Funkwerk TR200aw User Manual Download Page 242 | Manualshive

Page: 242 / 487

background image

Chapter 12 VPN

12.1 IPSec

IPSec enables secure connections to be set up between two locations (VPN). This enables
sensitive business data to be transferred via an unsecure medium such as the Internet.
The devices use function here as the endpoints of the VPN tunnel. IPSec involves a num-
ber of Internet Internet Engineering Task Force (IETF) standards, which specify mechan-
isms for the protection and authentication of IP packets. IPSec offers mechanisms for en-
crypting and decrypting the data transferred in the IP packets. The IPSec implementation
can also be smoothly integrated in a Public Key Infrastructure (PKI). The funkwerk IPSec
implementation achieves this firstly by using the Authentication Header (AH) protocol and
Encapsulated Security Payload (ESP) protocol, and secondly through the use of crypto-
graphic key key administration mechanisms like the Internet Key Exchange (IKE) protocol.

12.1.1 IPSec Peers

Peer a terminator point of communication in a computer network is called. Each Peer offers
thereby its services and uses the services of the other Peers.

In the VPN -> IPSec -> IPSec Peers menu a list of all configured IPSec peers is shown.

Fig. 69:

VPN

->

IPSec

->

IPSec Peers

12 VPN

Funkwerk Enterprise Communications GmbH

230

funkwerk TR200aw/bw

«
...
240
241
242
243
244
...
»

Summary of Contents for TR200aw

Page 1: ...Manual funkwerk TR200aw bw Reference Copyright Version 4 0 2008 Funkwerk Enterprise Communications GmbH Funkwerk Enterprise Communications GmbH Manual funkwerk TR200aw bw 1...

Page 2: ...ts no responsibility for data loss unwanted connection costs and damage caused by un intended operation of the product Trademarks funkwerk trademarks and the funkwerk logo bintec trademarks and the bi...

Page 3: ...n 12 2 3 1 Connections 12 2 3 2 Setting up and connecting 13 2 4 Configuration 14 2 4 1 Preparations 14 2 4 2 Setting up an ADSL connection 18 2 4 3 Setting up the WLAN 19 2 4 4 Reset 20 2 4 5 Softwar...

Page 4: ...of the device 52 3 5 9 Functions without operation 54 3 5 10 Call patterns tones 67 3 6 Reset 69 3 6 1 Resetting the settings 69 Chapter 4 Technical Data 71 4 1 funkwerk TR200aw bw 71 4 1 1 Scope of s...

Page 5: ...tings 106 6 2 1 System 106 6 2 2 Passwords 108 6 2 3 Date and Time 109 6 2 4 System Licences 113 6 3 Interface Mode Bridge Groups 116 6 3 1 Interfaces 117 6 4 Administrative Access 119 6 4 1 Access 11...

Page 6: ...1 WLANx 149 9 1 1 Radio Settings 150 9 1 2 Virtual Service Sets 153 9 2 Administration 158 9 2 1 Basic Settings 159 Chapter 10 Routing 160 10 1 Routes 160 10 1 1 IP Routes 160 10 1 2 Options 165 10 2...

Page 7: ...1 1 5 Options 215 11 2 ATM 216 11 2 1 Profiles 216 11 2 2 Service Categories 221 11 2 3 OAM Controlling 224 11 3 Real Time Jitter Control 228 11 3 1 Controlled Interfaces 228 Chapter 12 VPN 230 12 1 I...

Page 8: ...83 13 1 2 QoS 286 13 1 3 Options 288 13 2 Interfaces 289 13 2 1 Groups 290 13 3 Addresses 290 13 3 1 Address List 291 13 3 2 Groups 292 13 4 Services 293 13 4 1 Service List 293 13 4 2 Groups 295 Chap...

Page 9: ...omatic Route Selection 328 14 6 1 Numbers Routing 328 14 6 2 Provider 331 14 7 Internal Phonebook 332 14 7 1 Phone Book Entries 332 14 8 Call Records 334 14 8 1 Itemised Call Details 334 Chapter 15 Lo...

Page 10: ...66 15 6 Surveillance 367 15 6 1 Hosts 368 15 6 2 Interfaces 371 15 6 3 Ping Generator 373 15 7 ISDN Theft Protection 375 15 7 1 Options 375 15 8 Funkwerk Discovery 377 15 8 1 Device Discovery 377 15 8...

Page 11: ...17 2 2 Options 397 17 3 SNMP 398 17 3 1 SNMP Trap Options 398 17 3 2 SNMP Trap Hosts 400 Chapter 18 Monitoring 401 18 1 Internal Log 401 18 1 1 System Messages 401 18 2 IPSec 402 18 2 1 IPSec Tunnels...

Page 12: ...List of Figures 454 Index 460 Table of Contents Funkwerk Enterprise Communications GmbH x funkwerk TR200aw bw...

Page 13: ...l you what you need to take into consideration when using your funkwerk gateway Installation How to connect your device is shown in Installation on page 12 This chapter also tells you what preliminary...

Page 14: ...fice you can conveniently access any information you may need from the head office even if this is geographically far away These local networks are connected over an ISDN connection or a DSL connectio...

Page 15: ...ting up and clearing the con nection Security firewall DynDNS Your gateway is provided with integrated firewall mechanisms and therefore provides ex tensive low cost features to meet all the requireme...

Page 16: ...mpatible with the 11 mbps variant 802 11b in the same frequency range Encryption via the WLAN interface can take place via WPA and WPA2 Virtual WLAN interfaces can be defined via multi SSID This means...

Page 17: ...230V socket before you remove the device cover and carry out work on the device Replace the cover again before re establishing the 230V power connection No liquids must be allowed to enter the device...

Page 18: ...d cause damage 1 4 About this guide Area of validity This document is valid for funkwerk devices with system software as of software version 7 6 1 The Reference which you have in front of you contains...

Page 19: ...bers so they can be found easily To help you locate information easily this user s guide uses the following visual aids List of visual aids Symbol Use Identifies general and important points Indicates...

Page 20: ...MP shell which you have to input as shown bold e g Windows Start menu Indicates keys key combinations and Windows terms bold e g Indicates fields in the Funkwerk Configuration Interface and MIB tables...

Page 21: ...p of a DMZ Fig 2 Basic scenario TR200aw bw With TR200aw bw you can for example use the following functions data traffic integral modem ADSL2 2 with possible bundling of a number of DSL lines secure co...

Page 22: ...nd administration of a number of con figurations in the device diagnostic functions Ping DNS Traceroute The download area for your device is at www funkwerk ec com tr200 Here you will find the user ma...

Page 23: ...uring a PC on page 16 Note If you already run a DHCP server on your LAN it is recommended that you configure the system on a separate PC that is not connected to your LAN The following settings are tr...

Page 24: ...located on the back of the device Fig 3 Back of TR200aw bw 1 ADSL Grey socket ADSL interface annex A or B 2 4 3 2 1 Yellow socket 10 100 Base T Ethernet interface the serial interface is led through E...

Page 25: ...yellow marking to your LAN via the Ethernet cable supplied The system automatically detects whether it is connected to a switch or directly to a PC 5 ADSL Connect the ADSL interface ADSL of your syst...

Page 26: ...d WLAN clients Check whether the PC from which you want to perform the configuration meets the ne cessary requirements 2 4 1 1 Gathering data You can gather the main data for configuration with the Fu...

Page 27: ...Online require additional information Additional information for T Online Access data Example value Your values User account 12 digits 1 T Online number usually 12 digits 1 Joint user account Note To...

Page 28: ...for WPA PSK without default Installation location of your system Channel to be used for WLAN Network name SSID for your WLAN without default Visibility of the SSID in the wireless network Security set...

Page 29: ...rnet via the system To set up the configuration you can open the Funkwerk Configuration interface by en tering the IP address of your device 192 168 0 254 in a supported browser Internet Ex plorer 6 o...

Page 30: ...atrate check Always Active This means the ADSL connection is always on and is re established each time it is terminated 11 Check Default Route and Create NAT Policy 12 Leave the default settings for a...

Page 31: ...the Network Name SSID as desired e g 4 6 Under Security Mode select 2 03 7 Under Preshared Key enter a password of your choice This must be at least eight characters long and for security reasons shou...

Page 32: ...set button performs two different functions After pressing briefly once the device reboots If pressed for 20 seconds the device performs a factory reset This means the device is returned to its ex wor...

Page 33: ...t the device and contact support 2 5 Support information If you have questions about your product or are looking for additional information the Sup port Center of Funkwerk Enterprise Communications Gm...

Page 34: ...et up 3 1 Intended use The telephone part of your device is intended for the ISDN point to multipoint connection Two independent external connections e g telephone calls can be established over the tw...

Page 35: ...sts during a call AOCE Determination of call costs at the end of a call AOCS Transfer of tariff information during the call phase e g for coin operated tele phones CCBS Callback to a busy subscriber a...

Page 36: ...This symbol shows that an acknowledge tone can be heard on the re ceiver This symbol indicates a conference call The symbol indicates that you can use either the key or the key 3 3 Installation When...

Page 37: ...nnections 3 5 Telephoning Note SIP terminals cannot use all the functions described here Some functions are not pos sible for other functions you must use your own procedures These procedures are desc...

Page 38: ...achine has not yet switched on can be taken by intercepting the the call If the answering machine has already received the connection you can take this call on a telephone Busy is signalled to the ans...

Page 39: ...ver of your telephone You hear the permanent dialling tone Press the R key or the key You hear the internal dialling tone Dial the internal telephone number You hear the ringing tone The person is cal...

Page 40: ...ISDN connection Via the analogue connection FXO 3 5 3 1 Selecting the external connection method Lift the receiver and dial the device attempts to connect to the first registered SIP pro vider in the...

Page 41: ...connections are possible via DSL The number of connections depends on various parameters The availability of the device s free channels The available bandwidth of the DSL connection The configured av...

Page 42: ...ber Two alternative telephone numbers analogue DSL or ISDN including those from another provider can also be selected If transfer of the priority telephone is not possible one of these telephone numbe...

Page 43: ...h the engaged party once they have replaced the re ceiver at the end of the call Your telephone rings When you lift the receiver a connection to the required subscriber is established automatically An...

Page 44: ...back on no reply An external Callback on no reply is deleted after a period specified by the exchange e g approx 3 hours Lift the receiver of your telephone You will hear the internal dial tone Dial 8...

Page 45: ...Lift the receiver of your telephone You will hear the internal dial tone Dial 7 8 Dial the external subscriber The subscriber is dialled and you can make the call Selective assignment of the ISDN con...

Page 46: ...connection that is configured as 6 in your device This function corresponds to dialling Lift the receiver of your telephone You will hear the internal dial tone Dial 7 Dial the desired correspondent...

Page 47: ...e device contains 4 channels for changing connections from e g calling via a SIP provider to ISDN or analogue telephones If room monitoring is carried out using an SIP telephone one of these channels...

Page 48: ...phone You will hear the internal dial tone Dial the exchange number in the example Press the button or button Select the relevant character for controlling the function Note If the Keypad function of...

Page 49: ...five seconds the device automatically dials the defined direct call number if nothing else is dialled in the meantime You can enter the telephone number of the subscriber to be be dialled If you want...

Page 50: ...ely broker Talk to two subscribers simultaneously three party conference Note The following procedures only apply for analogue telephones With IP and ISDN tele phones you must follow the procedures de...

