1. Home
    2. /
  2. Manuals
    3. /
  3. Linksys
    4. /
  4. WAG325N
    5. /
  5. 4
Page 16 / 43 Scroll up to view Page 11 - 15
Chapter±3
Advanced Configuration
W±reless-N ADSL2+ Gateway
Security Mode > WPA2-Enterprise
Encrypt±on
The method is
TKIP
or
AES
.
RADIUS Server
Enter the IP address of the RADIUS
server.
RADIUS Port
Enter the port number of the RADIUS
server.
Shared Key
Enter the key shared between the device
and its RADIUS server.
Key Renewal.
Enter the Key Renewal period, which
tells the device how often it should change the dynamic
encryption keys. WPA2-Enterprise.
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.
WPA-Enterprise (May affect wireless performance. WPA2
recommended)
WPA-Enterprise features WPA used with a RADIUS server.
(This method should only be used when the device is
connected to a RADIUS server.)
Security Mode > WPA-Enterprise
Encrypt±on.
The method is
TKIP
or
AES
.
RADIUS Server.
Enter the IP address of the RADIUS
server.
RADIUS Port.
Enter the port number of the RADIUS
server.
Shared Key
Enter the key shared between the device
and its RADIUS server.
Key Renewal
Enter the Key Renewal period, which tells
the device how often it should change the dynamic
encryption keys.
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.v
RADIUS (May affect wireless performance. WPA2 recom-
mended)
This option features WEP used in coordination with a
RADIUS server. (This should only be used when a RADIUS
server is connected to the device.)
Security Mode > RADIUS
RADIUS Server
Enter the IP address of the RADIUS
server.
RADIUS Port
Enter the port number of the RADIUS
server.
Shared Key
Enter the key shared between the device
and its RADIUS server.
Encrypt±on.
Select the appropriate level of encryption,
40/64-bit (10 hex digits) or 104/128-bit (26 hex digits). A
higher level of encryption is more secure.
Passphrase
Instead of manually entering WEP keys, you
can enter a Passphrase. It is case-sensitive and should not be
longer than 32 alphanumeric characters. (This Passphrase
function is compatible with Linksys wireless products only
and cannot be used with Windows XP Zero Configuration.
If you want to communicate with non-Linksys wireless
products or Windows XP Zero Configuration, make a note
of the WEP keys generated, and enter the appropriate one
manually in the wireless computer or client.) If you want
to use a Passphrase, then enter it in the Passphrase field
and click the Generate button.
Keys 1-².
If you are not using a Passphrase, then manually
enter a set of values. (Do not leave a key field blank, and
do not enter all zeroes; they are not valid key values.) If
you are using 40/64-bit WEP encryption, the key must be
exactly 10 hexadecimal characters in length. If you are
using 104/128-bit WEP encryption, the key must be exactly
Page 17 / 43
Chapter±3
Advanced Configuration
W±reless-N ADSL2+ Gateway
26 hexadecimal characters in length. Valid hexadecimal
characters are “0”-“9” and “A”-“F”.
TX Key.
To indicate which WEP key to use, select a default
Transmit (TX) Key number.
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.
WEP (May affect wireless performance. WPA2 recommend-
ed)
Security Mode > WEP
Encrypt±on
Select a level of WEP encryption,
´²-b±t
or
128-b±t
.
Passphrase
Enter a Passphrase to automatically generate
WEP keys. Then click
Generate
.
NOTE:
The WEP Passphrase is compatible with
Linksys wireless products only. If you are use non-
Linksys products, manually enter the appropriate
WEP key on those devices.
WEP Key 1-²
If you did not enter a Passphrase, enter the
WEP key(s) manually.
TX Key
Select which TX (Transmit) Key to use. The default
is
1
.
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.
Wireless > Wireless Mac Filter
Wireless access can be filtered by using the MAC addresses
of the wireless devices transmitting within your network’s
radius.
Wireless > Wireless MAC Filter
Wireless MAC Filter
To filter wireless users by MAC Address, either permitting
or blocking access, click
Enabled.
If you do not wish to
filter users by MAC Address, select
D±sabled
.
Access Restrictions
Block. Click this button to block wireless access from the
devices listed on this screen.
Permit. Click this button to allow wireless access by the
devices listed on this screen.
MAC Address Filter List
Click the
W±reless Cl±ent L±st
button to display the Wireless
Client List. It shows computers and other devices on the
wireless network. The list can be sorted by Client Name,
Interface, IP address, MAC Address, and Status. Click the
Add to MAC F±lter L±st
checkbox for any device you want
to add to the MAC Address Filter List. Then click the
Add
button. To retrieve the most up-to-date information, click
the
Refresh
button. To exit this screen and return to the
Wireless MAC Filter screen, click the
Close
button.
Page 18 / 43
Chapter±3
Advanced Configuration
W±reless-N ADSL2+ Gateway
MAC 01-³0
Enter the MAC addresses of the devices
whose wireless access you want to block or allow
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.
