D Link D1624VC1 2.4 GHz Wireless Broadband Router User Manual DI 624 010603 pmd

D Link Corporation 2.4 GHz Wireless Broadband Router DI 624 010603 pmd

Contents

Users Manual 1

 High-Speed 2.4 GHzManualBuilding Networks for PeopleWireless  RouterD-Link AirPlusXtremeGDI-624DI-624DI-624DI-624DI-624TM
2ContentsPackage Contents ................................................................................3Introduction............................................................................................4Wireless Basics ....................................................................................8Getting Started ....................................................................................12Using the Configuration Menu..............................................................14Networking Basics ..............................................................................41Troubleshooting ...................................................................................70Technical Specifications ......................................................................77Contacting Technical Support ..............................................................80Warranty and Registration ...................................................................81
3Contents of Package:D-Link AirPlusXTREME G DI-624High-Speed 2.4GHz Wireless RouterPower Adapter-DC 5V, 3.0AManual and Warranty on CDQuick Installation GuideEthernet Cable Computers with Windows, Macintosh, or Linux-basedoperating systems with an installed Ethernet adapterPackage ContentsNote: Using a power supply with a different voltage rating than the one included with theDI-624 will cause damage and void the warranty for this product.If any of the above items are missing, please contact your reseller.System Requirements for Configuration: Ethernet-Based Cable or DSL Modem Internet Explorer Version 6.0 or Netscape NavigatorVersion 6.0 and Above
4IntroductionThe D-Link AirPlusXtremeG DI-624 High-Speed Wireless Router  is a draft 802.11g high-performance, wireless router that supports high-speed wireless networking at home, atwork or in public places.Unlike most routers, the DI-624 provides data transfers at up to 54 Mbps (compared tothe standard 11 Mbps) when used with other D-Link AirPlusXtremeG products. The802.11g standard is backwards compatible with 802.11b products.  This means that youdo not need to change your entire network to maintain connectivity.  You may sacrificesome of 802.11g’s speed when you mix 802.11b and 802.11g devices, but you will notlose the ability to communicate when you incorporate the 802.11g standard into your802.11b network. You may choose to slowly change your network by gradually replacingthe 802.11b devices with 802.11g devices .In addition to offering faster data transfer speeds when used with other 802.11g products,the DI-624 has the newest, strongest, most advanced security features available today.When used with other 802.11g WPA  (WiFi Protected Access) and 802.1x compatibleproducts in a network with a radius server, the security features include:WPA*: A new security feature, Wi-Fi Protected Access authorizes and identifies usersbased on a secret key that changes automatically at a regular interval.WPA uses TKIP (Temporal Key Integrity Protocol) to change the temporalkey every 10,000 packets (a packet is a kind of message transmitted over anetwork.) This insures much greater security than the standard WEP security.(By contrast, the older WEP encryption required the keys to be changedmanually.)802.1x: Authentication is a first line of defense against intrusion. In the Authenticationprocess the server verifies the identity of the client attempting to connect to thenetwork. Unfamiliar clients would be denied access.For  home users that will not incorporate a RADIUS server in their network, the securityfor the DI-624, used in conjunction with other 802.11g products, will still be much strongerthan ever before. Utilizing the Pre Shared Key mode of WPA, the DI-624 will obtain anew security key every time it connects to the 802.11g network.  You only need to inputyour encryption information once in the configuration menu.  No longer will you have tomanually input a new WEP key frequently to ensure security, with the DI-624, you willautomatically receive a new key every time you connect, vastly increasing the safety ofyour communications.*WPA will be available Spring 2003 as a free download
5ConnectionsThe Auto MDI/MDIX WAN port isthe connection forthe Ethernet cableto the Cable orDSL modemAuto MDI/MDIXLAN portsautomatically sensethe cable type whenconnecting toEthernet-enabledcomputers.Pressing theReset Buttonrestores therouter to itsoriginal factorydefault settings.Receptor forthe PowerAdapter
6LEDS     3. Wess Basics M2 LED - A solid light indicates that the unit is defective. M1 LED - A solid light indicates that the DI-614+ is ready. WAN LED - A solid light indicates connection on the WAN port.  This LED blinks during data transmission.POWER LED - A solid light indicates a proper connection to the power supply. WLAN LED - A solid light indicates that the wireless segment is ready.  This LED blinks during wireless data transmission. LOCAL NETWORK LED -  A solid light indicates a connection to an Ethernet-enabled computer on ports 1-4.  This LED blinks during data transmission. A solid light indicatesthat the unit is defective.DI-624 is ready.
