manualshive.com logo in svg

Funkwerk Bintec R1200wu, Reference

Share
Download
Funkwerk Bintec R1200wu Reference Download Page 318

Field

Description

developed by the NSA (United States National Security Asso-
ciation). It is rated as secure, but is slower than MD5. It is
used with a 96 bit digest length for IPSec.

=,(3 

: RipeMD 160 is a 160 bit hash algorithm. It is

used as a secure replacement for MD5 and RipeMD.

+$

: Tiger 192 is a relatively new and very fast al-

gorithm.

Please note that the description of the encryption and authentic-
ation or the hash algorithms is based on the author’s knowledge
and opinion at the time of creating this User Guide. In particular,
the quality of the algorithms is subject to relative aspects and
may change due to mathematical or cryptographic develop-
ments.

DH Group

The Diffie-Hellman group defines the parameter set used as the
basis for the key calculation during phase 1. "MODP" as sup-
ported by

bintec

devices stands for "modular exponentiation".

Possible values:

 . <"

: During the Diffie-Hellman key calculation, mod-

ular exponentiation at 768 bits is used to create the encryption
material.

  <"

: During the Diffie-Hellman key calculation,

modular exponentiation at 1024 bits is used to create the en-
cryption material.

 ' <"

: During the Diffie-Hellman key calculation,

modular exponentiation at 1536 bits is used to create the en-
cryption material.

Lifetime

Create a lifetime for phase 1 keys.

As for RFC 2407, the default value is eight hours, which means
the key must be renewed once eight hours have elapsed.

The following options are available for defining the lifetime:

Input in

Seconds

: Enter the lifetime for phase 1 key in seconds.

The value can be a whole number from 0 to 2147483647. The
default value is

.

Input in

kBytes

: Enter the lifetime for phase 1 keys as amount

18 VPN

Funkwerk Enterprise Communications GmbH

292

R1xxx/R3xxx/R4xxx

Summary of Contents for Bintec R1200wu

Page 1: ...Manual R1xxx R3xxx R4xxx Reference Copyright Version 10 0 2011 Funkwerk Enterprise Communications GmbH Funkwerk Enterprise Communications GmbH Manual R1xxx R3xxx R4xxx 1...

Page 2: ...cepts no responsibility for data loss unwanted connection costs and damage caused by un intended operation of the product Trademarks funkwerk trademarks and the funkwerk logo bintec trademarks and the...

Page 3: ...ate 12 4 2 System requirements 13 4 3 Preparations 13 4 3 1 Gathering data 13 4 3 2 Configuring a PC 16 4 4 Modify system password 17 4 5 Setting up an internet connection 18 4 5 1 Internet connection...

Page 4: ...61 6 5 6 SHDSL interface 61 6 5 7 X 21 interface 63 6 6 WEEE information 65 Chapter 7 Variable switching of S0 interfaces 66 7 1 Switching the S0 interfaces from external to internal 66 Chapter 8 Acc...

Page 5: ...Passwords 103 10 2 3 Date and Time 105 10 2 4 System Licences 110 10 3 Interface Mode Bridge Groups 112 10 3 1 Interfaces 114 10 4 Administrative Access 116 10 4 1 Access 116 10 4 2 SSH 117 10 4 3 SNM...

Page 6: ...Configuration 162 11 5 SHDSL 165 11 5 1 SHDSL Configuration 165 11 6 Serial Ports 168 11 6 1 Options 168 11 7 UMTS HSDPA 171 11 7 1 UMTS HSDPA HSUPA 171 Chapter 12 LAN 175 12 1 IP Configuration 175 12...

Page 7: ...2 NAT Configuration 221 14 3 Load Balancing 225 14 3 1 Load Balancing Groups 225 14 4 QoS 227 14 4 1 QoS Filter 228 14 4 2 QoS Classification 230 14 4 3 QoS Interfaces Policies 233 14 5 Access Rules 2...

Page 8: ...warding 267 16 4 PIM 268 16 4 1 PIM Interfaces 268 16 4 2 PIM Rendezvous Points 271 16 4 3 PIM Options 272 Chapter 17 WAN 274 17 1 Internet Dialup 274 17 1 1 PPPoE 276 17 1 2 PPTP 282 17 1 3 PPPoA 286...

Page 9: ...XAUTH Profiles 347 18 1 5 IP Pools 350 18 1 6 Options 351 18 2 L2TP 354 18 2 1 Tunnel Profiles 355 18 2 2 Users 358 18 2 3 Options 364 18 3 PPTP 365 18 3 1 PPTP Tunnels 365 18 3 2 Options 372 18 3 3...

Page 10: ...0 1 2 SIP Endpoints 396 20 2 RTSP 398 20 2 1 RTSP Proxy 398 Chapter 21 Local Services 400 21 1 DNS 400 21 1 1 Global Settings 402 21 1 2 Static Hosts 405 21 1 3 Domain Forwarding 406 21 1 4 Cache 408...

Page 11: ...Trigger 432 21 7 2 Actions 438 21 7 3 Options 448 21 8 Surveillance 449 21 8 1 Hosts 449 21 8 2 Interfaces 451 21 8 3 Ping Generator 453 21 9 ISDN Theft Protection 455 21 9 1 Options 455 21 10 Funkwer...

Page 12: ...boot 489 22 3 1 System Reboot 489 Chapter 23 External Reporting 490 23 1 Syslog 490 23 1 1 Syslog Servers 490 23 2 IP Accounting 493 23 2 1 Interfaces 493 23 2 2 Options 494 23 3 E mail Alert 495 23 3...

Page 13: ...4 4 1 Statistics 512 24 5 WLAN 513 24 5 1 WLANx 513 24 5 2 VSS 515 24 5 3 WDS 518 24 5 4 Client Links 520 24 6 Bridges 522 24 6 1 br x 522 24 7 HotSpot Gateway 523 24 7 1 HotSpot Gateway 523 24 8 QoS...

Page 14: ...24 10 3 Interface Specific States 532 Glossary 535 Index 576 Table of Contents Funkwerk Enterprise Communications GmbH xii R1xxx R3xxx R4xxx...

Page 15: ...Internet send or receive e mails and set up a connection to a partner network to access data at your company head office for example Password If you are already familiar with configuring bintec devic...

Page 16: ...ces that can be reached over SNMP are located using SNMP Multicast irrespective of their current IP address A new IP ad dress and password and other parameters can also be assigned A configuration can...

Page 17: ...reset your device to the ex works state Technical data This section contains a description of all the device s technical properties Variable switching of S0 interfaces This section describes how to s...

Page 18: ...guide uses the following visual aids List of visual aids Icon Use Indicates practical information Indicates general and important points Indicates a warning of risk level Attention points out possible...

Page 19: ...s that you must enter as written bold e g Windows Start menu Indicates keys key combinations and Windows terms bold e g Licence Key Indicates fields in the Funkwerk Configuration Interface italic e g...

Page 20: ...aces may also damage your device Con nect only the ETH interface of the device to the LAN interface of the computer hub or an ISDN interface of the device if any only to the ISDN connection Note If yo...

Page 21: ...Fig 2 Connection options using the example of R3000w Funkwerk Enterprise Communications GmbH 3 Installation R1xxx R3xxx R4xxx 7...

Page 22: ...Fig 3 Connection options using the example of R43000 3 Installation Funkwerk Enterprise Communications GmbH 8 R1xxx R3xxx R4xxx...

Page 23: ...nd align the antennas 2 Place your device on a solid level base 3 LAN For the standard configuration of your device via Ethernet connect the first switch port ETH1 of your device to your LAN using the...

Page 24: ...ther Ethernet socket However configuration via the serial interface is not provided by default xDSL modem or DMZ Connect the WAN interface ETH5 DMZ of your device to an xDSL modem not sup plied via an...

Page 25: ...or additional information the Funk werk Enterprise Communications GmbH Support Centre can be reached Monday to Friday between the hours of 8 00 am and 5 pm They can be contacted as follows Email hotli...

Page 26: ...re your device in an ex works state User Name Password Note All bintec devices are delivered with the same username and password As long as the password remains unchanged they are therefore not protec...

Page 27: ...red WLAN clients Check whether the PC from which you want to perform the configuration meets the ne cessary requirements You can also install the Dime Managersoftware which provides more tools for wor...

Page 28: ...ADSL If you want to set up Internet access you need an Internet Service Provider ISP You also receive your personal access data from your ISP The terms used for the required access data may vary from...

Page 29: ...vice as an access point and therefore connect individual work sta tions e g laptops PCs with wireless card or wireless adapter by wireless connections to your local network via WLAN Wireless LAN and l...

Page 30: ...ick the Windows Start button and then Settings Control Panel Network Con nections Windows XP or Control Panel Network and Sharing Center Change Adapter Settings Windows 7 2 Click on LAN Connection 3 C...

Page 31: ...ss of your device 192 168 0 254 in a supported browser Internet Ex plorer 6 or later Mozilla Firefox 1 2 or later and entering the pre configured login in formation User Password 4 4 Modify system pas...

Page 32: ...and quickly A selection of preconfigured connections from leading pro viders T Home Arcor makes configuration even easier 1 In Funkwerk Configuration Interface select the Assistants Internet Access m...

Page 33: ...g A win dow appears with the response 2 Test Internet access by entering www funkwerk ec com in the Internet browser Funk werk Enterprise Communications GmbH s Internet site offers you the latest new...

Page 34: ...P allows several menus to be modified Depending on the configuration the path to the wireless network connection you want to configure may be different to that described above 4 7 Software Update The...

Page 35: ...our device will be updated automatically When installation of the new software is com plete you will be invited to restart the device Caution Once you have clicked on Go the update cannot be interrupt...

Page 36: ...Switch on your router for the fourth time If you do not interrupt the boot sequence this time the router starts in the factory reset state This state is indicated by the LEDs on the right block flash...

Page 37: ...nfiguration using the Funkwerk Configuration Interface menu Maintenance Software Configuration all passwords will also be reset and the current boot configuration deleted The next time the device will...

Page 38: ...t cable ISDN cable Serial connecting cable Mains unit 2 standard antennas Companion DVD Quick Install Guide printed User s Guide on DVD Release Notes if required Safety notices R1200wu Ethernet cable...

Page 39: ...ices R3800 Ethernet cable ISDN cable Serial connecting cable Mains unit DSL cable Splitter Y adapter Companion DVD Quick Install Guide printed User s Guide on DVD Release Notes if required Safety noti...

Page 40: ...1 260 g approx 1 260 g approx 1 260 g Transport weight incl documentation cables packaging approx 2 6 kg approx 2 6 kg approx 2 6 kg Memory 32 MB SDRAM 8 MB flash ROM 32 MB SDRAM 8 MB flash ROM 32 MB...

Page 41: ...38400 57600 115200 Baud ISDN WAN S0 2 Permanently installed Permanently installed Permanently installed DMZ ETH5 Additional Ethernet switch port Additional Ethernet switch port Additional Ethernet swi...

Page 42: ...r s Guide Workshops Release Notes if re quired User s Guide Workshops Release Notes if re quired General product features bintec R3000 bintec R3000w Product name bintec R3000 bintec R3000w Dimensions...

Page 43: ...1200 2400 4800 9600 19200 38400 57600 115200 Baud Permanently installed twisted pair only 10 100 mbps autosensing MDIX supports Baud rates 1200 2400 4800 9600 19200 38400 57600 115200 Baud ISDN WAN S0...

Page 44: ...equired User s Guide Workshops Release Notes if required General product features bintec R3400 bintec R3800 Product name bintec R3400 bintec R3800 Dimensions and weights Equipment dimensions without c...

Page 45: ...MA in accordance with the ATM for um Ethernet IEEE 802 3 LAN 4 port switch a port with serial inter face function Permanently installed twisted pair only 10 100 mbps autosensing MDIX supports Baud rat...

Page 46: ...required User s Guide Workshops Release Notes if required General product features bintec R4100 bintec R4300 Product name bintec R4100 bintec R4300 Dimensions and weights Equipment dimensions without...

Page 47: ...ISDN WAN S0 2 Permanently installed Permanently installed ISDN PRI 2 Permanently installed DMZ ETH5 Additional Ethernet switch port Additional Ethernet switch port X 21 interface 2 Permanently install...

Page 48: ...ed as main primary or 1 the antenna next to the power switch the other is only used to receive During reception the AP Access Point checks which antenna is receiving a better signal This is then used...

