Linksys BEFSX41 Your Virtual Private Network VPN, Network Setup Overview, Why Do I Need a VPN?

Page 6

Instant Broadband® Series

By default, a DHCP server (LAN side) is enabled on the Router. If you already have a DHCP server running on your network, you must disable one of the two DHCP servers. If you run more than one DHCP server on your network, you will experience network errors, such as conflicting IP addresses. To disable DHCP on the Router, see the DHCP section in “Chapter 7: The Cable/DSL Firewall Router’s Web-based Utility.”

Note: Even if you assign a static IP address to a PC, other PCs can still use DHCP’s dynamic IP addressing, as long as the static IP address is not within the DHCP range of the LAN IP Address.

If the dynamic IP addressing fails to provide a dynamic IP address, refer to “Appendix A: Troubleshooting.”

Network Setup Overview

This user guide covers the basic steps for setting up a network with a router. After going through “Chapter 3: Getting to Know the EtherFast Cable/DSL Firewall Router,” most users will only need to use the following chapters:

Chapter 4: Connect the Router

This chapter instructs you on how to connect the cable or DSL modem to the Router and connect the PC(s) to the Router.

Chapter 5: Configure the PCs

This chapter instructs you on how to configure your PC(s) for a DHCP con- nection, if the network settings are not already set to DHCP.

Chapter 6: Configure the Router

This chapter explains how to configure the Router using your web browser and the Router’s web-based utility. You will configure the Router using the settings provided by your ISP.

When you’re finished with the basic steps, then you are ready to connect to the Internet. After the PC(s) can access the Internet through the Router, you can alter the Router’s settings further; for example, you can adjust security features and other settings to enable online gaming.

EtherFast® Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint

Chapter 2: Your Virtual Private Network (VPN)

Why Do I Need a VPN?

Computer networking provides a flexibility not available when using an archa- ic, paper-based system. With this flexibility, however, comes an increased risk in security. This is why firewalls were first introduced. Firewalls help to protect data inside of a local network. But what do you do once information is sent out- side of your local network, when emails are sent to their destination, or when you have to connect to your company's network when you are out on the road? How is your data protected?

That is when a VPN can help. VPNs are called Virtual Private Networks because they secure data moving outside of your network as if it were still with- in that network.

When data is sent out across the Internet from your computer, it is always open to attacks. You may already have a firewall, which will help protect data mov- ing around or held within your network from being corrupted or intercepted by entities outside of your network, but once data moves outside of your network —when you send data to someone via email or communicate with an individ- ual over the Internet—the firewall will no longer protect that data.

At this point, your data becomes open to hackers using a variety of methods to steal not only the data you are transmitting but also your network login and security data. Some of the most common methods are as follows:

1) MAC Address Spoofing

Packets transmitted over a network, either your local network or the Internet, are preceded by a packet header. These packet headers contain both the source and destination information for that packet to transmit efficiently. A hacker can use this information to spoof (or fake) a MAC address allowed on the network. With this spoofed MAC address, the hacker can also intercept information meant for another user.

4

5

Image 6
Contents User Guide Copyright & Trademarks Table of Contents Features IntroductionEnvironmental 139 An Introduction to LANs and WANs IP AddressesNetwork Setup Overview Why Do I Need a VPN?Your Virtual Private Network VPN What is a Virtual Private Network? Firewall Router to Firewall RouterModem connection will not work from any other port PowerRouter’s Back Panel PortsWAN and LAN LEDs Router’s Front Panel LEDsProceed to Connect the Router Connect the Router Connecting Your Hardware Together and Booting UpRouter’s hardware installation is now complete OverviewConfigure the PCs Configuring Windows 95, 98, and Millennium PCsGo to Configure the Router Configuring Windows 2000 PCsConfiguring Windows XP PCs Configure the Router Advanced Proxies. Click Direct Connection to the Internet Obtain an IP Address AutomaticallyStatic IP Address Enter the Gateway AddressPPPoE RASQuick and Easy Router Administration Cable/DSL Firewall Router’s Web-based UtilitySetup User Name and Password Static IPWAN IP Firewall Multicast Pass Through Remote UpgradeBlock WAN Request IPSec Pass ThroughEstablishing a Tunnel VPNLocal Secure Group and Remote Secure Group Remote Security Gateway Authentication EncryptionKey Management Instant Broadband Series Advanced Settings for Selected IPSec Tunnel PhaseOther Settings PasswordStatus Dhcp Log Help Advanced FiltersInstant Broadband Series Forwarding UPnP Forwarding Port Triggering Dynamic Routing Static RoutingDMZ Host DMZ PortDMZ Host Address Current DMZ Host MAC Address CloneDynDNS.org DdnsAppendix a Troubleshooting Common Problems and SolutionsTZO.com For Windows NT For Windows XPFor Windows 95, 98, and Me For Windows XP Am not able to access the Router’s web interface Setup Can’t get the Internet game, server, or application to work To start over, I need to set the Router to factory default Click the Advanced = Filter tab Need to use port triggeringFrequently Asked Questions TCP/IP is compatible with the Router Appendix B Maximizing VPN Security Windows 2000 or Windows XP IntroductionEnvironment Step One Create an IPSec PolicyFilter List 1 win-router Step Two Build Filter ListsIP Address Filter List 2 router=win Figure C-6Step Three Configure Individual Tunnel Rules Tunnel 1 win-routerShared key, as shown Respond Using IPSec XYZ12345. ClickString to Protect Negotiate Security Key exchange pre AcceptTunnel 2 router-win Preshared key, Action Require Security This string to protectKey Exchange XYZ12345Figure C-24 Step Four Assign New IPSec PolicyStep Five Create a Tunnel Through the Web-based Utility Figure C-28Appendix E How to Ping Your ISP’s E-mail & Web Addresses Appendix D Snmp FunctionsFigure E-1 Appendix F Installing the TCP/IP Protocol TCP/IP installation is now completeFigure G-1 For Windows NT, 2000, and XPFigure G-5 Appendix H Glossary 129 131 133 135 137 Appendix I Specifications EnvironmentalSales Information Appendix J Warranty InformationAppendix K Contact Information Web FTP SiteCopyright 2003 Linksys, All Rights Reserved