7FeaturesWPA* (Wi Fi Protected Access) authorizes and identifies users based on asecret key that changes automatically at a regular interval, for example:802.1x Authentication in conjunction with the radius server verifies theidentity of would be clientsTKIP (Temporal Key Integrity Protocol), in conjunction with a RADIUSserver, changes the temporal key every 10,000 packets, ensuring greatersecurityPre Shared Key mode means that the home user, without a RADIUSserver, will obtain a new security key every time the he or she connectsto the network, vastly improving the safety of communications on thenetwork.Backwards compatible with the 802.11b standard to provide a wireless datarate of up to 11MbpsFully compatible with the 802.11g standard to provide a wireless data rate ofup to 54Mbps*WPA will be available Spring 2003 as a free downloadUtilizes OFDM technology (Orthogonal Frequency Division Multiplexing)User-friendly configuration and diagnostic utilitiesOperates in the 2.4GHz frequency rangeConnects multiple computers to a Broadband (Cable or DSL) modem toshare the Internet connectionIP FilteringAdvanced Firewall featuresDHCP server supported enables all networked computers to automaticallyreceive IP addressesWeb-based interface for Managing and ConfiguringAccess Control to manage users on the networkSupports special applications that require multiple connectionsEquipped with 4 10/100 Ethernet ports, 1 WAN port, Auto MDI/MDIXURL FilteringDomain BlockingSchedulingSupports NAT with VPN pass-through, providing added securityMAC Filtering
8D-Link wireless products are based on industry standards to provide easy-to-use and compatible high-speed wireless connectivity within your home, businessor wherever a wireless network is available. D-Link wireless  products will allowyou access to the data you want, when and where you want it. You will be ableto enjoy the freedom that wireless networking brings.A wireless local area network (WLAN) is a cellular computer network thattransmits and receives data with radio signals instead of wires. WLANs areused increasingly in both home and office environments, and public areas suchas airports, coffee shops and universities. Innovative ways to utilize WLANtechnology are helping people to work and communicate more efficiently.Increased mobility and the absence of cabling and other fixed infrastructurehave proven to be beneficial for many users.Wireless BasicsWireless users can use the same applications they use on a wired network.Wireless adapter cards used on laptop and desktop systems support the sameprotocols as Ethernet adapter cards.Under many circumstances, it may be desirable for mobile network devices tolink to a conventional Ethernet LAN in order to use servers, printers or an Internetconnection supplied through the wired LAN.  A Wireless Router is a device thatcan be used to provide this link.
9D-Link AirPlus DWL-800AP+Enhanced 2.4GHz Wireless Range ExtenderWireless Basics (continued)People use WLAN technology for many different purposes:Mobility - Productivity increases when people have access to data in anylocation within the operating range of the WLAN.  Management decisionsbased on real-time information can significantly improve worker efficiency.Low Implementation Costs – WLANs are easy to set up, manage,change and relocate. Networks that frequently change, both physically andlogically, can benefit from a WLAN’s ease of implementation.  WLANs canoperate in locations where installation of wiring may be impractical.Installation and Network Expansion - Installing a WLAN system can befast and easy and can eliminate the need to pull cable through walls andceilings. Wireless technology allows the network to go where wires cannotgo-even outside the home or office.Scalability – WLANs can be configured in a variety of ways to meet theneeds of specific applications and installations. Configurations are easilychanged and range from peer-to-peer networks suitable for a small numberof users to larger infrastructure networks to accommodate hundreds orthousands of users, depending on the number of wireless devices deployed.The DI-624 is  compatible with the following wireless products:D-Link Air DWL-650, D-Link AirPlus DWL-650+,D-Link AirPlus XtremeG DWL-G650Wireless Cardbus Adapters used with laptop computersD-Link Air DWL-520 and D-Link AirPlus DWL-520+,D-Link AirPlus XtremeG DWL-G520Wireless PCI cards used with desktop computersD-Link AirPlus DWL-900AP+ and DWL-2000AP+Enhanced 2.4GHz Wireless Access PointsInexpensive solution– Wireless network devices are as competitivelypriced as conventional Ethernet network devices.D-Link AirPlus DWL-810+Enhanced 2.4GHz Ethernet-to-Wireless Bridge
