how-to block ads
1.2 How Do I
Here's the info you need. This info assumes the LinkSys is at default settings:
1.) Select a unique IP for the PC of 192.168.1.# where # is in the range 2-99 or 150-254 (this avoids any conflict with the default DHCP address range of 100-149). Example: 192.168.1.5
2.) Obtain 1 or more (typically 2) DNS server addresses you can use. Your ISP usually defines these or find them at the Status tab in the LinkSys setup.
Note: Some successfully use a DNS server of 192.168.1.1, the LinkSys LAN address. The LinkSys has an undocumented DNS-proxy built in so use this at your own risk.
3.) Operating systems vary. Most Windows PCs can use Control Panel to get to network settings (example: "Network and Dialup Connections" then "Local Area Connection" then "Properties"). Navigate to the settings for "TCP/IP" (example: "Internet Protocol (TCP/IP)").
4.) Change from "Obtain an IP address automatically" to "Use the following IP address". Enter these values (all are important and exact wording may vary):
* IP address: 192.168.1.# (from step 1.)
* Subnet Mask: 255.255.255.0
* Default Gateway: 192.168.1.1
* DNS servers: (from step 2.)
5.) Be sure and click "OK" as needed. You may be asked to reboot.
Most of you are done at this point but one more note worth mentioning. A "DNS-suffix" is used in network design by some ISPs (@Home in particular). This is the suffix used to append simple addresses like "mail" and "news" so you obtain the correct server for your area. This DNS-suffix must be manually entered on the PC to continue to function.
Feedback received on this FAQ entry:
For some reason you need the router to have a very different IP address than it comes with - 192.168.1.1. Let's say your network is going to work in the 172.16.100.X address space, so you'll need to change the whole address of the router. In order to do this, you will probably have to adjust the computer's network settings to work with the default address-this is usually best done by manually setting the computer's IP to something like 192.168.1.11. Changing the router's address is no problem; you connect to the router with your browser using its current IP, change the numbers in the little windows, and click "Apply." The router makes the change and probably reboots itself.
Unfortunately now you can't access the router. That's because your computer still has an address in the 192.168.1.X address space (and probably a net mask of 255.255.255.0, which limits you to only those addresses that match the first three octets).
Now to to access the router you'll have to change a few of your computer's network settings. Here's how. How you proceed depends on how your computer's address is set. If you manually set the computer's address to 192.168.1.x, you'll need to change that address to one in your new address space. If you had a static address of 192.168.1.11, in this example you'll need to manually change it to 172.16.100.X (any number between .1 and .253 that isn't already taken will work). If you didn't manually set the address, and the computer's set to automatically obtain an address, you just tell the computer to release its current address and get a new one.
In Windows operating systems, open a command prompt and type "ipconfig /release," which dumps the automatic address it had, and then "ipconfig /renew," which gets a new address, which will be in the address space that you just changed the router to. Of course you won't type the quotes, and depending on which Windows version you have you may need to make it "release all" and "renew all."
For Mac OS, either restart your computer, or go to the Apple menu, choose System Preferences, choose Network from the View menu, and then Active Network Ports from the View menu. Deselect the "ON" checkbox for your network adapter, click on Apply, then reselect the "ON" checkbox and click Apply again.
Feedback received on this FAQ entry:
"Pingable": "Block WAN Request" Disabled and "SPI" Disabled.
TCP "Stealth": "Block WAN Request" Enabled or "SPI" Enabled or see UDP "Stealth".
UDP "Stealth": Set a dummy-IP in DMZ. This also runs TCP "Stealth". (warning: reported to cause instability)
Note: Enabling "SPI" disables all port forwarding and DMZ.
For more info see: »INFO: PING, TCP, UDP and LinkSys Replies
write up: »How to setup FTP server behind LinkSys ?
See Brano detailed setup of vsftpd: »HOW TO: vsftpd, linux and linksys router
These links have the info needed to set up a fully-functional FTP server behind a LinkSys router.
... you do not need to forward ports 65000 - 65534. vsftpd.conf let's you specify pasv_min_port=0 and pasv_max_port=0 which tells vsftpd to use any available ports. Also, pasv_address can be set to either the WAN IP of the router or the LAN IP of the router. I'm not sure what the difference is, and I might have noticed a slight speed increase in vsftpd response time when using the WAN IP, but I'm not about to test this.
WARNING: FTP is NOT router-friendly! It's very common for FTP to work for some but not others and it's not easy to tell if the client or server end is causing the problems.
