SMC Networks Barricade SMCWBR14S-N, User Manual

Page 1: ...Barricade N Draft 11n Wireless 4 port Broadband Router SMCWBR14S N ...

Page 2: ...20 Mason Irvine CA 92618 Phone 949 679 8000 Wireless Broadband Router User s Guide From SMC s line of award winning connectivity solutions July 2007 R01 F W 1 0 ...

Page 3: ...rties which may result from its use No license is granted by implication or otherwise under any patent or patent rights of our company We reserve the right to change specifications at any time without notice Copyright 2007 by SMC Networks Inc 20 Mason Irvine CA 92618 All rights reserved Trademarks Product and company names are trademarks or registered trademarks of their respective holders ...

Page 4: ...ncorporates these newer technologies At that point the obsolete product is discontinued and is no longer an Active SMC product A list of discontinued products with their respective dates of discontinuance can be found at http www smc com index cfm action customer_service_warranty All products that are replaced become the property of SMC Replacement products may be either new or reconditioned Any r...

Page 5: ...CIDENT FIRE LIGHTNING OR OTHER HAZARD LIMITATION OF LIABILITY IN NO EVENT WHETHER BASED IN CONTRACT OR TORT INCLUDING NEGLIGENCE SHALL SMC BE LIABLE FOR INCIDENTAL CONSEQUENTIAL INDIRECT SPECIAL OR PUNITIVE DAMAGES OF ANY KIND OR FOR LOSS OF REVENUE LOSS OF BUSINESS OR OTHER FINANCIAL LOSS ARISING OUT OF OR IN CONNECTION WITH THE SALE INSTALLATION MAINTENANCE USE PERFORMANCE FAILURE OR INTERRUPTIO...

Page 6: ...n between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any inter...

Page 7: ...channels of operation apply in some countries as described below Note The user must use the configuration utility provided with this product to ensure the channels of operation are in conformance with the spectrum usage rules for European Community countries as described below This device will automatically limit the allowable channels determined by the current country of operation Incorrectly ent...

Page 8: ...999 5 EC French Par la présente SMC Networks déclare que l appareil Radio LAN device est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Swedish Härmed intygar SMC Networks att denna Radio LAN device står I överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999 5 EG Danish Undertegnede SMC...

Page 9: ...dio LAN device cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 CE Portuguese SMC Networks declara que este Radio LAN device está conforme com os requisitos essenciais e outras disposições da Directiva 1999 5 CE 注意 依據 低功率電波輻射性電機管理辦法 第十二條 經型式認證合格之低功率射頻電機 非經許可 公司 商號或使用者 均不得擅自變更頻率 加大功率或變更原設計之特性及功能 第十四條 低功率射頻電機之使用不得影響飛航安全及干擾合法通信 經發現有...

Page 10: ...ower Source This unit is to be used with a class 2 or level 3 external power adapter approved suitable for use in North American equipment installation having an output voltage rating of 12 V DC and output current rating of 1 0 A or equivalent Operating Voltage Cord Set Specifications 120 Volts UL Listed CSA Certified Cord Set Minimum 18 AWG Type SVT or SJT three conductor cord Maximum length of 1...

Page 11: ...lten Sie es vom Strom netz trennen Somit wird im Falle einer Überspannung eine Beschädigung vermieden 12 Durch die Lüftungsöffnungen dürfen niemals Gegenstände oder Flüssigkeiten in das Gerät gelangen Dies könnte einen Brand bzw elektrischen Schlag auslösen 13 Öffnen sie niemals das Gerät Das Gerät darf aus Gründen der elektrischen Sicherheit nur von authorisiertem Servicepersonal geöffnet werden ...

Page 12: ...ricade to your LAN 2 6 Connect the Power Adapter 2 7 3 Configuring the Client PC 3 1 TCP IP Configuration 3 2 Windows 2000 3 3 Obtain IP Settings From Your Barricade 3 5 Manual IP Configuration 3 7 Windows XP 3 9 Disable HTTP Proxy 3 14 Configuring Your Macintosh Computer 3 15 Disable HTTP Proxy 3 17 4 Configuring the Barricade 4 1 Navigating the Web Browser Interface 4 2 Making Configuration Chan...

Page 13: ...DNS 4 22 LAN Settings 4 23 Wireless 4 25 Channel and SSID 4 26 Access Control 4 28 Security 4 29 Wi Fi Protected Setup WPS 4 36 NAT 4 40 Address Mapping 4 41 Virtual Server 4 42 Special Application 4 43 NAT Mapping Table 4 44 Routing 4 45 Static Route 4 45 Firewall 4 47 Access Control 4 48 MAC Filter 4 50 URL Blocking 4 51 Schedule Rule 4 52 Intrusion Detection 4 54 DMZ 4 59 UPnP 4 60 DDNS 4 61 ...

