® A Division of Cisco Systems, Inc. ADSL2 Gateway with 4-Port Switch WIRED User Guide Model No. AG241 ADSL2 Gateway with 4-Port Switch Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2004 Cisco Systems, Inc. All rights reserved. Other brands and product names are trademarks or registered trademarks of their respective holders. How to Use this Guide Your Guide to the ADSL2 Gateway with 4-Port Switch has been designed to make understanding networking with the Gateway easier than ever. Look for the following items when reading this User Guide: This checkmark means there is a Note of interest and is something you should pay special attention to while using the Gateway. This exclamation point means there is a Caution or Warning and is something that could damage your property or the Gateway. This question mark provides you with a reminder about something you might need to do while using the Gateway. In addition to these symbols, there are definitions for technical terms that are presented like this: word: definition. Also, each figure (diagram, screenshot, or other image) is provided with a figure number and description, like this: Figure 0-1: Sample Figure Description Figure numbers and descriptions can also be found in the "List of Figures" section in the "Table of Contents". AG241-EU-UG-50208 ADSL2 Gateway with 4-Pot Switch Table of Contents Chapter 1: Introduction Welcome What's in this Guide? 1 1 2 Chapter 2: Planning Your Network The Gateway's Functions IP Addresses What is a VPN? Why do I need a VPN? 4 4 4 5 6 Chapter 3: Getting to Know the ADSL2 Gateway with 4-Port Switch The Back Panel The Front Panel 8 8 9 Chapter 4: Connecting the ADSL2 Gateway with 4-Port Switch Overview Wired Connection to a Computer 10 10 11 Chapter 5: Configuring the Gateway Overview How to Access the Web-based Utility The Setup Tab The Security Tab The Access Restrictions Tab The Applications and Gaming Tab The Administration Tab The Status Tab Common Problems and Solutions Frequently Asked Questions Introduction Environment How to Establish a Secure IPSec Tunnel Windows 98 or Me Instructions Windows 2000 or XP Instructions 13 13 15 15 22 27 29 32 37 39 47 53 53 54 64 65 10/100 8-Port VPN Router List of Figures Figure 2-1: Network Figure 2-2: Computer-to-VPN Gateway Figure 2-3: VPN Gateway-to-VPN Gateway Figure 3-1: Back Panel Figure 3-2: Front Panel Figure 4-1: Ethernet Connection Figure 4-2: ADSL Connection Figure 4-3: Power Connection Figure 5-1: Password Screen Figure 5-2: Basic Setup Tab Figure 5-3: Dynamic IP Figure 5-4: Static IP Figure 5-5: IPoA Figure 5-6: RFC 2516 PPPoE Figure 5-7: RFC 2364 PPPoA Figure 5-8: Bridged Mode Only Figure 5-9: Optional Settings Figure 5-10: DynDNS.org Figure 5-11: TZO.com Figure 5-12: Advanced Routing Figure 5-13: Routing Table List Figure 5-14: Firewall Figure 5-15: VPN Figure 5-16: VPN Settings Summary Figure 5-17: Manual Key Management Figure 5-18: System Log Figure 5-19: Advanced VPN Tunnel Setup Figure 5-20: Internet Access 4 6 7 8 9 11 11 11 15 15 16 16 17 17 18 18 19 20 20 21 22 23 24 24 25 25 26 27 10/100 8-Port VPN Router Figure 5-21: Internet Policy Summary Figure 5-22: List of PCs Figure 5-23: Port Services Figure 5-24: Single Port Forwarding Figure 5-25: Port Range Forwarding Figure 5-26: Port Triggering Figure 5-27: DMZ Figure 5-28: QOS Figure 5-29: Management Figure 5-30: Reporting Figure 5-31: System Log Figure 5-32: Ping Test Figure 5-33: Backup&Restore Figure 5-34: Factory Defaults Figure 5-35: Firmware Upgrade Figure 5-36: Reboot Figure 5-37: Status Figure 5-38: Local Network Figure 5-39: DHCP Clients Table Figure 5-40: DSL Connection Figure B-1: Local Security Screen Figure B-2: Rules Tab Figure B-3: IP Filter List Tab Figure B-4: IP Filter LIst Figure B-5: Filters Properties Figure B-6: New Rule Properties Figure B-7: IP Filter List Figure B-8: Filters Properties Figure B-9: New Rule Properties Figure B-10: IP Filter List Tab 27 28 28 29 29 30 30 31 32 33 33 34 34 35 35 36 37 37 37 38 54 54 54 55 55 55 56 56 56 57 10/100 8-Port VPN Router Figure B-11: Filter Acton Tab Figure B-12: Security Methods Tab Figure B-13: Authentication Methods Figure B-14: Preshared Key Figure B-15: New Preshared Key Figure B-16: Tunnel Setting Tab Figure B-17: Connection Type Tab Figure B-18: Properties Screen Figure B-19: IP Filter List Tab Figure B-20: Filter Action Tab Figure B-21: Authentication Methods Tab Figure B-22: Preshared Key Figure B-23: New Preshared Key Figure B-24: Tunnel Setting Tab Figure B-25: Connection Type Figure B-26: Rules Figure B-27: Local Computer Figure B-28: VPN Tab Figure C-1: IP Configuration Screen Figure C-2: MAC Address/Adapter Address Figure C-3: MAC Address/Physical Address Figure D-1: Upgrade Firmware 57 57 58 58 58 59 59 59 60 60 60 61 61 61 62 62 62 63 64 64 65 66 ADSL2 Gateway with 4-Port Switch Chapter 1: Introduction Welcome The Linksys ADSL2 Gateway with 4-Port Switch is the all-in-one solution for Internet connectivity in your home. The ADSL Modem function gives you a blazing fast connection to the Internet, far faster than a dial-up, and without tying up your phone line. Connect your computers to the Gateway via the built-in 4-port 10/100 Ethernet Switch to jump start your home network. You can share files, printers, hard drive space and other resources, or play head-to-head computer games. Attach four computers directly, or connect more hubs and switches to create as big a network as you need. The Gateway ties it all together and lets your whole network share that high-speed Internet connection. To protect your data and privacy, the ADSL2 Gateway with 4-Port Switch features an advanced firewall to keep Internet intruders and attackers out. Safeguard your family with Parental Control features like Internet Access Time Limits and Key Word Blocking. Configuration is a snap with any web browser. With the Linksys ADSL2 Gateway with 4-Port Switch at the heart of your home network, you're connected to the future. Chapter 1: Introduction Welcome 1 ADSL2 Gateway with 4-Port Switch What's in this Guide? This user guide covers the steps for setting up and using the ADSL2 Gateway with 4-Port Switch. · Chapter 1: Introduction This chapter describes the ADSL2 Gateway with 4-Port Switch ADSL2 Gateway with 4-Port Switch applications and this User Guide. · Chapter 2: Planning Your Network This chapter describes the basics of networking. · Chapter 3: Getting to Know the ADSL2 Gateway with 4-Port Switch This chapter describes the physical features of the Gateway. · Chapter 4: Connecting the ADSL2 Gateway with 4-Port Switch This chapter instructs you on how to connect the Gateway to your network. · Chapter 5: Configuring the Gateway This chapter explains how to use the Web-Based Utility to configure the settings on the Gateway. · Appendix A: Troubleshooting This appendix describes some problems and solutions, as well as frequently asked questions, regarding installation and use of the ADSL2 Gateway with 4-Port Switch. · Appendix B: Configuring IPSec between a Windows 2000 Computer and the Gateway This appendix instructs you on how to establish a secure IPSec tunnel using preshared keys to join a private network inside the VPN Gateway and a Windows 2000 or XP computer. · Appendix C: Upgrading Firmware This appendix instructs you on how to upgrade the firmware on your Gateway if you should need to do so. · Appendix D: Finding the MAC Address and IP Address for your Ethernet Adapter. This appendix describes how to find the MAC address for your computer's Ethernet adapter so you can use the MAC filtering and/or MAC address cloning feature of the Gateway. · Appendix E: Glossary This appendix gives a brief glossary of terms frequently used in networking. · Appendix F: Specifications This appendix provides the technical specifications for the Gateway. Chapter 1: Introduction What's in this Guide? 2 ADSL2 Gateway with 4-Port Switch · Appendix G: Warranty Information This appendix supplies the warranty information for the Gateway. · Appendix H: Regulatory Information This appendix supplies the regulatory information regarding the Gateway. · Appendix I: Contact Information This appendix provides contact information for a variety of Linksys resources, including Technical Support. Chapter 1: Introduction What's in this Guide? 