Page 51: ...es Accepting a call go to inquiry You are making a call A second external subscriber calls you You hear the call waiting tone Dial You are connected to the subscriber whose call is waiting Your first...

Page 52: ...oes not lift the receiver the call re turns to your telephone after about 30 seconds Forwarding calls with notification You want to forward and internal or external call to another internal subscriber...

Page 53: ...are making a call and want to speak to another subscriber without the first subscriber hearing this conversation Press the R key You will hear the internal dial tone If you wish to speak with an exter...

Page 54: ...ll from an existing call by including a waiting call or a call that is on hold in the conference If you are holding a three party conference with two external ISDN subscribers a B channel of an ISDN c...

Page 55: ...riber included in the con ference can hang up at any time in this case the initiating subscriber continues the call with the remaining subscriber 3 5 5 Call forwarding CF The call forwarding function...

Page 56: ...ice subscribers can continue to be called Call forwarding on the point to multipoint connection If a user has set up call forwarding for an MSN and this can be carried out by the ex change the other e...

Page 57: ...or call forwarding if busy Select the subscriber to whom calls are to be forwarded Confirm your input with the key You hear the positive acknowledge tone then the special dialling tone Replace the rec...

Page 58: ...er of your telephone You will hear the internal dial tone Press the key Dial for Follow me Dial the internal telephone number from which you want to forward calls to yourself Confirm your input with t...

Page 59: ...d for the connection of a door intercom adapter e g Eumex DoorLine 210 A door intercom adapter can be connected to an a b connection on your device Only the door intercom adapter needs to be entered i...

Page 60: ...ter in the example Eumex DoorLine 210 you can also set up 9 You do not then have to dial after lifting the receiver Initiating a door call yourself and opening the door You can make the connection to...

Page 61: ...on ana logue telephones The telephone number of the person whose call is waiting can be dis played on the analogue telephone if this telephone has the necessary performance feature CLIP off Hook and...

Page 62: ...you lift the receiver when a call is being made you cannot hear the call you are connected with the caller Deactivating call signalling for analogue terminals Lift the receiver of your telephone You w...

Page 63: ...iver Block dialling Austria You can use block dialling preparatory dialling to first enter a complete telephone number on the terminal and to store it in the device for dialling purposes You can then...

Page 64: ...tion is only possible via system telephones analogue telephones and ISDN telephones VoIP Telefone k nnen diese Funktionen nicht nutzen Note Das programmierende Telefon ist w hrend der Konfiguration ni...

Page 65: ...it ive acknowledge tone are saved when you replace the receiver The data is stored about 15 seconds after you replace the receiver During this time the power supply to the device must not be interrupt...

Page 66: ...tab lished Only change the basic timer setting if absolutely necessary Dialling break The dialling break is needed as the device does not recognise the external dialling tone As not every analogue exc...

Page 67: ...keypad dialling is converted to external MFC dialling Call assignment day and night call allocation Perhaps you want to transfer calls made after office hours to your home home office to an answering...

Page 68: ...a ture is activated for your ISDN connection This information is transparently transferred from the ISDN connection to the ISDN connection and must be evaluated by the connected ISDN terminals e g sys...

Page 69: ...from your network operator Protection of the data connection You are currently sending data with your fax machine The Call waiting feature is set up on the connection for your fax machine If you recei...

Page 70: ...cation CLIP per formance feature must be set up for the connection If an MMS message is received the terminal first receives a non visible coded SMS Based on the terminal settings the related MMS mess...

Page 71: ...of SMSs is registered for your ISDN connection and the relevant external telephone numbers call SMS server of service provider and start registration procedure The telephone numbers of the SMS servic...

Page 72: ...s the time trans ferred from the exchange with its own time During the switching period the device pre vents switching between the times The time of the system telephones connected to the device is au...

Page 73: ...nels is disconnected and the sub scriber making that call hears the engaged tone If an emergency call is already being made it is not interrupted Note If two ISDN telephones are already being used to...

Page 74: ...blacklist enter the telephone numbers or prefixes that are not permitted Forwarding calls during call signalling call deflection Note This function is not possible with SIP telephones You can use thi...

Page 75: ...horisations for terminals CAPI Boss Sec functions on a system telephone Data protection for fax and modem Data backup in the event of power failure Date time transfer Direct call Three party conferenc...

Page 76: ...night operation time controlled LAN TAPI Phone book for system telephony Making calls with prefix 0 Transparent forwarding of subaddressing information Connectable door intercom Different calls inter...

Page 77: ...nsmission of user defined text messages MWI Message waiting indicator SUB Extended addressing subaddressing of a device SMS MMS In the fixed network 3 5 9 4 Basic settings in ex works state Your devic...

Page 78: ...s calendar The switching times are entered as follows for all weekdays Night Day day night Keypad function Not set up PIN1 is set to PIN2 is set to Telephone number of the calling subscriber CLIP Is d...

Page 79: ...re the second call a short call followed by data transmission this leads to a longer pause Internal calling internal callback internal recall Internal callback You are called automat ically if the sub...

Page 80: ...ot be contacted Positive acknowledge tone mixed tone 425Hz and 320 Hz This tone indicates that your entry was ac cepted Ringing tone 425 Hz This tone indicates that the telephone of the subscriber ext...

Page 81: ...nction is protected by the device s PIN1 In the factory setting PIN1 is set to In order to reset the device settings you need to start with the following procedure Lift the receiver of your telephone...

Page 82: ...ey You will hear the positive acknowledge tone Replace the receiver Manually resetting the device If the configuration is incorrect or if your device cannot be accessed you can reset the device to the...

Page 83: ...grey DSL cable for Annex A POTS RJ11 RJ11 grey for TR200aw DSL cable for Annex B ISDN RJ11 RJ45 grey for TR200bw FXO cable RJ45 RJ11 red mains supply cable black wide range power supply 110 230 V 12 V...

Page 84: ...ug in approx 1 6 kg excluding packing and cable Memory 32 MB SDRAM 8 MB flash ROM LEDs 11 1x power 4x LAN 1x WLAN 1x DSL 1x VoIP 1x ISDN 1x FXO 1x status Power consumption of the device approx 15 Watt...

Page 85: ...lephones WLAN interface antenna 1x 802 11b and 802 11g Data rates 1 2 5 5 6 9 11 12 18 24 36 48 54 mbps 1 2 5 5 6 9 11 12 18 24 36 48 54 mbps Ethernet interface 4x RJ45 sockets ISDN interface external...

Page 86: ...SDN flashing The device is connected to ISDN on At least one B channel is used VoIP off No extension user registered or the registration failed flashing At least one extension user registered on One V...

Page 87: ...connected 4 1 4 Connections The connections are arranged as follows Fig 7 funkwerk TR200aw bw back 1 ADSL Grey socket ADSL interface annex A or B 2 4 3 2 1 Yellow socket 10 100 Base T Ethernet interf...

Page 88: ...ce The connection is made via an RJ45 socket Fig 8 Ethernet 10 100 Base T interface RJ45 socket The pin assignment for the Ethernet 10 100 Base T interface RJ45 socket is as follows RJ45 socket for LA...

Page 89: ...cable with RJ 11 plug for the device connection and RJ 45 plug for connection to the ADSL splitter is required cable included Only the two inner pins are used for the ADSL connection Fig 9 ADSL interf...

Page 90: ...sed 8 Not used 4 1 5 4 Combined external ISDN S0 FXO interface funkwerk TR200aw bw has a combined external ISDN S0 FXO interface The connection is made via an RJ45 socket Fig 11 Combined external ISDN...

Page 91: ...FXS interfaces The connection is made via an RJ11 socket Fig 12 FXS interface RJ11 socket The pin assignment for the FXS interface RJ11 socket is as follows RJ11 socket for FXS connection Pin Functio...

Page 92: ...guration purposes and to access your device via Telnet or SSH 5 1 1 1 HTTP HTTPS With a current web browser you can use the HTML interfaces to configure your device For this enter the following in you...

Page 93: ...the remote mainten ance options can be carried out securely The following preconditions must be met in order to connect to the device via SSH The encryption keys needed for the process must be availa...

Page 94: ...will see the value in the two RSA key Status and DSA key Status fields 5 If one or both of these fields contains the value you must generate the relevant key To have the device generate the key click...

Page 95: ...gure your device in this way Access via the serial interface is ideal if you are setting up an initial configuration of your device and a LAN access is not possible via the pre configured IP address 1...

Page 96: ...lowing settings in the Settings tab Emulation 5 Click OK The changes to the terminal program settings do not take effect until you disconnect the connection to your device and then make the connection...

Page 97: ...in your LAN merely needs to be connected to the ISDN connection and switched on To reach your device over ISDN Login proceed as follows 1 Connect your device to the ISDN 2 Log in as administrator on...

Page 98: ...in with and make changes to the configuration Caution All funkwerk devices are shipped with the same user name and password As long as the password remains unchanged the devices are not protected aga...

Page 99: ...available to you depend on the type of connection to your device Types of connections and configurations Type of connection Possible types of configuration LAN Funkwerk Configuration Interface shell c...

Page 100: ...rk Configuration Interface are applied with the OK or Apply button of the menu and you do not have to restart the device If you finish the configuration and want to save your settings so that they are...

Page 101: ...field of the web browser 5 Enter in the User field and in the Password field and click LOGIN You are not in the status menu of your device s Funkwerk Configuration Interface see Status on page 104 5...

Page 102: ...il able Online Help Click this button if you want help with the menu now active The description of the sub menu where you are now is displayed Logout If you want to end the configuration click this bu...

Page 103: ...the entry selected will be displayed in red All the other sub menus will be closed You can see at a glance the sub menu you are in Status page If you call the Funkwerk Configuration Interface after y...

Page 104: ...ternal list Funkwerk Configuration Interface buttons for special functions Button Function In the Access Point Search menu you use this button to start automatic detection of all the access points ava...

Page 105: ...interface or connection Indicates Blocked status for an interface or connection Indicates Going up status for an interface or connection Indicates that data traffic is encrypted Triggers a WLAN bands...

Page 106: ...st Structure of the Funkwerk Configuration Interface configuration menus The menus of the Funkwerk Configuration Interface contain the following basic struc tures Funkwerk Configuration Interface menu...

Page 107: ...mpty text field Text field with hidden input Enter the data Radio buttons e g Select the corresponding option Checkboxes e g activation by selecting checkbox Selection of several possible options Drop...

Page 108: ...at values were entered or selected incorrectly Pay particular attention to the following message Warning changes not supported by the Setup Tool If you makes these changes with the Funkwerk Configurat...

Page 109: ...e interfaces of your device are to run routing or bridging and if necessary can define bridge groups Administrative Access In this menu you configure the access options for the individual interfaces R...

Page 110: ...figure application controlled bandwidth management Multicast In this menu you configure the use of multimedia streaming protocols for e g voice over IP or video and audio streaming e g IPTV or Webradi...

Page 111: ...basic settings for the telephony and answering machine part of your system Line Configuration In this menu you define the access configuration point to multipoint point to point or POTS You can also...

Page 112: ...u you configure the dynamic name resolution DHCP Server In this menu you configure your device as a DHCP server Web Filter In this menu you configure the use of the URL based Proventia Web Filter from...

Page 113: ...nting In this menu you decide for which interfaces accounting mes sages are to be generated SNMP In this menu you configure whether the device is to listen for external SNMP accesses and send SNMP tra...

Page 114: ...device performs a software update via a serial interface with XMODEM 4 Delete configuration The device is reset to the ex works state All configuration files are deleted and the BOOTmonitor settings...