Page 14: ...4 64 Status 4 65 Finding the MAC address of a Network Card 4 67 Windows NT4 2000 XP 4 67 Macintosh 4 67 Linux 4 67 A Troubleshooting A 1 B Cables B 1 Ethernet Cable B 1 Specifications B 1 Wiring Conventions B 1 RJ 45 Port Ethernet Connection B 2 Pin Assignments B 3 C Specifications C 1 ...

Page 15: ... This new technology provides many secure and cost effective functions It is simple to configure and can be up and running in minutes The Barricade is compliant with the next generation IEEE 802 11n draft v2 0 specification while maintaining full backwards compatibility with the IEEE 802 11b g standards This next generation wireless networking standard utilizes advanced MIMO multiple in multiple o...

Page 16: ...ection via a 10 100 Mbps Ethernet port DHCP for dynamic IP configuration and DNS for domain name mapping Firewall with Stateful Packet Inspection client privileges intrusion detection and NAT NAT also enables multi user Internet access via a single user account and virtual server functionality providing protected access to Internet services such as web FTP email and Telnet VPN transparent pass thr...

Page 17: ...s protocol eliminating the need to install these services on your computer Shared IP Address The Barricade provides Internet access for up to 253 users via a single shared IP address Using only one ISP account multiple users on your network can browse the web at the same time Virtual Server If you have a fixed IP address you can set the Barricade to act as a virtual host for network address transl...

Page 18: ...WPA2 IEEE802 1x WEP SSID and MAC filtering provide security over the wireless network Virtual Private Network VPN Pass through The Barricade supports three of the most commonly used VPN protocols PPTP L2TP and IPSec These VPN protocols are transparent pass through The protocols supported by the Barricade are briefly described below Point to Point Tunneling Protocol Provides a secure tunnel for rem...

Page 19: ... the Barricade on page 4 1 Package Contents After unpacking the Barricade check the contents of the box to be sure you have received the following components Barricade N Draft 11n Wireless 4 port Broadband Router SMCWBR14S N Power adapter One CAT 5 Ethernet cable RJ 45 One documentation CD Quick Install Guide Warranty Information Card Immediately inform your dealer in the event of any incorrect mi...

Page 20: ...e Mozilla Firefox 1 0 or above Hardware Description The Barricade connects to a cable or xDSL modem with Ethernet connection using it s RJ 45 WAN port It can be connected directly to your PC or to a local area network using the Fast Ethernet LAN ports Data passing between devices connected to your local area network can run at up to 100 Mbps over the Fast Ethernet port and up to 300 Mbps over the ...

Page 21: ...HARDWARE DESCRIPTION 2 3 The following figures show the top and rear panels of the Barricade Figure 2 1 Top Panel Figure 2 2 Rear Panel ...

Page 22: ...shing an Internet link Off No Internet link WLAN On WLAN link Flashing The Barricade is sending or receiving data via WLAN Off No WLAN link LAN 1 4 On Ethernet link Flashing The LAN port is sending or receiving data Off No Ethernet link WPS Wi Fi Protected Setup On WPS link is successfully established Off This LED will be on for 300 seconds after WPS connection is successfully established then go ...

Page 23: ...scription LAN Ports Fast Ethernet ports RJ 45 Connect devices on your local area network to these ports i e a PC hub switch or IP set top box WAN Port WAN port RJ 45 Connect your cable xDSL modem line to this port Reset Button Use this button to reset the power and restore the default factory settings To reset without losing configuration settings see Reset on page 4 64 Power Inlet Connect the inc...

Page 24: ...onnecting the Barricade to your LAN The four LAN ports on the Barricade auto negotiate the connection speed to 10 Mbps Ethernet or 100 Mbps Fast Ethernet as well as the transmission mode to half duplex or full duplex Use RJ 45 cables to connect any of the four LAN ports on the Barricade to an Ethernet adapter on your PC Otherwise cascade any of the LAN ports on the Barricade to an Ethernet hub or ...

Page 25: ...nel of the Barricade and the other end into a power outlet Check the power indicator on the front panel is lit If the power indicator is not lit refer to Troubleshooting on page A 1 In case of a power input failure the Barricade will automatically restart and begin to operate once the input power is restored ...

Page 26: ...INSTALLATION 2 8 ...

Page 27: ... configure your computer to connect to the Barricade You can either configure your computer to automatically obtain IP settings DHCP or manually configure IP address settings Static IP Depending on your operating system see Windows 2000 on page 3 3 Windows XP on page 3 9 or Configuring Your Macintosh Computer on page 3 15 ...

Page 28: ...de The default network settings for the Barricade are IP Address 192 168 2 1 Subnet Mask 255 255 255 0 Note These settings can be changed to fit your network requirements but you must first configure at least one computer to access the Barricade s web configuration interface in order to make the required changes See Configuring the Barricade on page 4 1 for instructions on configuring the Barricad...

