure 5-22: MAC Address Filter List

24


The Wireless Tab - Advanced Wireless Settings

This tab is used to set up the Router’s advanced wireless functions. These settings should only be adjusted by an expert administrator as incorrect settings can reduce wireless performance.

Authentication Type. The default is set to Auto, which allows either Open System or Shared Key authentication to be used. With Open System authentication, the sender and the recipient do NOT use a WEP key for authentication. With Shared Key authentication, the sender and recipient use a WEP key for authentication.

Basic Rate. The Basic Rate setting is not actually one rate of transmission but a series of rates at which the

Router can transmit. The Router will advertise its Basic Rate to the other wireless devices in your network, so they know which rates will be used. The Router will also advertise that it will automatically select the best rate for transmission. The default setting is Default, when the Router can transmit at all standard wireless rates

(1-2Mbps, 5.5Mbps, 11Mbps, 18Mbps, and 24Mbps). Other options are 1-2Mbps, for use with older wireless technology, and All, when the Router can transmit at all wireless rates. The Basic Rate is not the actual rate of data transmission. If you want to specify the Router’s rate of data transmission, configure the Transmission Rate setting.

Figure 5-23: Wireless Tab - Advanced Wireless Settings

wep (wired equivalent privacy): a method of encrypting network data transmitted on a wireless network for greater security

Transmission Rate. The rate of data transmission should be set depending on the speed of your wireless network. You can select from a range of transmission speeds, or you can select Auto to have the Router automatically use the fastest possible data rate and enable the Auto-Fallback feature. Auto-Fallback will negotiate the best possible connection speed between the Router and a wireless client. The default value is Auto.

CTS Protection Mode. CTS (Clear-To-Send) Protection Mode should remain disabled unless you are having severe problems with your Wireless-G products not being able to transmit to the Router in an environment with heavy 802.11b traffic. This function boosts the Router’s ability to catch all Wireless-G transmissions but will severely decrease performance.

cts (clear to send): a signal sent by a wireless device, signifying that it is ready to receive data

Frame Burst. Enabling this option should provide your network with greater performance, depending on the manufacturer of your wireless products. If you are not sure how to use this option, keep the default, Disable.

Beacon Interval. The default value is 100. Enter a value between 1 and 65,535 milliseconds. The Beacon Interval value indicates the frequency interval of the beacon. A beacon is a packet broadcast by the Router to synchronize the wireless network.

DTIM Interval. This value, between 1 and 255, indicates the interval of the Delivery Traffic Indication Message

(DTIM). A DTIM field is a countdown field informing clients of the next window for listening to broadcast and multicast messages. When the Router has buffered broadcast or multicast messages for associated clients, it sends the next DTIM with a DTIM Interval value. Its clients hear the beacons and awaken to receive the broadcast and multicast messages. The default value is 1.

beacon interval: data transmitted on your wireless network that keeps the network synchronized

dtim: a message included in data packets that can increase wireless efficiency.



25


Fragmentation Threshold. This value specifies the maximum size for a packet before data is fragmented into multiple packets. If you experience a high packet error rate, you may slightly increase the Fragmentation

Threshold. Setting the Fragmentation Threshold too low may result in poor network performance. Only minor reduction of the default value is recommended. In most cases, it should remain at its default value of 2346.

RTS Threshold. Should you encounter inconsistent data flow, only minor reduction of the default value, 2347, is recommended. If a network packet is smaller than the preset RTS threshold size, the RTS/CTS mechanism will not be enabled. The Router sends Request to Send (RTS) frames to a particular receiving station and negotiates the sending of a data frame. After receiving an RTS, the wireless station responds with a Clear to Send (CTS) frame to acknowledge the right to begin transmission. The RTS Threshold value should remain at its default value of 2347.



fragmentation: breaking a packet into smaller units when transmitting over a network medium that cannot support the original size of the packet.



26


The Security Tab - Firewall

Firewall Protection. Enable this feature to employ Stateful Packet Inspection (SPI) for more detailed review of data packets entering your network environment.

Block WAN Requests. Enable the Block WAN Request feature by checking the box beside Block Anonymous

Internet Requests and you can prevent your network from being “pinged,” or detected, by other Internet users.

The Block WAN Request feature also reinforces your network security by hiding your network ports. Both functions of the Block WAN Request feature make it more difficult for outside users to work their way into your network. This feature is enabled by default.



Figure 5-24: Security Tab - Firewall

The Security Tab - VPN Passthrough

Use the settings on this tab to allow VPN tunnels using IPSec, PPTP, or L2TP protocols to pass through the

Router’s firewall.

IPSec Pass-through. Internet Protocol Security (IPSec) is a suite of protocols used to implement secure exchange of packets at the IP layer. To allow IPSec tunnels to pass through the Router, click Enable. IPSec Pass-

Through is enabled by default.

