Linksys Befvp41 - etherfast cable/dsl vpn router User manual

Instant Broadband™ Series

EtherFast®Cable/DSL

VPN Router with

4-Port 10/100 Switch

Use this guide to install: BEFVP41

User Guide

mark of Linksys. Microsoft, Windows, and the Windows logo are registered trademarks

of Microsoft Corporation. All other trademarks and brand names are the property of their

respective proprietors.

LIMITED WARRANTY

Linksys guarantees that every Instant Broadband EtherFast®Cable/DSL VPN Router with

4-Port 10/100 Switch will be free from physical defects in material and workmanship for

one year from the date of purchase, when used within the limits set forth in the

Specifications section of this User Guide. If the product proves defective during this war-

ranty period, call Linksys Technical Support in order to obtain a Return Authorization

Number. BE SURE TO HAVE YOUR PROOF OF PURCHASE AND A BARCODE FROM

THE PRODUCT'S PACKAGING ON HAND WHEN CALLING. When returning a product,

mark the Return Authorization Number clearly on the outside of the package and include

a copy of your original proof of purchase. RETURN REQUESTS CANNOT BE

PROCESSED WITHOUT PROOF OF PURCHASE. All customers located outside the

United States of America and Canada shall be held responsible for shipping and han-

dling charges.

IN NO EVENT SHALL LINKSYS’S LIABILITY EXCEED THE PRICE PAID FOR THE PROD-

UCT FROM DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAM-

AGES RESULTING FROM THE USE OF THE PRODUCT, ITS ACCOMPANYING SOFT-

WARE, OR ITS DOCUMENTATION. LINKSYS DOES NOT OFFER REFUNDS FOR ANY

PRODUCT. Linksys makes no warranty or representation, expressed, implied, or statuto-

ry, with respect to its products or the contents or use of this documentation and all

accompanying software, and specifically disclaims its quality, performance, mer-

chantability, or fitness for any particular purpose. Linksys reserves the right to revise or

update its products, software, or documentation without obligation to notify any individ-

ual or entity. Please direct all inquiries to:

Linksys P.O. Box 18558, Irvine, CA 92623.

FCC STATEMENT

This Instant Broadband EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch has

been tested and complies with the specifications for a Class B digital device, pursuant

to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection

against harmful interference in a residential installation. This equipment generates, uses,

and can radiate radio frequency energy and, if not installed and used according to the

instructions, may cause harmful interference to radio communications. However, there is

no guarantee that interference will not occur in a particular installation. If this equipment

does cause harmful interference to radio or television reception, which is found by turn-

ing the equipment off and on, the user is encouraged to try to correct the interference by

one or more of the following measures:

• Reorient or relocate the receiving antenna

• Increase the separation between the equipment or devices

• Connect the equipment to an outlet other than the receiver’s

• Consult a dealer or an experienced radio/TV technician for assistance

UG-BEFVP41-012502C-JL

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 SwitchInstant Broadband™ Series