Page 29: ...ows 2000 DHCP IP Configuration 1 On the Windows desktop click Start Settings Network and Dial Up Connections 2 Click the icon that corresponds to the connection to your Barricade 3 The connection status screen will open Click Properties ...

Page 30: ...uble click Internet Protocol TCP IP 5 If Obtain an IP address automatically and Obtain DNS server address automatically are already selected your computer is already configured for DHCP If not select these options now and click OK ...

Page 31: ...e it needs to obtain new network settings By releasing old DHCP IP settings and renewing them with settings from your Barricade you can verify that you have configured your computer correctly 1 On the Windows desktop click Start Programs Accessories Command Prompt 2 In the Command Prompt window type IPCONFIG RELEASE and press the Enter key ...

Page 32: ...er key Verify that your IP Address is now 192 168 2 xxx your Subnet Mask is 255 255 255 0 and your Default Gateway is 192 168 2 1 These values confirm that your Barricade is functioning correctly 4 Type EXIT and press the Enter key to close the Command Prompt window ...

Page 33: ...DNS server addresses 4 Enter the IP address for the Barricade in the Preferred DNS server field This automatically relays DNS requests to the DNS server s provided by your ISP Otherwise add a specific DNS server into the Alternate DNS Server field and click OK to close the dialog boxes 5 Record the configured information in the following table TCP IP Configuration Setting IP Address ____ ____ ____...

Page 34: ... the proxy in Internet Explorer click Tools Click Internet Options and then the Connections tab shown on the right In the Local Area Network LAN settings section click LAN Settings to display the Local Area Network LAN Settings pop up window below 2 In the Proxy server section ensure the Use a proxy server for your LAN These settings will not apply to dial up or VPN connections check box is not ti...

Page 35: ...tart Control Panel 2 In the Control Panel window click Network and Internet Connections 3 The Network Connections window will open Locate and double click the Local Area Connection icon for the Ethernet adapter that is connected to the Barricade 4 In the connection status screen click Properties ...

Page 36: ...ouble click Internet Protocol TCP IP 6 If Obtain an IP address automatically and Obtain DNS server address automatically are already selected your computer is already configured for DHCP If not select these options now and click OK ...

Page 37: ...e it needs to obtain new network settings By releasing old DHCP IP settings and renewing them with settings from your Barricade you can verify that you have configured your computer correctly 1 On the Windows desktop click Start Programs Accessories Command Prompt 2 In the Command Prompt window type IPCONFIG RELEASE and press the Enter key ...

Page 38: ...ress is now 192 168 2 xxx your Subnet Mask is 255 255 255 0 and your Default Gateway is 192 168 2 1 These values confirm that your Barricade is functioning correctly 4 Type EXIT and press the Enter key to close the Command Prompt window Your computer is now configured to connect to the Barricade ...

Page 39: ... DNS server addresses 5 Enter the IP address for the Barricade in the Preferred DNS server field This automatically relays DNS requests to the DNS server s provided by your ISP Otherwise add a specific DNS server into the Alternate DNS Server field and click OK to close the dialog boxes 6 Record the configured information in the following table TCP IP Configuration Setting IP Address ____ ____ ___...

Page 40: ...e the proxy in Internet Explorer click Tools Click Internet Options and then the Connections tab shown on the right In the Local Area Network LAN settings section click LAN Settings to display the Local Area Network LAN Settings pop up window below 2 In the Proxy server section ensure the Use a proxy server for your LAN These settings will not apply to dial up or VPN connections check box is not t...

Page 41: ...y match your operating system This is because these steps and screen shots were created using Mac OS 10 2 Mac OS 7 x and above are similar but may not be identical to Mac OS 10 2 Follow these instructions 1 Pull down the Apple Menu Click System Preferences 2 Double click the Network icon in the Systems Preferences window ...

Page 42: ...r DHCP If not select this option 4 Your new settings are shown in the TCP IP tab Verify that your IP Address is now 192 168 2 xxx your Subnet Mask is 255 255 255 0 and your Default Gateway is 192 168 2 1 These values confirm that your Barricade is functioning 5 Close the Network window Now your computer is configured to connect to the Barricade ...

Page 43: ...is is so that your browser can view the Barricade s HTML configuration pages The following steps are for Internet Explorer Internet Explorer 1 Open Internet Explorer and click the Stop button Click Explorer Preferences 2 In the Internet Explorer Preferences window under Network select Proxies 3 Uncheck all check boxes and click OK ...

Page 44: ...CONFIGURING YOUR MACINTOSH COMPUTER 3 18 ...

