Home
/
Teldat
/
bintec R1202
/
Manual

Teldat bintec R1202, Manual

Share

Page: 120 / 622

Teldat bintec R1202 Manual Download Page 120

Fields in the Global RADIUS Options menu.

Field

Description

Authentication for PPP
Dialin

By default, the following authentication sequence is used for in-
coming calls with RADIUS: First CLID, then PPP and then PPP
with RADIUS.

Options:

•

: Only inband RADIUS requests (PAP,CHAP, MS-

CHAP V1 & V2) (i.e. PPP requests without CLID) are sent to
the RADIUS server defined in Server IP Address.

•

:3 2/.

: Only outband RADIUS requests (i.e. re-

quests for calling line identification = CLID) are sent to the
RADIUS server.

is enabled by default.

10.6 Certificates

An asymmetric cryptosystem is used to encrypt data to be transported in a network, to gen-
erate or check digital signatures and the authenticate users. A key pair consisting of a pub-
lic key and a private key is used to encrypt and decrypt the data.

For encryption the sender requires the public key of the recipient. The recipient decrypts
the data using his private key. To ensure that the public key is the real key of the recipient
and is not a forgery, a so-called digital certificate is required.

This confirms the authenticity and the owner of a public key. It is similar to an official pass-
port in that it confirms that the holder of the passport has certain characteristics, such as
gender and age, and that the signature on the passport is authentic. As there is more than
one certificate issuer, e.g. the passport office for a passport, and as such certificates can
be issued by several different issuers and in varying qualities, the trustworthiness of the is-
suer is extremely important. The quality of a certificate is regulated by the German Signa-
ture Act or respective EU Directives.

Certification authorities that issue so-called qualified certificates are organised in a hier-
archy with the Federal Network Agency as the higher certifying authority. The structure and
content of a certificate are stipulated by the standard used. X.509 is the most important and
the most commonly use standard for digital certificates. Qualified certificates are personal
and extremely trustworthy.

Digital certificates are part of a so-called Public Key Infrastructure (PKI). PKI refers to a
system that can issue, distribute and check digital certificates.

10 System Management

Teldat GmbH

106

bintec Rxxx2/RTxxx2

«
...
118
119
120
121
122
...
»

Summary of Contents for bintec R1202

Page 1: ...Manual bintec Rxxx2 RTxxx2 Reference Copyright Version 7 0 2013 Teldat GmbH Teldat GmbH Manual bintec Rxxx2 RTxxx2 1...

Page 2: ...uration You must monitor the product in order to avoid unwanted charges Teldat GmbH accepts no responsibility for data loss unwanted connection costs and damage caused by unintended operation of the p...

Page 3: ...ical data 11 5 1 Scope of supply 11 5 2 General Product Features 13 5 3 LEDs 23 5 4 Connectors 25 5 5 Pin Assignments 29 5 5 1 Serial interface 29 5 5 2 Ethernet interface 29 5 5 3 ADSL interface 30 5...

Page 4: ...word 45 7 5 Setting up an internet connection 46 7 5 1 Internet connection over internal ADSL modem 46 7 5 2 Other internet connections 47 7 5 3 Testing the configuration 47 7 6 Software Update 47 Cha...

Page 5: ...7 10 2 4 System Licences 82 10 3 Interface Mode Bridge Groups 84 10 3 1 Interfaces 86 10 4 Administrative Access 89 10 4 1 Access 89 10 4 2 SSH 91 10 4 3 SNMP 95 10 5 Remote Authentication 96 10 5 1 R...

Page 6: ...er 12 LAN 145 12 1 IP Configuration 145 12 1 1 Interfaces 145 12 2 VLAN 149 12 2 1 VLANs 151 12 2 2 Port Configuration 152 12 2 3 Administration 152 Chapter 13 Wireless LAN Controller 154 13 1 Wizard...

Page 7: ...mware Maintenance 186 Chapter 14 Networking 189 14 1 Routes 189 14 1 1 IPv4 Routes 189 14 1 2 IPv4 Routing Table 195 14 1 3 Options 196 14 2 NAT 197 14 2 1 NAT Interfaces 197 14 2 2 NAT Configuration...

Page 8: ...ons 244 15 2 OSPF 246 15 2 1 Areas 248 15 2 2 Interfaces 250 15 2 3 Global Settings 252 Chapter 16 Multicast 254 16 1 General 255 16 1 1 General 256 16 2 IGMP 256 16 2 1 IGMP 257 16 2 2 Options 259 16...

Page 9: ...17 3 1 Interfaces 316 17 4 Real Time Jitter Control 322 17 4 1 Controlled Interfaces 322 Chapter 18 VPN 324 18 1 IPSec 324 18 1 1 IPSec Peers 325 18 1 2 Phase 1 Profiles 341 18 1 3 Phase 2 Profiles 3...

Page 10: ...19 3 1 Address List 392 19 3 2 Groups 393 19 4 Services 394 19 4 1 Service List 394 19 4 2 Groups 396 Chapter 20 VoIP 398 20 1 Application Level Gateway 398 20 1 1 SIP Proxies 398 20 1 2 SIP Endpoints...

Page 11: ...1 2 1 HTTPS Server 440 21 3 DynDNS Client 441 21 3 1 DynDNS Update 441 21 3 2 DynDNS Provider 443 21 4 DHCP Server 445 21 4 1 IP Pool Configuration 445 21 4 2 DHCP Configuration 446 21 4 3 IP MAC Bind...

Page 12: ...0 UPnP 487 21 10 1 Interfaces 488 21 10 2 General 489 21 11 HotSpot Gateway 490 21 11 1 HotSpot Gateway 491 21 11 2 Options 495 21 12 BRRP 496 21 12 1 Virtual Routers 497 21 12 2 VR Synchronisation 50...

Page 13: ...lert Settings 523 23 4 SNMP 525 23 4 1 SNMP Trap Options 525 23 4 2 SNMP Trap Hosts 526 23 5 Activity Monitor 527 23 5 1 Options 528 Chapter 24 Monitoring 530 24 1 Internal Log 530 24 1 1 System Messa...

Page 14: ...539 24 7 QoS 540 24 7 1 QoS 540 24 8 OSPF 541 24 8 1 Status 541 24 8 2 Statistics 543 24 9 PIM 545 24 9 1 Global Status 545 24 9 2 Not Interface Specific Status 546 24 9 3 Interface Specific States 5...

Page 15: ...tart up your device from a Windows PC and how to install other useful online assistants At the end of the chapter you will be in a position to surf the Internet send or receive e mails and set up a co...

Page 16: ...ons and a comprehensive overview of devices their parameters and files All devices in the local network including remote devices that can be reached over SNMP are located using SNMP Multicast irrespec...

Page 17: ...r explains how to reset your device to the ex works state Technical data This section contains a description of all the device s technical properties Variable switching of S0 interfaces This section d...

Page 18: ...the device and all the configuration options and gives page numbers so they can be found easily To help you locate information easily this user s guide uses the following visual aids List of visual a...

Page 19: ...Use Indicates lists Menu Submenu File Open Indicates menus and submenus in the GUI and in the Windows interface non proportional Courier e g Indicates commands that you must enter as written bold e g...

Page 20: ...interfaces may also damage your device Con nect only the ETH interface of the device to the LAN interface of the computer hub or an ISDN interface of the device if any only to the ISDN connection Note...

Page 21: ...N using the Ethernet cable supplied The device automatically detects whether it is connected to a switch or directly to a PC 4 ADSL only bintec R3002 and bintec RT3002 Connect the DSL interface DSL of...

Page 22: ...he serial interface of your PC COM1 or COM2 to the serial interface of the gateway console However configuration via the serial interface is not provided by default Analog telephone analog fax only bi...

Page 23: ...riday between the hours of 8 am and 5 pm They can be contacted as follows Email hotline teldat de International Support Coordina tion Telephone 49 911 9673 1550 Fax 49 911 9673 1599 End customer Hotli...

Page 24: ...t the device to the ex works state with the RESET button Depending on how long it is pressed for the RESET button performs two different functions After pressing briefly once the device reboots Hold t...

Page 25: ...DVD bintec Dime Manager User s Guide on DVD Release Notes if required Installation poster printed R3002 Ethernet cable ISDN BRI cable Serial cable Network cable 2 ADSL cables for Annex A and for Anne...

Page 26: ...cable ISDN PRI cable Serial cable Network cable 19 inch installation kit 4x rubber feet self adhesive Companion DVD Quick Install Guide and safety notices printed User s Guide on DVD bintec Dime Mana...

Page 27: ...es printed User s Guide on DVD bintec Dime Manager User s Guide on DVD Release Notes if required Installation poster printed RT4202 Ethernet cable ISDN BRI cable Serial cable Network cable 19 inch ins...

Page 28: ...y Voltage Range 85 264 V AC Frequency Range 47 63 Hz Efficiency Typ 79 Voltage Range 85 264 V AC Frequency Range 47 63 Hz Efficiency Typ 79 Environmental require ments Storage temperature 25 C to 70 C...

Page 29: ...or all EU states SAFERNET TM Security Technology Community passwords PAP CHAP MS CHAP MS CHAP v 2 PPTP PPPoE PPPoA Callback Access Control Lists CLID NAT SIF MPPE Encryption PPTP En cryption VPN with...

Page 30: ...r mally 13 Watt max 15 Watt nor mally 13 Watt max 15 Watt nor mally 13 Watt Voltage supply Voltage Range 85 264 V AC Frequency Range 47 63 Hz Efficiency Typ 79 Voltage Range 85 264 V AC Frequency Rang...

Page 31: ...g MDIX Permanently installed twisted pair only 10 100 1000 mbps autosensing MDIX ETH5 Permanently installed twisted pair only 10 100 1000 mbps autosensing MDIX Permanently installed twisted pair only...

Page 32: ...Lists CLID NAT SIF MPPE Encryption PPTP Encryption VPN with PPTP or IPSec Community pass words PAP CHAP MS CHAP MS CHAP v 2 PPTP PPPoE PPPoA Callback Ac cess Control Lists CLID NAT SIF MPPE Encryptio...

Page 33: ...ax 24 Watt typically 15 Watt Voltage supply Voltage Range 85 264 V AC Frequency Range 47 63 Hz Efficiency Typ 79 Voltage Range 85 264 V AC Frequency Range 47 63 Hz Efficiency Typ 79 Environmental requ...

Page 34: ...24 5 pole mini USB socket 5 pole mini USB socket Ethernet interfaces RJ45 socket RJ45 socket ISDN BRI interface RJ45 socket RJ45 socket ADSL interface RJ45 socket VDSL2 interface RJ45 socket Standards...

Page 35: ...45 mm Weight approx 2 0 kg approx 2 0 kg Transport weight incl doc umentation cables pack aging approx 2 6 kg approx 2 6 kg Memory 64 MB RAM 16 MB flash ROM 64 MB RAM 16 MB flash ROM LEDs 16 1x Power...

Page 36: ...isted pair only 10 100 1000 mbps auto sensing MDIX ISDN BRI S0 Euro ISDN point to multipoint point to point connection TE or NT mode Euro ISDN point to multipoint point to point connection TE or NT mo...