Page 115: ...conds the device changes back to normal operating mode Note If you change the baud rate the preset value is 9600 baud make sure the terminal program used also uses this baud rate If this is not the ca...

Page 116: ...ice s status page is dis played which shows the most important system information You see an overview of the following data System status Your device s activities Resource utilisation active sessions...

Page 117: ...d system time Serial Number Displays the device serial number BOSS Version Displays the currently loaded version of the system software Fields in the Status Resource Information menu Field Value CPU U...

Page 118: ...are shown The system also displays whether the inter face is connected or active Interface Specifics for WLAN Interfaces Access Point Mode Operation Mode The channel used on this wireless module Numbe...

Page 119: ...ible The device type is entered as the default value Location Enter the location of your device Contact Enter the relevant contact person Here you can enter the e mail address of the system administra...

Page 120: ...r basic system setting Fig 23 System Management Global Settings Passwords Note All funkwerk devices are shipped with the same user names and passwords As long as the password remains unchanged they ar...

Page 121: ...in the Passwords Global Password Options menu Field Value Show Passwords and Keys in Clear Text Define whether the passwords are to be displayed in clear text plain text The function is activated wit...

Page 122: ...y on the device Note If a method for automatically deriving the time is defined on the device the values ob tained in this way automatically have higher priority A manually entered system time is ther...

Page 123: ...ctivate the ISDN function The function is activated with The function is activated by default Primary Timeserver Enter the first time server by using either a domain name or an IP address Also select...

Page 124: ...domain name or an IP address Also select the protocol for the time server query Possible values 0 default value This server uses the simple network time protocol with UDP port 123 59 This server uses...

Page 125: ...on the device To ensure this is the case for Time Update Policy select the value Internal Time Server Select whether the internal time server is to be used The function is activated by choosing Time...

Page 126: ...this data in the System Administration Global Settings System Licenses New menu In the System Administration Global Settings System Licenses menu a list of all registered licenses is shown Description...

Page 127: ...Basic Parameters menu Field Value Licence Serial Number Enter the licence serial number you received when you bought the licence Licence Key Enter the licence key you received by e mail Note If 3 is d...

Page 128: ...ent of higher level protocols and trans mit data packets using MAC addresses Data transmission is transparent which means the information contained in the data packets is not interpreted With routing...

Page 129: ...ype b Number of the wireless module on which the WDS link or bridge link is configured c Number of the WDS link or bridge link Example first WDS link or bridge link on the first wireless module The na...

Page 130: ...Description The serial number of the interface is displayed here Interface Description The name of the interface is displayed here Mode Bridge Group Here you select whether you want to run the interf...

Page 131: ...P address when it is taken out of the group 6 4 Administrative Access In this menu you can configure the administrative access to the device 6 4 1 Access In the Administrative Access Access menu a lis...

Page 132: ...Feld Beschreibung Interface Select the interface for which the administrative access is to be configured 6 4 2 SSH Your devices offers encrypted access to the shell You can enable enabled default val...

Page 133: ...he shell of your device via an SSH client make sure the settings for the SSH Daemon and SSH client are the same Note If configuration of an SSH connection is not possible restart the device to initial...

Page 134: ...e Fatal and simple errors of the SSH Daemon and information messages are recorded 6 Only fatal errors of the SSH Daemon are recorded Fatal and simple errors of the SSH Daemon are re corded 9 All messa...

Page 135: ...tus 5 is displayed generation of a key is not possible for example because there is not enough space in the FlashROM DSA Key Status The status of the DSA key is displayed here If a DSA key has not bee...

Page 136: ...ables and variables and defined in the MIB Management Information Base This contains all the configuration and status variables of the device SNMP can be used to perform the following network manageme...

Page 137: ...ll data unencrypted 6 5 Remote Authentication This menu contains the settings for user authentication 6 5 1 RADIUS RADIUS Remote Authentication Dial In User Service is a service that enables authentic...

Page 138: ...CCESS_REQUEST Client Server If an access request is received by your device a request is sent to the RADIUS server if no corresponding connection part ner has been found on your device ACCESS_ACCEPT S...

Page 139: ...l re gistered RADIUS servers is displayed 6 5 1 1 Edit New Choose the icon to edit existing entries Choose the New button to add RADIUS serv ers Fig 31 System Management Remote Authentication RADIUS N...

Page 140: ...r communication between the RADIUS server and your device Priority If a number of RADIUS server entries were created the server with the highest priority is used first If this server does not an swer...

Page 141: ...illiseconds After timeout the request is repeated according to Retries or the next configured RADIUS server is requested Possible values are whole numbers between and The default value is 1 second Ali...

Page 142: ...The function is activated by choosing The function is not activated by default If the function is active you can enter the following options Enter the time period in seconds between the update interva...

Page 143: ...Choose the icon to edit existing entries Choose the New button to add TACACS serv ers Fig 32 System Management Remote Authentication TACACS New The System Management Remote Authentication TACACS New m...

Page 144: ...is used The available values are to the default value is Entry Active Select whether this server is to be used for login authentication The function is activated by choosing The function is activated...

Page 145: ...queried Encryption Select whether data exchange between the TACACS server and the NAS is to be encrypted with MD5 The function is activated by choosing The function is activated by default If the fun...

Page 146: ...tication sequence is used for in coming calls with RADIUS First CLID then PPP and then PPP with RADIUS Options Only inband RADIUS requests PAP CHAP MS CHAP V1 V2 i e PPP requests without CLID are sent...

Page 147: ...e configured with the IP Address and Netmask To ensure your device can be reached when splitting ports make sure that Ethernet inter face is assigned with the preconfigured IP address and netmask to a...

Page 148: ...available for all the ports together Fig 34 Physical Interfaces Ethernet Ports Port Configuration The Physical Interfaces Ethernet Ports Port Configuration menu consists of the following fields Fields...

Page 149: ...inactive Current Speed Mode Displays the actual mode and actual speed of the interface Possible values 6 9 A 9 6 9 A 9 7 2 ADSL Modem 7 2 1 ADSL Configuration In this menu you make the basic settings...

Page 150: ...nnection The current ADSL operating mode is displayed here The value cannot be changed Possible values 5 The ADSL link is not active 0 ANSI T1 413 90 ADSL classic G DMT ITU G 992 1 Splitterless ADSL I...

Page 151: ...es default value The ADSL mode is auto matically adapted for the remote terminal 90 ADSL1 G DMT is used 90 ADSL2 G 992 3 is used 90 ADSL2 Plus G 992 5 is used 90 ADSL2 Plus G 992 3 Annex M is used The...

Page 152: ...the value entered in Maximum Upstream Bandwidth The default value is 9 0 Maximum upstream bandwidth Only if Transmit Shaping 5 Enter the maximum data rate in the send direction in bits per second 7 Ph...

Page 153: ...ou can use the New button to create virtual interfaces However this is only needed in special applications e g BRRP Depending on the option selected different fields and options are available All the...

Page 154: ...Based on Ethernet Inter face This field is only displayed if you are editing a virtual routing in terface Select the Ethernet interface for which the virtual interface is to be configured Address Mode...

Page 155: ...the MAC address of the physical inter face under which the virtual interface was created but this is not necessary You can also allocate a virtual MAC address The first 6 characters of the MAC are pr...

Page 156: ...d remote terminals The function is activated by choosing The function is not activated by default 8 2 VLAN By implementing VLAN segmentation in accordance with 802 1Q you can configure VLANs on your d...

Page 157: ...the VLAN menu you can make all the settings needed for this and query their status Caution For interfaces that operate in Routing mode you only assign a VLAN ID to the inter face You define this via...

Page 158: ...he LAN VLAN VLANs Edit New menu consists of the following fields Fields in the Configure VLAN menu Field Description VLAN Identifier Enter the number that identifies the VLAN In the Edit menu you can...

Page 159: ...consists of the following fields Fields in the Port Configuration menu Field Description Interface The port for which you define the PVID and processing rules is displayed here Port VLAN Identifier P...

Page 160: ...ely for each bridge group Fig 40 LAN VLAN Administration The LAN VLAN Administration menu consists of the following fields Fields in the Bridge Group br ID VLAN Options menu Field Description Enable V...

Page 161: ...Hz which ensures that parts of the building are penetrated as effect ively as possible with a low transmission power that poses no health risks A 802 11g compatible standard is 802 11b which operates...

Page 162: ...configura tion options for the WLAN module is shown Fig 41 Wireless LAN WLANx Radio Settings The Wireless LAN WLANx Radio Settings menu consists of the following fields 9 1 1 1 Radio Settings Edit In...

Page 163: ...cess point is run within or outside buildings Channel Enter the channel to be used The number of channels you can selected depends on the country setting Please consult the data sheet for your device...

Page 164: ...dent Possible values 2 B default value 2 B 2 B 2 B 2 B Fields in the Performance Settings menu Field Description Wireless Mode Select the wireless technology that the access point is to use Possible v...

Page 165: ...hardware this field not should be set to 9 1 2 Virtual Service Sets If you operate your device in access point mode Wireless LAN WLANx Radio Set tings Operating Mode you can set up and edit the desir...

Page 166: ...s even sensitive data from being transferred via a radio path without fear of it being stolen IEEE 802 11i Standard IEEE 802 11i for wireless systems contains basic security specifications for wire le...

Page 167: ...ble encryption methods To do this select Security Mode 2 2 2 03 or 2 or both and enter the relevant key in the access point under WEP Key1 4 or Preshared Key and in the WLAN clients The WEP key should...

Page 168: ...n is activated by choosing The function is activated by default Intra cell Repeating Select whether communication between the WLAN clients is to be permitted within a radio cell The function is activa...

Page 169: ...ey 2 802 11i TKIP Only if Security Mode 2 2 Select one of the keys configured in WEP Key 1 4 as the default key The default value is 3 Transmit Key Only if Security Mode 2 2 Select one of the keys con...

Page 170: ...MAC Filter menu Field Description ACL Mode Select whether only certain clients are to be permitted for this wireless network The function is activated by choosing The function is not activated by def...

Page 171: ...ion menu Field Description Region Select the country in which the access point is to be run Possible values are all the countries configured on the gate way s wireless module The range of channels ava...

Page 172: ...f all configured routes is shown 10 1 1 1 New Choose the New button to create routes Fig 45 Routing Routes IP Routes New with Route Class 0 If the option is selected for Route Class an extra configura...

Page 173: ...ble values 9 default value A route is created with gen eral routing parameters A route is created with extended routing parameters such as source interface and source IP address as well as protocol so...

Page 174: ...to be used for this route Network Type Not for Route Type 0 Also select the network type Possible values 9 default value in the LAN You define another IP address for the interface in the WAN You defin...

Page 175: ...le values 4 4 59 0 A 0 6 I The default value is I Source Port Only if Layer 4 Protocol 4 or 59 Enter the source port First select the port number range Possible values default value The route is valid...

Page 176: ...5535 Entry of unprivileged port numbers 1024 65535 Enter the appropriate values for the indivividual port or start port of a range in Port and for a range the end port in to Port DSCP TOS Value Select...

Page 177: ...the interface is dormant then dial and wait until the interface is up In this case an alternative interface with a poorer metric is used for routing until the interface is up 10 1 2 Options Back Rout...

Page 178: ...ossible values Back Route Verify is activ ated for all interfaces 0 default value A list of all interfaces is displayed in which Back Route Verify is only enabled for specific interfaces 9 Back Route...