PPTP Pass-through. Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point Protocol (PPP) to be tunneled through an IP network. To allow PPTP tunnels to pass through the Router, click Enable. PPTP Pass-

Through is enabled by default.

L2TP Pass-through. Layer 2 Tunneling Protocol is the method used to enable Point-to-Point sessions via the

Internet on the Layer 2 level. To allow L2TP tunnels to pass through the Router, click Enable. L2TP Pass-Through is enabled by default.



firewall: a set of related programs located at a network gateway server that protects the resources of a network from users from other networks.

Figure 5-25: Security Tab - VPN Passthrough

vpn: a Vsecurity measure to protect data as it leaves one network and goes to another over the Internet

ipsec: a VPN protocol used to implement secure exchange of packets at the IP layer

pptp: a VPN protocol that allows the Point to Point Protocol

(PPP) to be tunneled through an IP network. This protocol is also used as a type of broadband connection in Europe


The Security Tab - Firewall

27


The Access Restrictions Tab - Parental Control

(This service is available in the United States and Canada ONLY.)

The Parental Control screen allows you to sign up and manage your Linksys Parental Controls account. The

Linksys Parental Control Service* gives you powerful tools to control the availability of Internet services, access, and features, customizable for each member of your family. For more information, refer to “Chapter 6: Using the

Linksys Parental Control Service.”

The Linksys Parental Control Service supersedes the Router’s Internet Access Policies. In other words, if you are using the Linksys Parental Control Service, then the Internet Access Policies on the Access Restrictions Tab -

Internet Access screen will be disabled.

To sign up or manage your Linksys Parental Controls account, you will need an active Internet connection.

Enable/Disable. If you want to use the Linksys Parental Control feature, click the Enable radio button. If you want to disable the Linksys Parental Control feature, click the Disable radio button.

Sign Up for Parental Control Service. To sign up for a free trial of the Linksys Parental Control Service, click this link. You will be automatically taken to a website where you can create your account. For more information, refer to “Chapter 6: Using the Linksys Parental Control Service.”

Figure 5-26: Access Restrictions Tab - Parental Control

More info. If you would like more information about the Linksys Parental Control Service, click the More info button.

Status. Displayed here is the status of your Linksys Parental Controls account.

Manage Account. If you have already set up your Parental Controls account, click the Manage Account button to access it and make changes.


Changes to cancel your changes. * Available in US and Canada only.


The Access Restrictions Tab - Parental Control

28


The Access Restrictions Tab - Internet Access

The Internet Access screen allows you to block or allow specific kinds of Internet usage and traffic, such as

Internet access, designated services, websites, and inbound traffic during specific days and times.

Internet Access Policy. Access can be managed by a policy. Use the settings on this screen to establish an access policy (after the Save Settings button is clicked). Selecting a policy from the drop-down menu will display that policy’s settings. To delete a policy, select that policy’s number and click the Delete button. To view all the policies, click the Summary button. (Policies can be deleted from the Summary screen by selecting the policy or policies and clicking the Delete button. To return to the Internet Access tab, click the Close button.)

Status. Policies are disabled by default. To enable a policy, select the policy number from the drop-down menu, and click the radio button beside Enable.

You can create two kinds of policies, one kind to manage Internet access and another kind to manage inbound traffic.

To create an Internet Access policy:

1. Select a number from the Internet Access Policy drop-down menu.

2. To enable this policy, click the radio button beside Enable.

3. Enter a Policy Name in the field provided.

4. Click the Edit List button to select which PCs will be affected by the policy. The List of PCs screen will appear.

You can select a PC by MAC Address or IP Address. You can also enter a range of IP Addresses if you want this policy to affect a group of PCs. After making your changes, click the Save Settings button to apply your changes or Cancel Changes to cancel your changes. Then click the Close button.

5. Click the appropriate option, Deny or Allow, depending on whether you want to block or allow Internet access for the PCs you listed on the List of PCs screen.

6. Decide which days and what times you want this policy to be enforced. Select the individual days during which the policy will be in effect, or select Everyday. Then enter a range of hours and minutes during which the policy will be in effect, or select 24 Hours.

Figure 5-27: Access Restrictions Tab - Internet Access

Figure 5-28: Internet Policy Summary

Figure 5-29: List of PCs



29


7. You can filter access to various services accessed over the Internet, such as FTP or telnet, by selecting services from the drop-down menus next to Blocked Services. (You can block up to 20 services.)

Then enter the range of ports you want to filter.

If the service you want to block is not listed or you want to edit a service’s settings, then click the Add/Edit

Service button. Then the Port Services screen will appear.

To add a service, enter the service’s name in the Service Name field. Select its protocol from the Protocol drop-down menu, and enter its range in the Port Range fields. Then click the Add button.