10Standards-Based TechnologyThe  DI-624 Wireless Broadband Router utilizes the new 802.11g standard.The IEEE 802.11g standard is an extension of the 802.11b standard.  It increasesthe data rate up to 54 Mbps within the 2.4GHz band, utilizing OFDM technology.This means that in most environments, within the specified range of this device,you will be able to transfer large files quickly or even watch a movie in MPEGformat over your network without noticeable delays. This technology works bytransmitting high-speed digital data over a radio wave utilizing OFDM (OrthogonalFrequency Division Multiplexing) technology. OFDM works by splitting the radiosignal into multiple smaller sub-signals that are then transmitted simultaneouslyat different frequencies to the receiver.  OFDM reduces the amount of crosstalk(interference) in signal transmissions. The D-Link DWL-G650 will automaticallysense the best possible connection speed to ensure the greatest speed andrange possible.802.11g offers the most advanced network security features available today,including: WPA , 802.1x, TKIP, AES and Pre-Shared Key mode.  These securityfeatures are explained in more detail in the Introduction and the Features sectionof this manual.The DI-624 is backwards compatible with 802.11b devices.  This means that ifyou have an existing 802.11b network, the devices in that network will becompatible with 802.11g devices at speeds of up to 11Mbps in the 2.4GHzrange. Also based on the IEEE 802.11b standard, the DI-624 is interoperablewith existing compatible 2.4GHz wireless technology with data transfer speedsof up to 11Mbps.Wireless Basics (continued)WPA will be available Spring 2003 as a free download1212802.11g standard is scheduled for ratification by IEEE Q3 2003
11Wireless Basics (continued)Installation ConsiderationsThe D-Link AirPlus  XtremeG DI-624 lets you access your network, using awireless connection, from virtually anywhere within its operating range. Keepin mind, however, that the number, thickness and location of walls, ceilings, orother objects that the wireless signals must pass through, may limit the range.Typical ranges vary depending on the types of materials and background RF(radio frequency) noise in your home or business. The key to maximizingwireless range is to follow these basic guidelines:1. Keep the number of walls and ceilings between the DI-624 and your    receiving device (e.g., the DWL-G650 or the DWL-650+) to a minimum - each wall or ceiling can reduce your D-Link AirPlus Wireless product’s    range from 3-90 feet (1-30 meters.) Position your receiving devices so    that the number of walls or ceilings is minimized.2. Be aware of the direct line between routers and computers. A wall that is    1.5 feet thick (.5 meters), at a 45-degree angle appears to be almost 3    feet (1 meter) thick. At a 2-degree angle it looks over 42 feet (14 meters)    thick! Position devices so that the signal will travel straight through a wall    or ceiling (instead of at an angle) for better reception.3. Building Materials can impede the wireless signal - a solid metal door or    aluminum studs may have a negative effect on range. Try to position    wireless devices and computers with wireless adapters so that the signal    passes through drywall or open doorways and not other materials.4. Keep your product away (at least 3-6 feet or 1-2 meters) from electrical    devices or appliances that generate RF noise.
12Getting StartedInfrastructure – using an Access Point, or Wireless Router,such as the DI-624.Ad-Hoc – directly connecting to another computer, for peer-to-peer communication, using wireless network adapters oneach computer, such as two or more DWL-G650 wirelessnetwork Cardbus adapters.On the following pages we will show you an example of an InfrastructureNetwork and an Ad-Hoc Network.An Infrastructure network contains an Access Point or a Wireless Router.The Infrastructure Network example shown on the following page containsthe following D-Link network devices (your existing network may becomprised of other devices):A wireless Router - D-Link AirPlus  DI-624A laptop computer with a wireless adapter -D-Link AirPro DWL-G650A desktop computer with a wireless adapter -D-Link AirPlusXtremeG DWL-G520, D-Link Air DWL-520,or D-Link AirPlus DWL-520+(D-Link Air devices have speeds up to 11Mbps)A Cable modem - D-Link DCM-200There are basically two modes of networking:
13Please remember that D-Link AirXtremeG wireless devices are pre-configured toconnect together, right out of the box, with their default settings.You will need broadband Internet access (a Cable or DSL-subscriber line intoyour home or office)Consult with your Cable or DSL provider for proper installation of the modemConnect the Cable or DSL modem to the DI-624 Wireless Broadband Router(see the printed Quick Installation Guide included with your router.)If you are connecting a desktop computer to your network, install the D-LinkAirPlus XtremeG DWL-G520 wireless PCI adapter into an available PCI slot onyour desktop computer. You may also install the DWL-520+, or the DWL-520.(See the printed Quick Installation Guide included with the network adapter.)Install the drivers for the D-Link DWL-G650 wireless Cardbus adapter into alaptop computer.(See the printed Quick Installation Guide included with the DWL-G650.)Getting StartedFor a typical wireless setup at home (as shown above), please do thefollowing:Setting up aWirelessInfrastructureNetwork1234Install the drivers for the D-Link DFE-530TX wireless Cardbus adapter into adesktop computer. The four Ethernet LAN ports of the DI-624 are Auto MDI/MDIXand will work with both Straight-Through and Cross-Over cable.(See the printed Quick Installation Guide included with the DFE-530TX.)65
