1.1 What is a Router?
When speaking about computers, in layman's terms a Router is a device
that goes in between your modem and your computer (or Network of Computers)
and shares the Internet connection to as many computers as you like
using a process called NAT.
1.2 What other features do they have?
There's barely a Router on the market now that is just a Router. Most
have various extra hardware items & features built into them including:-
Switches (to plug multiple PCs together)
ADSL modems* (so you don't need a separate modem)
Print Servers to share a Printer without relying on another PC being
left on
Wireless Access Points so you don't need a separate WAP to connect
up PCs wirelessly
Serial Ports for ISDN or Dial-up failover
Advanced (Stateful Packet Inspection) Firewalls
VPN servers & clients
Content Filtering (Parental Control)
Logging traffic and attempted security breaches
Traffic Shaping (QoS)
even anti-virus
* Products are available overseas with built-in Cable modems, but they're
no good here because the Cable ISPs only allow certain modems (that
they supply) on their Networks.
Note: Products with built-in ADSL modems are unsuitable for cable
and at this stage there is no such thing as a Router with a built-in
ADSL modem that can be used for any other type of Internet connection
other than ADSL.
1.3 Why should I get one?
Routers are secure, easy to use and reliable. A basic Router on a small
Network will take an hour or so to install and keep plugging away happily
for years. Attempting to achieve the same result with software methods
can often take days (at the expense of much hair and sleep) and still
be nowhere near as secure or reliable.
They can't be fooled by viruses or Trojan Horse programs, and because
of the sheer number of different brands and models available, it's unlikely
for anyone to come up with an exploit to affect them.
1.4 How much do they cost?
Simple Routers start from around $100.00 and go up as high as you like
depending on the size of the job it needs to do, and extra features
you may want or need. For the most part, the more you spend, the more
you get. More expensive Routers are generally a lot more powerful to
cope with larger sized Networks or more advanced Internet usage like
multiple VPNs.
1.5 How do I know which one to buy?
Do a little research first, and consider the following :-
What Broadband type have you got?
Does the Router include specific support for your Broadband type?
(eg BigPond Cable. Optus just requires a Router that supports a "Dynamic
IP" connection type which is available on every Router I've ever
seen.)
Do you also require a modem? (There are many Routers that have built-in
ADSL modems which usually provides some cost saving over buying a
separate modem and router. Just bear in mind that these aren't suitable
for Cable Internet).
If you have a separate modem, is it going to be compatible with
the Router? (eg Routers generally need an Ethernet modem. USB modems
are usually not suitable, so if that's all you've got, you'll need
to upgrade the modem or buy a Router with a built-in modem).
Note: Some modems like the Motorola SB4200 Cable modem and
several ADSL modems have both USB & Ethernet ports and these are
fine to use with Routers as long as you use the Ethernet port.
What applications do you commonly use and is the Router configurable
for these? (eg MSN Messenger requires UPnP support for Voice, Video
and File Sharing, and Remote Access applications like PCAnywhere will
require some port forwarding)
How common is the brand & model within Australia in order to
get support and warranty claims?
How long is the warranty?
Does the manufacturer provide local technical assistance?
Read the mini-reviews I have written,
check the manufacturer's websites and try Googling
for other reviews.
What are other people saying about the product in forums like Whirlpool?
Generally, start with the cheapest products and compare them to the
more expensive models or brands to see if the extra features and capabilities
are worth the extra money for you, and then compare the various brands
to each other and you'll usually find one that will stand out.
1.6 Where can I get more specific information
about various products?
See the Router review section for my mini-reviews
of most products available in Australia.
1.7 Can I buy one from you?
You certainly can. I set up an online ordering system at a separate
site at www.oztechnologies.com
specifically for this purpose where I have most of the best products
available and can have them delivered usually within 24 hours.
Using a combination of working from a home office and a unique system
called "drop shipping" (where goods are sent directly to my
customers from the manufacturer's distributors) means that my overheads
and prices are kept very low, while still being able to offer a reasonable
amount of technical assistance as required.
1.8 What else will I need to use a Router?
Each PC will need a Network card and a patch lead. Patch leads, also
known as Cat5 cable with RJ45 connectors, come in two forms - Standard
and Crossover. Crossover cables are only used to connect 2 PCs together
without a Router, or to uplink a Router to another switch (if no crossover
port is available on either device). With few exceptions, the cables
that go between the Router and the PCs will be Standard Cables (The
Billion 711CE/7100Pro & Netcomm NB1300 are exceptions. These use
a Crossover cable in the same situation.)
