Belkin F5D7231B Wireless G Plus Router User Manual P74490 D F5D7231 4 man indd

Belkin International, Inc. Wireless G Plus Router P74490 D F5D7231 4 man indd

User manual 4

53
Using the Web-Based Advanced User Interface
53
section
2
1
3
4
5
6
7
8
9
10
WEP Setup
64-Bit WEP Encryption
1. Select “64-bit WEP” from the drop-down menu.
2. After selecting your WEP encryption mode, you can enter your
key by typing in the hex key manually, or you can type in a
passphrase in the “Passphrase” field and click “Generate” to
create a key.
A hex (hexadecimal) key is a combination of numbers and letters
from A–F and 0–9. For 64-bit WEP, you need to enter 10 hex keys.
For instance: AF 0F 4B C3 D4 = 64-bit WEP key
3. Click “Apply Changes” to finish. Encryption in the Router is now
set. Each of your computers on your wireless network will now
need to be configured with the same security settings.
WARNING: If you are configuring the Wireless G Plus Router from a
computer with a wireless client, you will need to ensure that security
is turned ON for this wireless client. If this is not done, your client will
lose its wireless connection.
5554
Using the Web-Based Advanced User Interface
5554
Using the Web-Based Advanced User Interface
128-Bit WEP Encryption
Note to Mac users: The Passphrase option will not operate with Apple
AirPort. To configure encryption for your Mac computer,
set the encryption using the manual method described in the
next section.
1. Select “128-bit WEP” from the drop-down menu.
2. After selecting your WEP encryption mode, you can enter your
key manually by typing in the hex key, or you can type in a
passphrase in the “Passphrase” field and click “Generate” to
create a key.
A hex (hexadecimal) key is a combination of numbers and
letters from A–F and 0–9. For 128-bit WEP, you need to enter
26 hex keys.
For instance: C3 03 0F AF 0F 4B B2 C3 D4 4B C3 D4 E7 = 128-bit WEP key
3. Click “Apply Changes” to finish. Encryption in the Router is now
set. Each of your computers on your wireless network will now
need to be configured with the same security settings.
WARNING: If you are configuring the Wireless G Plus Router from a
computer with a wireless client, you will need to ensure that security
is turned ON for this wireless client. If this is not done, your client will
lose its wireless connection.
55
Using the Web-Based Advanced User Interface
55
section
2
1
3
4
5
6
7
8
9
10
Changing the Wireless Security Settings
Your Router is equipped with WPA (Wi-Fi Protected Access), the
latest wireless security standard. It also supports the legacy security
standard, WEP (Wired Equivalent Privacy). By default, wireless
security is disabled. To enable security, you must first determine
which standard you want to use. To access the security settings, click
“Security” on the “Wireless” tab.
WPA Setup
Note: To use WPA security, all your clients must be upgraded to
drivers and software that support it. At the time of this User Manual’s
publication, a security patch download is available, for free, from
Microsoft. This patch works only with the Windows XP operating
system. You also need to download the latest driver for your Belkin
Wireless G Desktop or Notebook Network Card from the Belkin
support site. Other operating systems are not supported at this time.
Microsoft’s patch only supports devices with WPA-enabled drivers
such as Belkin 802.11g products.
WPA-PSK (no server) uses a so-called pre-shared key as the security
key. A pre-shared key is a password that is between eight and 63
characters long. It can be a combination of letters, numbers, and
other characters. Each client uses the same key to access the
network. Typically, this mode will be used in a home environment.
WPA2 is the second generation of WPA, offering a more advanced
encryption technique over WPA.
5756
Using the Web-Based Advanced User Interface
5756
Using the Web-Based Advanced User Interface
Setting WPA-PSK (no server)
1. From the “Security Mode” drop-down menu, select “WPA-PSK
(no server)”.
2. For “Encryption Technique”, select “TKIP” or “AES”. This setting
will have to be identical on the clients that you set up.
3. Enter your pre-shared key. This can be from eight to 63
characters and can be letters, numbers, or symbols. This
same key must be used on all of the clients that you set up.
For example, your PSK might be something like: “Smith family
network key”.
4. Click “Apply Changes” to finish. You must now set all clients to
match these settings.
57
Using the Web-Based Advanced User Interface
57
section
2
1
3
4
5
6
7
8
9
10
WPA2 Setup
1. From the “Security Mode” drop-down menu, select “WPA2”.
2. For “Encryption Technique”, select “AES”. This setting will have
to be identical on the clients that you set up.
3. Enter your pre-shared key. This can be from eight to 63
characters and can be letters, numbers, or symbols. This
same key must be used on all of the clients that you set up.
For example, your PSK might be something like: “Smith family
network key”.
4. Click “Apply Changes” to finish. You must now set all clients to
match these settings.
5958
Using the Web-Based Advanced User Interface
5958
Using the Web-Based Advanced User Interface
Connecting your computer to a wireless network that requires
WPA-PSK (no server):
1. Double-click the “Signal Indicator” icon to bring up the “Wireless
Network” screen. The “Advanced” button will allow you to view
and configure more of your Router’s options.