Table of Contents

Chapter 1: Introduction 1

The EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch 1

Features 1

Package Contents 2

System Requirements 2

Chapter 2: Getting to Know the EtherFast®

Cable/DSL VPN Router with 4-Port 10/100 Switch 3

The Cable/DSL VPN Router’s Rear Panel 3

The Reset Button 4

The Cable/DSL VPN Router’s Front Panel LEDs 4

Chapter 3: Connecting the Cable/DSL VPN Router

to Your Network 6

Overview 6

About Static & Dynamic IP Addresses 6

Connecting Everything Together & Booting Up 7

Chapter 4: Planning Your Virtual Private

Network (VPN) 10

Chapter 5: Configuring Your Network with the

Cable/DSL VPN Router 12

Configuring Your PCs to Connect to the Cable/DSL VPN Router 12

Configuring The Cable/DSL VPN Router 14

Chapter 5: The Cable/DSL VPN Router’s

Web-based Utility 18

Quick & Easy Administration 18

Setup 19

VPN 21

Password 28

Status 29

DHCP 31

Log 32

Help 33

Filters 35

Forwarding 38

Dynamic Routing 40

Static Routing 41

DMZ Host 43

MAC Address Cloning 44

Appendix A: Troubleshooting 45

Common Problems and Solutions 45

Frequently Asked Questions 47

Appendix B: Glossary 52

Appendix C: Configuring IPsec between a

Microsoft Windows 2000 or XP PC and a Linksys

Cable/DSL VPN Router 61

Introduction 61

Environment 61

Step-by-Step 62

Appendix D: SNMP Functions 81

Appendix E: How to Ping Your ISP’s E-mail &

Web Addresses 81

Appendix F: Installing the TCP/IP Protocol 84

Appendix G: Specifications 86

Environmental 86

Appendix H: Warranty Information 87

Appendix I: Contact Information 88

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch

• One Linksys Instant Broadband™ EtherFast®Cable/DSL VPN Router with

4-Port 10/100 Switch

• One power adapter

• One user guide and registration card (not shown)

• One Quick Install (not shown)

• One Tech Helper CD-ROM

• One RJ-45 Broadband Internet connection

• One PC with an installed 10Mbps, 100Mbps, or 10/100 Mbps Ethernet card

• TCP/IP network protocol for each PC

• UTP Category 5 (or better) network cable with RJ-45 connector

• Microsoft Internet Explorer 4.0 or later, or Netscape Navigator 4.0 or later.

(5.0 and 4.7, respectively, are strongly recommended.)

Instant Broadband™ Series

Chapter 1:Introduction

The Cable/DSL VPN Router with 4-Port 10/100 Switch

Congratulations on your purchase of an Instant Broadband™ EtherFast®

Cable/DSL VPN Router with 4-Port 10/100 Switch. The Instant Broadband™

EtherFast®Cable/DSL VPN Router from Linksys is the perfect solution for

sharing a high-speed broadband Internet connection while still maintaining the

ultimate in network security.

Utilizing 56-bit DES and 168-bit 3DES encryption, header authentication, and

IKE key exchange access control, the EtherFast®Router’s full IPSec Virtual

Private Network (VPN) capability provides complete data privacy.

The EtherFast® Cable/DSL VPN Router also boasts an impressive array of fea-

tures including PPPoE support, NAT firewall, and a convenient web manage-

ment interface. Since the Router is compatible with virtually all major operat-

ing systems, it’s easy to set up and use, making the Instant Broadband™

EtherFast® Cable/DSL VPN Router the perfect solution for your broadband

needs.

• Full IPSec Virtual Private Network (VPN) capability

• Supports (56-Bit) DES and (168-Bit) 3DES Encryption Algorithms

• Supports MD5 and SHA Authentication Algorithms

• Supports IKE Key Management

• Hardware Security Co-Processor Inside

• Supports Up to 70 Tunnels

• Compatible with other IPSec VPN Products

• Acts as a DHCP Server for Your Existing Network

• NAT, PPPoE, IP Filter, and MAC Filter Support

• Free Technical Support—24 Hours a Day, 7 Days a Week, Toll-Free

US Calls

• 1-Year Limited Warranty

The EtherFast®Cable/DSL VPN Router with 4-Port 10/100

Switch

Features

Package Contents

System Requirements

Figure 1-1

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch

The LAN Indicators

Power Green. The Power LED illuminates when the Router is pow-

ered on.

Link/Act Green. The Link/Act LED serves two purposes. If the LED

is continuously illuminated, the Router is successfully con-

nected to a device through the corresponding port (1-4). If

the LED is flickering, the Router is actively sending or

receiving data over that port.

Instant Broadband™ Series

Chapter 2:Getting to Know the

EtherFast®Cable/DSL VPN Router

with 4-Port 10/100 Switch

The rear panel of the Router is where all of the Router’s connections are made.

The Cable/DSL VPN Router’s Ports

WAN The WAN (Wide Area Network) Port is where you

will connect your Cable or DSL modem.

Ports 1-4 These four LAN (Local Area Network) ports are

where you will connect networked devices, such as

PCs, print servers, remote hard drives, and anything

else you want to put on your network.

Crossover Switch The Crossover Switch (XII) toggles Port 4 between

crossover mode (X) and straight-through mode (II).