Page 37: ...Manager User s Guide on DVD Installation poster Quick Install Guide and safety no tices bintec Dime Manager User s Guide on DVD Installation poster Online documentation User s Guide Workshops Release...

Page 38: ...lashing Data traffic with 1 Gbps orange on The device is connected to the Ethernet at 100 mbps orange flashing Data traffic with 100 mbps green and orange on The device is connected to the Ethernet at...

Page 39: ...ctions are arranged as follows Fig 5 Front of bintec R1202 Front of bintec R1202 1 CONSOLE Serial interface 2 POWER STATUS LED display for power and status 3 RESET Reset button 4 ETH5 Ethernet interfa...

Page 40: ...D display bintec R3002 bintec R3502 and bintec 3802 have a 4 port Ethernet switch a serial inter face an ETH5 interface and an ISDN BRI interface as well as a DSL interface The connections are arrange...

Page 41: ...ws Fig 8 Front of bintec RT3002 Front of bintec RT3002 bintec RT3502 1 CONSOLE Serial interface 2 POWER STATUS LED display for power and status 3 RESET Reset button 4 ETH5 Ethernet interface 5 ETH1 ET...

Page 42: ...ace 7 PRI1 PRI2 ISDN PRI interface 9 LED LED display bintec RT4202 has a 4 port Ethernet switch a serial interface an ETH5 interface four ISDN BRI interfaces and four FXS interfaces The connections ar...

Page 43: ...11 5 pole mini USB socket The pin assignment is as follows Pin assignment of the mini USB socket Pin Position 1 Not used 2 TxD 3 RxD 4 Not used 5 GND 5 5 2 Ethernet interface The devices have an Ethe...

Page 44: ...es not have an Auto MDI X function 5 5 3 ADSL interface The ADSL interface on bintec R3002 and RT3002 is connected via an RJ45 plug The cable supplied connects the RJ45 plug needed for the device to a...

Page 45: ...ied connects the RJ45 connector needed for the device to an RJ45 connector needed for the SHDSL connection The following pins are used for the SHDSL connection Fig 14 SHDSL interface RJ45 connector bi...

Page 46: ...ector is as follows RJ45 socket for VDSL connection bintec R3502 and bintec RT3502 Pin Position 1 Not used 2 Not used 3 Not used 4 Line 1a 5 Line 1b 6 Not used 7 Not used 8 Not used 5 5 6 ISDN PRI int...

Page 47: ...and b 5 5 7 ISDN BRI interface The devices bintec R1202 R3002 R3502 and R3802 have an ISDN BRI interface which e g can be used for backup functions The devices bintec R4402 and RT1202 have two ISDN B...

Page 48: ...5 Receive 6 Transmit 7 Not used 8 Not used The pin assignment for the ISDN BRI interface RJ45 socket in NT mode is as follows RJ45 socket for ISDN connection in NT mode Pin Position 1 Not used 2 Not u...

Page 49: ...pin assignment for the FXS interface RJ45 connector is as follows RJ45 connector for FXS connection Pin Position 1 Not used 2 Not used 3 Not used 4 a 5 b 6 Not used 7 Not used 8 Not used Teldat GmbH...

Page 50: ...5 6 WEEE information 5 Technical data Teldat GmbH 36 bintec Rxxx2 RTxxx2...

Page 51: ...rminal does not have its own power supply The respective link plugs must be moved to do this In addition you can switch the 100 Ohm terminators on off for each interface via additional link plugs You...

Page 52: ...rfaces BRI 1 and BRI 2 as shown in the following figure Use Interface Link plug area Position Position Internal external switching BRI 1 J0M Internal external Internal external switching BRI 2 J1M Int...

Page 53: ...gs for interfaces BRI 3 and BRI 4 as shown in the following figure on is only permitted if J3M BRI 3 is set to internal mode and J4M BRI 4 is set to extern al mode Use Interface Link plug area Positio...

Page 54: ...al Power supply for internal con nection BRI 3 J2P Off On Power supply for internal con nection BRI 4 J3P Off On 100 Ohm terminator BRI 3 J2T Off On 100 Ohm terminator BRI 4 J3T Off On Connection of B...

Page 55: ...e in an ex works state User Name Password Note All Teldat devices are delivered with the same username and password As long as the password remains unchanged they are therefore not protected against u...

Page 56: ...PC from which you want to perform the configuration meets the ne cessary requirements You can also install the Dime Manager software which provides more tools for working with your device This install...

Page 57: ...ur personal access data from your ISP The terms used for the required access data may vary from provider to provider However the type of information you need for dial in in is basically the same The f...

Page 58: ...678906112345678 0001 t online de 7 3 2 Configuring a PC In order to reach your device via the GUI and to be able to carry out configuration the PC used for the configuration has to satisfy some prereq...

Page 59: ...C as follows 1 In Internet Protocol TCP IP Properties under Default gateway enter the IP ad dress of your gateway 2 Enter the IP address of your device under Use next DNS server address 3 Click OK 4 C...

Page 60: ...ommon configuration is described below The GUI internet wizard can be used to help configure al ternative configuration types 7 5 1 Internet connection over internal ADSL modem The devices R3002 and R...

Page 61: ...onse 2 Test the internet access by entering www teldat de in the internet browser Teldat GmbH s Internet site offers you the latest news updates and documentation Note Incorrect configuration of the d...

Page 62: ...evice will be updated auto matically When installation of the new software is complete you will be invited to restart the device Caution Once you have clicked on GO the update cannot be cancelled inte...

Page 63: ...r for configuration purposes and to access your device via Telnet or SSH Caution If you carry out the initial configuration with the GUI this can result in inconsistencies or malfunctions as soon as y...

Page 64: ...A window with the login prompt appears You are now in the SNMP shell of your device 2 Continue with Logging in for Configuration on page 55 8 1 1 3 SSH In addition to the unencrypted and potentially v...

Page 65: ...eed as follows 1 Leave the Flash Management shell with 2 Launch the GUI and log on to your device see Call up the GUI on page 58 3 Make sure that 3 is selected as the language 4 Check the key status i...

Page 66: ...page 54 Note PuTTY requires certain settings for a connection to a Teldat device The support pages of http www teldat de include FAQs which list the required settings 8 1 2 Access via the Serial Inter...

Page 67: ...k on File Properties 2 Click Configure in the Connect to tab The following settings are necessary Bits per second Data bits Parity Stopbits Flow control 3 Enter the values and click OK 4 Make the foll...

Page 68: ...e device Access over ISDN costs money If your device and your computer are in the LAN it is cheaper to access your device via the LAN or via the serial interface Your device in your LAN merely needs t...

Page 69: ...The security concept of your device enables you to read all the other configuration settings with the user name but not the access information It is therefore impossible to log in with read the passwo...

Page 70: ...pleting the configuration enter and press Return 8 3 Configuration options This chapter first offers an overview of the various tools you can use for configuration of your device You can configure you...

Page 71: ...in your device and is available in English If required other languages can be down loaded from the download areaSoftware Configuration on page 508 of www teldat de and installed on your device To do...

Page 72: ...hich you want to configure your device see Con figuring a PC on page 44 3 Open a web browser 4 Enter 455 in the address field of the web browser 5 Enter in the User field and enter in the Password fie...

Page 73: ...lay the GUI Here you can choose the language in which you perform the configuration German and English are available View Select the desired view from the dropdown menu Stand ard and SNMP browsers can...

Page 74: ...device A window is opened offering you the fol lowing options Save configuration save previous boot configuration then exit Save configuration then exit Exit without saving Navigation bar Fig 23 Save...

Page 75: ...ins the main configuration menus and their sub menus Click the main menu you require The corresponding sub menu then opens If you click the sub menu you want the entry selected will be displayed in re...

Page 76: ...ystem Management Certificates Certificate List menu this button activates the sub menu for the configuration of the certificate request In the Monitoring ISDN Modem Current Calls menu press ing this b...

Page 77: ...the view is to be updated To do this enter a period in seconds in the input field and con firm it with Filter You can have the list entries filtered and displayed according to certain criteria You can...

Page 78: ...The menu contains either a list of all the configured entries or the basic settings for the function concerned Sub menu The New button is available in each menu in which a list of all the configured...

Page 79: ...empty these are not saved when you confirm with OK Delete the entries by clicking the icon Display of options that are not available Options that are not available because they depend on the selectio...

Page 80: ...f functions Check the software of your device on the corresponding product page under www teldat de 8 3 2 SNMP shell SNMP Simple Network Management Protocol is a protocol that defines how you can ac c...

Page 81: ...Shows useful information about your device e g serial number MAC address and software versions The BOOTmonitor is started as follows The devices passes through various functional states when starting...

Page 82: ...eset value is 9600 baud make sure the terminal program used also uses this baudrate If this is not the case you will not be able to es tablish a serial connection to the device 8 Access and configurat...

Page 83: ...c configuration tasks First steps Internet Access VPN SWYX only with active optional DSP module VoIP PBX in LAN Choose the corresponding task from the navigation bar and follow the instructions and ex...

Page 84: ...n overview of the following data System status Your device s activities Resource utilisation active sessions and tunnels Status and basic configuration of the LAN WAN ISDN and ADSL interfaces Informat...

Page 85: ...Displays the device serial number BOSS Version Displays the currently loaded version of the system software Back up of configura tion on SD card Only with inserted SD cart visible RXL1250 RXL12100 In...

Page 86: ...P etc Displays the total of all SIF TDRC and IP load balancing ses sions Active IPSec Tunnels Displays the number of currently active IPSec tunnels in relation to the number of configured IPSec tunnel...

Page 87: ...tem also displays whether the inter face is active 10 2 Global Settings The basic system parameters are managed in the Global Settings menu 10 2 1 System Your device s basic system data are entered in...

Page 88: ...are stored internally in the device Possible values are to The default value is You can display the stored messages in Monitoring Internal Log Maximum Message Level of Syslog Entries Select the priori...

Page 89: ...ossible values are to The default value is Manual WLAN Control ler IP Address The feature is only for devices with WLAN controller available Enter the IP address of the WLAN controller The value can o...

Page 90: ...System password not changed The System Management Global Settings Passwords menu consists of the following fields Fields in the System Password menu Field Value System Admin Pass word Enter the passwo...

Page 91: ...fault If you activate the function all passwords and keys in all menus are displayed and can be edited in plain text One exception is IPSec keys They can only be entered in plain text If you press OK...

Page 92: ...starts on the last Sunday in March by switching from 2 a m to 3 a m The calendar related or schedule related switches that are scheduled for the missing hour are then carried out Winter time starts o...

Page 93: ...efore overwritten The menu System Management Global Settings Date and Time consists of the fol lowing fields Fields in the Basic Settings menu Field Description Time Zone Select the time zone in which...

Page 94: ...e or an IP address In addition select the protocol for the time server request Possible values default value This server uses the simple network time protocol via UDP port 123 5 0 This server uses the...

Page 95: ...is automatic ally updated The default value is Time Update Policy Enter the time period after which the system attempts to contact the time server again following a failed time update Possible values...

Page 96: ...n the device s ex works state and which can also be obtained free of charge or at additional cost You can access this data sheet at www teldat de Entering licence data You can obtain the licence data...

