User Guide 04 - Powerline Etherneteurope.corinex.com/web/docx.nsf/0/D6D58D827533953... · 5 End...
117
Transcript of User Guide 04 - Powerline Etherneteurope.corinex.com/web/docx.nsf/0/D6D58D827533953... · 5 End...
2
3
4
Copyright This document, as well as the software described in it, is furnished under license and may be used or copied only in accordance with the terms of the license. The content of this document is furnished for informational use only, it is subject to change without notice, and it does not represent a commitment on the part of Corinex Communications Corp. Corinex Communications Corp. assumes no responsibility or liability for any errors or inaccuracies that may appear in this document. It is our policy to enhance our products as new technologies, hardware components, software and firmware become available; therefore, the information contained in this document is subject to change without notice. Some features, functions, and operations described in this document may not be included and sold in certain countries due to government regulations or marketing policies. The use of the product or its features described in this document may be restricted or regulated by law in some countries. If you are unsure which restrictions or regulations apply, you should consult your regional Corinex office or the authorized reseller. Published by: Corinex Communications Corp. World Trade Center 404-999 Canada Place Vancouver, B.C. Canada V6C 3E2 Tel.: +1 604 692 0520 Fax: +1 604 694 0061 Corinex is a registered trademark of Corinex Communications Corp. Apple, MAC OS X are either registered trademarks or trademarks of Apple Computer, Inc. in the U.S.A. and/or other countries. Microsoft, MS-DOS, MS, Windows are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other countries. All products or company names mentioned herein may be the trademarks of their respective owners. Copyright (c) 2001-2004 by Corinex Communications Corp. NOTE: This equipment has been tested and found to comply with the limits for a Class B information technology equipment. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference, the end user is advised to take adequate measures.
5
End User License Agreement CORINEX COMMUNICATIONS CORPORATION This End User License Agreement (“EULA”) is a legal agreement between you and CORINEX COMMUNICATIONS CORPORATION (“CORINEX”) with regard to the copyrighted Software provided with this EULA. Use of any software and related documentation (“Software”) provided with a CORINEX hardware product, or made available by downloading or otherwise to you by CORINEX in whatever form or media, will constitute your acceptance of these terms, unless separate terms are provided by the software supplier, in which case certain additional or different terms may apply. If you do not agree with the terms of this EULA, do not download, install, copy or use the Software. 1. Licence Grant. CORINEX grants to you a personal, non-transferable and non-exclusive right to use the copy of the Software provided with this EULA. You agree you will not copy the Software except as necessary to use it on a single hardware product system. You agree that you may not copy the written materials accompanying the Software. Modifying, translating, renting, copying, transferring or assigning all or part of the Software, or any rights granted hereunder, to any other persons, and removing any proprietary notices, labels or marks from the Software is strictly prohibited. Furthermore, you hereby agree not to create derivative works based on the Software. You may permanently transfer all of your rights under this EULA, provided you retain no copies, you transfer all of the Software, and the recipient agrees to the terms of this EULA. If the Software is an upgrade, any transfer must include all prior versions of the Software. 2. Copyright. The Software is licensed, not sold. You acknowledge that no title to the intellectual property in the Software is transferred to you. You further acknowledge that title and full ownership rights to the Software will remain the exclusive property of Corinex Communications Corporation and/or its suppliers, and you will not acquire any rights to the Software, except as expressly set forth above. All copies of the Software will contain the same proprietary notices as contained in or on the Software. 3. Reverse Engineering. You agree that you will not attempt, and if you are a corporation, you will use your best efforts to prevent your employees and contractors from attempting to reverse compile, modify, translate or disassemble the Software in whole or in part. Any failure to comply with the above or any other terms and conditions contained herein will result in the automatic termination of this license and the reversion of the rights granted hereunder to CORINEX.
6
4. Disclaimer of Warranty. The Software is provided “AS IS“ without warranty of any kind. CORINEX and its suppliers disclaim and make no express or implied warranties and specifically disclaim warranties of merchantability, fitness for a particular purpose and non-infringement of third-party rights. The entire risk as to the quality and performance of the Software is with you. Neither CORINEX nor its suppliers warrant that the functions contained in the Software will meet your requirements or that the operation of the Software will be uninterrupted or error-free. 5. Limitation of Liability. Corinex’s entire liability and your exclusive remedy under this EULA shall not exceed the price paid for the Software, if any. In no event shall CORINEX or its suppliers be liable to you for any consequential, special, incidental or indirect damages of any kind arising out of the use or inability to use the software, even if CORINEX or its supplier has been advised of the possibility of such damages, or any claim by a third party. 6. Applicable Laws. This EULA will be governed by the laws of Canada, excluding its conflict of law provisions. 7. Export Laws. This EULA involves products and/or technical data that may be controlled under any applicable export control laws, and regulation, and may be subject to any approval required under such laws and regulations. 8. Precedence. Except as set out above, where separate terms are provided by the software supplier, then, subject to this EULA, those terms also apply and prevail, to the extent of any inconsistency with this EULA.
7
Content
Copyright .........................................................................................................................4
End User License Agreement..........................................................................................5
Content ............................................................................................................................7
1. Introduction...............................................................................................................8
2. Product Specification..............................................................................................11
3. Installation Overview ..............................................................................................16
4. Corinex Wireless to Powerline Router G Configuration ..........................................34
5. Powerline Setup through the Ethernet Interface using Corinex Setup Tool............72
6. Setup of Router SNMP Powerline Agent on the OPM Management Station ..........78
7. Setup of Router SNMP Powerline Agent on the OMH Software.............................83
Appendix A: Troubleshooting.........................................................................................86
Appendix B: Wireless Security.......................................................................................93
Appendix C: Glossary..................................................................................................101
Appendix D: How to Ping your ISP’s E-mail and Web addresses................................110
Appendix E: Finding the MAC address and IP address for your Ethernet Adapter......112
8
1. Introduction Congratulations to your choice of Corinex Wireless to Powerline Router G. The Router allows you to set up a home or small business network to share your high-speed Internet connection using either Ethernet cabling, Powerline or Wireless connection. 1.1 Powerline Routing Overview The Corinex Wireless to Powerline Router G provides a convenient Internet access and distribution capability for broadband service providers and users alike, using any incoming high speed signal, whether by A/DSL, cable, satellite or fiber optics as access and using the existing electrical wires as distribution media. This product enables multiple users in small to medium size offices and homes to share one broadband account and experience a high speed networking capability for data, voice, audio and video, without pulling new wires. The embedded Network Address Translation (NAT) feature enables the usage of a private set of IP addresses, which the Router translates into a single public IP address. The Router can also act as a DHCP server by automatically allocating a dynamic IP address to each piece of equipment, which connects by a communications port, like Ethernet, USB, 802.11b or 802.11g to the network. The Router has four LANs 10/100M, one WAN 10/100M Ethernet, one powerline port and one Wireless 802.11b/g port. The Router can act as the "bridge" between the access side of the network and its specific wire requirements and the distribution side of the network, which uses the existing electrical wires to move the signals to every electrical outlet and makes those signals available to wired or portable devices or uses the wireless type of connection also. The Corinex Wireless to Powerline Router G supports the Corinex Powerline and CableLAN product family, which include: • Corinex Powerline Ethernet Adapter • Corinex Powerline USB Adapter • Corinex Powerline Ethernet Wall Mount • Corinex Powerline Dual Ethernet Wall Mount • Corinex CableLAN Adapter • Corinex Powerline Router • Corinex Wireless to Powerline Access Point The Router‘s connection to the electrical wires (powerline) is based upon the HomePlug 1.0 industry standard. This standard warrants a robust and reliable performance for all HomePlug certified devices connected to the network. The reliability is made possible by the use of the Orthogonal Frequency Division Multiplexing (OFDM) technology. This multi-carrier modulation scheme allows devices to dynamically "surf the channel" – instantly shifting data from one carrier to another, looking for the least noise affected carrier to bring the signal to its destination. All Corinex Powerline and CableLAN products have been optimized for low-latency, high-reliability networking applications and use the HomePlug certified Powerline networking technology, which supports data rates up to 14 Mbps.
9
The Corinex Wireless to Powerline Router G also fully complies with the IEEE 802.3 and 802.3u 10/100M standard and offers static and dynamic IP routing mode operation, NAT, DHCP, MAC and IP filtering functionality. The Router supports a wide range of communications protocols and works seamlessly with all major access technologies, including A/DSL and Cable modems with PPPoE (PPP over Ethernet), as well as "Direct Connection" type service. The Corinex Wireless to Powerline Router G has advanced firewalling features, which protect home/SOHO networks from unwanted access. The Corinex Wireless to Powerline Router G offers a convenient way to create a simple network through the existing power lines of a home or office with the additional ability to provide you with wireless access to your network. Corinex Wireless to Powerline Router G offers several levels of security, including with 64/128-bit WEP encryption and 802.11i (WPA /WPA-PSK) for the wireless pass-through and 56-bit DES encryption for the Powerline pass-through. Enhanced security management functions, such as Wireless/Wired 802.1x, and Embedded RADIUS Server, guarantee that your data always is secured. The high data rate enables high quality video or any high bandwidth service to wherever there is a power outlet. Using the web-based user interface (UI), the device is easily set up and maintained. All functions can be configured with the UI via web browsers. Corinex Wireless to Powerline Router G uses 56-bit DES encryption with key management for secured powerline communications applications. End user equipment, which uses Corinex adapters to connect to the network, can run on Windows 98/ME/2000/NT/XP, Linux and MAC operating systems and use the full range of the Router’s networking features. 1.2 Corinex Wireless to Powerline Router G Features The Corinex Wireless to Powerline Router G contains an HTTP server with a web configurable SNMP Agent. This enables you to connect to it, and configure it, using your web browser. Every Corinex Powerline, CableLAN and Wireless product, no matter where it is located in the network, can be managed by the Corinex Open Powerline Management software or by using a web browser. Corinex offers a one-stop-shop experience and offers this for networking solutions in homes, apartments and condominiums, small to medium size offices, schools, hospitals, conference centers or shopping malls. For hotels, Corinex has developed a special management software called Corinex Open Management for Hotels. 1.2.1 Main Functions
• Supports 802.11g Wireless LAN • Supports HomePlug 1.0 Powerline network • Simultaneous operation on 802.11g wireless LAN and Powerline network • Enhanced Security Management Functions: Port Filtering, MAC and IP Address
Filtering, Wireless/Wired 802.1x, Embedded RADIUS Server • Supports 64/128 bits WEP Key in Wireless 802.11g LAN • Supports 56-bits DES Key for Powerline network
10
• The Wireless 11g operation provides data rate at 6, 9, 12, 18, 24, 36, 48, 54Mbps with auto fallback at 11b data rate at 1, 2, 5.5, and 11Mbps.
• For 802.11g, supports 11 channels for North America, 13 for Europe (ETSI) and 14 for Japan
• Supports Wireless Distribution System (WDS) –Wireless Bridge, Wireless Repeater
• Supports 802.11i – WPA / TKIP, AES, PSK • Easily Configurable through your networked PC’s Web browser • Administrators can block specific internal users’ Internet access with filtering and
802.1x • TCP, UDP, ICMP, IGMP • IEEE 802.1D (self learning transparent bridge) • IEEE 802.1D Spanning Tree Protocol • DDNS, DNS Proxy, DHCP Server/Client • HTTP Server (Basic Realm Support) • Transparent HTTP Proxy • SNMP V1/V2c Agent • Remote administration and remote upgrades available over the Internet • Supports Universal Plug and Play (UPnP) • Supports Traffic and Event Logging • Support for NTP (Network Time Protocol) for Synchronizing with a Real-Time
Server 1.2.2 Hardware • 802.3 10/100 Base-T • 802.11g Wireless LAN • HomePlug 1.0 Powerline network 1.2.3 Security • Password protected configuration or management sessions for web access • Built-in HTTP Server for setup and easy remote management via any browser • Wireless/Wired 802.1x 1.3 Package Content This Package Includes: • Corinex Wireless to Powerline Router G • Installation CD-ROM (including Corinex Wireless to Powerline Router G User Guide) • Wireless antenna • Power Cord • 2 Ethernet cables (RJ-45) • Quick Start Guide
11
As we do constant improvement of our products, it can happen that we have newer versions of software tools than those included on the Installation CD. If you want to check and/or download the latest versions of software for your Corinex product, just click the www.corinex.com/download Enclosed CD Content: - Corinex Wireless to Powerline Router G Quick Start Guide - Corinex Wireless to Powerline Router G User Guide (this document)- Powerline Setup Tool for Windows, MAC OS X and Linux - Acrobat Reader 1.4 Requirements
• IBM Compatible PC or Macintosh computer (needed for initial configuration of the Router)
• AC 220/110 V power outlet • Broadband Connection (DSL, Cable) or Internet device with 10/100
Ethernet connection • Ethernet, Powerline and/or Wireless connection for each computer • Windows 98/ME/2000/NT/XP, Mac OS X or Linux operating system for
computers sharing the Internet connection • Web browser supporting JavaScript for the Router management
2. Product Specification This section defines the hardware and software specifications 2.1 Hardware Features 2.1.1 Hardware Parameters Memory type SDRAM: 16MB SDRAM (4MB x 32 Bits) FLASH: 2MB NOR-Flash (16Bits) Ethernet Interfaces
• LAN: 4 x 10/100 Mbps Ethernet Port (RJ-45) • WAN: 1 x 10/100 Mbps Ethernet Port (RJ-45)
Electrical Parameters One AC power connector for both Powerline networking and power supply
12
Input Voltage: AC 100V~240V Line Frequency: 60/50Hz (USA/Europe) Wireless Parameters
Peak Gain of the Antenna 802.11g: 2.4 GHz => 2dBi
Transmitted Power 802.11g: Typ. 14dBm @ Normal Temp Range
Receive Sensitivity 802.11g: 11Mbps @ -80 dBm
54Mbps @ -66 dBm Typical
Environmental Parameters Operation Operating Temperature: 0ºC to 40ºC (32ºF to 104ºF) Operating Humidity 10% to 85% Non-Condensing Storage Storage Temp: -20ºC to 70ºC (-4ºF to 158ºF) Storage Humidity 5% to 90% Non-Condensing EMI/EMC FCC Part 15B, UL, CE (EMI, EMC, Safety) 2.2 Physical Details
Fig.2.1 Corinex Wireless to Powerline Router G
13
Front Panel
Fig.2.2 Corinex Wireless to Powerline Router G - front panel
LED Definition: System Power: Green On: The Power LED illuminates when the Corinex Wireless to Powerline Router G is powered on WAN ACT: Green On: Link Blinking: receiving/transmitting data LAN LINK /ACT: Green On: Link Blinking: receiving/transmitting data Powerline ACT: Green: Blinking: receiving/transmitting data
Off: No data transmitted to Powerline COL: Green: Blinking when collision is occurred on this port. WLAN (11G) ACT: Green: Steady on when link is ready Blinking: receiving/transmitting data through 802.11g WLAN interface Rear Panel
Fig.2.3 Corinex Wireless to Powerline Router G rear panel
14
Reset Switch Push = reboot (Press the button no longer than 5 sec) Hold until all the LED have been lightened = Reboot & Restore to default settings LAN Ports For linking computers or other Ethernet devices, e.g. a hub/switch LAN: 4 x 10/100 Mbps Ethernet Port (RJ-45) WAN Port For linking to the Ethernet port of a cable/DSL modem WAN: 1 x 10/100 Mbps Ethernet Port (RJ-45) Antenna For connection to wireless devices based upon the 802.11b/g standard Power Inlet The device is equipped with power supply. It serves the both: powerline network connection and power supply. 2.3 Software Features 2.3.1 General Features of the Corinex Wireless to Powerline Router G Feature Additional Information Protocol Support
• TCP/IP • ICMP • PPPoE (PAP / CHAP) • PPTP (Microsoft PPTP Client) • Static Routing Protocol • Dynamic Routing Protocol (RIPv1 / RIPv2) • Wireless Distribution System (WDS) • Broadcom AfterBurner (125Mbps High Speed Mode) • VPN tunnel passing support (PPTP, L2TP, IPsec)
Power-line network
• 14 Mbps • 56 bits DES Key • Wired 802.1x (EAP-MD5)
Wireless LAN (802.11g)
• SSID, Full Channels Support • 64/128 bits WEP on 802.11g • 802.11i – WPA / AES, TKIP, PSK • Wireless 802.1x • WDS with WPA/PSK • Broadcom AfterBurner (125Mbps High Speed Mode)
Security
• Stateful Inspection (SPI) Firewall • MAC & IP filtering • 802.1Q Tagged VLAN
15
• QoS – 802.1P, TOS • Wireless 802.1x (EAP-MD5, EAP-PEAP, EAP-LEAP,
EAP-TLS, EAP-TTLS) • Wired 802.1x (EAP-MD5) • 802.11i – WPA / AES, TKIP, PSK • 56Bit DES Key for Powerline
Management
• Embedded HTTP Daemon • SNMP v1/v2c Agent • Embedded RADIUS Server (EAP-MD5 only) • Firmware upgrade through Web browser • Zebra & RIPD Terminal (CISCO-like CLI) • UPNP IGD 1.0
Other Features
• DHCP Server/Client • Dynamic DNS client • DNS Proxy • Transparent HTTP Proxy • NTP (Network Time Protocol) • Syslog
2.4 Safety Labels Content of the Label on the Bottom of the Corinex Wireless to Powerline Router G The label shows the voltage and current values for your Router. It also shows both MAC Addresses (WAN & LAN) and serial number (SN), as well as the network Password required for remote Powerline password change as defined in the Corinex Open Powerline Management Software or Corinex Open Management for Hotels.