Page 45: ... as Internet Explorer 5 5 or above Using the web management interface you can configure the Barricade and view statistics to monitor network activity To access the Barricade s management interface enter the IP address of the Barricade in your web browser http 192 168 2 1 Enter the default password smcadmin and click LOGIN Note Passwords can contain from 3 12 alphanumeric characters and are case se...

Page 46: ...em maintenance firewall and UPnP Making Configuration Changes Configurable parameters have a dialog box or a drop down list Once a configuration change has been made on a screen click the APPLY or SAVE SETTINGS or NEXT button at the bottom of the screen to enable the new setting Note To ensure proper screen refresh after a command entry be sure that Internet Explorer is configured as follows Under...

Page 47: ...our local time zone from the drop down menu This information is used for log entries and client filtering If you want to automatically synchronize the Barricade with a public time server check the box to Enable Automatic Time Server Maintenance Select the desired servers from the drop down menus Click NEXT to continue ...

Page 48: ...he Barricade and all of its wireless clients The Barricade will automatically assign itself a radio channel or you may select one manually Extension Channel Setting the Bandwith Mode as 20 40MHz allows you to use this extension channel as the secondary channel for doubling the bandwith of your wireless network SSID Service Set ID The SSID must be the same on the Barricade and all of its wireless c...

Page 49: ... of the SSID Disabling SSID broadcast will provide increased security by hiding the SSID of your wireless network Protected Mode Enabling this function to ensure the best performance of your 11n throughput in case there is a lot of interference from the 11g and 11b devices in the wireless network 802 11e WMM QoS Enable or disable the use of QoS The QoS Quality of Service function allows you to dif...

Page 50: ...on Type Setting Specify the WAN connection type required by your Internet Service Provider Specify Dynamic IP Address PPPoE PPTP L2TP or Static IP Address Select your connection type to proceed Click BACK to go back and change your settings ...

Page 51: ...ss If the ISP requires you to input a Host Name type it in the Host Name field Click on the Clone the MAC Address and the MAC Address of the current PC will be filled automatically Click NEXT to proceed or BACK to change your settings ...

Page 52: ...r reason to change it Enter the maximum idle time for the Internet connection After this time has been exceeded the connection will be terminated Check the Auto reconnect check box to automatically re establish the connection as soon as you attempt to access the Internet again Click NEXT to proceed or BACK to change your settings Note Clicking NEXT will not automatically connect the Barricade to t...

Page 53: ...ss provided by your ISP Click on the Disconnect after x minutes of no activity and then enter the idle time for the Internet connection This is the period of time for which the connection to the Internet is maintained during inactivity If your ISP charges you by the minute you should change the idle time out to one minute Most ISPs provide a DNS server for speed and convenience Since your Service ...

Page 54: ...t after x minutes of no activity and then enter the idle time for the Internet connection This is the period of time for which the connection to the Internet is maintained during inactivity If your ISP charges you by the minute you should change the idle time out to one minute Most ISPs provide a DNS server for speed and convenience Since your Service Provider may connect to the Internet with dyna...

Page 55: ...SETUP WIZARD 4 11 Static IP Address Enter the IP address Subnet Mask and Gateway Address provided to you by your ISP in the appropriate fields below Click NEXT to proceed or BACK to change your settings ...

Page 56: ...tem events you need to set the time zone Select your time zone from the drop down list If daylight savings is used in your area check the box to enable the function and select the start end dates If you want to automatically synchronize the Barricade with a public time server check the box to Enable Automatic Time Server Maintenance Select the desired servers from the drop down menu Click Save Set...

Page 57: ...press the blue reset button on the rear panel holding it down for at least 10 seconds to restore the factory defaults The default password is smcadmin Enter a maximum Idle Time Out in minutes to define a maximum period of time for which the login session is maintained during inactivity If the connection is inactive for longer than the maximum idle time it will perform system logout and you have to...

Page 58: ...the IP address of a remote computer on this screen Check the Enabled check box and enter the IP address of the Host Address and click Save Settings Note If you check Enable and specify an IP address of 0 0 0 0 any remote host can manage the Barricade For remote management via WAN IP address you need to connect using port 8080 Simply enter WAN IP address followed by 8080 for example 211 20 16 1 808...

Page 59: ...N Settings Specify the WAN connection type required by your Internet Service Provider Choose Dynamic IP Address PPPoE PPTP L2TP or Static IP Address for your WAN link Select the connection type and click More Configuration ...

Page 60: ...can use the Clone MAC Address button to copy the MAC address of the Network Interface Card NIC installed in your PC to replace the WAN MAC address If necessary you can use the Renew button on the Status page to renew the WAN IP address Note Make sure you record the MAC address that you clone so that if you lose your settings you will be able to re connect to the Internet Click SAVE SETTINGS to pro...