With Wireless Routers, you'll need wireless network cards for
the PCs you want to be Wireless. Bearing in mind that most Routers with
wireless capability also include a built-in switch so you can also plug
PCs into it with cables and they'll all talk to each other exactly the
same way irrespective of whether the PCs are wired or wireless.
1.9 My ISP tells me that my modem or Router
is not supported. Can I still use it?
When an ISP says they don't "support" something it doesn't
mean it won't work. It just means that they can't (or won't) give you
technical assistance to make it work. The last thing an ISP wants is
to be put into the position of Network Consultant and then be sued for
giving incorrect advice. Their responsibility ends at making sure your
Internet Connection and any equipment they supply works.
1.10 What Routers support XBox Live! or Playstation
2?
Just about anything will work, as both of these game consols have an
Ethernet port* just like a computer and pickup the settings they need
automatically from a DHCP server (the Router). Pretty much all you have
to do is plug them into the Router using a straight through cable and
away they go.
* Not sure if the PS2 comes with the Ethernet adaptor or if you have
to buy it separately.
Features to look for are UPnP support, and in the case of BigPond
Cable, a built-in login client, particularly if you won't have a PC
somewhere to maintain the Heartbeat.
XBox have published a
list of Routers that do and don't work with XBox Live!, but you'll
notice most of the products listed as not working have workarounds.
In these cases XBox may also be being a little harsh on these products
and they may have been listed as "bad" due to the manufacturer's
implementation of the UPnP protocol and these Routers may work fine
with a single XBox but may not work very well with multiple XBoxes on
the same Router.
The same list will be fine to use as a guide for PS2s.
1.11 How do I connect XBox or PS2 wirelessly?
Although Microsoft
have a Wireless adaptor for the XBox, all you need for either the
XBox or PS2 to connect Wirelessly is a "Wireless bridge" (in
client mode) and a Wireless Router or Access Point that shares your
broadband connection wirelessly.
Linksys have an 802.11G product called the WGA54G
and D-Link have the 802.11G DWL-G810
at the time of writing. Most other manufacturers have a Wireless bridge/client
of some sort that should do the trick fine. The open source Linksys
WRT54GL also has some interesting possibilities in this regard with
some of the firmware hacks getting around.
These wireless client devices will connect to just about any Wireless
Router so it shouldn't matter if you need to mix the brands up. I set
up a Linksys WET11 for a customer who already had a Netcomm NB3000 Wireless
Router and the results were rather spectacular. Pings and throughput
were fantastic with no noticeable difference from a cabled connection.
1.12 Why do some Routers have different version
numbers?
Sometimes a manufacturer will change some internal parts that will
then require that different firmware version must
be used. The version number of the product indicates to the owner which
firmware version they need to use with their product.*
Sometimes these new hardware versions are released because of a short
supply of a part, or because an alternate part can be manufactured much
cheaper, and sometimes a new version will represent some improvements
over the original. It's often difficult to find out which is which and
quite often an older version will come back onto the market (eg if a
supply problem with the original part has been fixed). In most cases
it doesn't matter a great deal which version number you end up with
as they all have pretty much the same performance and features but there
are exceptions to this so it pays to do some googling to find out as
much as you can about a product to see if there are any known problems
with any particular version number.
*Warning: Uploading the wrong firmware version to your Router
usually won't work but in some cases it will accept it and cause the
product to fail.
2.1 How do I configure my PCs with a Router?
In most circumstances, the default (DHCP) settings will do the trick.
The PC's TCP/IP settings should be on all automatic and the Router will
take care of the rest. See the Client PC setups on any of the guides.
eg Windows 98/ME, Windows
2000, Windows XP.
Some Routers like Snapgears have their DHCP function disabled by default,
so you'll need to configure your PC with the applicable Static IP or
use the "Router Find" utility that comes with it.
Routers use the TCP/IP protocol for Internet Sharing which is universally
supported by all types of Operating Systems including Macs, Linux, Unix
and anything else around, so you don't need a Windows PC to use a Router.
Routers are very popular with Macintosh users as they're usually a much
cheaper and easier solution than most of the software applications available
for Internet Sharing.
If you prefer to use Static IPs on your Network, all you need to do
is find out the Router's IP address to use as a starting point. For
example, if the Router has an IP address of 192.168.1.1, you would give
your PCs IP addresses in the range of 192.168.1.2 to 192.168.1.254.