14Note:  if you have changed the default IP Address assigned to the DI-624, make sure toenter the correct IP Address. Type admin in the User Name fieldLeave the Password                      blankClick NextConnect to 192.168.0.1adminUsing the Configuration MenuHome > WizardThe  Home>Wizardscreen will appear.Please refer to theQuick InstallationGuide for more infor-mation regarding theSetup Wizard.After you have completed the Setup Wizard (please see the Quick Installation Guide thatcame with the product) you can access the Configuration menu at any time by openingthe web browser and typing in the IP Address of the DI-624. The DI-624 default IP Addressis shown below:    Open the web browser    Type in the IP Address of the               Routerhttp://192.168.0.1
15Using the Configuration MenuHome > WirelessApply- Click Apply to save the changes.Keys 1-4- Input up to 4 WEP keys; select the one you wish to use.Passphrase- When you select Key Type: ASCII, you can enter a Passphrasefor any or all of Keys 1-4Key Type- Select HEX or ASCIIWEP Encryption- Select the level of encryption desired: 64-bit, or 128-bitSSID- Service Set Identifier (SSID) is the name designated for a spe-cific wireless local area network (WLAN). The SSID’s factorydefault setting is default. The SSID can be easily changed toconnect to an existing wireless network or to establish a newwireless network.WEP- Wired Equivalent Privacy (WEP) is a wireless security protocolfor Wireless Local Area Networks (WLAN). WEP provides secu-rity by encrypting the data that is sent over the WLAN. SelectEnabled or Disabled. Disabled is the default setting. (Note: Ifyou enable encryption on the DI-624 make sure to also enableencryption on all the wireless clients or wireless connection willnot be established.)Channel- 6 is the default channel. All devices on the network must sharethe same channel. (Note: The wireless adapters will automati-cally scan and match the wireless setting.)
16Using the Configuration MenuHome > WAN > Dynamic IP AddressDI-754Host Name- The Host Name is optional but may be required by some ISPs.The default host name is the device name of the Router and maybe changed.MAC Address- The default MAC Address is set to the WAN’s physical inter-face MAC address on the Broadband Router. It is not recom-mended that you change the default MAC address unless re-quired by your ISP.Apply- Click Apply to save the changes.CloneMAC Address-The default MAC address is set to the WAN’s physical interfaceMAC address on the Broadband Router. You can use the “CloneMAC Address” button to copy the MAC address of the EthernetCard installed by your ISP and replace the WAN MAC addresswith the MAC address of the router. It is not recommended thatyou change the default MAC address unless required by yourISP.DynamicIP Address-Choose Dynamic IP Address to obtain IP Address informationautomatically from your ISP. Select this option if your ISP doesnot give you any IP numbers to use. This option is commonlyused for Cable modem services.
17Using the Configuration MenuHome > WAN > Static IP AddressStatic IP Address- IP Address-Subnet Mask-ISPGateway Address-PrimaryDNS Address-SecondaryDNS Address-Apply-Choose Static IP Address if all WAN IP information is provided toyou by your ISP. You will need to enter in the IP address, subnetmask, gateway address, and DNS address(es) provided to youby your ISP. Each IP address entered in the fields must be in theappropriate IP form, which are four octets separated by a dot(x.x.x.x). The Router will not accept the IP address if it is not inthis format. Input the public IP Address provided by your ISPInput your Subnet mask. (All devices in the network must havethe same subnet mask.)Input the public IP address of the ISP to which you are connect-ingInput the primary DNS (Domain Name Server) IP address pro-vided by your ISPThis is optionalClick Apply to save the changes.
18Using the Configuration MenuHome > WAN > PPPoEPlease be sure toremove any existingPPPoE client softwareinstalled on yourcomputers. Choose PPPoE (Point toPoint Protocol overEthernet) if your ISP usesa PPPoE connection. YourISP will provide you with ausername and password.This option is typicallyused for DSL services. Se-lect Dynamic PPPoE to ob-tain an IP address auto-matically for your PPPoEconnection. Select StaticPPPoE to use a static IPaddress for your PPPoeEconnection.Maximum IdleTime-The amount of time of inactivity before disconnecting your PPPoEsession. Enter a Maximum Idle Time (in minutes) to define amaximum period of time for which the Internet connection is main-tained during inactivity. If the connection is inactive for longerthan the defined Maximum Idle Time, then the connection will bedropped. Either set this to zero or enable Auto-reconnect to dis-able this feature.         (Continued on the next page)PPPoE-Static PPPoE-you have an assigned (static) IP Address.Choose this option if your ISP uses PPPoE. (Most DSL userswill select this option.)Dynamic PPPoE- receive an IP Address automatically fromyour ISP.User Name- Your PPPoE username provided by your ISP.Retype Password- Re-enter the PPPoE passwordService Name- Enter the Service Name provided by your ISP (optional).IP Address- This option is only available for Static PPPoE. Enter the static IPAddress for the PPPoE connection.Primary DNSAddress- Primary DNS IP address provided by our ISPSecondaryDNS Address- This option is only available for Static PPPoE. Enter the static IPAddress for the PPPoE connection.