Page 179: ...utes menu The function is activated with By default the function is deactivated for all interfaces 10 2 NAT 10 2 1 NAT Interfaces Network Address Translation NAT is a function on your device for defin...

Page 180: ...are to be silently denied by NAT If this function is deactivated the sender of the denied IP packet is informed by means of an ICMP or TCP RST message The function is not activated by default PPTP Pa...

Page 181: ...as been configured 10 2 2 1 New Choose the New button to set up port forwarding for other interfaces Fig 49 Routing NAT Portforwarding New The Routing NAT Portforwarding New menu consists of the follo...

Page 182: ...ing is defined for in coming connections Possible values 5 default value 9 0 59 9 0 4 6 A A 0 0 00A Protocol Only if Services 5 Select the protocol Possible values I default value 4 4 5 4 59 A 10 Rout...

Page 183: ...led by default so that you can enter the IP address manually Port Only if Service 5 First select whether all connections are to be permitted or whether a certain port or port range is to be defined Po...

Page 184: ...e port is to be used by enabling the Original option In this case enter the value in the port num ber input field Or disable the Original option and enter a port number 10 3 RIP The entries in the rou...

Page 185: ...ast 300 seconds Garbage Collection Timer Route Timeout Routes learnt with triggered RIP are not deleted Your device supports both version 1 and version 2 of RIP either individually or together 10 3 1...

Page 186: ...ble values default value RIP is not activate Enables sending and receiving RIP packets of ver sion 1 Enables sending and receiving RIP packets of ver sion 2 Enables sending and receiving RIP packets o...

Page 187: ...set the time at which any activ ated routing protocols e g RIP are to propagate the IP routes defined for this interface Note This setting does not affect the interface specific RIP con figuration me...

Page 188: ...no entry this corresponds to the IP address 0 0 0 0 with Netmask 255 255 255 255 In the Routing RIP RIP Filters menu a list of all RIP filters is shown Fig 52 Routing RIP RIP Filters You can use the b...

Page 189: ...coming and outgoing RIP packets import or ex port for the same IP address must be separately configured You can enter individual host addresses or network addresses Direction Select whether the filter...

Page 190: ...ns Fig 54 Routing RIP RIP Options The Routing RIP RIP Options menu consists of the following fields Fields in the RIP Options Global RIP Parameters menu Field Description RIP UDP Port The setting opti...

Page 191: ...ble Timer For the timers described in RFC 2453 select whether the same values that you can configure in the Timer for RIP V2 RFC 2453 menu The function is activated with The function is activated by d...

Page 192: ...he IPROUTETABLE if no update is carried out for the route The default value is seconds Fields in the RIP Options Timer for Triggered RIP RFC 2091 menu Field Description Hold Down Timer Only for RFC 20...

Page 193: ...th different providers Session based load balancing is achieved Related dependent sessions are always routed over the same interface A decision on distribution is only made for outgoing sessions In th...

Page 194: ...th the send and receive direction Consider Only for Load Balancing Policy B Choose the direction in which the current data rate is to be con sidered Options 9 Only the data rate in the receive directi...

Page 195: ...g TriplePlay voice video data Multicast is a cost effective solution for effective use of bandwidth because the sender of the data packet which can be received by several re cipients only needs to sen...

Page 196: ...the subnet This is achieved by means of Membership Management protocols such as IGMP for IPv4 and MLP for IPv6 Membership Management protocol In IPv4 IGMP Internet Group Management Protocol is a proto...

Page 197: ...ets can be forwarded to the groups specified in the forwarding request 10 5 1 Forwarding In this menu you specify which multicast groups are always forwarded between the inter faces of your device 10...

Page 198: ...IGMP IGMP Internet Group Management Protocol see RFC 3376 is used to signal the informa tion about group membership in a subnet As a result only the packets explicitly wanted by a host enter the subn...

Page 199: ...t and responses are accepted Query Interval Enter the interval in seconds in which IGMP queries are to be sent Possible values are to The default value is Maximum Response Time For the sending of quer...

Page 200: ...l it will be more quickly detected that the last member has left a group so that no more packets for this group should be forwarded to this interface Maximum number of IG MP status messages Limit the...

Page 201: ...IGMP on your system You can also define whether IGMP is to be used in compatibility mode or only IGMP V3 hosts are to be accep ted Fig 59 Routing Multicast Options The menu Routing Multicast Options c...

Page 202: ...imum groups Enter the maximum number of groups to be permitted both in ternally and in reports Maximum sources Enter the maximum number of sources that are specified in ver sion 3 reports and the maxi...

Page 203: ...otocols You can also configure Internet access over ISDN Note Note your provider s instructions Dialin connections over ISDN are used to establish a connection to networks or hosts out side your LANs...

Page 204: ...e If for example you configure both Internet access and a corporate network connection enter a default route to the ISP and a network route to the head office You can enter several default routes on y...

Page 205: ...traffic drops the additional B channels are closed again Static In static channel bundling you specify right from the start how many B channels your device is to use for connections regardless of the...

Page 206: ...cription Description Enter a name to uniquely identify the PPPoE partner The first character in this field must not be a number and no special characters or umlauts must be used either PPPoE Mode Sele...

Page 207: ...if PPPoE Mode 0 Select the Ethernet interface specified for a standard PPPoE connection If you want to use an external DSL modem select the Ethernet port to which the modem is connected When using the...

Page 208: ...ther your device is to be assigned a static IP address or whether it should be assigned this dynamically Possible values default value Your device is dynamic ally assigned an IP address 0 You enter a...

Page 209: ...entication Select the authentication protocol for this connection partner Select the authentication specified by your provider Possible values default value Only run PPP Password Authentica tion Proto...

Page 210: ...availability of the remote terminal is to be checked by sending LCP echo requests or replies This makes it possible to switch to a backup connection more quickly in the event of line faults The functi...

Page 211: ...he internet connection The first character in this field must not be a number and no special characters or umlauts must be used either PPTP Interface Select the IP interface over which packets are to...

Page 212: ...the idle interval in seconds This determines how many seconds should pass between sending the last traffic data pack et and clearing the connection Possible values are to seconds deactivates the timeo...

Page 213: ...r this PPTP partner Add a new entry with Add IP address of the destination host or destination network Netmask of Remote IP Address If no entry is made your device uses a default netmask The lower the...

Page 214: ...ses for primary DNS server and secondary DNS server from the connection partner or sends these to the connection partner The function is activated with The function is activated by default Prioritize...

Page 215: ...Internet Dialup PPPoA menu a list of all PPPoA interfaces is shown In this menu you configure a xDSL connection used to set up PPPoA connections With PPPoA the connection is configured so that the PP...

Page 216: ...er in this field must not be a number and no special characters or umlauts must be used either ATM PVC Select an ATM profile created in the ATM Profiles menu in dicated by the global identifiers VPI a...

Page 217: ...for FTP transmission for LAN to LAN transmis sion for Internet connections Fields in the IP Mode and Routes menu Field Description IP Address Mode Choose whether your device has a static IP address o...

Page 218: ...he wait time in seconds before the device should try again after an attempt to set up a connection has failed The de fault value is PPP Authentication Select the authentication protocol for this Inter...

Page 219: ...he function is activated with The function is not activated by default LCP Alive Check Check whether the availability of the remote terminal is to be checked by sending LCP echo requests or replies Th...

Page 220: ...Dialup ISDN New menu consists of the following fields Fields in the Basic Parameters menu Field Description Description Enter a name for uniquely identifying the connection partner 11 WAN Funkwerk En...

Page 221: ...ssword Enter the password Always on Select whether the interface should always be activated The function is activated with The function is not activated by default Only activate this option if you hav...

Page 222: ...Only if IP Address Mode 0 and When you configure an ISDN Internet connection specify whether Network Address Translation NAT is to be activated The function is activated with The function is not activ...

Page 223: ...No special type is selected 9 The interface is used for incoming dialup connections and callbacks initiated externally 5 9 The interface is defined as multi user connection partner i e several clients...

Page 224: ...back Mode function Possible values default value Your device does not call back Select one of the following options Your device calls the connection partner to request a callback 2 4 Your device calls...

Page 225: ...ether channel bundling is to be used for ISDN connec tions with the connection partner and if so what type Your device supports dynamic and static channel bundling for dialup connections Only one B ch...

Page 226: ...scription OSPF Mode Select whether and how routes are propagated via the interface and or OSPF protocol packets are sent Possible values default value OSPF is not activated for this inter face i e no...

Page 227: ...Your device can operate as a dynamic IP address server for PPP connections You can use this function by providing one or more pools of IP addresses These IP addresses can be assigned to dialling in co...

Page 228: ...cond field enter the last IP address of the range 11 2 ATM 11 2 1 Profiles In the WAN ATM Profiles menu a list of all ATM profiles is shown If the connection for your Internet access is set up using t...

Page 229: ...TM Profiles New The WAN ATM Profiles New menu consists of the following fields Fields in the ATM Profiles Parameter menu Field Description Provider Select one of the preconfigured ATM profiles for you...

Page 230: ...tual path to be used Note your pro vider s instructions Possible values are to The default value is Virtual Channel Identifier VCI Only for Provider 5 Enter the VCI value of the ATM connection The VCI...

Page 231: ...ence checksums Fields in the Settings for Ethernet over ATM menu only shown for Type Ethernet over ATM Field Description Default Ethernet for PPPoE Interfaces Only for Type Select whether this Etherne...

Page 232: ...Use Pre configured option default setting in which case the MAC address of is used DHCP Hostname Only if Address Mode 9A4 If necessary enter the host name registered with the provider to be used by yo...

Page 233: ...rtual Circuit already configured with specific assigned data traffic parameters is shown Your device supports QoS Quality of Service for ATM interfaces Caution ATM QoS should only be used if your prov...

Page 234: ...service category a priority is implicitly assigned from CBR highest priority through VBR 1 VBR 3 to VBR lowest priority Possible settings 5 B 5B default value Unspecified Bit Rate A particular data ra...

Page 235: ...based on the utilisation of the destination network i e is discarded if ne cessary The Peak Cell Rate PCR represents the maximum possible data rate This category is suitable for critical applica tion...

Page 236: ...ved This is ensured without a specific OAM configuration for both flow level 4 and flow level 5 Two mechanisms are available for monitoring the ATM connection Loopback Tests and OAM Continuity Check O...

Page 237: ...ttings are used for the vir tual path Virtual Channel Connec tion VCC Only for OAM Flow Level Select the already configured ATM connection to be monitored displayed by the combination of VPI and VCI V...

Page 238: ...The default value is Loopback Segment Select whether you want to activate the loopback test for the segment connection segment connection of the local end point to the next connection point of the VCC...

Page 239: ...s are either sent and or responded to There is no CC negotiation The function is not enabled Also select whether the test cells of the OAM CC are to be sent or received Possible values B default value...

Page 240: ...voice data packets normally have the highest priority Nevertheless if the upstream bandwidth is low noticeable delays in speach transmission can occur when other packets are routed at the same time Th...

Page 241: ...faces voice transmission is to be optimised Control Mode Select the mode for the optimisation Possible values 4 0 By means of the data routed via the media gateway the system detects voice data traffi...

Page 242: ...The IPSec implementation can also be smoothly integrated in a Public Key Infrastructure PKI The funkwerk IPSec implementation achieves this firstly by using the Authentication Header AH protocol and E...

Page 243: ...1 New Choose the New button to set up more IPSec peers Fig 70 VPN IPSec IPSec Peers New The VPN IPSec IPSec Peers New menu consists of the following fields Fields in the Peer Parameters menu Field Des...