Page 61: ... in minutes to define a maximum period of time for which the Internet connection is maintained during inactivity If the connection is inactive for longer than the Maximum Idle Time then it will be dropped You can enable the Auto reconnect option to automatically re establish the connection as soon as you attempt to access the Internet again Click SAVE SETTINGS to proceed or CANCEL to change your s...

Page 62: ...s is the period of time for which the connection to the Internet is maintained during inactivity If your ISP charges you by the minute you should change the idle time out to one minute Most ISPs provide a DNS server for speed and convenience Since your Service Provider may connect to the Internet with dynamic IP settings it is likely that the DNS server IP s are also provided dynamically Clicking ...

Page 63: ...riod of time for which the connection to the Internet is maintained during inactivity If your ISP charges you by the minute you should change the idle time out to one minute Most ISPs provide a DNS server for speed and convenience Since your Service Provider may connect to the Internet with dynamic IP settings it is likely that the DNS server IP s are also provided dynamically Clicking on the Clic...

Page 64: ...CADE 4 20 Static IP If your Service Provider has assigned a fixed IP address enter the assigned IP address subnet mask and the gateway address on this screen Click SAVE SETTINGS to proceed or CANCEL to change your settings ...

Page 65: ... require you to register your MAC address with them If this is the case and you have previously registered the MAC address of another device the MAC address of the Barricade must be changed to the MAC address that you have registered with your ISP ...

Page 66: ...ill find that name in its index and find the matching IP address xxx xxx xxx xxx Most ISPs provide a DNS server for speed and convenience Since your Service Provider may connect to the Internet with dynamic IP settings it is likely that the DNS server IP s are also provided dynamically However if there is a DNS server that you would rather use you need to specify the IP address here ...

Page 67: ...dress for the local network The LAN Settings parameters are listed below Parameter Description LAN IP IP Address The IP address of the Barricade IP Subnet Mask The IP subnet mask DHCP Server DHCP allows individual computers to obtain the TCP IP configuration at startup from a centralized DHCP server To dynamically assign an IP address to a client PC enable the DHCP Dynamic Host Configuration Proto...

Page 68: ...t any advanced features such as DMZ this is dependent on the IP address For this reason you will not want the IP address to change IP Address Pool The DHCP IP Address Pool is the range of IP addresses set aside for dynamic assignment to the computers on your network Start IP This field indicates the first of the contiguous IP addresses in the IP address pool End IP This field indicates the last of...

Page 69: ...wireless access point allowing wireless computers to communicate with each other To configure this function all you need to do is to enable the wireless function define the radio channel the SSID and the security options Check Enable and click SAVE SETTINGS ...

Page 70: ...ents The Barricade will automatically assign itself a radio channel or you may select one manually Extension Channel Setting the Bandwith Mode as 20 40MHz allows you to use this extension channel as the secondary channel for doubling the bandwith of your wireless network SSID Service Set ID The SSID must be the same on the Barricade and all of its wireless clients Default SMC Wireless Mode This de...

Page 71: ...Disabling SSID broadcast will provide increased security by hiding the SSID of your wireless network Protected Mode Enabling this function to ensure the best performance of your 11n throughput in case there is a lot of interference from the 11g and 11b devices in the wireless network 802 11e WMM QoS Enable or disable the use of QoS The QoS Quality of Service function allows you to differentiate WM...

Page 72: ... you can restrict access based on MAC address Each PC has a unique identifier known as a Medium Access Control MAC address With MAC filtering enabled the computers whose MAC address you have listed in the filtering table will be able to connect or will be denied access to the Barricade ...

Page 73: ...WIRELESS 4 29 Security To make your wireless network safe you should turn on the security function The Barricade supports the following security mechanism WEP WPA ...

Page 74: ...meric characters To manually configure the encryption key enter five hexadecimal pairs of digits for the 64 bit key or enter 13 pairs for the 128 bit key A hexadecimal digit is a number or letter in the range 0 9 or A F Note WEP protects data transmitted between wireless nodes but does not protect any transmissions over your wired network or over the Internet Parameter Description WEP Mode Select ...

Page 75: ...vice Parameter Description Authentication Choose 802 1X or Pre shared Key to use as the authentication method 802 1X for the enterprise network with a RADIUS server See 802 1X on page 4 34 Pre shared key for the SOHO network environment without an authentication server Pre shared key type Select the key type to be used in the Pre shared Key Pre shared Key Type in the key here ...

Page 76: ...e goal of WPA2 certification is to support the additional mandatory security features of the IEEE 802 11i standard that are not already included for products that support WPA Parameter Description Authentication Choose 802 1X or Pre shared Key to use as the authentication method 802 1X for the enterprise network with a RADIUS server See 802 1X on page 4 34 Pre shared key for the SOHO network envir...