If you are connecting the Router directly to a com-

puter or to an Uplink port, choose straight-through

(II). For anything else, please refer to the chart

shown in Chapter 3, Figure 3-1.

Power The Power Port is where you will connect the

included AC power adapter.

The Cable/DSL VPN Router’s Rear Panel

The Cable/DSL VPN Router’s Front Panel LEDs

Important: The Reset Button*

The Reset button can be used in one of two ways.

1. If your Router is having problems connecting to the Internet,

press the Reset button for just a moment with a paper clip or a

pencil tip. This clears up any jammed connections, and is sim-

ilar to pressing the Reset button on your PC to reboot it.

2. If you are experiencing extreme problems with your Router and

have tried all other troubleshooting measures, press the Reset

Button, and hold it down until the red Diag LED on the front

panel turns on and off completely.

This will restore factory defaults and clear all of the Router’s set-

tings, including the IP addresses you entered.

* The Reset Button is located on the rear panel of the Router.

Figure 2-1

Figure 2-2

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch

Instant Broadband™ Series

Chapter 3:Connecting the

Cable/DSLVPN Router to Your

Network

Overview

Unlike a simple hub or switch, the setup of the EtherFast® Cable/DSL VPN

Router consists of more than simply plugging everything together. Because the

Router acts as a DHCP server, you will have to set some values within the

Router, and also configure your networked PCs to accept the IP Addresses the

Router chooses to assign them.

You will need the following values from your ISP in order to install the

EtherFast®Cable/DSL VPN Router:

• Your broadband-configured PC’s fixed Internet IP Address (if applicable)

• Your broadband-configured PC’s Computer Name and Workgroup Name

•Your Subnet Mask

•Your Default Gateway

•Your Primary DNS IP address

Whoever installed your broadband access should have left this information

with you. If not, call your ISP and they will be able to supply you with it.

About Static & Dynamic IP Addresses

Static IP Addresses A static IP address is an IP address permanently assigned

to a computer in a TCP/IP network. Static IP addresses are usually assigned to

networked devices which are consistently accessed by multiple users, such as

Server PCs, or printers. If you are using the Router to share your cable or DSL

Internet connection, contact your ISP to see if they have assigned your home a

static IP address.You will need that address during the Router’s configuration.

}Only if applicable

Full/Col Green. The Full/Col LED also serves two purposes. If this

LED is continuously illuminated, the connection made

through the corresponding port is successfully running in

Full Duplex mode. If the LED is flickering, the connection is

experiencing collisions. Infrequent collisions are normal. If

this LED is flickering too often, there may be a problem with

your connection. Check the Troubleshooting section if you

think there is a problem.

100 Orange. The 100 LED illuminates when a successful

100Mbps connection is made through the corresponding

port.

The WAN Indicators

Link Green. The Link LED illuminates when a successful connec-

tion is made between the Router and your Broadband device

or network.

Act Green. The Act LED flickers when the Router is sending or

receiving data over the broadband port.

Diag Red. The Diag LED illuminates when the Router goes

through its self-diagnosis mode during boot-up. It will turn

off upon successful completion of the diagnostic. If this LED

stays on for an abnormally long period of time, refer to the

Troubleshooting section.

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch

3. If you are using Port 4 to connect to a PC, set the Crossover Switch to

straight-through mode (II). If you are connecting the Router to a hub or

switch, please refer to the chart shown in Figure 3-1 when setting the

Crossover Switch.

4. Connect the network cable from your cable or DSL modem to the WAN

port on your Router’s rear panel. This is the only port that will work for your

modem connection.

5. Connect the power adapter to the Power port on the rear panel of the

Router, and then plug the power adapter into a power outlet.

• The Power LED on the front panel will light up green as soon as the power

adapter is connected properly.

• The Diag LED will light up red for a few seconds when the Router goes

through its self-diagnostic test. This LED will turn off when the self-test is

complete.

Instant Broadband™ Series

Dynamic IP Addresses A dynamic IP address is an IP address that is automati-

cally assigned to a client station (computer, printer, etc.) in a TCP/IP network.