To modify a service, select it from the list on the right. Change its name, protocol setting, or port range. Then click the Modify button.

To delete a service, select it from the list on the right. Then click the Delete button.

When you are finished making changes on the Port Services screen, click the Apply button to save changes.

If you want to cancel your changes, click the Cancel button. To close the Port Services screen and return to the Access Restrictions screen, click the Close button.

8. If you want to block websites with specific URL addresses, enter each URL in a separate field next to Website

Blocking by URL Address.

9. If you want to block websites using specific keywords, enter each keyword in a separate field next to Website

Blocking by Keyword.

10. Click the Save Settings button to save the policy’s settings. To cancel the policy’s settings, click the Cancel

Changes button.

Figure 5-30: Port Services

ftp: a protocol used to transfer files over a TCP/IP network

telnet: a user command and TCP/IP protocol used for accessing remote PCs

url: the address of a file located on the Internet



30


The Applications and Gaming Tab - Port Range Forward

The Applications and Gaming Tab allows you to set up public services on your network, such as web servers, ftp servers, e-mail servers, or other specialized Internet applications. (Specialized Internet applications are any applications that use Internet access to perform functions such as videoconferencing or online gaming. Some

Internet applications may not require any forwarding.)

To forward a port, enter the information on each line for the criteria required. Descriptions of each criteria are described here.

Application. In this field, enter the name you wish to give the application. Each name can be up to 12 characters.

Start/End. This is the port range. Enter the number that starts the port range under Start and the number that ends the range under End.

Protocol. Enter the protocol used for this application, either TCP or UDP, or Both.

IP Address. For each application, enter the IP Address of the PC running the specific application.

Enable. Click the Enable checkbox to enable port forwarding for the relevant application.



Figure 5-31: Applications and Gaming Tab -

Port Range Forward

tcp: a network protocol for transmitting data that requires acknowledgement from the recipient of data sent

udp: a network protocol for transmitting data that does not require acknowledgement from the recipient of the data that is sent.

ip (internet protocol): a protocol used to send data over a network

ip address : the address used to identify a computer or device on a network


The Applications and Gaming Tab - Port Range Forward

31


The Applications and Gaming Tab - DMZ

The DMZ feature allows one network user to be exposed to the Internet for use of a special-purpose service such as Internet gaming or videoconferencing. DMZ hosting forwards all the ports at the same time to one PC. The Port

Range Forward feature is more secure because it only opens the ports you want to have opened, while DMZ hosting opens all the ports of one computer, exposing the computer to the Internet.

Any PC whose port is being forwarded must have its DHCP client function disabled and should have a new static

IP address assigned to it because its IP address may change when using the DHCP function.

To expose one PC, select Enable. Then, enter the computer's IP address in the DMZ Host IP Address field.



Figure 5-32: Applications and Gaming Tab - DMZ


The Applications and Gaming Tab - DMZ

32


The Administration Tab - Management

This section of the Administration tab allows the network’s administrator to manage specific Router functions for access and security.

Local Router Access. You can change the Router’s password from here. Enter a new Router password and then type it again in the Re-enter to confirm field to confirm.

Remote Router Access. To access the Router remotely, from outside the network, verify that Enable is selected.

Then, enter the port number that will be open to outside access. You will need to enter the Router’s password when accessing the Router this way, as usual.

UPnP. When using UPnP features, select Enable. As allowing this may present a risk to security, this feature is disabled by default.



The Administration Tab - Log

The Router can keep logs of all traffic for your Internet connection. To disable the Log function, keep the default setting, Disable. To monitor traffic between the network and the Internet, select Enable. When you wish to view the logs, click Incoming Log or Outgoing Log, depending on which you wish to view.



Figure 5-33: Administration Tab - Management

Figure 5-34: Administration Tab - Log


The Administration Tab - Management

33


The Administration Tab - Diagnostics

The diagnostic tests (Ping and Traceroute) allow you to check the connections of your network components.

Ping Test. The Ping test will check the status of a connection. Click the Ping button to open the Ping Test screen.

Enter the address of the PC whose connection you wish to test and how many times you wish to test it. Then, click the Ping button. The Ping Test screen will show if the test was successful. To stop the test, click the Stop button. Click the Clear Log button to clear the screen. Click the Close button to return to the Diagnostics screen.

Traceroute Test. To test the performance of a connect, click the Traceroute button. Enter the address of the PC whose connection you wish to test and click the Ping button. The Traceroute Test screen will show if the test was successful. To stop the test, click the Stop button. Click the Clear Log button to clear the screen. Click the Close button to return to the Diagnostics screen.