Page 49: ...ISDN 0 B D Top row on ISDN D channel is active ISDN 0 B D Bottom row on One ISDN B channel is active flashing Both ISDN B channels are active ISDN 1 B D Top row on ISDN D channel is active ISDN 1 B D...

Page 50: ...rmanently on or off Error flashing The device is active ETH 1 to 5 Top row on The device is connected to the Ethernet flashing Data traffic via the Ethernet interface ETH 1 to 5 Bottom row on Data tra...

Page 51: ...tem e g over Tel net WLAN Top row on The WLAN module is active WLAN Bottom row flashing Data traffic via the WLAN interface The LEDs on bintec R1200wu are arranged as follows Fig 7 LEDs on bintec R120...

Page 52: ...ic with 10 mbps ISDN 0 B D Top row on ISDN D channel is active ISDN 0 B D Bottom row on One ISDN B channel is active flashing Both ISDN B channels are active ISDN 1 B D Top row on ISDN D channel is ac...

Page 53: ...intec R3000 display the following status information for your device LED status display LED Status Information Power on The power supply is connected Status Permanently on or off Error flashing The de...

Page 54: ...lashing Both ISDN B channels are active ADSL Top row flashing The device synchronises with the DSLAM of the ADSL provider on The device has successfully synchronised with the DSLAM of the ADSL provide...

Page 55: ...active ETH 1 to 5 Top row on The device is connected to the Ethernet flashing Data traffic via the Ethernet interface ETH 1 to 5 Bottom row on Data traffic with 100 mbps off Data traffic with 10 mbps...

Page 56: ...a traffic via the ADSL interface synchronous flash ing ADSL Handshake asynchronous flashing ADSL system error WLAN Top row flashing Data traffic via the WLAN interface WLAN Bottom row slow flashing Th...

Page 57: ...ith 100 mbps off Data traffic with 10 mbps ISDN 0 B D Top row on ISDN D channel is active ISDN 0 B D Bottom row on One ISDN B channel is active flashing Both ISDN B channels are active MA HA Top row f...

Page 58: ...3800 In operation mode the LEDs on bintec R3800 display the following status information for your device LED status display LED Status Information Power on The power supply is connected Status Permane...

Page 59: ...5 SHDSL 2 1 Top row on The wire pair 7 8 on the SHDSL line has suc cessfully synchronized with the DSLAM of the SHDSL provider flashing Data traffic over the SHDSL wire pair 7 8 SHDSL 4 3 Top row on...

Page 60: ...to 5 Top row on The device is connected to the Ethernet flashing Data traffic via the Ethernet interface ETH 1 to 5 Bottom row on Data traffic with 100 mbps off Data traffic with 10 mbps ISDN 1 0 Top...

Page 61: ...one ISDN B channel is active PRI 1 0 Bottom row on PRI 1 ISDN D channel is active flashing PRI 1 At least one ISDN B channel is active MA HA Top row flashing BRRP packets are received MA HA Bottom ro...

Page 62: ...row on Data traffic with 100 mbps off Data traffic with 10 mbps ISDN 0 B D Top row on ISDN D channel is active ISDN 0 B D Bottom row on One ISDN B channel is active flashing Both ISDN B channels are...

Page 63: ...the connections are located on the back of the device bintec R1200 has a 4 port Ethernet switch including a port with serial interface function a DMZ ETH5 interface and two ISDN interfaces The connect...

Page 64: ...switch 2 PWR Socket for plug in power pack 3 DMZ ETH5 Ethernet interface 4 Main and AUX RSMA connection 5 ETH2 ETH4 Ethernet interface 6 ETH1 Console Ethernet interface with serial interface function...

Page 65: ...interface 8 CardBus CardBus slot for UMTS modem bintec R3000 has a 4 port Ethernet switch including a port with serial interface function a DMZ ETH5 interface two ISDN interfaces and an ADSL interfac...

Page 66: ...bintec R3000w 1 I 0 Mains switch 2 PWR Socket for plug in power pack 3 DMZ ETH5 Ethernet interface 4 Main and AUX RSMA connection 5 ETH2 ETH4 Ethernet interface 6 ETH1 Console Ethernet interface with...

Page 67: ...has a 4 port Ethernet switch including a port with serial interface function a DMZ ETH5 interface an ISDN interface and an SHDSL interface The connections are arranged as follows Fig 20 Back of binte...

Page 68: ...Socket for plug in power pack 3 DMZ ETH5 Ethernet interface 5 ETH2 ETH4 Ethernet interface 6 ETH1 Console Ethernet interface with serial interface function 7 ISDN 0 ISDN 3 ISDN interface 9 PRI 0 PRI 1...

Page 69: ...ntegrated 4 port switch ETH1 ETH4 and a sep arate Ethernet interface DMZ ETH5 The 4 port switch is used to connect individual PCs or other switches The 8 96 interface can also be used as a serial inte...

Page 70: ...nsole 6 RD Ethernet 7 GND console 8 TX console The combined serial Ethernet 10 100Base T interface does not have an Auto MDI X func tion 6 5 2 ISDN S0 port bintec R1200 R1200w R1200wu R3000 R3000w R34...

Page 71: ...cable supplied connects the RJ45 plug needed for the device to an RJ45 plug needed for the PRI connection The following pins are used for the connection Fig 25 ISDN PRI interface RJ45 socket The pin a...

Page 72: ...can insert the card even when the device is running hot pluggable If the card is not integrated automatically the system does not support this specific card Our support staff will be pleased to help...

Page 73: ...CIRDY CardBus initiator ready 21 CCBE2 Command Byte possible 2 22 CAD18 Mpx address data 18 23 CAD20 Mpx address data 20 24 CAD21 Mpx address data 21 25 CAD22 Mpx address data 22 26 CAD23 Mpx address...

Page 74: ...er supply 52 VPP2 Programming voltage 2 53 CTRDY CardBus destination ready 54 CFRAME CardBus Cycle Frame 55 CAD17 Mpx address data 17 56 CAD19 Mpx address data 19 57 CVS2 Voltage ID 2 58 CRST Reset Ca...

Page 75: ...J45 socket The pin assignment for the ADSL interface RJ45 socket is as follows RJ45 socket for ADSL connection Pin Function 1 Not used 2 Not used 3 Not used 4 Line a 5 Line b 6 Not used 7 Not used 8 N...

Page 76: ...The SHDSL interface on bintec R3800 is connected via an RJ45 connector The cable supplied connects the RJ45 connector needed for the device to an RJ45 connector needed for the SHDSL connection The fo...

Page 77: ...e mini Delta ribbon socket has the following pin assignment Pin assignment of 26 pole mini Delta ribbon socket Signal Pin no X 21 DB 15 DTE X 21 DB 15 DCE V 35 M34 DTE V 35 M34 DCE V 36 DB 37 DTE V 36...

Page 78: ...12 6 7 V U 8 17 Mode DCE A13 13 8 B 19 Mode 0 B1 14 B 19 19 DTR B B2 15 30 29 DTR A B3 16 H E 12 11 DCD B B4 17 31 31 DCD A B5 18 F F 13 13 DSR B B6 19 29 30 DSR A B7 20 E H 11 12 TxC B B8 21 W AA 23...

Page 79: ...6 6 WEEE information Funkwerk Enterprise Communications GmbH 6 Technical data R1xxx R3xxx R4xxx 65...

Page 80: ...power supply The respective link plugs must be moved to do this In addition you can switch the 100 Ohm terminators on off for each interface via additional link plugs You require terminators if you c...

Page 81: ...r interfaces BRI 1 and BRI 2 as shown in the following figure Use Interface Link plug area Position Position Internal external switching BRI 1 J1M Internal external Internal external switching BRI 2 J...

Page 82: ...u can also switch the interfaces BRI 3 and BRI 4 The link plugs are on the side of the ISDN L module Insert the link plugs for interfaces BRI 3 and BRI 4 as shown in the following figure 7 Variable sw...

Page 83: ...al external Internal external switching BRI 4 J4M Internal external Power supply for internal connection BRI 3 J3P Off On Power supply for internal connection BRI 4 J4P Off On 100 Ohm terminator BRI 3...

Page 84: ...and to access your device via Telnet or SSH Caution If you carry out the initial configuration with the Funkwerk Configuration Interface this can result in inconsistencies or malfunctions as soon as y...

Page 85: ...the login prompt appears You are now in the SNMP shell of your device 2 Continue with Logging in for Configuration on page 76 8 1 1 3 SSH In addition to the unencrypted and potentially viewable Telne...

Page 86: ...s follows 1 Leave the Flash Management shell with 2 Call the Funkwerk Configuration Interface and log on to your device see Calling the Funkwerk Configuration Interface on page 79 3 Make sure that is...

Page 87: ...the SNMP shell of your gateway 2 Continue with Logging in on page 75 Note PuTTY requires certain settings for a connection to a bintec device The support pages of http www funkwerk ec com include FAQs...

Page 88: ...has not been set up successfully Therefore check the COM1 or COM2 settings on your PC 1 Click on File Properties 2 Click Configure in the Connect to tab The following settings are necessary Bits per...

Page 89: ...an ISDN connection in parallel to a PBX the PBX cannot take any calls until an ISDN number is configured on the device Access over ISDN costs money If your device and your computer are in the LAN it...

Page 90: ...ot in plain text but only as asterisks The user names on the other hand are displayed as plain text The security concept of your device enables you to read all the other configuration settings with th...

Page 91: ...P shell To leave the SNMP shell after completing the configuration enter and press Return 8 3 Configuration options This chapter first offers an overview of the various tools you can use for configura...

Page 92: ...If required other languages can be downloaded from the download areaSoftware Configuration on page 484 of www funkwerk ec com and installed on your device To do this proceed as described in The settin...

Page 93: ...on page 6 2 Check the settings of the PC from which you want to configure your device see Con figuring a PC on page 16 3 Open a web browser 4 Enter 99 in the address field of the web browser 5 Enter...

Page 94: ...onfiguration Inter face Here you can choose the language in which you perform the configuration German and English are available View Select the desired view from the dropdown menu Stand ard and SNMP...

Page 95: ...n exit Exit without saving Navigation bar Fig 35 Save Configuration button Fig 36 Menus The Save configuration button is found in the navigation bar Funkwerk Enterprise Communications GmbH 8 Access an...

Page 96: ...ns If you click the sub menu you want the entry selected will be displayed in red All the other sub menus will be closed You can see at a glance the sub menu you are in Status page If you call the Fun...

Page 97: ...b menus for configuration of the certificate or CRL imports In the System Management Certificates Certificate List menu this button activates the sub menu for the configuration of the certificate requ...

Page 98: ...ation Interface list options Menu Function Update Interval Here you can set the interval in which the view is to be updated To do this enter a period in seconds in the input field and con firm it with...

Page 99: ...taining several pages the menu containing the basic parameters is dis played on the first page The menu contains either a list of all the configured entries or the basic settings for the function conc...

Page 100: ...ry is created Enter the correspond ing data If list input fields remain empty these are not saved when you confirm with OK Delete the entries by clicking the icon Display of options that are not avail...

Page 101: ...enus The configuration options of your device are contained in the sub menus which are dis played in the navigation bar in the left hand part of the window Note Please note that not all devices have t...

Page 102: ...ystem settings of your device such as for example system name system date system time and passwords You can also manage licences that are necessary for the use of certain functions Interface Mode Brid...

Page 103: ...ure the SHDSL interface of your device Here you enter how many change pairs are used for the SHDSL connection Serial Ports Only R4300 In this menu you can configure the serial WAN interface s for your...

Page 104: ...s In this menu accesses to data and functions are restricted Routing Protocols Menu Function RIP In this menu you configure the dynamic updating of the routing table via RIP OSPF In this menu all glob...

Page 105: ...n this menu you configure the use of L2TP Layer 2 Tunnelling Protocol PPTP In this menu you configure the an encrypted PPTP tunnel GRE This menu shows a list of all configured GRE tunnels Firewall Men...

Page 106: ...www iss net CAPI Server In this menu you configure your device as a CAPI server Scheduling In this menu you configure time dependent standard actions of your devices Surveillance In this menu you con...

Page 107: ...ting mes sages are to be generated E mail Alert Depending on the configuration in this menu e mails are sent to the administrator as soon as relevant syslog messages occur SNMP In this menu you config...

