4. How to set up the 192.168.1.1 router if it cannot be opened (take WIN7 as an example)
1. Computer settings problem:
Right-click "Network" - --gt;Select "Properties".
Click "Change Adapter Settings".
Right-click "Local Area Connection" -> select "Properties".
Select "Internet Protocol Version 4 (TCP/IPv4)" -> and click "Properties".
Check "Obtain an IP address automatically" and "Obtain a DNS server address automatically" -> click "OK".
2. Router connection problem
The WAN interface in the router needs to be connected to the modem’s network port (LAN port) with a network cable; if the modem is not used for broadband, it needs to be connected to the home. The broadband network cable is plugged into the WAN interface of the router. The Win7 computer uses a network cable to connect to any interface in the router LAN (1234).
3. Router problem
The default router IP is not 192.168.1.1
Many users have a wrong understanding that all router IP addresses are 192.168 .1.1. So when setting up the router, you always enter 192.168.1.1
But the actual situation is that the default IP (setting URL) of different routers is different, and not all routers have IP addresses of 192.168. 1.1.
If the IP address of your router is simply 192.168.1.1, then you will definitely not be able to open the router settings page using 192.168.1.1.
Therefore, you can view the router’s default IP address (website) information in the bottom label of your router
The router’s IP address has been modified
If the router The default IP is 192.168.1.1, but the default IP has been modified. Now the login IP of the router is no longer 192.168.1.1.
At this time, if you continue to use the IP address 192.168.1.1, you will certainly not be able to open the router settings page.
View the real IP of the router:
(1) Right-click "Network" -> select "Properties".
Click "Change Adapter Settings".
Right-click "Local Area Connection" - gt; select "Status" to open
Click "Details"
Find the "IPv4 Default" on the page "Gateway" option, the IP address behind it is the current real login IP of the router.
In this example, 192.168.3.1 is the real login IP address of the router. Now you need to enter 192.168.3.1 in the browser to open the router’s settings page.
Reset the router
Sometimes the router will crash and become unstable, which will also cause the 192.168.1.1 login interface to be unable to open.
Working Principle of Router
Router is a device that connects various LANs and WANs in the Internet. It will automatically select and set routes according to the channel conditions to use the best path. A device that sends signals sequentially. Let’s learn together!
Traditionally, routers work at the third layer of the OSI seven-layer protocol. Their main task is to receive data packets from a network interface and decide to forward them to the next destination based on the destination address contained in them. address.
Therefore, the router first has to search for its destination address in the forwarding routing table. If the destination address is found, it adds the next MAC address before the frame of the data packet, and at the same time, the TTL (TimeToLive) field of the IP packet header also begins to decrease. number and recalculate the checksum. When a packet is sent to the output port, it needs to wait in order to be delivered to the output link.
When the router is working, it can search the routing table in the device according to a certain routing communication protocol. If there is more than one path to a particular node, the basic predetermined routing criterion is to choose the optimal (or most economical) transmission path. Since various network segments and their interconnections may change due to environmental changes, routing information is generally updated regularly according to the provisions of the routing information protocol used.
In the network, the basic function of each router is to dynamically update the routing table it maintains according to certain rules in order to maintain the validity of routing information. In order to facilitate the transmission of messages between networks, routers always first decompose larger data into data packets of appropriate sizes according to predetermined rules, and then send these data packets through the same or different paths. When these data packets arrive at the destination in sequence, the decomposed data packets are packaged into the original message form in a certain order. The hierarchical addressing function of the router is one of the important functions of the router. This function can help a network with many node stations to store addressing information. It can also intercept messages sent to remote network segments between networks and forward them. Function: Selecting the most reasonable route and guiding communication are also the basic functions of a router; multi-protocol routers can also connect network segments using different communication protocols and become a communication platform between network segments using different communication protocols.
The main difference between routing and switching is that switching occurs at the second layer of the OSI reference model (the data link layer), while routing occurs at the third layer, the network layer. This difference determines that routing and switching need to use different control information in the process of moving information, so the ways in which they implement their respective functions are different.
Talk about router security
It is usually relatively easy for hackers to exploit router vulnerabilities to launch attacks. Router attacks waste CPU cycles, misdirect information traffic, and bring the network to a standstill. A good router itself will adopt a good security mechanism to protect itself, but this alone is far from enough. Protecting router security also requires network administrators to take corresponding security measures during the process of configuring and managing routers.
Closing security holes
Restricting physical access to the system is one of the most effective ways to ensure router security. One way to limit physical access to a system is to configure console and terminal sessions to automatically log out of the system after a short period of inactivity. It's also important to avoid connecting your modem to your router's auxiliary port. Once physical access to a router is restricted, users must ensure that the router's security patches are up to date. Vulnerabilities are often disclosed before vendors issue patches, which allows hackers to exploit affected systems before vendors issue patches, which requires users' attention.
