Page 31 / 95 Scroll up to view Page 26 - 30
24
Chapter 5: Configuring the Gateway
The Wireless Tab
Wireless-G ADSL Gateway
with Windows XP Zero Configuration. If you want to communicate with non-Linksys wireless products or
Windows XP Zero Configuration, make a note of the WEP key generated in the Key 1 field, and enter it
manually in the wireless client.) After you enter the Passphrase, click the
Generate
button to create WEP
keys.
Default Key
Select which WEP key (1-4) will be used when the Gateway sends data. Make sure that the
receiving device (wireless client) is using the same key.
WEP Keys 1-4. WEP keys enable you to create an encryption scheme for wireless network transmissions. If
you are not using a Passphrase, then manually enter a set of values. (Do not leave a key field blank, and do
not enter all zeroes; they are not valid key values.)
If you are using 64-bit WEP encryption, the key must be exactly 10 hexadecimal characters in length. If you
are using 128-bit WEP encryption, the key must be exactly 26 hexadecimal characters in length. Valid
hexadecimal characters are “0”-“9” and “A”-“F”.
When finished making your changes on this tab, click the
Save Settings
button to save these changes, or click
the
Cancel Changes
button to undo your changes.
Wireless Network Access
(See Figure 5-15.)
Wireless Network Access. If you select
Allow All
, all computers will be allowed access to the wireless network.
To restrict access to the network, select
Restrict Access to Computers below
. Click the
Select
MAC Address
From Networked Computers
button, and the screen in Figure 5-16 will appear.
Select the
MAC Address
from the list
and click the
Select
box, then click the
Select
button.
Click the
Refresh
button if you want to refresh the screen. Click the
Close
button to return to the previous screen.
When finished making your changes on this tab, click the
Save Settings
button to save these changes, or click
the
Cancel Changes
button to undo your changes.
Figure 5-15: Wireless Network Access
Figure 5-16: Networked Computers
Page 32 / 95
25
Chapter 5: Configuring the Gateway
The Wireless Tab
Wireless-G ADSL Gateway
Advanced Wireless Settings
(See Figure 5-17.)
On this screen you can access the Advanced Wireless features, including Authentication Type, Basic Data Rates,
Control Tx Rates, Beacon Interval, DTIM Interval, RTS Threshold, and Fragmentation Threshold.
Control Tx Rates. The default transmission rate is Auto. The range is from 1 to 54Mbps. The rate of data
transmission should be set depending on the speed of your wireless network. You can select from a range of
transmission speeds, or keep the default setting,
Auto
, to have the Gateway automatically use the fastest
possible data rate and enable the Auto-Fallback feature. Auto-Fallback will negotiate the best possible
connection speed between the Gateway and a wireless client.
Beacon Interval. The default value is 100. Enter a value between 1 and 65,535 milliseconds. The Beacon
Interval value indicates the frequency interval of the beacon. A beacon is a packet broadcast by the Gateway
to synchronize the wireless network.
DTIM Interval. The default value is 3. This value, between 1 and 255, indicates the interval of the Delivery
Traffic Indication Message (DTIM). A DTIM field is a countdown field informing clients of the next window for
listening to broadcast and multicast messages. When the Gateway has buffered broadcast or multicast
messages for associated clients, it sends the next DTIM with a DTIM Interval value. Its clients hear the
beacons and awaken to receive the broadcast and multicast messages.
Fragmentation Threshold. This value should remain at its default setting of 2346. The range is 256-2346
bytes. It specifies the maximum size for a packet before data is fragmented into multiple packets. If you
experience a high packet error rate, you may slightly increase the Fragmentation Threshold. Setting the
Fragmentation Threshold too low may result in poor network performance. Only minor modifications of this
value are recommended.
RTS Threshold. This value should remain at its default setting of 2347. The range is 0-2347 bytes. Should you
encounter inconsistent data flow, only minor modifications are recommended. If a network packet is smaller
than the preset RTS threshold size, the RTS/CTS mechanism will not be enabled. The Gateway sends Request
to Send (RTS) frames to a particular receiving station and negotiates the sending of a data frame. After
receiving an RTS, the wireless station responds with a Clear to Send (CTS) frame to acknowledge the right to
begin transmission.
Authentication Type. The default is set to Auto (default), which allows either Open System or Shared Key
authentication to be used. For Open System authentication, the sender and the recipient do not use a WEP
key for authentication but can use WEP for data encryption. If you want to allow on Open System
authentication, then select
Open System
. For Shared Key authentication, the sender and recipient use a WEP
key for both authentication and data encryption. If you want to use only Shared Key authentication, then
select
Shared Key
. It is recommended that this option be left in the default (Auto) mode, because some
clients cannot be configured for Shared Key.
Figure 5-17: Advanced Wireless Settings
Page 33 / 95
26
Chapter 5: Configuring the Gateway
The Security Tab
Wireless-G ADSL Gateway
The Security Tab
Firewall
When you click the Security tab, you will see the Firewall screen (see Figure 5-18). This screen contains Filters
and the option to Block WAN Requests. Filters block specific Internet data types and block anonymous Internet
requests.
Firewall. To add Firewall Protection, click
Enabled
. If you do not want Firewall Protection, click
Disabled
.
Additional Filters
Filter Proxy. Use of WAN proxy servers may compromise the Gateway's security. Denying Filter Proxy will
disable access to any WAN proxy servers. To enable proxy filtering, click
Enabled
.
Filter Cookies. A cookie is data stored on your computer and used by Internet sites when you interact with
them. To enable cookie filtering, click
Enabled
.
Filter Java Applets. Java is a programming language for websites. If you deny Java Applets, you run the risk
of not having access to Internet sites created using this programming language. To enable Java Applet
filtering, click
Enabled
.