19Using the Configuration MenuHome > WAN > PPPoE continuedHome > LANLAN is short for Local Area Network. This is considered your internal network. These arethe IP settings of the LAN interface for the DI-624. These settings may be referred to asPrivate settings. You may change the LAN IP address if needed. The LAN IP address isprivate to your internal network and cannot be seen on the Internet.Apply- Click Apply to save the changes.Auto-reconnect- If enabled, the DI-754 will automatically connect to your ISP af-ter your system is restarted or if the PPPoE connection is dropped.MTU- Maximum Transmission Unit-1492 is the default setting-you mayneed to change the MTU for optimal performance with yourspecific ISP.Apply- Click Apply to save the changes.Local Domain Name- This field is optional. Enter in the local domain name.Subnet Mask- The subnet mask of the LAN interface.The default subnet mask is 255.255.255.0IP Address- The IP address of the LAN interface. The default IP address is:192.168.0.1
20Using the Configuration MenuHome > DHCPDHCP stands for Dynamic Host Control Protocol. The DI-624 has a built-in DHCP server.The DHCP Server will automatically assign an IP address to the computers on the LAN/private network. Be sure to set your computers to be DHCP clients by setting their TCP/IP settings to “Obtain an IP Address Automatically.” When you turn your computers on,they will automatically load the proper TCP/IP settings provided by the DI-624. TheDHCP Server will automatically allocate an unused IP address from the IP address poolto the requesting computer. You must specify the starting and ending address of the IPaddress pool.DHCP Server- Select Enabled or Disabled. The default setting is Enabled.StartingIP Address- The starting IP address for the DHCP server’s IP assignmentEndingIP Address- The ending IP address for the DHCP server’s IP assignmentLease Time- The length of time for the IP lease. Enter the Lease time. Thedefault setting is one hourApply- click Apply to save the changesDI-754
21Advanced > Virtual ServerUsing the Configuration MenuThe DI-624 can be configured as a virtual server so that remote users accessing Webor FTP services via the public IP address can be automatically redirected to localservers in the LAN (Local Area Network).The DI-624 firewall feature filters out unrecognized packets to protect your LANnetwork so all computers networked with the DI-624 are invisible to the outside world.If you wish, you can make some of the LAN computers accessible from the Internetby enabling Virtual Server. Depending on the requested service, the DI-624 redirectsthe external service request to the appropriate server within the LAN network.
22Advanced > Virtual Server continuedUsing the Configuration MenuThe DI-624 is also capable of port-redirection meaning incoming traffic to a particularport may be redirected to a different port on the server computer.Each virtual service that is created will be listed at the bottom of the screen in theVirtual Servers List. There are pre-defined virtual services already in the table. Youmay use them by enabling them and assigning the server IP to use that particularvirtual service.Example #1:If you have a Web server that you wanted Internet users to access at all times, youwould need to enable it. Web (HTTP) server is on LAN (Local Area Network)computer 192.168.0.25. HTTP uses port 80, TCP.Name: Web ServerPrivate IP: 192.168.0.25Protocol Type: TCPPrivate Port: 80Public Port: 80Schedule: alwaysProtocol Type- The protocol used for the virtual servicePublic Port- The port number on the WAN (Wide Area Network) side that willbe used to access the virtual service.Private Port- The port number of the service used by the Private IP computerSchedule- The schedule of time when the virtual service will be enabled.The schedule may be set to Always, which will allow theparticular service to always be enabled. If it is set to Time,select the time frame for the service to be enabled. If thesystem time is outside of the scheduled time, the service willbe disabled.Apply- Click Apply to save the changes.Virtual Server- Select Enabled or DisabledName- Enter the name referencing the virtual servicePrivate IP- The server computer in the LAN (Local Area Network) that will beproviding the virtual services.