2. Under the “Wireless Network Properties” tab, select a network
name from the “Available Networks” list and click “Configure”.
3. Under “Network Authentication”, select “WPA-PSK”.
4. Type your WPA key in the “Network key” box.
Important: WPA-PSK is a combination of numbers and letters
from A–Z and 0–9. For WPA-PSK, you can enter eight to 63 keys.
This network key needs to match the key you assign to your
Wireless G Plus Router.
5. Click “OK” to save the settings.
59
Using the Web-Based Advanced User Interface
59
section
2
1
3
4
5
6
7
8
9
10
Connecting your computer to a wireless network that requires
WPA (with radius server):
1. Double-click the “Signal Indicator” icon to bring up the “Wireless
Network Properties” screen. The “Advanced” button will allow
you to view and configure more of your Router’s options.
2. Under the “Wireless Network Properties” tab, select a network
name from the “Available Networks” list and click “Configure”.
3. Under “Network Authentication”, select WPA.
4. Under the “Authentication” tab, select the settings that are
indicated by your network administrator.
5. Click “OK” to save the settings.
6160
Using the Web-Based Advanced User Interface
6160
Using the Web-Based Advanced User Interface
Setting up WPA for Wireless Desktop and Wireless
Notebook Cards that are NOT Manufactured by Belkin
If you do NOT have a Belkin WPA Wireless Desktop or Wireless
Notebook Card and it is not equipped with WPA-enabled software,
a file from Microsoft called “Windows XP Support Patch for Wireless
Protected Access” is available for free download.
Please Note: The file that Microsoft has made available works only
with Windows XP. Other operating systems are not supported at
this time.
Important: You also need to ensure that the wireless card
manufacturer supports WPA and that you have downloaded and
installed the latest driver from their support site.
Supported Operating Systems:
• Windows XP Professional
• Windows XP Home Edition
61
Using the Web-Based Advanced User Interface
61
section
2
1
3
4
5
6
7
8
9
10
Setting up Windows XP Wireless Network Utility to use
WPA-PSK
In order to use WPA-PSK, ensure you are using the Windows Wireless
Network Utility by doing the following:
1. Under Windows XP, click “Start > Control Panel > Network
Connections”.
2. Right-click on “Wireless Network Connection Properties”, and
select “Properties”.
3. Clicking on the “Wireless Networks” tab will display the following
screen. Ensure the “Use Windows to configure my wireless
network settings” box is checked.
6362
Using the Web-Based Advanced User Interface
6362
Using the Web-Based Advanced User Interface
4. Under the “Wireless Networks” tab, click the “Configure” button
and you will see the following screen.
5. For a home or small business user, select “WPA-PSK” under
“Network Authentication”.
Note: Select “WPA” if you are using this computer to connect to
a corporate network that supports an authentication server such
as a radius server. Please consult your network administrator for
further information.
6. Select “TKIP” or “AES” under “Data Encryption”. This setting will
have to be identical to the Router that you set up.
7. Type in your encryption key in the “Network key” box.
Important: Enter your pre-shared key. This can be from eight to 63
characters and can be letters, numbers, or symbols. This same key
must be used on all of the clients that you set up.
8. Click “OK” to apply settings.
63
Using the Web-Based Advanced User Interface
63
section
2
1
3
4
5
6
7
8
9
10
Using the Access Point Mode
Note: This advanced feature should be employed by advanced users
only. The Router can be configured to work as a wireless network
access point. Using this mode will defeat the NAT IP sharing feature
and DHCP server. In Access Point (AP) mode, the Router will need to
be configured with an IP address that is in the same subnet as the
rest of the network that you will bridge to. The default IP address
is 192.168.2.254 and subnet mask is 255.255.255.0. These can be
customized for your need.
1. Enable the AP mode my selecting “Enable” in the “Use as Access
Point only” page. When you select this option, you will be able to
change the IP settings.
2. Set your IP settings to match your network. Click
“Apply Changes”.
3. Connect a cable from the WAN port on the Router to your
existing network.
The Router is now acting as an access point. To access the
Router’s Web-Based Advanced User Interface again, type the IP
address you specified into your browser’s navigation bar. You
can set the encryption settings, MAC address filtering, SSID, and
channel normally.
6564
Using the Web-Based Advanced User Interface
6564
Using the Web-Based Advanced User Interface
Configuring the Firewall
Your Router is equipped with a firewall that will protect your network
from a wide array of common hacker attacks including:
• IP Spoofing
• SYN flood
• Land Attack
• UDP flooding
• Ping of Death (PoD)
• Tear Drop Attack
• Denial of Service (DoS)
• ICMP defect
• IP with zero length
• RIP defect
• Smurf Attack
• Fragment flooding
• TCP Null Scan
The firewall also masks common ports that are frequently used to
attack networks. These ports appear to be “Stealth”, meaning that for
all intents and purposes, they do not exist to a would-be hacker. You
can turn the firewall function off if needed; however, it is recommended
that you leave the firewall enabled. Disabling the firewall protection will
not leave your network completely vulnerable to hacker attacks, but it
is recommended that you leave the firewall enabled.