16
3. Installation Overview This part of the User Guide will assist you with your initial installation and configuration of your network and help you with settings, which you need to configure for your Internet connection to be shared through Ethernet, Powerline or Wireless media.
Fig.3.1 Corinex Powerline Network Installation Example The next chapters will explain to you how to connect your Corinex Wireless to Powerline Router G in three easy steps. Step 1: Connecting the Router – First you need to connect cables and connect the Router both to the power and to the Internet connection; and, optionally to your Ethernet connected computers. Step 2: Connecting the Computers – Then you will need to connect the computers to the Router, in order to be able to configure the settings of the Router. These steps differ between Ethernet, Powerline and Wireless connection and also it differs between different sorts of operating systems and computers. Step 3: Configuring the Router – The last step required is to configure your Corinex Wireless to Powerline Router G settings according to your Internet connection.
3.1 Step 1: Connecting the Router
17
In this Step, you will connect the Corinex Wireless to Powerline Router G to your Internet connection (cable or DSL modem) and to the computers in your home or business environment sharing the Internet connection. A. Connect your Internet connection (cable or DSL modem) to its proper connector—the coaxial jack for cable, or the phone jack for DSL (follow the instructions from your cable or DSL modem’s installation guide). B. Use the Ethernet cable that had been supplied as part of the shipment of your Corinex Wireless to Powerline Router G. Connect this Ethernet cable from the LAN or Ethernet port of the Internet connection (cable or DSL modem) to the WAN port of the Corinex Wireless to Powerline Router G. C. Use the Ethernet cable that had been used to connect your Internet connection (cable or DSL modem) to your computer. Connect this Ethernet cable to your computer’s Ethernet adapter. Connect the other end of the cable to the LAN port on the back of the Corinex Wireless to Powerline Router G.
Note: If your Computer’s Ethernet adapter is not set up, please refer to the Ethernet adapter’s user guide for more information.
D. Connect the power cable to the Corinex Wireless to Powerline Router G, and then plug the power cable into a power outlet Turn on the Internet connection (cable or DSL modem). Then turn on the computer you wish to use to configure the Corinex Wireless to Powerline Router G.
3.2 Step 2: Configuring Computers The instructions in this chapter will help you to configure each of your computers to be able to communicate with the Corinex Wireless to Powerline Router G. This process differs between Ethernet, Powerline and Wireless connected computers, and also differs between different operating systems. If you have a Powerline connected computer proceed to A, if you have an Ethernet connected computer, proceed to B, and if you have Wireless connected computer proceed to C.
A. Using the Powerline Connection
Please refer to the Manual of your Powerline Adapter to establish a Powerline connection between the Corinex Wireless to Powerline Router G and the other Powerline Adapters. Use the default Powerline (NEK) password "HomePlug", as this is the factory default password setting for the Corinex Wireless to Powerline Router G. When you are using the Corinex Setup Tool to configure your powerline adapter, you can check, whether your Adapter has a powerline connection to the Corinex Powerline Router by searching in the last window of the Corinex Setup Tool for the MAC address
18
of the Router. You will find the MAC address of your Corinex Powerline Router on the label on the bottom of the Router’s plastic cover (MAC PLC/SN). Proceed to B.
Fig.3.2 Corinex Setup Tool
B. Using the Ethernet Connection Next you will need to configure your TCP/IP settings so that your computer will obtain an IP (or TCP/IP) address automatically (called DHCP). Computers use IP addresses to communicate with each other across a network or the Internet. Find out which operating system your computer is running, such as Windows 95, 98, Millennium, 2000, XP, Linux or Macintosh OS or other operating system. Then follow the instructions for configuring the TCP/IP networking in the following section.
Configuring Windows XP PCs
1. Click the Start button, open the Control Panel. From there, click the Network Connections icon and then the Network Connections window appears.
2. Select the Local Area Connection icon for the applicable adapter (Ethernet
adapter or Powerline - usually the first adapter listed). Double-click the Local Area Connection.
19
Fig.3.3 Local Area Connection Status
3. The Local Area Connection Status screen will appear. Click the Properties button.
4. Select Internet Protocol (TCP/IP) and click the Properties button.
Fig.3.4 Local Area Connection Properties
20
5. Select Obtain an IP address automatically and click the OK button. Click the OK button again (or the Close button if no settings were changed) to complete the computer configuration.
Fig.3.5 Internet Protocol (TCP/IP) Properties
6. If you do not have DHCP server on the network or it is switched off, then select Use the following IP address. Set the IP address manually in the format 10.0.0.X and mask 255.255.255.0 of local TCP/IP settings. In the Default gateway box, set the gateway address. The default is 10.0.0.2.
21
Fig.3.6 Internet Protocol (TCP/IP) Properties
7. Check the radio button for Use the following DNS server addresses. In the Preferred DNS server and Alternate DNS server boxes, type the IP addresses of DNS Server provided by your ISP.
8. Click OK button in the TCP/IP Properties window to complete the PC
configuration, and click Close or the OK button to close the Network window. Configuring Windows 2000 PCs
1. Go to the network screen by clicking the Start button. Click Settings and then Control Panel. From there, double-click the Network and Dial-up Connections icon.
2. Select the Network and Dial-up Connections icon for the applicable Ethernet
adapter (usually it is the first Local Area Connection listed). Do not choose a TCP/IP entry which name mentions DUN, PPPoE, VPN, or AOL. Double click the Local Area Connection.
3. The Local Area Connection Status screen will appear, as shown in Figure 3.7.
Click the Properties button.
22
Fig.3.7 Local Area Connection Status
4. Select Internet Protocol (TCP/IP), as shown in Figure 3.8, and click the
Properties button.
Fig.3.8 Local Area Connection Properties
5. Obtain an IP address automatically, as shown in Figure 3.9, then click the OK button.
23
Fig.3.9 Internet Protocol (TCP/IP) Properties
6. If you do not have DHCP server on the network or it is switched off, then select Use the following IP address. Set the IP address manually in the format 10.0.0.X and mask 255.255.255.0 of local TCP/IP settings. In the Default gateway box, set the gateway address. The default is 10.0.0.2.
Fig.3.10 Internet Protocol (TCP/IP) Properties
7. Click OK button in the TCP/IP Properties window to complete the PC configuration, and click Close or the OK button to close the Network window.
24
Configuring Windows 98 and Millennium PCs
1. Go to the network screen by clicking the Start button. Click Settings and then Control Panel. From there, double-click the Network icon.
2. On the Configuration tab, select the TCP/IP line for the applicable Ethernet adapter, as shown in Figure 3.11.
Fig.3.11 Local Network
Do not choose a TCP/IP entry that mention DUN, PPPoE, VPN, or AOL names. If the word TCP/IP appears by itself, select this line. (If there is no TCP/IP line listed, refer to Appendix D: Installing the TCP/IP Protocol or your Ethernet Adapter’s User Guide to install TCP/IP now.) Click the Properties button.3. Click the IP Address tab and select Obtain an IP address automatically, as shown in Figure 3.12. 3. Click the IP Address tab and select Obtain an IP address automatically, as
shown in Figure 3.12.
25
Fig.3.12 Obtain the IP Address 4. If you do not have DHCP server on the network, then select Use the following IP
address. Set the IP address manually in the format 10.0.0.X and mask 255.255.255.0 of local TCP/IP settings and click the OK button.
Fig.3.13 Set the IP Address
26
5. Now click the Gateway tab. In the Default Gateway box, set the gateway address. The default is 10.0.0.2.
Fig.3.14 TCP/IP Properties Gateway
6. Click the OK button again. Windows may ask you for the original Windows installation disk or additional files. Supply them by pointing to the correct file location, e.g., D:\win98, D:\win9x, c:\windows\options\cabs, etc. (if "D" is the letter of your CD-ROM drive).
7. Windows may ask you to restart your PC. Click the Yes button. If Windows does
not ask you to restart, restart your computer anyway. Configuring Linux PCs To access the Internet via the Corinex Wireless to Powerline Router G, it is only necessary to set the Corinex Wireless to Powerline Router G as the "Gateway". Setup differs between various Linux distributions, we are giving the Mandrake as an example, check your distribution, how to change IP settings. Note: Ensure that you are logged in as "root" before attempting any changes, or you will be asked for root login and password later during configuration. DHCP Client The procedure below may vary according to your version of Linux and X windows shell.
27
1. Start your X Windows Shell
Fig.3.15 TCP/IP Configuring Linux
2. Select Control Center (Fig. 3.15). If you are not logged as root, the following screen will appear. Enter your root password.
Fig.3.16 Entering root Password
3. The following screen (Fig. 3.17) will appear. Select Network & Internet.
28
Fig.3.17 Configuring Linux Control Center
4. In the following screen (Fig. 3.18) select DrakConnect (for setting up network & Internet connection).
Fig.3.18 Configuring Linux Control Center
5. Select the Interface entry for your Network card. Normally, this will be called "eth0".
29
Fig.3.19 Configuring Linux Control Center Selecting Network card
6. Click the Wizard button then on next dialogue (Fig.3.20) click on the Next button.
Fig.3.20 Network Configuration Wizard
7. Select LAN connection (Fig.3.21) and click on Next button.
30
Fig.3.21 Network Configuration Wizard Choosing the Connection Type
8. On the next screen select Automatic IP. Click on the Next buttons on all screens until you click Finish.
Fig.3.22 Network Configuration Wizard Automatic IP selection Fixed IP Address By default, most Linux installations use a fixed IP Address. If you wish to continue using a fixed IP Address, make the following changes to your configuration.
• Set the IP address manually in the format 10.0.0.X and Netmask 255.255.255.0
31
• Set your Default Gateway to the IP Address of the Corinex Wireless to Powerline Router G. The default is 10.0.0.2.
• Ensure your DNS (Name Server) settings are correct.
Fig.3.23 Network Configuration Wizard Static IP address Configuring Macintosh clients With Macintosh computers, the procedure is as follows:
1. Open the Network Control Panel in System Preferences.
Fig.3.24 System Preferences 2. Select Ethernet from the pop-up menu.
32
Fig.3.25 Network
3. Select Using DHCP from the TCP/IP tab, field Configure. The DHCP Client ID field can be left blank.
Fig.3.26 Network TCP/IP Using DHCP
4. Close the Network panel, saving your settings.
33
Note: If using manually assigned IP addresses instead of DHCP, the required changes are:
• Set the IP address manually in the format 10.0.0.X and Subnet Mask 255.255.255.0
• Set Router address field to the Corinex Wireless to Powerline Router G IP address. The default is 10.0.0.2.
• Ensure your DNS settings are correct.
Fig.3.27 TCP/IP settings – Manually
Configuring other clients For fixed IP Addresses: Ensure the Gateway field for your network port is set to the IP address of the Corinex Wireless to Powerline Router G Ensure your DNS (Name Server) settings are correct. For DHCP: Ensure the TCP/IP address settings of your Network port are set to DHCP or Automatic
34
C. Using the Wireless Connection You may need to reconfigure some wireless settings to ensure that all settings match between wireless devices based on 802.11g standard. Note: Different wireless settings will disable wireless network connections between wireless adapters. Default Wireless Interface Settings are: SSID: corinex Channel: 11 WEP: Disabled Note: WEP is disabled by default for an easier installation. For enhanced security purposes, it is recommended that you later (after successful configuration) enable WEP on all wireless devices. Find out which operating system is running your computer, like Windows 95, 98, Millennium, 2000, XP, Linux or Macintosh OS X or any other operating system. Then follow the instructions for configuring the TCP/IP networking for your system in the previous section. The settings of the TCP/IP level for each platform are similar to the procedure as described in the previous section “Using the Ethernet Connection”.
4. Corinex Wireless to Powerline Router G Configuration 4.1 Overview For your convenience, use the Corinex Wireless to Powerline Router G web-based utility to configure it. This chapter will explain all of the functions of this utility. The utility can be accessed via Microsoft Internet Explorer, Netscape Navigator, Opera or other web browsers to set up Ethernet, Wireless, or Powerline computer connections to the Corinex Wireless to Powerline Router G. This utility has a consistent design for all of its screens. It consists of screen selection tabs on the top part of screen and the display screen. NOTE: The appearance of the user interface screenshots displayed in the following part of this document may vary due to the firmware version currently available in your device. It is recommended that you check for the latest firmware version on the Corinex web site: www.corinex.com
35
Fig. 4.1 TABS and SCREEN
As you click on the selection tabs, different screens will be displayed. For a network setup, most users only have to use the following tabs of the utility:
• WAN - enter the settings provided by your ISP. • Basic – In this section the user can setup the Corinex Wireless to Powerline
Router G the login settings. The default username is admin and password is admin, too. To protect the Corinex Wireless to Powerline Router G, change the password from its default.
The Basic, LAN, WAN, Status, Filters, Routing, Wireless, Powerline, Security and Firmware tabs are available for setup of the Corinex Wireless to Powerline Router G. Each of these tabs groups have several similar settings, of which you can choose to access display screens. The display screen consists of one or more entry fields containing current values of the settings. By changing these values you can configure the device. Most of the screens have an Apply and Cancel button. The Apply button will enter the settings from the screen into the Corinex Wireless to Powerline Router G. The Cancel button will erase all provided changes.
TABS
SCREEN
36
4.2 Password Entry To access the web-based utility of the Router, launch Internet Explorer or other web browser, and enter the Router’s default IP address, 10.0.0.2, in the Address field, as shown in Fig. 4.2 and press Enter. Enter this value in the following format http://10.0.0.2
Fig. 4.2 HTTP Address field Note: Make sure that the TCP/IP settings of your network interface are configured correctly! After this, a password requested page shown in Fig. 4.3 will appear (non-Windows XP users will see a similar screen). Enter admin in the User Name field and enter admin in the Password field. Then click the OK button.
Fig. 4.3 Login window 4.3 Basic Tabs
The first screen that appears displays the Basic tab. This allows you to change the Corinex Wireless to Powerline Router G general settings. Change these settings as described here and click the Apply button to apply your changes or Cancel to cancel your changes. The Restore Default option will restore all of the settings in the Router to the factory default settings. To restore the factory default settings, click the Restore Default button. To restart or reboot the device, press the Reboot button. Restarting or rebooting the router will not delete any of your configuration settings.