Filter ActiveX. ActiveX is a programming language for websites. If you deny ActiveX, you run the risk of not
having access to Internet sites created using this programming language. To enable ActiveX filtering, click
Enabled
.
Block WAN requests
Block Anonymous Internet Requests. This keeps your network from being “pinged” or detected and
reinforces your network security by hiding your network ports, so it is more difficult for intruders to discover
your network. Select
Block Anonymous Internet Requests
to block anonymous Internet requests or de-
select it
to allow anonymous Internet requests.
Click
View Logs
to view a log of any firewall events.
When finished making your changes on this tab, click the
Save Settings
button to save these changes, or click
the
Cancel Changes
button to undo your changes.
Figure 5-18: Firewall
Page 34 / 95
27
Chapter 5: Configuring the Gateway
The Security Tab
Wireless-G ADSL Gateway
VPN
Virtual Private Networking (VPN) is a security measure that basically creates a secure connection between two
remote locations. The VPN screen, shown in Figure 5-19, allows you to configure your VPN settings to make your
network more secure.
VPN Passthrough
IPSec Passthrough. Internet Protocol Security (IPSec) is a suite of protocols used to implement secure
exchange of packets at the IP layer. To allow IPSec Passthrough, click the
Enabled
button. To disable IPSec
Passthrough, click the
Disabled
button.
PPTP Passthrough. Point-to-Point Tunneling Protocol Passthrough is the method used to enable VPN sessions
to a Windows NT 4.0 or 2000 server. To allow PPTP Passthrough, click the
Enabled
button. To disable PPTP
Passthrough, click the
Disabled
button.
IPSec VPN Tunnel
The VPN Gateway creates a tunnel or channel between two endpoints, so that the data or information between
these endpoints is secure.
To establish this tunnel, select the tunnel you wish to create in the Select Tunnel Entry drop-down box.
It is
possible to create up to five simultaneous tunnels. Then click
Enabled
to enable the IPSec VPN tunnel. Once
the tunnel is enabled, enter the name of the tunnel in the Tunnel Name field.
This is to allow you to identify
multiple tunnels and does not have to match the name used at the other end of the tunnel.
Local Secure Group and Remote Secure Group. The Local Secure Group is the computer(s) on your LAN that
can access the tunnel. The Remote Secure Group is the computer(s) on the remote end of the tunnel that can
access the tunnel. These computers can be specified by a Subnet, specific IP address, or range.
Remote Security Gateway. The Remote Security Gateway is the VPN device, such as a second VPN Gateway,
on the remote end of the VPN tunnel. Enter the IP Address or Domain of the VPN device at the other end of the
tunnel. The remote VPN device can be another VPN Gateway, a VPN Server, or a computer with VPN client
software that supports IPSec. The IP Address may either be static (permanent) or dynamic (changing),
depending on the settings of the remote VPN device.
Make sure that you have entered the IP Address
correctly, or the connection cannot be made.
Remember, this is NOT the IP Address of the local VPN
Gateway, but the IP Address of the remote VPN Gateway or device with which you wish to communicate. If
you enter an IP address, only the specific IP Address will be able to acess the tunnel. If you select
Any
, any IP
Address can access the tunnel.
Figure 5-19: VPN
Page 35 / 95
28
Chapter 5: Configuring the Gateway
The Security Tab
Wireless-G ADSL Gateway
Encryption. Using Encryption also helps make your connection more secure.
There are two different types of
encryption: DES or 3DES (3DES is recommended because it is more secure).
You may choose either of
these, but it must be the same type of encryption that is being used by the VPN device at the other end of the
tunnel.
Or, you may choose not to encrypt by selecting Disable.
In Figure 5-19, DES (which is the default)
has been selected.
Authentication. Authentication acts as another level of security.
There are two types of authentication: MD5
and SHA (SHA is recommended because it is more secure).
As with encryption, either of these may be
selected, if the VPN device at the other end of the tunnel is using the same type of authentication.
Or, both
ends of the tunnel may choose to Disable authentication.
In Figure 5-19, MD5 (the default) has been
selected.
Key Management. Select
Auto (IKE)
or
Manual
from the drop-down menu. The two methods are described
below.Auto (IKE)
Select
Auto (IKE)
and enter a series of numbers or letters in the Pre-shared Key field. Based on this word,
which MUST be entered at both ends of the tunnel if this method is used, a key is generated to scramble
(encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted).
You may use any
combination of up to 24 numbers or letters in this field. No special characters or spaces are allowed. In the
Key Lifetime field, you may select to have the key expire at the end of a time period.
Enter the number of
seconds you’d like the key to be useful, or leave it blank for the key to last indefinitely. Check the box next to
PFS (Perfect Forward Secrecy) to ensure that the initial key exchange and IKE proposals are secure.
Manual (See Figure 5-20.)
Select
Manual,
then select the Encryption Algorithm from the drop-down menu. Enter the Encryption Key in
the field (if you chose DES for your Encryption Algorithm, enter 16 hexadecimal characters, if you chose
3DES, enter 48 hexadecimal characters). Select the Authentication Algorithm from the drop-down menu.
Enter the Authentication Key in the field (if you chose MD5 for your Authentication Algorithm, enter 32
hexadecimal characters, if you chose SHA1, enter 40 hexadecimal characters). Enter the Inbound and
Outbound SPIs in the respective fields.
Status. The status of the connection is shown.
Click the
Connect
button to connect your VPN tunnel. Click the View Logs button to view logs. Click the
Advanced Setting
button and the Advanced IPSec VPN Tunnel Setup screen will appear. See Figure 5-20.
When finished making your changes on this tab, click the
Save Settings
button to save these changes, or click
the
Cancel Changes
button to undo your changes.
Figure 5-20: Manual Key Management

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top