Chapter 2: networking and security basics, An introduction to lans, The use of ip addresses – Linksys RVS4000 User Manual

Networking and Security Basics

4-Port Gigabit Security Router with VPN

Chapter

Chapter :

Networking and Security

Basics

An Introduction to LANs

A Router is a network device that connects two networks

together.
The Router connects your local area network (LAN), or

the group of PCs in your home or office, to the Internet.

The Router processes and regulates the data that travels

between these two networks.
The Router’s Network Address Translation (NAT)

technology protects your network of PCs so users on

the Internet cannot “see” your PCs. This is how your LAN

remains private. The Router protects your network by

inspecting the first packet coming in through the Internet

port before delivery to the final destination on one of

the Ethernet ports. The Router inspects Internet port

services like the web server, ftp server, or other Internet

applications, and, if allowed, it will forward the packet to

the appropriate PC on the LAN side.

The Use of IP Addresses

IP stands for Internet Protocol. Every device in an IP-

based network, including PCs, print servers, and routers,

requires an IP address to identify its location, or address,

on the network. This applies to both the Internet and LAN

connections.
There are two ways of assigning IP addresses to your

network devices.
A static IP address is a fixed IP address that you assign

manually to a PC or other device on the network. Since a

static IP address remains valid until you disable it, static IP

addressing ensures that the device assigned it will always

have that same IP address until you change it. Static IP

addresses are commonly used with network devices such

as server PCs or print servers.
If you use the Router to share your cable or DSL Internet

connection, contact your ISP to find out if they have

assigned a static IP address to your account. If so, you will

need that static IP address when configuring the Router.

You can get the information from your ISP.
A dynamic IP address is automatically assigned to a device

on the network. These IP addresses are called dynamic

because they are only temporarily assigned to the PC or

other device. After a certain time period, they expire and

may change. If a PC logs onto the network (or the Internet)

and its dynamic IP address has expired, the DHCP server

will assign it a new dynamic IP address.
A DHCP server can either be a designated PC on the

network or another network device, such as the Router. By

default, the Router’s Internet Connection Type is Obtain

an IP automatically (DHCP).
The PC or network device obtaining an IP address is called

the DHCP client. DHCP frees you from having to assign

IP addresses manually every time a new user is added to

your network.
For DSL users, many ISPs may require you to log on with

a user name and password to gain access to the Internet.

This is a dedicated, high-speed connection type called

Point to Point Protocol over Ethernet (PPPoE). PPPoE is

similar to a dial-up connection, but PPPoE does not dial a

phone number when establishing a connection. It also will

provide the Router with a dynamic IP address to establish

a connection to the Internet.
By default, a DHCP server (on the LAN side) is enabled on

the Router. If you already have a DHCP server running on

your network, you MUST disable one of the two DHCP

servers. If you run more than one DHCP server on your

network, you will experience network errors, such as

conflicting IP addresses. To disable DHCP on the Router,

see the Basic Setup section in “Chapter 6: Setting Up and

Configuring the Router.”

NOTE:

Since the Router is a device that connects

two networks, it needs two IP addresses—one

for the LAN, and one for the Internet. In this User

Guide, you’ll see references to the “Internet IP

address” and the “LAN IP address.”

Since the Router uses NAT technology, the only

IP address that can be seen from the Internet for

your network is the Router’s Internet IP address.

However, even this Internet IP address can be

blocked, so that the Router and network seem

invisible to the Internet.

The Intrusion Prevention System (IPS)

IPS is an advanced technology to protect your network

from malicious attacks. IPS works together with your

SPI Firewall, IP Based Access Control List (ACL), Network

Address Port Translation (NAPT), and Virtual Private

Network (VPN) to achieve the highest level of security. IPS

works by providing real-time detection and prevention as

an in-line module in a router.
The RVS4000 has hardware-based acceleration for real-

time pattern matching for detecting malicious attacks. It

actively filters and drops malicious TCP/UDP/ICMP/IGMP

packets and can reset TCP connections. This protects your