manualshive.com logo in svg

ELSA Lancom DSL/10 Office, Manual

The ELSA Lancom DSL/10 Office is a high-performance DSL router designed for small businesses. This product comes with a comprehensive user manual that can be downloaded for free from our website. Get step-by-step instructions on setup and troubleshooting to maximize the functionality of your DSL router.

Share
Download
background image

Operating modes and functions

ELSA LANCOM DSL/10 Office

22

Login barring

The configuration in the 

ELSA LANCOM DSL/10 Office

 is protected against “brute force

attacks“ by barring logins.  A brute-force attack is the attempt of an unauthorized person
to crack a password to gain access to a network, a computer or another device.  In order
to do so, a computer can, for example, run through all the possible combinations of letters
and numbers until the right password is found.

As a measure of protection against such attacks, the maximum allowed number of
unsuccessful attempts to log in can be set.  If this limit is reached, access will be barred
for a certain length of time.

If barring is activated on one port all other ports are automatically barred too.  

The following entries are provided in the 

ELSA LANconfig

 for configuring login barring in

the 'Management' configuration area on the 'Security' tab or under 

/Setup/Config-

module

in the menu:

K

'Lock configuration after' (

Login-errors

)

K

'Lock configuration for' (

Lock-minutes

)

Access control via TCP/IP

Access to the internal functions of the devices through TCP/IP can be restricted using a
special filter list.  Internal functions in this case means telnet or TFTP sessions to
configure the 

ELSA LANconfig

.

This table is empty by default and so access to the router can therefore be obtained by
TCP/IP using telnet or TFTP from computers with any IP address.  The filter is activated
when the first IP address with its associated network mask is entered and from that point
on only those IP addresses contained in this initial entry will be permitted to use the
internal functions.  The circle of authorized users can be expanded by inputting further
entries.  The filter entries can describe both individual computers and whole networks.

The access list can be found in the 

ELSA LANconfig

 in the 'TCP/IP' configuration section

on the 'General' tab, or in the 

/Setup/TCP-IP-module/Access List

 menu.

Security for your LAN

You certainly would not like any outsider to have easy access to or to be able to modify
the data on your computers.  The 

ELSA LANCOM DSL/10 Office

 offers you various ways

of restricting access from outside:

K

Data packet filtering

K

IP masquerading (also known as NAT or PAT)

Summary of Contents for Lancom DSL/10 Office

Page 1: ...M ELSA LANCOM TM DSL 10 Office 20554 0200...

Page 2: ...ations that arise as the result of technical development ELSA is DIN EN ISO 9001 certified The accredited T V CERT certification authority has confirmed ELSA conformity to the worldwide ISO 9001 stand...

Page 3: ...functions and operating modes and examples of configurations K CD containing electronic documentation Basic technical information e g on xDSL general network technology TCP IP workshop with comprehen...

Page 4: ......

Page 5: ...ss administration with the DHCP server 12 Beginning configuration using ELSA LANconfig 12 Start up inband configuration using telnet 13 Configuration commands 13 New firmware with FirmSafe 14 This is...

Page 6: ...a 41 Declaration of conformity 42 Warranty conditions 43 Index 45 Description of the menu options on CD only R1 Status R3 Status Connection state R4 Status Current time R4 Status Operating time R4 Sta...

Page 7: ...WAN module R26 Setup Charges module R29 Setup LAN module R30 Setup TCP IP module R31 Setup IP router module R34 Setup SNMP module R42 Setup DHCP server module R43 Setup DNS module R45 Setup Config mo...

Page 8: ...Contents ELSA LANCOM DSL 10 Office VIII...

Page 9: ...8 Kbps This section is a brief introduction to the device and its functions See the following sections for a detailed description of the functions the software and how to use it and an introduction to...

Page 10: ...also shield your network against access from outside What does the ELSA LANCOM DSL 10 Office offer The following is an outline of the principal features of the device giving you a quick overview of it...