3 ADSL2 Gateway with 4-Port Switch Chapter 2: Planning Your Network The Gateway's Functions A Gateway is a network device that connects two networks together. In this instance, the Gateway connects your Local Area Network (LAN), or the group of computers in your home or office, to the Internet. The Gateway processes and regulates the data that travels between these two networks. The Gateway's NAT feature protects your network of computers so users on the public, Internet side cannot "see" your computers. This is how your network remains private. The Gateway protects your network by inspecting every packet coming in through the Internet port before delivery to the appropriate computer on your network. The Gateway inspects Internet port services like the web server, ftp server, or other Internet applications, and, if allowed, it will forward the packet to the appropriate computer on the LAN side. Remember that the Gateway's ports connect to two sides. The LAN ports connect to the LAN, and the ADSL port connects to the Internet. The LAN ports transmit data at 10/100Mbps. IP Addresses What's an IP Address? IP stands for Internet Protocol. Every device on an IP-based network, including computers, print servers, and Gateways, requires an IP address to identify its "location," or address, on the network. This applies to both the Internet and LAN connections. There are two ways of assigning an IP address to your network devices. You can assign static IP addresses or use the Gateway to assign IP addresses dynamically. Figure 2-1: Network LAN: the computers and networking products that make up your local network Static IP Addresses A static IP address is a fixed IP address that you assign manually to a computer or other device on the network. Since a static IP address remains valid until you disable it, static IP addressing ensures that the device assigned it will always have that same IP address until you change it. Static IP addresses must be unique and are commonly used with network devices such as server computers or print servers. NOTE: Since the Gateway is a device that connects two networks, it needs two IP addresses--one for the LAN, and one for the Internet. In this User Guide, you'll see references to the "Internet IP address" and the "LAN IP address." Since the Gateway uses NAT technology, the only IP address that can be seen from the Internet for your network is the Gateway's Internet IP address. However, even this Internet IP address can be blocked, so that the Gateway and network seem invisible to the Internet-- see the Block WAN Requests description under Security in "Chapter 5: Configuring the Gateway." 4 Chapter 2: Planning Your Network The Gateway's Functions ADSL2 Gateway with 4-Port Switch Since you use the Gateway to share your DSL Internet connection, contact your ISP to find out if they have assigned a static IP address to your account. If so, you will need that static IP address when configuring the Gateway. You can get that information from your ISP. Dynamic IP Addresses A dynamic IP address is automatically assigned to a device on the network, such as computers and print servers. These IP addresses are called "dynamic" because they are only temporarily assigned to the computer or device. After a certain time period, they expire and may change. If a computer logs onto the network (or the Internet) and its dynamic IP address has expired, the DHCP server will automatically assign it a new dynamic IP address. DHCP (Dynamic Host Configuration Protocol) Servers Computers and other network devices using dynamic IP addressing are assigned a new IP address by a DHCP server. The computer or network device obtaining an IP address is called the DHCP client. DHCP frees you from having to assign IP addresses manually every time a new user is added to your network. A DHCP server can either be a designated computer on the network or another network device, such as the Gateway. By default, the Gateway's DHCP Server function is enabled. If you already have a DHCP server running on your network, you must disable one of the two DHCP servers. If you run more than one DHCP server on your network, you will experience network errors, such as conflicting IP addresses. To disable DHCP on the Gateway, see the DHCP section in "Chapter 5: Configuring the Gateway." What is a VPN? A VPN, or Virtual Private Network, is a connection between two endpoints - a VPN Gateway, for i ...