37
Fig. 4.4 Basic settings window In the Router Username field you can change the management access password to the Router. For that you will need to enter both the current password in the Router
38
Password field. Default username and password from the factory is admin (password is case sensitive). You can also define the Router WAN Port address for the access to the Router from the WAN side.
Router Mode Some applications may require the complete disabling of Network Address Translation (NAT) and switching the router to a Bridge mode. For enabling this mode, select it from the combo-box. We recommend to switch off the firewall as well. If you want to switch the router back to default mode and enable NAT, select the mode Router. Firewall Your Router is equipped with a firewall that will protect your network from a wide array of common hacker attacks including Ping of Death (PoD) and Denial of Service (DoS) attacks. You can enable the Firewall feature by selecting from drop down menu. You prevent your network from being “pinged,” or detected, by other Internet users. The Firewall feature also reinforces your network security by hiding your network ports. You can turn the firewall function off if it is interfering with an application’s function. Turning off the firewall protection will not leave your network completely vulnerable to hacker attacks, but it is recommended that you turn on the firewall whenever possible. This feature is enabled by default.
You can enable/disable the Firewall in the Firewall Enable/Disable field. Time Zone Setting If required, you can setup the Time Zone. Change the time zone in which your network functions from this pull down menu. In the part NTP Servers you can choose the IP address of predefined time servers or you can type in the IP address of your own time server for receiving the time synchronization.
SNMP Agent
39
Corinex SNMP v1/v2c Agent allows a SNMP management software (like the Corinex Open Powerline Management or Corinex Open Management for Hotels software) to retrieve reports from the networked device. These reports are based upon the defined objects in the Management Information Base (MIB). The agent queries, reports, and sets MIB variables based upon directions from the NMS or upon pre-set alarm conditions. Corinex SNMP v1/v2c will work with the most popular NMS solutions such as HP OpenView and SunNet Manager. Because the Corinex SNMP v1/v2c Agent is bilingual, it can communicate with an NMS that is running either SNMP Version 1 or Version 2c. You can set the SNMP Agent for the SNMP management software to Enabled in the SNMP v1/v2c Agent drop down menu. Then you can also change the Read-Only Community and Read-Write Community strings in the corresponding fields. Default values are public and netman, and we are recommending you to change them, as they are well known and enable others to configure your Router from other computers. You can also define the trap server IP address in the V2c Trape Receiver filed.
HTTP Proxy settings Using a proxy server leads to reduced bandwidth usage and thus helps keeping the network-related costs lower. If you want to use Proxy server you must enter the required parameters in to the following fields. Transparent HTTP Proxy - You can Enable or Disable the HTTP Proxy by selecting from drop down menu. Remote HTTP Proxy Server Address - Enter the Remote HTTP Proxy Server IP address in this field. Remote HTTP Proxy Server Port – Enter the number of the HTTP proxy server port
DDNS Settings The Router offers a Dynamic Domain Name System (DDNS) feature. DDNS lets you assign a fixed host and domain name to a dynamic Internet IP address. It is useful when you are hosting your own website, FTP server, or other server behind the Router. To
40
use the service, you must first apply an account from several free Web servers such as www.dyndns.org, or www.TZO.com
DDNS Service - You can Enable or Disable the DDNS Service by selecting from drop down menu. DDNS Username - Enter the User Name for your DDNS account DDNS Password - Enter the Password for your DDNS account. DDNS Service Provider - From this pull-down menu, enter the DDNS service with which you have membership. DDNS Desired Host Name/Domain Name –Enter the DDNS URL address assigned by the DDNS service. DDNS Desired MX – The DDNS server system also supports MX records. These can be used for pointing incoming mail to your domains (such as john.com) to the proper mail server. Note: The DESTINATION ADDRESS of an MX record MUST be a domain name and NOT simply an IP address. You can also Backup MX service by selecting true (for backup) or false (for no backup) option from the drop down menu. DDNS Sub-system - You can choose a subsystem name from dyndns, statdns, or custom. DDNS Wildcard – Wildcard option (only for DynDNS.org) Some DDNS servers support the wildcard feature which allows the hostname, *.yourhost.dyndns.org, to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful when there are multiple servers inside and you want users to be able to use things such as www.yourhost.dyndns.org and still reach your hostname.
41
When using wildcard, you simply enter yourhost.dyndns.org in the DDNS Desired Host Name/Domain Name. Syslog IP Address You can set the Syslog IP Address to the LAN IP of the machine running the syslog daemon, or to broadcast the Logs to the LAN (x.x.x.255).
UPnP Universal Plug and Play (UPnP) helps devices, such as Internet appliances and computers, access the network and connect to other devices as needed. UPnP devices can automatically discover the services from other registered UPnP devices on the network. You can Enable or Disable the UPnP (automatic device configuration) feature by selecting from drop down menu. The default setting for UPnP is disabled. If disabled, the router will not allow any device to automatically control the resources, such as port forwarding (mapping), of the router.
Note: If you use applications such as multi-player gaming, peer-to-peer connections, real time communications such as instant messaging, or remote assistance (a feature in Windows XP), you should enable UPnP. In the Connection Logging field you can select appropriate setting from the drop down menu. The four options are offered: Disabled, Denied, Accepted or Both.
Press the Apply button to put all changes in the Basic settings window into effect.After you press the Apply button, the notification screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any error messages (Validating values...done and also Committing values...done) your configuration has been updated. Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
42
4.4 LAN Tabs
Select the LAN settings from the main tabs. The following screen will appear:
Fig. 4.5 LAN settings window In this screen you can change the settings of your local area network. Router IP MAC Address – shows the MAC Address of the LAN interface In the IP Address and Subnet Mask fields you can change the IP address of the LAN interface of your Router. The default value is 10.0.0.2, mask 255.255.255.0. You see also the MAC Address of the LAN interface.
43
DHCP Server DHCP is Enabled by factory default. If you already have a DHCP server on your network, or you don’t want a DHCP server, then select the Disable from drop down menu (no other DHCP features will be available).
Using the DHCP Starting IP Address and DHCP Ending IP Address you can change the values of the IP addresses assigned to the DHCP clients. The DHCP address assignment can expire if the address is not used. This value can be defined in the DHCP Lease time field in seconds. Active DHCP Leases shows all active DHCP leases with each computer's name, IP-address, Hardware address, and when its lease expires. Spanning Tree Corinex Wireless to Powerline Router G supports 802.1d Spanning Tree Protocol to prevent network loops. Select Enable to enable the Spanning Tree Daemon or Disable to disable the Spanning Tree Daemon from drop down menu.
Static Routing Static Routes provide additional routing information to your router. Under normal circumstances, the router has adequate routing information after it has been configured for Internet access, and you do not need to configure additional static routes. You must configure static routes only for unusual cases such as when you have multiple routers or use multiple IP subnets in your network.
44
To add or edit Static Routes:
1. Type the Destination IP Address of the final destination. 4. Type the IP Subnet Mask for this destination. If the destination is a single host,
type 255.255.255.255. 5. Type the Gateway IP Address, which must be a router on the same LAN
segment as the router. 6. Type a number between 1 and 15 as the Metric value. This represents the
number of routers between your network and the destination. Usually, a setting of 2 or 3 works, but if this is a direct connection, set it to 1.
After you have entered the values in this screen, you can set them up by clicking on the Apply button. After you press the Apply button, the notification screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any errors message (Validating values...done and also Committing values...done), your configuration has been updated. Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
45
4.5 WAN Tabs
Select the WAN settings from the main tabs. The following screen will appear:
Fig. 4.6 WAN settings window
46
In this screen you can change the WAN settings of your network. You can select the Connection type. You can use the Default Connection type or you can create the new connection by clicking on the New button. You are also able to delete some type of connections by selecting the connection which you want to remove by pressing the Delete button. You can also enter a short description of the connection in the Description field. Then select the Interface type from the drop down menu and choose the type of protocol that you want to use for WAN connection.
The Corinex Wireless to Powerline Router G supports four WAN connection types: DHCP (Obtain IP address dynamically), Static, PPPoE, and PPTP. The setup will differ according to the type of your Internet connection. You can select a Protocol type from the drop down menu from DHCP, Static, PPPoE, PPTP, and Disabled. You can also select the Primary connection type. Follow the instructions for your connection type below. DHCP
• Select DHCP from the Protocol drop down menu. • If your ISP gave you the Host Name, enter it into the Host Name field. • Some ISPs require you to change your Routers MAC address into your previously
connected Ethernet card. Click on MAC Address field and change it.
• Click on Apply button.
47
Static
• Select Static from the Protocol drop down menu. • Enter the IP address, Subnet Mask and Gateway Address according to the
information provided to you through your ISP. • If your ISP provided you with specific DNS settings you need to change them by
clicking Click here to enter your DNS Settings. • Set the IP address of the WINS Servers to use for resolving NetBIOS names.
• Click on Apply button.
PPPoE
• Select PPPoE from the Protocol drop down menu. • Enter the PPPoE Username, PPPoE Password, and Service Name (Optional)
according to the information provided to you through your ISP. • Set the name of the PPPoE Service Name and PPPoE Access Concentrator, if
required by your ISP. • Determine whether the PPPoE link should be automatically disconnected if no
traffic has been observed for the period specified by PPPoE Max Idle Time or not.
• Set the number of seconds to wait before disconnecting the PPPoE link if PPPoE Connect on Demand:is Enabled.
• Set whether the PPPoE link should be automatically restored if it is lost. This setting has no effect it PPPoE Connect on Demand is Enabled.
• Sets the maximum number of bytes that the PPPoE interface will receive in single Ethernet frame. The default value is 1492.
• Change the MTU only if your ISP specifically requires a different setting than 1492. Then enter the required size in the MTU field.
48
• Click on Apply button.
PPTP
• Select PPTP type of connection from the Protocol drop down menu. • Enter the IP address to the PPTP Gateway Address, set the PPTP Username,
and PPTP Password for authentication. • Determine whether the PPTP link should be automatically disconnected if no
traffic has been observed for the period by PPTP Max Idle Time or not. • In the PPTP Max Idle Time input field, set the number of seconds to wait before
disconnection the PPTP link if PPTP Connect on Demand is Enabled. • In the PPTP Keep Alive drop down menu you can set whether the PPTP link
should be automatically restored if it is lost. This setting has no effect if PPTP Connect on Demand is Enabled.
• If the PPTP Connect on Demand is Enabled, you can set the number of seconds to wait before disconnecting the PPTP link in the PPTP Redial Period input field.
• In the PPTP MRU input field, set the maximum number of bytes that the PPTP interface will receive in a single Ethernet frame.
• In the PPTP MTU input field, set the maximum number of bytes that the PPTP interface will transmit in a single Ethernet frame.
49
• Click on Apply button. The Connection Status shows you the state of connection and the IP Address Expired In shows you the IP address lease info.
Static Routing Static Routes provide additional routing information to your router. Under normal circumstances, the router has adequate routing information after it has been configured for Internet access, and you do not need to configure additional static routes. You must configure static routes only for unusual cases such as when having multiple routers or using multiple IP subnets located in your network.
To add or edit Static Routes:
1. Type the Destination IP Address of the final destination. 2. Type the IP Subnet Mask for this destination. If the destination is a single host,
type 255.255.255.255. 3. Type the Gateway IP Address, which must be a router on the same LAN
segment as the router. 4. Type a number between 1 and 15 as the Metric value. This represents the
number of routers between your network and the destination. Usually, a setting of 2 or 3 works, but if this is a direct connection, set it to 1.
50
After you have entered the values in this screen, you can set them up by clicking on the Apply button. After you press the Apply button, the following screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any errors message (Validating values...done and also Committing values...done) your configuration has been updated. Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
4.6 Status Tabs
Select the Status settings from the main tabs. The following screen will appear:
Fig. 4.7 Status window The System Up Time shows you the system up time since the Router last booted. The Connection Log gives you information about log of recent connection attempts.
51
4.7 Filters Tabs Select the Filters settings from the main tabs. The following screen will appear:
Fig. 4.8 Filters settings window
52
This page allows you to configure LAN filters for the router. The LAN machines affected by the filters will not be able to communicate through the WAN but will be able to communicate with each other and with the router itself. In the LAN MAC Filter Mode field select whether client with the specified MAC address are allowed or denied access to the router and the WAN. If you want to disable this feature select Disable. To filter LAN users or packets from the LAN machines with the specified MAC addresses use the LAN MAC Filters option. The MAC address must be added in format XX:XX:XX:XX:XX:XX.
In the LAN Client Filters part you can filter packets from IP address destined to certain port ranges during the specified time. You can set the range of IP address in the LAN IP Address Range field, then select the type of protocol (TCP or UDP) in the Protocol field, and set the Destination Port Range. In the following fields set the time period for which you want to configure the filtering. You can turn on the filtering by checking the Enabled check box.
After you have entered the values in this screen, you can set them up by clicking on the Apply button. After you press the Apply button, the notification screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any error messages (Validating values...done and also Committing values...done) your configuration has been updated. Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
53
4.8 Routing Tabs Select the Routing settings from the main tabs. The following screen will appear:
Fig. 4.9 Routing settings window
54
This chapter describes how to configure RIP (Routing Information Protocol). One of the protocols used by a router to build and maintain a picture of the network is the Routing Information Protocol (RIP). Using RIP, routers periodically update one another and check for changes to add to the routing table. The Corinex Wireless to Powerline Router G router supports both the older RIPv1 and the newer RIPv2 protocols. Among other improvements, RIPv2 supports subnet and multicast protocols. RIP is not required for most home applications. If you want to use the Dynamic Routing – RIP functionality, you must enable this feature by selecting Enabled from the drop down menu. In that case you must define the RIP Password and then choose the RIP Version. This controls the format and the broadcasting method of the RIP packets that the router sends. (It recognizes both formats when receiving.) By default, this is set for RIPv2.
• RIP-1 is universally supported. RIP-1 is probably adequate for most networks, unless you have an unusual network setup.
• RIP-2 carries more information. RIP-2 uses subnet broadcasting.
Two RIP modes are offered in the RIP Mode field: • Router with RIP on WAN interface • Gateway with RIP on both WAN & LAN interfaces
Port Forwarding Corinex Wireless to Powerline Router G creates a firewall between your internal network and the Internet. A firewall keeps unwanted traffic from the Internet away from your LAN computers. A ‘tunnel’ can be created through your firewall so that the computers on the Internet can communicate to one of the computers on your LAN on a single port. This is handy for running web servers, game servers, ftp servers, or even video conferencing. This is called port forwarding. One of your computers could run a web server (port 80) while another computer could run an FTP server (port 23) - both on the same IP address. Port Forwards allows you to specify configuration for forwarding packets from the ports in the first range on the WAN side to the LAN connected devices with the specified IP and address and port range. You can turn on the port forwarding by checking the Enabled check box.
55
In this part or the Routing tab, you can configure the automatic forward connections. The Application Specific Port Forwards allows you to configure the Outbound and Inbound protocols and ports. In the Outbound Protocol box, select the protocol (UDP or TCP) for the outbound ports and enter the outbound port range in the Outbound Port Start and Outbound Port End boxes. In the Outbound port box, type the number of the outbound port. The outbound port should be specified as one number from 0 to 65535. To determine which port the program uses, consult the documentation for the program. In the Inbound Protocol box, select the protocol type (UDP or TCP) for the inbound ports. In the Inbound port(s) box, type the inbound port. The inbound port can be a single port or you can define up to two ranges of ports, which shall be defined in the Inbound Port Start/End or To Port Start/End fields. The inbound port should be specified as one number from 0 to 65535. You can turn on the filtering by checking the Enabled check box.
DMZ A DMZ (DeMilitarized Zone) Host is a host without firewall protection. It allows a computer to be exposed to unrestricted 2-way communication for Internet games, video conferencing, Internet telephony, and other special applications. This function is typically used to allow a web server, FTP server, etc. to be accessible to users on the Internet. You need to enter the local IP address in the DMZ IP Address field. This feature forwards all other incoming WAN packets to the LAN connected device with the specified IP address.