Page 11: ...a transmission error the functioning previous version is automatically reactivated DHCP Thus you can define a certain range of IP addresses which the DHCP server then independently assigns to the indi...

Page 12: ...ters or networks The correct route can be directly assigned on queries for known computer names The DNS server can also access the name and IP information from the DHCP server The DNS server can also...

Page 13: ...Package contents Please check the package contents for completeness before starting the installation The following components should be in the box K Power supply unit K LAN connection cable K xDSL co...

Page 14: ...ges so long as the DSL Chan LED is green LAN tx rx LAN Coll Link LAN FDpx Fast These LEDs show the corresponding network controller status Off Device off red 1 x short Boot procedure test and load sta...

Page 15: ...able supplied into the 10 100Base T network terminal of the device and into a free network connector on your local network or into a free socket on a hub in your LAN Connect the device to the Ethernet...

Page 16: ...ndows Explorer click on autorun exe on the CD ELSA LANCOM and follow the instructions in the install program Basic configuration The IP address for the access point is set during the basic configurati...

Page 17: ...etworks and IP addresses and one of the following conditions applies You have not used any IP addresses previously in your network but would now like to do so However you wish to set the IP address fo...

Page 18: ...module language english Intranet address and network mask set setup TCP IP module Intranet adr 10 0 0 1 set setup TCP IP module Intranet mask 255 255 255 0 After changing the Intranetaddress the teln...

Page 19: ...t of a network fault or if an IP network is not installed On the other hand whether or not you will need additional software or hardware The inband configuration requires one of the computers already...

Page 20: ...ically When using the DHCP server you can have the IP addresses for all computers on the network assigned automatically see also chapter Automatic Address Administration with DHCP The router can also...

Page 21: ...n establish a connection with the device using the IP address After entering the password if you have set one to protect the configuration all commands are available from the Configuration commands se...

Page 22: ...een all entries in table rows An leaves the entry unchanged set setup name AACHEN assigns the name AACHEN to the device set VALUE shows you which values can be specified here del VALUE deletes a a tab...

Page 23: ...tomatically loads the previous firmware version and reboots with it K Manual With the third option you can define a time period during which you want to test the new firmware yourself The device will...

Page 24: ...sing Telix click on the Upload button specify XModem for the transfer and select the desired file for the upload K If you are using Hyperterminal click on Transfer E Send File select the file specify...

Page 25: ...s SNMP V 1 has only a very limited set of commands at its disposal as the table below shows These commands can be used for central monitoring and configuration of SNMP capable devices on a network The...

Page 26: ...ss the router If the trapping mechanism is enabled and a failed access attempt is detected an Authentication Failed trap is triggered and sent to the manager s in the SNMP trap table Bear in mind that...

Page 27: ...s for someEntry in the SNMP syntax K With SNMP managers that do not allow index values to be entered any existing index entry of a row can be changed to the new index value of the new row The row whic...

Page 28: ...p messages using the setup SNMP module Send Traps switch SNMP and ELSA LANmonitor The following three entries setup SNMP module Register monitor Delete Monitor and Monitor table are only relevant for...

Page 29: ...the exchange of data are established in the configuration of the device These include the security of your network monitoring of costs and the authorizations for the individual network users Needless...

Page 30: ...es Access control via TCP IP Access to the internal functions of the devices through TCP IP can be restricted using a special filter list Internal functions in this case means telnet or TFTP sessions...

Page 31: ...n and source as well as the source and destination IP addresses with a data packet The destination port in a data packet stands for the service to be addressed in the TCP IP network The destination po...

Page 32: ...ettings for the ELSA LANconfig can be found in the Management configuration section on the Charges tab or under Setup Charge module during telnet or terminal sessions The current charge and connect ti...

Page 33: ...nnection on the xDSL line and indicate that it wants a connection to the access concentrator of Provider A and to use Service X there Once the connection has been established the router can forward th...