Page 108: ...ssional configuration and extended monitoring SNMP Simple Network Management Protocol is a protocol that allows access for config uring your device All configuration parameters are stored in the MIB M...

Page 109: ...state All configuration files are deleted and the BOOTmonitor settings are set to the default values 5 Default BOOTmonitor Parameters You can change the default settings of the BOOTmonitor of the devi...

Page 110: ...seconds the device changes back to normal operating mode Note If you change the baud rate the preset value is 9600 baud make sure the terminal program used also uses this baud rate If this is not the...

Page 111: ...ks First steps Internet Access VPN Wireless LAN SWYX only with active optional DSP module VoIP PBX in LAN Choose the corresponding task from the navigation bar and follow the instructions and ex plana...

Page 112: ...mation on plugged add on modules if any The last 10 system messages You can individually customise the update interval of the status page by entering the de sired period in seconds for Automatic Refre...

Page 113: ...ons SIF RTP etc Displays the total of all SIF TDRC and IP load balancing ses sions Active IPSec Tunnels Displays the number of currently active IPSec tunnels in relation to the number of configured IP...

Page 114: ...tusWAN Interfaces menu Field Value Description Connec tion Information Link The WAN interfaces are listed here and their most important settings are shown The system also displays whether the inter fa...

Page 115: ...he default value is You can display the stored messages in Monitoring Internal Log Maximum Message Level of Syslog Entries Select the priority of system messages above which a log should be created Sy...

Page 116: ...ername and password As long as the password remains unchanged they are not protected against unauthorised use Make sure you change the passwords to prevent unauthorised access to the device If the pas...

Page 117: ...em messages ac counting or IPSec certificates You have the following options for determining the system time local time ISDN Manual The system time is updated via ISDN i e the date and time are taken...

Page 118: ...he time is defined on the device the values ob tained in this way automatically have higher priority A manually entered system time is therefore overwritten The menu System Management Global Settings...

Page 119: ...n is activated with The function is disabled by default First Timeserver Enter the primary time server by using either a domain name or an IP address In addition select the protocol for the time serve...

Page 120: ...6 This server uses the time service with TCP port 37 3 This time server is not currently used for the time request Time Update Interval Enter the time interval in minutes at which the time is automat...

Page 121: ...ences already available in the device s ex works state Free extra licences Extra licences at additional cost The data sheet for your device tells you which licences are available in the device s ex wo...

Page 122: ...es button standard licences 10 2 4 1 Edit or New Choose the icon to edit existing entries Choose the New button to add licences Activating extra licences You activate extra licences by adding the rece...

Page 123: ...ce s interfaces Routing versus bridging Bridging connects networks of the same type In contrast to routing bridges operate at lay er 2 of the OSI model data link layer are independent of higher level...

Page 124: ...is made up of the following parts a Abbreviation for interface type b Number of the wireless module c Number of the interface Example first wireless network on the first wireless module The name of t...

Page 125: ...en selecting the option for Mode Bridge Group a bridge group i e etc is automatically created and the interface operated in bridging mode The System Management Interface Mode Bridge Groups Interfaces...

Page 126: ...ccess for additional interfaces The System Management Administrative Access Access Addmenu consists of the following fields Fields in the Access menu Field Description Interface Select the interface f...

Page 127: ...e The function is activated by selecting The function is enabled by default Compression Select whether data compression should be used The function is activated by selecting The function is disabled b...

Page 128: ...tions 3 81 3 By default 3 81 and 3 are enabled Fields in the SSHKey Status menu Field Value RSA Key Status Shows the status of the RSA key If an RSA key has not been generated yet is displayed in red...

Page 129: ...etwork protocol used to monitor and control network elements e g routers servers switches printers computers etc from a central station SNMP controls communication between the monitored devices and mo...

Page 130: ...f possible use this version as older versions transfer all data unencrypted 10 5 Remote Authentication This menu contains the settings for user authentication 10 5 1 RADIUS RADIUS Remote Authenticatio...

Page 131: ...US server and your device client Packet types Field Value ACCESS_REQUEST Client Server If an access request is received by your device a request is sent to the RADIUS server if no corresponding connec...

Page 132: ...what the RADIUS server is to be used for Possible values 1 standard value for PPP connections only The RADIUS server is used for controlling access to a network 1 for PPP connections only The RADIUS s...

Page 133: ...the highest priority is used first If this server does not an swer the server with the next highest priority is used Possible values from highest priority to lowest priority The default value is See a...

Page 134: ...s and 1813 for accounting 4 180 84 cm older RFCs You can obtain the port to be used from the docu mentation for your RADIUS server The default value is Server Timeout Enter the maximum wait time betwe...

Page 135: ...pe 1 and 1 Select whether your device receives requests from RADIUS server dialout routes This enables temporary interfaces to be configured automatically and your device can initiate outgoing connect...

Page 136: ...e the icon to edit existing entries Choose the New button to add TACACS serv ers The System Management Remote Authentication TACACS New menu includes the following fields Fields in the TACACS Basic Pa...

Page 137: ...sible values default value The TACACS serv ers are queried in order of their priority see Priority until a positive response is received or a negative response is re ceived from an authoritative serve...

Page 138: ...commended as a default setting and should only be used for debugging 10 5 3 Options This setting possible here causes your device to carry out authentication negotiation for in coming calls if it cann...

Page 139: ...the signature on the passport is authentic As there is more than one certificate issuer e g the passport office for a passport and as such certificates can be issued by several different issuers and i...

Page 140: ...i ficate Mark the certificate as a certificate from a trustworthy certifica tion authority CA Certificates issued by this CA are accepted during authentica tion The function is enabled with The functi...

Page 141: ...the two values 10 6 1 2 Certificate Request Registration authority certificates in SCEP If SCEP Simple Certificate Enrollment Protocol is used your device also supports separ ate registration authorit...

Page 142: ...Protocol Generate Private Key Only for Mode Select an algorithm for key creation 1 standard value and 3 1 are available Also select the length of the key to be created Possible values Please note that...

Page 143: ...is not checked name of an existing certificate If all the necessary certific ates are already available in the system you select these manually RA Sign Certificate Only for Mode 6 Only for CA Certific...

Page 144: ...function is disabled by default Summary Only for Custom enabled Enter a subject name with attributes not offered in the list Example CN VPNServer DC mydomain DC com c DE Common Name Only for Custom d...

Page 145: ...ered 3 A registered identity RID is entered Field in the Advanced SettingsOptions menu Field Description Autosave Mode Select whether your device automatically stores the various steps of the enrolmen...

Page 146: ...o obtain certificates for your keys Enter the password here 10 6 2 CRLs In the System Management Certificates CRLs menu a list of all CRLs Certification Revocation List is displayed If a key is no lon...

Page 147: ...nloading the CRL in auto mode fails try with a certain type of encoding Password Enter the password to be used for the import 10 6 3 Certificate Servers A list of all certificate servers is displayed...

Page 148: ...on Description Enter a unique description for the certificate server LDAP URL Path Enter the LDAP URL or the HTTP URL of the server 10 System Management Funkwerk Enterprise Communications GmbH 122 R1x...

Page 149: ...ateway also supports connections for analogue and GSM modems e g as backup In principle you can use any Hayes or GSM07 07 compatible modem with a serial interface for this purpose The following mo dem...

Page 150: ...call is assigned to the ISDN Login subsys tem 3 default value The call is assigned to the PPP subsystem SIM Card Uses PIN Only for AUX Port Status enabled Here you enter the PIN of your GSM modem if y...

Page 151: ...or an incorrect APN is entered a configured GPRS connection will not function 11 2 Ethernet Ports An Ethernet interface is a physical interface for connection to the local network or external network...

Page 152: ...un the switch ports as one interface or to logically separ ate these from each other and to configure them as independent Ethernet interfaces During configuration please note the following The splitti...

Page 153: ...interface Configured Speed Mode Select the mode in which the interface is to run Possible values 7 1 default value 1 1 1 9 7 3 1 9 8 3 1 9 7 3 1 9 8 3 7 9 7 3 7 9 7 3 7 9 8 3 7 9 7 3 7 9 8 3 The inte...

Page 154: ...ually under Port Usage and ISDN Configuration Type The automatic D channel detection is then switched off An incorrectly set ISDN protocol prevents ISDN connections being set up In the Physical Interf...

Page 155: ...t Usage and the ISDN Configuration Type is dis played Possible values All possible values for the Port Usage and the ISDN Config uration Type Detection is still running Port Usage Only if Autoconfigur...

Page 156: ...wing fields Fields in the Advanced Settings menu Field Description X 31 X 25 in D Chan nel Select whether you want to use X 31 X 25 in the D channel e g for CAPI applications The function is enabled w...

Page 157: ...itted in series in so called time slots Choose the button to edit the configuration of the ISDN port The Physical Interfaces ISDN Ports ISDN Configuration menu consists of the following fields Fields...

Page 158: ...c number is removed from the called number Called Party Number With outgoing calls this basic number is attached to the call number to be called Calling Party Number Channel Selection Only if Port Usa...

Page 159: ...synchronization between the sender and the recipient If the clock signal is not sent by the exchange itself one of the con nection partners must sent the signal Possible values The device receives the...

Page 160: ...tion is only available for leased lines Fields in the ISDN ConfigurationNew Bundle menu Field Description Description Enter the name of the channel bundle Bundle Type Displays the type of channel bund...

Page 161: ...service is your device s general routing service This enables ISDN remote terminals to establish data connections with your LAN among oth er things This enables partners outside your own local networ...

Page 162: ...call is accepted by the ISDN Login service To avoid this you should make the necessary entries here As soon as an entry exists the incoming calls not assigned to any entry are forwarded to the CAPI se...

Page 163: ...ice is con nected to a point to point connection Bearer Service Select the type of incoming call service detection Possible values 3 default value Both data and voice calls 3 data call Voice call mode...

Page 164: ...classic G DMT ITU G 992 1 Splitterless ADSL ITU G 992 2 13 4 G DMT Bis ITU G 992 3 13 4 3 4 ADSL2 Double Ended Line Test 13 4 ADSL2 Plus ITU G 992 5 13 4 3 4 ADSL2 Plus Double Ended Line Test 13 4 Re...

Page 165: ...e remote terminal 13 4 ADSL1 G DMT is used 13 4 ADSL2 G 992 3 is used 13 4 ADSL2 Plus G 992 5 is used The ADSL interface is not active Only for ADSL Mode 1 1 1 1 The ADSL mode is automatically adapted...

Page 166: ...uration the gateway transmits the data over a pair of wires at up to 5696 kbps over two pairs of wires at up to 11392 kbps over three pairs of wires at up to 17088 kbps or over four pairs of wires at...

Page 167: ...ecommendation G 991 2 is used for the connection Possible values 1 1 For applications in North America provider dependent for example 1 default value For applications in Europe provider dependent for...

Page 168: ...to 17088 kbps Eight wires are used with m pair bonding for a clock rate of 768 kbps to 22784 kbps 1 Eight wires are used with IMA for a clock rate of 768 kbps to 22784 kbps Additional Wire Pairs Only...

Page 169: ...serial port The menu Physical InterfacesSerial PortsOptions consists of the following fields Fields in the OptionsSerial Parameters menu Field Description Interface Displays the name of the serial in...

Page 170: ...critical lines 25 pole sub D plug V 11 on critical lines V 10 on uncritical lines incl DTR and DSR 25 pole sub D plug Connector Type Define the connector type of the port used When you select in the D...

Page 171: ...ion is checked on the signal line I for X 21 CTS for V 35 The check correspondingly affects the variable L1State If the func tion is enabled the layer 1 signalling of the remote terminal is not checke...

Page 172: ...der Network Quality Only for UMTS HSDPA HSUPA Status Displays the current quality of the UMTS connection The value cannot be changed Preferred Network Type Select which network type should preferably...

Page 173: ...d there oc curs a switch to the UMTS network provided that UMTS is currently available Incoming Service Type Only for UMTS HSDPA HSUPA Status Here you select the gateway subsystem to which an incoming...

Page 174: ...UMTS HSDPA HSUPA Status If GPRS UMTS is to be used you must enter the so called Ac cess Point Name here that you receive from your provider A maximum of 80 characters can be entered If no APN or an in...

Page 175: ...utton to create virtual interfaces However this is only needed in special applications e g BRRP Depending on the option selected different fields and options are available All the config uration optio...