Note: A DMZ is far easier to set up than port forwarding but exposes your entire computer to the Internet. Sometimes TCP/IP applications require very specialized IP configurations that are difficult to set up or are not supported by your router. In this case, placing your computer in the DMZ is the only way to get the application working. Placing
56
a computer in the DMZ should be considered ‘temporary’ because your firewall is no longer able to provide any security to it. Port forwarding can sometimes be difficult to configure, but provides a relatively safe way of running a server from behind a firewall. Since only a single port (or small series of ports) is exposed to the Internet, the computer is easier to secure. Additionally, port forwarding allows you to run multiple kinds of servers from different computers on your LAN.
After you have entered the values in this screen, you can set them up by clicking on the Apply button. After you press the Apply button, the notification screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any error messages (Validating values...done and also Committing values...done) your configuration has been updated. Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
57
4.9 Wireless Tabs
Select the Wireless settings from the main tabs. The following screen will appear:
Fig. 4.10 Wireless settings window
58
In this screen, you can view and change the settings of the wireless interface on your Corinex Wireless to Powerline Router G. The first drop-down list allows you to select the Wireless Interface you want to configure. The default interface is names “corinex” followed by the MAC address of the wireless part of the router. Network SSID SSID is the name or identification of your wireless network. Only users who have the same SSID set in the wireless network card settings, can connect to your network. The SSID can be up to 32 characters long and is case sensitive. Network Type An access point can broadcast its SSID to all wireless clients nearby, so they have a chance to see the network and connect to it. However, this can lead to a security breach in case your wireless communication is not encrypted. If you don’t want the access point to periodically broadcast its SSID to others, please set this field to “Closed”. Otherwise set it to “Open”. AP Isolation An access point can have multiple associated wireless clients. If you want to let the clients communicate with each other through the access point, set this field to “Off”. Otherwise, set it to “On”. Country The regulatory domains in certain countries don’t allow to use all 14 channels for wireless communication. Please set this field according to your location for not violating local regulations.
Radio This setting allows you to enable or disable the wireless part of your router. When disabled, the router acts like a standard Ethernet/Powerline router without any wireless features. Band This setting allows you to set the frequency band used for wireless communication. For the 802.11g standard the 2.4 GHz band is used.
59
Channel There are multiple channels (frequency carriers) which can be used for wireless communication. The channel availability may be limited according to regulations in your country. You can set this field to “Auto” which forces the access point to choose the first available channel for communication, or choose a channel manually to prevent any interference with other wireless networks in range. 54gTM mode The 54gTM mode is the maximum performance implementation of the 802.11g protocol, allowing data rates up to 54 Mbps and preserving the standard compliance at the same time. Set this to 54g Auto for the most compatibility with other wireless systems. In this mode, both 802.11b and 802.11g clients can connect to the access point. If your network consists only of 54gTM compliant clients, you can set 54g Performance for maximum performance. This will exclude all 802.11b clients from connecting to the access point. The third option – 54g LRS (Limited Rate Support) can be used in case you experience any problems with connecting to the access point. The last option is 802.11b Only, which is used in situations where only 802.11b and no 802.11g devices are present. 54g Protection The 802.11 standard provides a method to enable coexistence of 802.11g and 802.11b devices in the same network without interfering. This means the devices supporting different standards will not communicate at the same time. However, this reduces the network performance. If you have only 802.11g compliant or compatible devices in your network, you can set this field to “Off” which will improve performance. Otherwise set it to “Auto”.
Rate Set the maximum transmit rate. The wireless device will be forced to communicate at the selected rate. Basic Rate Set You can set the basic rates to allow connection of wireless clients supporting all these data rates. You can choose from “Default” which means 1, 2, 5.5 or 11 Mbps in case of 802.11b mode or 6, 12 and 24 Mbps in 802.11g mode; “All” which enables all supported data rates (1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48 and 54 Mbps) or “1 & 2 Mbps” to allow compatibility with older 802.11 devices.
60
Multicast Rate This Multicast Rate option forces the multicast/broadcast transmission rate for the Corinex Wireless to Powerline Router G to a particular speed. You can choose the appropriate Rate from the drop down list in the Multicast Rate field.
Fragmentation Threshold This setting specifies the maximum size for a packet before it is fragmented into multiple packets. The default setting is 2346 and should be lowered only if you encounter high data losses. However, setting this value very low may cause lower performance. RTS Threshold This value specifies the maximum size of a packet, sending of which won’t inflict the negotiation (RTS/CTS) between the sending and the receiving stations about the transmission of the packet. If the size of the packet is larger than this threshold, the sending station sends a RTS (Right to Send) packet to the receiving station, and after it receives the CTS frame (Clear to Send), it will send the packet. This value is set to 2347 bytes by default. DTIM Interval This setting indicates the interval of the Delivery Traffic Indication Message. It is a countdown, telling the clients when they should listen for broadcast and multicast transmissions. Anytime the access points has broadcast or multicast data to transmit, it will inform all associated clients about the transmission, so that they can “wake up” to listen to the transmission. The default value is 3 milliseconds and can be set to the values from 0 to 255 milliseconds.
61
Beacon Interval This specifies the periodic interval at which the access point sends a beacon. The default value is 100 milliseconds and can be between 0 and 65536 milliseconds.
Enable ExpressTM Technology The ExpressTM technology introduces frame-bursting techniques for improving performance of the wireless networks. This should always be enabled, as it improves performance in any environment, including homogenous 802.11b or 802.11g network, or combination of standards. Only if you experience problems, disable the ExpressTM. Enable AfterBurner Technology Afterburner technology is an enhancement for the 54g™ platform, Broadcom's maximum performance implementation of the IEEE 802.11g standard. If you turn On the AfterBurner Technology the Corinex Wireless to Powerline Router G provides up to 40 percent greater throughput than typical standard 802.11g without impacting the performance of neighboring wireless LANs.
When you enable the AfterBurner Technology, it may happen that the following screen will appear. Click on the OK button to continue.
WDS Operation Mode The wireless part of the Corinex Wireless to Powerline Router G can work in two modes. The Wireless Bridge mode allows WDS operation of the device. WDS (Wireless Distribution System) allows you to extend your network by connecting multiple access points (and their networks) together. None of the WDS enabled devices can act as an access point, this means it cannot provide connectivity to wireless clients. Selecting Wireless Bridge disables Access Point functionality. Only the Wireless Bridge Functionality will be available.
62
Selecting Wireless Repeater enables the Access Point and Bridge functionality. Wireless bridge functionality will be available and wireless stations will be able to associate to the Corinex Wireless to Powerline Router G. Bridge Restrict If Disabled, any wireless bridge can connect to your access point. If you enable this feature, only four wireless bridges listed by their MAC addresses in the ‘Remote Bridges’ table, can connect to your access point. Remote Bridges In case you enabled the ‘Bridge Restrict’ feature, in this table you can specify the four wireless bridges that are granted to connect to your access point.
MAC Restrict Mode This function specifies whether the wireless clients listed in the table below can or cannot connect to the access point. By selecting the option “Allow”, only the specified clients can connect to your access point. If you select the option “Deny”, all clients other than the specified ones can connect. You can disable this filtering by selecting the option “Disabled”. MAC Addresses This feature allows or denies wireless access to clients with the specified MAC addresses. The MAC address format is XX:XX:XX:XX:XX:XX.
Authenticated Stations In this part you can see the stations which authenticated to the Corinex Wireless to Powerline Router G device.
After you have entered the values in this screen, you can set them up by clicking on the Apply button. After you press the Apply button, the notification screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any error messages (Validating values...done and also Committing values...done) your configuration has been updated.
63
Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
4.10 Powerline Tabs Select the Powerline settings from the main tabs. The following screen will appear:
<TREBA NOVY OBRAZOK – v 1.3.1beta2 pribudli nejake veci> The Corinex Wireless to Powerline Router G is configured to work seamlessly with other Corinex Powerline products right out of the box. All Powerline devices must use the same Powerline password if they should communicate together over Powerline. If the passwords are not the same, reconfigure the devices to ensure that all devices have the same passwords.
Note: For Corinex Wireless to Powerline Router G, the default Network Encryption Key is "HomePlug". The 56-bit DES encryption is always enabled for Powerline data security as default.
This part of the tab enables you to configure the Powerline settings. You can Enable or Disable the Powerline interface in the HomePlug Enabled field. In the Device ID field you can see the DEK (Default Encryption Key) of the adapter. The user can find the DEK number on the bottom side of each Powerline device. In the Network Password field, you can enter the powerline password for your Router. The password can be 4-24 characters long. The letters of the password are displayed as asterisks. As soon as you change anything in the password, the checkbox below the password field will indicate, that after clicking "Apply", the new password will be set.
64
In the Remote Powerline Device List you can see the information about the MAC Address and Data Rate as measurement with the powerline protocol for all adapters the Router can reach in the Powerline network.
Press the Apply button to put all changes in the Powerline settings window into effect.After you press the Apply button, the notification screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any error messages (Validating values...done and also Committing values...done) your configuration has been updated. Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
65
4.11 Security Tabs Select the Security settings from the main tabs. The following screen will appear.
Fig. 4.11 Security settings window
66
In this screen, you can configure all security features of your Corinex Wireless to Powerline Router G. The router can act either as RADIUS Server or RADIUS Client, connecting to another RADIUS server on the network. The embedded server allows client authorization using the EAP-MD5 protocol. You can specify which authentication method will be used for the both Ethernet and wireless part of your router. The following section of this manual will show you how to connect to a secure network or secure your own wired and wireless network. External RADIUS server In this section you can set the parameters of the authorization by an external RADIUS server. RADIUS Server IP Address Here you can enter the IP address of the remote RADIUS server. RADIUS Port Specifies the UDP port where the RADIUS server listens for client requests. By default it is set to 1812, but depends on the actual server. RADIUS Key Here you can enter the shared secret. The shared secret is a key by which the server and the clients recognize each other and is used for secure transmission of user passwords.
Internal Embedded RADIUS Server In this section you can set the parameters for the internal RADIUS server. Embedded RADIUS Server You can either Disable or Enable the embedded RADIUS server. As you can see below this field, the Embedded RADIUS IP address of the server is 10.0.0.2 by default, and the server listens on the UDP Embedded RADIUS Port 1812.
RADIUS Key
67
Here you can enter the shared secret. The shared secret is a key by which the server and the clients recognize each other and is used for secure transmission of user passwords. Embedded RADIUS Username & Embedded RADIUS Password These two fields specify the authentication settings. Only clients, who provide this information to the server, are granted to connect.
Wired Authentication Wired 802.1x Here you can either Disable or Enable authentication for users connecting through the Ethernet and Powerline interfaces of the router. Wired 802.1x RADIUS server For users connecting through Ethernet or Powerline, you can select whether to pass the authentication requests to an External RADIUS Server, or to the Embedded RADIUS Server.
Wireless Authentication In this section, you can set the security settings for users connecting through the Wireless Interface. You can set which RADIUS server to use, network authentication method and enter passwords for authentication. Wireless Interface Here you can select which wireless interface you want to manage. By default the name of the interface is “corinex” followed by the MAC address of the wireless part of your router. Wireless 802.1x RADIUS server You can select whether to use the External RADIUS Server, or the Embedded RADIUS Server for authentication. Network Authentication The default is set to Open, which allows either Open System or Shared Key authentication to be used. With Open System authentication, the sender and the recipient do NOT use a WEP key for authentication. With Shared Key authentication, the sender and recipient use a WEP key for authentication. Set the network
68
authentication method. 802.1X and WPA require that valid RADIUS parameters are set. WPA-PSK requires a valid WPA Pre-Shared Key to be set.
WPA Encryption WPA gives you three encryption methods, TKIP and AES or TKIP+AES, with dynamic encryption keys. Select the type of algorithm, TKIP, AES or TKIP+AES, enter a WPA Pre-Shared Key of 8-32 characters, and enter a Group Key Renewal period, which instructs the Router how often it should change the encryption keys. Set the Network Key Rotation Interval in seconds. Leave blank or set zero to disable the rotation.
WEP Encryption WEP is a basic encryption method, not as secure as WPA. To use WEP, select a WEP key and a level of WEP encryption and either generate a WEP key through the Passphrase or enter the WEP key manually. The WEP Encryption field enables or disables WEP data encryption. Selecting Enabled enables WEP data encryption and requires that a valid network key is set and selected unless 802.1X is enabled. WEP Encryption Type You can select between 64 bit and 128 bit WEP type of encryption. WEP Passphrase
69
In this field enter the passphrase (up to 32 characters) and press the Generate keys button to automatically fill the keys. After pressing the Generate keys button the following alert window will appear.
Note: Please follow the instructions displayed in the alert window to successfully set up WEP encryption on the wireless clients. Network Key 1 – 4 WEP network keys enable you to create an encryption scheme for wireless LAN transitions. Manually enter a set of values (do not leave the field blank). If you use 64-bit WEP encryption, then each key must consist of exactly 5 ASCII or 10 hexadecimal characters in length. If you use 128-bit WEP encryption, than each key must consist of exactly 13 ASCII or 26 hexadecimal characters in length. Valid hexadecimal characters are “0-9” and “A-F”. In the Current Network Key field you can select which network key is used for encryption outbound data and/or authenticating client.
After you have entered the values in this screen, you can set them up by clicking on the Apply button. After you press the Apply button, the notification screen will appear. This screen notifies you of any errors that were detected while changing the router's settings. If all values were inserted correctly and you do not see any error messages (Validating values...done and also Committing values...done) your configuration has been updated.
70
Reboot the system to enable the new configuration or continue without restarting the device by pressing the Continue button.
4.12 Firmware Tabs Select the Firmware settings from the main tabs. The following screen will appear:
Fig. 4.12 Firmware settings window Boot Loader Version info shows you the current version of the Boot Loader and the OS Version give you and information about the current version of the Firmware (OS) which has your Corinex Wireless to Powerline Router G. Firmware upgrade feature enables you to change/upgrade the Firmware (Router’s internal software) through by the file found on the Corinex Support Web page or sent to you by the Corinex Technical Support. Click on the Choose button and select the firmware file in the following dialogue. Note: Be sure that you are entering the valid firmware file, because with entering the wrong file you will most probably destroy the internal Router firmware and it will be required to repair it in the factory. These repairs are not included in the warranty. Also be sure that you don’t switch the computer or Router off in the time of the file transfer. It is also strongly recommended to save your settings into the file, as most upgrades will have the default factory settings.
71
Fig. 4.13 Choose file
After selecting the firmware file, click the Open button and then (in the display screen) Upgrade button. Note: After successful firmware upgrade we recommend you to reset the Corinex Wireless to Powerline Router G to factory default settings.
72
5. Powerline Setup through the Ethernet Interface using Corinex Setup Tool
If you want to change the password on the powerline interface without using web-based utility, you can change it using the Corinex Setup Tool. The computer running Corinex Setup Tool must be connected directly or through the hub to one of the Ethernet LAN ports of the Router (Figure 5.1). Because the LAN side of the Router is a switch, Powerline management messages come through to the Powerline port of the Router.
Fig.5.1 Configuration of the Powerline port through the Ethernet
Then by using the Corinex Setup Tool, you can discover the Powerline port of the Router, as it will appear in the first window of the Tool. Make sure, you are configuring the Powerline port of the Router, not any other adapter that Corinex Setup Tool may find in the network.
5.1 Installing the Setup Tool 1. Insert the installation CD. The CD should automatically start the installation
process. If the installation program does not start automatically, start the application by selecting My Computer, usually found on the desktop or laptop start up screen. Navigate to the CD drive and double click on the drive. The Installation CD menu (Fig.5.2) will appear. Click on Install Setup Tool.
Fig.5.2 Installation CD menu
73
Note: By clicking on Read Documentation you can read the manuals and additional documents included on the Installation CD.
