Page 11 / 95 Scroll up to view Page 6 - 10
4
Chapter 2: Planning your Network
The Gateway’s Functions
Wireless-G ADSL Gateway
Chapter 2: Planning your Network
The Gateway’s Functions
A Gateway is a network device that connects two networks together.
In this instance, the Gateway connects your Local Area Network (LAN), or the group of computers in your home or
office, to the Internet. The Gateway processes and regulates the data that travels between these two networks.
The Gateway’s NAT feature protects your network of computers so users on the public, Internet side cannot “see”
your computers.
This is how your network remains private. The Gateway protects your network by inspecting
every packet coming in through the Internet port before delivery to the appropriate computer on your network.
The Gateway inspects Internet port services like the web server, ftp server, or other Internet applications, and, if
allowed, it will forward the packet to the appropriate computer on the LAN side.
Remember that the Gateway’s ports connect to two sides. The LAN ports connect to the LAN, and the ADSL port
connects to the Internet.
The LAN ports transmit data at 10/100Mbps.
IP Addresses
What’s an IP Address?
IP stands for Internet Protocol. Every device on an IP-based network, including computers, print servers, and
Gateways, requires an IP address to identify its “location,” or address, on the network.
This applies to both the
Internet and LAN connections. There are two ways of assigning an IP address to your network devices. You can
assign static IP addresses or use the Gateway to assign IP addresses dynamically.
Static IP Addresses
A static IP address is a fixed IP address that you assign manually to a computer or other device on the network.
Since a static IP address remains valid until you disable it, static IP addressing ensures that the device assigned
it will always have that same IP address until you change it.
Static IP addresses must be unique and are
commonly used with network devices such as server computers or print servers.
LAN
: the computers and networking products that
make up your local network
NOTE:
Since the Gateway is a device that connects two
networks, it needs two IP addresses—one for the LAN,
and one for the Internet.
In this User Guide, you’ll see
references to the “Internet IP address” and the “LAN IP
address.”
Since the Gateway uses NAT technology, the only IP
address that can be seen from the Internet for your
network is the Gateway’s Internet IP address. However,
even this Internet IP address can be blocked, so that the
Gateway and network seem invisible to the Internet—
see the Block WAN Requests description under Security
in “Chapter 5: Configuring the Gateway.”
Figure 2-1: Network
Page 12 / 95
5
Chapter 2: Planning your Network
What is a VPN?
Wireless-G ADSL Gateway
Since you use the Gateway to share your DSL Internet connection, contact your ISP to find out if they have
assigned a static IP address to your account. If so, you will need that static IP address when configuring the
Gateway. You can get that information from your ISP.
Dynamic IP Addresses
A dynamic IP address is automatically assigned to a device on the network, such as computers and print servers.
These IP addresses are called “dynamic” because they are only temporarily assigned to the computer or device.
After a certain time period, they expire and may change. If a computer logs onto the network (or the Internet) and
its dynamic IP address has expired, the DHCP server will automatically assign it a new dynamic IP address.
DHCP (Dynamic Host Configuration Protocol) Servers
Computers and other network devices using dynamic IP addressing are assigned a new IP address by a DHCP
server. The computer or network device obtaining an IP address is called the DHCP client. DHCP frees you from
having to assign IP addresses manually every time a new user is added to your network.
A DHCP server can either be a designated computer on the network or another network device, such as the
Gateway. By default, the Gateway’s DHCP Server function is enabled.
If you already have a DHCP server running on your network, you must disable one of the two DHCP servers. If you
run more than one DHCP server on your network, you will experience network errors, such as conflicting IP
addresses. To disable DHCP on the Gateway, see the DHCP section in “Chapter 5: Configuring the Gateway.”
What is a VPN?
A VPN, or Virtual Private Network, is a connection between two endpoints - a VPN Gateway, for instance - in
different networks that allows private data to be sent securely over a shared or public network, such as the
Internet. This establishes a private network that can send data securely between these two locations or
networks.
This is done by creating a "tunnel". A VPN tunnel connects the two computers or networks and allows data to be
transmitted over the Internet as if it were still within those networks. Not a literal tunnel, it is a connection
secured by encrypting the data sent between the two networks.
VPN was created as a cost-effective alternative to using a private, dedicated, leased line for a private network.
Using industry standard encryption and authentication techniques - IPSec, short for IP Security - the VPN creates
a secure connection that, in effect, operates as if you were directly connected to your local network. Virtual
Private Networking can be used to create secure networks linking a central office with branch offices,
Page 13 / 95
6
Chapter 2: Planning your Network
Why do I need a VPN?
Wireless-G ADSL Gateway
telecommuters, and/or professionals on the road (travelers can connect to a VPN Gateway using any computer
with VPN client software that supports IPSec, such as SSH Sentinel.)
There are two basic ways to create a VPN connection:
VPN Gateway to VPN Gateway
Computer (using VPN client software that supports IPSec) to VPN Gateway
The VPN Gateway creates a “tunnel” or channel between two endpoints, so that data transmissions between
them are secure. A computer with VPN client software that supports IPSec can be one of the two endpoints. Any
computer with the built-in IPSec Security Manager (Microsoft 2000 and XP ) allows the VPN Gateway to create a
VPN tunnel using IPSec (refer to “Appendix C: Configuring IPSec between a Windows 2000 or XP computer and
the VPN Gateway”). Other versions of Microsoft operating systems require additional, third-party VPN client
software applications that support IPSec to be installed.