Page 176: ...igned a static IP address in IP Address Netmask 386 An IP address is assigned to the interface dynamically via DHCP IP Address Netmask Only for Address Mode With Add add a new address entry enter the...

Page 177: ...s in the Advanced Settings menu Field Description DHCP MAC Address Only for Address Mode 386 If Use built in is activated default setting the hardware MAC address of the Ethernet interface is used In...

Page 178: ...tivated by selecting The function is disabled by default Once enabled the default value is entered in the input field 12 2 VLAN By implementing VLAN segmentation in accordance with 802 1Q you can conf...

Page 179: ...N Identifier Enter the number that identifies the VLAN In the menu you can no longer change this value Possible values are to VLAN Name Enter a unique name for the VLAN A character string of up to 32...

Page 180: ...d all tagged frames that are tagged with a VLAN ID to which the selected port does not belong are dis carded 12 2 3 Administration In this menu you make general settings for a VLAN The options must be...

Page 181: ...4 GHz which ensures that parts of the building are penetrated as effect ively as possible with a low transmission power that poses no health risks A 802 11g compatible standard is 802 11b which opera...

Page 182: ...dule of your device is to operate Possible values default value The radio module is switched off 1 Your device is used as an access point in your network 1 6 Your device serves as an Access Client in...

Page 183: ...1a h outside buildings 8G Your device runs in 5 GHz Mode 802 11a h inside or outside buildings For Operation Mode 1 Possible values 8G Your device runs in 2 4 Mode 802 11b and Mode 802 11g or 5 GHz Mo...

Page 184: ...ly separated from each other but they can still physically interfere with each other if they are operating on the same or closely adjacent wireless channels So if you are operating two or more radio n...

Page 185: ...antenna sends and receives If the function is activated two antennas receive and the better signal is evaluated The function is enabled with The function is activated by default Transmit Power Select...

Page 186: ...by all clients basic rates This mode is also needed for Centrino clients if connection problems occur 9 Your device adapts to the client technology and operates according to either 802 11b or 802 11g...

Page 187: ...hat use Conexant radio cards The gain in transmission speed depends to a large extent on the type of transmitted data 7 6 If this function is activated several small data packets are combined to form...

Page 188: ...receive the data Possible values are to The default value is RTS Threshold Select how the RTS CTS mechanism is to be switched on off If you choose 5 you can specify in the input field the data packet...

Page 189: ...of radio interference Possible values are to The default value is bytes ED Threshold Define the Energy Detection threshold for CCA Clear Channel Assessment Possible values are to The default value is...

Page 190: ...scanned If the function is disabled you can define the required channels under Selected Channels Selected Channels Only for Scan channels disabled Define the channels which the WLAN client automatica...

Page 191: ...ckground The value enables the scan of all avail able frequencies Min Period Active Scan Indicates the minimum time in milliseconds a frequency is act ively scanned The value can only be modified for...

Page 192: ...packet is dis carded Possible values are to The default value is Long Retry Limit Enter the maximum number of send attempts for a data packet that is longer than the value defined in RTS Threshold Af...

Page 193: ...ttempts are made The data packet is discarded Possible values are to The default value is msec 13 1 2 Virtual Service Sets If you re operating your device in Access Point mode Wireless LAN WLAN Radio...

Page 194: ...rivate users should choose WEP or preferably WPA PSK with higher security as their security mode WEP 802 11 defines the security standard WEP Wired Equivalent Privacy encryption of data with 40 bit Se...

Page 195: ...ew menu where necessary Change the access passwords for your device Change the default SSID Network Name SSID 7 of your access point Set Visible This will exclude all WLAN clients that attempt to esta...

Page 196: ...ing It is visible by default Intra cell Repeating Select whether communication between the WLAN clients is to be permitted within a radio cell The function is activated by selecting The function is en...

Page 197: ...the specifications of the respective WLAN module This number can be shared across all con figured wireless networks If the maximum number of clients is reached no more new wireless networks can be cre...

Page 198: ...be used 0 1 Only WPA is used 0 1 Only WPA2 is used WPA Cipher Only for Security Mode 0 1 2 and 0 1 and for WPA Mode 0 1 and 0 1 0 1 Select the type of encryption you want to apply to WPA Possible valu...

Page 199: ...connect over the existing network connection with your device The function is activated by selecting The function is enabled by default Fields in the MAC Filter menu Field Description ACL Mode Select...

Page 200: ...the available security methods WEP40 or WEP104 to protect data on WDS links WDS links are configured as interfaces with the prefix They behave like VSS interface and only differ from these with respe...

Page 201: ...default key 0 1 Data traffic on this WDS link is encrypted with WPA Enter the key for this WDS link in Preshared Key 0 1 Data traffic on this WDS link is encrypted with WPA Enter the key for this WDS...

Page 202: ...e 1 6 you can edit or create the existing client links in menu Wireless LAN WLAN Client Link The client mode can be operated in infrastructure mode or in ad hoc mode In a network in infrastructure mod...

Page 203: ...Mode WPA Preshared Keys Transmit Key Only for Security Mode 0 0 Select one of the keys configured in WEP Key 1 4 as a stand ard key The default value is 2 WEP Key 1 4 Only for Security Mode 0 0 Enter...

Page 204: ...oral Key Integrity Protocol 1 Advanced Encryption Standard Both encryption methods are rated as secure with AES offering better performance 13 1 4 2 Client Link Scan After the desired Client Link have...

Page 205: ...curity mode encryption and authentication for the wireless network Signal Displays the signal strength of the detected client link in dBm Connected Displays the status of the link on your client Actio...

Page 206: ...of channels available for selection Channel in the Wireless LAN WLAN Radio Settingsmenu changes de pending on the country setting The default value is 13 Wireless LAN Funkwerk Enterprise Communication...

Page 207: ...active at any one time If you enter several default routes you should thus note differing values for Metric 14 1 1 IP Routes A list of all configured routes is displayed in the Networking Routes IP R...

Page 208: ...additionally enter the corresponding netmask in the second field If no entry is made your device uses a default netmask Interface If necessary enter the interface to be used for this route Network Typ...

Page 209: ...ata packets are to reach the device The default value is New Source IP Ad dress Netmask Enter the IP address and netmask of the source host or source network Layer 4 Protocol Select a protocol Possibl...

Page 210: ...y of privileged port numbers 0 1023 Entry of server port numbers 5000 32767 6 Entry of client port numbers 1024 4999 6 Entry of client port numbers 32768 65535 Entry of unprivileged port numbers 1024...

Page 211: ...d when the interface is up 1 The route can be used when the interface is up If the interface is dormant then dial and wait until the interface is up In this case an alternative interface with a poorer...

Page 212: ...face Only for Mode Displays the name of the interface Back Route Verify Only for Mode Select whether is to be activated for the interface The function is enabled with By default the function is deacti...

Page 213: ...Field Description NAT active Select whether NAT is to be activated for the interface The function is disabled by default Silent Deny Select whether IP packets are to be silently denied by NAT If this...

Page 214: ...figured Possible values 1 default value NAT is configured for all interfaces A B Select one of the interfaces from the list Type of traffic Select the type of data traffic for which NAT is to be confi...

Page 215: ...ly valid source port are administratively set Inbound only response packets within the existing connection are allowed In the NAT Configuration Specify original traffic menu you can configure for whic...

Page 216: ...value 18 6 8 6 C 2 4 7 5 3 2 6 4 53 C 3 Source IP Address Netmask Enter the source IP address and corresponding netmask of the original data packets as the case arises 14 Networking Funkwerk Enterpris...

Page 217: ...lues menu you can define depending on whether you re dealing with inbound or outbound data traffic new addresses and ports to which specific addresses and ports from the NAT Configuration Specify orig...

Page 218: ...a traffic within a particular group of interfaces accord ing to the following principles In contrast to Multilink PPP based solutions load balancing also functions with accounts with different provide...

Page 219: ...ned to one of the group interfaces according to the share of the total data rate handled by the interfaces The current data rate based on the data traffic is decisive in both the send and receive dire...

Page 220: ...ution Ratio is based on the number of distrib uted sessions For 4 the data rate is the de cisive factor 14 4 QoS QoS Quality of Service makes it possible to distribute the available bandwidths effecti...

Page 221: ...H The default value is 5 Protocol Select a protocol The option default value matches any protocol Type Only for Protocol Select the type Possible values 1 3 F See RFC 792 The default value is 1 Connec...

Page 222: ...nter a source port number or a range of source port numbers Possible values 1 default value The destination port is not specified Enter a destination port Enter a destination port range DSCP TOS Filte...

Page 223: ...packets based on pre defined IP filters Each class plan is associated to at least one interface via its first filter 14 4 2 1 New Choose the New button to create additional data classes The Networking...

Page 224: ...ecified below High Priority Class Enable or disable the high priority class If the high priority class is active the data packets are associated with the class with the highest priority and priority 0...

Page 225: ...ID they have been assigned to Possible values are whole numbers between and The default value is Interfaces Only for Class map When creating a new class plan select the interfaces to which you want t...

Page 226: ...ccording to which the queues are to be processed This activates and deactivates QoS on the selected interface Possible values D QoS is activated on the interface The available bandwidth is distributed...

Page 227: ...am when calculating the bandwidth Possible values 5 value in bytes possible values are to default value Only for Ethernet interfaces 41 41 Only for IPSec interfaces 41 41 Real Time Jitter Con trol Onl...

Page 228: ...ol instances ALG or MGW 1 Real Time Jitter Control is always active even if no real time data is routed Queues Policies Configure the desired QoS queues For each class created from the class plan whic...

Page 229: ...for Priorisation algorithm 0 or 0 7 D Choose the priority of the queue Possible values are to The default value is RTT Mode Realtime Traffic Mode Active or deactivate the real time transmission of the...

Page 230: ...ivated the bandwidth limit set for this queue can be exceeded as long as free bandwidth exists on the interface If Overbooking allowed is deactivated the queue can never occupy bandwidth beyond the ba...

Page 231: ...s are dropped Packets are dropped according to the level of the queue This procedure ensures a smaller long term queue size for TCP based data traffic so that traffic bursts can also usually be transm...

Page 232: ...ains They act on the incoming data packets to allow or deny access to the gateway for certain data A filter describes a certain part of the IP data traffic based on the source and or destination IP ad...

Page 233: ...or example the IP addresses the protocol the source port or the des tination port A list of all access filters is displayed in the Networking Access Rules Access Filter menu 14 5 1 1 Edit or New Choos...

Page 234: ...You can define a filter that takes the status of the TCP connec tions into account Possible values 1 default value All TCP packets match the filter All TCP packets that would not open any new TCP con...

Page 235: ...e data packets Source Port Range Only if Protocol Enter the source port number or range of source port numbers Possible values 1 default value The route is valid for all port numbers Enables the entry...

Page 236: ...etween and The default value is 14 5 2 Rule Chains Rules for IP filters are configured in the access list menu These can be created separately or incorporated in rule chains In the Networking Access R...

Page 237: ...et if it does not match the filter 3 Deny packet if it matches the filter 3 Deny packet if it does not match the filter Use next rule To set the rules of a rule chain in a different order in the list...

Page 238: ...hain Select a rule chain Silent Deny Define whether the sender is to be informed if an IP packet is denied The function is enabled with The function is activated by default Reporting Method Define whe...

Page 239: ...rter paths for existing routes to be saved in the routing table As routes between networks can become unreachable RIP removes routes that are older than 5 minutes i e routes not verified in the last 3...

Page 240: ...RIP packets over the interface in receive direction Possible values default value RIP is not enabled Enables sending and receiving of version 1 RIP packets Enables sending and receiving of version 2 R...

Page 241: ...other routes You reach this via a filter for IP Address Netmask no entry this corresponds to IP address 0 0 0 0 with netmask 0 0 0 0 To make sure this filter is used last it must be placed at the lowe...

Page 242: ...the value to be added to the route metric if the status of the interface is up During export the value is added to the ex ported metric if the interface status is up Possible values are to The default...

Page 243: ...e routes with the metric Next Hop Count 16 Network is not reachable The function is enabled with The function is disabled by default RFC 2453 Variable Timer For the timers described in RFC 2453 select...

Page 244: ...ed After this timeout the invalid route is deleted from the IPROUTETABLE if no update is carried out for the route The default value is seconds Fields in the RIP OptionsTimer for Triggered RIP RFC 209...