Avoid identity crisis
Hackers often use weak passwords or default passwords to attack. Measures such as lengthening passwords and choosing a password validity period of 30 to 60 days can help prevent such vulnerabilities. In addition, users should change their passwords immediately once a key IT employee resigns. Users should enable password encryption on the router so that even if a hacker is able to browse the system's configuration files, he still needs to decipher the encrypted password. Implement reasonable authentication controls so routers can transmit certificates securely. On most routers, users can configure protocols such as the Remote Authentication Dial-in User Service so that these protocols can be used in conjunction with an authentication server to provide encrypted, authenticated access to the router. Authentication controls can forward the user's authentication requests to an authentication server, usually on the backend network. Authentication servers can also strengthen the authentication system by requiring users to use two-factor authentication. The former of the two factors is the token generation part of the software or hardware, and the latter is the user identity and token passcode.
Other authentication solutions involve delivering security certificates within Secure Shell (SSH) or IPSec.
Disable unnecessary services
Having many routing services is a good thing, but many recent security incidents have highlighted the importance of disabling unnecessary local services. It is important to note that disabling CDP on the router may affect the performance of the router. Another factor for users to consider is timing. Timing is essential for efficient network operation. Even if the user ensures time synchronization during deployment, there is still a chance that the clocks will gradually lose synchronization over time. Users can use a service called Network Time Protocol (NTP) to ensure that the clocks of devices on the network are synchronized against a valid and accurate time source. However, the best way to ensure that network device clocks are synchronized is not through routers, but to place an NTP server in the network section of the Demilitarized Zone (DMZ) protected by the firewall, and configure the server to only allow external connections to trusted public accounts. ***Time source makes time request. On the router, users rarely need to run other services such as SNMP and DHCP. Only use these services when absolutely necessary.
Restricting logical access
Restricting logical access mainly relies on reasonable handling of access control lists. Restricting remote terminal sessions helps prevent hackers from gaining logical access to your system. SSH is the preferred logical access method, but if Telnet cannot be avoided, you may wish to use terminal access control to limit access to trusted hosts. Therefore, users need to add an access list to the virtual terminal port used by Telnet on the router.
The Control Message Protocol (ICMP) helps with troubleshooting, but also provides attackers with information they can use to browse network devices, determine local timestamps and netmasks, and make assumptions about OS revisions. In order to prevent hackers from collecting the above information, only the following types of ICMP traffic are allowed to enter the user network: ICMP network unreachable, host unreachable, port unreachable, packet too large, source suppressed and exceeding the time to live (TTL) . Additionally, logical access controls should prohibit all traffic except ICMP traffic.
Use inbound access control to direct specific services to the corresponding server. For example, only SMTP traffic is allowed to enter the mail server; DNS traffic is allowed to enter the DSN server; and HTTP (HTTP/S) traffic through Secure Sockets Layer (SSL) is allowed to enter the web server. To prevent routers from being targeted by DoS attacks, users should deny the following traffic: packets without an IP address, packets using the local host address, broadcast address, multicast address, and any spoofed internal address. Although users cannot prevent DoS attacks, they can limit the harm of DoS. Users can take measures such as increasing the SYNACK queue length and shortening the ACK timeout to protect the router from TCPSYN attacks.
Users can also use outbound access control to restrict traffic from within the network. This control prevents internal hosts from sending ICMP traffic and only allows packets with valid source addresses to leave the network. This helps prevent IP address spoofing, reducing the possibility of a hacker exploiting a user's system to attack another site.
Monitoring configuration changes
After users make changes to the router configuration, they need to monitor it. If the user uses SNMP, then be sure to choose a powerful password string, preferably using SNMP that provides message encryption. If the device is not configured remotely through SNMP management, it is best for users to configure the SNMP device as read-only. By denying write access to these devices, users can prevent hackers from tampering with or shutting down interfaces. In addition, users need to send syslog messages from the router to the designated server.
To further ensure secure management, users can use encryption mechanisms such as SSH to establish an encrypted remote session with the router. For added protection, users should also limit SSH session negotiation to only allow sessions to communicate with a few trusted systems that the user frequently uses.
An important part of configuration management is ensuring that the network uses appropriate routing protocols. Avoid using Routing Information Protocol (RIP), which can easily be tricked into accepting illegal routing updates. Users can configure protocols such as Border Gateway Protocol (BGP) and Open Shortest Path First Protocol (OSPF) to use passwords to authenticate each other by sending an MD5 hash of the password before accepting routing updates. The above measures help ensure that any routing updates accepted by the system are correct.