Page 97: ...oose the New button to enter more licences Fig 32 System Management Global Settings System Licences New Activating extra licences You activate extra licences by adding the received licence information...

Page 98: ...this menu you define the operation mode for your device s interfaces Routing versus bridging Bridging connects networks of the same type In contrast to routing bridges operate at lay er 2 of the OSI m...

Page 99: ...ame of the wireless network VSS is made up of the following parts Abbreviation for interface type whereby stands for wireless network a Number of the wireless module b Number of the interface Example...

Page 100: ...er use existing bridge groups or create a new bridge group The default setting for all existing interfaces is routing mode When selecting the option 1 3 for Mode Bridge Group a bridge group i e etc is...

Page 101: ...s in a bridge group it is assigned the group s IP address when it is taken out of the group 10 3 1 1 Add Add Choose the New button to edit the mode of PPP interfaces Fig 34 System Management Interface...

Page 102: ...rface and save the settings with OK 5 Click the Save configuration button to save all of the configuration settings You can use the MAC Bridge The System Management Interface Mode Bridge Groups Interf...

Page 103: ...This wildcard MAC ad dress is renewed with each non IP unicast frame or non ARP unicast frame Wildcard MAC Address Only for Wildcard Mode Enter the MAC address of a device that is connected over IP Tr...

Page 104: ...nd select the OK button Follow the instructions given by Telekom s Customer Service The menu Advanced Settings consists of the following fields Fields in the menu Advanced Settings Field Description R...

Page 105: ...gement Administrative Access SSH Enabled menu standard value You can also access the options for configuring the SSH login Fig 38 System Management Administrative Access SSH You need an SSH client app...

Page 106: ...ect whether the SSH Daemon is to be enabled for the inter face The function is activated by selecting The function is enabled by default SSH Port Here you can enter the port via which the SSH connecti...

Page 107: ...error occurs during the generation and the link are displayed again You can then repeat generation If the 0 7 1 status is displayed generation of a key is not possible for example because there is no...

Page 108: ...a compression should be used The function is activated by selecting The function is disabled by default TCP Keepalives Select whether the device is to send keepalive packets The function is activated...

Page 109: ...s contains all the configuration and status variables of the device SNMP can be used to perform the following network management tasks Surveillance of network components Remote controlling and configu...

Page 110: ...er authen tication and configuration and for statistical recording of connection data RADIUS can be used for Authentication Accounting Exchange of configuration data For an incoming connection your de...

Page 111: ...the connection ACCESS_REJECT Server Client If the information contained in the ACCESS_REQUEST does not correspond to the information in the user database of the RADIUS server it sends an ACCESS_REJEC...

Page 112: ...m Management Remote Authentication RADIUS Newmenu consists of the following fields Fields in the Basic Parameters menu Field Value Authentication Type Select what the RADIUS server is to be used for P...

Page 113: ...or Teldat hotspot applications Server IP Address Enter the IP address of the RADIUS server RADIUS Secret Enter the shared password used for communication between the RADIUS server and your device Defa...

Page 114: ...following fields Fields in the Advanced Settings menu Field Value Policy Select how your device is to react if a negative response to a re quest is received Possible values 3 default value A negative...

Page 115: ...er is 1 for a long time The function is activated by selecting The function is enabled by default Retries Enter the number of retries for cases when there is no response to a request If an response ha...

Page 116: ...col and offers authentication authorisation and accounting services TACACS Accounting is currently not supported by Teldat devices The following TACACS functions are available on your device Authentic...

Page 117: ...is to be used for login authentication to your device Server IP Address Enter the IP address of the TACACS server that is to be re quested for login authentication TACACS Secret Enter the password to...

Page 118: ...ority see Priority until a positive response is received or a negative response has been received from an authoritative server 3 A negative response to a request is accep ted i e a request is not sent...

Page 119: ...l related inform ation are transferred unencrypted Unencrypted transfer is not recommended as a default setting and should only be used for debugging 10 5 3 Options This setting possible here causes y...

Page 120: ...is required This confirms the authenticity and the owner of a public key It is similar to an official pass port in that it confirms that the holder of the passport has certain characteristics such as...

Page 121: ...VPN connections and for voice connections over Voice over IP 10 6 1 Certificate List A list of all existing certificates is displayed in the System Management Certificates Certificate List menu 10 6 1...

Page 122: ...cted entry The System Management Certificates Certificate List menu consists of the fol lowing fields Fields in the Edit parameters menu Field Description Description Shows the name of the certificate...

Page 123: ...s of the higher level certificate are used if one exists It is does not the same procedure is used as that described under Only if a CRL Distribution Point is present Force certificate to be trusted D...

Page 124: ...tion during SCEP communication with separate keys and to delegate the operation to separate registration authorities if applicable When a certificate is downloaded automatically i e if CA Certificate...

Page 125: ...Request menu Field Description Certificate Request De scription Enter a unique description for the certificate Mode Select the way in which you want to request the certificate Possible settings 3 defa...

Page 126: ...bits SCEP URL Only for Mode 2 Enter the URL of the SCEP server e g ht tp scep teldat de 8080 scep scep dll Your CA administrator can provide you with the necessary data CA Certificate Only for Mode 2...

Page 127: ...ation with the RA you can select another one here to encrypt com munication The default value is 0 2 i e the same certificate is used as for signing Password Only for Mode 2 You may need a password fr...

Page 128: ...Only for Custom disabled Enter the e mail address according to CA Organizational Unit Only for Custom disabled Enter the organisational unit according to CA Organization Only for Custom disabled Ente...

Page 129: ...ion Autosave Mode Select whether your device automatically stores the various steps of the enrolment internally This is an advantage if enrol ment cannot be concluded immediately If the status has not...

Page 130: ...Enter a unique description for the certificate File Encoding Select the type of coding so that your device can decode the certificate Possible values 3 default value Activates automatic code recognit...

Page 131: ...in networks 10 6 2 1 Import Choose the Import button to import CRLs Fig 46 System Management Certificates CRLs Import The System Management Certificates CRLs Importmenu consists of the following field...

Page 132: ...issues the private key und h lt Zertifikatsperrlisten CRL bereit die zur Pr fung von Zertifikaten entweder per LDAP oder HTTP vom Ger t abgefragt werden 10 6 3 1 New Choose the New button to set up a...

Page 133: ...special cable for the console port of your gateway e g AUX Backup cable to connect an external analogue modem to the AUX port on a Teldat gateway 11 1 1 AUX With an analogue GSM interface the gateway...

Page 134: ...ed by default Line Speed Only for AUX Port Status enabled Here you select the speed at which the gateway addresses the modem in bps Possible values 3 The Baud rate of the serial terminal connection is...

Page 135: ...this field is set by default to It should only be changed if the escape character of the modem is different Modem Init Sequence Only for AUX Port Status enabled Here you can enter an initialization st...

Page 136: ...n splitting ports make sure that Ethernet interface is assigned with the preconfigured IP address and netmask to a port that can be reached via Ethernet If in doubt carry out the configuration using a...

Page 137: ...erely logically separates these from each other The available total bandwidth of max 1000 mbps full duplex for all resulting interfaces remains the same For example if you split all the switch ports f...

Page 138: ...interface and switch port 5 is assigned to interface Configured Speed Mode Select the mode in which the interface is to run Possible values 93 3 default value 3 3 3 3 5 93 3 3 5 3 3 5 93 3 3 5 3 9 5...

Page 139: ...er the settings for your ISDN connection Here you set the most important parameters of your ISDN connection MSN Configuration Here you tell your device how to react to incoming calls from the WAN 11 3...

Page 140: ...itch type D channel detection for switched line is to be automatically identified The function is enabled with The function is enabled by default Result of Autoconfig uration Shows the status of the I...

Page 141: ...N connection type Possible values 3 default value Point to multipoint connection Point to point ISDN access ISDN Switch Type Only for Port Usage Select the ISDN protocol supplied by your provider Poss...

Page 142: ...vanced Settings menu Field Description X 31 X 25 in D Chan nel Select whether you want to use X 31 X 25 in the D channel e g for CAPI applications The function is enabled with The function is disabled...

Page 143: ...of the CAPI ap plication is ignored and the default value set here is always used 7 1 is set if you want to use X 31 TEI for the X 25 device ISDN PRI interface For a Primary Rate Interface PRI or S2M...

Page 144: ...ld Description Port Name Shows the name of the ISDN port Port Usage Select whether the ISDN switch type D channel detection for switched line is to be automatically identified Possible values default...

Page 145: ...e connection With incoming calls this basis call number is cut off by the called party number With outgoing calls this main number is attached to the number to be called calling party number Channel S...

Page 146: ...sends the clock signal for synchronization between the sender and the recipient If the clock signal is not sent by the exchange itself one of the con nection partners must sent the signal Possible val...

Page 147: ...les Note This function is only available for leased lines Fields in the New Bundle menu Field Description Description Enter the name of the channel bundle Bundle Type Displays the type of channel bund...

Page 148: ...PPP routing service is your device s general routing service This enables ISDN remote terminals to establish data connections with your LAN among oth er things This enables partners outside your own...

Page 149: ...is forwarded from the local exchange or if available the PBX The call is then assigned to the corresponding service Note If no entry is specified ex works state every incoming ISDN call is accepted by...

Page 150: ...9 600 bps 14 400 bps 19 200 bps 38 400 bps 6 Allows PPP connections with V 120 MSN Enter the number used to check the called party number For the call to be accepted it is sufficient for the individua...

Page 151: ...intec R3502 features an integrated VDSL2 modem which supports automatic switch ing to ADSL2 If required VDSL connection is available at any time In addition to the VDSL2 modem the bintec R3502 has fiv...

Page 152: ...chipset Physical Connection Shows the current DSL operation mode The value cannot be changed Possible values 0 7 1 The ADSL link is not active ANSI T1 413 ADSL classic G DMT ITU G 992 1 Splitterless A...

Page 153: ...e DSL Parameter menu Field Description DSL Mode Only for devices with an ADSL modem bintec R3002 bintec RT3002 Define which Annex of ITU T Recommendation G 991 2 is used for the connection Possible va...

Page 154: ...e Only for ADSL Mode 3 The ADSL mode is automatically adapted to the other end with reference to G 992 3 Annex M 3 ADSL2 Plus G 992 3 Annex M is used ANSI T1 413 Only for ADSL Mode ETSI T1 413 Transmi...

Page 155: ...to ITU T recommendations G 991 2 Annex A and B and SHDLS bis according to G 991 2 Annex F and G Depending on the device type and configuration the gateway transmits the data over a pair of wires at up...

Page 156: ...connection Possible values 2 23 F3 default value Mode for the user page of the SHDSL connection 2 2 Mode for the provider page of the SHDSL connection Note CPE on the one hand and CO on the other hand...

Page 157: ...used with m pair bonding for a clock rate of 384 kbps to 11392 kbps This option supports 4 wire mode under G991 2 and Globespan Enhanced Mode 1 Four wires are used for m pair bonding with a clock rate...

Page 158: ...used for this SHDSL con nection the existing connection must first be terminated Minimum Number of active Links For Wire Mode 1 1 or 1 the minimum number of active links is defined Requested Rate Onl...