Page 244: ...hereby your device then cannot initiate an IPSec connection Peer ID Select the ID type and enter the peer ID This entry is not necessary in certain configurations The maximum length of the entry is 25...

Page 245: ...nced Settings Advanced IPSec Options menu Field Description Phase 1 Profile For phase 1 select a profile already configured in the Phase 1 Profiles menu You can also select the profile marked as the d...

Page 246: ...peer 5 9 Your device only responds to an ARP re quest if the status of the connection to the IPSec peer is 5 active or 9 In the case of 9 your device only responds to the ARP request the connection i...

Page 247: ...1 Profiles In the Standard column you can mark the profile to be used as the default profile 12 1 2 1 New Choose the New button to set up new profiles Funkwerk Enterprise Communications GmbH 12 VPN f...

Page 248: ...e 1 on your device The combination of six encryption algorithms and four message hash algorithms gives 24 possible values in this field At least one proposal must exist Therefore the first line of the...

Page 249: ...l Secur ity Association It is rated as secure but is slower than MD5 It is used with a 96 bit digest length for IPSec 9 RipeMD 160 is a 160 bit hash algorithm It is used as a secure replacement for MD...

Page 250: ...nt of data processed in Kbytes The value can be a whole number from 0 to 2147483647 The default value is The standard value as per RFC is used if seconds and KBytes are entered Authentication Method S...

Page 251: ...lcula tion and thus for configuring a secure channel over which the IPSec SAs can be negotiated A condition is that both peers have static IP addresses if preshared keys are used for au thentication A...

Page 252: ...o mechanisms are available Heartbeats and Dead Peer Detection The Advanced Settingsmenu consists of the following fields Fields in the Advanced Settings menu Field Description Alive Check Select the m...

Page 253: ...means the value in the default profile is used and means that the peer is never blocked The default value is NAT Traversal NAT Traversal NAT T also enables IPSec tunnels to be opened via one or more...

Page 254: ...ust as for phase 1 In the VPN IPSec Phase 2 Profiles menu a list of all configured IPSec phase 2 pro files is shown Fig 73 VPN IPSec Phase 2 Profiles In the Standard column you can mark the profile to...

Page 255: ...ault The combination of six encryption algorithms and two message hash algorithms gives 12 possible values in this field Encryption algorithms Encryption 9 0 default value 3DES is an extension of the...

Page 256: ...ve length of 56 bits Hash algorithms Authentication 9 default value MD 5 Message Digest 5 is an older hash algorithm It is used with a 96 bit digest length for IPSec All options can be used 0A SHA1 Se...

Page 257: ...the lifetime for phase 2 key in seconds The value can be a whole number from to 1 1 The default value is 1 Entry in 3B Enter the lifetime for phase 2 keys as amount of data processed in Kbytes The val...

Page 258: ...r manufacturers A Your device expects a heartbeat from the peer but does not send one itself A 0 Your device expects no heart beat from the peer but sends one itself A K Your device expects a heartbea...

Page 259: ...IPSec Select whether you want to activate IPSec The function is activated with The function is active as soon as an IPSec Peer is configured IPSec Debug Level Select the priority of the syslog messag...

Page 260: ...Settingsmenu consists of the following fields Fields in the Advanced Settings menu Field Description Send Initial Contact Select whether IKE Initial Contact messages are to be sent dur ing IKE phase 1...

Page 261: ...nd during IKE phase 1 are to be ignored The function is activated with The function is not activated by default Send Certificate Re quest Payloads Select whether certificate requests are to be sent du...

Page 262: ...he following two modes L2TP LNS Mode L2TP Network Server for incoming connections only L2TP LAC Mode L2TP Access Concentrator for outgoing connections only Note the following when configuring the serv...

Page 263: ...Local Hostname Enter the host name for LNS or LAC LAC The Local Host Name is used in outgoing tunnel set up messages to identify this device and is associated with the Remote Host Name of a tunnel pr...

Page 264: ...me and the Pass word contained in the SCCRQ of the LAC and compares them with those specified in the relevant profile The LAC does the same with the fields of the SCCRP of the LNS If this field remain...

Page 265: ...P tun nel Hello Interval Enter the interval in seconds between the sending of two L2TP HELLO messages These messages are used to keep the tun nel open The available values are to the default value is...

Page 266: ...whether your device is to use sequence numbers for data packets sent through a tunnel on the basis of this profile The function is not currently used The function is activated with The function is no...

Page 267: ...nu Field Description Description Enter a name for uniquely identifying the L2TP partner The first character in this field must not be a number and no special characters or umlauts must be used either...

Page 268: ...on to this L2TP partner User name Enter the code of your device Password Enter the password Always on Select whether the interface should always be activated The function is activated with The functio...

Page 269: ...y default Create NAT Policy Only if IP Address Mode and 0 Specify whether Network Address Translation NAT is to be ac tivated for this connection The function is activated with The function is not act...

Page 270: ...C 1994 the password is transferred encrypted 4A Primarily run CHAP otherwise PAP 0 4A Only run MS CHAP version 1 PPP Microsoft Challenge Handshake Authentication Protocol 0 4A Run MS CHAP version 2 on...

Page 271: ...not activated for this inter face i e no routes are propagated or OSPF protocol packets sent over this interface Networks reachable over this inter face are however included when calculating the rout...

Page 272: ...S server secondary DNS server primary WINS and sec ondary WINS from the L2TP partner or sends these to the L2TP partner The function is activated with The function is activated by default 12 2 3 Optio...

Page 273: ...g IP connection First a connection to an ISP Internet Service Provider is set up at both sites Once these connections are available a tunnel is set up to the PPTP partner over the Internet using PPTP...

Page 274: ...PPTP Tunnel New The VPN PPTP PPTP Tunnel New menu consists of the following fields Fields in the PPTP Tunnel PPTP Partner Parameter menu Field Description Description Enter a unique name for the tunn...

Page 275: ...is activated with The function is not activated by default Inactivity Timeout Only if Always Active Flatrate mode is disabled Enter the idle interval in seconds This determines how many seconds should...

Page 276: ...he IP address from your LAN that is to be used as in ternal source address to the PPTP interface Route Entries Only if IP Address Mode 0 Define routing entries for this connection partner IP address o...

Page 277: ...CHAP version 1 PPP Microsoft Challenge Handshake Authentication Protocol 0 4A Run MS CHAP version 2 only Encryption If necessary select the type of encryption that should be used for data traffic to...

Page 278: ...your device is to answer APR requests from your LAN on behalf of the specific PPTP partner Possible values default value Disables Proxy ARP Address Resolution Protocol for this PPTP partner Your devic...

Page 279: ...ault Note that you must activate the relevant option on the gateways of both partners An ISDN connection is usually required for this function Without ISDN callback is only to be activated in spe cial...

Page 280: ...indows XP page and installed it Since in SP 1 Microsoft has changed the confirma tion algorithm in the GRE protocol the automatic window adapt ation for GRE must be turned off on the funkwerk side The...

Page 281: ...PN Certificates Certificate List menu a list of all available certificates is shown 12 4 1 1 Edit Click the icon to display the content of the selected object key certificate or request Fig 81 VPN Cer...

Page 282: ...the extent to which certificate revocation lists CRLs are to be included in the validation of certificates issued by the own er of this certificate Possible settings 9 No checking of CRLs CRLs are alw...

Page 283: ...rts separate registration authority certificates Registration authority certificates are used by some Certificate Authorities CAs to handle certain tasks signature and encryption during SCEP communica...

Page 284: ...tificate Request De scription Enter a unique description for the certificate Mode Select the way in which you want to request the certificate Possible settings default value Your device generates a PK...

Page 285: ...er the URL of the SCEP server e g ht tp scep funkwerk de 8080 scep scep dll Your CA administrator can provide you with the necessary data CA Certificate Only if Mode 04 9 In CA Name enter the name of...

Page 286: ...is used as for signing Password Only if Mode 04 You may need a password from the certification authority to ob tain certificates for your keys Enter the password you received from the certification au...

Page 287: ...cording to CA Organisation Only for User Defined disabled Enter the organisation according to CA Locality Only for User Defined disabled Enter the location according to CA State Province Only for User...

Page 288: ...ice automatically stores the various steps of the enrolment internally This is an advantage if enrol ment cannot be concluded immediately If the status has not been saved the enrolment cannot be compl...

Page 289: ...browser Local Certificate De scription Enter a unique description for the certificate File Encoding Select the type of coding so that your device can decode the certificate Possible values default va...

Page 290: ...the CRL Import menu Field Description External Filename Enter the file path and name of the CRL to be imported or use Browse to select it from the file browser Local Certificate De scription Enter a...

Page 291: ...ist of all certificate servers is shown 12 4 3 1 New Choose the New button to set up new certificate servers Fig 85 VPN Certificates Certificate Servers New The VPN Certificates Certificate Servers Ne...

Page 292: ...Field Description LDAP URL Path Enter the LDAP URL of the server 12 VPN Funkwerk Enterprise Communications GmbH 280 funkwerk TR200aw bw...

Page 293: ...ple configuration The configuration work for the SIF is com paratively straightforward with systems like Network Address Translation NAT and IP Ac cess Lists IPAL As SIF NAT and IPAL are active in the...

Page 294: ...is informed of the packet rejection The incoming packets are processed as follows The SIF first checks if an incoming packet can be assigned to an existing connection If so it is forwarded If the pack...

Page 295: ...s that if the first rule denies a packet whereas a later rule allows it the packet is rejected A deny rule also has no effect if a relevant packet has previously been allowed by another filter rule In...

Page 296: ...ess groups see Firewall Addresses Groups for selection The value means that neither the source interface nor the source address is checked Destination Select one of the preconfigured aliases for the d...

Page 297: ...ered packet Possible values default value The packets are forwarded on the basis of the entries 9 The packets are rejected L The packets are rejected An error message is is sued to the sender of the p...

Page 298: ...ata A 13 1 2 QoS More and more applications need increasingly larger bandwidths which are not always available Quality of Service QoS makes it possible to distribute the available bandwidths effective...

Page 299: ...ed with The function is not activated by default Specify Bandwidth Only for Data Traffic Shaping Enter the maximum available bandwidth in kbps for the selected interface Members This field contains a...

Page 300: ...dance with the priority defined in the firewall policy The option is deactivated by default 13 1 3 Options Fig 89 Firewall Policies Options The Firewall Policies Options menu consists of the following...

Page 301: ...red in seconds Possible values are to The default value is TCP Inactivity Enter the inactivity time after which a TCP session is to be re garded as expired in seconds Possible values are to The defaul...

Page 302: ...w interface groups Fig 90 Firewall Interfaces Groups New The Firewall Interfaces Groups New menu consists of the following fields Fields in the Basic Parameters menu Field Description Name Enter the d...

Page 303: ...esses Address List New menu consists of the following fields Fields in the Basic Parameters menu Field Description Alias Name Enter the desired description of the address Alias Type Select the type of...

Page 304: ...l Addresses Groups menu a list of all configured address groups is shown You can group together addresses This makes it easier to configure firewall rules 13 3 2 1 New Choose the New button to set up...

Page 305: ...Firewall Services Service List menu a list of all available services is shown 13 4 1 1 New Choose the New button to set up new services Fig 93 Firewall Services Service List New The Firewall Services...

Page 306: ...the upper limit here Possible values are to Source Port Range Only if Protocol 4 59 4 or 59 In the first field enter the source port to be checked if applic able If a port number range is specified i...