Page 34: ...d If a zero is given as time out the connection will not be automatically terminated K Access Concentrator The access concentrator represents the server that can be accessed over this connection If mo...

Page 35: ...ing An IP router works between networks which use TCP IP as the network protocol This only allows data transmissions to destination addresses entered in the routing table This chapter explains the str...

Page 36: ...ndicates what should happen with the data packets that match the IP address and network mask Routes with the router name 0 0 0 0 identify exclusion routes Data packets for this zero route are rejected...

Page 37: ...ng in ELSA LANconfig in the TCP IP configuration section on the Router tab or in the Setup IP Router module Local Routing On menu This is how you tell the router in your device to send the data packet...

Page 38: ...5 5 minutes Now if the router receives an IP RIP packet it must decide whether or not to incorporate the route contained into its dynamic table This is done as follows K The route is incorporated if i...

Page 39: ...in an internal table It also enters this port on the table and forwards the packet with the new information The entry in the internal table allows the router to assign this response to the original se...

Page 40: ...request What IP address belongs to www domain com K Initially the router checks whether a DNS server has been entered in its own settings in ELSA LANconfig in the TCP IP configuration section on the A...

Page 41: ...passes the following parameters to the workstation computers K IP address K Network mask K Broadcast address K DNS server K NBNS server K Default gateway K Period of validity for the parameters assig...

Page 42: ...h an activated DHCP module will offer this computer an address assignment A valid address is taken from the pool as an IP address If the computer was already assigned an IP address at some point in th...

Page 43: ...ximum period of validity that the DHCP server assigns a host If a host requests a validity in excess of 6000 minutes this will nevertheless be the maximum available validity The default setting is 600...

Page 44: ...determined that the address has already been assigned to another computer Unfortunately the DHCP server has no means of obtaining additional information on this computer K status A computer has infor...

Page 45: ...idual computers simply by specifying the domain name When processing requests for specific names the DNS server takes advantage of all of the information available to it K First the DNS server checks...

Page 46: ...a the router For example if would like to access the mail server at your headquarters name mail yourdomain com IP 10 0 0 99 via the router from a branch office enter cd setup dns module dns table set...

Page 47: ...s for exactly one character and for a random number of characters are valid when entering the domain For example if only a single computer IP 10 0 0 123 is to be prohibited from accessing de domains e...

Page 48: ...Operating modes and functions ELSA LANCOM DSL 10 Office 40...

Page 49: ...t IP services such as web server Management V 24 V 28 outband interface 8 pin mini DIN TFTP configuration and firmware upload SNMP management via SNMP v 1 or v 2 WAN or LAN accesses can be activated s...

Page 50: ...the Niederspannungs Richtlinie 73 23 EWG Low Voltage Directive 73 23 EEC EMV Richtlinie 89 336 EWG EMC Directive 89 336 EEC Zur Beurteilung der Konformit t wurden folgende Normen herangezogen The ass...

Page 51: ...d The warranty period for ELSA products is six years Excepted from this warranty period are ELSA color monitors and ELSA videoconferencing systems with a warranty period of 3 years This period begins...

Page 52: ...no entitlement to additional claims such as any refund in full or in part Compensation claims regardless of the legal basis are excluded This does not apply if e g injury to persons or damage to priv...

Page 53: ...aging minute s R47 Configuration 3 Commands 13 methods 11 SNMP 17 Configuration interface 11 Configuration options R46 Connect R28 Connection control 23 Connection time outs R27 Connections 7 Connecto...

Page 54: ...Inband 11 Inband configuration 11 Install software 14 Installation 2 Interfaces 7 Internet 2 Internet service provider 1 Intranet R32 Intranet mask R32 Inverse masquerading R40 IP R39 IP access list 1...

Page 55: ...nd 11 Outband configuration 11 K P Package contents 5 PAP R27 password R32 Password Authentication Protocol R27 Password protection 3 21 Password required R46 PAT 22 23 31 Period of validity 33 35 Pow...

