2.4 GHz Wireless-G 802.11g WIRELESS VPN Router with RangeBooster User Guide Model No. WRV200 Wireless-G VPN Router with RangeBooster Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered trademark or trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. Copyright © 2006 Cisco Systems, Inc. All rights reserved. Other brands and product names are trademarks or registered trademarks of their respective holders. WARNING: This product contains chemicals, including lead, known to the State of California to cause cancer, and birth defects or other reproductive harm. Wash hands after handling. How to Use this Guide This User Guide has been designed to make understanding networking with the Router easier than ever. Look for the following items when reading this User Guide: This checkmark means there is a note of interest and is something you should pay special attention to while using the Router. This exclamation point means there is a caution or warning and is something that could damage your property or the Router. This question mark provides you with a reminder about something you might need to do while using the Router. In addition to these symbols, there are definitions for technical terms that are presented like this: word: definition. Also, each figure (diagram, screenshot, or other image) is provided with a figure number and description, like this: Figure 0-1: Sample Figure Description Figure numbers and descriptions can also be found in the "List of Figures" section in the "Table of Contents". WRV200-UG-60407NC BW Wireless-G VPN Router with RangeBooster Table of Contents Chapter 1: Introduction Welcome What's in this Guide? 1 1 2 Chapter 2: Planning Your Wireless Network Network Topology Ad-Hoc versus Infrastructure Mode Network Layout 4 4 4 4 Chapter 3: Planning Your Virtual Private Network (VPN) Why do I need a VPN? What is a VPN? 6 6 7 Chapter 4: Getting to Know the Wireless-G VPN Router The Back Panel The Front Panel 9 9 10 Chapter 5: Connecting the Wireless-G VPN Router Overview Wired Connection to a PC Wireless Connection to a PC 11 11 11 12 Chapter 6: Configuring the Wireless-G VPN Router Overview How to Access the Web-based Utility The Setup Tab - Basic Setup The Setup Tab - DDNS The Setup Tab - MAC Address Clone The Setup Tab - Advanced Routing The Wireless Tab - Basic Wireless Settings The Wireless Tab - Wireless Security The Wireless Tab - Wireless Network Access The Wireless Tab - Advanced Wireless Settings The Firewall Tab - General 13 13 15 15 21 22 23 25 26 30 31 33 Wireless-G VPN Router with RangeBooster The Firewall Tab - Port Forwarding The Firewall Tab - Port Triggering The Firewall Tab - DMZ The Firewall Tab - Access Restriction The Firewall Tab - URL Filtering The VPN Tab The VPN Tab - VPN Client Access The VPN Tab - VPN Passthrough The VPN Tab - IPSec VPN The VPN Tab - VPN Summary The QoS Tab - Application-based QoS The QoS Tab - Port-based QoS The Administration Tab - Management The Administration Tab - Log The Administration Tab - Diagnostics The Administration Tab - Factory Defaults The Administration Tab - Firmware Upgrade The Administration Tab - Reboot The Status Tab - Router The Status Tab - Local Network The Status Tab - System Performance The Status Tab - VPN Clients 34 35 36 37 38 39 39 40 41 46 48 49 50 53 54 55 55 55 56 57 59 60 Appendix A: Troubleshooting Common Problems and Solutions Frequently Asked Questions 61 61 69 Appendix B: Wireless Security Security Precautions Security Threats Facing Wireless Networks 77 77 77 Appendix C: Using the Linksys QuickVPN Software for Windows 2000 or XP Overview Before You Begin Using the Linksys QuickVPN Software 80 80 80 82 Wireless-G VPN Router with RangeBooster Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router Introduction Environment How to Establish a Secure IPSec Tunnel 84 84 84 85 Appendix E: Configuring a Gateway-to-Gateway IPSec Tunnel Overview Before You Begin Configuring the VPN Settings for the VPN Routers Configuring the Key Management Settings Configuring PC 1 and PC 2 Windows 98 or Me Instructions Windows 2000 or XP Instructions 95 95 95 96 98 99 100 101 Appendix F: Finding the MAC Address and IP Address for your Ethernet Adapter 100 Appendix G: SNMP Functions Appendix H: Upgrading Firmware Appendix