Page 245: ...em AS The Link State Updates are exchanged between the gateways by flooding Each change of routing information is passed to all gateways in the network OSPF areas are defined to limit the number of Li...

Page 246: ...ain areas can be defined as stub areas in OSPF This prevents external networks e g those propagated from other protocols by redistribution in OSPF being propagated into the stub area Externally routin...

Page 247: ...ther only propagate a default route The function is enabled with The function is not activated by default Fields in the AreasRoute Aggregation menu Field Description IP Address Define the OSPF area IP...

Page 248: ...is not yet activated only the Admin Status field is shown in this case changes are irrelevant Possible values 1 OSPF is activated for this interface i e routes are propagated or OSPF protocol packets...

Page 249: ...tion Type Select the type of authentication used if OSPF packets are sent over this OSPF interface or incoming packets checked Defines how the key in the Authentication Key field is used The default v...

Page 250: ...ces The function is disabled by default Propagate routes bound on discard re fuse interface The logical interfaces REFUSE and IGNORE have the following meaning REFUSE means if a route exists on this t...

Page 251: ...con ferences All subscribers are displayed in a window and the speaker s are indicated by a black box Other areas of use are of particular interest to companies Here multicasting makes it possible to...

Page 252: ...al senders with different IP addresses can therefore transmit to the same multicast group leading to a 1 to n rela tionship between groups and source addresses This information is forwarded to the rou...

Page 253: ...aken into consideration At the moment there are three versions of IGMP V1 V3 most current sys tems use V3 and less often V2 Two packet types play a central role in IGMP queries and reports Queries are...

Page 254: ...h several hosts improving per formance Possible values are to The default value is Robustness Select the multiplier for controlling the timer values A higher value can e g compensate for packet loss i...

Page 255: ...PGM Proxy interface The menu Advanced Settings consists of the following fields Fields in the Advanced Settings menu Field Description IGMP Proxy Select whether your device is to forward the hosts IGM...

Page 256: ...n 3 is used Maximum Groups Enter the maximum number of groups to be permitted both in ternally and in reports Maximum Sources Enter the maximum number of sources that are specified in ver sion 3 repor...

Page 257: ...to a defined Destination Interface Source Interface Select the interface on your device to which the selected multic ast group is sent Destination Interface Select the interface on your device to whic...

Page 258: ...kets This parameter allows you to use an interface for IG MP for example whilst preventing fake PIM messages If this function is deactivated default value the PIM data pack ets for this interface are...

Page 259: ...ute is available As soon as the Hello Hold Time has expired and no other Hello messages have been received the PIM router will be classed as unavail able Possible values to seconds The default value i...

Page 260: ...default value is Override Interval Define the value that the gateway enters in the Over ride_Interval field for the LAN Prune Delay option Override Interval defines the maximum time a downstream rout...

Page 261: ...vous points Precedence Enter the value for pimGroupMappingPrecedence to be used for static RP configurations This allows precise control over which configuration is to be replaced by this static confi...

Page 262: ...gister Suppression Timer Enter the time in seconds after which a PIM Designated Router DR should no longer send any register encapsulated data to the Rendezvouz Point RP once the Register Stop Message...

Page 263: ...access you must set up a connection to your Internet Service Provider ISP For broadband Internet access your device provides the PPP over Ethernet PPPoE PPP over PPTP and PPP over ATM PPPoA protocols...

Page 264: ...itly defined and admitted Connection Idle Timeout The connection idle timeout is determined in order to clear the connection automatically if it is not being used i e if data is no longer being sent t...

Page 265: ...bundling for dialup connections Channel bundling can only be used for ISDN connections for a bandwidth increase or as a backup Only one B channel is initially opened when a connection is set up Dynami...

Page 266: ...moment many providers are still in the process of preparing the PPPoE Multilink function For PPPoE Multilink we recommend using your device s Ether net switch in Split Port mode and to use a separate...

Page 267: ...f Always on is disabled Enter the idle time in seconds for static short hold The static short hold setting determines how many seconds should pass between sending the last traffic data packet and clea...

Page 268: ...partner Add new entries with Add 1 IP address of the destination host or network Netmask for Remote IP Address If no entry is made your device uses a default netmask The lower the value the higher the...

Page 269: ...connection partner MSCHAP version 1 or 2 possible 681 Run MS CHAP version 2 only Some providers use no authentication In this case se lect this option DNS Negotiation Select whether your device receiv...

Page 270: ...isplayed In this menu you configure an Internet connection that uses the Point Tunnelling Protocol PPTP to set up a connection e g required in Austria 17 1 2 1 New Choose the New button to set up new...

Page 271: ...is disabled Enter the idle interval in seconds This determines how many seconds should pass between sending the last traffic data pack et and clearing the connection Possible values are to seconds de...

Page 272: ...ddress Mode Define other routing entries for this PPTP partner Add new entries with Add 1 IP address of the destination host or network Netmask for Remote IP Address If no entry is made your device us...

Page 273: ...ocol 1 9681 9 681 Primarily run CHAP on denial then the authentication protocol required by the connection partner MSCHAP version 1 or 2 possible 681 Run MS CHAP version 2 only Some providers use no a...

Page 274: ...n the event of line faults The function is enabled with The function is disabled by default 17 1 3 PPPoA In the WAN Internet Dialup PPPoA menu a list of all PPPoA interfaces is displayed In this menu...

Page 275: ...function is disabled by default Only activate this option if you have Internet access with a flat rate charge Connection Idle Timeout Only if Always on is disabled Enter the idle time in seconds for...

Page 276: ...u received from your provider Route Entries Only if IP Address Mode Define other routing entries for this connection partner Add new entries with Add 1 IP address of the destination host or network Ne...

Page 277: ...version 1 PPP Microsoft Challenge Handshake Authentication Protocol 1 9681 9 681 Primarily run CHAP on denial then the authentication protocol required by the connection partner MSCHAP version 1 or 2...

Page 278: ...se of the ISDN Callback function 17 1 4 1 New Choose the Newbutton to set up new ISDN interfaces The menu WAN Internet Dialup ISDN New consists of the following fields Fields in the ISDNBasic Paramete...

Page 279: ...hold The static short hold setting determines how many seconds should pass between sending the last traffic data packet and clearing the connection Possible values are to seconds A value of means that...

Page 280: ...the ISDN interface which is to be used as your device s internal source address Route Entries Only if IP Address Mode Define other routing entries for this connection partner 1 IP address of the desti...

Page 281: ...s multi user connection partner i e several clients dial in with the same user name and password Authentication Select the authentication protocol for this PPTP partner Possible values 1 default value...

Page 282: ...one of the following options Your device calls the connection partner to request a callback 0 6 Your device calls the connection partner to request a callback via CBCP Callback Control Protocol Neede...

Page 283: ...ports dynamic and static channel bundling for dialup connections Only one B channel is initially opened when a connection is set up Dynamic channel bundling means that your device connects other ISDN...

Page 284: ...and or OSPF protocol packets are sent Possible values default value OSPF is not activated for this inter face i e no routes are propagated or OSPF protocol packets sent over this interface Networks r...

Page 285: ...nu a list of all AUX interfaces is displayed You can define various settings for communication between the gateway and modem in this menu You require a special cable for the console port of your gatew...

Page 286: ...tion IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically or whether it should be assigned this dynamically at the remote...

Page 287: ...1 Select IP pools configured in the WAN Internet Dialup IP Pools menu If an IP pool has not been configured here yet the message appears in this field The menu Advanced Settings consists of the follo...

Page 288: ...Handshake Authentic ation Protocol as per RFC 1994 the password is transferred encrypted 1 9681 Primarily run CHAP otherwise PAP 681 Only run MS CHAP version 1 PPP Microsoft Challenge Handshake Authe...

Page 289: ...of the following options 64 3 Your device calls back im mediately when requested to do so by the connection part ner 0 Your device calls back after a period of time proposed by the Microsoft client N...

Page 290: ...ncoming and outgoing calls For incoming calls where your connection part ner dials in to your device For outgoing calls if you wish to dial in to your connection partner The calling party number of th...

Page 291: ...t route is entered in the routing table for this caller If not your device can allocate an IP address from an address pool if available If address pools have more than one IP ad dress you cannot speci...

Page 292: ...ss is made up of the Virtual Path Identifier VPI and the Virtual Connection Identifier VCI this identifies the virtual connection Various types of traffic flows are transported over ATM To take accoun...

Page 293: ...rovider 5 Enter the desired description for the connection Type Only for Provider 5 Select the protocol for the ATM connection Possible values 1 default value Ethernet over ATM EthoA is used for the A...

Page 294: ...6 76 Default value for Ethernet over ATM Is only displayed for Type 1 Bridged Ethernet with LLC SNAP encapsulation without Frame Check Sequence checksums 446 76 Is only displayed for Type 1 Bridged Et...

Page 295: ...P Address and the corresponding netmasks Netmask of the ATM interfaces Add new entries with Add MAC Address Enter a MAC address for the internal router interface of ATM connection e g An entry is only...

Page 296: ...ad This function can be specially applied for asymmetrical bandwidths ADSL The function is enabled with The function is disabled by default Field in the PPP over ATM Settings menu appears only for Typ...

Page 297: ...e already configured ATM connection displayed by the combination of VPI and VCI for which the service category is to be defined ATM Service Category Select how the data traffic of the ATM connection i...

Page 298: ...riority based on the utilisation of the destination network i e is discarded if ne cessary Peak Cell Rate PCR is the maximum possible data rate This category is suitable for critical applications with...

Page 299: ...ion Loopback Tests and OAM Continuity Check OAM CC These can be configured independently of each other Caution The configuration of OAM requires extensive knowledge of ATM technology and the way the b...

Page 300: ...C The function is enabled with The function is disabled by default End to End Send Inter val Only if Loopback End to End is enabled Enter the time in seconds after which a loopback cell is to be sent...

Page 301: ...ption Continuity Check CC End to End Select whether you activate the OAM CC test for the connection between the endpoints of the VCC or VPC Possible values default value OAM CC requests are responded...

Page 302: ...ation Depending on the setting in the Direction field OAM CC requests are either sent and or responded to There is no CC negotiation The function is disabled Also select whether the test cells of the...

Page 303: ...cesIP Mode and Routes menu Field Description Default Route Select whether the route to this connection partner is to be defined as the default route The function is enabled with The function is disabl...

Page 304: ...s menu Field Description OSPF Mode Specify whether OSPF protocol packets are sent over the inter face Possible values default value OSPF is not activated for this inter face i e no OSPF protocol packe...

Page 305: ...low noticeable delays in voice transmission can occur when other packets are routed at the same time The real time jitter control function solves this problem So that the line is not blocked for too...

Page 306: ...ffic and optimises the voice transmis sion 1 All RTP streams are optimised Voice data transmission is not optimised 1 Voice data transmission is always optimised Maximum Upload Speed Enter the maximum...

Page 307: ...nsecure medium such as the Internet The devices used function here as the endpoints of the VPN tunnel IPSec involves a num ber of Internet Engineering Task Force IETF standards which specify mechanism...

Page 308: ...etting up a tunnel immediately after saving the configuration 3 The peer is initially not available after the configuration has been saved Description Enter a description of the peer that identifies i...

Page 309: ...ent Pool IP Assignment Pool Only if IP Address Assignment 2 6 Select an IP pool configured in the VPN IP Pools menu If an IP pool has not been configured here yet the message appears in this field Def...

Page 310: ...profile which contains the proposals for Phase 1 3DES MD5 AES MD5 and Blowfish MD5 regardless of the proposal selection in menu Phase 1 Profiles A B Uses a profile configured in menu Phase 1 Profiles...

Page 311: ...values 3 default value The peer is switched to the active state by a trigger 1 The peer is always active Fields in the Advanced SettingsAdvanced IP Options menu Field Description Back Route Verify Sel...

Page 312: ...itiate setting up a tunnel To set up this service a call number for the IPSec callback must first be set up on the passive side in the Physical Interfaces ISDN Ports MSN Configuration New menu The val...

Page 313: ...ess over ISDN This type of transfer of dynamic IP addresses also enables the more secure ID Pro tect mode main mode to be used for tunnel setup Method of operation Various modes are available for tran...

Page 314: ...art of the payload in IKE negotiation 6 Peer A is now able to compare the token returned by peer B with the entries in the MIB and so identify the peer without knowing its IP address As peer A and pee...