Page 56: ...R42 K T Table ARP R34 Table RIP R40 TCP R37 R41 TCP max connections R34 TCP IP 8 11 27 TCP IP networks 36 TCP aging minute s R34 Technical data 41 Teleworkers R38 Telnet 3 10 Telnet server R32 Termin...

Page 57: ...ays menus and actions along with their associated parameters default settings and input options You can access the menus when configuring via telnet or terminal programs and via SNMP also see Configur...

Page 58: ...rsion table Table firmsafe Mode firmsafe Timeout firmesafe Test firmware Firmware upload Status Connection Current time Operating time WAN statistics LAN statistics PPP statistics TCP IP statistics IP...

Page 59: ...tus of the WAN route Current time Current time in device Operating time Period of time the device has operated since it was last switched on WAN statistics Displays WAN statistics LAN statistics Displ...

Page 60: ...eful information on WAN port utilization errors that have occurred and the internal resources of the devices that are available in the current operating state The Status WAN statistics menu has the fo...

Page 61: ...tus WAN statistics Error statistics menu option provides statistics on the transmission errors that have occurred on this interface The table maintained here has the following layout Ifc CRx bytes Rx...

Page 62: ...Stack error Number of stack errors for data received Stack errors are caused when frames are received that cannot be assigned to an internal processing procedure e g IP router Tx error Number of trans...

Page 63: ...TX 100 Mbit half duplex FD100B TX 100 Mbit full duplex If Auto is set under Setup LAN then this is the connection type the two units have negotiated This corresponds to the Fast and FDpx LEDs on the...

Page 64: ...of each field PPP statistics Running status displays PPP phases Statistics relating to the status of PPP protocol negotiation for each interface LCP statistics Displays PPP LCP statistics PAP statist...

Page 65: ...acknowledge packets received Rx config reject Number of configure reject packets received for LCP Rx terminate request Number of terminate request packets received for LCP Rx terminate ack Number of...

Page 66: ...f the meanings of the parameters for these statistics Rx discarded Number of PAP packets discarded Rx request Number of PAP request packets received Rx success Number of PAP success packets received R...

Page 67: ...packets sent for IPCP Tx config ack Number of configure acknowledge packets sent for IPCP Tx config nak Number of configure negative acknowledge packets sent Tx config reject Number of configure rejec...

Page 68: ...ccepted Tx config reject Number of CCP queries rejected by the remote station for other reasons Tx terminate request Number of CCP queries sent after releasing the compression Tx terminate ack Number...

Page 69: ...in the Tx options DNS default NBNS default TCP IP statistics Statistics from the TCP IP area ARP statistics Statistics from the ARP area IP statistics Statistics from the IP area ICMP statistics Stati...

Page 70: ...IP WAN fragmentation errors Number of unfragmentable IP packets to be sent to the WAN IP WAN fragmentations Number of fragmented IP packets sent to the WAN IP WAN forced fragmentations Number of IP p...

Page 71: ...TCP connections from the WAN Delete values Deletes TCP statistics TFTP LAN rx Number of TFTP packets received from the LAN TFTP LAN rx read request Number of TFTP read requests received from the LAN...

Page 72: ...packets repeatedly sent to the WAN TFTP WAN connections Number of TFTP connections established to the WAN Delete values Deletes TFTP statistics DHCP LAN rx Number of DHCP packets received from the LAN...

Page 73: ...ame Assignment type LAN rx Number of DNS packets received by the LAN LAN tx Number of DNS packets sent on the LAN WAN rx Number of DNS packets received by the WAN WAN tx Number of DNS packets sent on...

Page 74: ...LAN network errors Number of LAN packets that were not routed IPr LAN routing errors Number of LAN packets that must be sent to another router IPr LAN ttl errors Number of LAN packets with an expired...