For details see: REFERENCE: FTP Modes and Ports
MAC Cloning on the LinkSys Router
Behind the scenes, NAT masks the private IP address of your machine to protect the internal network from the outside world. The packets that contain the IP address don't translate from private to public, so outside users aren't able to find you.
In addition, NAT must be configured to support Universal Plug and Play (UPnP), or you won't be able to use certain features, such as voice, video communication, and file transfer.
Firewalls must also support UPnP. Fortunately, you have two options. You can use a UPnP-enabled firewall device or manually open the following UDP ports on your firewall:
• 5004 - 65535: audio and video communication
• 6891: file transfer
• 6891 - 6900: 10 simultaneous file transfers
• 1503: application and whiteboard sharing
• 3389: remote assistance
If you're using Microsoft's solutions, such as Internet Connection Sharing (ICS) and Internet Connection Firewall (ICF), you're completely safe. ICS and ICF support UPnP and allow you to use all Windows Messenger features.
router connection and setup instructions.
Visit the Xbox Live Support page to see if your router has been tested.
This Web Page just might be useful for those trying to set up Netmeeting and/or static IPs on their LAN.
Feedback received on this FAQ entry:
this forum thread.
Your Xbox Can Go Wireless to learn how network your Xbox with your wireless Linky.
Feedback received on this FAQ entry:
Use a 10 Mbps hub and a second NIC in a PC. Connect the LAN port of the modem, WAN port of the Linksys, and the second NIC to this hub. The IP of the second NIC should be static and set to an IP in the IP mask range of the modem. For security precautions, unbind File and Print Sharing and the Client for Microsoft Networks from the second NIC.
┌── Modem LAN port
├── 10 Mbps Hub ─── PC-A NIC#2
└── WAN port ─Router─ LAN ports ─ PC-A NIC#1, PC-B, PC-C, etc.
Instead of using a second NIC, a Spare PC with the sole purpose of accessing the modem could be used. In either case, PC-A NIC#2 or the Spare PC would have the ability to access the modem and capture packets between the modem and router at anytime.
If the WAN Connection type is DHCP, then access to the modem should be possible without changing the settings in the Linksys when the Internet is in an "up" state. When the Internet is "down", aka DHCP released, then the modem cannot be accessed. In PPPoE, access to the modem is not possible through the Linksys.
If a 10 Mbps hub and a second NIC or spare PC is unavailable, then the following configuration changes to the Linksys are required for accessing the modem through the Linksys. Unfortunately, this will cause a loss of Internet access. Disconnecting from the Internet and connecting a PC directly to the modem would be easier and simpler.
To access the modem through the Linksys without a hub and second NIC, change the WAN Connection type to Static IP and enter a Static WAN IP of 10.0.0.1 / 255.0.0.0, or enter an IP and subnet that is in the IP mask range of the modem. Be sure to enter the IP of the modem for the Static Gateway IP.
If the LAN IP mask of the modem is the same as the Linksys' LAN IP mask, 192.168.1.0 / 255.255.255.0, then the LAN IP of the Linksys must be changed to 192.168.2.1 / 255.255.255.0. All PCs on the LAN will have to use the 192.168.2.x range as well in order to access the modem through the Linksys.
Feedback received on this FAQ entry:
This includes some extra steps not in the Linksys instructions that will save you time, grief, and possibly your router.
These steps have been tested out on a BEFSR41. There will be some variations for other versions of wired router. (Readers can message me directly and I'll make note variations with other WIRED Linksys routers.)
1. Print-screen or write down all of your current router settings (from 192.168.1.1 in your web browser go through all the tabs and buttons). While on the Status panel, note your current firmware version. (Id you have not changed your password from default and can't access 192.168.1.1, please see this FAQ: »Linksys FAQ »What's the default username and password?)
2. Note which wires are connecting where on the router. It is a good idea to label the wires and where they go. Step 7 involves unplugging some.
3. Download the firmware update for your router from »www.linksys.com/download/
4. Unzip the downloaded file to a folder of your choice c:/fixes/linksys for example. The unzipped files include a .doc or .pdf instruction file, which will tell you how to proceed. It is missing some of the steps that we recommend.
(I suggest keeping old download .zip files going back 2 versions, just in case there are problems with the new download.)
5. Open the ver.txt file. This file shows the changes made with each new version of the firmware. If there are no changes that may affect your system since the firmware version you currently have, we recommend not updating your firmware.