Implement configuration management
Users should implement configuration management policies that control the storage, retrieval, and update of router configurations, and properly store configuration backup documents on a secure server to prevent new configurations from being encountered. When a problem occurs, users need to replace, reinstall or restore to the original configuration.
Users can store configuration documents on router platforms that support the command line interface (CLI) through two methods. One method is to run a script. The script can establish an SSH session between the configuration server and the router, log in to the system, turn off the controller log function, display the configuration, save the configuration to a local file, and exit the system; the other method is to connect the configuration server to the router. An IPSec tunnel is established between routers, and the configuration file is copied to the server through TFTP in the secure tunnel. Users should also make it clear who can change router configuration, when changes are made, and how changes are made. Develop detailed reverse procedures before making any changes.
Router speed limit setting
1. The computer connected to the router enters the router management page by logging in to 192.168.1.1. In the WEB management interface, select "IP Bandwidth Control Function". Most routers have this function
2. Because in the router settings, the computer automatically obtains the IP address from the router, that is to say, the same computer obtains a different IP address from the router every time. They must be the same, so we must first bind the IP address we obtain from the router to the MAC address of the computer, so that the computer will obtain a fixed IP address from the router. Only in this way can we limit the network speed of certain computers
3. Before binding, you need to know how many devices are connected to the router device and the MAC address of each device. Select "DHCP Server" and click "Client List".
4. You can clearly see the MAC address of the device connected to the router and the obtained IP address. At this time, select the MAC address of the computer to be speed limited, and then copy the MAC address of the device. When copying the MAC address, you can only use the Ctrl C button to copy.
5. After copying the MAC address, it is time to bind the MAC address and IP address. Click "Bind MAC address and IP address", and then follow the instructions in the picture to proceed to the next step. Click "Add Single Entry".
6. In the page that pops up next, paste the copied MAC address of the device into the function box options to be filled in. When pasting, you can only use Ctrl V to paste, and then enter An IP address. The format of the IP address can start from 192.168.1.2. After filling in, click Save. Be sure to remember the IP address you just filled in.
7. Next, you can actually start setting the speed limit of the router. In the opened interface, you first need to turn on the "IP bandwidth control function", and then fill in the total network bandwidth. This is very important. Don't fill it in wrongly.
8. Start entering the IP addresses that need to be bandwidth limited. Fill in the IP addresses you just set into the IP address pool below. The IP addresses filled in here are exactly the same.
9. You can first set the maximum bandwidth limit of the IP to "1000kbps", so select "Limit maximum bandwidth", and then click "Enable" in the box on the right.
10. Then ensure that the minimum bandwidth of this IP is a fixed value to ensure that the bandwidth within the LAN is reasonably and fairly allocated. Here, for the same reason, select "Guarantee Minimum Bandwidth", and then select " Enable".
11. Click "Save" to complete all settings. In this way, this computer will definitely abide by the bandwidth limit and will not exceed the set maximum network bandwidth, thus realizing the control of this computer. Configuration of network functions.
Fast router settings
1. Internet access hardware
One broadband modem, one four-port broadband router, and two straight-through twisted pair network cables.
2. Hardware installation
1. Plug the output line of the broadband modem into the WAN port of the broadband router, and use a straight-through twisted pair network cable to connect the router LAN port to the computer network card.
2. Turn on the power of the broadband modem and router.
3. Configure the router
Take TP-LINK's SOHORT402 broadband router as an example, make the following settings (follow the router manual):
1. In the address bar of the IE window, enter 192.168.1.1 and hit "Go" to open a dialog box asking for a user name and password.
2. Enter "admin" in the user name and password text boxes respectively, confirm, and open the configuration interface of the device.
3. In the routing network connection wizard, select "WAN port" and "PPPOE protocol" (be careful not to select dynamic or static), then enter your telecom broadband account and password in the advanced options Select: Automatic dialing. After configuration, just turn off the power of the router and then restart it.
IV. Configure network computers
Assign fixed IP addresses to the two computers.
1. Open the "Local Area Connection" properties, double-click on the TCP/IP protocol, a dialog box will pop up, select "Use fixed IP address" in the dialog box, and enter 192.168.1.2 in the IP address. The subnet mask is 255.255.255.0, the gateway is 192.168.1.1, and the primary DNS is 192.168.1.1. OK. Except for the IP address of the other computer, which is 192.168.1.3, the other columns are the same.
2. Broadband connections are considered automatic, so that two computers can access the Internet at the same time or independently.