Figure 5-35: Administration Tab - Diagnostics

Figure 5-36: The Ping Test


The Administration Tab - Diagnostics

Figure 5-37: The Traceroute Test

34


The Administration Tab - Factory Defaults

Click the Yes button to reset all configuration settings to their default values, and then click the Save Settings button. Any settings you have saved will be lost when the default settings are restored. This feature is disabled by default.

Figure 5-38: Administration Tab - Factory Defaults

The Administration Tab - Firmware Upgrade

Firmware can be upgraded by clicking the Upgrade button after browsing for the firmware, which you can download from the Linksys website. Do not upgrade your firmware unless you are experiencing problems with the Router. For more information about upgrading firmware, refer to “Appendix C: Upgrading Firmware”.

Figure 5-39: Administration Tab - Firmware Upgrade

firmware: the programming code that runs a networking device

download: to receive a file transmitted over a networ

upgrade: to replace existing software or firmware with a newer version


The Administration Tab - Factory Defaults

35


The Status Tab - Router

The Router screen on the Status Tab displays the Router’s current status.

Firmware Version. This is the Router’s current firmware.

Current Time. This shows the time, as you set on the Setup Tab.

MAC Address. This is the Router’s MAC Address, as seen by your ISP.

Router Name. This is the specific name for the Router, which you set on the Setup Tab.

Host Name. If required by your ISP, this would have been entered on the Setup Tab.

Domain Name. If required by your ISP, this would have been entered on the Setup Tab.

Configuration Type. This shows the information required by your ISP for connection to the Internet. This information was entered on the Setup Tab. You can Connect or Disconnect your connection here by clicking on that button.

Figure 5-40: Status Tab - Router

mac address: the unique address that a manufacturer assigns to each networking device.

isp: your internet provider

domain: a specific name for a network of computers


The Status Tab - Router

36


The Status Tab - Local Network

The Local Network screen on the Status Tab displays the status of your network.

MAC Address. This is the Router’s MAC Address, as seen on your local, Ethernet network.

IP Address. This shows the Router’s IP Address, as it appears on your local, Ethernet network.

Subnet Mask. When the Router is using a Subnet Mask, it is shown here.

DHCP Server. If you are using the Router as a DHCP server, that will be displayed here.

Start IP Address. For the range of IP Addresses used by devices on your local, Ethernet network, the beginning of that range is shown here.

End IP Address. For the range of IP Addresses used by devices on your local, Ethernet network, the end of that range is shown here.

DHCP Clients Table. Clicking this button will open a screen to show you which PCs are utilizing the Router as a

DHCP server. You can delete PCs from that list, and sever their connections, by checking a Delete box and clicking the Delete button.

Figure 5-41: Status Tab - Local Network


The Status Tab - Local Network

Figure 5-42: DHCP Clients Table

subnet mask: an address code that determines the size of the network

37


The Status Tab - Wireless

The Wireless screen on the Status Tab displays the status of your wireless network.

MAC Address. This is the Router’s MAC Address, as seen on your local, wireless network.

Mode. As selected from the Wireless tab, this will display the wireless mode (Mixed, G-Only, or Disabled) used by the network.

SSID. As entered on the Wireless tab, this will display the wireless network name or SSID.

DHCP Server. If you are using the Router as a DHCP server, that will be displayed here.

Channel. As entered on the Wireless tab, this will display the channel on which your wireless network is broadcasting.

Encryption Function. As selected on the Security Tab, this will display what type of encryption the Router uses for security.

Figure 5-43: Status Tab - Wireless

encryption: encoding data transmitted in a network


The Status Tab - Wireless

38

Chapter 5: Configuring the Wireless-G Broadband Router. Linksys WRT54GS

Chapter 5: Configuring the Wireless-G Broadband Router

Overview

The Setup Tab - Basic Setup

Internet Setup

Internet Connection Type

Optional Settings

Network Setup

Router IP

Network Address Server Settings (DHCP)

Time Setting

The Setup Tab - DDNS

The Setup Tab - MAC Address Clone

The Setup Tab - Advanced Routing

The Wireless Tab - Basic Wireless Settings

The Wireless Tab - Wireless Security

The Wireless Tab - Wireless MAC Filter

The Wireless Tab - Advanced Wireless Settings

The Security Tab - Firewall

The Security Tab - VPN Passthrough

The Access Restrictions Tab - Parental Control

The Access Restrictions Tab - Internet Access

The Applications and Gaming Tab - Port Range Forward

The Applications and Gaming Tab - DMZ

The Administration Tab - Management

The Administration Tab - Log

The Administration Tab - Diagnostics

The Administration Tab - Factory Defaults

The Administration Tab - Firmware Upgrade

The Status Tab - Router

The Status Tab - Local Network

The Status Tab - Wireless

Key Features

Related manuals

Table of contents

Chapter 5: Configuring the Wireless-G Broadband Router. Linksys WRT54GS