Page 77: ...t is available through the Wi Fi Alliance WPA2 certifies that wireless equipment is compatible with the IEEE 802 11i standard The WPA2 product certification formally replaces Wired Equivalent Privacy WEP and the other security features of the original IEEE 802 11 standard The goal of WPA2 certification is to support the additional mandatory security features of the IEEE 802 11i standard that are n...

Page 78: ...Authentication Choose 802 1X or Pre shared Key to use as the authentication method 802 1X for the enterprise network with a RADIUS server See 802 1X on page 4 34 Pre shared key for the SOHO network environment without an authentication server Pre shared key type Select the key type to be used in the Pre shared Key Pre shared Key Type in the key here ...

Page 79: ...sign a session key to a connected client Quiet Period Defines a maximum period of time for which the ADSL Router will wait between failed authentications Server Type The Server Type of your authentication server is RADIUS RADIUS Server Parameters Server IP The IP address of your authentication server Server Port The port used for the authentication service Secret Key The secret key shared between ...

Page 80: ... secure wireless network much easier to achieve by using an eight digit PIN number and the Push Button Control PBC Check Enable and click SAVE SETTINGS Pressing Generate New PIN creates a new Current PIN number Pressing Restore Default PIN sets the PIN code to the factory default number Take the following steps for easy network security settings ...

Page 81: ...PS PIN process on client device For instructions on how to do this refer to the user manual of the client device 3 Enter the PIN code of client device Note The PIN code is generally printed on the bottom of the unit or displayed in the configuration utility 4 Click the Start PIN button on the screen ...

Page 82: ...click the Start PBC button on this screen 1 Power on your network devices such as an access point and client network devices 2 Press the WPS button for 4 seconds or click the Start PBC button on the screen 3 Press the WPS button or click the PBC button on your client devices of your network Note This connection procedure must be done within 2 minutes after pressing the WPS button on the Barricade ...

Page 83: ...WIRELESS 4 39 Manual For client devices without WPS manually configure the device as displayed on the screen ...

Page 84: ...CONFIGURING THE BARRICADE 4 40 NAT Network Address Translation allows multiple users to access the Internet sharing one public IP ...

Page 85: ...s to be shared by multiple internal users This also hides the internal network for increased privacy and security Enter the Public IP address you wish to share into the Global IP field Enter a range of internal IPs that will share the global IP into the from field ...

Page 86: ...request to the appropriate server located at another internal IP address For example if you set Type Public Port to TCP 80 HTTP or web and the Private IP Port to 192 168 2 2 80 then all HTTP requests from outside users will be transferred to 192 168 2 2 on port 80 Therefore by just entering the IP address provided by the ISP Internet users can access the service they need at the local address to w...

Page 87: ...rnet gaming video conferencing and Internet telephony These applications may not work when Network Address Translation NAT is enabled If you need to run applications that require multiple connections use these screens to specify the additional public ports to be opened for each application ...

Page 88: ...As the NAT mapping is dynamic a Refresh button is provided to refresh the NAT Mapping Table with the mots updated values The content of the NAT Mapping Table is described as follows Protocol protocol of the flow Local IP local LAN host s IP address for the flow Local Port local LAN host s port number for the flow Pseudo IP translated IP address for the flow Pseudo Port translated port number for t...

Page 89: ...n already entered route and click Modify Clicking Delete will remove an entry from the list Parameter Description Index Check the box of the route you wish to delete or modify Network Address Enter the IP address of the remote computer for which to set a static route Subnet Mask Enter the subnet mask of the remote network for which to set a static route Gateway Enter the WAN IP address of the gate...

Page 90: ...fies the address bits in the destination address used for routing to specific subnets Each bit that corresponds to a 1 is part of the subnet mask number each bit that corresponds to 0 is part of the host number Gateway The IP address of the router at the next hop to which frames are forwarded Interface The local interface through which the next hop of this route is reached Metric When a router rec...

Page 91: ...t devices and networks with a connection to the Internet Their goal is not to steal information but to disable a device or network so users no longer have access to network resources The Barricade protects against the following DoS attacks IP Spoofing Land Attack Ping of Death IP with zero length Smurf Attack UDP port loopback Snork Attack TCP null scan and TCP SYN flooding For details see Intrusi...

Page 92: ...tted or not permitted through the WAN interface The default is to permit all outgoing traffic The following items are on the Access Control screen Parameter Description Enable Filtering Function Enable or Disable Access control function Normal Filtering Table Displays descriptive list of Filtering rules defined ...

Page 93: ...w access control rule 1 Click Add PC on the Access Control screen The Access Control Add PC screen will appear 2 Define the appropriate settings for client PC services 3 Click OK and then click SAVE SETTINGS to save your settings ...