Page 159: ...idge groups Ethernet interfaces in routing mode You can use the New button to create virtual interfaces However this is only needed in special applications e g BRRP Depending on the option selected di...

Page 160: ...ice uses the IP address 192 168 42 3 for example and 192 168 46 3 for the second subnet The netmasks for both subnets must also be indicated 12 1 1 1 Edit or New Choose the icon to edit existing entri...

Page 161: ...values 0 default value The interface is not assigned for a specific purpose 6 This option only applies for routing inter faces You use this option to assign the interface to a VLAN This is done using...

Page 162: ...ocate their clients IP addresses dynamically If your provider has assigned you a MAC address enter this here DHCP Hostname Only for Address Mode 2 Enter the host name requested by the provider The max...

Page 163: ...s entered in the input field 12 2 VLAN By implementing VLAN segmentation in accordance with 802 1Q you can configure VLANs on your device The wireless ports of an access point in particular are able t...

Page 164: ...dging mode Using the VLAN menu you can make all the settings needed for this and query their status Caution For interfaces that operate in Routing mode you only assign a VLAN ID to the inter face You...

Page 165: ...Fields in the Configure VLAN menu Field Description VLAN Identifier Enter the number that identifies the VLAN In the menu you can no longer change this value Possible values are to VLAN Name Enter a u...

Page 166: ...VID Port VLAN Identifi er If a packet without a VLAN tag reaches this port it is assigned this PVID Drop untagged frames If this option is enabled untagged frames are discarded If the option is disabl...

Page 167: ...idge Group br ID VLAN Options menu Field Description Enable VLAN Enable or disable the specified bridge group for VLAN The function is enabled with The function is not activated by default Management...

Page 168: ...passport and configuration in succession i e they are managed via the WLAN controller and can no longer be amended externally With the WLAN controller you can automatically detect individual access po...

Page 169: ...ll APs manually The IP addresses of the wireless LAN controller must be entered for each AP in the Sys tem Management Global Settings System menu in the Manual WLAN Controller IP Address field Please...

Page 170: ...the list At least one wireless network VSS is set up This entry cannot be deleted Click on to edit an existing entry You can also delete entries using the icon With Add you can create new entries You...

Page 171: ...o a wireless network via a RADIUS server With Add you can create new entries Enter the IP address and the password of the desired RADIUS server EAP Preauthentification For Security Mode 8 select wheth...

Page 172: ...plays the wireless networks that are currently assigned The following parameters are available in the wireless module 1 menu The parts wireless module 1 and wireless module 2 are displayed if the AP h...

Page 173: ...our WLAN controller shall manage In the Manage column click on the desired entries or click on Select all in order to select all entries Click the Deselect all button to disable all entries and to the...

Page 174: ...n you start the process with OK a progress bar is displayed The located AP display is updated every ten seconds 13 2 Controller Configuration In this menu you make the basic settings for the wireless...

Page 175: ...erver DHCP Pool New Advanced Set tings in the DHCP Options field on the Add button Select as Option 2 8 2 and in the Value field enter the IP address of the WLAN controller If you use static IP addres...

Page 176: ...the setting 8 maintains its con figuration until the connection is reestablished It then boots up and the controller and the AP then resynchronize Slave AP LED mode The feature is only for the Access...

Page 177: ...us but is no longer Click on the START button under Channel reallocation in order to reassign any assigned channels e g when a new access point has been added Possible values for Status Status Meaning...

Page 178: ...ller Slave AP configuration Slave Access Points menu if the correspond ing device has two wireless modules With devices featuring a single wireless module the data for wireless module 1 are displayed...

Page 179: ...eless module is not active Active Radio Profile Displays the wireless module profile that is currently selected You can select another wireless module profile from the list if more than one wireless m...

Page 180: ...Possible values are to and 3 default value For Operation Band G Possible values are and 3 default value For Operation Band G 5 3 and G 3 Only the 3 option is possible here Used Channel Only for manage...

Page 181: ...with 2 4 GHz and a pro file with 5 GHz are created by default the 2 4 GHz profile cannot be deleted For each wireless module profile you will see an entry with a parameter set Radio Profiles Configur...

Page 182: ...n the menu Radio Profile Definition Field Description Description Enter the desired description of the wireless module profile Operation Mode Define the mode in which the wireless module profile is to...

Page 183: ...Access BFWA applications The frequencies in the frequency range from 5755 MHz to 5875 MHz may only be used in conjunction with commercial offers for public network accesses and requires registration w...

Page 184: ...be sup ported by all clients basic rates This mode is also needed for Centrino clients if connection problems occur 5 Your device adapts to the client technology and operates according to either 802...

Page 185: ...this function should not be active Airtime fairness This function is not available for all devices The Airtime fairness function ensures that the access point s send resources are distributed intellig...

Page 186: ...ere With Add you can add channels If all available channels are displayed you cannot add any more entries You can also delete entries using the icon Beacon Period Enter the time in milliseconds betwee...

Page 187: ...mpts to send a data packet of length greater than the value defined in RTS Threshold After this many failed attempts the packet is discarded Possible values are to The default value is Fragmentation T...

Page 188: ...menu A wireless network is cre ated by default For every wireless network VSS you see an entry with a parameter set VSS Descrip tion Network Name SSID Number of associated radio modules Security Stat...

Page 189: ...d Description Network Name SSID Enter the name of the wireless network SSID Enter an ASCII string with a maximum of 32 characters Also select whether the Network Name SSID is to be trans mitted The ne...

Page 190: ...er with the MAC bridge function WMM Select whether voice or video prioritisation via WMM Wireless Multimedia is to be activated for the wireless network so that optimum transmission quality is always...

Page 191: ...r Security Mode 8 and 8 Select whether you want to use WPA with TKIP encryption or WPA 2 with AES encryption or both Possible values 8 8 default value WPA and WPA 2 can be used 8 Only WPA is used 8 On...

Page 192: ...cted to another access point can first carry out 802 1x authentication as soon as they are within range Such WLAN clients can then simply connect over the existing network connection with your device...

Page 193: ...set Max number of clients soft limit and Max number of clients hard limit to identical values Client Band select Not all devices support this function This function requires a dual radio setup where...

Page 194: ...eds a certain number This threshold value and the duration of the block can be configured A blocked client is blocked at all the APs that are managed by the wireless LAN controller for the VSS concern...

Page 195: ...oller Monitoring Active Clients In the Wireless LAN Controller Monitoring Active Clients menu current values of all active clients are displayed For each client you will see an entry with the followin...

Page 196: ...k For each wireless a parameter set is displayed Location Name VSS MAC Address VSS Channel Clients Status 13 4 3 Load Balancing Fig 71 Wireless LAN Controller Monitoring Load Balancing The Wireless LA...

Page 197: ...P SSID MAC Address Signal dBm Channel Security Last seen Strongest signal received by Total detections The entries are displayed in alphabetical order by SSID Security shows the security set tings of...

Page 198: ...pted Note Check the rogue APs shown carefully as an attacker could attempt to spy on data in your network using a rogue AP You can class a rogue AP as trustworthy by enabling the Accepted checkbox If...

Page 199: ...the SSID involved Attacked Access Point Displays the AP concerned Signal dBm Displays the signal strength of the client during the attempted access Type of attack This displays the type of potential...

Page 200: ...to include in the static blacklist Network Name SSID Pick the wireless network you want to exclude the rogue client from 13 5 Maintenance This menu is used for the maintenance of your managed APs 13...

Page 201: ...ror has occurred Running The operation is currently in progress Done The update is complete The Wireless LAN Controller Maintenance Firmware Maintenance menu consists of the following fields Fields in...

Page 202: ...TFTP server specified in the URL URL Only for Source Location or 9 Enter the URL of the update server from which the system soft ware file is loaded or on which the configuration file is saved 13 Wir...

Page 203: ...If for example you configure both Internet access and a corporate network connection enter a default route to the ISP and a network route to the head office You can enter several default routes on you...

Page 204: ...s Fields in the menu Basic Settings Field Description Interface Select the interface to be used for this route Route Type Select the type of route Possible values 3 3 Route via a specific in terface w...

Page 205: ...ity to be specified However if the DHCP server sends static routes the settings configured here are not copied to the routing 3 3 2 The routing in formation is taken entirely from the DHCP server Only...

Page 206: ...Local IP Address Only for Route Type 3 3 3 or 1 7 3 Enter the IP address of the host to which your device is to for ward the IP packets Destination IP Ad dress Netmask Only for Route Type 3 or 1 7 3 E...

Page 207: ...source port First select the port number range Possible values default value The route is valid for all port numbers Enables the entry of a port number Enables the entry of a range of port numbers Ent...

Page 208: ...Type of Service TOS Possible values default value The type of service is ignored 2 6 3 Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets indicated i...

Page 209: ...the interface is up 3 The route can be used when the interface is up 1 3 The route can be used when the interface is up If the interface is dormant then dial and wait until the interface is up In thi...

Page 210: ...e type Extended Route Displays whether a route has been configured with advanced parameters Delete You can delete entries with the symbol 14 1 3 Options Back Route Verify The term Back Route Verify de...

Page 211: ...the interface Back Route Verify Only for Mode Select whether 7 3 6 is to be activated for the interface The function is enabled with By default the function is deactivated for all interfaces 14 2 NAT...

Page 212: ...ten used in order to interpret queries from the LAN as if they were coming from the WAN You can use this to test the server ser vices The function is disabled by default Silent Deny Select whether IP...

Page 213: ...as well as translate addresses and ports For outgoing data traffic you can configure various NAT methods i e you can determine how an external host es tablishes a connection to an internal host 14 2 2...

Page 214: ...o an ex ternal destination host over the NAT interface and in which an internally valid source address and internally valid source port are translated to an externally valid source address and an ex t...

Page 215: ...Possible values 3 default value All data packets will be excluded from NAT if they match the subsequently specified paramet ers Protocol Source IP Address Netmask Destination IP Ad dress Netmask ect 3...

Page 216: ...iption default value 2 2 C 9 0 6 2 0 6 C Source IP Address Netmask Only for Type of traffic or 3 8 3 Enter the source IP address and corresponding netmask of the 14 Networking Teldat GmbH 202 bintec R...

Page 217: ...rises Original Source Port Only for Type of traffic 3 3 NAT method Service 3 and Pro tocol 2 0 2 50 Enter the source port of the original data packets The default setting means that the port remains u...

Page 218: ...sponding netmask as the case arises New Destination Port Only for Type of traffic Service 3 and Protocol 2 0 2 50 Leave the destination port as it appears or enter the destination port to which the or...

Page 219: ...o Multilink PPP based solutions load balancing also functions with accounts with different providers Session based load balancing is achieved Related dependent sessions are always routed over the same...

Page 220: ...y added ses sion is assigned to one of the group interfaces according to the percentage assignment of sessions to the interfaces The number of sessions is decisive 1 A newly added session is assigned...

Page 221: ...ue Also includes idle interfaces 3 Only interfaces in the up state are included In the Interface area you add interfaces that match the current group context and config ure these You can also delete i...

Page 222: ...e Route Selector parameter is an additional criterion to help define a load balancing group more precisely Here routing in formation is added to the interface entry within a load balan cing group The...