Page 315: ...e used Transfer own IP ad dress over ISDN GSM Select whether the IP address of your own device is to be trans ferred over ISDN for IPSec callback The function is enabled with The function is disabled...

Page 316: ...ss in formation elements of the D channel 446 5 133 The IP address is transferred in both the LLC and subaddress information elements 18 1 2 Phase 1 Profiles In the VPN IPSec Phase 1 Profilesmenu a li...

Page 317: ...which is rated as weak due to its small effective length of 56 bits 1 Rijndael has been nominated as AES due to its fast key setup low memory requirements high level of security against attacks and ge...

Page 318: ...during phase 1 MODP as sup ported by bintec devices stands for modular exponentiation Possible values During the Diffie Hellman key calculation mod ular exponentiation at 768 bits is used to create th...

Page 319: ...for Authentication Method 3 1 1 or 1 This field enables you to select one of your own certificates for authentication It shows the index number of this certificate and the name under which it is save...

Page 320: ...n page 113 you must make sure your device selects the first al ternative subject name by default Make sure you and your peer both use the same name i e that your local ID and the peer ID your partner...

Page 321: ...f 8 J Your device expects a heartbeat from the peer and sends one itself 3 3 Use DPD dead peer detection in accordance with RFC 3706 DPD uses a request reply pro tocol to check the availability of the...

Page 322: ...abled with The function is enabled by default CA Certificates Only for Authentication Method 3 1 1 or 1 If you enable option Trust the following CA certificates you can select up to three CA certifica...

Page 323: ...speed Here it is used with a key length of 128 bits 1 Rijndael has been nominated as AES due to its fast key setup low memory requirements high level of secur ity against attacks and general speed He...

Page 324: ...ase 1 SA have become known The field has the following options During the Diffie Hellman key calculation mod ular exponentiation at 768 bits is used to create the encryption material default value Dur...

Page 325: ...y default Alive Check Select whether and how IPSec heartbeats are used A bintec IPSec heartbeat is implemented to determine whether or not a Security Association SA is still valid This function sends...

Page 326: ...one time password OTP the password check can be carried out by a token server e g SecOVID from Kobil which is installed behind the Radius Server If a company s headquarters is connected to several br...

Page 327: ...ted in the RADIUS Server Group ID field 4 Authentication is carried out via a local list Name Only for Role 6 Enter the authentication name of the client Password Only for Role 6 Enter the authenticat...

Page 328: ...er the first IP address of the range In the second field enter the last IP address of the range 18 1 6 Options The menu VPN IPSec Options consists of the following fields Fields in the OptionsGlobal O...

Page 329: ...gs are set The default val ues are globally valid and enable your system to work correctly to other bintec devices so that you only need to change these values if the remote terminal is a third party...

Page 330: ...s they are redundant they are normally set to the value of the negotiation currently in progress Alternatively your device can use zeroes for all values of the cookie In this case select Zero Cookie S...

Page 331: ...is enabled with The function is disabled by default Send Key Hash Pay loads Select whether key hash payloads are to be sent during IKE phase 1 In the default setting the public key hash of the remote...

Page 332: ...ostname is used in outgoing tunnel set up messages to identify this device and is associated with the Remote Hostname of a tunnel profile configured on the LNS These tunnel setup messages are SCCRQs S...

Page 333: ...ss for connections based on this profile The destination must be a device that can behave like an LNS UDP Source Port Enter how the port number to be used as the source port for all outgoing L2TP conn...

Page 334: ...it received no re sponse The wait time is dynamically extended until it reaches the Max imum Time between Retries The available values are to the default value is Maximum Time between Retries Enter th...

Page 335: ...network server LNS or the functions of a L2TP access concentrator client LAC client Possible values 4 default value If you select this option the L2TP partner is configured so that it accepts L2TP tun...

Page 336: ...tic IP address or whether it should be assigned this dynamically Possible values default value You enter a static IP address 1 Only for Connection Type 4 Your device dynamically assigns an IP address...

Page 337: ...e for Enter the wait time in seconds before the device should try again after an attempt to set up a connection has failed The de fault value is Authentication Select the authentication protocol for t...

Page 338: ...chability of the remote terminal is to be checked by sending LCP echo requests or replies This is re commended for leased lines PPTP and L2TP connections The function is enabled with The function is d...

Page 339: ...he case of your device only re sponds to the ARP request the connection is not set up until someone actually wants to use the route 5 Your device responds to an ARP request only if the status of the c...

Page 340: ...P partner over the Internet using PPTP The PPTP subsystem sets up a control connection between the endpoints of the tunnel This is used to send control data to set up keep alive and terminate the conn...

Page 341: ...rval in seconds This determines how many seconds should pass between sending the last traffic data pack et and clearing the connection Possible values are to seconds deactivates the timeout The defaul...

Page 342: ...figure an ISDN connection specify whether Net work Address Translation NAT is to be enabled The function is enabled with The function is disabled by default Local IP Address Only for IP Address Mode A...

Page 343: ...P Challenge Handshake Authentic ation Protocol as per RFC 1994 the password is transferred encrypted 1 9681 Primarily run CHAP otherwise PAP 681 Only run MS CHAP version 1 PPP Microsoft Challenge Hand...

Page 344: ...scription OSPF Mode Select whether and how routes are propagated via the interface and or OSPF protocol packets are to be sent Possible values default value OSPF is not activated for this inter face i...

Page 345: ...on is enabled by default Fields in the Advanced SettingsPPTP Callback menu Field Description Callback Enables a PPTP tunnel through the Internet to be set up with a PPTP partner even if the partner is...

Page 346: ...ns menu Field Description GRE Window Adaption Select whether the GRE Window Adaptation is to be enabled This adaptation only becomes necessary if you have down loaded service pack 1 from the Microsoft...

Page 347: ...device can allocate an IP address from an address pool if available If address pools have more than one IP ad dress you cannot specify which connection partner receives which address The ad dresses a...

Page 348: ...on Enter a description for the GRE tunnel Local GRE IP Address Enter the source IP address of the GRE packets to the GRE partner If no IP address is given this corresponds to IP address 0 0 0 0 the so...

Page 349: ...hat is allowed for the GRE connection between the partners Possible values are to The default value is Use key Enable the key input for the GRE connection which makes it possible to distinguish betwee...

Page 350: ...nfiguration work for the SIF is comparatively straightforward with systems like Network Address Translation NAT and IP Access Lists IPAL As SIF NAT and IPAL are active in the system simultaneously att...

Page 351: ...e packet cannot be assigned to an existing connection a check is made to see if a suitable connection is expected e g as affiliated connection of an exist ing connection If so the packet is also accep...

Page 352: ...rameters The menu Firewall Policies Filter Rules New consists of the following fields Fields in the Filter RulesBasic Parameters menu Field Description Source Select one of the preconfigured aliases f...

Page 353: ...filtered packet Possible values 1 default value The packets are forwarded on the basis of the entries 3 The packets are rejected K The packets are rejected An error message is is sued to the sender o...

Page 354: ...arger bandwidths which are not always available Quality of Service QoS makes it possible to distribute the available bandwidths effectively and intelligently Certain applications can be given preferen...

Page 355: ...the bandwidth defined in Band width can be exceeded in the longer term By activating this field you specify that it cannot be exceeded If the option is deactivated the bandwidth can be exceeded and th...

Page 356: ...ets will be filtered Fields in the OptionsSession Timer menu Field Description UDP Inactivity Enter the inactivity time after which a UDP session is to be re garded as expired in seconds Possible valu...

Page 357: ...l Interfaces Groups New consists of the following fields Fields in the GroupsBasic Parameters menu Field Description Description Enter the desired description of the interface group Members Select the...

Page 358: ...Enter the IP address of the host or a network address and the related netmask The default value is Address Range Only for Address Type 1 Enter the start and end IP address of the range 19 3 2 Groups A...

Page 359: ...you want to configure Protocol Select the protocol on which the service is to be based The most important protocols are available for selection Destination Port Range Only for Protocol 6 53 9 6 or 53...

Page 360: ...If a port range is to be checked enter the upper limit here Possible values are to Type Only for Protocol 6 The Type field shows the class of ICMP messages the Code field specifies the type of messag...

Page 361: ...e New button to set up additional service groups The menu Firewall Services Groups New consists of the following fields Fields in the GroupsBasic Parameters menu Field Description Description Enter th...

Page 362: ...evel Gateway ALG i e an appropriate proxy that implements the necessary NAPT and firewall releases Note The Application Level Gateway must always be used if NAT is enabled on the inter face that makes...

Page 363: ...r received This value must be greater than the SIP Expire Time of the con nected SIP client SIP telephone terminal adapter etc The default value is Low Latency Trans mission Specify whether a mechanis...

Page 364: ...n to edit existing static entries Note Entries created dynamically for active sessions cannot be edited These entries can only be removed resulting in the immediate termination of the corresponding SI...

Page 365: ...ing protocol RTSP RTSP is a network protocol for controlling multimedia traffic flows in IP based networks Payload data is not transferred using RTSP Rather it is used to control a multimedia ses sion...

Page 366: ...by selecting The function is disabled by default RTSP Port Select the port over which the RTSP messages are to come in and go out Possible values are to The default value is 20 VoIP Funkwerk Enterpris...

Page 367: ...P 21 1 DNS Each device in a TCP IP network is usually located by its IP address Because host names are often used in networks to reach different devices it is necessary for the associated IP address t...

Page 368: ...ice or the loopback ad dress is entered for local applications these are ignored here If one of the DNS serv ers can resolve the name the information is forwarded and a dynamic entry created in the ca...

Page 369: ...ritten DNS Server Primary Secondary Only for DNS Server Configuration Enter the IP address of the first and if necessary second global DNS server WINS Server Primary Secondary Enter the IP address of...

Page 370: ...s Enter the value to which the TTL is to be set for a positive dy namic DNS entry in the cache if its TTL is or its TTL exceeds the value for Maximum TTL for Positive Cache Entries The default value i...

Page 371: ...he addresses of the global name servers entered on your device are sent 21 1 2 Static Hosts A list of all configured static hosts is displayed in the Local Services DNS Static Hosts menu 21 1 2 1 New...

Page 372: ...TL Enter the validity period of the assignment from DNS Hostname to IP Address in seconds only relevant for Response transmitted to requesting hosts The default value is 24 h 21 1 3 Domain Forwarding...

Page 373: ...ered without a full stop you complete with OK Default Domain after confirmation Forward to Select the forwarding destination requests to the name defined in Host or Domain Possible values default valu...

Page 374: ...received DNS packets addressed direct to your device including the response packets for forwarded re quests Invalid DNS Packets Shows the number of invalid DNS packets received and ad dressed direct t...

Page 375: ...Parameters menu Field Description HTTPS TCP Port Enter the port via which the HTTPS connection is to be estab lished Possible values are to The default value is Local Certificate Select a certificate...

Page 376: ...es its present IP address 21 3 1 DynDNS Update In the Local Services DynDNS Client DynDNS Update menu a list of all configured DynDNS registrations for updating is displayed 21 3 1 1 New Choose the Ne...

Page 377: ...Advanced Settings menu Field Description Mail Exchanger MX Enter the full host name of a mail server to which e mails are to be forwarded if the host currently configured is not to receive mail Ask yo...

Page 378: ...Update Path Enter the path on the provider s server that contains the script for managing the IP address of your device Ask your provider for the path to be used Port Enter the port at which your devi...

Page 379: ...set up a pool of IP addresses from which your device assigns IP addresses to hosts in the LAN for a defined period of time A DHCP server also transfers the addresses of the domain name server entered...

Page 380: ...ddresses from another network Possible values 4 default value The DHCP pool is only used for DHCP requests in the same subnet 4 9 The DHCP pool is used for DHCP requests in the same subnet and from ot...

Page 381: ...of the TFTP server to be sent to the client Several entries are possible Add additional entries with the Add button 21 4 2 IP MAC Binding The Local Services DHCP Server IP MAC Binding menu displays a...

Page 382: ...1 4 3 DHCP Relay Settings If your device for the local network does not distribute any IP addresses to the clients by DHCP it can still forward the DHCP requests on behalf of the local network to a re...

Page 383: ...e filter The function is activated by selecting The function is disabled by default Filtered Input Inter face s Select for which of the existing Ethernet and WLAN interfaces web filtering is to be act...