2. The following welcome screen will be displayed. Click Next to continue.
Fig.5.3 Setup Tool
3. The next screen will ask where the Setup Tool should be installed. Click Next to continue.
Fig.5.4 Select Destination Directory
74
4. This screen will ask where Setup should place the program’s shortcuts. Select the
Start Menu Folder or simply click Next.
Fig.5.5 Select Start Menu Folder
5. The following screen will appear to inform you that Setup is ready to begin installing the Setup Tool on your computer. Click Install.
Fig.5.6 Ready to Install
75
After the installation is finished, the Setup Tool will start automatically. Refer to chapter 5.3 for further instructions. 5.2 Testing the Setup To verify that the connection is working correctly, use the standard Ping utility. In Windows, click on menu Start -> Run, then write the command ping IPADDRESS -t, where IPADDRESS is the IP address of the computer to which the Router is connected to, e.g. ping 192.168.4.1 -t (This command will be stopped by pressing keys CTRL+C).
• Ping the IP address of the computer to which the Router is connected. If this fails, there is a problem with the Ethernet network card or with the TCP/IP protocol.
• Repeat the same process with the other computers on the Powerline network. • If all nodes can ping themselves, try pinging another Powerline device on the
network. If this fails, there is a problem with connections on the Powerline. Try to check the connection to the AC outlet or use a different AC outlet.
• If the setup does not work, refer to the troubleshooting guide, but first, try unplugging the Powerline device and reboot the computer as this sometimes fixes the problem.
5.3 Running the Setup Tool The setup so far allows transmission of data encrypted with a universal key. To set your private and personal encryption keys for the network, run the Corinex Setup Tool provided on the CD. This prevents anyone from intercepting your transmitted data. The Setup Tool allows the user to setup a private and secure powerline network. Follow the steps of this guide on the screen and your secure network will be set up correctly.
1. Make sure that your Corinex Wireless to Powerline Router G is connected to the computer and start the Setup Tool from the Start menu by selecting the software folder and select Corinex Setup Tool. The following screen will appear.
76
Fig.5.6 Select Local Powerline Adapter
2. Detecting the device takes a few seconds. If there are more locally connected powerline devices, select the device you want to configure from the list. Click Next.
3. Now the following screen should be displayed. This is the screen where your
network password is selected. Choose a password between 4 and 24 characters, the password is case sensitive so remember exactly how it was typed as it will be needed for the next device being set up. Type your password in the Network Encryption Key box and click Next. If you don’t want to use encryption, uncheck the box Encrypt frames.
Fig.5.7 Choose Network Encryption Key
77
4. Click Next again to program the Corinex Wireless to Powerline Router G with the
new encryption key. This will take a few seconds. The next screen will look similar to the following screen. The white box will list the MAC addresses of all other installed powerline devices on the network that are programmed with your chosen network password. If no other devices have been programmed, the list will be empty. If you use also other than Corinex HomePlug certified devices in the network, these devices may be set at the default status. This default setting makes sure that HomePlug devices find each other in a network and connect and communicate automatically with each other. In order to generate your private and secure network, all HomePlug certified devices in the network must be set to the same network encryption key, either to the default key "HomePlug" or your own selection.
Fig.5.7 Configured devices The adapter with the MAC address 00:50:C2:02:12:95 acts as local device in the network and identifies the devices shown under Device Address in the window as belonging to the network. The function and performance of the devices between the local device / adapter 00:50:C2:02:12:95 and the devices identified in the network is displayed in the window under Connection Quality.
5. All devices in your network must be programmed with the same network encryption key. Run this utility on all computers with a Powerline networking device attached. If you have a Powerline device that is not normally connected to a computer, it must first be connected to a computer and set up with a network encryption key.
78
6. Setup of Router SNMP Powerline Agent on the OPM Management Station
Corinex Open Powerline Management (OPM) is a powerful and versatile network management software tool that allows the operators to configure, monitor and test all Powerline devices across their entire network. Corinex Open Powerline Management is based on SNMP (Simple Network Management Protocol) - a standard protocol for enhanced management and testing of communication devices. The management is independent from any hardware configuration and as a no-worry system, designed for future network expansion with support for HomePlug standard certified Powerline devices. The Corinex Open Powerline Management software answers a wide - ranging need of service providers, when they expand their services based upon the new Powerline devices in the network. Corinex Open Powerline Management offers easy to use and intuitive step-by-step navigation for an authorized user or network administrator and gives users easier implementation by installing Powerline Agents within a Powerline network. We suppose you have the OPM already installed, we refer you to the OPM User and Installation Guide. To add a Router’s agent into the OPM running on the management station PC, you need to start the OPM wizard by clicking the Add button in the OPM main window (Fig. 6.1) to start the Add wizard.
Fig.6.1 Corinex Open Management main window
79
Adding a Local Network
After clicking on the Add button in the main window (Fig. 6.1), the wizard will appear and the administrator has to choose the option Add Local Network as shown in Fig 6.2
Fig. 6.2 Add Wizard - Option Add Local Network
After the Next button click, choose a name for the Local Network (text field Name, for example "floor1" as shown in Fig. 6.3), than click the Finish button.
Fig. 6.3 Adding a Local Network - choosing a name for a Local Network
After clicking on the Finish button, a Local Network named "floor 1" will be created and you will be asked if you want to add a Powerline network.
80
Adding a Powerline Network
Use the same wizard (Add button in the main window, fig 1) to define a new Powerline network. In the wizard window, click on the option Add Powerline Network (Fig 6.4).
Fig. 6.4 Adding Powerline Network - Option Add Powerline Network
Then choose a name for the Powerline Network (text field Name, for example "powerline 1" as shown in Fig. 6.5). The Local network list allows you to choose a Local Network (necessary, if there is more than one). A Completing dialogue will be displayed by the Next button click.
Fig. 6.5 Adding Powerline Network - choosing a name for a Powerline Network
After clicking on the Finish button in completing dialogue, you will be able to add a Powerline device. Also you can choose a Local and Powerline network (i.e. "floor 1" and "Powerline 1" as in Fig. 6.6).
81
Adding a Powerline Device
To manage a Powerline Network, the network must contain a minimum of one Powerline device, a computer running OPM software and one networking Agent (running on a router or Computer). To add another powerline device, start the wizard by clicking the Add button in the main window (Fig. 6.1). Then choose the Powerline Device option (Fig. 6.6). Then choose Local and Powerline network where you want to assign device (i.e. "floor 1" and "Powerline 1" as in Fig. 6.6).
Fig. 6.6 Adding a Powerline Device
By clicking on the Next button you will be asked to fill more information into the Add Powerline device window. If you need to add a Powerline device that is not connected to the Powerline now, you need to click on the Enter MAC address manually check box and fill MAC address field with valid MAC address (e.g. "00:0B:C2:12:13:14"). This action will give the possibility to remember the Powerline devices for future reference and use in an associated network structure.
Fig. 6.7 Adding a Powerline Device - choosing Local and Powerline networks
82
In the following window you have to fill Powerline agent's settings (Fig. 6.8). Default Powerline Agent configuration values will appear, assuming the Agent is running on a local PC. If the Powerline Agent is not running on a local PC, which can be a host to a Powerline Agent (in this case the Corinex Wireless to Powerline Router G), the name or IP address of that device should be written to the text field Address. The default IP address of the Corinex Wireless to Powerline Router G is 10.0.0.2. The insertions for the fields: Port, Read and Write community must be in accordance with the naming of the Powerline Agent's settings and after inserting these names and number settings, you must click on the Finish button to continue.
Fig. 6.8 Adding Powerline Device - Powerline Agent settings
If the Agent's settings are correct, the Choose Powerline adapter dialog may appear if agent can access more than one powerline network. If this happened, choose the desired device from the accessible devices list and click on the OK button (Fig. 6.9)
Fig. 6.9 Adding Powerline Device - Select device from list After clicking on wizard's Finish button (Fig. 6.8) or OK button in Choose Powerline device window (Fig. 6.9), the main window Tree view will contain new device (Fig. 6.10) as recognized by the network. In a few seconds (max. 25) the next devices, which are part of the same Powerline network, will appear.
83
Fig. 6.10 Adding Powerline Device – finished
This procedure has to be repeated until all devices in the network are registered, before the network can be managed effectively.
7. Setup of Router SNMP Powerline Agent on the OMH Software Corinex Open Management for Hotels is a powerful and versatile network management software tool that allows the operators to configure, monitor and test all Powerline or CableLAN devices across their entire network. Corinex Open Management for Hotels is based on SNMP (Simple Network Management Protocol) - a standard protocol for enhanced management and testing of communication devices. The management is independent from any hardware configuration and as a no-worry system, designed for future network expansion with support for HomePlug standard certified Powerline devices. The Corinex Open Management for Hotels software answers a wide - ranging need of service providers, when they expand their services based upon new Powerline or CableLAN devices in the network. We suppose you have the OMH software already installed, we refer you to the OMH User and Installation Guide.
84
To add a Router’s agent into the OMH software running on the management station PC, you need to configure the SNMP Node.
Configuration of the SNMP Node
Fig.7.1 Corinex Open Management for Hotels main window
When the user wants to add the new SNMP node, the Plug-ins->SNMP Node->Add option must be selected from the Main menu. The following window will appear as it is shown on Fig. 7.2.
Fig. 7.2 Add SNMP Node Window
85
After choosing desired plug-in and clicking Ok button the following window will appear as shown on Fig. 7.3.
Fig. 7.3 SNMP Agent Settings Window In “Agent” section you need to specify the IP address or name of the SNMP agent. Default SNMP Node configuration values will appear, assuming the Agent is running on a local PC or in Corinex device. If the user wants to use the SNMP Agent which is running on a Corinex Wireless to Powerline Router G device, the name or IP address of this device must be written in to the text field Agent Address. The default IP address of the Corinex Wireless to Powerline Router G is 10.0.0.2. The insertions for the fields: Port, Read and Write community must be in accordance with the naming of the Agent’s settings In “Connection” section you need to specify the Timeout and the number of Retries for the SNMP communication. In “Node” section you need to specify a unique name for the new SNMP node. Then, after inserting these names and number settings, you must click on the Add button after clicking on this button, the new SNMP node will be added as selected plug-in.
86
Fig. 7.4 Adding SNMP Node – finished The main window Tree view will contain new device (Fig.7.4) as recognized by the network. This procedure has to be repeated until all devices in the network are registered, before the network can be managed effectively.
Appendix A: Troubleshooting
A.1 Troubleshooting Guide This section provides possible solutions to problems regarding the installation and operation of the Corinex Wireless to Powerline Router G. Read the description below to solve your problems. If you can not find an answer here, check the Corinex website at www.corinex.com Computer networking can sometimes be "tricky" when many components must work together to function properly for the ultimate network system. The problems are usually easy to fix with the right tools. The following tools, available on your computer or the Corinex CD, will get you started. • Setup Tool (from the Corinex Wireless to Powerline Router G Installation CD)
87
• Ping (from the command prompt) • ipconfig (WinNT/2000/XP), winipcfg (Win9x/Me) (from the command prompt) – for PC If it just doesn’t work... 1. Check that the Power LED on the Corinex Wireless to Powerline Router G if it is on, if not:
• Check the AC cord. • Make sure the AC outlet is working by plugging something else into it. If this
works, try another outlet. If this fails as well, try 2. – 4. 2. Check the Ethernet cables: The Corinex Wireless to Powerline Router G has a LEDs on the LAN part of the Ethernet side labeled LINK/ACT. If it is not on:
• Check if the device at the other end of the Ethernet cable is switched on. • Try a different Ethernet cable.
3. Check that the devices exist on the network: Start the Setup Tool, click Next and see if all devices on your network are found. If all devices are listed, skip this section. If a device is missing:
• Make sure all computers have active current network slot. • Make sure the Corinex Powerline Adapters are plugged straight into the power
socket. • Unplug all Corinex Powerline Adapters and plug them back in again, one by one.
Run the Setup Tool again. • The devices may be programmed with different passwords. Setup all devices with
a new password as described in the previous chapter.
4. Check that TCP/IP detects the Corinex Wireless to Powerline Router G: From the command prompt, run ping and type the computer name or IP address of the computer you are working on [ping your computer name]. This should return 4 good packets. Now try to ping another computer on the network. If a timeout occurs:
• Go into the TCP/IP properties and check that the buttons for automatically obtaining IP addresses and gateway are checked. If not, make sure that both computers are on the same subnet.
• Run ipconfig /all from the command prompt on all computers to verify that all computers have valid IP addresses on the same subnet.
• The IP tables may be corrupted, reboot all computers and try again. If these tests work, you have basic connectivity and can use all network services. If this does not work, you may have a faulty device. Please contact your reseller or local distributor.
I have got all that, it still doesn’t work...
88
• Make sure that your TCP/IP settings are set to automatically obtaining IP address and gateway address. If the DHCP server is not running on the network, than set the TCP/IP configuration manually as described in the chapter 3.2. • Switch off all computers and unplug the Powerline devices, now plug your Powerline Adapter back into power socket before switching on your computer. This will ensure that the computer’s IP address will be obtained from the Router. • Now open the web browsers, if the „Not Found“ page appears, try to check your LAN settings in the Internet Options of your web browser. It works but it is slow... A slow connection is almost always due to poor electrical connection. • Make sure the device is plugged straight into the socket and not into a power splitter or extension cord. • Try another outlet Wireless part… The Link LED for Wireless status does not light up on the Access Point. • When the Wireless port detects a WLAN connection, the Link LED will blinking. Check the Wireless adapter on your computer to see if connection and adapter work properly. Check the Wireless configuration of the Wireless adapter on your computer. See Chapter: Using the Wireless Connection. I am getting interference between my other 2.4GHz wireless devices and my wireless network. You can take several steps: • Change the channel of the other 2.4GHz Wireless devices or the Access Point so that they can use different channels. • Move wireless devices farther away from the Access Point space. I can not connect to other computers through the Wireless on my Powerline network or to the Internet. • Make sure the IP address and TCP/IP protocol are set up correctly for all Wireless or Powerline networked computers. For more information on IP addresses, see Appendix C: IP Addressing. • Make sure all devices are configured by using the Corinex Setup Tool. The network password must be the same for all devices in order to communicate with each other. See Chapter: Powerline Setup using Corinex Setup Tool. Check that the devices exist on the powerline network. Start the Setup Tool Program, click Next and see if all devices are found on your network. If all devices are listed, skip this section. If a device is missing: • Make sure all computers have only one active network slot. • Make sure the Corinex Powerline Adapters are plugged straight into the Powerline network through power cable.
89
• Unplug all Corinex Powerline Adapters and plug them back in again, one by one. Then run the Setup Tool Program again. • The devices might be programmed with different passwords. Set up all devices with a new password as described in the section Powerline Setup through the Ethernet Interface using Corinex Setup Tool. If you still have the trouble, you might contact the Corinex “help desk” by sending an e-mail to [email protected]. Make sure to inform as about the following items: - describing your problem - reporting the device types and manufacturing numbers of your network adapters - giving us a phone number under which you may be reached, inclusive a convenient time to call
A.2 Frequently Asked Questions What is the maximum number of IP addresses that the Router will support? The Router will support up to 253 IP addresses. Where is the Router installed on the network? In a typical environment, the Router is installed between the cable/DSL modem and the LAN. Plug the Router into the cable/DSL modem’s Ethernet port. Does the Router support IPX or AppleTalk? No. TCP/IP is the only protocol standard for the Internet and has become the global standard for communications. IPX, a NetWare communications protocol used only to route messages from one node to another, and AppleTalk, a communications protocol used on Apple and Macintosh networks, can be used for LAN to LAN connections, but those protocols cannot connect from the Internet to a LAN. Does the Internet connection of the Router support 100Mbps Ethernet? The Router’s current hardware design supports up to 100Mbps Ethernet on WAN port however, the Internet connection speed will vary depending on the speed of your broadband connection. The Router also supports 100Mbps over the auto-sensing Fast Ethernet 10/100 switch on the LAN side of the Router. What is Network Address Translation and what is it used for? Network Address Translation (NAT) translates multiple IP addresses on the private LAN to one public address that is sent out to the Internet. This adds a level of security since the address of a PC connected to the private LAN is never transmitted on the Internet. Furthermore, NAT allows the Router to be used with low cost Internet accounts, such as DSL or cable modems, when only one TCP/IP address is provided by the ISP. The user may have many private addresses behind this single address provided by the ISP. Can multiple gamers on the LAN get on one game server and play simultaneously with just one public IP address? It depends on which network game or what kind of game server you are using. For example, Unreal Tournament supports multi-login with one public IP. How can I block corrupted FTP downloads?