Page 223: ...face s load bal ancing status now varies according to the status of the assigned host surveillance entry Select the IP address for the route to be monitored You can choose from the IP addresses you ha...

Page 224: ...ers the first HTTPS packet specifies the Destination Address and the Destination Port i e Port 443 with HTTPS for data packets sent subsequently If underFrozen Parameters for the two parameters Destin...

Page 225: ...entry Service Select one of the preconfigured services if required The ex tensive range of services configured ex works includes the fol lowing F 3 H The default value is 0 Protocol Select a protocol...

Page 226: ...e Port Range Enter if required a source port number or a range of source port numbers Possible values default value The destination port is not specified Enter a destination port Enter a destination p...

Page 227: ...ubsequently as it did in the first data packet So it cannot be disabled 14 4 QoS QoS Quality of Service makes it possible to distribute the available bandwidths effectively and intelligently Certain a...

Page 228: ...escription Description Enter the name of the filter Service Select one of the preconfigured services The extensive range of services configured ex works includes the following F 3 H The default value...

Page 229: ...and the corresponding netmask Destination Port Range Only for Protocol 2 or 0 Enter a destination port number or a range of destination port numbers Possible values default value The destination port...

Page 230: ...ied in binary format e g 00111111 6 3 The TOS value is specified in decimal format e g 63 6 3 The TOS value is specified in hexadecimal format e g 3F COS Filter 802 1p Layer 2 Enter the service class...

Page 231: ...u can create a new class plan with this setting A B Shows a class plan that has already been created which you can select and edit You can add new filters Description Only for Class map 1 Enter the na...

Page 232: ...the class with the highest priority and priority 0 is set automatically The function is enabled with The function is disabled by default Class ID Only for High Priority Class not active Choose a numbe...

Page 233: ...sed on the class Class ID that has been defined Possible values are whole numbers between and The default value is Interfaces Only for Class map 1 When creating a new class plan select the interfaces...

Page 234: ...oS Interfaces Policies New The Networking QoS QoS Interfaces Policies New menu consists of the following fields Fields in the Basic Parameters menu Field Description Interface Select the interface for...

Page 235: ...the send direction The function is enabled with The function is disabled by default Maximum Upload Speed Only for Traffic shaping enabled Enter a maximum data rate for the queue in the send direction...

Page 236: ...56 Twofish cipher block size 128 Bit Real Time Jitter Con trol Only for Traffic shaping enabled Real Time Jitter Control optimises latency when forwarding real time datagrams The function ensures that...

Page 237: ...lass plan which is associated with the selected interface a queue is generated automatically and displayed here only for data traffic classified as outgoing and for data traffic classified as moving i...

Page 238: ...value is RTT Mode Realtime Traffic Mode Active or deactivate the real time transmission of the data The function is enabled with The function is disabled by default RTT mode should be activated for Qo...

Page 239: ...is deactivated the queue can never occupy bandwidth beyond the bandwidth limit that has been set The function is enabled with The function is disabled by default Burst size Only for Traffic Shaping en...

Page 240: ...Min queue size Enter the lower threshold value for the process prevention of data congestion RED in bytes Possible values are to The default value is Max queue size Enter the upper threshold value fo...

Page 241: ...tion port You use the rules that you set up in the access lists to tell the gateway what to do with the filtered data packets i e whether it should allow or deny them You can also define several rules...

Page 242: ...ch filter describes a certain part of the IP traffic and defines for example the IP addresses the protocol the source port or the des tination port A list of all access filters is displayed in the Net...

Page 243: ...u Field Description Description Enter a description for the filter Service Select one of the preconfigured services The extensive range of services configured ex works includes the following F 3 H The...

Page 244: ...not open any new TCP connection on routing over the gateway match the filter Destination IP Ad dress Netmask Enter the destination IP address and netmask of the data pack ets Possible values default...

Page 245: ...elect the Type of Service TOS Possible values default value The type of service is ignored 2 6 3 Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets i...

Page 246: ...created separ ately or incorporated in rule chains In the Networking Access Rules Rule Chains menu all created filter rules are listed Fig 91 Networking Access Rules Rule Chains 14 5 2 1 Edit or New C...

Page 247: ...n Define the action to be taken for a filtered data packet Possible values 1 default value Allow packet if it matches the filter 1 Allow packet if it does not match the filter Deny packet if it matche...

Page 248: ...Fig 94 Networking Access Rules Interface Assignment New The Networking Access Rules Interface Assignment New menu consists of the fol lowing fields Fields in the Basic Parameters menu Field Descriptio...

Page 249: ...al interfaces can be combined in a drop in group and as signed to a network to do this All of the interfaces are then configured with the same IP ad dress Within a segment network components which are...

Page 250: ...to send the MAC addresses of network components Possible values default value ARP packets and IP packets belonging to the drop in network are routed transparently unchanged ARP packets and IP packets...

Page 251: ...ample if your provider s router is being used as the DHCP server You can choose from the interfaces available to your device however the interface must be a member of the drop in group ARP Lifetime De...

Page 252: ...on The function is disabled by default Interface Selection Select all the ports which are to be included in the Drop In group in the network Add new entries with Add 14 Networking Teldat GmbH 238 bint...

Page 253: ...as changed In this case only the changed information is sent Observing the information sent by other devices enables new routes and shorter paths for existing routes to be saved in the routing table A...

Page 254: ...version 1 RIP packets 6 Enables sending and receiving of version 2 RIP packets 6 56 Enables sending and receiving RIP packets of both version 1 and 2 6 3 For sending RIP V2 messages over multicast ad...

Page 255: ...interfaces for leased lines Routes are propagated if the interface status is up or ready 0 default value Routes are only propagated if the interface status is up 1 Routes are always propagated indepe...

Page 256: ...button to insert another filter above the list entry The configuration menu for creating a new window opens You can use the button to move the list entry A dialog box opens in which you can se lect th...

Page 257: ...s to the export or import of routes Possible values default value Metric Offset for Active Interfaces Select the value to be added to the route metric if the status of the interface is up During expor...

Page 258: ...t that no other devices use The default value should be retained Default Route Distribu tion Select whether the default route of your device is to be propag ated via RIP updates The function is enable...

Page 259: ...values that you can configure in the Timer for Triggered RIP RFC 2091 menu should be used The function is enabled with The function is disabled by default If the function is not activated the times de...

Page 260: ...te request or update response packets are sent again until an update flush or update acknowledge packet arrives The default value is 5 seconds 15 2 OSPF OSPF Open Shortest Path First is a dynamic rout...

Page 261: ...the information on reachability in the network is exchanged between areas Usually all information is sent to the backbone area which then passes the information to the other areas Network links are se...

Page 262: ...he gateways incorporated in the area 15 2 1 Areas OSPF areas must be defined before the gateway interface can be assigned to an area A list of all configured OSPF areas is displayed in the Routing Pro...

Page 263: ...route only ABR Only for Import external routes Select whether the Area Border Gateway shall send no LSA s in the stub area but rather only propagate a default route The function is enabled with The f...

Page 264: ...to modify the OSPF settings fot the interfaces Fig 104 Routing Protocols OSPF Interfaces The Routing Protocols OSPF Interfaces menu consists of the following fields Fields in the OSPF Interface Config...

Page 265: ...automatically set on the basis of the interface speed 9 Enter a specific value in Metric direct routes Metric direct routes Enter the base metric value The basis of the metric actually used for a rout...

Page 266: ...ghbors and setting of DoNotAge flags on the propagated LSA shall be performed Yes default value or not This option should be enabled particularly in the case of connections for which the costs are cal...

Page 267: ...m this interface are discarded and an ICMP Unreachable Reply is gen erated IGNORE means if a route exists on this that packets from this interface are discarded without comment If the option is activa...

Page 268: ...to hold audio con ferences All subscribers are displayed in a window and the speaker s are indicated by a black box Other areas of use are of particular interest to companies Here multicasting makes i...

Page 269: ...dresses Several senders with different IP addresses can therefore transmit to the same multicast group leading to a 1 to n rela tionship between groups and source addresses This information is forward...

Page 270: ...kets explicitly wanted by a host enter the subnet Special mechanisms ensure that the requirements of the individual clients are taken into consideration At the moment there are three versions of IGMP...

Page 271: ...MP New menu consists of the following fields Fields in the IGMP Settings menu Field Description Interface Select the interface on which IGMP is to be enabled i e queries are sent and responses are acc...

Page 272: ...ssible values are to The default value is Last Member Query In terval Define the time after a query for which the router waits for an answer If you shorten the interval it will be more quickly detecte...

Page 273: ...he Advanced Settings menu Field Description IGMP Proxy Select whether your device is to forward the hosts IGMP mes sages in the subnet via its defined Proxy Interface Proxy Interface Only for IGMP Pro...

Page 274: ...always off Mode Only for IGMP Status 0 or 3 Select Multicast Mode Possible values 2 default value The router uses IG MP version 3 If it notices a lower version in the network it uses the lowest versi...

Page 275: ...arding rules for new multicast groups Fig 110 Multicast Forwarding Forwarding New The Multicast Forwarding Forwarding New menu consists of the following fields Fields in the Basic Parameters menu Fiel...

Page 276: ...s possible dynamic routing from multicast packets With PIM the distribution of information is regu lated via a central point which is known as the rendezvous point Data packets are initially routed he...

Page 277: ...ticast routing is operated PIM Mode Indicates the mode to be used for PIM Your device uses PIM in sparse mode The entry cannot be changed Use as Stub interface Determine whether or not the interface i...

Page 278: ...ns that no PIM Hello messages are sent on this interface Possible values to seconds The default value is Triggered Hello Inter val Define the maximum waiting time until a PIM Hello message is sent aft...

Page 279: ...LAN Prune Delay option in the PIM Hello messages which are sent on this interface Propagation Delay and Override Interval represent the so called LAN Prune Delay settings These result in a delay in pr...

Page 280: ...e PIM Rendezvous Points select the New button Fig 114 Multicast PIM PIM Rendezvous Points New The Multicast PIM PIM Rendezvous Points New menu consists of the following fields Fields in the PIM Rendez...

Page 281: ...RP configurations This allows precise control over which configuration is to be replaced by this static configuration When the function is activated pimStaticRPOverrideDynamic is ignored The absolute...

Page 282: ...message must be sent Possible values to The default value is Register Suppression Timer Enter the time in seconds after which a PIM Designated Router DR should no longer send any register encapsulate...

Page 283: ...nt to set up Internet access you must set up a connection to your Internet Service Provider ISP For broadband Internet access your device provides the PPP over Ethernet PPPoE PPP over PPTP and PPP ove...

Page 284: ...be explicitly defined and admitted Connection Idle Timeout The connection idle timeout is determined in order to clear the connection automatically if it is not being used i e if data is no longer be...

Page 285: ...atic channel bundling for dialup connections Channel bundling can only be used for ISDN connections for a bandwidth increase or as a backup Only one B channel is initially opened when a connection is...

Page 286: ...ds in the Basic Parameters menu Field Description Description Enter a name to uniquely identify the PPPoE partner The first character in this field must not be a number No special charac ters or umlau...