Page 384: ...can activate a 30 day demo version of the Proventia Web Filter To do this click the Activate 30 days demo licence link Licence Status Shows the result of the last validity check of the licence The va...

Page 385: ...value 1 Actions can also be defined for the following special cases e g 3 This category applies to all Internet addresses 6 Some addresses are already known to the Proventia Web Filter but not yet cla...

Page 386: ...y were blocked be cause of filter configuration and classification in the Proventia Web Filter Addresses on the Black List remain blocked if they can be called up because of filter configuration and c...

Page 387: ...n of incoming and outgoing data and voice calls to com munications applications on hosts in the LAN that access the Remote CAPI interface of your device This enables for example hosts connected to you...

Page 388: ...21 6 2 Options The menu Local Services CAPI Server Options consists of the following fields Fields in the OptionsBasic Parameters menu Field Description Enable server Select whether your device is to...

Page 389: ...or initiat ing an action may also be created The initiators within an events list are then processed in the listed order If you wish to add a new events list select default value If a single event is...

Page 390: ...then the MIB Table and finally the MIB Vari able itself Only MIB tables and MIB variables existing in the rel evant area are displayed Compare Condition Only for Event Type 9 Select whether the MIB v...

Page 391: ...to be con figured as initiator First select the System on which the MIB variable is saved then the MIB Table and finally the MIB Vari able itself Only MIB tables and MIB variables existing in the rel...

Page 392: ...of the data traffic whose values should be monitored as initiator for an action Possible values C default value Incoming data traffic is monitored C Outgoing data traffic is monitored Monitored Certi...

Page 393: ...on Settings in Condition Type 3 Start Time Enter the time from which the initiator is to be activated Activa tion is carried on the next scheduling interval the default value of this interval is 55 se...

Page 394: ...acked up by your device Accessibility of an IP address is checked 6 A certificate is to be renewed deleted or entered 046 A Neighbor Scan is launched in a WLAN network controlled by the WLAN controlle...

Page 395: ...le settings 6 default value An existing entry must be modified 6 A new entry must be created Index Variables Only if Command Type 9 Where required select MIB variables to be used as index in order to...

Page 396: ...the MIB variable is to be modified depending on whether the initiator is active or inactive Trigger Status it is de scribed with an active initiator with the value entered in Active Value and with an...

Page 397: ...nter the URL of the server from which the desired software version is to be drawn For Command Type 6 with Action or Enter the URL of the server from which a configuration file will be obtained or on w...

Page 398: ...Select whether to transfer the file in CSV format which can eas ily be read and modified In addition you can view the corres ponding file clearly using Microsoft Excel for example The function is ena...

Page 399: ...be renamed For Command Type 6 and Action 3 Select the file to be deleted For Command Type 6 and Action 6 Select the file to be copied Configuration contains certificates keys Only for Command Type 6...

Page 400: ...ress Only if Command Type Enter the IP address to be checked for accessibility Source IP Address Only if Command Type Enter an IP address to be used as sender address for the ping test Possible values...

Page 401: ...a secure certificate requiring a password and enter into the entry field The function is disabled by default Overwrite similar certi ficate Only for Command Type 6 and Action Select whether to overwri...

Page 402: ...the certification authority CA from which you wish to request your certificate e g Your CA administrator can provide you with the necessary data Password Only for Command Type 6 and Action 6 You may n...

Page 403: ...dation of certificates issued by the own er of this certificate Possible values 1 default value If the CA certificate contains an entry for a CDP CRL Distribution Point it should be evaluated in addi...

Page 404: ...rces 21 8 Surveillance In this menu you can configure an automatic availability check for hosts or interfaces and automatic ping tests Note This function cannot be configured on your device for connec...

Page 405: ...he IP address of the host to be monitored Source IP Address Select how the IP address is to be determined that your device uses as the source address of the packet sent to the host to be monitored Pos...

Page 406: ...ing for other interfaces The menu Local Services Surveillance Interfaces New consists of the following fields Fields in the InterfaceBasic Parameters menu Field Description Monitored Interface Select...

Page 407: ...urveillance Ping Generator New consists of the follow ing fields Fields in the Ping GeneratorBasic Parameters menu Field Description Destination IP Address Enter the IP address to which the ping is au...

Page 408: ...s itself by ISDN and checks its location If the configured ISDN call numbers differ from the numbers dialled the interfaces remain disabled If the numbers agree the device assumes that it is at the or...

Page 409: ...rvice is enabled Use Add to add a new interface to the list Select from the available interfaces those to which the ISDN theft protection function is to be applied Fields in the OptionsAdvanced Settin...

Page 410: ...ace of your device via which access point discovery is to be carried out You use the 1 option to query all interfaces The current discovery status is displayed for each individual interface under Disc...

Page 411: ...Write Result The value of this field can only be read Displays the result of the last configuration operation Possible values The access point reported a successful operation or a configuration change...

Page 412: ...where one of the peers lies behind a NAT enabled gateway UPnP enables mostly Windows based operating systems to take control of other devices with UPnP functionality on the local network These include...

Page 413: ...m the local network and or whether the interface can be controlled via UPnP requests The menu Local Services UPnP Interfaces consists of the following fields Fields in the Interfaces menu Field Descri...

Page 414: ...ions for cafes hotels companies communal residences campgrounds etc The bintec HotSpot Solution consists of a bintec gateway installed onsite with its own WLAN access point or additional connected WLA...

Page 415: ...ctivate the licence Go to www funkwerk ec com then Service Support Services Online Services Enter the required data please note the relevant explanations on the license sheet and follow the instructio...

Page 416: ...the Enabled option to enable or disable the corresponding entry 21 12 1 1 Edit or New In the Local Services HotSpot Gateway HotSpot Gateway menu you configure the hotspot network Choose the New button...

Page 417: ...of websites intranet The function is not activated by default Walled Network Net mask Only if Walled Garden is enabled Enter the network address of the Walled Network the corres ponding Netmask of th...

Page 418: ...ame must be entered Define a de fault password in the input field 5 9 default value User name and pass word must be entered Allowed HotSpot Client Here you can define which type of users can log in to...

Page 419: ...BRRP terms Field Description VRRP router A router that uses the Virtual Router Redundancy Protocol It can be integrated into one or more virtual routers Virtual Router An abstract object controlled by...

Page 420: ...thin the logical connection is active It guarantees that if the active route fails another router takes over the function of the failed device The time that each router is active is determined by the...

Page 421: ...tion is performed in the Local Services BRRP Virtual Router New Eth ernet Interface menu In this step you configure the IP address settings and assign the interface to a virtual router The properties...

Page 422: ...erent priorities on the various physical routers 21 13 1 1 New Choose the New button to configure other virtual routers The Local Services BRRP Virtual Routers New menu consists of the following field...

Page 423: ...r the value the higher the priority The value defines that this virtual router always functions as master as soon as it is active The default value is The virtual router with the highest priority norm...

Page 424: ...d BRRP advertisements the advertisement interval and the skew time which adds a minim um period depending on the priority The higher the priority the shorter the time added Consequently a backup route...

Page 425: ...in the Local Services BRRP VR Synchronisation menu i e you define how status changes are handled After opening the menu Local Services BRRP VR Synchronisation a list of all syn chronisations is displ...

Page 426: ...entered in the Virtual Router Fields in the VR SynchronisationSynchronisation VR Interface menu Field Description Synchronisation Mode Indicates the mechanism with which virtual routers or interfaces...

Page 427: ...Field Description The function is enabled with The function is disabled by default Funkwerk Enterprise Communications GmbH 21 Local Services R1xxx R3xxx R4xxx 401...

Page 428: ...or an internet address can be reached The Outputfield displays the ping test messages The ping test is launched by entering the IP address to be tested in Test Ping Address and clicking the Go button...

Page 429: ...r boots Do not turn your device off during the update An update of BOOTmonitor and or Logic is recommended in a few cases In this case the release notes refer expressly to this fact Only update BOOTmo...

Page 430: ...guration Export configuration with status information and Load configuration If you want to save a configuration file with the action Export configuration or Export configuration with status informati...

Page 431: ...Current File Name in Flash is transferred to your local host If you press the Go button a dialog box is displayed in which you can select the storage location on your PC and enter the de sired file n...

Page 432: ...ource Location Only for Action 5 Select the source for the update Possible values 4 7 default value The system software file is stored locally on your PC 8 The file is stored on a remote server specif...

Page 433: ...System Reboot In this menu you can trigger an immediate reboot of your device Once your system has restarted you must call the Funkwerk Configuration Interface again and log in Pay attention to the LE...

Page 434: ...itted to one or more external PCs for storage and processing e g to the system ad ministrator s PC The syslog messages saved internally on your device are lost when you reboot Warning Make sure you on...

Page 435: ...ich syslog messages are passed Level Select the priority of the syslog messages that are to be sent to the host Possible values highest priority 1 6 0 default value 3 lowest priority Syslog messages a...

Page 436: ...is often collected for commercial reasons This inform ation is extremely important for Internet Service Providers that bill their customers by data volume However there are also non commercial reasons...

Page 437: ...ges The messages can contain character strings in any order sequences separated by a slash e g Q or Q or defined tags Possible format tags Format tags for IP Accounting messages Field Description d Da...

Page 438: ...minute Possible values are to the default value is Fields in the E mail Alert ServerSMTP Settings menu Field Description SMTP Server Enter the address IP address or valid DNS name of the mail server...

Page 439: ...ecipients The menu External Reporting E mail Alert E mail Alert Recipient consists of the fol lowing fields Fields in the E mail Alert RecipientAdd Edit E mail Alert Recipient menu Field Description R...

Page 440: ...e mail is sent when this expires even if the number of mes sages has not been reached Possible values are to the default value is Message Compression Select whether the text in the alert E mail is to...

Page 441: ...g SNMP SNMP Trap Options menu you can configure the sending of traps The menu External Reporting SNMP SNMP Trap Options consists of the following fields Fields in the SNMP Trap OptionsBasic Parameters...

Page 442: ...ernal Reporting SNMP SNMP Trap Hosts New consists of the follow ing fields Fields in the SNMP Trap HostsBasic Parameters menu Field Description IP Address Enter the IP address of the SNMP trap host 23...

Page 443: ...e the Windows application on your PC you can download BRICKware for Windows to your PC from the download area at www funkwerk ec com and from there import it to your device 23 5 1 Options The menu Ext...

Page 444: ...ate interval in seconds Possible values are to The default value is UDP Destination Port Enter the port number for the Windows application Activity Monitor The default value is registered by IANA Inte...

Page 445: ...System Management Global Settings System menu Values in the System Messages list Field Description No Displays the serial number of the system message Date Displays the date of the record Time Displa...

Page 446: ...ress Shows the WAN IP address of your device Remote IP Address Shows the WAN IP address of the connection partner Local ID Shows the ID of your device for this IPSec tunnel Remote ID Shows the ID of t...

Page 447: ...ences usable Maximum Field in the IPSec StatisticsPeers menu Field Description Status Displays the number of IPSec tunnels by their current status Up Currently active IPSec tunnels Going up IPSec tunn...

Page 448: ...connections incoming and outgoing calls is displayed Values in the Current Calls list Field Description Service Displays the service to or from which the call is connected C Remote Number Displays th...

Page 449: ...Time Displays the time at which the call was made or received Duration Displays the duration of the connection 24 4 Interfaces 24 4 1 Statistics In the Monitoring Interfaces Statistics menu current v...

Page 450: ...re listed separately Values in the WLAN list Field Description mbps Displays the possible data rates on this wireless module Tx Packets Shows the total number of packets sent for the data rate shown i...

Page 451: ...an RTS Displays the number of received CTS clear to send frames that were received as a response to RTS request to send Received MPDUs that couldn t be decrypted Displays the number of received MSDUs...

Page 452: ...alues for wireless mode 802 11n are listed separately Values in the VSS connected client list Field Description Client MAC Address Shows the MAC address of the associated client IP Address Shows the I...

Page 453: ...tes and seconds for which the WDS link is active Tx Packets Shows the total number of packets sent Rx Packets Shows the total number of packets received Signal dBm RSSI1 RSSI2 RSSI3 Shows the received...

Page 454: ...ws the values for Tx Packets and Rx Packets 24 5 4 Client Links In the Monitoring WLAN Client Links menu current values and activities of the client links are displayed Values in the Client Links list...

