Page 6 / 72 Scroll up to view Page 1 - 5
±
Introduction
Wireless-G VPN Router with RangeBooster
Chapter ±
Chapter ±:
Introduction
Thank you for choosing the Wireless-G VPN Router
with RangeBooster. The WRV200 is a VPN router with a
Wireless-G access point for small offices and home offices.
The 10/100 Ethernet WAN interface connects directly
to your broadband DSL or Cable modem. For the LAN
interface, there is a built-in 4-port, full-duplex 10/100
Ethernet switch that can connect up to four devices.
The wireless AP supports
802.11b/g and incorporates
Linksys RangeBooster technology, which utilizes a MIMO
antennae configuration to provide increased coverage
and reliability over standard 802.11g.
The WRV200 has the advanced security functions needed
for business networking. It has a SPI based firewall with
DoS prevention, but also a Virtual Private Networking
(VPN) engine for secure communication between mobile
or remote workers and branch offices. For your wired and
wireless local area network, there is support for multiple
SSIDs and VLANs for traffic separation. The WRV200’s
Wireless AP implements WPA2-PSK, WPA2-ENT, and WEP
encryption, along with other security features including
enabling/disabling
SSID
Broadcasts
and
MAC-based
filtering.
Wireless networking in business environments requires
additional flexibility. The WRV200 has the capability to
expand or reduce the area of your wireless network.
There is support for Wireless Distribution System (WDS),
which allows the wireless coverage to be expanded
without wires through wireless bridging between it and
select Linksys stand alone access points. That, along with
the ability to increase or decrease the RF output power,
allows for optimal wireless coverage.
To support VoIP, the WRV200 has a SIP application layer
gateway (ALG) and advanced QoS functionality. SIP based
VoIP data has problems traversing through standard
firewalls with NAT, especially when you deploy multiple SIP
clients. The SIP ALG allows SIP traffic from multiple clients
to pass through the router’s firewall. QoS functionality
can improve the quality of your voice or video over IP.
With support for Wireless QoS (WMM) and wired QoS
(port prioritization), consistent voice and video quality is
maintained throughout your business.
Page 7 / 72
²
Networking and Security Basics
Wireless-G VPN Router with RangeBooster
Chapter ²
Chapter ²:
Planning Your Wireless
Network
Network Topology
A wireless local area network (WLAN) is exactly like a regular
local area network (LAN), except that each computer in the
WLAN uses a wireless device to connect to the network.
Computers in a WLAN share the same frequency channel
and SSID, which is an identification name shared by the
wireless devices belonging to the same wireless network.
Ad-Hoc versus Infrastructure Mode
Unlike wired networks, wireless networks have two
different modes in which they may be set up: infrastructure
and ad-hoc. An infrastructure configuration is a WLAN
and wired LAN communicating to each other through
an access point. An ad-hoc configuration is wireless-
equipped computers communicating directly with each
other. Choosing between these two modes depends on
whether or not the wireless network needs to share data
or peripherals with a wired network or not.
If the computers on the wireless network need to be
accessible by a wired network or need to share a peripheral,
such as a printer, with the wired network computers, the
wireless network should be set up in Infrastructure mode.
The basis of Infrastructure mode centers around an access
point or wireless router, such as the Wireless-G VPN Router,
which serves as the main point of communications in
a wireless network. The Router transmits data to PCs
equipped with wireless network adapters, which can
roam within a certain radial range of the Router.
You can
arrange the Router and multiple access points to work
in succession to extend the roaming range, and you can
set up your wireless network to communicate with your
Ethernet hardware as well.
If the wireless network is relatively small and needs to
share resources only with the other computers on the
wireless network, then the Ad-Hoc mode can be used.
Ad-Hoc mode allows computers equipped with wireless
transmitters and receivers to communicate directly with
each other, eliminating the need for a wireless router or
access point. The drawback of this mode is that in Ad-
Hoc mode, wireless-equipped computers are not able to
communicate with computers on a wired network. And, of
course, communication between the wireless-equipped
computers is limited by the distance and interference
directly between them.
Network Layout
The Wireless-G VPN Router has been specifically designed
for use with both your 802.11b and 802.11g products.
Now, products using these standards can communicate
with each other.