Page 287: ...ly for PPPoE Mode Select the Ethernet interface specified for a standard PPPoE connection If you want to use an external DSL modem select the Ethernet port to which the modem is connected When using t...

Page 288: ...LAN transmis sion for Internet connections Fields in the IP Mode and Routes menu Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should...

Page 289: ...ription Block after connection failure for Enter the wait time in seconds before the device should try again after an attempt to set up a connection has failed The de fault value is Maximum Number of...

Page 290: ...ritize TCP ACK Packets Select whether the TCP download is to be optimised in the event of intensive TCP upload This function can be specially applied for asymmetrical bandwidths ADSL The function is e...

Page 291: ...he WAN Internet Dialup PPTP menu In this menu you configure an Internet connection that uses the Point Tunnelling Protocol PPTP to set up a connection This is required in Austria for example 17 1 2 1...

Page 292: ...y identifying the internet connection The first character in this field must not be a number No special characters or umlauts must be used PPTP Ethernet Inter face Select the IP interface over which p...

Page 293: ...ow many seconds should pass between sending the last traffic data pack et and clearing the connection Possible values are to seconds deactivates the timeout The default value is Example for FTP transm...

Page 294: ...s with Add IP address of the destination host or network 7 Netmask for Remote IP Address If no entry is made your device uses a default netmask The lower the value the higher the priority of the route...

Page 295: ...tion partner MSCHAP version 1 or 2 possible 2 Run MS CHAP version 2 only Some providers use no authentication In this case se lect this option DNS Negotiation Select whether your device receives IP ad...

Page 296: ...The function is enabled with The function is enabled by default 17 1 3 PPPoA A list of all PPPoA interfaces is displayed in the WAN Internet Dialup PPPoA menu In this menu you configure a xDSL connec...

Page 297: ...identifying the connection partner The first character in this field must not be a number No special characters or umlauts must be used ATM PVC Select an ATM profile created in the ATM Profiles menu...

Page 298: ...seconds deactivates the short hold The default value is Example for FTP transmission for LAN to LAN transmis sion for Internet connections Fields in the IP Mode and Routes menu Field Description IP Ad...

Page 299: ...ced Settings consists of the following fields Fields in the Advanced Settings menu Field Description Block after connection failure for Enter the wait time in seconds before the device should try agai...

Page 300: ...tion partner or sends these to the connection partner The function is enabled with The function is enabled by default Prioritize TCP ACK Packets Select whether the TCP download is to be optimised in t...

Page 301: ...ccess over ISDN LAN to LAN connection over ISDN Remote Mobile dial in Use of the ISDN Callback function 17 1 4 1 New Choose the Newbutton to set up new ISDN interfaces Teldat GmbH 17 WAN bintec Rxxx2...

Page 302: ...Fig 119 WAN Internet Dialup ISDN New The menu WAN Internet Dialup ISDN New consists of the following fields Fields in the Basic Parameters menu 17 WAN Teldat GmbH 288 bintec Rxxx2 RTxxx2...

Page 303: ...ions User Name Enter your device code local PPP user name Remote User for Dial in only Enter the code of the remote terminal remote PPP user name Password Enter the password Always on Select whether t...

Page 304: ...olicy Only for IP Address Mode and When you configure an ISDN Internet connection specify whether Network Address Translation NAT is to be activated The function is enabled with The function is disabl...

Page 305: ...etup a connec tion before the interface is blocked Possible values are to The default value is Usage Type If necessary select a special interface use Possible values default value No special type is s...

Page 306: ...ion If Encryption is set the remote terminal must also sup port it otherwise a connection cannot be set up Possible values default value MPP encryption is not used MPP encryption V2 with 128 bit is us...

Page 307: ...out call back This only applies if no fixed outgoing number has been configured for the connection partner This is done by closing the dialog box that appears with Cancel Fields in the Bandwith on Dem...

Page 308: ...incoming call is compared with the number entered under Call Number Call Number Enter the connection partner s numbers Number of Used Ports Select which port is used Fields in the IP Options menu Fiel...

Page 309: ...the connection to the connection partner is 0 i e a connection already exists to the connection partner DNS Negotiation Select whether your device receives IP addresses for Primary DNS Server and Sec...

Page 310: ...ialup AUX New menu consists of the following fields Fields in the Basic Parameters menu Field Description Description Enter a name for uniquely identifying the WAN partner The first character in this...

Page 311: ...aring the connection Possible values are to seconds deactivates the short hold The default value is Fields in the IP Mode and Routes menu Field Description IP Address Mode Select whether your device i...

Page 312: ...sk The lower the value the higher the priority of the route range of values The default value is IP Assignment Pool Only if IP Address Mode Select IP pools configured in the WAN Internet Dialup IP Poo...

Page 313: ...rtner MSCHAP version 1 or 2 possible default value Only run PAP PPP Password Authentic ation Protocol the password is transferred unencrypted 2 Only run CHAP PPP Challenge Handshake Authentic ation Pr...

Page 314: ...f the following options Your device calls the connection partner to request a callback 8 1 2 Your device calls the connection partner to request a callback via CBCP Callback Control Protocol Needed fo...

Page 315: ...the menu Dial Number Configuration entry 1 only appears for Entries Add Field Description Mode Only if Entries Defines whether Number should be used for incoming or outgo ing calls or for both Possib...

Page 316: ...can be assigned to dialling in connection partners for the duration of the connection Any host routes entered always have priority over IP addresses from the address pools This means that if an incomi...

Page 317: ...d networks You will need ATM for example if you want high speed access to the Internet via the integrated ADSL or SHDSL modem In an ATM network different applications such as speech video and data can...

Page 318: ...S is available i e the size of various network para meters such as bit rate delay and jitter can be guaranteed OAM Operation Administration and Maintenance is used to monitor the data transmission in...

Page 319: ...anually define the profile using 0 Description Only for Provider 0 Enter the desired description for the connection ATM Interface Only if several ATM interfaces are available e g if several inter face...

Page 320: ...value is Virtual Channel Identi fier VCI Only for Provider 0 Enter the VCI value of the ATM connection The VCI is the iden tification number of the virtual channel A virtual channel is the logical co...

Page 321: ...thernet over ATM Field Description Default Ethernet for PPPoE Interfaces Only for Type Select whether this Ethernet over ATM interface is to be used for all PPPoE connections The function is enabled w...

Page 322: ...address of the DHCP Hostname Only for Address Mode 2 If necessary enter the host name registered with the provider to be used by your device for DHCP requests The maximum length of the entry is 45 cha...

Page 323: ...Virtual Circuit to which specific data traffic parameters were assigned Your device supports QoS Quality of Service for ATM interfaces Caution ATM QoS should only be used if your provider specifies a...

Page 324: ...sible settings 0 0 default value No specif ic data rate is guaranteed for the connection The Peak Cell Rate PCR specifies the limit above which data is discarded This category is suitable for non crit...

Page 325: ...ned Cell Rate SCR Only for ATM Service Category 6 6 6 or 6 6 6 Enter a value for the minimum available guaranteed data rate in bits per second Possible values to The default value is Maximum Burst Siz...

Page 326: ...Caution The configuration of OAM requires extensive knowledge of ATM technology and the way the Teldat devices functions An incorrect configuration can cause considerable disruption during operation I...

Page 327: ...ed displayed by the VPI Fields in the Loopback menu Field Description Loopback End to End Select whether you activate the loopback test for the connection between the endpoints of the VCC or VPC The f...

Page 328: ...l to materialise before the connection is regarded as in terrupted down Possible values are to The default value is Fields in the CC Activation menu Field Description Continuity Check CC End to End Se...

Page 329: ...nt and answered after CC ne gotiation CC activation negotiation Depending on the setting in the Direction field OAM CC requests are either sent and or responded to There is no CC negotiation The funct...

Page 330: ...the WAN Leased Line Interfaces menu a list of all is displayed Automatic genera tion requires the corresponding ISDN interface to be configured Fig 125 WAN Leased Line Interfaces 17 WAN Teldat GmbH 31...

Page 331: ...ISDN S0 menu consists of the following fields Fields in the Basic Parameters menu Field Description Description Enter the desired description for the connection Fields in the IP Mode and Routes menu...

Page 332: ...TCP ACK Packets Select whether the TCP download is to be optimised in the event of intensive TCP upload The function is enabled with The function is disabled by default Compression If necessary select...

Page 333: ...r the specified connection partner Possible values default value Deactivates Proxy ARP for this connection partner 0 Your device only responds to an ARP re quest if the status of the connection to the...

Page 334: ...on for the connection Fields in the IP Mode and Routes menu Field Description Default Route Select whether the route to this connection partner is to be defined as the default route The function is en...

Page 335: ...or data traffic to the connection partner If encryption is set the remote terminal must also support it otherwise a connection cannot be set up Possible values default value Encryption is not used 2 2...

Page 336: ...i e a connection already exists to the connection partner 17 4 Real Time Jitter Control When telephoning over the Internet voice data packets normally have the highest priority Nevertheless if the up...

Page 337: ...tim ised Control Mode Select the mode for the optimisation Possible values 2 default value By means of the data routed via the media gateway the system detects voice data traffic and optimises the voi...

Page 338: ...s the Internet The devices used function here as the endpoints of the VPN tunnel IPSec involves a num ber of Internet Engineering Task Force IETF standards which specify mechanisms for the protection...

Page 339: ...rce IP address or the source port If a Additional Traffic Filter is configured this is used to negotiate the IPSec phase 2 SAs the route now only determines which data traffic is to be routed If an IP...

Page 340: ...he menu for monitoring a peer is called by selecting the button for the peer in the peer list See Values in the IPSec Tunnels list on page 532 18 1 1 1 New Choose the New button to set up more IPSec p...

Page 341: ...PSec Peers New consists of the following fields Fields in the menu Peer Parameters Field Description Administrative Status Select the status to which you wish to set the peer after saving the peer con...

Page 342: ...figurations whereby your device then cannot initiate an IPSec connection Peer ID Select the ID type and enter the peer ID This entry is not necessary in certain configurations The maximum length of th...

Page 343: ...Key Exchange Enter the ID of your device For Authentication Method 3 or 3 the Use Subject Name from certificate option is dis played When you enable the Use Subject Name from certificate op tion the f...

Page 344: ...ss as server for connecting clients This is taken from the selected IP Assignment Pool Config Mode Only for IP Address Assignment 2 or 2 2 Possible values 3 default value The client requests the IP ad...

Page 345: ...e priority of the route Value range from to The default value is Route Entries Only for IP Address Assignment or 2 2 Define routing entries for this connection partner IP address of the destination ho...

Page 346: ...ns at the same time there can be problems due to compet ing routes or the coarser filtering of the data traffic The Additional Traffic Filter parameter fixes this problem You can filter more finely i...

Page 347: ...value matches any protocol Source IP Address Netmask Enter if required the source IP address and netmask of the data packets Possible values Enter the IP address of the host 1 7 default value Enter t...

Page 348: ...ked as standard in VPN IPSec Phase 1 Profiles 3 Uses a special profile which contains the proposals for Phase 1 3DES MD5 AES MD5 and Blowfish MD5 regardless of the proposal selection in menu VPN IPSec...