Router functions
(1) Protocol conversion: It can convert the protocols of the network layer and the following layers.
(2) Routing selection: When a packet reaches the router from the interconnected network, the router can select the best route according to a certain routing strategy according to the destination address of the packet, forward the packet out, and can follow the network The routing table is automatically adjusted as the topology changes.
(3) Can support routing selection of multiple protocols: Routers are related to protocols. Different routers have different router protocols and support different network layer protocols. If the interconnected LAN uses two different protocols, for example, one is TCP/IP protocol and the other is SPX/IPX protocol (i.e. Netware’s transport layer/network layer protocol), since these two protocols have many differences , TCP/IP (or SPX/IPX) hosts distributed in the Internet can only communicate with other TCP/IP (or SPX/IPX) hosts in the Internet through TCP/IP (or SPX/IPX) routers. But it cannot communicate with SPX/IP (or TCP/IP) hosts on the same LAN. Multi-protocol routers can support multiple protocols, such as IP, IPX and X.25 protocols, and can establish and maintain different routing tables for different types of protocols. Not only can you connect to the same type of network, you can also use it to connect to different types of networks.
Although this function makes the router more adaptable, it also reduces the overall performance of the router. Now the IP protocol is becoming more and more dominant in the network, so the next generation routers (such as switching routers) only need to support the IP protocol. .
(4) Flow control: The router not only has a buffer, but also can control the data flow of both sending and receiving parties to make the two more consistent.
(5) Segmentation and assembly function: When multiple networks are interconnected through routers, the size of the data packets transmitted by each network may be different, which requires the router to segment or assemble the packets. That is, the router can segment and encapsulate the received large packets into small packets for forwarding, or assemble the received small packets into large packets for forwarding. If the router does not have the segment assembly function, then the entire Internet can only transmit according to a certain shortest allowed packet, which greatly reduces the performance of other networks.
(6) Network management function: The router is a gathering point that connects various networks, and all inter-network packets pass through it. It is more convenient to monitor and manage the packets and equipment in the network here. Therefore, high-end routers are equipped with network management functions to improve the operating efficiency, reliability and maintainability of the network.
A router must have more than or equal to 2 network interfaces, so that it can have routing function. Otherwise, if there is only one interface, there will be no "path finding"! The network interface mentioned here is not necessarily a physical interface, such as a network card or others, but can also be a virtual interface, such as a tunnel entrance, etc.
As described previously, the routing information running on a router can be statically configured or dynamically generated. The former is completed through manual configuration, while the latter dynamically changes the routing table in the kernel according to the network status by running a program running the relevant routing protocol on the router. Below we introduce in detail some configurations of these two types of routers. Usually, a router has both a static configuration part and a dynamic configuration part, both of which are combined.
Introduction to Xiaomi router
Xiaomi router can realize functions similar to NAS and be used as a home data center with a built-in hard drive to store data. The official first public beta version requires a payment of one yuan.
Xiaomi router uses Broadcom 1GHz dual-core processor, supports 2.4GHz 5GHz dual-band WiFi and 802.11ac protocol, and has a built-in 1TB SATA hard drive and 256MBD DR3 memory. The public beta version also comes with a Category 6 network cable (to test the Gigabit wired port), screwdriver, gloves, cooling fan, infrared remote control, Thunder Platinum membership card, etc.
Main configuration
Hard disk
The Xiaomi router has a built-in 3.5-inch 1TB (optional 6TB) surveillance-grade hard drive from Seagate/Toshiba, which implements NAS-like functions. . Using SATA3 high-speed interface, the reading speed through the Gigabit LAN port can reach up to 115MB/s, and it only takes 18 seconds to transfer a 2GB movie. Surveillance-grade hard drives operate more stably than ordinary hard drives, with an average failure-free working time of up to 1.2 million hours.
Antenna
Xiaomi router uses a PCB array antenna. Its antenna core is composed of a circuit board and has 4 antenna units. The design accuracy is as high as 0.02 mm, which is 40 times that of ordinary metal antennas. times. The PCB array antenna is even better in terms of dual-band performance enhancement, with a maximum gain of 4dBi at 2.4GHz and 6dBi at 5GHz. It has better signal gain in both frequency bands than ordinary antennas.
CPU
Xiaomi router is the first to launch the Broadcom 4709C dual-core 1.4GHz in the world. Because smart routers need to handle more complex tasks, processor performance is crucial. Compared with the new Xiaomi router The performance of the previous generation has been improved by 40%. When multiple devices are connected to the router and are reading and writing data, watching videos, or downloading files at the same time, it provides powerful processing performance.