23 Example #2:If you have an FTP server that you wanted Internet users to access by WAN port2100 and only during the weekends, you would need to enable it as such. FTPserver is on LAN computer 192.168.0.30. FTP uses port 21, TCP.Name: FTP ServerPrivate IP: 192.168.0.30Protocol Type: TCPPrivate Port: 21Public Port: 2100Schedule: From: 01:00AM to 01:00AM, Sat to SunUsing the Configuration MenuAdvanced > Virtual Server continuedClick on this icon to edit the virtual serviceClick on this icon to delete the virtual serviceAll Internet users who want to access this FTP Servermust connect to it from port 2100. This is an example ofport redirection and can be useful in cases where thereare many of the same servers on the LAN network.
24Using the Configuration MenuAdvanced > ApplicationsSome applications require multiple connections, such as Internet gaming, videoconferencing, Internet telephony and others. These applications have difficultiesworking through NAT (Network Address Translation). Special Applications makessome of these applications work with the DI-624. If you need to run applications thatrequire multiple connections, specify the port normally associated with an applicationin the “Trigger Port” field, select the protocol type as TCP or UDP, then enter thepublic ports associated with the trigger port to open them for inbound traffic.The DI-624 provides some predefined applications in the table on the bottom of theweb page. Select the application you want to use and enable it.Note! Only one PC can use each Special Application tunnel.Name: This is the name referencing the special application.Trigger Port: This is the port used to trigger the application. It can be eithera single port or a range of ports.Trigger Type: This is the protocol used to trigger the special application.Public Port: This is the port number on the WAN side that will be used toaccess the application. You may define a single port or arange of ports. You can use a comma to add multiple ports orport ranges.Public Type: This is the protocol used for the special application.Apply: Click Apply to save the changes
25Using the Configuration MenuAdvanced > Filters > IP FiltersFilters are used to deny or allow LAN (Local Area Network) computers from accessingthe Internet. The DI-624 can be setup to deny internal computers by their IP or MACaddresses. The DI-624 can also block users from accessing restricted web sites.Click Apply to save changes.Apply:This is the schedule of time when the IP Filter will be enabled.Schedule:Select the protocol typeProtocol Type:Use IP Filters to deny LAN IP addresses from accessing theInternet. You can deny specific port numbers or all ports forthe specific IP address.IP FiltersThe single port or port range that will be denied access to theInternet.Port:The IP address of the LAN computer that will be deniedaccess to the Internet.IP:
26Using the Configuration MenuAdvanced > Filters > URL BlockingFilters-URL Blocking is used to deny LAN computers from accessing specific web sites bythe URL. A URL is a specially formatted text string that defines a location on theInternet. If any part of the URL contains the blocked word, the site will not beaccessible and the web page will not display. To use this feature, enter the text stringto be blocked  and click Apply. The text to be blocked  will appear in the list. Todelete the text, just highlight it and click Delete.Select the filter you wish to use; in this case, URL Blockingwas chosen.Apply- Click Apply to save the changes.Keywords- Block URLs which contain keywords listed below.Enter the keywords in this space.URL Blocking- Select Enabled or Disabled.
27Using the Configuration MenuAdvanced > Filters > MAC FiltersUse MAC (Media Access Control) Filters to allow or deny LAN (Local Area Network)computers by their MAC addresses from accessing the Network. You can either manuallyadd a MAC address or select the MAC address from the list of clients that are currentlyconnected to the Broadband Router.MAC Filters- Choose Disable MAC filters; allow MAC addresses listed be-low; or deny MAC addresses listed below.Filters-Name- Enter the name here.MAC Address- Enter the MAC Address.DHCP Client- Select a DHCP client from the pull-down list; click Clone tocopy that MAC AddressApply- Click Apply to save the changes.Select the filter you wish to use; in this case, MAC filters waschosen.