The Wireless-G VPN Router is compatible with all 802.11g
and 802.11n adapters, such as the Notebook Adapters
(WPC4400N, WPC200) for your laptop computers, PCI
Adapter (WMP200) for your desktop PC, and USB Adapter
(WUSB200, USB1000) when you want to enjoy USB
connectivity. The Router will also communicate with
Wireless Ethernet Bridges (WET200).
When you wish to connect your wireless network with
your wired network, you can use the Router’s four LAN
ports. To add more ports, any of the Router’s LAN ports
can be connected to any Linksys Business Series switch
(such as the SLM series or SRW series switches).
With these, and many other, Linksys products, your
networking options are limitless. Go to the Linksys
website at www.linksys.com for more information about
products that work with the Wireless-G VPN Router with
RangeBooster.
Network Diagram
Page 8 / 72
³
Planning Your Virtual Private Network (VPN)
Wireless-G VPN Router with RangeBooster
Chapter ³
Chapter ³:
Planning Your Virtual
Private Network (VPN)
Why do I need a VPN?
Computer networking provides a flexibility not available
when using an archaic, paper-based system. With this
flexibility, however, comes an increased risk in security.
This is why firewalls were first introduced. Firewalls help
to protect data inside of a local network. But what do you
do once information is sent outside of your local network,
when e-mails are sent to their destination, or when you
have to connect to your company’s network when you are
out on the road? How is your data protected?
That is when a VPN can help. VPNs are called Virtual Private
Networks because they secure data moving outside of
your network as if it were still within that network.
When data is sent out across the Internet from your
computer, it is always open to attacks. You may already
have a firewall, which will help protect data moving
around or held within your network from being corrupted
or intercepted by entities outside of your network, but
once data moves outside of your network—when you
send data to someone via e-mail or communicate with an
individual over the Internet—the firewall will no longer
protect that data.
At this point, your data becomes open to hackers using
a variety of methods to steal not only the data you are
transmitting but also your network login and security
data. Some of the most common methods are as follows:
1) MAC Address Spoofing
Packets transmitted over a network, either your local
network or the Internet, are preceded by a packet
header. These packet headers contain both the source
and destination information for that packet to transmit
efficiently. A hacker can use this information to spoof
(or fake) a MAC address allowed on the network. With
this spoofed MAC address, the hacker can also intercept
information meant for another user.
2) Data Sniffing
Data “sniffing” is a method used by hackers to obtain
network data as it travels through unsecured networks,
such as the Internet. Tools for just this kind of activity,
such as protocol analyzers and network diagnostic tools,
are often built into operating systems and allow the data
to be viewed in clear text.
3) Man in the middle attacks
Once the hacker has either sniffed or spoofed enough
information, he can now perform a “man in the middle”
attack. This attack is performed, when data is being
transmitted from one network to another, by rerouting
the data to a new destination. Even though the data is not
received by its intended recipient, it appears that way to
the person sending the data.
These are only a few of the methods hackers use and they
are always developing more. Without the security of your
VPN, your data is constantly open to such attacks as it
travels over the Internet. Data travelling over the Internet
will often pass through many different servers around
the world before reaching its final destination. That is a
long way to go for unsecured data and this is when a VPN
serves its purpose.
What is a VPN?
A VPN, or Virtual Private Network, is a connection between
two endpoints—a VPN Router, for instance—in different
networks that allows private data to be sent securely
over a shared or public network, such as the Internet. This
establishes a private network that can send data securely
between these two locations or networks.
This is done by creating a “tunnel”. A VPN tunnel connects
the two PCs or networks and allows data to be transmitted
over the Internet as if it were still within those networks.
Not a literal tunnel, it is a connection secured by encrypting
the data sent between the two networks.
VPN was created as a cost-effective alternative to using
a private, dedicated, leased line for a private network.
Using industry standard encryption and authentication
techniques—IPSec, short for IP Security—VPN creates a
secure connection that, in effect, operates as if you were
directly connected to your local network. VPN can be used
to create secure networks linking a central office with
branch offices, telecommuters, and/or professionals on
the road (travelers can connect to a VPN Router using any
computer with the Linksys VPN client software.)
There are two basic ways to create a VPN connection:
VPN Router to VPN Router
Computer (using the Linksys VPN client software) to
VPN Router
IMPORTANT:
You must have at least one VPN
Router on one end of the VPN tunnel. At the
other end of the VPN tunnel, you must have
a second VPN Router or a computer with the
Linksys VPN client software.