6. Write down or screen-print all your router settings because they may disappear.
7. Disconnect the router from the internet and from any computer other than the one doing the update.
(Activity from any source other than the computer doing the update can make the update fail and require that the router be reset.)
8. If you have a software firewall (Zone Alarm, NIS, Kerio, etc.) running on the computer doing the update, disable it or shut it down.
9. Click on Tftp. This is the FTP tool that will load the new firmware to your router.
Click on and navigate the file folder to the folder you unzipped to above.
You will need to give Tftp your current router password (or if this is your second attempt, possibly the default router password, usually admin,or see the release notes from the download file, or your router manual).
10. If you have problems doing the firmware update, press and hold the reset button until the red light goes on and off (5+ seconds), cycle the router power off and on, then repeat the update from the Tfpt step. (If your router isnt a BEFSR series, check your manual for how to do a reset.)
11. After the firmware update, your router administration password may be what it was before, or it may be changed back to the default (usually admin,or see the release notes from the download file, or your manual).
12. In your web browser, return to 192.168.1.1. On the Status tab check that the Firmware version has changed. If it didnt, go back to the Tftp step and ensure that it is pointed to the correct folder and firmware...
13. In 192.168.1.1, check that your router settings are as they were before. Restore them if they have changed.
14. If applicable, re-start the software firewall on the computer you used to apply the firmware update.
15. Restore the cable from the Internet to the WAN connection. Plug the other computers back into the router. (Note that on many models, the connection next to the Uplink cant be used if the Uplink is being used.)
16. If having problems reconnecting to the Internet, but you can connect to the router:
a. Shutdown your computers and leave them powered off for at least 60 seconds.
b. Unplug the router for at least 60 seconds.
c. It may also be necessary to unplug your cable modem for 1-5 minutes.
d. Consider restoring back to the previous version of firmware using the steps above.
e. With PPPoE, from the Status panel try to connect.
BBR Linksys Forum FAQS:
Linksys Tech Helper:
Dont forget that the manual for your route is available from the download area in .pdf format. You may want to right-click and save the manual to your hard drive for future reference.
Corrupted firmware fix link:
»Corrupted firmware Fix.
»Linksys FAQ »I've lost my Internet connection. What should I try?
Partially borrowed from RadioDoc , especially step 7. Thanks RadioDoc .
A. This assumes you otherwise have a working wired network with a wireless AP or an entire wireless network in either infrastucure mode or ad-hoc mode.
B. I also assume you understand your operating system and basic networking. This is not required but will help. I don't assume you know much about wireless issues.
C. All of the following can be tried separatly or together but should only be atttempted with any firewall and WEP/WPA off for testing only. They can be turned back on after you resolved the issue.
1. If you have more than one wireless device, do they all loose the signal at the same general time? If so, look into a issue concerning your AP, if not look into a issue concerning your wireless adapter.
2. Have you changed any thing in your AP or PC/laptop just prior to the issue? If so, change it back and see if that helps. Like you moved your AP or changed a setting in your PC.
3. Have you changed the SSID broadcast to off? If so, turn it back on. XP prefers it on to operate properly and it makes sharing your AP or having a guest over impossible. It's also of no enhancement to security of your system, using encrytpion is.
4. Have you tried to change your AP channel? In U.S., use either 1, 6 or 11. The others will overlap the frequencies of one of these three, so you really only have 3 channels that don't overlap.
5. Move your AP over a few feet left/right/up/down. If possible a whole other room that is closer to your wireless adapters or center of your home.
6. Is the AP directly below or above your wireless device? If so, move the wireless adapter or your AP. The RF signal in typical antenna's don't travel well direct up and down.
7. Move your AP antenna(s) around which will redirect the signal output. i.e. left, right,up or down.
8. Verify your AP firmware is up to date. If not, update to the current level.
9. Verify your wireless adapter driver software is current. If not, use the updated driver from the AP manufacturer.
10. Don't use hacked firmware. Either for "fixed issues" or "additional features", they are not tested to the same standards as the firmware provided by the manufacturers. Also the programmer that created the hacked version does not have access to the inner workings of the device and may end up locking up your device for good. This is a general rule, hacked firmware still requires a skilled programmer.
11. Is your computers operating system updated with current patches from the operating system developer? If not, install patches and or service packs.
12. Electrical items known to create intermittent connection problems relative to the location of your wireless netowrk are devices such as microwaves, cordless phones, baby monitors and any other devices that transmit radio frequncies in or across the 2.4 or 5 GHz frequency bands. If you have your wireless devices near any of these try moving the wireless device or phone etc...