28Using the Configuration MenuAdvanced > Filters > Domain BlockingFilters-Domain Blocking:Blocked Domains-PermittedDomains-Apply-Domain Blocking is used to allow or deny LAN (Local Area Network) computers fromaccessing specific domains on the Internet. Domain blocking will deny all requests to aspecific domain such as http and ftp. It can also allow computers to access specificsites and deny all other sites.Select the filter you wish to use; in this case, Domain Blockingwas chosen.Disabled-Allow-Deny-Enter the Permitted Domains in this fieldEnter the Blocked Domains in this fieldClick Apply to save the changes.Select Disabled to disable Domain BlockingAllows users to access all domains except Blocked DomainsDenies users  access to  all domains exceptPermitted Domains
29Using the Configuration MenuAdvanced > FirewallFirewall Rules is an advanced feature used to deny or allow traffic from passingthrough the DI-624. It works in the same way as IP Filters with additional settings.You can create more detailed access rules for the DI-624. When virtual services arecreated and enabled, it will also display in Firewall Rules. Firewall Rules contain allnetwork firewall rules pertaining to IP (Internet Protocol).In the Firewall Rules List at the bottom of the screen, the priorities of the rules arefrom top (highest priority) to bottom (lowest priority.)Note: The DI-624 MAC Address filtering rules have precedence over the FirewallRules.Firewall Rules- Enable or disable the FirewallName- Enter the nameAction- Allow or DenySource- Enter the IP Address rangeSchedule- Select Always or enter the Time Range.Apply- Click Apply to save the changes.Destination- Enter the IP Address range; the Protocol;and the Port Range
30Advanced > DMZUsing the Configuration MenuIf you have a client PC that cannot run Internet applications properly from behind theDI-624, then you can set the client up for unrestricted Internet access. It allows acomputer to be exposed to the Internet. This feature is useful for gaming purposes.Enter the IP address of the internal computer that will be the DMZ host. Adding aclient to the DMZ (Demilitarized Zone) may expose your local network to a variety ofsecurity risks, so only use this option as a last resort.DMZ- Enable or Disable the DMZ. The DMZ (Demilitarized Zone)allows a single computer to be exposed to the internet.  Bydefault the DMZ is disabled.IP Address-Apply-Enter the IP Address of the computer to be in the DMZClick Apply to save the changes.
31Using the Configuration MenuAdvanced > PerformancePreamble Type- Select Short or Long Preamble. The Preamble defines thelength of the CRC block (Cyclic Redundancy Check is a com-mon technique for detecting data transmission errors) for com-munication between the wireless router and the roaming wire-less network adapters. Auto is the default setting. Note: Highnetwork traffic areas should use the shorter preamble type.WirelessPerformance-Displayed in this win-dow are the WirelessPerformance fea-tures for the AccessPoint portion of theDI-624.Beacon Interval- Beacons are packets sent by an Access Point to synchronize awireless network. Specify a value. 100 is the default setting andis recommended.RTS Threshold- This value should remain at its default setting of 2432. If inconsis-tent data flow is a problem, only a minor modification should bemade.Fragmentation- The fragmentation threshold, which is specified in bytes, deter-mines whether packets will be fragmented. Packets exceedingthe 2346 byte setting will be fragmented before transmission.2346is the default settingApply- Click  Apply to save changesDTIM interval- (Delivery Traffic Indication Message) 3 is the default setting. ADTIM is a countdown informing clients of the next window forlistening to broadcast and multicast messages.
32Using the Configuration MenuTools> AdminClick  Apply to save the changesAt this page, the DI-624 administrator can change the system password. There are twoaccounts that can access the Broadband Router’s Web-Management interface. Theyare admin and user. Admin has read/write access while user has read-only access. Usercan only view the settings but cannot make any changes.Administrator-Password-Remote Management- Remote management allows the DI-624 to be configured fromthe Internet by a web browser. A username and password is still required to access theWeb-Management interface. In general, only a member of your network can browse thebuilt-in web pages to perform Administrator tasks. This feature enables you to performAdministrator tasks from the remote (Internet) host.admin is the Administrator login nameEnter the password and enter again to confirmUser-Password-user is the User login nameEnter the password and enter again to confirmIP Address- The Internet IP address of the computer that has access to the BroadbandRouter. If you input an asterisk (*) into this field, then any computer will be able to accessthe Router. Putting an asterisk (*) into this field would present a security risk and is notrecommended.Port- The port number used to access the Broadband Router.Example- http://x.x.x.x:8080 where x.x.x.x is the WAN IP address of the BroadbandRouter and 8080 is the port used for the Web-Mangement interface.Apply-
33Using the Configuration MenuTools > TimeTime Zone- Select the Time Zone from the pull-down menu.DaylightSaving-To select Daylight Saving time manually, select enabled or dis-abled, and enter a start date and an end date for daylight savingtime.Set the Time- To manually input the time, enter the values in these fields forthe Year, Month, Day, Hour, Minute, and Second. Click Set Time.DefaultNTP Server- NTP is short for Network Time Protocol. NTP synchronizes com-puter clock times in a network of computers.This field is optional.Apply- Click Apply to save the changes.