Signal amplification chip
The Xiaomi router has 4 new independent PA signal amplification products built in, from the top American manufacturer SkyWorks, which can enhance the WiFi signal and make the signal in wall-through mode stronger.
Flash memory
The unique 512MB capacity SLC flash memory is used to store router systems. As a smart router, its flash memory is 128 times that of ordinary routers.
Innovative functions
Camera photo backup
SLR and digital cameras can automatically import/backup photos after USB is connected to the router. WiFi devices such as mobile phones can be directly backed up online. . It has a built-in hard drive of up to 6TB, which has plenty of space. It has an average of 1.2 million hours of trouble-free operation, and storage security is guaranteed. After the photos are conveniently stored centrally, they can also be shared among home devices through the router. You can also use your mobile phone to access the photos stored in the router at any time in a remote state. With the trend of computers not being turned on often, more convenient import and more convenient sharing may trigger a new revolution in photo storage.
Remote offline download
The Xiaomi router configuration is more like a small computer that works 24/7. Download tasks are initiated through mobile apps, computers, and browsers, and it supports BT, magnet links, and PT. and other mainstream download methods. At the same time, Xiaomi's powerful video resources are integrated, and a large number of high-definition genuine film and television resources such as iQiyi, Xiaomi Video, and Thunder Cinema are directly downloaded. A third party has developed a drama-chasing plug-in that can automatically download the American dramas and other resources you follow. Supports LAN sharing protocols such as SAMBA and DLNA. You can directly watch downloaded movies and manage downloaded files through mobile phones, TVs, computers, etc.
Online game acceleration
Xiaomi router can monitor and automatically download game update packages in real time and save them in the built-in hard drive. When you turn on your computer and prepare to play, you can quickly get game updates. At the same time, it supports intelligent QoS speed limiting, which can prioritize the game network and not worry about game lag when family members compete for network speed. It is called by players as a must-have "game artifact" in addition to the mouse and keyboard.
Wireless hard drive
Xiaomi router can be regarded as a combination of NAS and router. It can be used as a file server for the local area network. You can store all photos, documents, videos, and music here. It can read or edit documents wirelessly and is simpler than connecting a general mobile hard drive with a USB cable. The wireless transmission speed is up to 58MB/s, which is 2 times faster than ordinary USB2.0 mobile hard drives. What's even more commendable is that you can access it remotely even when you're not at home, and your data can be accessed remotely through your mobile phone or tablet.
If you use the router's network, you can directly watch movies on the Xiaomi router's hard drive. It doesn’t matter if the TV at home is not a Xiaomi TV. Nowadays, Xiaomi boxes can also achieve the same function.
Synchronous use
What should you do if you want to watch American TV series, your girlfriend wants to watch cartoons, and your mother wants to watch action movies? It doesn’t matter, now you just need to watch it through the official website If you download the Xiaomi router's special software on your mobile phone, tablet or PC, you can read different files in the Xiaomi router at the same time.
Technology
Beamforming technology
General antennas can only emit WiFi signals evenly in all directions. Xiaomi routers with intelligent signal tracking technology go one step further. It is based on beamforming technology, which can detect the location of 802.11ac devices such as mobile phones in the network environment, and then concentrate the WiFi signals in specific directions. This way, your mobile phones, laptops and other networked devices will get more stable and high-speed WiFi Signal.
5G-WiFi, 802.11ac protocol
Xiaomi router supports the latest 802.11ac Gigabit WiFi standard, providing up to 3 times faster WiFi performance and a stronger and clearer wireless network signal, the highest wireless rate can reach 1167Mbps. It can transmit data simultaneously at 2.4GHz and 5GHz frequencies, allowing your mobile phone, tablet, TV and other devices to connect to the best available frequency band, so whether you are playing online high-definition movies, browsing the web or large-scale online games, you can get The best online experience.
Router troubleshooting method
1. Access point
Check whether each wireless device can connect to the wireless access point normally and ping the wireless access point directly. IP address, if the wireless access point does not respond, there may be a problem with the wireless connection between the computer and the wireless access point, or the wireless access point itself may be faulty.
2. MAC
Generally, wireless access points have a client list. Only wireless devices in the list can access it, because this list records all accessible access points. The MAC address of the wireless terminal. If this function is activated and no MAC address is saved in this list, the connection will fail.
3. Hardware problems
If there is a problem with the hardware itself, then of course the wireless network is not working. We can check whether the wireless router is working normally through the indicator light, and we can try to replace it. Wireless router.
4. Equipment configuration
Generally speaking, the quality of the wireless router itself is trustworthy, so the problem is most likely to be in the configuration, not the hardware itself. Check the configuration. The direction can be in terms of SSID, key matching between devices, etc.