Page 9 / 72
´
Planning Your Virtual Private Network (VPN)
Wireless-G VPN Router with RangeBooster
Chapter ³
The VPN Router creates a “tunnel” or channel between two
endpoints, so that data transmissions between them are
secure. A computer with the Linksys VPN client software
can be one of the two endpoints (refer to “Appendix B:
Using Linksys QuickVPN for Windows 2000, XP, or Vista”).
If you choose not to run the VPN client software, any
computer with the built-in IPSec Security Manager
(Microsoft 2000 and XP) allows the VPN Router to create a
VPN tunnel using IPSec (refer to “Appendix C: Configuring
IPSec between a Windows 2000 or XP PC and the Router”).
Other versions of Microsoft operating systems require
additional, third-party VPN client software applications
that support IPSec to be installed.
VPN Router to VPN Router
An example of a VPN Router-to-VPN Router VPN would
be as follows. At home, a telecommuter uses his VPN
Router for his always-on Internet connection. His router
is configured with his office’s VPN settings. When he
connects to his office’s router, the two routers create a VPN
tunnel, encrypting and decrypting data. As VPNs utilize
the Internet, distance is not a factor. Using the VPN, the
telecommuter now has a secure connection to the central
office’s network, as if he were physically connected. For
more information, refer to “Appendix D: Configuring a
Gateway-to-Gateway IPSec Tunnel.”
Home
Office
PC 1
WRV200
VPN Router
PC 2
VPN Router to VPN Router
Computer (using the Linksys VPN client software)
to VPN Router
The following is an example of a computer-to-VPN Router
VPN. In her hotel room, a traveling businesswoman dials
up her ISP. Her notebook computer has the Linksys VPN
client software, which is configured with her office’s IP
address. She accesses the Linksys VPN client software and
connects to the VPN Router at the central office. As VPNs
utilize the Internet, distance is not a factor. Using the VPN,
she now has a secure connection to the central office’s
network, as if she were physically connected.
Office
VPN Router
PC 2
Off-Site
Laptop running
Linksys VPN Client Software
Computer to VPN Router
For
additional
information
and
instructions
about
creating your own VPN, please visit Linksys’s website
at www.linksys.com. You can also refer to “Appendix B:
Using Linksys QuickVPN for Windows 2000, XP, or Vista”,
“Appendix C: Configuring IPSec between a Windows 2000
or XP PC and the Router,” and “Appendix D: Configuring a
Gateway-to-Gateway IPSec Tunnel.”
Page 10 / 72
µ
Product Overview
Wireless-G VPN Router with RangeBooster
Chapter ´
Chapter ´:
Product Overview
Front Panel
The Router’s LEDs are located on the front panel of the
Router.
Front Panel
POWER
(Green) The Power LED lights up when
the Router is powered on.
DMZ
(Green) The DMZ LED lights up when the
Router has an available DMZ port. If the LED is
flashing, the Router is sending or receiving data
over the DMZ port.
INTERNET
(Green) The Internet LED lights up
when the Router is connected to your cable or
DSL modem. If the LED is flashing, the Router
is sending or receiving data over the Internet
port.
WIRELESS
(Green) The Wireless
LED
lights
up whenever there is a successful wireless
connection. If the LED is flashing, the Router
is actively sending or receiving data over the
wireless network.
±-´
(ETHERNET)
(Green)
These
four
LEDs
correspond
to
the
Router’s
four
Ethernet
ports. If the LED is continuously lit, the
Router is connected to a device through the
corresponding port (1, 2, 3, or 4). If the LED
is flashing, the Router is actively sending or
receiving data over that port.
Back Panel
The Router’s ports and Reset button are located on the
back panel of the Router.
Back Panel
POWER
The Power port is where you will
connect the AC power cable.
RESET
The Reset button has two functions.
If
pressed
for
one
second,
the
Reset
button causes a warm reboot—the Router
restarts without losing any of the current
configuration settings.
If pressed for approximately 15 seconds,
the Reset button resets the Router’s factory
defaults.
You can also restore the factory defaults
from the
Administration > Factory Defaults
screen of the Router’s Web-based Utility.
INTERNET
The Internet port connects to your
cable or DSL modem.
±-´
(ETHERNET)
The
four
Ethernet
ports
connect
to
your
PCs
and
other
network
devices.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top