Dynamic IP addresses are typically assigned by a DHCP server, which can be

a computer on the network or another piece of hardware, such as the Router. A

dynamic IP address may change every time your computer connects to the net-

work.

DHCP (Dynamic Host Configuration Protocol) DHCP is software that automati-

cally assigns IP addresses to client stations logging onto a TCP/IP network.

DHCP eliminates having to manually assign permanent IP addresses to every

device on your network. DHCP software typically runs in servers and is also

found in network devices such as Routers.

Connecting Everything Together & Booting Up

Once you are sure that you have the above values on hand, you can begin the

installation and setup of the EtherFast® Cable/DSL VPN Router.

1. Power everything down, including your PCs, your Cable or DSL modem

and the Router.

2. Connect a network cable from one of your PCs’Ethernet ports to one of the

LAN ports on the back of the Router. Do the same with all the PCs you wish

to connect to the Router.

Note: Some ISPs—most notably some cable providers—configure

their networks so that you do not have to enter a full Internet address

into your web browser or e-mail application to reach your home page

or receive your e-mail. If your Internet home page address is some-

thing very simple, such as “www”, rather than “www.linksys.com”,

or your e-mail server’s address is something similar to “e-mail” or

“pop3”, rather than “pop.mail.linksys.com”, you won’t be able to

properly configure the Cable/DSL VPN Router until you determine

the actual Internet addresses of your Web and e-mail connections.

You must obtain this information prior to connecting the Router to

your network.You can obtain this information by contacting your ISP,

or turn to the How to PingYour ISP’s E-mail and Web Addresses

section in the Appendix.

Note: The diagram above is for reference purposes only. Every

network is different. If you do not make a connection to a hub or

switch by using the settings above, change the position of the

Crossover Switch.

Figure 3-1

Important: It is highly recommended that you plug your Router

into a power strip with surge protection.

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch

Chapter 4:Planning Your Virtual

Private Network (VPN)

A VPN is a private network that sends data securely through a public network,

like the Internet. VPN was created as a cost-effective alternative to using a pri-

vate, dedicated, leased line for a private network. Using special encryption

techniques, the VPN creates a secure connection that, in effect, operates as if

you are directly connected to your local network. Virtual Private Networking

can be used to create secure networks linking a central office with branch

offices, telecommuters, and/or professionals on the road.

There are two basic ways to create a VPN connection (See Figure 4-1):

· Gateway to gateway

· Host to gateway

A gateway is a device that features VPN server capabilities. An example of a

gateway is the Cable/DSL VPN Router. The Router functions as a VPN server,

creating a “tunnel” or channel between itself and a remote location, so that data

transmissions between them are secure. A host is a device, such

109

Instant Broadband™ Series

6. Turn on the cable or DSL modem.

7. Press the Reset button on the Router’s front panel with a paper clip or a

pencil. Hold the button in until the Diag LED lights up and then turns off.

This will restore the Router’s factory default settings.

The Hardware Installation is complete.

Figure 4-1

Important: You must have aVPN gateway or host on each end of the

VPN tunnel.

Instant Broadband™ Series

as a computer, with VPN host software installed. Microsoft 2000 and XP have

built-in VPN host software; other versions of Microsoft operating systems

require additional, third-party software applications to be installed.

Gateway to Gateway

An example of a gateway-to-gateway VPN would be a Cable/DSL VPN Router

(gateway) linked to the central office's VPN server (gateway). At home, a

telecommuter uses his Cable/DSL VPN Router for his always-on Internet con-

nection. His Router has a built-in VPN server configured with his office’s VPN

settings. He starts up the Router’s utility and connects to the VPN server at the

central office 40 miles* away. Using the VPN, the telecommuter now has a

secure connection to the central office’s network, as if he were physically con-

nected.

Host to Gateway

An example of a host-to-gateway VPN would be a notebook computer (host)

linked to the central office’s VPN server (gateway). In her hotel room, a travel-

ing businesswoman dials up her ISP. Her notebook computer has VPN host

software configured with her office’s VPN settings. She starts up the VPN host

software and connects to theVPN server at the central office 4000 miles* away.

Using the VPN, the businesswoman now has a secure connection to the central

office’s network, as if she were physically connected.