Page 307: ...A 5 13 4 2 Groups In the Firewall Services Groups menu a list of all configured service groups is shown You can group together services This makes it easier to configure firewall rules 13 4 2 1 New Ch...

Page 308: ...lds in the Basic Parameters menu Field Description Name Enter the desired description of the service group Members Select the members of the group from the available service ali ases To do this activa...

Page 309: ...ettings for the telephone part of your system Different settings may be required depending on the country in which you want to use the device Fig 95 PBX General Settings Basic Settings The PBX General...

Page 310: ...tional prefix A prefix is made up of the National prefix and the City code without national prefix The city code area code is used to determine the destination for long distance calls Enter the desir...

Page 311: ...te fre quency The charge pulse is used in the relevant terminals to display charges Select the frequency to be used for the charge pulse Possible values AH default value frequency in Germany and AH fr...

Page 312: ...caller receives a ringing tone and the called party is informed by a call waiting tone that a second caller is trying to reach him during a call 14 2 Line Configuration Your multifunctional gateway in...

Page 313: ...iption Access Configuration Select the desired access configuration Possible values default value 09 0 Name You can enter a name for the access configuration you selec ted A string of up to 32 charact...

Page 314: ...number has ended the end of dialling monitoring timer is started after each digit entered As soon as this timer has expired the device starts di alling Only change the basic timer setting if absolute...

Page 315: ...he POTS connection 14 2 2 1 New Edit Note Note that the New button is shown if or is selected in the Access Configuration menu Choose the New button to enter external telephone numbers Choose to chang...

Page 316: ...or point to multipoint connections you can enter up to 10 num bers MSN multiple subscriber number These MSNs are the external telephone numbers for your ISDN connection Make sure that the first MSN st...

Page 317: ...ernal Numbers Point to point menu Field Description Basic number For a point to point connection you receive a PBX number to gether with a 1 2 3 or 4 character extension number range This extension nu...

Page 318: ...menu the current VoIP config uration is shown After about one minute registration with the provider has taken place and the status is automatically set to active Fig 100 PBX Line Configuration VoIP C...

Page 319: ...hereby dormant up and down are possible Action You can change the status by clicking the arrow 14 2 3 1 New Choose the New button to define VoIP configurations Choose the icon to edit existing entries...

Page 320: ...number sup pression If you enable this function the number is always sent inde pendently of whether you have switched Suppress Outgoing CLIP CLIR see Extension on page 309 on or off for a sub scriber...

Page 321: ...14 3 1 Extension In the PBX Internal Numbers Extensions menu a list of all connection data is shown Fig 102 PBX Internal Numbers Extensions Values in the list Extension Field Description Extension Nu...

Page 322: ...connections 20 27 internal S0 connections 30 33 SIP connections and 40 and 41 are both CAPI connections 14 3 1 1 Edit Choose the icon to edit existing entries Fig 103 PBX Internal Numbers Extensions T...

Page 323: ...s set up over ISDN or the analogue connection depending on the device connection you are us ing You can also select a specific alternative via which the extern al connection is to be established if yo...

Page 324: ...Secondary Tele phonenumber Possible values By default the setting is deactivated with If under Primary Telephone Number you have selected an alternative connection you can select here a further conne...

Page 325: ...rt the computer on receiving an SMS message Note that a software for receiving SMS messages must be installed on the respective PC This function is not activated by default MAC Address Enter the MAC a...

Page 326: ...even if the extension user is not subject to di alling restrictions he cannot make international calls if the coun try code 001 is blocked under PBX Call Routing Call Fil ter Blacklist This function i...

Page 327: ...on Extension Number Displays the subscriber s number Extension Name Displays the subscriber s name Type Displays the type of call forwarding Target Number s Displays the target number to which the cal...

Page 328: ...are defined by default You can also change the exten sion user number under PBX Internal Numbers Exten sions Type Select the type of call forwarding you want to define for the sub scriber Possible val...

Page 329: ...telephone for example the call is forwarded to another number e g your mobile phone after a short period If you are making a call at your desk other caller may receive the busy signal You can forward...

Page 330: ...nu Field Description Operating status Select whether the 4 0 function should be activated The function is activated by choosing The function is not activated by default Field in the Calendar Settings...

Page 331: ...14 4 2 Call Groups You use the call assignment function to define which internal telephones are to ring in the event of an external call You can also use the call assignment in conjunction with the c...

Page 332: ...tion the PBX number together with the direct dial in number Call Assignment Only if the Operating Status in the Calendar is disabled Displays the numbers of the internal telephones that are to ring in...

Page 333: ...er is activated by choosing By default certain internal number are already activate when the window is opened 14 5 Call Routing In the PBX Call Routing menu you can configure the parameters for the Di...

Page 334: ...the PBX automatically dials the defined direct call num ber if nothing else is dialled in the meantime You can define up to 10 direct call numbers 14 5 1 1 New Choose the New button to set up a new d...

Page 335: ...ut through from the PBX via another external connection An employee can call in to the company from his or her home office for example and call a customer from the office number For the customer it th...

Page 336: ...st be assigned to an external number in your system see Fields in the External Numbers menu on page 304 or Fields in the External Numbers Point to point menu on page 305 If this condition is met you c...

Page 337: ...ered by the user to confirm his entitlement to use the call through connection The default value must be replaced with another six digit number Checking Incoming Number CLID In addition the the PIN2 C...

Page 338: ...bers which can always be used regardless of the degree to which the PBX is being used the user s dial permission or automatic route selection You can define up to 10 emergency numbers 14 5 3 1 New Pre...

Page 339: ...ine restrictions for external dialling for certain terminals You can lock up to 30 telephone numbers You can remove this lock in some cases using the enabled numbers For example you can lock a prefix...

Page 340: ...omatic Route Selection In this menu you can determine which connections are to by made via the ISDN or POTS interface or by VoIP and with which provider You can define up to 50 automatic route se lect...

Page 341: ...Route Selection Numbers Routing 14 6 1 1 New Click on the New button to form groups and assign them a provider Select the icon to edit existing entries Funkwerk Enterprise Communications GmbH 14 PBX f...

Page 342: ...ers dialed through a specific provider Extensions Define the group members here In the Name area enter a name for the current group member In the Number area add the prefix code of the current group m...

Page 343: ...er You can set up a list of the providers that you wish to use 14 6 2 1 New Select the New button to create a new provider Choose the icon to edit an existing entry Fig 116 PBX Automatic Route Selecti...

Page 344: ...listed under PBX Line Configuration VoIP Configuration Precall Number Enter the prefix code for this provider 14 7 Internal Phonebook 14 7 1 Phone Book Entries Your system has an Internal Phonebook Y...

Page 345: ...e Internal Phone Book Speeddial number You can enter a speed dial number for the subscriber here Call Through Select whether the telephone number is to be approved for the Call Through function see Ca...

Page 346: ...of all connection data is shown Note In the menu PBX Internal Numbers Extensions Advanced Settings you can enable the selected internal number for the 4 function i e you can define whether connection...

Page 347: ...party number for incoming calls Subscriber Displays internal numbers see Values in the list Extension on page 309 Duration Displays the duration of the call Direction Shows whether the call was incom...

Page 348: ...verview of DNS requests on your device Global Name Server The IP addresses of global name servers that are queried if your device is unable to an swer requests itself or by forwarding entries are ente...

Page 349: ...If one of the DNS servers can resolve the name the information is forwarded and a dy namic entry created in the cache 5 Otherwise if overwriting the addresses of the global name servers is allowed DN...

Page 350: ...me Enter the standard domain name of your device DNS Server Configura tion Select whether the addresses of the global name server on your device can be overwritten by transferred name server ad dresse...

Page 351: ...by choosing The function is activated by default Negative Cache Select whether the negative dynamic cache is to be activated i e whether queried names for which a DNS server has sent a negative respo...

Page 352: ...uitable connection partner configured in the system IP Address to use for DNS WINS Server As signment as a DHCP server Select which name server addresses are sent to the DHCP cli ent if your device is...

Page 353: ...rvices DNS Static Hosts New The Local Services DNS Static Hosts New menu consists of the following fields Fields in the Basic Parameters menu Field Description Name Enter the host name to which the IP...

Page 354: ...IP address A DNS request is ignored no answer is given IP Address Only if Response Enter the IP address assigned to Name TTL Enter the the time for which the assignment of Name to IP Ad dress is to b...

Page 355: ...omain is to be forwarded Possible values A default value 9 Host Only for Forward A Enter the name of the host to be forwarded The entry can also start with the wildcard e g funkwerk com If a name is e...

Page 356: ...orwarded to the defined Interface 9 0 0 The request is forwarded to the defined DNS server Interface Only for Forward to Select the interface via which the requests for the defined Do main are receive...

Page 357: ...Select All button A dynamic entry can be converted to a static entry by marking the entry and confirming with Set to Static This entry then disappears from the list and is included in the list in the...

Page 358: ...quests Invalid DNS Packets Shows the number of invalid DNS packets received and ad dressed direct to your device DNS Requests Shows the number of valid DNS requests received and ad dressed direct to y...

Page 359: ...name means that you define an individual user name for the DynDNS service e g N The service providers offer various domain names for this so that a unique host name results for your device e g N The D...

Page 360: ...e IP address is to be propagated over the DynDNS service e g the interface of the Internet Ser vice Provider User name Enter the user name as registered with the DynDNS provider Password Enter the pas...

Page 361: ...be forwarded if the host currently configured is not to receive mail Ask your provider about this forwarding service and make sure e mails can be received from the host entered as MX Wildcard Select w...

Page 362: ...the server on which the provider s DynDNS service runs Update Path Enter enter the path on the provider s server that contains the script for managing the IP address of your device Ask your provider f...

Page 363: ...defined IP address pool A PC sends out an ARP re quest and in turn receives its IP address assigned by your device You therefore do not need to allocate fixed IP addresses to PCs which reduces the amo...

Page 364: ...r DHCP Pool New menu consists of the following fields Fields in the Basic Parameters menu Field Description Interface Select the interface over which the addresses defined in IP Range are to be assign...

Page 365: ...gned by the server The default value is 15 3 2 IP MAC Binding In the Local Services DHCP Server IP MAC Binding menu a list is shown of all cli ents that have received an IP address from your device vi...

Page 366: ...the name of the host to the MAC Address of which the IP Address is to be bound A character string of up to 256 characters is possible IP Address Enter the IP address to be assigned to the MAC address...

Page 367: ...this to the client in the local network Fig 128 Local Services DHCP Server DHCP Relay Settings The Local Services DHCP Server DHCP Relay Settings menu consists of the fol lowing fields Fields in the B...

Page 368: ...sification is configured on your device 15 4 1 Global Settings This menu contains the configuration of basic parameters for using the Proventia Web Fil ter Fig 129 Local Services Web Filters Global Se...

Page 369: ...Content Server not reachable Select which is to be done with URL requests if the web filtering server cannot be reached Possible values default value The call is permitted B The call of the requested...

Page 370: ...ategories of In ternet pages are to be handled and how You configure the relevant filters for this purpose A list of filters already configured is dis played There are basically different approaches f...

Page 371: ...first the standard categories of the Proventia Web Filter default value Actions can also be defined for the following special cases e g 9 This category applies to all Internet addresses 4 Some addres...

Page 372: ...is to be deactiv ated The time is entered in the form hh mm The default value is 00 00 Action Select the action to be executed if the filter matches a call Possible values B default value The call of...

