Linksys BEFSX41 manual 129

Page 68

Instant Broadband® Series

encrypt and decrypt the data, or to generate and verify a message authentica- tion code. Linksys DES encryption uses a 56-bit key.

DHCP (Dynamic Host Configuration Protocol) - A protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network. Using the Internet's set of protocol (TCP/IP), each machine that can connect to the Internet needs a unique IP address. When an organization sets up its computer users with a con- nection to the Internet, an IP address must be assigned to each machine. Without DHCP, the IP address must be entered manually at each computer and, if computers move to another location in another part of the network, a new IP address must be entered. DHCP lets a network administrator supervise and dis- tribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network.

DHCP uses the concept of a "lease" or amount of time that a given IP address will be valid for a computer. The lease time can vary depending on how long a user is likely to require the Internet connection at a particular location. It's espe- cially useful in education and other environments where users change fre- quently. Using very short leases, DHCP can dynamically reconfigure networks in which there are more computers than there are available IP addresses.

DHCP supports static addresses for computers containing Web servers that need a permanent IP address.

DMZ (Demilitarized Zone) - Allows one IP address (or computer) to be exposed to the Internet. Some applications require multiple TCP/IP ports to be open. It is recommended that you set your computer with a static IP address if you want to use DMZ Hosting.

DNS - The domain name system (DNS) is the way that Internet domain name are located and translated into Internet Protocol (IP) addresses. A domain name is a meaningful and easy-to-remember "handle" for an Internet address.

Domain - A subnetwork comprised of a group of clients and servers under the control of one security database. Dividing LANs into domains improves per- formance and security.

Download - To receive a file transmitted over a network. In a communications session, download means receive, upload means transmit.

DSL (Digital Subscriber Line) - A technology that dramatically increases the digital capacity of ordinary telephone lines into the home or office and, by

EtherFast® Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint

employing unused bandwidth, still allows for normal phone usage. DSL pro- vides "always-on" operation, eliminating the need to dial in to the service.

Dynamic IP Address - An IP address that is automatically assigned to a client station in a TCP/IP network, typically by a DHCP server. Network devices that serve multiple users, such as servers and printers, are usually assigned static IP addresses.

Dynamic Routing - The ability for a router to forward data via a different route based on the current conditions of the communications circuits. For example, it can adjust for overloaded traffic or failing lines and is much more flexible than static routing, which uses a fixed forwarding path.

Encryption - A security method that applies a specific algorithm to data in order to alter the data's appearance and prevent other devices from reading the information.

Ethernet - IEEE standard network protocol that specifies how data is placed on and retrieved from a common transmission medium. Has a transfer rate of 10 Mbps. Forms the underlying transport vehicle used by several upper-level protocols, including TCP/IP and XNS.

Fast Ethernet - A 100 Mbps technology based on the 10Base-T Ethernet CSMA/CD network access method.

Finger - A UNIX command widely used on the Internet to find out informa- tion about a particular user, such as telephone number, whether currently logged on or the last time logged on. The person being "fingered" must have placed his or her profile on the system. Fingering requires entering the full user@domain address.

Firewall - A firewall is a set of related programs, located at a network gateway server, that protects the resources of a network from users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources to which its own users have access.

Basically, a firewall, working closely with a router, examines each network packet to determine whether to forward it toward its destination.

128

129

Page 67 Page 69
Image 68
Page 67 Page 69
Contents User Guide Copyright & Trademarks Table of Contents Environmental 139 FeaturesIntroduction An Introduction to LANs and WANs IP AddressesYour Virtual Private Network VPN Network Setup OverviewWhy Do I Need a VPN? What is a Virtual Private Network? Firewall Router to Firewall RouterPower Router’s Back PanelModem connection will not work from any other port PortsProceed to Connect the Router WAN and LAN LEDsRouter’s Front Panel LEDs Connecting Your Hardware Together and Booting Up Router’s hardware installation is now completeConnect the Router OverviewConfigure the PCs Configuring Windows 95, 98, and Millennium PCsGo to Configure the Router Configuring Windows 2000 PCsConfiguring Windows XP PCs Configure the Router Obtain an IP Address Automatically Static IP AddressAdvanced Proxies. Click Direct Connection to the Internet Enter the Gateway AddressPPPoE RASQuick and Easy Router Administration Cable/DSL Firewall Router’s Web-based UtilitySetup User Name and Password Static IPWAN IP Firewall Remote Upgrade Block WAN RequestMulticast Pass Through IPSec Pass ThroughEstablishing a Tunnel VPNLocal Secure Group and Remote Secure Group Remote Security Gateway Key Management AuthenticationEncryption Instant Broadband Series Advanced Settings for Selected IPSec Tunnel PhaseOther Settings PasswordStatus Dhcp Log Help Advanced FiltersInstant Broadband Series Forwarding UPnP Forwarding Port Triggering Dynamic Routing Static RoutingDMZ Host Address DMZ HostDMZ Port Current DMZ Host MAC Address CloneDynDNS.org DdnsTZO.com Appendix a TroubleshootingCommon Problems and Solutions For Windows 95, 98, and Me For Windows NTFor Windows XP For Windows XP Am not able to access the Router’s web interface Setup Can’t get the Internet game, server, or application to work To start over, I need to set the Router to factory default Click the Advanced = Filter tab Need to use port triggeringFrequently Asked Questions TCP/IP is compatible with the Router Appendix B Maximizing VPN Security Introduction EnvironmentWindows 2000 or Windows XP Step One Create an IPSec PolicyIP Address Filter List 1 win-routerStep Two Build Filter Lists Filter List 2 router=win Figure C-6Step Three Configure Individual Tunnel Rules Tunnel 1 win-routerRespond Using IPSec XYZ12345. Click String to Protect Negotiate Security Key exchange preShared key, as shown AcceptTunnel 2 router-win Action Require Security This string to protect Key ExchangePreshared key, XYZ12345Figure C-24 Step Four Assign New IPSec PolicyStep Five Create a Tunnel Through the Web-based Utility Figure C-28Appendix E How to Ping Your ISP’s E-mail & Web Addresses Appendix D Snmp FunctionsFigure E-1 Appendix F Installing the TCP/IP Protocol TCP/IP installation is now completeFigure G-1 For Windows NT, 2000, and XPFigure G-5 Appendix H Glossary 129 131 133 135 137 Appendix I Specifications EnvironmentalAppendix J Warranty Information Appendix K Contact InformationSales Information Web FTP SiteCopyright 2003 Linksys, All Rights Reserved
Top Page Image Contents