90
If you are experiencing corrupted files when you download a file with your FTP client, try using another FTP program. If all else fails in the installation, what can I do? Reset the Router by holding down the reset button until the Power LED fully turns on and off (Press the button no longer than 5 sec). Reset your cable or DSL modem by powering the unit off and then on. Obtain and flash the latest firmware release that is readily available on the Corinex website, www.corinex.com. How will I be notified of new Router firmware upgrades? All Corinex firmware upgrades are posted on the Corinex website at www.corinex.com, where they can be downloaded for free. To upgrade the Router’s firmware, use the Firmware tab of the Router’s web-based utility. If the Router’s Internet connection is working well, there is no need to download a newer firmware version, unless that version contains new features that you would like to use. Downloading a more current version of Router firmware will not enhance the quality or speed of your Internet connection, and may disrupt your current connection stability. Will the Router function in a Macintosh environment? Yes, but the Router’s setup pages are accessible only through Internet Explorer 4.0 or Netscape Navigator 4.0 or higher for Macintosh. I am not able to get the web configuration screen for the Router. What can I do? You may have to remove the proxy settings on your Internet browser, e.g., Netscape Navigator or Internet Explorer. Or remove the dial-up settings on your browser. Check with your browser documentation, and make sure that your browser is set to connect directly and that any dial-up is disabled. For Internet Explorer, click Tools, Internet Options, and then the Connection tab. Make sure that Internet Explorer is set to Never dial a connection. For Netscape Navigator, click Edit, Preferences, Advanced, and Proxy. Make sure that Netscape Navigator is set to Direct connection to the Internet. Is the Router cross-platform compatible? Any platform that supports Ethernet and TCP/IP is compatible with the Router. Does the Router pass PPTP packets or actively route PPTP sessions? The Router allows PPTP packets to pass through. What are the advanced features of the Router? The Router’s advanced features include Advanced Wireless settings, Filters, Port Forwarding, Routing and DDNS Can the Router act as my DHCP server? Yes. The Router has DHCP server software built-in. Can I run an application from a remote computer over the wireless network? This will depend on whether or not the application is designed to be used over a network. Consult the application’s documentation to determine if it supports operation over a network. What is the IEEE 802.11g standard? It is one of the IEEE standards for wireless networks. The 802.11g standard allows wireless networking hardware from different manufacturers to communicate, provided that the hardware complies with the 802.11g standard. The 802.11g standard states a maximum data transfer rate of 54Mbps and an operating frequency of 2.4GHz. What IEEE 802.11b features are supported? The product supports the following IEEE 802.11b functions: • CSMA/CA plus Acknowledge protocol
91
• Multi-Channel Roaming • Automatic Rate Selection • RTS/CTS feature • Fragmentation • Power Management What is ad-hoc mode? When a wireless network is set to ad-hoc mode, the wireless-equipped computers are configured to communicate directly with each other. The ad-hoc wireless network will not communicate with any wired network. What is infrastructure mode? When a wireless network is set to infrastructure mode, the wireless network is configured to communicate with a wired network through a wireless access point. What is ISM band? The FCC and their counterparts outside of the U.S. have set aside bandwidth for unlicensed use in the ISM (Industrial, Scientific and Medical) band. Spectrum in the vicinity of 2.4 GHz, in particular, is being made available worldwide. This presents a truly revolutionary opportunity to place convenient high-speed wireless capabilities in the hands of users around the globe. What is Spread Spectrum? Spread Spectrum technology is a wideband radio frequency technique developed by the military for use in reliable, secure, mission-critical communications systems. It is designed to trade off bandwidth efficiency for reliability, integrity, and security. In other words, more bandwidth is consumed than in the case of narrowband transmission, but the trade-off produces a signal that is, in effect, louder and thus easier to detect, provided that the receiver knows the parameters of the spread-spectrum signal being broadcast. If a receiver is not tuned to the right frequency, a spread-spectrum signal looks like background noise. There are two main alternatives, Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS). What is DSSS? Direct-Sequence Spread- Spectrum (DSSS) generates a redundant bit pattern for each bit to be transmitted. This bit pattern is called a chip (or chipping code). The longer the chip, the greater the probability that the original data can be recovered. Even if one or more bits in the chip are damaged during transmission, statistical techniques embedded in the radio can recover the original data without the need for retransmission. To an unintended receiver, DSSS appears as low power wideband noise and is rejected (ignored) by most narrowband receivers. Would the information be intercepted while transmitting on air? Instant wireless products feature two-fold protection in security. On the hardware side, as with Direct Sequence Spread Spectrum technology, it generates security feature of scrambling. On the software side, instant wireless products offer the encryption function (WEP) to enhance security and access control. Users can set it up depending upon their needs. Can instant wireless products support file and printer sharing? Instant wireless products perform the same function as LAN products. Therefore, instant wireless products can work with NetWare, Windows NT/2000, or other LAN operating systems to support printer or file sharing. What is WEP?
92
WEP is Wired Equivalent Privacy, a data privacy mechanism based on a 64-bit or 128-bit shared key algorithm, as described in the IEEE 802.11 standard. What is a MAC Address? The Media Access Control (MAC) address is a unique number assigned by the manufacturer to any Ethernet networking device, such as a network adapter, that allows the network to identify it at the hardware level. For all practical purposes, this number is usually permanent. Unlike IP addresses, which can change every time a computer logs onto the network, the MAC address of a device stays the same, making it a valuable identifier for the network. How do I reset the Router to default? Press and hold the Reset button on the back panel until all the LED has been lightened (for about ten seconds). This will reset the Router to its default settings. How do I resolve issues with signal loss? There is no way to know the exact range of your wireless network without testing. Every obstacle placed between the Router and a wireless PC will create signal loss. Lead glass, metal, concrete floors, water and walls will inhibit the signal and reduce range. Start with the Router and your wireless PC in the same room and move it away in small increments to determine the maximum range in your environment. You may also try using different channels, as this may eliminate interference affecting only one channel. I have excellent signal strength, but I cannot see my network. WEP is probably enabled on the Router, but not on your wireless adapter (or vice versa). Verify that the same WEP keys and levels (64 or 128) are being used on all nodes of your wireless network. How many channels/frequencies are available with the Router? There are fourteen available channels, ranging from 1 to 14. For 802.11g we support 11 channels for North America, 13 for Europe (ETSI) and 14 for Japan. Do the Corinex powerline products cause interference with other home networking or powerline products? No. The Corinex powerline products can co-exist with phone line and wireless networking technologies. How do the Instant Powerline products handle node addressing in the network? The Corinex Powerline products adhere to standard Ethernet addressing protocols using the destination and source of MAC addressing. How can your technology be beneficial in general? General benefits are inexpensiveness, fastness and reliably manageable installation. How can your technology be beneficial for me as Internet provider? Our technology lowers the costs, and adds manageability. How can your technology be beneficial for me as Internet user? Lower the cost, reach points where there is no other alternative. In which frequency band operates your Powerline technology? Our Powerline technology operates in 4-21 MHz spectrum using OFDM modulation. Can I manage Powerline devices remotely? Yes, you can manage all of our devices remotely by using Open Powerline Management software (OPM) or you can use the Corinex Open Management for Hotels. If your questions are not addressed here, refer to the Corinex website, www.corinex.com
93
A.3 Corinex Authorized Powerline Partners Program We also advise you to visit our Corinex Authorized Powerline Partners Program web page (cappp.corinex.com), as you can find here valuable information about complex applications and installations, along with the partners in your area that provide installation services.
Appendix B: Wireless Security A Brief Overview Whenever data - in the form of files, emails, or messages - is transmitted over your wireless network, it is open to attacks. Wireless networking is inherently risky because it broadcasts information on radio waves. Just like signals from your cellular or cordless phone can be intercepted, signals from your wireless network can also be compromised. What are the risks inherent in wireless networking? Read on. What Are The Risks? Computer network hacking is nothing new. With the advent of wireless networking, hackers use methods both old and new to do everything from stealing your bandwidth to stealing your data. There are many ways this is done, some simple, some complex. As a wireless user, you should be aware of the many ways they do this. Every time a wireless transmission is broadcast, signals are sent out from your wireless PC or access point, but not always directly to its destination. The receiving PC or access point can hear the signal because it is within that radius. Just as with a cordless phone, cellular phone, or any kind of radio device, anyone else within that radius, who has their device set to the same channel or bandwidth can also receive those transmission. Wireless networks are easy to find. Hackers know that, in order to join a wireless network, your wireless PC will typically first listen for "beacon messages". These are identifying packets transmitted from the wireless network to announce its presence to wireless nodes looking to connect. These beacon frames are unencrypted and contain much of the network's information, such as the network's SSID (Service Set Identifier) and the IP address of the network PC or access point. The SSID is analogous to the network's name. With this information broadcast to anyone within range, hackers are often provided with just the information they need to access that network. One result of this, seen in many large cities and business districts, is called "Warchalking". This is the term used for hackers looking to access free bandwidth and free Internet access through your wireless network. The marks they chalk into the city streets are well documented in the Internet and communicate exactly where available wireless bandwidth is located for the taking. Even keeping your network settings, such as the SSID and the channel, secret won't prevent a hacker from listening for those beacon messages and stealing that
94
information. This is why most experts in wireless networking strongly recommend the use of WEP (Wired Equivalent Privacy). WEP encryption scrambles your wireless signals so they can only be recognized within your wireless network. But even WEP has its problems. WEP's encryption algorithm is referred to as "simple", which also means "weak", because the technology that scrambles the wireless signal isn't too hard to crack for a persistent hacker. There are five common ways that hackers can break into your network and steal your bandwidth as well as your data. The five attacks are popularly known as: 1. Passive Attacks 2. Jamming Attacks 3. Active Attacks 4. Dictionary-building or Table Attacks 5. Man-in-the-Middle Attacks Passive Attacks There's no way to detect a passive attack because the hacker is not breaking into your network. He is simply listening (eavesdropping, if you will) to the information your network broadcasts. There are applications easily available on the Internet that can allow a person to listen into your wireless network and the information it broadcasts. Information such as MAC addresses, IP addresses, usernames, passwords, instant message conversations, emails, account information, and any data transmitted wirelessly, can easily be seen by someone outside of your network because it is often broadcast in clear text. Simply put, any information transmitted on a wireless network leaves both the network and individual users vulnerable to attack. All a hacker needs is a "packet sniffer", software available on the Internet, along with other freeware or shareware hacking utilities available on the Internet, to acquire your WEP keys and other network information to defeat security. Jamming Attacks Jamming Attacks, when a powerful signal is sent directly into your wireless network, can effectively shut down your wireless network. This type of attack is not always intentional and can often come about simply due to the technology. This is especially possible in the 2.4 GHz frequency, where phones, baby monitors, and microwave ovens can create a great deal of interference and jam transmissions on your wireless network. One way to resolve this is by moving your wireless devices into the 5 GHz frequency, which is dedicated solely to information transmissions. Active Attacks Hackers use Active Attacks for three purposes: 1) stealing data, 2) using your network, and 3) modifying your network so it's easier to hack in the next time. In an Active Attack, the hacker has gained access to all of your network settings (SSID, WEP keys, etc.) and is in your network. Once in your wireless network, the hacker has access to all open resources and transmitted data on the network. In addition, if the
95
wireless network's access point is connected to a switch, the hacker will also have access to data in the wired network. Further, spammers can use your Internet connection and your ISP's mail server to send tens of thousands of emails from your network without your knowledge. Lastly, the hacker could make hacking into your network even easier by changing or removing safeguards such as MAC address filters and WEP encryption. He can even steal passwords and user names for the next time he wants to hack in. Dictionary-Building or Table Attacks Dictionary-building, or Table attacks, is a method of gaining network settings (SSID, WEP keys, etc.) by analyzing about a day's worth of network traffic, mostly in the case of business networks. Over time, the hacker can build up a table of network data and be able to decrypt all of your wireless transmissions. This type of attack is more effective with networks that transmit more data, such as businesses. Man-in-the-Middle Attacks A hacker doesn't need to log into your network as a user - he can appear as one of the network's own access points, setting himself up as the man-in-the-middle. To do this, the hacker simply needs to rig an access point with your network's settings and send out a stronger signal that your access point. In this way, some of your network's PCs may associate with this rogue access point, not knowing the difference, and may begin sending data through it and to this hacker. The trade-off for the convenience and flexibility wireless networking provides is the possibility of being hacked into through one of the methods described here. With wireless networks, even with WEP encryption, open to the persistent hacker, how can you protect your data? The following section will tell you how to do just that. B.1 Maximizing Wireless Security Security experts will all tell you the same thing: Nothing is guaranteed. No technology is secure by itself. An unfortunate axiom is that building the better mousetrap can often create a better mouse. This is why, in the examples below, your implementation and administration of network security measures is the key to maximizing wireless security. No preventative measure will guarantee network security but it will make it more difficult for someone to hack into your network. Often, hackers are looking for an easy target. Making your network less attractive to hackers, by making it harder for them to get in, will make them look elsewhere. How do you do this? Before discussing WEP and WPA, let's look at a few security measures often overlooked.