Page 373: ...nu Field Description URL IP Address You enter a URL or IP address The length of the entry is limited to 60 characters in the black list in the white list You can select whether a URL or IP address can...

Page 374: ...rejected requests Fig 132 Local Services Web Filters History 15 5 Scheduling Your device has a event scheduler which enables certain standard actions activation or deactivation of interfaces to be ca...

Page 375: ...heduling Time Schedule New The Local Services Scheduling Time Schedule New menu consists of the follow ing fields Fields in the Basic Parameters menu Field Description Description Enter the desired na...

Page 376: ...to a TFTP server is initiated Select Interface Only if Select Action or 9 or if Select Action 2 or 9 2 Select which interface is to be activated or deactivated Source Only if Select Action Select the...

Page 377: ...eekday In Condition Settings select a particular period 9 In Condition Settings select a particular day of the month Possible values for Condition Settings with Condition Type 2 default value 0 Possib...

Page 378: ...ter a Stop Time or set Stop Time Start Time the initiator is activated and deactivated after 10 seconds 15 5 2 Options In the Local Services Scheduling Options menu you configure the schedule inter va...

Page 379: ...resources If is displayed in this field the scheduler is deactivated 15 6 Surveillance In this menu you can configure an automatic availability check for hosts or interfaces and automatic ping tests...

Page 380: ...ress Shows the monitored IP address State Shows the operating state of the monitored IP address Interface Action Shows the selected interface action Interface Shows the interface the selected interfac...

Page 381: ...ated a new group is created using the 9 option If entries have been created you can select one from the list of created groups Each host to be monitored must be assigned to a group The action configur...

Page 382: ...he smallest Interval of the group members is used within a group Trials Enter the number of pings that must remain unanswered for the host to be regarded as unavailable Possible values are to The defa...

Page 383: ...ed interface State Shows the operating state of the monitored interface Trigger Shows the selected status transition Interface Action Shows the interface action Interface Shows the interface the selec...

Page 384: ...onitored Trigger Select the state or state transition of Monitored Interfaces that is to trigger a particular Interface Action Possible values default setting Interface Action Select the action that i...

Page 385: ...ces Surveillance Ping Generator menu a list is shown of all pings configured for automatic generation Fig 139 Local Services Surveillance Ping Generator Values in the list Ping Generator Field Descrip...

Page 386: ...ther pings Fig 140 Local Services Surveillance Ping Generator New The Local Services Surveillance Ping Generator New menu consists of the fol lowing fields Fields in the Basic Parameters menu Field De...

Page 387: ...he could dial in to the LAN by ISDN if under WAN Internet Dialup New the field Always On is en abled 15 7 1 Options All interfaces for which the theft protection is enabled are administratively set to...

Page 388: ...unction is activated with The function is not activated by default Number Dialed Only if ISDN theft protection service is enabled Enter the subscriber number that the gateway dials to call itself Inco...

Page 389: ...ing again after an unsuccessful attempt to call itself Possible values are to The default value is 15 8 Funkwerk Discovery 15 8 1 Device Discovery The funkwerk Discovery protocol is used to identify...

Page 390: ...der Dis covery Status means that discovery is not active 9 is displayed when dis covery is currently being carried out This discovery function also enables your device to be discovered and configured...

Page 391: ...pecifies the interface of your device on which discov ery is carried out MAC Address The value of this field can only be read This field specifies the MAC address of the discovered access point Node N...

Page 392: ...yet been made with OK The access point has not responded 9 The access point reported an authorisation error Check the authentication password There is a problem with the in tended IP parameters IP ad...

Page 393: ...tions The Local Services Funkwerk Discovery Options menu consists of the following fields Fields in the Discovery Server Options menu Field Description Enable Discovery Server Select whether your devi...

Page 394: ...ents and the gateway is 1 The LAN UPnP client acts as a so called service control point i e it re cognizes and controls the UPnP devices on the network The ports assigned dynamically by for example MS...

Page 395: ...via the particular interface from the local network The function is activated with The function is not activated by default Interface is UPnP con trolled Determine whether the NAT configuration of th...

Page 396: ...ith UPnP releases in accordance with the parameters con tained in the request from the LAN UPnP client independently of the IP address of the requesting LAN UPnP client The function is not activated b...

Page 397: ...a system reboot in this menu 16 1 Diagnostics In the Maintenance Diagnosis menu you can test the accessibility of individual hosts the resolution of domain names and certain routes 16 1 1 Ping Test F...

Page 398: ...domain name of a particular host is correctly re solved The Output Results field shows the DNS test messages The DNS test is started by entering the domain name to be tested in DNS Address and clickin...

Page 399: ...manage the software version of your device your configuration files and the language of the Funkwerk Configuration Interface Your device contains the version of the system software available at the ti...

Page 400: ...emains stored in the flash when your device is switched off RAM The current configuration and all changes you set on your device during operation are stored in the working memory RAM The contents of t...

Page 401: ...menu Field Description Action Select the action you wish to execute Possible values default value The configuration file that you se lect in Filename is transferred to the flash memory Note To activa...

Page 402: ...nation file name The configuration file in the Select File field is re named as New Filename 9 4 The configuration file in the Se lect File field is deleted 9 6 The file in the Select File field is de...

Page 403: ...filename in flash memory is exported Include Certificates and Keys For Action Define whether the se lected Action should also be applied for certificates and keys The function is activated by choosin...

Page 404: ...on the meaning of the LEDs see the Technical Data chapter of the manual Note Before a reboot make sure you confirm your configuration changes by clicking the Save Configuration button so that these ar...

Page 405: ...y and ensure that there is always enough spare capacity available on the hard disk of your PC Syslog Daemon All Unix operating systems support the recording of syslog messages For Windows PCs the Sysl...

Page 406: ...sists of the following fields Fields in the Basic Parameters menu Field Description IP Address Enter the IP address of the host to which syslog messages are passed Level Select the priority of the sys...

Page 407: ...alues 1 The default value is Time Stamp Select the format of the time stamp in the syslog Possible values default value No system time indicated System time without date 9 K System time with date Prot...

Page 408: ...unting function which enables you to collect a lot of useful information about the IP network traffic each individual IP session 17 2 1 Interfaces In this menu you can configure the IP Accounting func...

Page 409: ...ces separated by a slash e g O or O or defined tags Possible format tags Format tags for IP accounting messages Field Description d Date of the session start in the format DD MM YY t Time of the sessi...

Page 410: ...igure con trol and administrate various network components from one system Such an SNMP tool is included on your device the Configuration Manager As SNMP is a standard protocol you can use any other S...

Page 411: ...ast ad dress The function is activated by choosing The function is not activated by default SNMP Trap UDP Port Only if SNMP Trap Broadcasting is enabled Enter the number of the UDP port to which your...

Page 412: ...p Hosts menu a list of all configured SNMP trap hosts is shown 17 3 2 1 New Choose the New button to set up new SNMP trap hosts Fig 156 External Reporting SNMP SNMP Trap Hosts New The External Reporti...

Page 413: ...ernal Log 18 1 1 System Messages In the Monitoring Internal Log System Messages menu a list of all internally stored system messages is shown Fig 157 Monitoring Internal Log System Messages Values in...

Page 414: ...e Monitoring IPSec IPSec Tunnel menu a list of all configured IPSec peers is shown Fig 158 Monitoring IPSec IPSec Tunnel Values in the list IPSec Tunnels Field Description Displays the serial number o...

Page 415: ...tton you display detailed statistics on the IPSec connection Fig 159 Monitoring IPSec IPSec Tunnel Values in the list IPSec Tunnels Field Description Description The description of the peer is display...

Page 416: ...nel are displayed here 18 2 2 IPSec Statistics In the Monitoring IPSec IPSec Statistics menu statistical values for all IPSec con nections are shown Fig 160 Monitoring IPSec IPSec Statistics The Monit...

Page 417: ...SAs Total Field in the IPSec Statistics Packet Statistics menu Field Description Total Shows the number of all processed incoming Incoming or outgoing Outgoing packets Passed Shows the number of incom...

Page 418: ...ays the total number of octets sent Tx Errors Shows the total number of errors sent Rx Packets Displays the total number of packets received Rx Bytes Displays the total number of bytes received Rx Err...

Page 419: ...tion Mbps Displays the possible data rates on this radio module Tx Packets Shows the total number of packets sent for the data rate shown in Mbps Rx Packets Shows the total number of packets received...

Page 420: ...successfully Displays the number of MSDUs successfully sent to multicast addresses including the broadcast MAC address MSDUs that could not be transmitted Displays the number of MSDUs that could not...

Page 421: ...essfully Displays the number of MSDUs successfully sent to unicast ad dresses since the last reset An acknowledgement was received for each of these packets Received MPDU that couldn t be decrypted Di...

Page 422: ...th in dBm Data rate Mbps Shows the current transmission rate of data received by this cli ent in Mbps The following transmission rates are possible IEEE 802 11b 11 5 5 2 and 1 Mbps IEEE 802 11g a 54 4...

Page 423: ...the received signal strength in dBm Noise dBm Shows the received noise strength in dBm SNR dB Signal to Noise Ratio in dB is an indicator of the quality of the wireless connection Values 25 dB excell...

Page 424: ...d 1 Mbps is suppressed for IEEE 802 11b Rate Displays the possible data rates on this radio module Tx Packets Shows the number of sent packets for the data rate Rx Packets Shows the number of received...

Page 425: ...ged tone Busy On Busy Call to engaged team subscriber If one subscriber in a team has taken the receiver off the hook or is on the telephone you can de cide whether other calls are to be signalled for...

Page 426: ...nection to be selected and set up parameters must be defined for all the required connections These parameters are stored in lists which together permit the right con nection to be set up The PBX uses...

Page 427: ...as well 802 11b g One of the IEEE standards for wireless network hardware Products that meet the same IEEE standard can communicate with each oth er even if they come from different hardware manufactu...

Page 428: ...to a number of computers that form an in dependent 802 11 WLAN each with a wireless adapter Ad hoc net works work independently without an access point on a peer to peer basis Ad hoc mode is also know...

Page 429: ...ature on telephones By pressing a key or code the caller requests a call back from the engaged terminal If the subscriber you want is not at their desk or cannot take the call they are auto matically...

Page 430: ...Automatic redialling Performance feature of a terminal If the line is busy several redial attempts are made B channel Corresponds to a telephone line in T Net In T ISDN the basic con nection contains...

Page 431: ...n exchange data with each other without a fixed connection For example PCs notebooks or a PDA can access the Internet or a loc al network The appointments on a PDA can be synchronised with the appoint...

Page 432: ...Call costs account You can set up a call costs account for a subscriber here The maximum available number of units in the form of a limit can be as signed to each subscriber on their personal call cos...

Page 433: ...p is possible A call can only be picked up by subscribers terminals in the same pickup group The assignment of subscribers in pickup groups is not de pendent on the settings in the Day and Night team...

Page 434: ...Block Chaining CCITT Consultative Committee for International Telegraphy and Telephony CD Call Deflection The forwarding of calls This performance feature enables you to forward a call without having...

Page 435: ...Analogue Telephony or Telefax Group 3 can also be transmitted regardless of the configuration of the analogue con nection If 0 is dialled the service ID Analogue Telephony is also transmitted Confere...

Page 436: ...include STAC VJHC and MPPC Data Link Layer DLL Data packet A data packet is used for information transfer Each data packet contains a prescribed number of characters information and control characters...