Wireless > Advanced Wireless Settings
This
Advanced Wireless Settings
screen is used to set up the
Gateway’s advanced wireless functions. These settings
should only be adjusted by an expert administrator as
incorrect settings can reduce wireless performance.
Wireless > Advanced Wireless Settings
Advanced Wireless
AP Isolat±on.
This isolates all wireless clients and wireless
devices on your network from each other. Wireless devices
will be able to communicate with the Gateway but not
with each other. To use this function, click Enabled. AP
Isolation is disabled by default.
Authent±cat±on Type
The default is
Auto
, which allows
either Open System or Shared Key authentication to be
used. With Open System authentication, the sender and
the recipient do NOT use a WEP key for authentication.
With Shared Key authentication, the sender and recipient
use a WEP key for authentication. Select
Shared Key
to
only use Shared Key authentication.
Bas±c Rate
The Basic Rate setting is not actually one rate
of transmission but a series of rates at which the device
can transmit. The device will advertise its Basic Rate to the
other wireless devices in your network, so they know which
rates will be used. The device will also advertise that it will
automatically select the best rate for transmission. The
default setting is Default, when the device can transmit
at all standard wireless rates (1-2Mbps, 5.5Mbps, 11Mbps,
18Mbps, and 24Mbps). Other options are 1-2Mbps, for use
with older wireless technology, and All, when the device
can transmit at all wireless rates.
Transm±ss±on Rate
The rate of data transmission should
be set depending on the speed of your wireless network.
You can select from a range of transmission speeds, or you
can select Auto to have the device automatically use the
fastest possible data rate and enable the Auto-Fallback
feature. Auto-Fallback will negotiate the best possible
connection speed between the device and a wireless
client. The default setting is Auto.
N Transm±ss±on Rate
The rate of data transmission
should be set depending on the speed of your Wireless-N
networking. You can select from a range of transmission
speeds, or you can select Auto to have the device
automatically use the fastest possible data rate and enable
the Auto-Fallback feature. Auto-Fallback will negotiate the
best possible connection speed between the device and a
wireless client. The default setting is Auto.
CTS Protect±on Mode.
CTS (Clear-To-Send) Protection
Mode’s default setting is Disabled. Select
Auto
so the
device will automatically use CTS Protection Mode when
your Wireless-N and Wireless-G products are experiencing
severe problems and are not able to transmit to the
device in an environment with heavy 802.11b traffic. This
function boosts the device’s ability to catch all Wireless-
N and Wireless-G transmissions but will severely decrease
performance.
Beacon Interval
Enter a value between 1 and 65,535
milliseconds. The Beacon Interval value indicates the
frequency interval of the beacon. A beacon is a packet
broadcast by the Gateway to synchronize the wireless
network(s). The default value is
100
.
DTIM Interval
This value, between 1 and 255, indicates
the interval of the Delivery Traffic Indication Message
(DTIM). A DTIM field is a countdown field informing
clients of the next window for listening to broadcast and
multicast messages. When the Gateway has buffered
broadcast or multicast messages for associated clients, it
sends the next DTIM with a DTIM Interval value. Its clients
hear the beacons and awaken to receive the broadcast
and multicast messages. The default value is
1
.
Fragmentat±on
Threshold
This
value
specifies
the
maximum size for a packet before data is fragmented
into multiple packets. If you experience a high packet
error rate, you may slightly increase the Fragmentation
Threshold. Setting the Fragmentation Threshold too low
may result in poor network performance. Only minor
Page 19 / 43
Chapter±3
Advanced Configuration
18
W±reless-N ADSL2+ Gateway
reduction of the default value is recommended. In most
cases, it should remain at its default value of
23²´
.
RTS
Threshold
Should
you
encounter
inconsistent
data flow, only minor reduction of the default,
23²´
, is
recommended. If a network packet is smaller than the
preset RTS threshold size, the RTS/CTS mechanism will
not be enabled. The Gateway sends Request to Send (RTS)
frames to a particular receiving station and negotiates
the sending of a data frame. After receiving an RTS, the
wireless station responds with a Clear to Send (CTS) frame
to acknowledge the right to begin transmission. The RTS
Threshold value should remain at its default value of
23²´
.
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.
Security > Firewall
The
Firewall
screen is used to configure a firewall that
can filter out various types of unwanted traffic on the
Gateway’s local network.
Security > Firewall
Firewall
SPI F±rewall Protect±on
To use firewall protection,
keep the default selection,
Enable
. To turn off firewall
protection, select
D±sable
.
Filters
F±lter Proxy
Use of WAN proxy servers may compromise
the Gateway’s security. Denying Proxy will disable access
to any WAN proxy servers. Select
F±lter Proxy
to enable
proxy filtering. Deselect the feature to allow proxy access
.
F±lter Java Applets
Java is a programming language for
websites. If you deny Java, you run the risk of not having
access to Internet sites created using this programming
language. Select
F±lter Java Applets
to enable Java
filtering. Deselect the feature to allow Java usage
.
F±lter Cook±es
A cookie is data stored on your computer
and used by Internet sites when you interact with them.