96
A. Common Sense Solutions 1) Network Content Now that you know the risks assumed when networking wirelessly, you should view wireless networks as you would the Internet. Don't host any systems or provide access to data on a wireless network that you wouldn't put on the Internet. 2) Network Layout When you first lay out your network, keep in mind where your wireless PCs are going to be located and try to position your access point(s) towards the center of that network radius. Remember that access points transmit indiscriminately in a radius; placing an access point at the edge of the physical network area reduces network performance and leaves an opening for any hacker smart enough to discover where the access point is transmitting. This is an invitation for a man-in-the-middle attack, as described in the previous section. To perform this type of attack, the hacker has to be physically close to your network. So, monitoring both your network and your property is important. Furthermore, if you are suspicious of unauthorized network traffic, most wireless products come with a log function, with which you can view activity on your network and verify if any unauthorized users have had access. 3) Network Devices With every wireless networking device you use, keep in mind that network settings (SSID, WEP keys, etc.) are stored in its firmware. If they get into the hands of a hacker, so do all of your settings. So keep an eye on them. 4) Administrator passwords Your network administrator is the only person who can change network settings. If a hacker gets a hold of the administrator's password, he, too, can change those settings. So, make it harder for a hacker to get that information. Change the administrator's password regularly. 5) SSID There are a few things you can do to make your SSID more secure: a. Disable Broadcast b. Make it unique c. Change it often
97
Most wireless networking devices will give you the option of broadcasting the SSID. This is a option for convenience, allowing anyone to log into your wireless network. In this case, however, anyone includes hackers. So don't broadcast the SSID. A default SSID is set on your wireless devices by the factory. (The Corinex default SSID is "corinex".) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use. Changing your SSID regularly will force any hacker attempting to gain access to your wireless network to start looking for that new SSID. With these three steps in mind, please remember that while SSIDs are good for segmenting networks, they fall short with regards to security. Hackers can usually find them quite easily. 6) MAC addresses Enable MAC address filtering if your wireless products allow it. MAC address filtering will allow you to provide access to only those wireless nodes with certain MAC addresses. This makes it harder for a hacker using a random MAC address or spoofing (faking) a MAC address. 7) Firewalls Once a hacker has broken into your wireless network, if it is connected to your wired network, they'll have access to that, too. This means that the hacker has effectively used your wireless network as a backdoor through your firewall, which you've put in place to protect your network from just this kind of attack via the Internet. You can use the same firewall technology to protect your wired network from hackers coming in through your wireless network as you did for the Internet. Rather than connecting your access point to an unprotected switch, swap those out for a router with a built-in firewall. The router will show the access point coming in through its WAN port and its firewall will protect your network from any transmissions entering via your wireless network. PCs unprotected by a firewall router should at least run firewall software, and all PCs should run up-to-date antiviral software. B. WEP Wired Equivalent Privacy (WEP) is often looked upon as a panacea for wireless security concerns. This is overstating WEP's ability. Again, this can only provide enough security to make a hacker's job more difficult. WEP encryption implementation was not put in place with the 802.11 standard. This means that there are about as many methods of WEP encryption as there are providers of wireless networking products. In addition, WEP is not completely secure. One piece of
98
information still not encrypted is the MAC address, which hackers can use to break into a network by spoofing (or faking) the MAC address. Programs exist on the Internet that are designed to defeat WEP. The best known of these is AirSnort. In about a day, AirSnort can analyze enough of the wireless transmissions to crack the WEP key. Just like a dictionary-building attack, the best prevention for these types of programs is by not using static settings, periodically changing WEP keys, SSID, etc. There are several ways that WEP can be maximized: a) Use the highest level of encryption possible b) Use multiple WEP keys c) Change your WEP key regularly Current encryption technology offers 64-bit and 128-bit WEP encryption. If you are using 64-bit WEP, swap out your old wireless units for 128-bit encryption right away. Where encryption is concerned, the bigger and more complex, the better. A WEP key is a string of hexadecimal characters that your wireless network uses in two ways. First, nodes in your wireless network are identified with a common WEP key. Second, these WEP keys encrypt and decrypt data sent over your wireless network. So, a higher level of security ensures that hackers will have a harder time breaking into your network. Setting one, static WEP key on your wireless network leaves your network open the threats even as you think it is protecting you. While it is true that using a WEP key increases wireless security, you can increase it further by using multiple WEP keys. Keep in mind that WEP keys are stored in the firmware of wireless cards and access points and can be used to hack into the network if a card or access point falls into the wrong hands. Also, should someone hack into your network, there would be nothing preventing someone access to the entire network, using just one static key. The solution, then, is to segment your network up into multiple groups. If your network had 80 users and you used four WEP keys, a hacker would have access to only ¼ of your wireless network resources. In this way, multiple keys reduce your liability. Finally, be sure to change your WEP key regularly, once a week or once a day. Using a "dynamic" WEP key, rather than one that is static, makes it even harder for a hacker to break into your network and steal your resources. WEP Encryption WEP encryption for the Corinex Wireless to Powerline Router G is configured through the Web-Utility's Security tab. Select WEP from the dropdown menu of Security Mode (Fig. 9.1).
99
Fig. 9.1 WEP
Select WEP keys (1-4) will be used when the Router sends data. The user can also select the number of Current Network Key. Make sure the receiving device is using the same key. The WEP Key can be generated using your passphrase or you can enter it manually. If you wish to enter the WEP Key manually, type the key into the appropriate Key field on the left. The WEP key must consist of the letters "A" through "F" and the numbers "0" through "9" and should be 10 characters in length for 64-bit encryption or 26 characters in length for 128-bit encryption. All points in your wireless network must use the same WEP key to utilize WEP encryption. C. WPA
Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP. WPA is accessed through the Web-Utility's Security Tab. Choose one of the following Security Modes from the drop-down menu. WPA Pre-Shared Key If you do not have a RADIUS server, Select the type of algorithm, TKIP, AES or TKIP+AES, enter a password in the Pre-Shared key field of 8-32 characters, and enter a
100
Group Key Renewal period time between 0 and 99,999 seconds, which instructs the Router how often it should change the encryption keys. WPA RADIUS WPA used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to the Router.) First, select the type of WPA algorithm, TKIP or AES. Enter the RADIUS server’s IP Address and port number, along with a key shared between the Router and the server. Last, enter a Group Key Renewal period, which instructs the Router how often it should change the encryption keys.
Fig. 9.2 WPA and Radius
101
Appendix C: Glossary
10BaseT - An Ethernet standard that uses twisted wire pairs. 100BaseTX - IEEE physical layer specification for 100 Mbps over two pairs of Category 5 UTP or STP wire. 1000BASE-T - A 100 Mbps technology based on the Ethernet/CD network access method. Provides half-duplex (CSMA/CD) and full-duplex 1000 Mbps Ethernet service over Category 5 links as defined by ANSI/TIA/EIA-568-A. Topology rules for 1000BASE-T are the same as those used for 100BASE-T. Category 5 link lengths are limited to 100 meters by the ANSI/TIA/EIA-568-A cabling standard. Only one CSMA/CD repeater will be allowed in a collision domain. 802.11b - An IEEE wireless networking standard that specifies a maximum data transfer rate of 11Mbps and an operating frequency of 2.4GHz. 802.11g - An IEEE wireless networking standard that specifies a maximum data transfer rate of 54Mbps, an operating frequency of 2.4GHz, and backward compatibility with 802.11b devices. Access Point - Device that allows wireless-equipped computers and other devices to communicate with a wired network. Also used to expand the range of a wireless network. Adapter - Printed circuit board that plugs into a PC to add to capabilities or connectivity to a PC. In a networked environment, a network interface card (NIC) is the typical adapter that allows the PC or server to connect to the intranet and/or Internet. Asymmetrical Digital Subscriber Line (ASDL) - A new standard for transmitting at speeds up to 7 Mbps over a single copper pair. Auto-negotiate - To automatically determine the correct settings. The term is often used with communications and networking. For example, Ethernet 10/100 cards, hubs, and switches can determine the highest speed of the node they are connected to and adjust their transmission rate accordingly. Ad-hoc - A group of wireless devices communicating directly with each other (peer-to-peer) without the use of an access point. Backbone – The part of a network that connects most of the systems and networks together and handles the most data. Bandwidth – 1. Measure of the information capacity of a transmission channel, in terms of how much data the facility can transmit in a fixed amount of time; expressed in bits per second (bps). 2. The difference between the highest and lowest frequencies of a band that can be passed by a transmission medium without undue distortion, such as the AM band 535 to 1705 kilohertz. Baseband - Transmission scheme in which the entire bandwidth, or data-carrying capacity, of a medium (such as a coaxial cable) is used to carry a single digital pulse, or signal, between multiple users. Because digital signals are not modulated, only one kind of data can be transmitted at a time. Contrast with broadband. Baud (Bite at Unit Density) - A measure of the speed of transmission of data; number of elements transmitted per second.
102
Beacon Interval - The frequency interval of the beacon, which is a packet broadcast by a router to synchronize a wireless network. Bit – A binary digit. The value—0 or 1—used in the binary numbering system. Also, the smallest form of data. Boot – To cause the computer to start executing instructions. Personal computers contain built-in instructions in a ROM chip that are automatically executed on startup. These instructions search for the operating system, load it, and pass control to it. Bridge/Router- A device that can provide the functions of a bridge, router, or both concurrently. Bridge/router can route one or more protocols, such as TCP/IP and/or XNS, and bridge all other traffic. Broadband - A data-transmission scheme in which multiple signals share the bandwidth of a medium. This allows the transmission of voice, data, and video signals over a single medium. Cable television uses broadband techniques to deliver dozens of channels over one cable. Broadcast Domain - Defines the set of all devices which will receive broadcast frames originating from any device within the set. Broadcast domains are normally bounded by routers. Browser - A browser is an application program that provides a way to look at and interact with all the information on the World Wide Web or PC. The word “browser” seems to have originated prior to the Web as a generic term for user interfaces that let you browse text files online. Buffer - A storage area used for handling data in transit. Buffers are often used to compensate for differences in processing speed between network devices. Byte - The fundamental unit that a computer uses in its operation. It is a group of adjacent binary digits, usually 8, often used to represent a single character. Cable Modem - A device that connects a computer to the cable television network, which in turn connects to the Internet. Once connected, cable modem users have a continuous connection to the Internet. Cable modems feature asymmetric transfer rates: around 36 Mbps downstream (from the Internet to the computer), and from 200 Kbps to 2 Mbps upstream (from the computer to the Internet). Caching – 1. Speeds information processing by storing information from a transaction to use for later transactions. 2. Storing or buffering data in a temporary location, so that the information can be retrieved quickly by an application program. Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) - A method of data transfer that is used to prevent data loss in a network. Carrier Sense Multiple Access/Collision Detection (CSMA/CD) -A channel access mechanism wherein devices wishing to transmit first check the channel for a carrier. If no carrier is sensed for some period of time, devices can transmit. If two devices transmit simultaneously, a collision occurs and is detected by all colliding devices, which subsequently delays their retransmissions for some random length of time. CSMA/CD access is used by Ethernet /IEEE 802.3 and HomePlug. CAT 3 - ANSI/EIA (American National Standards Institute/Electronic Industries Association) Standard 568 is one of several standards that specify “categories” (the singular is commonly referred to as “CAT”) of twisted pair cabling systems (wires, junctions, and connectors) in terms of the data rates that they can sustain. CAT 3 cable has a maximum throughput of 16 Mbps and is usually utilized for 10BaseT networks.
103
CAT 5 - ANSI/EIA (American National Standards Institute/Electronic Industries Association) Standard 568 is one of several standards that specify “categories” (the singular is commonly referred to as “CAT”) of twisted pair cabling systems (wires, junctions, and connectors) in terms of the data rates that they can sustain. CAT 5 cable has a maximum throughput of 100 Mbps and is usually utilized for 100BaseTX networks. CAT 5e - The additional cabling performance parameters of return loss and farend crosstalk (FEXT) specified for 1000BASE-T and not specified for 10BASE-T and 100BASE-TX are related to differences in the signaling implementation. 10BASE-T and 100BASE-TX signaling is unidirectional—signals are transmitted in one direction on a single wire pair. In contrast, Gigabit Ethernet is bi-directional—signals are transmitted simultaneously in both directions on the same wire pair; that is, both the transmit and receive pair occupy the same wire pair. CPU (Central Processing Unit) - The computing part of the computer. Also called the “processor,” it is made up of the control unit and ALU. Daisy Chain - Connected in series, one after the other. Transmitted signals go to the first device, then to the second, and so on. Database - A database is a collection of data that is organized so that its contents can easily be accessed, managed, and updated. Data Packet - One frame in a packet-switched message. Most data communications is based on dividing the transmitted message into packets. For example, an Ethernet packet can be from 64 to 1518 bytes in length. Default Gateway - The routing device used to forward all traffic that is not addressed to a station within the local subnet. Demodulation - Opposite of modulation; the process of retrieving data from a modulated carrier wave. DHCP (Dynamic Host Configuration Protocol) - A protocol that lets network administrators centrally manage and automate the assignment of Internet Protocol (IP) addresses in an organization's network. Using the Internet’s set of protocol (TCP/IP), each machine that can connect to the Internet needs a unique IP address. When an organization sets up its computer users with a connection to the Internet, an IP address must be assigned to each machine. Without DHCP, the IP address must be entered manually at each computer and, if computers move to another location in another part of the network, a new IP address must be entered. DHCP lets a network administrator supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network. DHCP uses the concept of a “lease” or amount of time that a given IP address will be valid for a computer. The lease time can vary depending on how long a user is likely to require the Internet connection at a particular location. It’s especially useful in education and other environments where users change frequently. Using very short leases, DHCP can dynamically reconfigure networks in which there are more computers than there are available IP addresses. DHCP supports static addresses for computers containing Web servers that need a permanent IP address. DMZ - (DeMilitarized Zone) allows one IP address (or computer) to be exposed to the Internet. Some applications require multiple TCP/IP ports to be open. It is recommended that you set your computer with a static IP address if you want to use DMZ Hosting. DNS - Domain Name System (DNS). The distributed name/address mechanism used in the Internet..
104
Domain - A subnetwork comprised of a group of clients and servers under the control of one security database. Dividing LANs into domains improves performance and security. Download - To receive a file transmitted over a network. In a communications session, download means receive, and upload means transmit. DSL - (Digital Subscriber Line) - An always-on broadband connection over traditional phone lines. Driver - A workstation or server software module that provides an interface between a network interface card and the upper-layer protocol software running in the computer; it is designed for a specific NIC, and is installed during the initial installation of a network-compatible client or server operating system. DSSS (Direct-Sequence Spread-Spectrum) - DSSS generates a redundant bit pattern for each bit to be transmitted. This bit pattern is called a chip (or chipping code). The longer the chip, the greater the probability that the original data can be recovered. Even if one or more bits in the chip are damaged during transmission, statistical techniques embedded in the radio can recover the original data without the need for retransmission. To an unintended receiver, DSSS appears as low power wideband noise and is rejected (ignored) by most narrowband receivers. DTIM - (Delivery Traffic Indication Message) - A message included in data packets that can increase wireless efficiency. Dynamic IP Address - An IP address that is automatically assigned to a client station in a TCP/IP network, typically by a DHCP server. Network devices that serve multiple users, such as servers and printers, are usually assigned static IP addresses. Dynamic Routing - The ability for a router to forward data via a different route based on the current conditions of the communications circuits. For example, it can adjust for overloaded traffic or failing lines and is much more flexible than static routing, which uses a fixed forwarding path. Encapsulation - The wrapping of data in a particular protocol header. For example, Ethernet data is wrapped in a specific Ethernet header before network transit. Encryption - Applying a specific algorithm to data in order to alter the data’s appearance and prevent other devices from reading information. Decryption applies the algorithm in reverse to restore the data to its original form. Ethernet - A baseband LAN specification invented by Xerox Corporation and developed jointly by Xerox, Intel, and Digital Equipment Corporation. Ethernet networks operate at 10 Mbps using CSMA/CD to run over coaxial cable. Ethernet is similar to a series of standards produced by IEEE referred to as IEEE 802.3. Fast Ethernet - A 100 Mbps technology based on the 10Base-T Ethernet CSMA/CD network access method. Firewall - A firewall is a set of related programs, located at a network gateway server, which protects the resources of a network from users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources to which its own users have access. Basically, a firewall, working closely with a router, examines each network packet to determine whether to forward it toward its destination. Firmware - Programming that is inserted into programmable read-only memory, thus becoming a permanent part of a computing device.