65
Using the Web-Based Advanced User Interface
65
section
2
1
3
4
5
6
7
8
9
10
Configuring Internal Forwarding Settings
The “Virtual Servers” function will allow you to route external (Internet)
calls for services such as a web server (port 80), FTP server (Port 21),
or other applications through your Router to your internal network.
Since your internal computers are protected by a firewall, computers
outside your network (over the Internet) cannot get to them because
they cannot be “seen.” A list of common applications has been
provided in case you need to configure the “Virtual Server” function for
a specific application. If your application is not listed, you will need to
contact the application vendor to find out which port settings you need.
Choosing an Application
Select your application from the drop-down list. Click “Add”. The
settings will be transferred to the next available space in the screen.
Click “Apply Changes” to save the setting for that application. To
remove an application, select the number of the row that you want to
remove, then click “Clear”.
Manually Entering Settings into the Virtual Server
To manually enter settings, enter the IP address in the space provided
for the internal (server) machine, the port(s) required to pass, select the
port type (TCP or UDP), and click “Apply Changes”. Each inbound port
entry has two fields with five characters maximum per field that allows
a start and end port range, e.g. [xxxxx]-[xxxxx]. For each entry, you
can enter a single port value by filling in the two fields with the same
value (e.g. [7500]-[7500]) or a wide range of ports (e.g. [7500]-[9000]).
If you need multiple single port values or a combination of ranges and
a single value, you must use multiple entries up to the maximum of 20
entries (e.g. 1. [7500]-[7500], 2. [8023]-[8023], 3. [9000]-[9000]). You
can only pass one port per internal IP address. Opening ports in your
firewall can pose a security risk. You can enable and disable settings
very quickly. It is recommended that you disable the settings when you
are not using a specific application.
6766
Using the Web-Based Advanced User Interface
6766
Using the Web-Based Advanced User Interface
Setting Client IP Filters
The Router can be configured to restrict access to the Internet, email,
or other network services at specific days and times. Restriction can be
set for a single computer, a range of computers, or multiple computers.
To restrict Internet access to a single computer, for example, enter
the IP address of the computer you wish to restrict access to in the IP
fields (1). Next, enter “80” in both the port fields (2). Select “Both” (3).
Select “Block” (4). You can also select “Always” to block access all
of the time. Select the day to start on top (5), the time to start on
top (6), the day to end on the bottom (7), and the time to stop (8) on
the bottom. Select “Enable” (9). Click “Apply Changes”. The computer
at the IP address you specified will now be blocked from Internet
access at the times you specified. Note: Be sure you have selected the
correct time zone under “Utilities> System Settings> Time Zone”.
(1) (2) (3) (4) (7) (8) (9)
(5) (6)
67
Using the Web-Based Advanced User Interface
67
section
2
1
3
4
5
6
7
8
9
10
Setting MAC Address Filtering
The MAC address filter is a powerful security feature that allows you
to specify which computers are allowed on the network. Any computer
attempting to access the network that is not specified in the filter list
will be denied access. When you enable this feature, you must enter
the MAC address of each client (computer) on your network to allow
network access to each. The “Block” feature lets you turn on and off
access to the network easily for any computer without having to add
and remove the computer’s MAC address from the list.
To enable this feature, select “Enable MAC Address Filtering” (1).
Next, enter the MAC address of each computer on your network by
clicking in the space provided (2) and entering the MAC address of
the computer you want to add to the list. Click “Add” (3), then “Apply
Changes” to save the settings. To delete a MAC address from the list,
simply click “Delete” next to the MAC address you wish to delete. Click
“Apply Changes” to save the settings.
Note: You will not be able to delete the MAC address of the computer
you are using to access the Router’s administrative functions (the
computer you are using now).
(1)
(2)
(3)
6968
Using the Web-Based Advanced User Interface
6968
Using the Web-Based Advanced User Interface
Enabling the Demilitarized Zone (DMZ)
The DMZ feature allows you to specify one computer on your network
to be placed outside of the firewall. This may be necessary if the
firewall is causing problems with an application such as a game or
video conferencing application. Use this feature on a temporary basis.
The computer in the DMZ is NOT protected from hacker attacks.
To put a computer in the DMZ, enter the last digits of its IP address in
the IP field and select “Enable”. Click “Apply Changes” for the change
to take effect.
69
Using the Web-Based Advanced User Interface
69
section
2
1
3
4
5
6
7
8
9
10
Blocking an ICMP Ping
Computer hackers use what is known as “pinging” to find potential
victims on the Internet. By pinging a specific IP address and receiving
a response from the IP address, a hacker can determine that something
of interest might be there. The Router can be set up so it will not
respond to an ICMP ping from the outside. This heightens the level of
security of your Router.
To turn off the ping response, select “Block ICMP Ping” (1) and click
“Apply Changes”. The Router will not respond to an ICMP ping.
(1)

Navigation menu