Page 349: ...e Select how the peer is to be switched to the active state Possible values default value The peer is switched to the active state by a trigger 1 3 The peer is always active Fields in the menu Advance...

Page 350: ...ts to use the route 0 Your device responds to an ARP request only if the status of the connection to the IPSec peer is 0 active i e a connection already exists to the IPSec peer IPSec Callback Teldat...

Page 351: ...interface over which the tunnel is to be imple mented is activated first by the IPSec Daemon If IPSec with DynDNS is configured on the local device the own IP address is propagated first and then the...

Page 352: ...active role the other the passive role Both sides can take on both roles both The IP address transfer and the start of IKE phase 1 negotiation take place in the following steps 1 Peer A the callback...

Page 353: ...initiates setting up an IPSec tunnel to the peer No ISDN calls are sent to the remote device to cause this to set up an IPSec tunnel The local device sends an ISDN call to the remote device to cause t...

Page 354: ...ally determines the most favourable D channel mode The use of the B channel is excluded 0 2 Your device tries to transfer the IP address in the mode set in the Mode field 2 E 7 2 Your device tries to...

Page 355: ...ed tunnel profiles is displayed in the VPN IPSec Phase 1 Profiles menu Fig 132 VPN IPSec Phase 1 Profiles In the Default column you can mark the profile to be used as the default profile 18 1 2 1 New...

Page 356: ...hms for IKE phase 1 on your device The combination of six encryption algorithms and four message hash algorithms gives 24 possible values in this field At least one proposal must exist Therefore the f...

Page 357: ...used with a key length of 128 bits Rijndael has been nominated as AES due to its fast key setup low memory requirements high level of secur ity against attacks and general speed Here it is used with a...

Page 358: ...t 1024 bits is used to create the en cryption material During the Diffie Hellman key calculation modular exponentiation at 1536 bits is used to create the en cryption material Lifetime Create a lifeti...

Page 359: ...mber of this certificate and the name under which it is saved This field is only shown for authentication settings based on certificates and indicates that a certificate is essential Mode Only for Pha...

Page 360: ...names see Certificates on page 106 you must make sure your device selects the first al ternative subject name by default Make sure you and your peer both use the same name i e that your local ID and t...

Page 361: ...manufacturers Your device expects a heartbeat from the peer but does not send one itself Your device expects no heart beat from the peer but sends one itself K Your device expects a heartbeat from th...

Page 362: ...se between IPSec and NAT see RFC 3715 section 2 These primarily prevent the setup of an IPSec tunnel from a host within a LANs and behind a NAT device to another host or device NAT T enables these kin...

Page 363: ...efine profiles for phase 2 of the tunnel setup just as for phase 1 In the VPN IPSec Phase 2 Profiles menu a list of all configured IPSec phase 2 profiles is displayed Fig 134 VPN IPSec Phase 2 Profile...

Page 364: ...fault The combination of six encryption algorithms and two message hash algorithms gives 12 possible values in this field Encryption algorithms Encryption default value 3DES is an extension of the DES...

Page 365: ...as the successor to Blowfish 2 CAST is also a very secure algorithm marginally slower than Blowfish but faster than 3DES DES is an older encryption algorithm which is rated as weak due to its small ef...

Page 366: ...ortly before expiry of the current SAs As for RFC 2407 the default value is eight hours which means the key must be renewed once eight hours have elapsed The following options are available for defini...

Page 367: ...ds and receives signals every 5 seconds depending on the configuration If these signals are not received after 20 seconds the SA is discarded as invalid Possible values 3 default value Automatic detec...

Page 368: ...en server e g SecOVID from Kobil which is installed behind the Radius Server If a company s headquarters is connected to several branches via IPSec several peers can be configured A specific user can...

Page 369: ...us server It is configured in the System Management Re mote Authentication RADIUSmenu and selected in the RADIUS Server Group ID field Authentication is carried out via a local list Name Only for Role...

Page 370: ...or New Choose the New button to set up new IP address pools Choose the icon to edit exist ing entries Fig 137 VPN IPSec IP Pools New Fields in the menu Basic Parameters Field Description IP Pool Name...

Page 371: ...e Global Options menu Field Description Enable IPSec Select whether you want to activate IPSec The function is enabled with The function is active as soon as an IPSec Peer is configured Delete complet...

Page 372: ...ertain functions and features to the special requirements of your environment i e mostly interoperability flags are set The default val ues are globally valid and enable your system to work correctly...

Page 373: ...okies are to be sent These are equivalent to the SPI Security Parameter Index in IKE proposals as they are redundant they are normally set to the value of the negotiation currently in progress Alterna...

Page 374: ...not wish to send the peer the certificates of all levels from your level to the CA level Send CRLs Select whether CRLs are to be sent during IKE phase 1 The function is enabled with The function is di...

Page 375: ...nnel profile is used on the initiator side LAC to set up the connection The L2TP tunnel profile is needed on the responder side LNS to accept the connection 18 2 1 Tunnel Profiles A list of all config...

Page 376: ...n the SCCRQs received from the LNS and the SCCRPs received from the LAC A Local Hostname con figured in the LAC must match Remote Hostname configured for the intended profile in the LNS and vice versa...

Page 377: ...P Destination Port Enter the destination port number to be used for all calls based on this profile The remote LNS that receives the call must mon itor this port on L2TP connections Possible values ar...

Page 378: ...no re sponse The available values are to the default value is Maximum Retries Enter the maximum number of times your device is to try to re send the L2TP control packet for which is received no respo...

Page 379: ...Basic Parameters menu Field Description Description Enter a name for uniquely identifying the L2TP partner The first character in this field must not be a number No special characters or umlauts must...

Page 380: ...or the con nection to this L2TP partner User Name Enter the code of your device Password Enter the password Always on Select whether the interface should always be activated The function is enabled wi...

Page 381: ...is disabled by default Create NAT Policy Only for IP Address Mode and Specify whether Network Address Translation NAT is to be ac tivated for this connection The function is enabled with The function...

Page 382: ...shake Authentic ation Protocol as per RFC 1994 password is transferred en crypted 52 Primarily run CHAP otherwise PAP 2 Only run MS CHAP version 1 PPP Microsoft Challenge Handshake Authentication Prot...

Page 383: ...whether the TCP download is to be optimised in the event of intensive TCP upload This function can be specially applied for asymmetrical bandwidths ADSL The function is enabled with The function is di...

Page 384: ...un til someone actually wants to use the route 0 Your device responds to an ARP request only if the status of the connection to the L2TP partner is 0 active i e a connection already exists to the L2T...

Page 385: ...nel to provide security for data traffic over an existing IP connection First a connection to an ISP Internet Service Provider is set up at both sites Once these connections are available a tunnel is...

Page 386: ...ew to set up further PPTP partners Fig 142 VPN PPTP PPTP Tunnels New The VPN PPTP PPTP Tunnels New menu consists of the following fields Fields in the PPTP Partner Parameters menu 18 VPN Teldat GmbH 3...

Page 387: ...always be activated The function is enabled with The function is disabled by default Connection Idle Timeout Only if Always on is disabled Enter the idle interval in seconds This determines how many...

Page 388: ...on partner is to be defined as the default route The function is enabled with The function is disabled by default Create NAT Policy Only if IP Address Mode When you configure an PPTP connection specif...

Page 389: ...Password Authentication Protocol the password is transferred unencrypted 2 Only run CHAP PPP Challenge Handshake Authentic ation Protocol as per RFC 1994 password is transferred en crypted 52 Primari...

Page 390: ...ility of the remote terminal is to be checked by sending LCP echo requests or replies This is re commended for leased lines PPTP and L2TP connections The function is enabled with The function is enabl...

Page 391: ...connection to the PPTP partner has already been estab lished DNS Negotiation Select whether your device receives IP addresses for Primary DNS Server and Secondary DNS Server from the PPTP part ner or...

Page 392: ...only if callback activated Field Description Selected Ports Enter the ISDN port over which callback is carried out Possible values The callback is routed over an available ISDN port In Specific Ports...

Page 393: ...The IP Pools menu displays a list of all IP pools for PPTP connections Your device can operate as a dynamic IP address server for PPTP connections You can use this function by providing one or more po...

Page 394: ...used preferably by clients who draw an address from this pool Secondary Optionally enter the IP address of an alternative DNS server 18 4 GRE Generic Routing Encapsulation GRE is a network protocol t...

Page 395: ...elds Fields in the Basic Parameters menu Field Description Description Enter a description for the GRE tunnel Local GRE IP Address Enter the source IP address of the GRE packets to the GRE partner If...

Page 396: ...ur device uses a default netmask The lower the value the higher the priority of the route range of values The default value is MTU Enter the maximum packet size Maximum Transfer Unit MTU in bytes that...

Page 397: ...at The configuration work for the SIF is comparatively straightforward with systems like Network Address Translation NAT and IP Access Lists IPAL As SIF NAT and IPAL are active in the system simultane...

Page 398: ...forwarded If the packet cannot be assigned to an existing connection a check is made to see if a suitable connection is expected e g as affiliated connection of an exist ing connection If so the packe...

Page 399: ...ewall Policies Filter Rules menu Fig 146 Firewall Policies Filter Rules You can use the button to insert another policy above the list entry The configuration menu for creating a new policy opens You...

Page 400: ...ket In the list all WAN LAN interfaces interface groups see Fire wall Interfaces Groups addresses see Firewall Ad dresses Address List and address groups see Firewall Addresses Groups The value means...

Page 401: ...tivated by default If QoS is not activated for this policy bear in mind that the data cannot be prioritised on the sender side either A policy for which QoS has been enabled is also set for the fire w...

Page 402: ...to set up new QoS rules Fig 148 Firewall Policies QoS New The Firewall Policies QoS New menu consists of the following fields Fields in the Configure QoS Interface menu Field Description Interface Se...

Page 403: ...th can be exceeded in the longer term By activating this field you specify that it cannot be exceeded If the option is deactivated the bandwidth can be exceeded and the excess data rate is handled in...

Page 404: ...ly to be filtered if they are sent to an interface other than the interface that created the connection With all the packets are filtered default value Fields in the Session Timer menu Field Descripti...

Page 405: ...l configured interface routes is displayed in the Firewall Interfaces Groups menu You can group together the interfaces of your device This makes it easier to configure fire wall rules 19 2 1 1 New Ch...

Page 406: ...Addresses Address List menu 19 3 1 1 New Choose the New button to create additional addresses Fig 151 Firewall Addresses Address List New The menu Firewall Addresses Address List New consists of the f...

Page 407: ...st of all configured address groups is displayed in the Firewall Addresses Groups menu You can group together addresses This makes it easier to configure firewall rules 19 3 2 1 New Choose the New but...

Page 408: ...following fields Fields in the Basic Parameters menu Field Description Description Enter an alias for the service you want to configure Protocol Select the protocol on which the service is to be base...

Page 409: ...cond field enter the last port of the port range By default the field does not contain an entry If a value is displayed this means that the previously specified port number is verified If a port range...

Page 410: ...0 9 2 3 1 1 7 2 3 1 19 4 2 Groups A list of all configured service groups is displayed in the Firewall Services Groups menu You can group together services This makes it easier to configure firewall...

