SETTING UP A BROADBAND ROUTER WITH TELUS DSL
********************************************


Registering A MAC Address
-------------------------

So you have a bunch of machines you want to hook up to the internet
simultaneously, and you are using Telus' DSL service to gain a window on
the internet. To start with, be aware of the limits you are working
within; a simple hub will not work for your needs, as each machine will
have its own MAC address, and Telus only allows you to register two of
those. What you need is a router.

Start by registering the MAC address of one of your machines with Telus
at their Device Registration site:

* Device Registration
  https://registerdevice.telus.com/

Once that is done, shut down the machine, hookup the router and cables
appropriately, and restart the machine.


If You Are Using A D-Link Router (DI-604, DI-704UP)
---------------------------------------------------

Once the machine has restarted, log into your router (using a web
browser), which should (by default) be located at the following address:
192.168.0.1

The user name will be admin and there will not be a password.

To assign a password, go to "Tools" and fill in the password fields for
the admin and user accounts. 

To change the default login IP address, go to "Home", and then "LAN",
and input the desired address in the "IP Address" field.

To clone the MAC address, go to "Home", and then to "WAN", and you
should see a button that say "Clone MAC Address". Click it and the
numbers in the field above the button should now match those of the MAC
address you registered with Telus.

To stealth your network, go to "Advanced", and then "Virtual Server". By
default, port 113 is left visible, making it a possible vector for
attack. To prevent such an event, redirect incoming requests for port
113 to a "black hole" on your network (an unused IP address). I am fond
of 192.168.0.200. Be sure to indicate that this procedure should always
be followed. When you're done, your configuration should look something
like this:

 Enabled
 Name: IDENT
 Private IP: 192.168.0.200
 Protocol Type: TCP
 Private Port: 113
 Public Port: 113
 Schedule: Always

To prevent the public WAN IP address from responding to ping commands,
go to "Tools", and then "Misc.", and under the "Block WAN Ping" heading,
click the "Enabled" radial button. With that done, your network should
now be completely invisible to the outside world. You can test your
network security using Gibson Networks, ShieldsUP! security scan.

* GRC ShieldsUP!
  https://www.grc.com/x/ne.dll?bh0bkyd2

If you want to change the DNS servers you use (as Telus' DNS servers can
be very slow), under "Home", go to "WAN", and fill in the "Primary DNS
Address", and "Secondary DNS Address" fields. I use OpenDNS, which uses
the following DNS addresses:

 208.67.222.222
 208.67.220.220

Now click the "Apply" button, the router will restart, and the changes
will take effect.


If You Are Using A Linksys Router (WRT54G)
------------------------------------------

When the machine has restarted, log into the router (again, using a web
browser), which should (by default) be located at the following address:
192.168.1.1.

The will be no user name, and the password will be admin.

To change the password (the user name--or lack thereof--cannot be
changed), go to "Administration", and then "Management", and change the
password fields accordingly. 

If you want to change the login IP address, go to "Setup", and then
"Basic Setup", and input the desired numbers in the "Local IP Address"
field.

To clone the MAC address, go to "Setup", and then "MAC Address Clone",
click the "Enable" radial button, and click the "Clone Your PC's MAC"
button.

To make sure that port 113 is filtered, go to "Security", and then
"Firewall"; if the "Filter IDENT (Port 113)" box is checked (as it
should be, by default), then no further work is required on your part.
Linksys did it for you.

To change your DNS server from Telus', go to "Setup", and then "Basic
Setup", and input the OpenDNS IP's in the "Static DNS 1", and
"Static DNS 2" fields.

For those that have already forgotten them, the IP's are:

 208.67.222.222
 208.67.220.220

To disable the wireless functionality of the (WRT54G) router, go to
"Wireless", and then "Basic Wireless Settings", and change the "Wireless
Network Mode" to "Disabled". Now click the "Save Settings" button, and
the router will restart, and the changes will take effect.

To check your network visibility, use the ShieldsUP! security scan.

* GRC ShieldsUP!
  https://www.grc.com/x/ne.dll?bh0bkyd2


Using A Telus-branded Siemens Gigaset se567 With A Linksys WRT54G
-----------------------------------------------------------------

First off, this is sort of a sequel to the previous section relating to
the Linksys WRT54G, and assumes the changes made above have been made at
some point in the past.

Start by hooking up the cables as though the se567 were just your
run-of-the-mill ADSL modem (I have a fondness for using LAN 1 as the
substitute WLAN port--but it should not matter).

Next, login to the Linksys WRT54G at the default address (assuming you
have not changed it previously): 192.168.1.1.

Once you are in, under "Setup" - "Basic Setup", change the "Local IP
Address" entry to read something along the lines of: 172.168.1.1 (if it
remains as 192.168.1.1, it will conflict with the Siemens se567 IP
address, and you will not be able to access the latter). Now save the
settings, and exit.

Once the changes have taken effect, you should now be able to login to
the WRT54G at: 172.168.1.1. Also, you should now be able to access the
internet, and the Siemens Gigaset se567, which can be found at this
address: 192.168.1.254. Its default login will be "admin", and its
default password will be "telus" (you may want to change these for the
sake of security).

Of course, "should" does not always mean "will". If you run into
problems connecting to the internet, you might try some of the following
corrective measures.

If you are still using an older Telus plan, it may be necessary to clone
the MAC Address of a machine that was registered with the Telus User
Administration Centre, which can be found at this link:

* Device Registration
  https://registerdevice.telus.com/

To clone a MAC Address with the se567, login to it, and under "Advanced
Settings" -- "Internet" -- "Internet Connection" -- "MAC Address",
select "Use MAC Address of this PC" (you may want to hook your machine
up directly to the se567 to complete this task).

You may also want to ensure that the "Use DHCP" option is selected under
"Advanced Settings" -- "Internet" -- "Internet Connection".

On the security side, you may choose to shut off the firewall on the
se567 under "Advanced Settings" -- "Internet" -- "Firewall". Also, you
can ensure that the wireless functions are disabled by marking the
"Wireless Interface" field, located under "Advanced Settings" --
"Wireless Network", as "Disabled".

And lastly, if you want to use OpenDNS' DNS servers, go to "Advanced
Settings" -- "Internet" -- "Internet Connection" -- "DNS Servers", check
the "Use the following DNS server addresses", and input the following in
the provided text boxes:

 208.67.222.222
 208.67.220.220