Page 94: ...et When enabled only the MAC addresses defined in the MAC Filtering table will have access to the Internet All other client devices will be denied access You can enter up to 32 MAC addresses in this table 1 MAC Address Control select enable or disable 2 MAC Filtering Table enter the MAC address in the space provided ...

Page 95: ... Router allows the user to block access to web sites by entering either a full URL address or just a keyword This feature can be used to protect children from accessing violent or pornographic web sites You can define up to 30 sites here ...

Page 96: ...chedule Rule You may filter Internet access for local clients based on rules Each access control rule may be activated at a scheduled time Define the schedule on the Schedule Rule screen and apply the rule on the Access Control screen ...

Page 97: ...to add a schedule rule 1 Click Add Schedule Rule on the Schedule Rule screen The Edit Schedule Rule screen will appear 2 Define the appropriate settings for a schedule rule 3 Click OK and then click SAVE SETTINGS to save your settings ...

Page 98: ... blocked except for those types marked in the Stateful Packet Inspection section RIP Defect Default Enabled If an RIP request packet is not acknowledged to by the router it will stay in the input queue and not be released Accumulated packets could cause the input queue to fill causing severe problems for all protocols Enabling this feature prevents the packets from accumulating Discard Ping to WAN...

Page 99: ...mines the contents of the packet to determine the state of the communications i e it ensures that the stated destination computer has previously requested the current communication This is a way of ensuring that all communications are initiated by the recipient computer and are taking place only with ...

Page 100: ...n section all incoming traffic will be blocked except for FTP connections initiated from the local LAN Stateful Packet Inspection allows you to select different application types that are using dynamic port numbers If you wish to use the Stateful Packet Inspection SPI to block packets click on the Yes radio button in the Enable SPI and Anti DoS firewall protection field and then check the inspecti...

Page 101: ...ait 30 sec Defines how long the software will wait for a TCP session to synchronize before dropping the session TCP FIN wait 5 sec Specifies how long a TCP session will be maintained after the firewall detects a FIN packet TCP connection idle timeout 3600 seconds 1 hour The length of time for which a TCP session will be managed if there is no activity UDP session idle timeout 30 sec The length of ...

Page 102: ... per min HIGH 250 sessions Maximum number of allowed incomplete TCP UDP sessions per minute Incomplete TCP UDP sessions per min LOW 200 sessions Minimum number of allowed incomplete TCP UDP sessions per minute Maximumincomplete TCP UDP sessions number from same host 10 Maximum number of incomplete TCP UDP sessions from the same host Incomplete TCP UDP sessions detect sensitive time period 300 msec...

Page 103: ...y from behind the firewall you can open the client up to unrestricted two way Internet access Enter the IP address of a DMZ Demilitarized Zone host on this screen Adding a client to the DMZ may expose your local network to a variety of security risks so only use this option as a last resort ...

Page 104: ...ess devices UPnP enables seamless proximity network in addition to control and data transfer among networked devices in the office home and everywhere within your network UPnP allows the device to automatically join a network obtain an IP address convey its capabilities and learn about the presence and capabilities of other devices Check the Enable radio button to activate this function ...

Page 105: ...server DDNS allows your domain name to follow your IP address automatically by having your DNS records changed when your IP address changes This DNS feature is powered by DynDNS org or TZO com With a DDNS connection you can host your own web site email server FTP site and more at your own location even if you have a dynamic IP address ...

Page 106: ...ricade Configuration Tools Choose a function and click Next Backup Router Configuration this allows you to save the Barricade s configuration to a file Restore from saved Configuration file this function is used to restore the previously saved backup configuration file Restore router to Factory Defaults this resets the Barricade back to the original default settings ...

Page 107: ...face to the latest versions 1 Download the upgrade file from the SMC web site first and save it to your hard drive 2 Then click Browse to look for the downloaded file Click BEGIN UPGRADE Check the Status screen Information section to confirm that the upgrade process was successful ...

Page 108: ...blinking If you perform a reset from this screen the configurations will not be changed back to the factory default settings Note If you use the Reset button on the back panel the Barricade performs a power reset If the button is pressed for over 10 seconds all the LEDs will illuminate and the factory default settings will be restored ...

Page 109: ...ware and hardware version numbers illegal attempts to access your network as well as information on DHCP clients connected to your network The security log may be saved to a file by clicking Save and choosing a location Scroll down to view more information on the Status screen ...

Page 110: ...all status INFORMATION Displays the number of attached clients the firmware versions the physical MAC address for each media interface and for the ADSL Router as well as the hardware version and serial number Security Log Displays attempts to access your network Save Click on this button to save the security log file Clear Click on this button to delete the access log Refresh Click on this button ...

Page 111: ...ck Start Programs Command Prompt Type ipconfig all and press ENTER The MAC address is listed as the Physical Address MACINTOSH Click System Preferences Network The MAC address is listed as the Ethernet Address on the TCP IP tab LINUX Run the command sbin ifconfig The MAC address is the value after the word HWaddr ...

