Linksys BEFSX41 manual 137

Page 72

Instant Broadband® Series

et than just its source and destination information. It is called "stateful" because verifies that the stated destination computer has previously requested the cur- rent communication. In this way, it verifies that all communications are initiat- ed by the recipient computer and are taking place only with sources that are known and trusted from previous interactions. In addition to being a more rig- orous inspection, stateful packet inspection closes off ports until connection to the specific port is requested. This allows an added layer of protection from the threat of port scanning.

Static IP Address - A permanent IP address that is assigned to a node in an IP or a TCP/IP network.

Static Routing - Forwarding data in a network via a fixed path. Static routing cannot adjust to changing line conditions as can dynamic routing.

Subnet Mask - The method used for splitting IP networks into a series of sub- groups, or subnets. The mask is a binary pattern that is matched up with the IP address to turn part of the host ID address field into a field for subnets.

Switch - 1. A data switch connects computing devices to host computers, allowing a large number of devices to share a limited number of ports. 2. A device for making, breaking, or changing the connections in an electrical cir- cuit.

TCP (Transmission Control Protocol) - A method (protocol) used along with the IP (Internet Protocol) to send data in the form of message units (datagram) between network devices over a LAN or WAN. While IP takes care of handling the actual delivery of the data (routing), TCP takes care of keeping track of the individual units of data (called packets) that a message is divided into for effi- cient delivery over the network. TCP is known as a "connection oriented" pro- tocol due to requiring the receiver of a packet to return an acknowledgment of receipt to the sender of the packet resulting in transmission control.

TCP/IP (Transmission Control Protocol/Internet Protocol) - The basic com- munication language or set of protocols for communications over a network (developed specifically for the Internet). TCP/IP defines a suite or group of protocols and not only TCP and IP.

Telnet - A terminal emulation protocol commonly used on the Internet and TCP/IP-based networks. It allows a user at a terminal or computer to log onto a remote device and run a program.

EtherFast® Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint

TFTP (Trivial File Transfer Protocol) - A version of the TCP/IP FTP protocol that has no directory or password capability.

Throughput - The amount of data moved successfully from one place to another in a given time period.

UDP (User Datagram Protocol) - A method (protocol) used along with the IP (Internet Protocol) to send data in the form of message units (datagram) between network devices over a LAN or WAN. While IP takes care of handling the actual delivery of the data (routing), UDP takes care of keeping track of the individual units of data (called packets) that a message is divided into for effi- cient delivery over the network. UDP is known as a "connection-less" protocol due to NOT requiring the receiver of a packet to return an acknowledgment of receipt to the sender of the packet (as opposed to TCP).

Upgrade - To replace existing software or firmware with a newer version.

Upload - To transmit a file over a network. In a communications session, upload means transmit, download means receive.

URL (Uniform Resource Locator) - The address that defines the route to a file on the Web or any other Internet facility. URLs are typed into the browser to access Web pages, and URLs are embedded within the pages themselves to pro- vide the hypertext links to other pages.

VPN (Virtual Private Network) - A technique that allows two or more LANs to be extended over public communication channels by creating private commu- nication subchannels (tunnels). Effectively, these LANs can use a WAN as a single large "virtually private" LAN. This removes the need to use leased lines for WAN communications through secure use of a publicly available WAN (such as the Internet). Examples of VPN technology are: PPTP (Point to Point Tunneling Protocol), L2TP (Layer 2 Tunneling Protocol), and IPSec (Internet Protocol Security).

VPN end point - VPN end point capability within a router provides the ability to initiate a VPN tunnel to some other location that supports either a VPN client or has VPN end point capability.

WAN (Wide Area Network)- A communications network that covers a rela- tively large geographic area, consisting of two or more LANs. Broadband com- munication over the WAN is often through public networks such as the tele-

136

137

Image 72
Contents User Guide Copyright & Trademarks Table of Contents Features IntroductionEnvironmental 139 An Introduction to LANs and WANs IP AddressesNetwork Setup Overview Why Do I Need a VPN?Your Virtual Private Network VPN What is a Virtual Private Network? Firewall Router to Firewall RouterPower Router’s Back PanelModem connection will not work from any other port PortsWAN and LAN LEDs Router’s Front Panel LEDsProceed to Connect the Router Connecting Your Hardware Together and Booting Up Router’s hardware installation is now completeConnect the Router OverviewConfigure the PCs Configuring Windows 95, 98, and Millennium PCsGo to Configure the Router Configuring Windows 2000 PCsConfiguring Windows XP PCs Configure the Router Obtain an IP Address Automatically Static IP AddressAdvanced Proxies. Click Direct Connection to the Internet Enter the Gateway AddressPPPoE RASQuick and Easy Router Administration Cable/DSL Firewall Router’s Web-based UtilitySetup User Name and Password Static IPWAN IP Firewall Remote Upgrade Block WAN RequestMulticast Pass Through IPSec Pass ThroughEstablishing a Tunnel VPNLocal Secure Group and Remote Secure Group Remote Security Gateway Authentication EncryptionKey Management Instant Broadband Series Advanced Settings for Selected IPSec Tunnel PhaseOther Settings PasswordStatus Dhcp Log Help Advanced FiltersInstant Broadband Series Forwarding UPnP Forwarding Port Triggering Dynamic Routing Static RoutingDMZ Host DMZ PortDMZ Host Address Current DMZ Host MAC Address CloneDynDNS.org DdnsAppendix a Troubleshooting Common Problems and SolutionsTZO.com For Windows NT For Windows XPFor Windows 95, 98, and Me For Windows XP Am not able to access the Router’s web interface Setup Can’t get the Internet game, server, or application to work To start over, I need to set the Router to factory default Click the Advanced = Filter tab Need to use port triggeringFrequently Asked Questions TCP/IP is compatible with the Router Appendix B Maximizing VPN Security Introduction EnvironmentWindows 2000 or Windows XP Step One Create an IPSec PolicyFilter List 1 win-router Step Two Build Filter ListsIP Address Filter List 2 router=win Figure C-6Step Three Configure Individual Tunnel Rules Tunnel 1 win-routerRespond Using IPSec XYZ12345. Click String to Protect Negotiate Security Key exchange preShared key, as shown AcceptTunnel 2 router-win Action Require Security This string to protect Key ExchangePreshared key, XYZ12345Figure C-24 Step Four Assign New IPSec PolicyStep Five Create a Tunnel Through the Web-based Utility Figure C-28Appendix E How to Ping Your ISP’s E-mail & Web Addresses Appendix D Snmp FunctionsFigure E-1 Appendix F Installing the TCP/IP Protocol TCP/IP installation is now completeFigure G-1 For Windows NT, 2000, and XPFigure G-5 Appendix H Glossary 129 131 133 135 137 Appendix I Specifications EnvironmentalAppendix J Warranty Information Appendix K Contact InformationSales Information Web FTP SiteCopyright 2003 Linksys, All Rights Reserved