Page 437: ...st Configuration Protocol Dial preparation On some telephones with a display you can first enter a telephone check it first and then dial it Dial in parameters Define the dial in parameters i e you en...

Page 438: ...function module can be installed on an analogue connection of your PBX If a door intercom DoorLine is connected to your PBX via a function module you can speak with a visitor at the door via every au...

Page 439: ...er face which is also called the E1 system ECB Electronic Code Book mode ECT Explicit Call Transfer This performance feature allows two external connections to be transferred without blocking the two...

Page 440: ...ing loaded the PBX functions are deleted Euro ISDN Harmonised ISDN standardised within Europe based on signalling protocol DSS1 the introduction of which network operators in over 20 European countrie...

Page 441: ...iation of telefax FHSS Frequency Hopping Spread Spectrum In a FHSS system the frequency spread is achieved through con stantly changing frequencies based on certain hopping patterns In contrast to DSS...

Page 442: ...cket switching methods such as X 25 Because of its properties frame relay is used for fast WAN connections with a high density of traffic Freecall Telephone number Previous service 0130 These telephon...

Page 443: ...from a text sequence with a different meaning Encryption methods use hashing to make sure that intruders cannot change transmitted messages HDLC High Level Data Link Control HDSL High Bit Rate DSL HDS...

Page 444: ...cedure If you enter code 77 during a call or after the caller has ended a call you hear the engaged tone from the exchange the caller s tele phone number is stored in the exchange ISDN telephones can...

Page 445: ...local and university networks The IP protocol is used for data transmission on the Inter net Internet time sharing Allows several users to surf the Internet simultaneously over an ISDN connection The...

Page 446: ...xtension number ISDN number The network address of the ISDN interface e g 4711 ISDN router A router that does not have network connections but provides the same functions between PC ISDN and the Inter...

Page 447: ...ss a button so that the people present in the room can also hear the telephone call MAC Address Every device in the network is defined by a fixed hardware address MAC address The network card of a dev...

Page 448: ...rotocol gate way A gateway that can route several protocols e g IP X 25 etc Music on hold MoH Your PBX has two internal music on hold melodies On delivery in ternal melody 1 is active You can choose b...

Page 449: ...s the point at which access to a communication network is provided to the terminal Netz Direkt keypad functions You can use the Netz Direkt keypad function automatic external line access to enter a ke...

Page 450: ...er of the connection you are calling from on their telephone display This telephone number transmitted during an external call is called the outgoing telephone number Packet switching Packet switching...

Page 451: ...Point to multipoint Point to multipoint connection Point to multipoint Basic connection in T ISDN with three telephone numbers and two lines as standard The ISDN terminals are connected directly on t...

Page 452: ...ace Protocol Protocols are used to define the manner and means of information exchange between two systems Protocols control and rule the course of data communication at various levels decoding addres...

Page 453: ...motely usually in connection with other options such as deleting messages or changing recorded messages Repeater A device that transmits electrical signals from one cable connection to another without...

Page 454: ...de Please read the information on the described functions in the user s guide Router A device that connects different networks at layer 3 of the OSI mod el and routes information from one network to t...

Page 455: ...service from T Com Replaces Service 0190 Service number 0180 Additional voice service 0180call from T Com to receive calls from a location dependent telephone number uniform across Germany starting w...

Page 456: ...with an SMS enabled terminal the telephone number 0193010 of the SMS server must be prefixed to the recipient num ber This telephone number is already stored in your PBX so manu al input of the serve...

Page 457: ...scriber numbers are included as standard Specify own tele phone number for next call If you want to make a business call late in the evening from your private sphere say the living room for example yo...

Page 458: ...one number for a particular service In the called terminal e g a PC various applications can also be ad dressed and in some cases executed Costs are charged for the performance feature and it must be...

Page 459: ...ssion process in which the sender and receiver operate with exactly the same clock signals in contrast to asynchronous trans mission Spaces are bridged by a stop code Syslog Syslog is used as the de f...

Page 460: ...T NetBox can store up to 30 messages T NetBox telephone number Enter the current T NetBox telephone number here if it differs from the 08003302424 entered ex works As soon as your T NetBox re ceives...

Page 461: ...l family Telnet enables communic ation with a remote device in the network Terminal adapter Device for interface adaptation It enables different equipment to be connected to T ISDN The terminal adapte...

Page 462: ...ic Digital Subscriber Line UDP User Datagram Protocol Update Update to a software program PBX firmware An update is the up dated version of an existing software product and is indicated by a new versi...

Page 463: ...analogue on one side of the modem provider as was the case with V 34 and earlier modems This makes higher transmission rates possible A maximum speed of 56 kbps can be achieved only under optimum con...

Page 464: ...PA PSK Intended for private users or small businesses that do not run a central authentication server PSK stands for Pre Shared Key and means that AP and client use a fixed character string 8 to 63 ch...

Page 465: ...n users such as e mail addresses telephone numbers and postal ad dresses You can search these databases to obtain information about individuals X 509 ITU T standards that define the format of the cert...

Page 466: ...r 90 Fig 16 Save Configuration button 90 Fig 17 Menus 91 Fig 18 Configuration of the update interval 94 Fig 19 Filter list 94 Fig 20 103 Fig 21 System Management Status 105 Fig 22 System Management Gl...

Page 467: ...Class Standard route 160 Fig 46 Routing Routes IP Routes New with Route Class Extended Route 161 Fig 47 Routing Routes Options 166 Fig 48 Routing NAT NAT Interfaces 168 Fig 49 Routing NAT Portforwardi...

Page 468: ...ificate List 269 Fig 82 VPN Certificates Certificate List Request 272 Fig 83 VPN Certificates Certificate List Import 277 Fig 84 VPN Certificates CRLs Import 278 Fig 85 VPN Certificates Certificate Se...

Page 469: ...r New 327 Fig 114 PBX Automatic Route Selection Numbers Routing 329 Fig 115 PBX Automatic Route Selection Numbers Routing New 330 Fig 116 PBX Automatic Route Selection Provider New 331 Fig 117 PBX Int...

Page 470: ...vices UPnP Interfaces 383 Fig 146 Local Services UPnP Global Settings 384 Fig 147 Maintenance Diagnosis Ping Test 385 Fig 148 Maintenance Diagnosis DNS Test 386 Fig 149 Maintenance Diagnosis Tracerout...

Page 471: ...Fig 164 Monitoring WLAN VSS 409 Fig 165 Monitoring WLAN VSS Connected client 411 Funkwerk Enterprise Communications GmbH List of Figures funkwerk TR200aw bw 459...

Page 472: ...ght 47 Active IPSec Tunnels 105 Active Sessions 105 Address Firewall Addresses 291 Address Mode EthoA 219 LAN IP Configuration 142 Address Range Firewall Addresses 291 Administrative Status IPSec Peer...

Page 473: ...346 Cache Size 339 Calendar 54 Calendar Settings 318 318 Call allocation 54 Call Assignment 320 Call assignment day and night 54 Call deflection 57 Call forwarding CF 43 Call forwarding in the device...

Page 474: ...User 255 Consider 181 Contact 107 Control Mode Real Time Jitter Control 229 Controlled Interfaces Host Surveillance 369 Country 274 PBX 298 Country code PBX dialling control 298 CPU Usage 105 Create N...

Page 475: ...H Group IPSec Phase 1 236 DHCP Hostname EthoA 219 LAN IP Configuration 143 DHCP MAC Address EthoA 219 LAN IP Configuration 143 Dial ranges 328 Dialling break 54 POTS 301 Dialup and Rerouting Extended...

Page 476: ...tive RADIUS 127 TACACS 131 Error 405 Ethernet Interface Selection 136 Ex works setting 69 69 Exchange access right for local calls 28 Exchange code PBX changeable access numbers 298 Exchange Type Moni...

Page 477: ...53 Hold Down Timer 180 Holding 54 Host Domain Forwarding 343 Host Name DynDNS 348 HTTP 119 HTTPS 119 I IGMP Proxy 188 IGMP Status 189 Ignore Certificate Request Payloads 249 IKE Phase 1 SAs Monitoring...

Page 478: ...sts 341 EthoA 219 IP MAC Binding 354 RIP 177 Routed Protocols over ATM 220 SNMP Trap Hosts 400 Syslog Server 394 WLAN VSS 409 WLAN VSS Client Details 411 IP Address Mode ISDN 209 L2TP User 256 PPPoA 2...

Page 479: ...ment 225 M MAC Address artem Access Point Discovery 379 CAPI Settings 313 EthoA 219 IP MAC Binding 354 LAN IP Configuration 142 WLAN VSS 409 WLAN VSS Client Details 411 Mail Exchanger MX 349 Making ex...

Page 480: ...403 Multicast Group Address 185 Multicast MSDUs received successfully WLAN Radio Module 408 Multicast MSDUs transmitted success fully WLAN Radio Module 408 Multifunctional unit 36 Music on hold 67 67...

Page 481: ...267 Outgoing Line Call Routing Call Through 325 Outgoing telephone number 28 P Parking 54 Passed 405 Passphrase Configuration Management 389 Password Certificate Import 277 Certificate Request 272 CR...

Page 482: ...d Key IPSec Peer Configuration 231 WLAN Security Settings 157 Primary DNS Server 338 WINS Server 338 Primary DHCP Server 355 Primary Telephonenumber Extensions 310 Primary Timeserver 111 Prioritize TC...

Page 483: ...tworks 402 Remote PPTP IP Address PPTP 201 262 Remote User for Dialin only ISDN 208 Reset 69 Resetting for a particular subscriber 69 69 Resetting for all subscribers 69 Resetting for all subscribers...

Page 484: ...Payloads 249 Send Version 174 Sending an MMS 57 Serial Number 105 Server DynDNS Provider 350 Server Failures 346 Server IP Address RADIUS 127 TACACS 131 Server Timeout RADIUS 128 Service External Numb...

Page 485: ...nnection data 334 Subsystem 401 Successfully Answered Queries 346 Summary 274 Summer winter time 57 Supported ISDN performance features 65 Suppress outgoing CLIP CLIR CAPI Settings 313 Sustained Cell...

Page 486: ...S 409 WLAN VSS Client Details 411 Type ATM Profiles Parameter 217 Call Forwarding 315 316 Monitoring Interfaces 406 Type Code Firewall Services 293 Type of Messages 394 U UDP Destination Port L2TP Opt...

Page 487: ...on 54 UUS1 54 V Value WLAN Radio Module 408 Virtual Channel Connection VCC ATM Service Category 222 OAM Flow Configuration 225 Virtual Channel Identifier VCI 217 Virtual Path Connection VPC OAM Flow C...

Reviews:

No comments

Related manuals for TR200aw

Brand: Pathport Pages: 3

Brand: Pace Pages: 2

Brand: VBOX Pages: 40

Nmea Connect Plus

Brand: Calypso Pages: 21

Brand: NetComm Wireless Pages: 28

Brand: Tele System Pages: 16

Brand: Comtrend Corporation Pages: 84

Brand: Sangoma Pages: 4

Brand: Pace Pages: 17

Brand: Motorola Pages: 2

Brand: Nokia Pages: 3

CC500 - VPN - Gateway

Brand: Nokia Pages: 11

Brand: Nokia Pages: 48

Brand: Nokia Pages: 58

Brand: Nokia Pages: 62

Brand: Nokia Pages: 72

Brand: Nokia Pages: 87

3TG-01275-AAAA-TCZZA

Brand: Nokia Pages: 96

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands