Page 41 / 128 Scroll up to view Page 36 - 40
32
Chapter 4: Configuring the Gateway
The Wireless Tab
Wireless-G ADSL Gateway with 2 Phone Ports
Wireless Access Tab
Wireless Network Access
Selecting
Allow All,
from the Wireless Access tab, allows access to the wireless network from any PC. To restrict
access to the network, select
Restrict Access
, then select
Prevent
to prevent access
or Permit only
to permit
access. Click the
Edit
MAC Address Access List
button, and the screen will appear.
Select the MAC Address
from the list
and click
Wireless Client MAC List
.
When finished making your changes on this tab, click the
Save Settings
button to save these changes, or click
the
Cancel Changes
button to undo your changes.
Figure 4-22: Wireless Tab - Wireless Network Access
Figure 4-23: MAC Address Access/Filter List
Downloaded from
www.Manualslib.com
manuals search engine
Page 42 / 128
33
Chapter 4: Configuring the Gateway
The Wireless Tab
Wireless-G ADSL Gateway with 2 Phone Ports
Advanced Wireless Settings Tab
Advanced Wireless
On this screen you can access the Advanced Wireless features, including Authentication Type, Basic Data Rates,
Control Tx Rates, Beacon Interval, DTIM Interval, RTS Threshold, and Fragmentation Threshold.
Authentication Type
. The default is set to
Auto
, which allows either Open System or Shared Key authentication
to be used. For Open System authentication, the sender and the recipient won’t use a WEP key for authentication
but can use WEP for data encryption. If you want to allow Open System authentication, select
Open System
. For
Shared Key authentication, the sender and recipient use a WEP key for both authentication and data encryption.
If you want to use only Shared Key authentication, select
Shared Key
. This option should be left in the default
(Auto) mode, as some clients cannot be configured for Shared Key.
Control Tx Rates
. The default transmission rate is
Auto
. The range is from 1 to 54Mbps. The rate of data
transmission should be set depending on the speed of your wireless network. Select from the range of speeds, or
have the Gateway automatically use the fastest possible data rate, be default, and enable the Auto-Fallback
feature.
Beacon Interval
. The default value is
100
. Enter a value between 1 and 65,535 milliseconds. The Beacon Interval
value indicates the frequency interval of the beacon. A beacon is a packet broadcast by the Gateway to
synchronize the wireless network.
DTIM Interval
. The default value is
3
. This value, between 1 and 255, indicates the interval of the Delivery Traffic
Indication Message (DTIM). A DTIM field is a countdown field informing clients of the next window for listening to
broadcast and multicast messages. When the Gateway has buffered broadcast or multicast messages for
associated clients, it sends the next DTIM with a DTIM Interval value. Its clients hear the beacons and awaken to
receive the broadcast and multicast messages.
Fragmentation Threshold
. This value should remain at its default setting of
2346
. The range is 256-2346 bytes.
It specifies the maximum size of a packet before data is fragmented into multiple packets. If you experience a
high packet error rate, you may slightly increase the Fragmentation Threshold. Setting the Fragmentation
Threshold too low may result in poor network performance. Only minor modifications of this value are
recommended.
RTS Threshold
. This value should remain at its default setting of
2347
. The range is 0-2347 bytes. If you
encounter inconsistent data flow, only make minor modifications. If a network packet is smaller than the preset
RTS threshold size, the RTS/CTS mechanism will not be enabled. The Gateway sends Request to Send (RTS)
frames to a particular receiving station and negotiates the sending of a data frame. After receiving an RTS, the
wireless station responds with a Clear to Send (CTS) frame to acknowledge the right to begin transmission.
Figure 4-24: Wireless Tab - Advanced Wireless Settings
Downloaded from
www.Manualslib.com
manuals search engine
Page 43 / 128
34
Chapter 4: Configuring the Gateway
The Security Tab
Wireless-G ADSL Gateway with 2 Phone Ports
The Security Tab
Firewall
When you click the
Security
tab, you will see the
Firewall
screen. This screen contains Filters and the option to
Block WAN Requests. Filters block specific Internet data types and block anonymous Internet requests. To add
Firewall Protection, click
Enable
. If you do not want Firewall Protection, click
Disable
.
Additional Filters
Filter Proxy
. Use of proxy servers may compromise the Gateway's security. If this box is checked, you will be
unable to access any proxy servers. To enable proxy filtering, click
Enabled
.
Filter Cookies
. A cookie is data stored on your computer and used by Internet sites when you interact with them.
To enable cookie filtering, click
Enabled
.
Filter Java Applets
. Java is a programming language for websites. If you deny Java Applets, you run the risk of
not having access to Internet sites created using this programming language. To enable Java Applet filtering,
click
Enabled
.
Filter ActiveX
. ActiveX is a programming language for websites. If you enable ActiveX filtering, you may not have
access to Internet sites created using this programming language. To enable ActiveX filtering, click
Enabled
.
Block WAN requests
Block Anonymous Internet Requests
. This keeps your network from being “pinged” or detected and reinforces
your network security by hiding your network ports, so it is more difficult for intruders to discover your network.
Select
Block Anonymous Internet Requests
to block anonymous Internet requests or de-select it
to allow
anonymous Internet requests.
When finished making your changes on this tab, click the
Save Settings
button to save these changes, or click
the
Cancel Changes
button to undo your changes.