I: Windows Help Appendix J: Glossary Appendix K: Specifications Appendix L: Warranty Information Appendix M: Regulatory Information Appendix N: Contact Information 102 103 104 105 110 111 112 118 Wireless-G VPN Router with RangeBooster List of Figures Figure 2-1: Network Diagram Figure 3-1: VPN Router to VPN Router Figure 3-2: Computer to VPN Router Figure 4-1: Back Panel Figure 4-2: Front Panel Figure 5-1: Connect to LAN Ports Figure 5-2: Connect to Internet Port Figure 5-3: Connect to Power Port Figure 5-4: Connect to Internet Port Figure 5-5: Connect to Power Port Figure 6-1: Login Screen Figure 6-2: Setup Tab - Automatic Configuration - DHCP Figure 6-3: Internet Connection Type - Static IP Figure 6-4: Internet Connection Type - PPPoE Figure 6-5: Internet Connection Type - PPTP Figure 6-6: Internet Connection Type - L2TP Figure 6-7: Static Table Figure 6-8: The Setup Tab - VLAN Figure 6-9: The Setup Tab - DDNS - DynDNS.org Figure 6-10: The Setup Tab - DDNS - TZO.com Figure 6-11: Setup Tab - MAC Address Clone Figure 6-12: The Setup Tab - Advanced Routing Figure 6-13: Routing Table Entry List Figure 6-14: The Wireless Tab - Basic Wireless Settings Figure 6-15: Wireless Security - WPA-Personal Figure 6-16: Wireless Security - WPA2-Personal Figure 6-17: Wireless Security - WPA Enterprise Figure 6-18: Wireless Security - WPA2 Enterprise Figure 6-19: Wireless Security - WPA2 Personal Mixed Figure 6-20: Wireless Security - WPA2 Enterprise Mixed 5 8 8 9 10 11 11 11 12 12 15 15 16 16 17 18 20 20 21 21 22 23 24 25 26 26 27 27 28 28 Wireless-G VPN Router with RangeBooster Figure 6-21: Wireless Security - RADIUS Figure 6-22: Wireless Security - WEP Figure 6-23: Wireless Tab - Wireless Network Access Figure 6-24: Networked Computers Figure 6-25: The Wireless Tab - Advanced Wireless Settings Figure 6-26: Wireless Tab - WDS Figure 6-27: The Firewall Tab - General Figure 6-28: The Firewall Tab - Port Forwarding Figure 6-29: The Firewall Tab - Port Triggering Figure 6-30: The Firewall Tab - DMZ Figure 6-31: The Firewall Tab - Access Restriction Figure 6-32: The Firewall Tab - URL Filtering Figure 6-33: The VPN Tab - VPN Client Access Figure 6-34: The VPN Tab - VPN Client Access Warning Figure 6-35: The VPN Tab - VPN Passthrough Figure 6-36: The VPN Tab - IPSec VPN Figure 6-37: Local Secure Group - Subnet and Remote Secure Group - IP Addr. Figure 6-38: Local Secure Group - IP Address and Remote Secure Group - IP Address Figure 6-39: Local Secure Group - Host and Remote Secure Group - IP Addr. Figure 6-40: Local Secure Group - IP Addr. and Remote Secure Group - Any Figure 6-41: Key Exchange Method - Auto (IKE) Figure 6-42: Advanced Settings Figure 6-43: Global NAT Traversal Advanced Settings Figure 6-44: The VPN Tab - VPN Summary Figure 6-45: The QoS Tab - Application-based QoS -Priority Queue Figure 6-46: The QoS Tab - Application-based QoS -Bandwidth Allocation Figure 6-47: The QoS Tab - Port-based QoS Figure 6-48: The Administration Tab - Management Figure 6-49: The Administration Tab - Log Figure 6-50: The Administration Tab - Diagnostics Figure 6-51: Ping Test Figure 6-52: Traceroute Test Figure 6-53: The Administration Tab - Factory Default 29 29 30 30 31 32 33 34 35 36 37 38 39 39 40 41 41 42 42 42 43 43 45 46 48 48 49 50 53 54 54 54 55 Wireless-G VPN Router with RangeBooster Figure 6-54: The Administration Tab - Firmware Upgrade Figure 6-55: The Administration Tab - Reboot Figure 6-56: The Status Tab - Router Figure 6-57: The Status Tab - Local Network Figure 6-58: DHCP Active IP Table Figure 6-59: The Status Tab - Wireless Figure 6-60: The Status Tab - System Performance Figure 6-61: The Status Tab - VPN Clients Figure C-1: Access Restrictions - VPN Client Access Screen Figure C-2: Setup Wizard - Welcome Screen Figure C-3: QuickVPN Desktop Icon Figure C-4: QuickVPN Tray Icon - No Connection Figure C-5: QuickVPN Software - Profile Figure C-6: Connecting Figure C-7: Activating Policy Figure C-8: Verifying Network Figure C-9: QuickVPN QuickVPN Software - Status Figure C-10: QuickVPN Tray Icon - Connection Figure C-11: QuickVPN Tray Icon - No Connection Figure C-12: QuickVPN QuickVPN Software - Change Password Figure D-1: Local Security Screen Figure D-2: Rules Tab Figure D-3: IP Filter List Tab Figure D-4: IP Filter