For additional information and instructions about creating your own VPN,

please visit Linksys’s website at www.linksys.com.

*Distances are examples only; VPNs have no distance limitations.

11 12

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch

Chapter 5:Configuring Your

Network with the Cable/DSLVPN

Router

You must now configure your other PCs to accept the IP addresses that the

Router will provide.

1. Click the Start button, select Settings, and then Control Panel.

2. Double-click the Network icon.

3. In the Configuration window, select the TCP/IP protocol line that has been

associated with your network card/adapter. If there is no TCP/IP line listed,

go to the Appendix to install the TCP/IP Protocol now.

Configuring Your PCs to Connect to the Cable/DSL VPN

Router

Note: Make sure that a Network Card or Adapter has been successful-

ly installed into each PC you plan on configuring prior to continuing.

Note: These instructions apply only to Windows 95, Windows 98,

and Windows ME machines. For TCP/IP setup under Windows NT,

2000 and XP, please refer to your Windows manual.

Figure 5-1

1413

EtherFast®Cable/DSL VPN Router with 4-Port 10/100 Switch

Now that the Cable/DSLVPN Router is wired into your network, you can begin

configuring your system.

1. Open your web browser and type http://192.168.1.1 in the browser’s

Address box. This number is the default IP address of

the Router. Press the Enter key.

2. A User Name and password prompt will appear. Leave the User Name

field empty, and type admin (the default password) in the Password field.

Click the OK button. If the screen does not appear, make sure your network

adapter is working properly, the network cable is connected, and the Link

LED is lit up on the Router. Restart the computer to obtain an IP address

automatically.

Configuring the Cable/DSL VPN Router

Note: If the TCP/IP protocol is not configured on your PC, go to the

Appendix for TCP/IP installation instructions now.

Important: If you have previously enabled an Internet Sharing

Proxy Service on any of your PCs, you must disable it now.

• If you are running Netscape Navigator, click Edit >>

Preference >> Advanced >> Proxies >> Direct Connection to

the Internet.

• If you are running Internet Explorer v5 or better, click Start >>

Settings >> Control Panel >> Internet Options >>

Connections >> LAN Settings. Remove the checks from all

three boxes. Click OK to continue.

Instant Broadband™ Series

4. Click the Properties button, and then choose the IP Address tab. Select

Obtain an IP address automatically. Click the OK button. You have com-

pleted the client settings.

5. Click the OK button. Windows may ask for original Windows installation

files. Supply them as needed (i.e.: D:\win98, D:\win95, D:\win9x,

c:\windows\options\cabs).

6. Windows will ask you to restart the PC. Click the Yes button.

Repeat these steps for each PC on your network. When all of your PCs are

configured, the Cable/DSLVPN Router Setup and Installation is complete.

Figure 5-2

Figure 5-3

Figure 5-4

Other manuals for BEFVP41 - EtherFast Cable/DSL VPN Router

Table of contents

Popular Wireless Router manuals by other brands

NETGEAR

NETGEAR Zing user guide

Proroute

Proroute GEM420 user manual

ICP DAS USA

ICP DAS USA WF-2000 Series Faq

SMC Networks

SMC Networks 7904WBRA-N FICHE user guide

Hamlet

Hamlet HRDSL300N user manual

Icidu

Icidu NI-707517 Quick installation guide

Hawking

Hawking HWRGM1A user manual

Airlogic

Airlogic AirSync Class 1 Features

Samsung

Samsung WCH730B user manual

NETGEAR

NETGEAR PowerLINE WiFi 1000 Series quick start

TRENDnet

TRENDnet TEW-211BRP user manual

Cisco

Cisco Valet M10 user guide

Alloy

Alloy WLF2454AP-S user guide

TELEFONICA

TELEFONICA USB Adapter quick start guide

TP-Link

TP-Link TL-WR542G user guide

Hama

Hama 53120 Operating instruction

Asus

Asus RT-N10P user guide

D-Link

D-Link DIR-506L Quick installation guide

Linksys BEFVP41 - EtherFast Cable/DSL VPN Router User manual

Popular Wireless Router manuals by other brands