Computer (using VPN client software that supports IPSec) to VPN Gateway
The following is an example of a computer-to-VPN Gateway VPN. (See Figure 2-2.) In her hotel room, a traveling
businesswoman dials up her ISP. Her notebook computer has VPN client software that is configured with her
office's VPN settings. She accesses the VPN client software that supports IPSec and connects to the VPN Gate-
way at the central office. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the businesswoman
now has a secure connection to the central office's network, as if she were physically connected.
VPN Gateway to VPN Gateway
An example of a VPN Gateway-to-VPN Gateway VPN would be as follows. (See Figure 2-3.) At home, a
telecommuter uses his VPN Gateway for his always-on Internet connection. His Gateway is configured with his
office's VPN settings. When he connects to his office's Gateway, the two Gateways create a VPN tunnel,
encrypting and decrypting data. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the
telecommuter now has a secure connection to the central office's network, as if he were physically connected.
For additional information and instructions about creating your own VPN, please visit Linksys’s website at
www.linksys.com or refer to “Appendix C: Configuring IPSec between a Windows 2000 or XP computer and the
VPN Gateway.”
Why do I need a VPN?
Computer networking provides a flexibility not available when using a paper-based system. With this flexibility,
however, comes an increased risk in security. This is why firewalls were first introduced. Firewalls help to
IMPORTANT:
You must have at least one VPN
Gateway on one end of the VPN tunnel. At the
other end of the VPN tunnel, you must have a
second VPN Gateway or a computer with VPN
client software that supports IPSec.
Figure 2-2: Computer-to-VPN Gateway
Page 14 / 95
7
Chapter 2: Planning your Network
Why do I need a VPN?
Wireless-G ADSL Gateway
protect data inside of a local network. But what do you do once information is sent outside of your local network,
when emails are sent to their destination, or when you have to connect to your company's network when you are
out on the road? How is your data protected?
That is when a VPN can help. VPNs secure data moving outside of your network as if it were still within that
network.
When data is sent out across the Internet from your computer, it is always open to attacks. You may already have
a firewall, which will help protect data moving around or held within your network from being corrupted or
intercepted by entities outside of your network, but once data moves outside of your network - when you send
data to someone via email or communicate with an individual over the Internet - the firewall will no longer protect
that data.
At this point, your data becomes open to hackers using a variety of methods to steal not only the data you are
transmitting but also your network login and security data. Some of the most common methods are as follows:
1) MAC Address Spoofing
Packets transmitted over a network, either your local network or the Internet, are preceded by a packet header.
These packet headers contain both the source and destination information for that packet to transmit efficiently.
A hacker can use this information to spoof (or fake) a MAC address allowed on the network. With this spoofed
MAC address, the hacker can also intercept information meant for another user.
2) Data Sniffing
Data "sniffing" is a method used by hackers to obtain network data as it travels through unsecured networks,
such as the Internet. Tools for just this kind of activity, such as protocol analyzers and network diagnostic tools,
are often built into operating systems and allow the data to be viewed in clear text.
3) Man in the Middle Attacks
Once the hacker has either sniffed or spoofed enough information, he can now perform a "man in the middle"
attack. This attack is performed, when data is being transmitted from one network to another, by rerouting the
data to a new destination. Even though the data is not received by its intended recipient, it appears that way to
the person sending the data.
These are only a few of the methods hackers use and they are always developing more. Without the security of
your VPN, your data is constantly open to such attacks as it travels over the Internet. Data travelling over the
Internet will often pass through many different servers around the world before reaching its final destination.
That's a long way to go for unsecured data and this is when a VPN serves its purpose.
Figure 2-3: VPN Gateway-to-VPN Gateway
Page 15 / 95
8
Chapter 3: Getting to Know the Wireless-G ADSL Gateway
The Back Panel
Wireless-G ADSL Gateway
Chapter 3: Getting to Know the Wireless-G ADSL Gateway
The Back Panel
The Gateway’s ports, where a network cable is connected, are located on the back panel.
ADSL
The
ADSL
port connects to the ADSL line.
LAN (1-4)
The
LAN
(Local Area Network) ports connect to your computer and other network devices.
Power
The
Power
port is where you will connect the power adapter.
Reset Button
There are two ways to Reset the Gateway's factory defaults. Either press the
Reset Button
,
for approximately ten seconds, or restore the defaults from the Factory Defaults screen of the
Administration tab in the Gateway’s Web-Based Utility.
With these, and many other, Linksys products, your networking options are limitless. Go to the Linksys website at
www.linksys.com for more information about products that work with the Gateway.
Important:
Resetting the Gateway to factory
defaults will erase all of your settings (WEP
Encryption, Wireless and LAN settings, etc.)
and replace them with the factory defaults. Do
not reset the Gateway if you want to retain
these settings.
Figure 3-1: Back Panel

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top