34Using the Configuration MenuTools > SystemThe current system settings can be saved as a file onto the local hard drive. The savedfile or any other saved setting file can be loaded back on the Broadband Router. To reloada system settings file, click on Browse to browse the local hard drive and locate thesystem file to be used. You may also reset the Broadband Router back to factory set-tings by clicking on Restore.Click Save to save the current settings to the local Hard DriveClick Browse to find the settings, then click LoadSave Settings toLocal Hard Drive-Load Settings fromLocal Hard Drive-Restore to FactoryDefault Settings- Click Restore to restore the factory default settings
35Using the Configuration MenuTools > FirmwareFirmware Upgrade-Browse-Click on the link in this screen to find out if there is an updatedfirmware; if so, download the new firmware to your hard drive.After you have downloaded the new firmware, click Browse inthis window to locate the firmware update on your hard drive.Click Apply to complete the firmware upgrade.You can upgrade the firmware of the Router here. Make sure the firmware you want touse is on the local hard drive of the computer. Click on Browse to browse the local harddrive and locate the firmware to be used for the update. Please check the D-Link supportsite for firmware updates at http://support.dlink.com. You can download firmware up-grades to your hard drive from the D-Link support site.
36Using the Configuration MenuTools > MiscPing Test-Restart Device-Block WAN Ping-Discard Ping fromWAN side-VPNPass Through-PPTP- select Enabled or DisabledIPSec- select Enabled or DisabledApply-The Ping Test is used tosend Ping packets to test ifa computer is on theInternet. Enter the IP Ad-dress that you wish to Ping,and click PingIf you choose to block WANPing, the WAN IP Addressof the DI-624 will not respondto pings. Blocking the Pingmay provide some extra se-curity from hackers.The DI-624 supports VPN (Virtual Private Network) pass-throughfor both PPTP (Point-to-Point Tunneling Protocol) and IPSec(IP Security). Once VPN pass-through is enabled, there is noneed to open up virtual services. Multiple VPN connections canbe made through the DI-624. This is useful when you have manyVPN clients on the LAN network.Click Reboot to restart theDI-624Click Enabled to block theWAN pingClick Apply to save changesUPNP-Gaming Mode-Dynamic DNS-To use the Universal Plug and Play feature click on Enabled. UPNPprovides compatibility with networking equipment, software and periph-erals of the over 400 vendors that cooperate in the Plug and Play forum.Gaming mode allows a form of pass-through for certain Internet Games.If you are using XBOX, Playstation2 or a PC, make sure you are usingthe latest firmware and Gaming Mode is enabled. To utilize GamingMode, click Enabled. If you are not using a Gaming application, it isrecommended that you Disable Gaming Mode.Dynamic Domain Name System is a method of keeping a domain namelinked to a changing IP Address. This is a useful feature since manycomputers do not use a static IP address.
37Using the Configuration MenuStatus > Device InfoThis page displays the current information for the DI-624. It will display the LAN, WANand MAC address information.If your WAN connection is set up for a Dynamic IP address then a Release button anda Renew button will be displayed. Use Release to disconnect from your ISP and useRenew to connect to your ISP.If your WAN connection is set up for PPPoE, a Connect button and a Disconnect buttonwill be displayed. Use Disconnect to drop the PPPoE connection and use Connect toestablish the PPPoE connection.This window will show the DI-624’s working status:WANIP Address: WAN/Public IP AddressSubnet Mask: WAN/Public Subnet MaskGateway: WAN/Public Gateway IP AddressDomain Name Server: WAN/Public DNS IP AddressWAN Status: WAN Connection StatusLANIP Address: LAN/Private IP Address of the DI-624Subnet Mask: LAN/Private Subnet Mask of the DI-624WirelessMAC Address: Displays the MAC addressSSID: Displays the current SSIDChannel: Displays the current channelWEP: indicates whether WEP is enabled or disabled
38The Broadband Router keeps a running log of events and activities occurring on theRouter. If the device is rebooted, the logs are automatically cleared. You may save the logfiles under Log Settings.Using the Configuration MenuStatus > LogView Log-DI-754First Page - The first page of the logLast Page - The last page of the logPrevious - Moves back one log pageNext - Moves forward one log pageClear - Clears the logs completelyLog Settings - Brings up the page to configure the log
39Using the Configuration MenuStatus > Log > Log SettingsLog Settings-Not only does the Broadband Router display the logs of activities and events, it can setupto send these logs to another location.SMTP Server/IP Address - The address of the SMTP server that will be used tosend the logsEmail Address - The email address to which the logs will be sent.Click on Send Mail Now to send the email.Click Apply to save the changes.
40Status > WirelessUsing the Configuration MenuStatus > StatsThe screen above displays theTraffic Statistics. Here you can view the amount of pack-ets that pass through the DI-624 on both the WAN and the LAN ports. The traffic counterwill reset if the device is rebooted.The wireless client table displays a list of current connected wireless clients. Thistable also displays the connection time and MAC address of the connected wirelessclient.Click on Help at any time, for more information.

Navigation menu