105
Fragmentation - Breaking a packet into smaller units when transmitting over a network medium that cannot support the original size of the packet. FTP (File Transfer Protocol) – 1. An IP application protocol for transferring files between network nodes. 2. An Internet protocol that allows a user on one host to transfer files to and from another host over a network. Full Duplex - The ability of a networking device to receive and transmit data simultaneously. Gateway - A system that interconnects networks. Half Duplex - Data transmission that can occur in two directions over a single line, but only one direction at a time. Hardware - The physical aspect of computers, telecommunications, and other information technology devices. HTTP (HyperText Transport Protocol) - The communications protocol used to connect to servers on the World Wide Web. IEEE (The Institute of Electrical and Electronics Engineers) - An independent institute that develops networking standards. Infrastructure - Currently installed computing and networking equipment. Infrastructure Mode - Configuration in which a wireless network is bridged to a wired network via an access point. IP (Internet Protocol) - A protocol used to send data over a network. IP Address - The address used to identify a computer or device on a network. IPCONFIG - A utility that provides for querying, defining and managing IP addresses within a network. A commonly used utility, under Windows NT and 2000, for configuring networks with static IP addresses. IPSec (Internet Protocol Security) - A VPN protocol used to implement secure exchange of packets at the IP layer. IRQ (Interrupt ReQuest) - hardware interrupt on a PC. There are 16 IRQ lines used to signal the CPU that a peripheral event has started or terminated. Except for PCI devices, two devices cannot use the same line. ISM band - Radio band used in wireless networking transmissions. ISP - An ISP (Internet service provider) is a company that provides individuals and companies access to the Internet and other related services such as website building and virtual hosting. LAN (Local Area Network) - The computers and networking products that make up the network in your home or office. Latency - The time delay between when the first bit of a packet is received and the last bit is forwarded. MAC Address - The MAC (Media Access Control) address is a unique number assigned by the manufacturer to any Ethernet networking device, such as a network adapter, that allows the network to identify it at the hardware level. Mbps (MegaBits Per Second) - One million bits per second; unit of measurement for data transmission. Multicasting - Sending data to a group of destinations at once. NAT - NAT (Network Address Translation) is the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within
106
another network. One network is designated the inside network and the other is the outside. NetBEUI (NetBIOS Extended User Interface) - The transport layer for NetBIOS. NetBIOS and NetBEUI were originally part of a single protocol suite that was later separated. NetBIOS sessions can be transported over NetBEUI, TCP/IP, and SPX/IPX protocols. NetBIOS - The native networking protocol in DOS and Windows networks. Although originally combined with its transport layer protocol (NetBEUI), NetBIOS today provides a programming interface for applications at the session layer (layer 5). NetBIOS can ride over NetBEUI, its native transport, which is not routable, or over TCP/IP and IPX/SPX, which are routable protocols. NetBIOS computers are identified by a unique 15-character name, and Windows machines (NetBIOS machines) periodically broadcast their names over the network so that Network Neighborhood can catalog them. For TCP/IP networks, NetBIOS names are turned into IP addresses via manual configuration in an LMHOSTS file or a WINS server. There are two NetBIOS modes. The Datagram mode is the fastest mode, but does not guarantee delivery. It uses a self-contained packet with send and receive name, usually limited to 512 bytes. If the recipient device is not listening for messages, the datagram is lost. The Session mode establishes a connection until broken. It guarantees delivery of messages up to 64KB long. Network - A system that transmits any combination of voice, video, and/or data between users. Network Mask - also known as the “Subnet Mask.” NIC (Network Interface Card) - A board installed in a computer system, usually a PC, to provide network communication capabilities to and from that computer system. Also called an adapter. Node - A network junction or connection point, typically a computer or work station. Notebook (PC) - A notebook computer is a battery-powered personal computer generally smaller than a briefcase that can easily be transported and conveniently used in temporary spaces such as on airplanes, in libraries, at temporary offices, and at meetings. A notebook computer, sometimes called a laptop computer, typically weighs less than five pounds and is three inches or less in thickness. OFDM (Orthogonal Frequency Division Multiplexing) - A type of modulation technology that separates the data stream into a number of lower-speed data streams, which are then transmitted in parallel. Used in 802.11a, 802.11g, and powerline networking. Packet - A unit of data sent over a network. Packet Filtering - Discarding unwanted network traffic based on its originating address or range of addresses or its type (e-mail, file transfer, etc.) Passphrase - Used much like a password, a passphrase simplifies the WEP encryption process by automatically generating the WEP encryption keys for Corinex products. Ping (Packet INternet Groper) - An Internet utility used to determine whether a particular IP address is online. It is used to test and debug a network by sending out a packet and waiting for a response. Plug-and-Play - The ability of a computer system to configure expansion boards and other devices automatically without requiring the user to turn off the system during installation.
107
Port - A pathway into and out of the computer or a network device such as a switch or router. For example, the serial and parallel ports on a personal computer are external sockets for plugging in communications lines, modems, and printers. Port Mirroring - Port mirroring, also known as a roving analysis port, is a method of monitoring network traffic that forwards a copy of each incoming and outgoing packet from one port of a network switch to another port where the packet can be studied. A network administrator uses port mirroring as a diagnostic tool or debugging feature, especially when fending off an attack. It enables the administrator to keep close track of switch performance and alter it if necessary. Port mirroring can be managed locally or remotely. PPPoE (Point to Point Protocol over Ethernet) - A method used mostly by DSL providers for connecting personal computers to a broadband modem for Internet access. It is similar to how a dial-up connection works but at higher speeds and quicker access. PPTP (Point-to-Point Tunneling Protocol) - A protocol (set of communication rules) that allows corporations to extend their own corporate network through private “tunnels” over the public Internet. Effectively, a corporation uses a wide area network as a single large local area network. A company no longer needs to lease its own lines for wide-area communication but can securely use the public networks. This kind of interconnection is known as a virtual private network (VPN). Preamble - Part of the wireless signal that synchronizes network traffic. Print Server - A hardware device that enables a printer to be located anywhere in the network. RIP (Routing Information Protocol) - A simple routing protocol that is part of the TCP/IP protocol suite. It determines a route based on the smallest hop count between source and destination. RIP is a distance vector protocol that routinely broadcasts routing information to its neighboring routers and is known to waste bandwidth. AppleTalk, DECnet, TCP/IP, NetWare, and VINES all use incompatible versions of RIP. RJ-11 (Registered Jack-11) - A telephone connector that holds up to six wires. The RJ-11 is the common connector used to plug a telephone into a wall. RJ-45 (Registered Jack-45) - An Ethernet connector that holds up to eight wires. Router - A networking device that connects multiple networks together, such as a local network and the Internet. Roaming - The ability to take a wireless device from one access point's range to another without losing the connection. RTS (Request To Send) - A packet sent when a computer has data to transmit. The computer will wait for a CTS (Clear To Send) message before sending data. Server - Any computer whose function in a network is to provide user access to files, printing, communications, and other services. SNMP (Simple Network Management Protocol) - A widely used network monitoring and control protocol. Software - Instructions for the computer. A series of instructions that performs a particular task is called a “program.” The two major categories of software are “system software” and “application software.” System software is made up of control programs such as the operating system and database management system (DBMS). Application software is any program that processes data for the user. A common misconception is that software is data. It is not. Software tells the hardware how to process the data.
108
SOHO (Small Office/Home Office) - Market segment of professionals who work at home or in small offices. Spread Spectrum - Wideband radio frequency technique used for more reliable and secure data transmission. SSID (Service Set IDentifier) - Your wireless network's name. Static IP Address - A fixed address assigned to a computer or device that is connected to a network. Static Routing - Forwarding data in a network via a fixed path. Static routing cannot adjust to changing line conditions as can dynamic routing. Storage - The semi-permanent or permanent holding place for digital data. Subnet Mask - The method used for splitting IP networks into a series of subgroups, or subnets. The mask is a binary pattern that is matched up with the IP address to turn part of the host ID address field into a field for subnets. Swapping - Replacing one segment of a program in memory with another and restoring it back to the original when required. Switch - 1. Device that is the central point of connection for computers and other devices in a network, so data can be shared at full transmission speeds. 2. A device for making, breaking, or changing the connections in an electrical circuit. TCP (Transmission Control Protocol) - A method (protocol) used along with the Internet Protocol (Internet Protocol) to send data in the form of message units between computers over the Internet. While IP takes care of handling the actual delivery of the data, TCP takes care of keeping track of the individual units of data (called packets) that a message is divided into for efficient routing through the Internet. TCP/IP - Transmission Control Protocol/Internet Protocol (TCP/IP) is the basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network (either an intranet or an extranet). When you are set up with direct access to the Internet, your computer is provided with a copy of the TCP/IP program just as every other computer that you may send messages to or get information from also has a copy of TCP/IP. Telnet - A user command and TCP/IP protocol used for accessing remote PCs. TFTP (Trivial File Transfer Protocol) - A version of the TCP/IP FTP protocol that has no directory or password capability. Throughput - The amount of data moved successfully from one place to another in a given time period. Topology - A network’s topology is a logical characterization of how the devices on the network are connected and the distances between them. The most common network devices include hubs, switches, routers, and gateways. Most large networks contain several levels of interconnection, the most important of which include edge connections, backbone connections, and wide-area connections. TX Rate – Transmission Rate. UDP (User Datagram Protocol) - A communications method (protocol) that offers a limited amount of service when messages are exchanged between computers in a network that uses the Internet Protocol (IP). UDP is an alternative to the Transmission Control Protocol (TCP) and, together with IP, is sometimes referred to as UDP/IP. Like the Transmission Control Protocol, UDP uses the Internet Protocol to actually get a data unit (called a datagram) from one computer to another. Unlike TCP, however, UDP does not provide the service of dividing a message into packets (datagrams) and
109
reassembling it at the other end. Specifically, UDP doesn't provide sequencing of the packets that the data arrives in. This means that the application program that uses UDP must be able to make sure that the entire message has arrived and is in the right order. Network applications that want to save processing time because they have very small data units to exchange (and therefore very little message reassembling to do) may prefer UDP to TCP. Upgrade - To replace existing software or firmware with a newer version. Upload - To send a file transmitted over a network. In a communications session, upload means transmit, and download means receive. URL (Uniform Resource Locator) - The address that defines the route to a file on the Web or any other Internet facility. URLs are typed into the browser to access Web pages, and URLs are embedded within the pages themselves to provide the hypertext links to other pages. UTP - Unshielded twisted pair is the most common kind of copper telephone wiring. Twisted pair is the ordinary copper wire that connects home and many business computers to the telephone company. To reduce crosstalk or electromagnetic induction between pairs of wires, two insulated copper wires are twisted around each other. Each signal on twisted pair requires both wires. Since some telephone sets or desktop locations require multiple connections, twisted pair is sometimes installed in two or more pairs, all within a single cable. VLAN (Virtual LAN) - A logical association that allows users to communicate as if they were physically connected to a single LAN, independent of the actual physical configuration of the network. Virtual Server - Multiple servers that appear as one server, or one system image, to the operating system or for network administration. VPN (Virtual Private Network) - A security measure to protect data as it leaves one network and goes to another over the Internet. WAN - A communications network that covers a wide geographic area, such as a state or country. WEP (Wired Equivalent Privacy) - A data privacy mechanism based on a 64-bit shared key algorithm, as described in the IEEE 802.11 standard. WINIPCFG - Configuration utility based on the Win32 API for querying, defining, and managing IP addresses within a network. A commonly used utility for configuring networks with static IP addresses. WLAN (Wireless Local Area Network) - A group of computers and associated devices that communicate with each other wirelessly. Workgroup - Two or more individuals that share files and databases.
110
Appendix D: How to Ping your ISP’s E-mail and Web addresses Virtually all Internet addresses are configured with words or characters (e.g., www.corinex.com, www.yahoo.com, etc.) However, recently these Internet addresses are assigned to IP addresses, which are the true addresses on the Internet. For example, www.corinex.com is recently 81.0.193.56 at the time of producing this manual. If you type this address into your web browser, you will end up at the Corinex home page every time. Some servers translate the URL to an IP address, so called DNS (Domain Name System) Servers. However, IP and web addresses can be long and hard to remember sometimes. From this reason, certain ISPs will shorten their server addresses to single words or codes on their users’ web browser or e-mail configurations. If your ISP’s email and web server addresses are configured with single words (www, e-mail, home, pop3, etc.) rather than entire Internet addresses or IP addresses, the Access Point may have problems by sending or receiving mail and by accessing the Internet. The solution is to determine the true web addresses behind your ISPs code words. You can determine the IP and web addresses of your ISP’s servers by “pinging” them. Important: If you don’t have your ISP’s web and e-mail IP addresses, you must either get them from your ISP or follow these steps prior to connecting your Corinex Wireless to Powerline Access Point to your network.
D.1 Step One: Pinging an IP Address The first step to determining your ISP’s web and e-mail server address is to ping its IP address.
1. Power on the computer and the cable or DSL modem, and restore the network configuration set by your ISP if you have changed it.
2. Click Start, then Run, and type command. This will bring up the DOS window. 3. At DOS command prompt, type ping corinex.com (assuming that your desired
IP address location is configured as corinex.com) and press Enter. As an example, the following data information on Figure 11.1., taken from a ping of Microsoft Network e-mail server, will be displayed.
111
Fig. 11.1 Pinging
4. Write down the IP address returned by the ping command. (In the example above: 81.0.193.56) This IP address is the actual IP address of the mail server, or any other value you have pinged.
D.2 Step Two: Pinging for a Web Address While the above-mentioned IP address could perform as your e-mail server address, it might not be permanent. IP addresses change very much often. Web addresses, however, usually don’t. This is the reason, why you are likely to have fewer problems by configuring your system with web addresses rather than IP addresses. Follow the instructions below to find the web address assigned to the IP address you just pinged.
1. At the DOS command prompt, type ping -a 81.0.193.56, where 81.0.193.56is the IP address you just pinged. Information such as the following data will be displayed.
Fig. 11.2 Pinging
112
2. Write down the web address returned by the ping command (In the example in
Fig. 11.2 corinex.com is the web address). This web address is the web address assigned to the IP address you just pinged. While the IP address of mail could change conceivably, it is presumably that this web address will not.
3. Replace your ISP’s abbreviated server address with this extended web address in
the corresponding Internet application (web browser, e-mail application, etc.).
Once you have replaced the brief server address with the true server address, the Access Point should have no problem accessing the Internet through this Internet application.
Appendix E: Finding the MAC address and IP address for your Ethernet Adapter This section describes how to find the MAC address of your Ethernet adapter of your computer to do either MAC Filtering or MAC Address Cloning for the Router and ISP. You can also find the IP address of your computer’s Wireless or Ethernet adapter. The IP address is used for filtering, forwarding, and DMZ. In this appendix follow the next steps to find the MAC address or IP address for your adapter of your Windows 95, 98, Me, NT, 2000, XP, Linux or Macintosh Computer.
E.1 For Windows 95, 98, and ME: 1. Click Start and Run. In the Open field, enter winipcfg, as shown in Figure 12.1.
Then press the Enter key or the OK button.
Fig. 12.1 Running winipcfg
113
2. When the IP Configuration window appears, select the Wireless or Ethernet adapter you are using to connect to the Corinex Wireless to Powerline Router G via a Ethernet, Wireless or through the Powerline, as shown in Fig. 12.1.
3. Write down the Adapter Address as shown on your computer screen (see Figure 7.1). This is the MAC address for your Wireless or Ethernet adapter and will be shown as a series of numbers and letters. The MAC address/Adapter Address is what you will use for MAC Address Cloning or MAC Filtering.
This example shows the IP address of your Wireless adapter as 10.101.2.38. Your computer may show something different.
E.2 For Windows NT, 2000, and XP: The following steps show an alternative way of obtaining the MAC and IP address for your Wireless or Ethernet adapter. 1. Click Start and Run. In the Open field, enter cmd. Press Enter key or click the OK button.
Fig. 11.2 Running ipconfig
2. In the command prompt, enter ipconfig /all. Then press Enter key. 3. Write down the Physical Address as shown on your computer screen (Figure
11.2); it is the MAC address for your Wireless or Ethernet adapter. This will appear as a series of letters and numbers. The MAC address/Physical Address is what you will use for MAC Address Cloning or MAC Filtering.
114
The example in Figure 11.2 shows the IP address of your Wireless adapter as 192.168.1.10. Your computer might show something different. Note: The MAC address is also called Physical Address. When entering the information using the Access Point’s web-based utility, you will type the 12-digit MAC address in this format, XX:XX:XX:XX:XX:XX without the hyphens for MAC Filtering. When entering information for MAC Address Cloning, type the 12-digit MAC address.
E.3 For Linux PC: From the Start Button on Desktop bar, choose Terminals->Xterm (or any other convenient terminal).
Fig. 11.3 Starting Terminal Login as superuser by issuing su command, then press Enter. Provide the password, and press Enter. Enter ifconfig, press Enter. In the field Hwaddr is the requested MAC Address.
115
Fig. 11.4 Running ifconfig Login as superuser, by issuing su command, and then press Enter. Provide the password, and press Enter again. Enter iwconfig, and then press Enter. You can see the wireless port parameters.
Fig. 11.5 Running iwconfig
116
E.4 For Macintosh OS X computer: 1. In Applications open Utilities.
Fig. 11.6 Applications 2. In Utilities select Network Utility
117
Fig. 11.7 Utilities
3. Select the interface connected to the Corinex Wireless to Powerline Router G through the Ethernet or through the Wireless. In this section you can see the wireless connection type.
Fig. 11.8 Network Utility
4. The field Hardware Address contains the MAC Address of selected interface.