Page 75: ...nce Status IP router statistics RIP statistics This option allows you to display the IP RIP packets received by the device These substatistics provide you with the following entries Table RIP The asso...

Page 76: ...urrent number of active configuration connections from the LAN LAN total connections Total number of configuration connections from the LAN up until the present WAN active connections Current number o...

Page 77: ...the LANCOM DSL tx broadcast Number of broadcasts sent to the DSL interface DSL tx unicast Number of packets sent directly to the AC Connection established Display of link status of the DSL connection...

Page 78: ...mber of IP packets in the secured queue ICMP queue packets Number of ICMP packets TCP queue packets Number of TCP packets TFTP queue packets Number of TFTP packets SNMP queue packets Number of SNMP pa...

Page 79: ...detailed description of the meaning of each field Status Remote statistics This table shows the last hundred connections of the ELSA LANCOMs with information on the remote station Ifc Connection Error...

Page 80: ...out Below is a detailed description of the meaning of each field Conn start Remote ID Conn time 0T 00 20 57 BERLIN 50 0T 00 20 46 CHEMNITZ 230 Conn start Time at which the connection was established E...

Page 81: ...s the logical channel for the router Conn time Duration of the last connection on this channel Extra Additional information on the connection e g the name of the remote station for router connections...

Page 82: ...ation by PAP or CHAP In addition the device names you assign must be unique For example you might match the device names to the location e g Aachen Berlin Provider etc Setup WAN module This menu group...

Page 83: ...Name of desired service If nothing is input the LANCOM will accept every service offered Device name Auth Key Tim e Try Conf Fail Term Username AACHEN CHAP 0 5 10 5 2 ELSA Device name In the Device n...

Page 84: ...to the remote station specified does not exist there is no further response However if a remote station name is not entered all existing connections will be released Try In this column you can specify...

Page 85: ...stablished after the minutes budget has been used Minutes budget This option allows you to define the number of charge monitoring online minutes that are to be available These minutes can only be ente...

Page 86: ...as a 12 digit hexadecimal value with the first six digits 00a057 standing for an ELSA device Spare heap The spare heap blocks for the local network affect the number of buffers that are always availa...

Page 87: ...ask The network mask belonging to the IP address must be entered here The default setting is 255 255 255 0 class C network A network mask of 255 255 255 255 means that there is only one computer in th...

Page 88: ...ree digits of the sending device XXX XXX XXX YYY The device can then be reached by dialing the IP address XXX XXX XXX 254 In the event that such an address already exists in the network a different ad...

Page 89: ...ally given by the provider There are then two possible settings in the router K 0 0 0 0 is entered as the address of the DNS server All computers in the local network can then use the provider s DNS s...

Page 90: ...atically release the TCP connection on expiry of the time entered here Possible settings are from 1 to 99 minutes The default setting is 15 minutes TCP max conn The maximum number of allowable connect...

Page 91: ...K Off Masquerading is switched off K Static IP masquerading is switched on and functions with assignment of a static IP address previously assigned by the remote station In this procedure the router q...

Page 92: ...d in the first column Because it contains the IP network mask 0 0 0 0 this line is always appropriate after the rest of the table has been searched Therefore the router sends everything that it cannot...

Page 93: ...k mask of 0 0 0 0 means that the filter is applied to all networks which also means all computers K Prot Protocol that is to be filtered Possible entries are TCP UDP ICMP and all The setting all filte...

Page 94: ...others pass the router unfiltered The tables are processed from top to bottom As soon as a matching filter is found the packet is handled accordingly Proxy ARP This option allows you to activate or de...

Page 95: ...he Internet protocol K If you select Reliable all ICMP packets received are placed in the reliable queue Setup IP router module RIP configuration This option allows you to enter settings for the manag...

Page 96: ...255 0 0 yield the IP network mask 255 128 0 0 Table RIP This option allows you to display the entries in the current dynamic IP routing table An IP RIP routing table might for example have the followi...