13. If your using both 802.11b and 802.11g devices, try using a fixed speed rather than auto. Keep in mind that you need to pick the slower of the speeds or you'll get one or more of your devices locked out. In this case, 802.11b is the slowest at 11 mips or lower.
14. From command line run a tracert between one of the computers with the issue and a web site. See where the speed bump is in the millasecond response times. This will help point to a cable modem, AP,wireless adapter or your ISP.
15. From command line run a winipcfg for Win9x, ipconfig /all for win2k/xp or ifconfig for linux. See if you have a ip for your computer, DNS, DHCP, Gateway, and is DHCP on or off. You should see a ip for each of the aspects mentioned and DHCP should be on if thats what your ISP has assigned you or off is you have a fixed ip assigned by your ISP.
16. Is there a metal file cabinet or metal door or plastered walls or heat duct between you and the AP? If so they cast a RF shadow and reduce the signal from your wireless adapter and your AP. See if you can move the AP so that these issues are reduced.
17. If you have MAC or IP filtering on at your AP, verify your wireless device is not being blocked by either filter type. Same is true for time and day of week filters.
18. Consider making a parabolic mesh reflector. They can be made out of chicken wire with opening 1/4 inch or less arched partially around the AP with the exposed antenna portion facing the direction of the wireless devices. The reflector is arc shaped like a baseball backstop forcing the signal to go farther out toward the opening in it. Chicken wire shaped as ( and placed behind where you want the signal to go. So it would look like ( AP --> your wireless adapter. More info on this and some pics at »www.freeantennas.com/projects/te···dex.html
19. From the command line can you ping your AP? If so you know you have basic connectivity, if not, you have a dead connection.
20. If you have a firewall on you computer turn it off and see if you can ping your AP. If so can you see dslreport.com? Then it was your firewall. Change the settings in your firewall. Yes it should have been off during the previous tips.
This is known to be a source of trouble with IE 5.5 and later. To resolve it open a browser page, select Tools, Internet Options. Go to the Security tab. Click in Custom Levels. Scroll down to the bottom where you see User Authentication, Logon. Make sure to select "Prompt for username and password". Do that for the local network (Intranet) only unless you also experience problems with access to sites on the Internet.
Regardless of how justified this is, it can be quite annoying if, for example, you use ssh to stay logged in to your work, or are running a background job, etc. The bad news is that there is no way to change the timeout value or turn it off using the setup screens.
The good news is that there are several different ways to defeat NAT timeouts. The first is to exploit "TCP KeepAlive". All operating systems that have TCP/IP networking have the ability to send special packets at a certain interval to check if a connection is still alive. The idea is that the computer will tear down the connection if the computer on the other end does not respond.
This can be a bit confusing because the KeepAlive function is not really designed to "keep alive" an idle connection (it would be more accurate to call it "DetectDead"). However, the KeepAlive function still works quite nicely to prevent NAT timeouts because, as a side effect, the KeepAlive packets will look like activity if they are sent frequently enough.
The method for changing the KeepAlive interval varies from one operating system to another. Under Windows it's not easy to change, since you can't just go into Network settings under Control Panel and set it. If you really want this you must dig around inside the registry. Microsoft has a tech note about this (Knowledge Base Article 314053). This URL should work:
Under Linux it's much easier. The TCP KeepAlive value is stored in the "proc" filesystem (actually a virtual filesystem maintained by the kernel) under this path:
The default just happens to be 7200 seconds (same as the BEFSR41 timeout). To defeat NAT it must be something smaller than that, like 1800. Setting it to a really small value like 60 is frowned upon as a bad network administration practice, especially if you are running a server.
So to change it all you need to do is this:
echo "1800" > /proc/sys/net/ipv4/tcp_keepalive_time
You have to put this in a startup file like "rc.local" to make it permanent.
The second method is dependent upon what client you are using for your SSH or telnet connections. Since you really shouldn't be using telnet on the insecure Internet these days, let's just focus on SSH. The SSH protocol allows for "NO-OP" packets to be sent across the connection to prevent idle timeouts. However, the various SSH clients differ in terms of how well they support this.
Under Windows both PuTTY and SecureCRT have NO-OP support built in. Under Unix/Linux it is necessary to patch the OpenSSH client to get NO-OP support. The patch can be found at this URL (which also has more information about SSH clients and heartbeat/anti-idle support):
How do i open a Linksys Router