Figure 4-25: Security Tab - Firewall
Downloaded from
www.Manualslib.com
manuals search engine
Page 44 / 128
35
Chapter 4: Configuring the Gateway
The Security Tab
Wireless-G ADSL Gateway with 2 Phone Ports
VPN
Virtual Private Networking (VPN) is a security measure that basically creates a secure connection between two
remote locations. The VPN screen allows you to configure your VPN settings to make your network more secure.
VPN Passthrough
IPSec Passthrough
. Internet Protocol Security (IPSec) is a suite of protocols used to implement secure exchange
of packets at the IP layer. To allow IPSec Passthrough, click the
Enable
button. To disable IPSec Passthrough,
click the
Disable
button.
PPPoE Passthrough
. The PPPoE (Point-to-Point Protocol over Ethernet) option is included for those users who
wish to disable PPPoE sessions. This option is enabled by default. To disable PPPoE Passthrough, click the
Disable
button.
PPTP Passthrough
. Point-to-Point Tunneling Protocol Passthrough is the method used to enable VPN sessions to
a Windows NT 4.0 or 2000 server. To allow PPTP Passthrough, click the
Enable
button. To disable PPTP
Passthrough, click the
Disable
button.
L2TP Passthrough
. Layering 2 Tunneling Protocol Passthrough is an extension of the Point-to-Point Tunneling
Protocol (PPTP) used to enable the operation of a VPN over the Internet.To allow L2TP Passthrough, click the
Enable
button. To disable L2TP Passthrough, click the
Disable
button.
IPSec VPN Tunnel
The VPN Gateway creates a tunnel or channel between two endpoints, so that the data or information between
these endpoints is secure.
To establish this tunnel, select the tunnel you wish to create in the Select Tunnel Entry drop-down box.
It is
possible to create up to five simultaneous tunnels. Then click
Enabled
to enable the IPSec VPN tunnel. Once the
tunnel is enabled, enter the name of the tunnel in the Tunnel Name field.
This is to allow you to identify multiple
tunnels and does not have to match the name used at the other end of the tunnel. To delete a tunnel entry, select
the tunnel, then click
Delete
. To view a summary of the settings, click
Summary
.
Local Secure Group and Remote Secure Group
. The Local Secure Group is the computer(s) on your network
that can access the tunnel. The Remote Secure Group is the computer(s) on the remote end of the tunnel that can
access the tunnel. These computers can be specified by a Subnet, specific IP address, or range.
Local Security Gateway
. This pull-down menu will provide you with your available Internet connection options.
Figure 4-26: Security Tab - VPN
Figure 4-27: VPN Settings Summary
Downloaded from
www.Manualslib.com
manuals search engine
Page 45 / 128
36
Chapter 4: Configuring the Gateway
The Security Tab
Wireless-G ADSL Gateway with 2 Phone Ports
Remote Security Gateway
. The Remote Security Gateway is the VPN device, such as a second VPN Gateway, on
the remote end of the VPN tunnel. Enter the IP Address or Domain of the VPN device at the other end of the tunnel.
The remote VPN device can be another VPN Gateway, a VPN Server, or a computer with VPN client software that
supports IPSec. The IP Address may either be static (permanent) or dynamic (changing), depending on the
settings of the remote VPN device.
Make sure that you have entered the IP Address correctly, or the connection
cannot be made.
Remember, this is NOT the IP Address of the local VPN Gateway, but the IP Address of the
remote VPN Gateway or device with which you wish to communicate. If you enter an IP address, only the specific
IP Address will be able to acess the tunnel. If you select
Any
, any IP Address can access the tunnel.
Encryption. Using Encryption also helps make your connection more secure.
There are two different types
of encryption: DES or 3DES (3DES is recommended because it is more secure).
You may choose either of
these, but it must be the same type of encryption that is being used by the VPN device at the other end of
the tunnel.
Or, you may choose not to encrypt by selecting Disable. DES is selected by default.
Authentication. Authentication acts as another level of security.
There are two types of authentication:
MD5 and SHA (SHA is recommended because it is more secure).
As with encryption, either of these may
be selected, if the VPN device at the other end of the tunnel is using the same type of authentication.
Or,
both ends of the tunnel may choose to Disable authentication.
In the Manual Key Management screen,
MD5 (the default) has been selected.
Key Management
. Select
Auto (IKE)
or
Manual
from the drop-down menu. The two methods are described
below.
Auto (IKE). Select
Auto (IKE)
and enter a series of numbers or letters in the Pre-shared Key field. Based
on this word, which MUST be entered at both ends of the tunnel if this method is used, a key is generated
to scramble (encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted).
You may use any combination of up to 24 numbers or letters in this field. No special characters or spaces
are allowed. In the Key Lifetime field, you may select to have the key expire at the end of a time period.
Enter the number of seconds you’d like the key to be useful, or leave it blank for the key to last
indefinitely. Check the box next to PFS (Perfect Forward Secrecy) to ensure that the initial key exchange
and IKE proposals are secure.
Manual. Select
Manual,
then select the Encryption Algorithm from the drop-down menu. Enter the
Encryption Key in the field (if you chose DES for your Encryption Algorithm, enter 16 hexadecimal
characters, if you chose 3DES, enter 48 hexadecimal characters). Select the Authentication Algorithm
from the drop-down menu. Enter the Authentication Key in the field (if you chose MD5 for your
Authentication Algorithm, enter 32 hexadecimal characters, if you chose SHA1, enter 40 hexadecimal
characters). Enter the Inbound and Outbound SPIs in the respective fields.
Status
. The status of the connection is shown.
Figure 4-29: Manual Key Management
Figure 4-28: Auto Key Management
Downloaded from
www.Manualslib.com
manuals search engine

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top