Page 97: ...ctly to a news server that can be reached via a router with the IP address 192 38 50 100 Table masquerading With IP masquerading the IP addresses of computers in the local network are rendered invisib...

Page 98: ...used to direct the router to enter the given address in the monitor table and to send traps to it If the traps are not received within the set hold time the address will be automatically deleted from...

Page 99: ...as follows K If only the IP address or only the Intranet address is entered the start or end of the pool is determined by means of the associated network mask K If both addresses have been specified t...

Page 100: ...imum period of validity that the DHCP server assigns a host The DEFAULT value of 6000 minutes equals approximately 4 days Default lease time minute s Here you can enter the period of validity that is...

Page 101: ...ger names are not necessarily practical in a local network Filter list The filter list contains the entries for prohibited domains In addition it is possible to specify for whom a given domain will be...

Page 102: ...onfiguration options The menu has the following layout LAN config This option allows you to define whether remote configuration from the LAN side is possible On is not possible Off or is possible only...

Page 103: ...ly one access on an older ELSA LANconfig In this case obtain an updated ELSA LANconfig version over our online media Lock minutes This entry has two meanings It indicates how long the access is blocke...

Page 104: ...loaded and then operates as desired Everything is then in order However if the new firmware does not operate correctly it may not be possible to communicate with the device after the restart If an er...

Page 105: ...purposes Boot system This option allows you to reboot the device Before executing the command all open connections DSL or TCP will be released or closed Reset system This option resets all the setting...

Page 106: ...Description of the menu options ELSA LANCOM DSL 10 Office R50...

Reviews:

No comments

Related manuals for Lancom DSL/10 Office

Ubiquiti M900 Quick Start Manual preview
M900
Brand: Ubiquiti Pages: 24
JB Systems Scene Master Operation Manual preview
Scene Master
Brand: JB Systems Pages: 24
JB Systems CMX 24 User Manual preview
CMX 24
Brand: JB Systems Pages: 61
Keithley 7707 User Manual preview
7707
Brand: Keithley Pages: 59
Watchguard Firebox T20-W Quick Start Manual preview
Firebox T20-W
Brand: Watchguard Pages: 40
Olicom Ethernet MCA 10/100 Adapter Manual To Operations preview
Ethernet MCA 10/100 Adapter
Brand: Olicom Pages: 88
Ricoh Network Scanning Unit A Operating Instructions Manual preview
Network Scanning Unit A
Brand: Ricoh Pages: 206
Aztech na8300 Easy Start preview
na8300
Brand: Aztech Pages: 13
Ezviz Vault Plus Quick Start Manual preview
Vault Plus
Brand: Ezviz Pages: 38
Jatontec JT4500H Quick User Manual preview
JT4500H
Brand: Jatontec Pages: 13
Huawei CR52-LPUF-20 Specifications preview
CR52-LPUF-20
Brand: Huawei Pages: 4
Huawei CR52-RPR/STM64-XFP Specifications preview
CR52-RPR/STM64-XFP
Brand: Huawei Pages: 2
Huawei CR52-POS/STM64 Specifications preview
CR52-POS/STM64
Brand: Huawei Pages: 2
Huawei CR52-SFUD Specifications preview
CR52-SFUD
Brand: Huawei Pages: 1
Huawei CR52K-2xPOS/STM64 Specifications preview
CR52K-2xPOS/STM64
Brand: Huawei Pages: 2
Viking FXI-1 Product Manual preview
FXI-1
Brand: Viking Pages: 8
Sanyo PDG-DET100L - SXGA+ DLP Projector Specifications preview
PDG-DET100L - SXGA+ DLP Projector
Brand: Sanyo Pages: 1
Sanyo ECO-i SHA-LN16UAB Datasheet preview
ECO-i SHA-LN16UAB
Brand: Sanyo Pages: 1

Brands by name

Popular brands

Load more brands