Page 455: ...nsmission rate of data received on this cli ent link in Mbit s Rate For each of the specified data rates shows the values for Tx Packets and Rx Packets 24 6 Bridges 24 6 1 br x In the Monitoring Bridg...

Page 456: ...for which QoS has been configured QoS Queue Shows the QoS queue which has been configured for this inter face Send Shows the number of sent packets with the corresponding pack et class Dropped Shows t...

Page 457: ...d distributes these to all gateways within the BMA network BMA Broad cast Multi Access Network e g Ethernet FDDI Tokenring A designated router is not shown for non BMA networks e g X 25 Frame Relay AT...

Page 458: ...to this OSPF neighbor is inactive The initial phase A HELLO packet is received from the neighbor Bidirectional communication with the neighbor The HELLO packets sent are accepted by the neighbor gatew...

Page 459: ...atabank entries Sent Database De scription Packets Displays the number of sent databank entries Received Link State Acknowledge Packets Displays the number of Link State Acknowlede packets re ceived S...

Page 460: ...list Field Description Interface Displays the name of the PIM interface IP Address Displays the primary IP address of the PIM interface Designated Router Displays the primary IP address of the designa...

Page 461: ...ription View Select the desired view from the dropdown menu The following are available 1 UEUE UE E and E E Values in the RP States list Field Description Rendevous Point IP Address Displays the IP ad...

Page 462: ...the remaining time until the local router sends out the next periodic G Join message on pimStarGRPFIfIndex In the PIM SM specification this address is named G Upstream Join Timer If the timer is deac...

Page 463: ...e source IP address InetAddressType is defined in the pimStarGAddressType object Reverse Path Forwarding RPF Indicates the address type of the RPF Next Hop to the RP or unknown 0 if the RPF Next Hop i...

Page 464: ...mStarGPimMode is bid ir this object must be noInfo Assert Winner IP Ad dress Indicates the address of Assert Winner if pimStarGIAssertState runs iAmAssertLoser InetAddressType is defined through the o...

Page 465: ...G RPT States list Field Description Multicast Group Ad dress Displays the multicast IP address InetAddressType is defined through the object pimStarGIAssertWinnerAddressType Source IP Address Display...

Page 466: ...aged tone Busy On Busy Call to engaged team subscriber If one subscriber in a team has taken the receiver off the hook or is on the telephone you can de cide whether other calls are to be signalled fo...

Page 467: ...nnection to be selected and set up parameters must be defined for all the required connections These parameters are stored in lists which together permit the right con nection to be set up The PBX use...

Page 468: ...as well 802 11b g One of the IEEE standards for wireless network hardware Products that meet the same IEEE standard can communicate with each oth er even if they come from different hardware manufact...

Page 469: ...to a number of computers that form an in dependent 802 11 WLAN each with a wireless adapter Ad hoc net works work independently without an access point on a peer to peer basis Ad hoc mode is also kno...

Page 470: ...eature on telephones By pressing a key or code the caller requests a call back from the engaged terminal If the subscriber you want is not at their desk or cannot take the call they are auto matically...

Page 471: ...Automatic redialling Performance feature of a terminal If the line is busy several redial attempts are made B channel Corresponds to a telephone line in T Net In T ISDN the basic con nection contains...

Page 472: ...an exchange data with each other without a fixed connection For example PCs notebooks or a PDA can access the Internet or a loc al network The appointments on a PDA can be synchronised with the appoin...

Page 473: ...Call costs account You can set up a call costs account for a subscriber here The maximum available number of units in the form of a limit can be as signed to each subscriber on their personal call co...

Page 474: ...up is possible A call can only be picked up by subscribers terminals in the same pickup group The assignment of subscribers in pickup groups is not de pendent on the settings in the Day and Night team...

Page 475: ...r Block Chaining CCITT Consultative Committee for International Telegraphy and Telephony CD Call Deflection The forwarding of calls This performance feature enables you to forward a call without havin...

Page 476: ...D Analogue Telephony or Telefax Group 3 can also be transmitted regardless of the configuration of the analogue con nection If 0 is dialled the service ID Analogue Telephony is also transmitted Confer...

Page 477: ...include STAC VJHC and MPPC Data Link Layer DLL Data packet A data packet is used for information transfer Each data packet contains a prescribed number of characters information and control character...

Page 478: ...ost Configuration Protocol Dial preparation On some telephones with a display you can first enter a telephone check it first and then dial it Dial in parameters Define the dial in parameters i e you e...

Page 479: ...e function module can be installed on an analogue connection of your PBX If a door intercom DoorLine is connected to your PBX via a function module you can speak with a visitor at the door via every a...

Page 480: ...ter face which is also called the E1 system ECB Electronic Code Book mode ECT Explicit Call Transfer This performance feature allows two external connections to be transferred without blocking the two...

Page 481: ...eing loaded the PBX functions are deleted Euro ISDN Harmonised ISDN standardised within Europe based on signalling protocol DSS1 the introduction of which network operators in over 20 European countri...

Page 482: ...viation of telefax FHSS Frequency Hopping Spread Spectrum In a FHSS system the frequency spread is achieved through con stantly changing frequencies based on certain hopping patterns In contrast to DS...

Page 483: ...acket switching methods such as X 25 Because of its properties frame relay is used for fast WAN connections with a high density of traffic Freecall Telephone number Previous service 0130 These telepho...

Page 484: ...from a text sequence with a different meaning Encryption methods use hashing to make sure that intruders cannot change transmitted messages HDLC High Level Data Link Control HDSL High Bit Rate DSL HD...

Page 485: ...ocedure If you enter code 77 during a call or after the caller has ended a call you hear the engaged tone from the exchange the caller s tele phone number is stored in the exchange ISDN telephones can...

Page 486: ...local and university networks The IP protocol is used for data transmission on the Inter net Internet time sharing Allows several users to surf the Internet simultaneously over an ISDN connection The...

Page 487: ...extension number ISDN number The network address of the ISDN interface e g 4711 ISDN router A router that does not have network connections but provides the same functions between PC ISDN and the Inte...

Page 488: ...ess a button so that the people present in the room can also hear the telephone call MAC Address Every device in the network is defined by a fixed hardware address MAC address The network card of a de...

Page 489: ...protocol gate way A gateway that can route several protocols e g IP X 25 etc Music on hold MoH Your PBX has two internal music on hold melodies On delivery in ternal melody 1 is active You can choose...

Page 490: ...is the point at which access to a communication network is provided to the terminal Netz Direkt keypad functions You can use the Netz Direkt keypad function automatic external line access to enter a k...

Page 491: ...ber of the connection you are calling from on their telephone display This telephone number transmitted during an external call is called the outgoing telephone number Packet switching Packet switchin...

Page 492: ...s Point to multipoint Point to multipoint connection Point to multipoint Basic connection in T ISDN with three telephone numbers and two lines as standard The ISDN terminals are connected directly on...

Page 493: ...face Protocol Protocols are used to define the manner and means of information exchange between two systems Protocols control and rule the course of data communication at various levels decoding addre...

Page 494: ...tely usually in connection with other options such as deleting messages or changing recorded messages Repeater A device that transmits electrical signals from one cable connection to another without m...

Page 495: ...ide Please read the information on the described functions in the user s guide Router A device that connects different networks at layer 3 of the OSI mod el and routes information from one network to...

Page 496: ...e service from T Com Replaces Service 0190 Service number 0180 Additional voice service 0180call from T Com to receive calls from a location dependent telephone number uniform across Germany starting...

Page 497: ...S with an SMS enabled terminal the telephone number 0193010 of the SMS server must be prefixed to the recipient num ber This telephone number is already stored in your PBX so manu al input of the serv...

Page 498: ...bscriber numbers are included as standard Specify own tele phone number for next call If you want to make a business call late in the evening from your private sphere say the living room for example y...

Page 499: ...hone number for a particular service In the called terminal e g a PC various applications can also be ad dressed and in some cases executed Costs are charged for the performance feature and it must be...

Page 500: ...ission process in which the sender and receiver operate with exactly the same clock signals in contrast to asynchronous trans mission Spaces are bridged by a stop code Syslog Syslog is used as the de...

Page 501: ...e T NetBox can store up to 30 messages T NetBox telephone number Enter the current T NetBox telephone number here if it differs from the 08003302424 entered ex works As soon as your T NetBox re ceives...

Page 502: ...ol family Telnet enables communic ation with a remote device in the network Terminal adapter Device for interface adaptation It enables different equipment to be connected to T ISDN The terminal adapt...

Page 503: ...ric Digital Subscriber Line UDP User Datagram Protocol Update Update to a software program PBX firmware An update is the up dated version of an existing software product and is indicated by a new vers...

Page 504: ...o analogue on one side of the modem provider as was the case with V 34 and earlier modems This makes higher transmission rates possible A maximum speed of 56 kbps can be achieved only under optimum co...

Page 505: ...WPA PSK Intended for private users or small businesses that do not run a central authentication server PSK stands for Pre Shared Key and means that AP and client use a fixed character string 8 to 63 c...

Page 506: ...on users such as e mail addresses telephone numbers and postal ad dresses You can search these databases to obtain information about individuals X 509 ITU T standards that define the format of the cer...

Page 507: ...249 252 259 309 314 Answer to client request 387 Antenna Diversity 156 AP MAC Address 179 428 429 APN Access Point Name 146 APN Access Point Name 123 Apply QoS 326 Area 432 Area ID 220 222 ARP Process...

Page 508: ...Configuration Interface 99 Configured Speed Mode 126 Confirm Admin Password 90 Congestion Avoidance RED 204 Connected 179 Connection State 195 207 Connection Type 252 309 Connection Idle Timeout 240...

Page 509: ...Direction 197 216 422 423 Distribution Mode 193 Distribution Policy 193 Distribution Ratio 194 DNS Hostname 345 DNS Negotiation 242 246 250 258 261 312 318 DNS Server 346 DNS Requests 348 DNS Server...

Page 510: ...ollection Timer 218 Gateway 182 354 384 Generate Private Key 116 Generate default route for the AS 224 Generation ID 434 GRE Window Adaption 320 GRE Window Size 320 Group Description 106 193 Group ID...

Page 511: ...ame 353 IP Pool Name 265 302 321 IP Pool Range 265 302 321 IPSec Phase 2 421 IPSec Tunnels 421 IPSec Phase 2 SAs 420 IPSec Debug Level 302 IPSec Pathfinder Mode 303 ISDN Configuration Type 128 ISDN Li...

Page 512: ...1 Maximum Retries 308 Maximum Groups 229 Maximum Message Level of Syslog Entries 88 Maximum Messages per Minute 412 Maximum Number of Accounting Log Entries 88 Maximum Number of History Entries 357 Ma...

Page 513: ...etwork Name SSID 170 176 179 New Destination Port 191 New Destination IP Address Netmask 191 New File Name 404 New Source Port 191 New Source IP Address Netmask 183 191 Nitro Mode 160 Nitro XM 160 No...

Page 514: ...e TCP ACK Packets 242 246 250 261 270 277 311 317 Priority 106 110 202 326 Privacy 175 Propagate PMTU 299 Propagate routes bound on discard re fuse interface 224 Propagation Delay 232 Proposals 290 29...

Page 515: ...ss 228 Role 301 Route Announce 213 Route Entries 241 245 249 253 260 277 283 310 315 322 Route Timeout 218 Route Type 182 Router ID 432 432 Routing table updates caused by Ex ternal Advertisements 433...

Page 516: ...SIM Card Uses PIN 146 SIM Card Uses PIN 123 SMTP Authentication 412 SMTP Server 412 SNMP 100 SNMP Version 104 SNMP Listen UDP Port 104 SNMP Read Community 91 SNMP Trap Broadcasting 415 SNMP Trap Comm...

Page 517: ...Tx Packets 423 424 425 426 427 428 428 Type 195 207 267 333 423 432 Type of Endpoint 338 Type of Messages 409 Type of traffic 188 U UDP Inactivity 330 UDP Destination Port 307 UDP Destination Port 31...

Page 518: ...0 VLAN Identifier 153 VLAN Members 153 VLAN ID 150 240 VLAN Name 153 VRRP Advertisement 393 VRRP router 393 W Walled Garden 390 Walled Network 390 Walled Garden URL 390 WDS Description 174 WDS Descrip...

Reviews:

No comments

Brands by name

Popular brands

Load more brands