LIst Figure D-5: Filters Properties Figure D-6: New Rule Properties Figure D-7: IP Filter List Figure D-8: Filters Properties Figure D-9: New Rule Properties Figure D-10: IP Filter List Tab Figure D-11: Filter Action Tab Figure D-12: Security Methods Tab Figure D-13: Authentication Methods 55 55 56 57 57 58 59 60 80 81 82 82 82 82 82 82 83 83 83 83 85 85 85 86 86 86 87 87 87 88 88 88 89 Wireless-G VPN Router with RangeBooster Figure D-14: Preshared Key Figure D-15: New Preshared Key Figure D-16: Tunnel Setting Tab Figure D-17: Connection Type Tab Figure D-18: Properties Screen Figure D-19: IP Filter List Tab Figure D-20: Filter Action Tab Figure D-21: Authentication Methods Tab Figure D-22: Preshared Key Figure D-23: New Preshared Key Figure D-24: Tunnel Setting Tab Figure D-25: Connection Type Figure D-26: Rules Figure D-27: Local Computer Figure D-28: VPN Tab Figure E-1: Diagram of All VPN Tunnels Figure E-2: Login Screen Figure E-3: Security - VPN Screen (VPN Tunnel) Figure E-4: Security - VPN Screen (VPN Tunnel) Figure E-5: Auto (IKE) Advanced Settings Screen Figure F-1: IP Configuration Screen Figure F-2: MAC Address/Adapter Address Figure F-3: MAC Address/Physical Address Figure H-1: Upgrade Firmware 89 89 90 90 90 91 91 91 92 92 92 93 93 93 94 95 96 96 97 98 100 100 101 103 Wireless-G VPN Router with RangeBooster Wireless-G VPN Router with RangeBooster Chapter 1: Introduction Welcome Thank you for choosing the Linksys Wireless-G VPN Router with RangeBooster. The Wireless-G VPN Router will allow you to network wirelessly better than ever, sharing Internet access, files and fun, easily and securely. How does the Wireless-G VPN Router do all of this? A router is a device that allows access to an Internet connection over a network. With the Wireless-G VPN Router, this access can be shared over the four switched ports or via the wireless network, broadcast at either 11Mbps for Wireless-B or 54Mbps for Wireless-G. To protect your data and privacy, the Wireless-G VPN Router can encrypt all wireless transmissions with up to 128-bit WEP encryption and supports the WPA standard, which provides greater security opportunities. The Router also has a powerful Stateful Packet Inspection (SPI) firewall and Network Address Translation (NAT) technology to protect your PCs against intruders and most known Internet attacks. Its Virtual Private Network (VPN) function creates encrypted "tunnels" through the Internet so up to 50 remote or traveling users can securely connect to your office network from off-site, or users in your branch office can connect to a corporate network. All of these security features, as well as full configurability, are accessed through the easy-to-use browser-based utility. But what does all of this mean? Networks are useful tools for sharing computer resources. You can access one printer from different computers and access data located on another computer's hard drive. Networks are even used for playing multiplayer video games. So, networks are not only useful in homes and offices, they can also be fun. PCs on a wired network create a LAN, or Local Area Network. They are connected with Ethernet cables, which is why the network is called "wired". PCs equipped with wireless cards or adapters can communicate without cumbersome cables. By sharing the same wireless settings, within their transmission radius, they form a wireless network. The Wireless-G VPN Router bridges wireless networks of both 802.11b and 802.11g standards and wired networks, allowing them to communicate with each other. With your networks all connected, wired, wireless, and the Internet, you can now share files and Internet access--and even play games. All the while, the Wireless-G VPN Router protects your networks from unauthorized and unwelcome users. vpn (virtual private network): A security measure to protect data as it leaves one network and goes to another over the Internet 802.11b: an IEEE wireless networking standard that specifies a maximum data transfer rate of 11Mbps and an operating frequency of 2.4GHz 802.11g: an IEEE wireless networking standard that specifies a maximum data transfer rate of 54Mbps, an operating frequency of 2.4GHz, and backward compatibility with 802.11b devices wpa (wi-fi protected acc ...