(Be careful not to give any two PCs the same number, or to give a PC
the same number as the Router or any other device like a Print Server).
Subnet can be the standard 255.255.255.0
Gateway is the Router's IP address - 192.168.1.1 (in this example)
For DNS Servers, if your Router has a DNS Forwarder you can use the
Router's IP address as your Primary DNS Server, otherwise specify your
ISP's DNS addresses here.
If your ISP uses unqualified Domain Names (eg if the name of their mail
server is something like "mail", "pop" or "mail-hub"
and not something that mentions the ISP's name in full like "mail-hub.bigpond.net.au"),
then you will need to find out their DNS Suffix and also specify that
in your DNS settings.
These TCP/IP settings are the same on all OS types but they may have
slightly different names. eg Windows calls the DNS Suffix setting the
"DNS Suffix" while Macintosh calls the same setting "Search
Domains" on OSX, and simply "Domain Name" on OS9.
2.2 Can I still Network my PCs if I have a Router?
Yes, definitely.
If a Router is specified as having a number of ports (eg 4 or 8 in most
circumstances), the Router is actually two different devices, a switch
and a Router, joined together. A Router's built-in switch functions
no differently to any other switch and will not hinder networking in
any way. Actually, if anything, a Router will make networking easier
as it can tell the PCs everything they need to know to join the network
and access the Internet automatically.
As long as File & Printer Sharing, (aka NetBIOS over TCP/IP) is
active and you don't have software firewalls installed, all you
need to do is ensure that all of your PCs have the same Workgroup name
specified and then you'll be able to see them all and browse their files
by double-clicking the "My Network Places" icon. To access
files on another PC, that PC first has to "share" the folder
(or printer) to allow others to access it, and you do that by Right-Clicking
on the folder or Printer and selecting the "Sharing" option.
If you get asked for a Password (XP & 2000 mainly) when you try
to access a file on another PC, you'll need to also set up "User
Accounts". See the Broadband FAQs for
a tip on doing this.
2.3 How do I configure the Router?
The majority of Routers are configured using your Web Browser. eg Internet
Explorer, Netscape etc. The manufacturer's Quick Start Booklet will
tell you the address to type in and the default username & password
you'll need to know to login for the first time.
Once in there, there'll be a main setup section where you tell it your
ISP type, username & password. They're all fairly similar in concept
and here is what it looks like on a Linksys BEFSR41 V2 
Note: It's the WAN (Wide Area Network, otherwise known as Internet)
that interests us here. All that LAN stuff is fine to leave as it is
unless there's some reason you need to change it, and then you'd only
do so if you knew why you wanted to. Actually that goes with most settings
you'll find in a Router. If you don't know what it's for, it'll be fine
if you leave it as is. The manufacturers understand that most people
wouldn't have a clue about half the stuff they put in there so they
set them up so that they'll work properly by default and leave the other
options for those that know what to do with them, or have at least read
the manual.
2.4 What is Firmware?
Firmware is the software inside the Router that makes it go. Much the
same in principle to what Windows is to a PC.
Manufacturers issue updates from time to time where they add features,
fix a bug or improve a security aspect. Generally it's a good idea to
run the latest version, but the old saying "if it ain't broke,
don't fix it" also applies. If something can go wrong with a Router,
it'll often be during a Firmware upgrade which in some cases may involve
sending it back to the manufacturer for repair.
Firmware upgrades can sometimes take a while and the Router can appear
to have stalled in the process, causing many people to switch the power
off and back on. This will usually have disastrous results by causing
the Firmware to become corrupted leaving a Router that no longer responds
to anything. In many cases there is a recovery process to revive them
again but this can be a fairly complex operation that will be beyond
the capabilities of many people.
2.5 What is NAT?
NAT is "Network Address Translation" and is the method Routers
use to share the Internet to multiple computers, and it also creates
a fairly effective Firewall as a side benefit.
When anything connects to the Internet, the ISP will issue a unique
IP address to it, whether it's a computer, router or whatever. IP addresses
have different classes depending on whether they're for use on the Internet
or for local internal Network use, and public (Internet use) IP addresses
cost money.
What NAT does is allow multiple computers using internal class IP addresses
to share one public IP address to access the Internet. The Firewall
effect occurs naturally because any potential hackers scanning the public
IP address can't see past it to any particular computer so they just
bounce off the Router and get frustrated. In my opinion, NAT provides
a sufficient level of security for most home users as it's effective,
simple to use and less likely to conflict with recreational applications
like online gaming and file sharing, but a Router for business use (or
where there's particularly sensitive data) should have an SPI Firewall.
Most recreational applications will also work fine with an SPI firewall,
but they may require some effort creating the right rules to get them
to work properly.
2.6 What is NAT-T?
NAT Traversal. A way of getting around the NAT barrier.
See VPNs below.
2.7 What is SPI?
SPI stands for "Stateful Packet Inspection" and is a smart
Firewall that can examine each packet of data, inbound and outbound,
and automatically detect and block common forms of attack by hackers.
Other benefits are that because of the extra attention to detail that
an SPI Firewall provides, rules and filters can be far more comprehensive.
With just a NAT Firewall, a rule can be created to allow access by other
Internet users to a particular PC on your Network through a particular
port. With an SPI firewall the same rule can include limitations based
on the source of the user, the time of day and which days of the week
you want access to occur, and can also include similar rules for outbound
activity. For example, this would allow a rule to be created that will
prevent users on your Network from accessing FTP servers or even websites
during certain periods of the day.
2.8 What is Content Filtering?
Content Filtering means blocking access to certain material available
on the web, and will usually log attempts by Network users to access
forbidden material.
In Routers under $500.00 this is usually achieved by using either a
keyword list, URLs or both. eg You can create a rule to block access
to any website that uses the word "tree" in its name, or you
can block access specifically to "www.tree.com.au".
Note: These Routers do not filter emails or viruses.
In more expensive Routers, content filtering gets serious and is available
as a subscription service (with an annual fee). The manufacturer will
provide a list of forbidden websites and provide regular updates. For
example, see Snapgear's
URL Content Filtering Service.
In more expensive Routers still, the ability to block viruses (with
regular definition updates), filter emails and even block access to
downloading certain file types like mp3s is available.
2.9 What is UPnP?
Universal Plug and Play.
The name indicates this feature may be something to do with installing
hardware but it's actually a smart network protocol that allows ports
to be opened and closed on request. At the moment it is mainly used
by MSN Messenger to allow voice, video and file sharing to work from
all networked PCs at once without any special configuration necessary,
but in the future it'll be utilised by devices like "smart"
fridges so you'll be able to check your fridge at home from the office
to see if you need to buy milk on the way home.
I find it to be a feature that is almost unanimously demanded by home
& small office purchasers but it does have a few critics who think
it adds some risk of being exploited by a clever hacker one day and/or
MSN Messenger being use as a conduit to allow a virus into the Network.
Nevertheless, the feature can usually be disabled in the Router by anyone
who considers it a security risk.
See upnp.org for more.
2.10 What is VPN/multiple VPN Pass-through?
VPN is Virtual Private Networking. This is a way for Computers in different
locations to Network to each other using the Internet instead of a direct
cable. VPNs are becoming increasingly popular with people who can't
always be physically present at a PC that they need to access regularly.
eg People who work from home or on the road that need access to a data
file or email account at the office. Another popular one is using a
VPN to remote control a PC across the Internet
using an application like Timbuktu or VNC. Doing this sort of thing
via a VPN is far more secure than just connecting directly using just
a username and password.
Where VPNs can be a bit of a problem with Routers is because the Internet
is involved certain security precautions are necessary and these have
taken the form of different forms of data encryption. An unfortunate
side effect of this encryption is that it isn't particularly NAT friendly
and will usually either be blocked or restricted somehow by most Routers.
To get around this, some Routers have built-in VPN Servers and clients,
some have an ability to allow one (software) VPN tunnel to "pass-through"
the NAT barrier and others have the ability to allow "pass-through"
for several simultaneous VPN tunnels. One of the more common tales of
woe I hear from people is where they've tried to save money and have
purchased low-end Routers without considering their VPN requirements
and for a few dollars more they could have had a more suitable product.
Some comments from manufacturers on this topic:
FAE from DrayTek Engineering Department warns that while Draytek
Routers do have multiple VPN passthrough capability, not all VPNs
can pass though the NAT barrier successfully: "there are many
incompatibilities between NAT and IPsec: IPSec with AH can't passthrough
NAT. L2TP with IPSec can't be passthrough NAT device except both VPN
client and VPN server support NAT-Traversal mechanism. To the same destination,
only one outgoing IPSec with ESP connection can be established at a
time except both VPN client and VPN server support NAT-Traversal mechanism."
NETGEAR advises: "Most home router models support only
a single outbound IPSec session. Some models provide multi-session capability,
but this may not be sufficient in all situations.