Select
F±lter Cook±es
to filter cookies. Deselect the feature
to allow cookie usage
.
F±lter Act±veX
ActiveX is a programming language for
websites. If you deny ActiveX, you run the risk of not having
access to Internet sites created using this programming
language. Select
F±lter Act±veX
to enable ActiveX filtering.
Deselect the feature to allow ActiveX usage
.
Block WAN Requests
Block
Anonymous
Internet
Requests
This
feature
makes it more difficult for outside users to work their
way into your network. This feature is selected
by default.
Deselect the feature to allow anonymous Internet
requests
.
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.
Security > VPN Passthrough
The
VPN  Passthrough
screen allows you to enable VPN
tunnels using IPSec, PPTP, or L2TP protocols to pass through
the Gateway’s firewall.
Security > VPN Passthrough
VPN Passthrough
IPSec Passthrough
Internet Protocol Security (IPSec) is
a suite of protocols used to implement secure exchange
of packets at the IP layer. To allow IPSec tunnels to pass
through the Gateway, keep the default,
Enable
.
PPTP Passthrough
Point-to-Point Tunneling Protocol
(PPTP) allows the Point-to-Point Protocol (PPP) to be
tunneled through an IP network. To allow PPTP tunnels to
pass through the Gateway, keep the default,
Enable
.
L2TP Passthrough
Layer 2 Tunneling Protocol is the
method used to enable Point-to-Point sessions via the
Internet on the Layer 2 level. To allow L2TP tunnels to pass
through the Gateway, keep the default,
Enable
.
Click
Save Sett±ngs
to apply your changes, or click
Cancel
Changes
to cancel your changes.
Page 20 / 43
Chapter±3
Advanced Configuration
19
W±reless-N ADSL2+ Gateway
Security > VPN
Security > VPN Tunnel
Establishing a Tunnel
The Gateway creates a tunnel or channel between two
endpoints, so that the data or information between these
endpoints is secure.
To establish this tunnel, select the
tunnel you wish to create in the Select Tunnel Entry drop-
down box.
It is possible to create up to two simultaneous
tunnels. To delete a tunnel, click the
Delete
button. To view
a summary of that tunnel, click the
Summary
button.
VPN Summary
Then check the box next to
Enable
to enable the tunnel.
Once the tunnel is enabled, enter the name of the tunnel
in the Tunnel Name field.
This is to allow you to identify
multiple tunnels and does not have to match the name
used at the other end of the tunnel.
Local Secure Group and Remote Secure Group
A Local Secure Group is a computer(s) on your network
that can access the tunnel. A Remote Secure Group is a
computer (s) on the remote end of the tunnel that can
access the tunnel. Under Local Secure Group, you may
choose from Subnet and IP address. Under Remote Secure
Group, you may choose from IP address, Subnet, and Any.
Subnet
If you select Subnet (which is also the default),
this will allow all computers on the local subnet to access
the tunnel. When using the Subnet setting, the default
values of 0 should remain in the last fields of the IP and
Mask settings.
IP Address
If you select IP Address, only the computer
with the specific IP address that you enter will be able to
access the tunnel.
Any
If you select Any for the Remote Security Group, the
local VPN Router will accept a request from any IP address.
This setting should be chosen when the other endpoint is
using DHCP or PPPoE on the Internet side.
Remote Security Gateway
The Remote Security Gateway is the VPN device, such as a
second VPN Router, on the remote end of the VPN tunnel.
Under Remote Security Gateway, you have three options:
IP address, FQDN, and Any. In this section, you can also set
the levels and types of encryption and authentication.
IP Address
If you select IP Address, enter the IP address of
the VPN device at the other end of the tunnel. The remote
VPN device can be another VPN Router, a VPN Server, or
a computer with VPN client software that supports IPSec.
The IP address may either be static (permanent) or dynamic
(changing), depending on the settings of the remote VPN
device.
Make sure that you have entered the IP address
correctly, or the connection cannot be made.
Remember,
this is NOT the IP address of the local VPN Router, but the
IP address of the remote VPN Router or device with which
you wish to communicate.
FQDN (Fully Qual±f±ed Doma±n Name)
If you select
FQDN, enter the FQDN of the VPN device at the other
end of the tunnel. The remote VPN device can be another
VPN Router, a VPN Server, or a computer with VPN client
software that supports IPSec.
The FQDN is the host name
and domain name for a specific computer on the Internet,
for example, vpn.myvpnserver.com.
Any
If you select Any for the Remote Security Gateway,
the VPN device at the other end of the tunnel will accept
a request from any IP address. The remote VPN device can
be another VPN Router, a VPN Server, or a computer with
VPN client software that supports IPSec. If the remote
user has an unknown or dynamic IP address (such as a
professional on the road or a telecommuter using DHCP
or PPPoE), then Any should be selected.
Encrypt±on
Using encryption helps make your connection
more secure. The encryption type used must be the same
type of encryption that is being used by the VPN device
at the other end of the tunnel. You may choose not to
encrypt by selecting Disable.

Rate

4.5 / 5 based on 2 votes.

Popular Linksys Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top