Page 112: ...CONFIGURING THE BARRICADE 4 68 ...

Page 113: ...ween the Barricade the external power supply and the wall outlet If the power indicator does not turn on when the power cord is plugged in you may have a problem with the power outlet power cord or external power supply However if the unit powers off after running for a while check for loose power connections power losses or surges at the power outlet If you still cannot isolate the problem then t...

Page 114: ...e any defective adapter or cable if necessary Network Connection Problems Cannot ping the Barricade from the attached LAN or the Barricadecannot ping any device on the attached LAN Verify that the IP addresses are properly configured For most applications you should use the Barricade s DHCP function to dynamically assign IP addresses to hosts on the attached LAN However if you manually configure I...

Page 115: ...y Check that you have a valid network connection to the Barricade and that the port you are using has not been disabled Check the network cabling between the management station and the Barricade Forgot or lost the password Press the Reset button on the rear panel holding it down for at least six seconds to restore the factory defaults Troubleshooting Chart Symptom Action ...

Page 116: ...e angle of the antenna There may be interference possibly caused by microwave ovens or wireless phones Change the location of the possible sources of interference or change the location of the Barricade Change the wireless channel on the Barricade See Channel and SSID on page 4 26 Check that the antenna connectors and cabling are firmly connected The Barricade cannot be detected by a wireless clie...

Page 117: ...ntions For Ethernet connections a twisted pair cable must have two pairs of wires Each wire pair is identified by two different colors For example one wire might be red and the other red with white stripes Also an RJ 45 connector must be attached to both ends of the cable Cable Types and Specifications Cable Type Max Length Connector 10BASE T Cat 3 4 5 100 ohm UTP 100 m 328 ft RJ 45 100BASE TX Cat...

Page 118: ...entation when attaching the wires to the pins Figure B 1 RJ 45 Ethernet Connector Pin Numbers RJ 45 Port Ethernet Connection Use the straight through CAT 5 Ethernet cable provided in the package to connect the Barricade to your PC When connecting to other network devices such as an Ethernet switch use the cable type shown in the following table Attached Device Port Type Connecting Cable Type MDI X...

Page 119: ...a Straight Through Wiring If the port on the attached device has internal crossover wiring MDI X then use straight through cable RJ 45 Pin Assignments Pin Number Assignment 1 Tx 2 Tx 3 Rx 6 Rx The and signs represent the polarity of the wires that make up each wire pair Straight Through Cable Pin Assignments End 1 End 2 1 Tx 1 Tx 2 Tx 2 Tx 3 Rx 3 Rx 6 Rx 6 Rx ...

Page 120: ...CABLES B 4 Crossover Wiring If the port on the attached device has straight through wiring MDI use crossover cable Crossover Cable Pin Assignments End 1 End 2 1 Tx 3 Rx 2 Tx 6 Rx 3 Rx 1 Tx 6 Rx 2 Tx ...

Page 121: ...onnection speed to 10 Mbps Ethernet or 100 Mbps Fast Ethernet and the transmission mode to half duplex or full duplex WAN Interface 1 RJ 45 port Indicator Panel Power WAN Online WLAN LAN 1 4 WPS Dimensions 188 x 133 x 33 mm 7 40 x 5 24 x 1 30 in Weight 0 285 kg 0 764 lbs Input Power 12 V 1 A DVE EU DSA 12R AEU 120120 US DSA 12R AUS 120120 Leader EU MV12 4120100 C5 US MV12 4120100 A1 Power Consumpt...

Page 122: ... 793 TCP RFC 783 TFTP RFC 1661 PPP RFC 1866 HTML RFC 2068 HTTP Radio Features Wireless RF module Frequency Band 802 11n Radio 2 4GHz 802 11g Radio 2 4GHz 802 11b Radio 2 4GHz USA FCC 2412 2462MHz Ch1 Ch11 Canada IC 2412 2462MHz Ch1 Ch11 Europe ETSI 2412 2472MHz Ch1 Ch13 Japan STD T66 STD 33 2412 2484MHz Ch1 Ch14 Modulation Type OFDM CCK Operating Channels IEEE 802 11n Compliant 11 channels US Cana...

Page 123: ...US Canada 13 channels Europe 14 channels Japan Standards Compliance Safety LVD Environmental CE Mark Temperature Operating 0 to 40 C 32 to 104 F Storage 40 to 70 C 40 to 158 F Humidity 5 to 95 non condensing Vibration IEC 68 2 36 IEC 68 2 6 Shock IEC 68 2 29 Drop IEC 68 2 32 ...

Page 124: ...SPECIFICATIONS C 4 ...

Page 125: ...SMCWBR11 G SMCWBR14S N ...