The IPSec-passthrough ALG achieves its multi-session capability by using
IKE cookies to distinguish IKE/phase1 sessions and the IPSec SPI pairset
to distinguish between VPN/phase2 sessions. This differs from earlier
ALG implementations which simply returned all IPSec traffic to the NAT
client that last made an outbound VPN session.
It isn't possible to guarantee multiple simultaneous outbound sessions
in all circumstances. For example:
1. It may not be possible to support simultaneous startup and/or
re-keying of IKE sessions. This will show as multiple sessions can
be run, but not started at the same time - you may need to wait a
short time before starting the second outbound connection. And if
there is a later collision during phase 1 re-keying, one or other
session may be lost.
2. A small number of IPSec VPNs initiate IKE re-keying from the server
end, rather than the more common client end. This often requires mapping
of UDP/500 to the IPSec client PC, otherwise the session will fail
after some time, often 20-40 minutes. Because the same protocol/port
can only be mapped to a single local device, this will usually preclude
simultaneous sessions.
3. Some VPN client/server combos can’t support multiple simultaneous
connections to the same VPN server/IP from a single NAT’d public IP.
Simultaneous connections to different VPN servers may be possible,
but not to the same server.
These types of restrictions apply to the IPSec-passthrough ALG’s
in most NAT routers, though it isn’t uncommon to find enough difference
in the implementation detail between routers for some combination to
fail on one device, work on another but to be the opposite for a slightly
different case. There’s no easy way to be certain, without testing the
customer’s specific case.
RFC3715
has a good discussion of why this is a complex problem to solve in the
general case, and why it can’t be entirely handled in the router ALG,
changes in the VPN software are suggested as well.
Some VPN implementations support NAT Traversal (NAT-T) which attempts
to avoid the problem by re-encapsulating VPN traffic inside UDP packets
which allows them to be better handled by NAT routers. For this to be
effective, both the VPN server and client software need to support compatible
implementations of NAT-T. In some situations it may be possible to use
a VPN endpoint router in place of the software VPN client - a single
tunnel between the client-side router and the VPN server may then be
able to accomodate multiple client sessions to the same destination."
2.11 What is Port Forwarding?
Port forwarding, also known as Virtual Servers, is a way of directing
traffic from the Internet through the Firewall effect of NAT to a particular
PC on your Network that you want people out on the Internet to be able
to get to. Typical examples where you might want to do this include
running your own website, remote control applications like PCAnywhere,
webcams and running your own Game Server.
Data travelling across a Network (or the Internet) uses a combination
of protocols and ports, and Computers have 65535 ports (ie possible
end points or destinations). A lot of these port numbers have common
uses and are assigned by the Internet
Assigned Numbers Authority. In particular, ports 1 - 1024 are known
as common ports, and within this range you'll find most port numbers
used in day to day Internet and Network browsing. For example, Websites
use Port 80, FTP is port 21, Send email (SMTP) is port 25, NetBios (File
and Printer Sharing) uses port 139 and the list goes on.
What happens with NAT is when data is travelling to your PC (as
opposed to outbound), it will hit the Router on a particular port number
and will have nowhere to go. This is generally a good thing as it keeps
the hackers out, but there may be situations when you actually want
that data to find it's way through the NAT layer to a PC, and that's
where Port Forwarding comes in handy. We can tell the Router to accept
that data and direct it to the PC we want it to go to.
As an example, lets say we wanted to run a Website from one of the PCs
on a network. We know websites use Port 80 and the PC is on Internal
IP address 192.168.1.4 (See the glossary
for how to find out the IP address of a PC). So now all we have to do
is tell the Router to "route" all Port 80 traffic that comes
in from the Internet to IP address 192.168.1.4 on our Internal Network.
This is what it looks like on a Linksys BEFSR41 Router -
And this is a Billion 741GE -
Note: Port 80 is one of the standard options on the Billion.
For a non standard port there are blank options further down the page
where you can also specify a whole port range instead of just a single
port and the full range of protocol options -
With some Routers, the port number is selected from a pulldown list
with standard port numbers available. If the port you wish to use is
not in the list, you'll need to find a section in the Router where you
can add a "custom virtual server" and then it will appear.
Other Routers like the Alcatel
Speed Touch Pro also require specifying an "outside address"
(the IP address someone the Internet is connecting from). In
these cases you'll probably want this open for everyone so specifying
an address of 0.0.0.0 usually does the trick.
For information about a specific application, Google
the name of the application and the words "Firewall" and "Ports"
and you'll usually turn up everything you need. Often adding the name
of your Router will find even more specific information.
A fantastic resource with specifics for dozens of Routers is PortForward.com.
2.12 What is DDNS?
Most Routers include a built-in DDNS client. See the Remote
Access page for more about DDNS.
2.13 What are logs?
Most Routers keep logs of all kinds of activity both inbound and outbound.
Some, like most Netgears, can be configured to email the logs to you
at specific intervals or when certain types of activity occur. Other
Routers like Linksys and Netcomms have an external application (downloadable
from the manufacturer) that collects the log data from the Router and
displays it in various ways. (For these types of Routers there will
be a page where you can turn logging on and specify the IP address of
the PC running the logging application). Other people have written their
own versions of these logging applications that can display the data
in lovely graphs and tables.
See Wallwatcher
for Linksys
Linklogger
for Netgear, Linksys & Zyxel.
Trev's
SNMP utility for Billion 741GE.
Trev's
D-Link DSL500/504 info dump
And there's probably heaps more of these around too for other products.
2.14 What is Idle Timeout?
Some Routers' Internet connection types like BigPond Cable
have an idle timeout setting. This is supposed to instruct the Router
to disconnect from the Internet if no one has used it after a certain
amount of time and then reconnect automatically as soon as someone tries
to access something again. Personally I can't see the point and this
feature has caused so many problems for so many people I'd prefer to
see it ommitted completely in favour of an "always on" connection.
After all, we're not charged by time on Broadband so what's it for?
Furthermore, this feature can cause some truly evil behaviour on some
Routers. With Netgears for example, we used to be instructed to set
the idle timeout to "0" for an "always on" connection,
but now with many models, setting this to "0" causes the Router
to constantly connect and disconnect in under a second. (Aargh!). Even
worse is that these same models still instruct to set Idle Timout to
"0" for an always on connection in the help files.
Linksys are worse again (Termed "Keep Alive: Redial Period xxx
seconds" or similar). Setting this field to 0" will often
cause the Router to go into a perpetual reboot sequence which is not
recoverable or reversable so it has to go back to the factory under
warranty.
Your best option with Idle Timout is to set it to 30 mins regardless
of what the manufacturer's instructions say.
2.15 Power Buttons
A quick warning on Power Buttons.
Power buttons are a weak link on this type of equipment and are one
of the key areas of failure second to firmware corruption. In most cases
you're better off not touching them, but if you do feel the need to
switch your Router off on a regular basis it's best to switch it off
at the power point or even pulling the power out of the back.
Most manufacturers have ommitted power buttons from modern models because
of this problem. Hey, warranty claims cost money that has to be factored
into the production cost, so if you can eliminate 20% or more of them
by leaving out a dodgy 15 cent switch, it makes perfect sense.
3.1 I can't connect to the Router. It just says "Page cannot
be displayed".
There are three main reasons for this -
1. The PC is not getting an IP address from the Router. This can be
because the PC is configured with a static IP address in an incorrect
range, the Router's DHCP server is not switched on (Usually a reset
via the reset button will fix this but some Routers like Snapgears have
DHCP off by default), or the PC has not had a chance to renew it's IP
address. See the glossary for how
to force this to occur.
2. There is a Proxy Server specified in your Internet Options.
Go to Control Panel > Internet Options > Connections and set to “ never
dial”
Go to Control Panel > Internet Options > Connections > LAN Settings
and untick all the boxes.
3. There is a faulty or incorrect cable type being used. Check that
link lights on the router are coming on to indicate a valid connection
between your PC and the Router.
3.2 I can't send emails. What am I doing wrong?
Many ISPs use "unqualified domain names". This will usually
be the case if the outgoing (SMTP) mail server in your Email account
settings doesn't have the ISP's name in it somewhere. For example, BigPond
Broadband uses "mail-hub" while the fully qualified domain
name is "mail-hub.bigpond.net.au".
To get around it, you will either have to add the rest of the domain
name or add a special DNS suffix to the TCP/IP settings on your PC.
See the Broadband FAQs for more help
with email problems.
3.3 I can't connect to BigPond Cable.
See the Heartbeat FAQs
3.4 I can't connect to Optus Cable.
Optus doesn't have a Heartbeat or require a username or password, so
any Router without a built-in modem will work fine. Just set the Router
up to use an Internet Connection that doesn't require a username or
password (sometimes called Dynamic IP) and away it'll go. If it doesn't
connect, reboot the modem (switch the power to it off for about 10-20
secs and back on), followed by the Router.
In some cases, it may help things along by "spoofing" the mac
address of the old Network Card (or USB) that was connected to the
modem beforehand.
To find this Mac address, see http://ozcableguy.com/glossary.asp#mac
Write it down and then find a section in the Router that allows you
to specify a Mac address for the WAN port and copy it there. (Note:
Some Routers allow various fiddling with Mac addresses on LAN ports
and this is not what we're looking for here. It must be referred to
as WAN or Internet and not LAN or Local.)
3.5 I can't connect to ADSL.
The most common reason for this is when your ISP uses a PPPoE or PPPoA
connection type (most ISPs that support one also support the other so
it doesn't matter which you choose) and you don't add the full username.
In almost all cases, the user name will be "username@something"
and not just "username". eg BigPond customers use username@bigpond,
Iinet customers use username@iinet.net.au and Internode customers use
username@internode.on.net. Notice that the last bit varies between ISPs.
Some, like Bigpond, just require @bigpond and nothing else or it won't
work, whilst Iinet needs the .net.au bit as well.
Update: I recently hooked up a BigPond customer and only "username"
by itself would work. The usual "username@bigpond" format
just plain refused to connect, so if you're having trouble connecting
you should definitely try a few variations along these lines.
Optus ADSL is a little peculiar and deserves a special mention
too. Most ADSL modems have a setting in the advanced section for the
"Authentication Protocol" to be used. By default this will
usually be set to something like "PAP/Chap" or "Chap
(Auto)" but these don't work with Optus DSL. It must be changed
to PAP only.
Another common reason when using ADSL modems like the Billion 711CE/7100Pro
or Netcomm NB1300 is that these require a crossover cable to connect
to a PC or another Router. You'll spot this right away as the link lights
won't be lighting up if you've got the wrong cable type.
For other ADSL types that use variations of IPoA (like TPG), if you're
not sure which encapsulation type to use, just try every option that
doesn't require a username and password and check the Router's status
page with each attempt until you get it.
Another one that frequently comes up is where there is a fault on
the ADSL line or the exchange. These ones will be obvious in that the
Line Sync light will not be showing a "sync" status. Generally
a proper line sync will be shown by a solid glowing sync light on the
modem, but some oddball modems may show a line sync as a blinking light.
For example, some firmware versions of Dynalink RTA100 & 220 show
a blinking light, but to add a spanner in the works, these same products
when upgraded to more recent firmwares will show a solid light.
In my experience connecting ADSL whilst working for Telstra, when line
sync problems came up, the rate of faults in the line or exchange Vs
actual faulty modems was around 100 to 1, so the chances of having a
faulty modem in these circumstances is fairly small (particularly if
you can log into it and everything else seems to be functioning properly).
However, it still happens, so if the ISP is going to charge you a service
call to inspect the line where no fault is found, the only way you can
double check your modem is by plugging it in at a location where the
ADSL is known to be working, or borrowing a proven modem and plugging
it into your phone line.
3.6 I've got a modem/router combo but I want
to plug it into another Router.
Many modem/router products like the Netgear DM602,
Billion 5100 & 7100Pro, Dynalink RTA100 and others are commonly
purchased to be used with other Routers and also many people may have
existing modem/routers that they want to use with different Routers
(eg Wireless Routers). What we need to do here to get the best results
is to change these products to behave as standard modems (called "bridging")
and not behave as Routers any more. The reason for this is that having
two Routers inline isn't a good thing to do and while usually you'll
get things working this way, it becomes very difficult to configure
other services through and you could also create a bottleneck in the
data flow. (Something you particularly want to avoid if you're plugging
a basic modem into an advanced multi-VPN Router for example, as you'll
lose all the advantages the better Router has to offer).
The first step is plug the modem directly into
a PC. (If you plug it into the Router you're going to be using you won't
be able to access it to change the settings).
Next, follow the manufacturer's instructions to set up your PC to log
into the modem's configuration menus.
Look for an option in the menus (Usually under "setup" or
"quickstart") where you can change it into a "bridge".
Depending on the product, you may also have to adjust the encapsulation
type to match. eg. It may have an option that says "Bridged IP
LLC" or "RFC1483 Bridge" and other similar derivations.
Other details like usernames and passwords leave blank, and uncheck
any options to "dial on demand" or "automatically reconnect".
Save the settings and Bob's your Uncle. You can now plug the modem into
the Router and set the Router up to login into ADSL using a PPPoE ISP
type.
Bridging instructions are usually found within the
modem's manual, but these links may help.
Alcatel Speed Touch
Pro
Alcatel Speed Touch 530/510
Billion
711CE/7100Pro (Scroll down to the first Technical FAQ about half
way down the page)
Netcomm NB1300 is very similar to configure to the Billion above
.
Netgear
DG814
Netgear DM602. See "Configuring the modem in modem
device mode for a fixed (static) TCP/IP account" on P38
of the downloadable Manual from Netgear.
Note: Most ISPs are LLC based and use VPI
of 8 & VCI of 35, but check with your ISP if unsure of these parameters.
Note2: Some people worry about the old modem/router being on
a different IP range or even being on the same IP address as the new
Router. The IP address used by the modem/router in bridging mode doesn't
make a lick of difference and won't conflict, so there's nothing to
be considered there. In bridging mode, the modem doesn't have an active
network presence so it's invisible to everything on the LAN anyway.
Note3: If your old modem/router has 4 ports, Internet Sharing
will no longer be available from these extra ports once it's in bridging
mode. Your PCs will need to be plugged into the new Router for this
to happen.
Another way to do it is allow the modem
to perform the authentication but switch off NAT (sometimes called "half
bridge"). Then set the Router up as a Connection that doesn't require
a username & password (Dynamic ISP). This technique comes in handy
if your ISP uses a PPPoA authentication type but your Router only does
PPPoE and it won't work (often it will work anyway, so give it a try
first).
Note: If you're bridging a router/modem to
another Router and can't seem to connect, plugging the modem directly
into a PC and configuring a software connection method can reveal some
useful error messages (if it won't connect that way either of course.
If it does, you know something's amiss with the Router configuration).
"Authentication error", or "username/password is invalid
on the domain" type messages are incorrect username and/or password
problems. (Be aware that sometimes these happen because the ISP hasn't
properly activated your account or they've given you incorrect details
or a typo)
"The remote computer did not respond" indicates the modem
is not bridged correctly or a line or exchange fault exists. Sometimes
phones and other devices plugged into the same line without filters
can cause interference to the modem too.
3.7 My Router keeps locking
up or dropping out.
There could be several reasons for this.
1. The most common reason by far is infection
by certain viruses. See my blog
entry referring to Welchia virus. Another common one more recently
is SDBot.
These viruses will flood a router with so much traffic that it will
cause the router to lock up or reboot giving the false impression that
there's something wrong with the router. Netgear
released a news bulletin about it when the first of these started
to pop up.
Don't always trust your anti-virus software either. I have seen first
hand on several occasions Welchia or SDBot have been rampant on PCs
running up to date versions of common anti-virus products, and I have
even seen SDBot infect a PC within minutes of going online after a format
and clean installation. The best way to check is to install a network
analyser like the Commview
trial version and check for large amounts of unusual outbound activity.
2. Instability has also been a problem on
many Routers with some of their initial firmware releases. Upgrade your
Router to the latest Firmware available and see how it goes.
3. If you're using BigPond Cable, check
that it is correctly configured per the
Heartbeat page.
4. Your Router may not have the processing
power for what you're asking from it. Routers below say $300.00 are
designed for Networks of up to 10 or maybe 20 users as a rule and the
cheaper the product the less likely it'll be able to perform well under
busy loads. For larger Networks, or where there are busy servers present,
throughput figures become far more important and Routers like Snapgear,
Cisco or the more expensive offerings from mainstream manufacturers
become the cheaper solution in the long run. (Big dollar products usually
means lots of processing power.)
5. Related to point 4 above is using file
sharing applications like BitTorrent.
Most torrent clients by default don't restrict the number of current
open connections and this can quite easily fill up a Router's NAT table
within a short period of time and cause poor performance or frequent
lockups or reboots. If you're into these things make sure you do your
homework first by searching the BitTorrent forums to find which Routers
cope the best. Alternatively I believe some clients have an option to
restrict the number of active connections in their advanced options
and this will generally cure the problem too as far as I'm aware.
6. ADSL modems could also be dropping out due to problems with
the phone line or inadequate filtering allowing interference from other
devices such as a Foxtel IQ box. See ADSL FAQ
1.6 for more about line filters.
Your modem's diagnostics page can also tell you quite a bit about your
line quality. Phoneworks
have an excellent breakdown of what's good and what's bad when looking
at these figures.