Page 411: ...ields Fields in the Basic Parameters menu Field Description Description Enter the desired description of the service group Members Select the members of the group from the available service ali ases T...

Page 412: ...munica tion session 20 1 Application Level Gateway To enable IP telephones to connect by SIP to a VoIP Provider your device has an Applica tion Level Gateway ALG i e an appropriate proxy that implemen...

Page 413: ...ion level gateway Administrative Status Select whether the SIP proxy should be enabled or disabled The function is activated by selecting The function is enabled by default Protocol Select the protoco...

Page 414: ...e currently being managed by ALG This includes static entries to make internal SIP servers proxies e g internal Asterisk serv er accessible from the WAN Internet by NAPT In addition internal SIP clien...

Page 415: ...fields Fields in the Basic Parameters menu Field Description Type of Endpoint Select the role for the SIP endpoint in the LAN Possible values 2 default value The internal SIP endpoint is a SIP cli en...

Page 416: ...ions networks e g between the plain old phone network and the next generation networks IP networks With the Teldat Media Gateway a company equipped with an automatic PBX on a wired telephone network c...

Page 417: ...the numbers of the ISDN ter minals depending on the available interfaces A list of all existing subscribers is displayed in the VoIP Media Gateway Extensions menu 20 2 1 1 Edit or New Choose the icon...

Page 418: ...call An ISDN terminal device is used for the call Can only be selected if ISDN interfaces configured with Euro ISDN point to multipoint NT mode are available 3 An analogue terminal device is used for...

Page 419: ...n is enabled Enter the time in seconds after which the current registration be comes invalid and a new registration request is therefore sent For clients the external port is recognised automatically...

Page 420: ...ettings menu Field Description Codec Proposal Se quence Choose the order in which the codecs are offered for use by the media gateway If the first codec cannot be used the second is tried and so on Po...

Page 421: ...over data networks SRTP is an encrypted variant of the Real Time Trans port Protocol RTP 92 Enable the transport of 64 kbit s channel data in RTP packets By default 3 1 1 and are enabled The codecs a...

Page 422: ...entries here In this case the media gate way acts as a SIP client Furthermore you can configure the entries for SIP trunking scenarios here In this case the media gateway acts as a SIP server for othe...

Page 423: ...entries In this menu SIP accounts are configured in SIP client mode as well as in SIP serv er mode Fig 158 VoIP Media Gateway SIP Accounts New The VoIP Media Gateway SIP Accounts New menu consists of...

Page 424: ...ccount has only one number 2 The media gateway is operated as DDI client It is assigned a DDI The media gateway is operated as a DDI server so that DDI clients can connect 1 3 7 The media gateway is o...

Page 425: ...ssible values 0 default value or 2 Enter the Portvia which the data is to be transported The default value is In SIP client mode The ports can be provider specific User Name In SIP client mode Enter t...

Page 426: ...and authentication are not then needed and the Registration function is disabled An example of this method is Microsoft Exchange SIP Expire Time Only if Registration is enabled Enter the time in seco...

Page 427: ...in the Codec Settings menu Field Description Codec Proposal Se quence Choose the order in which the codecs are offered for use by the media gateway If the first codec cannot be used the second is trie...

Page 428: ...nnel data in RTP packets By default 3 1 1 and are enabled The codecs actually used are the intersect of the codecs defined here and those signalled by the provider For outgoing calls any remaining cod...

Page 429: ...ntain Possible values are to The default value is 20 2 3 Call Routing Here you can define the conditions for the routing of calls Define a list with rules or rule chains that are used to manipulate th...

Page 430: ...the entry Administrative Status Select whether the entry should be activated The function is enabled with The function is enabled by default Type Specify how calls are to be routed Possible values 3...

Page 431: ...e application of the entry to a particular caller To do this you must specify the subscriber number exactly no wildcards Called Address Enter the called address to which the rule is to be applied To d...

Page 432: ...line PRI BRI or SIP account used for the outgoing call Called Address Trans lation Enter how the subscriber number is manipulated before it is used for dialling Notation a b i e a is replaced by b Eve...

Page 433: ...the icon to edit existing entries Select the New button to create entries for CLID translation Fig 160 VoIP Media Gateway CLID Translation New The VoIP Media Gateway CLID Translation New menu consist...

Page 434: ...Called Address should not be used If Called Line and Called Address is not used all calls for Called Line are processed Called Address Here you have the option of entering the destination address of t...

Page 435: ...utgoing of the call in question For incoming calls it is the called party number for outgoing calls the calling party number that is translated For example the internal number 340 can be shown externa...

Page 436: ...values default value For incoming and outgoing calls bidirectional For incoming calls 3 For outgoing calls Associated Line Select the ISDN line or SIP account via which the calls are to be routed Poss...

Page 437: ...nal Address is translated to Local Address For outgoing calls the signalled Calling Party Number corresponds in the menu to the Local Address field is translated to External Address The External Addre...

Page 438: ...is 40 ISDN Mode Select the mode in which the party line is to be operated Possible values default value Point to Point TE connection telecom party line 3 7Point to Point NT connection for connection...

Page 439: ...that exactly agree with an existing SIP account the call routing is handled by the ses sion border controller i e all SIP messages configured for the corresponding SIP account are forwarded to the ses...

Page 440: ...olled by the media gateway and routed via the media gateway The participating terminal devices e g SIP telephones are not connected dir ectly with one another Note that for VoIP to VoIP connections th...

Page 441: ...N The device dials A period at the end of the number indicates a complete number This is dialled immediately the period is recognised If you want to use a speeddial number from this list you must dial...

Page 442: ...the following fields Fields in the Basic Parameters menu Field Description RTSP Proxy Select whether you want to permit RTSP sessions The function is activated by selecting The function is disabled by...

Page 443: ...e in a TCP IP network is usually located by its IP address Because host names are often used in networks to reach different devices it is necessary for the associated IP address to be known This task...

Page 444: ...rver is queried and then the secondary DNS server If one of the DNS servers can resolve the name the information is forwarded and a dynamic entry created in the cache 4 Otherwise if a suitable Interne...

Page 445: ...ain name of your device WINS Server Primary Secondary Enter the IP address of the first and if necessary alternative global Windows Internet Name Server WINS or NetBIOS Name Server NBNS The menu Advan...

Page 446: ...essary Statistical entries are not deleted Cache Size cannot be set to lower than the current number of static entries Possible values The default value is Maximum TTL for Pos itive Cache Entries Ente...

Page 447: ...tions Possible values No name server address is sent 1 The address of your device is transferred as the name server address default value The addresses of the global name servers entered on your devic...

Page 448: ...assign more than one pair of DNS servers Primary DNS Server and Secondary DNS Server to an interface i e for example to an Ethernet port or a PPPoE WAN partner The pair with the highest priority is us...

Page 449: ...f Interface Mode 3 Enter the IP address of the first name server for Internet ad dress name resolution Secondary DNS Server Only if Interface Mode 3 Optionally enter the IP address of an alternative n...

Page 450: ...allowed Response In this entry select the type of response to DNS requests Possible values A DNS request for DNS Hostname gets a negat ive response default value A DNS request for DNS Host name is an...

Page 451: ...ded Possible values default value Host Only for Forwarding Enter the name of the host to be forwarded The entry can also start with the wildcard e g teldat de If a name is entered without a full stop...

Page 452: ...ward to Enter the IP address of the primary and secondary DNS server 21 1 5 Cache In the Local Services DNS Cachemenu a list of all available cache entries is dis played Fig 169 Local Services DNS Cac...

Page 453: ...evice DNS Requests Shows the number of valid DNS requests received and ad dressed direct to your device Cache Hits Shows the number of requests that were answered with static or dynamic entries from t...

Page 454: ...rs of the backed up configuration connection via HTTPS Fig 171 Local Services HTTPS HTTPS Server The Local Services HTTPS HTTPS Servermenu consists of the following fields Fields in the HTTPS Paramete...

Page 455: ...e for the DynDNS service e g H The service providers offer various domain names for this so that a unique host name results for your device e g H The DynDNS provider relieves you of the task of answer...

Page 456: ...er the DynDNS service e g the interface of the Internet Ser vice Provider User Name Enter the user name as registered with the DynDNS provider Password Enter the password as registered with the DynDNS...

Page 457: ...nfigured is not to receive mail Ask your provider about this forwarding service and make sure e mails can be received from the host entered as MX Wildcard Select whether forwarding of all subdomains o...

Page 458: ...the server on which the provider s DynDNS service runs Update Path Enter the path on the provider s server that contains the script for managing the IP address of your device Ask your provider for th...

Page 459: ...r the first time it sends a DHCP request with its MAC address to the available DHCP server as a network broadcast The client then receives its IP address from Teldat as part of a brief exchange You th...

Page 460: ...address of the DNS server that is to be used preferably by clients who draw an address from this pool Secondary Optionally enter the IP address of an alternative DNS server 21 4 2 DHCP Configuration T...

Page 461: ...erver DHCP Configuration New The Local Services DHCP Server DHCP Configuration New menu consists of the following fields Fields in the menu Basic Parameters Field Description Interface Select the inte...

Page 462: ...following fields Fields in the menu Advanced Settings Field Description Gateway Select which IP address is to be transferred to the DHCP client as gateway Possible values 0 3 1 default value Here the...

Page 463: ...automatically The URL then needs to take the form 455A B5 H 6 3 Vendor Specific Information This enables you to send the client any manufacturer specific information in any text string Several entrie...

Page 464: ...ays a list of all clients that received an IP address from your device via DHCP You can allocate an IP address from a defined IP address pool to specific MAC addresses You can do this by selecting the...

Page 465: ...be assigned to the MAC address spe cified in MAC Address is to be assigned MAC Address Enter the MAC address to which the IP address specified in IP Address is to be assigned 21 4 4 DHCP Relay Settin...

Page 466: ...condary DHCP Serv er Enter the IP address of an alternative BootP or DHCP server 21 5 Web Filter In theLocal Services Web Filter menu you can configure a URL based Web Filter ser vice which during ope...

Page 467: ...consists of the following fields Fields in the Web Filter Options menu Field Description Web Filter Status Activate or deactivate the filter The function is activated by selecting The function is disa...

Page 468: ...fault value Callup is permitted 7 Callup of the requested page is blocked Callup is permitted but logged Action if license not re gistered Select what is to be done with URL requests if the licence ke...

Page 469: ...es for configuring the filters First a filter list can be created that only contains entries for those addresses that are to be blocked In this case it is necessary to make an entry at the end of the...

Page 470: ...used every day of the week A8 7 B The filter is used on a certain day of the week Only one day can be selected per filter several filters must be configured if several individual days are to be covere...

Page 471: ...on figuration neither of the two lists contains entries Use the Add button to add further URLs or IP addresses to the list Fig 180 Local Services Web Filter Black White List Add The Local Services Web...

Page 472: ...vice allows connection of incoming and outgoing data and voice calls to com munications applications on hosts in the LAN that access the Remote CAPI interface of your device This enables for example h...

Page 473: ...on User Name Enter the user name for which access to the CAPI service is to be allowed or denied Password Enter the password which the user User Name shall use for identification to gain access to the...

Page 474: ...lect whether the fax header should be printed at the top of outgoing faxes The function is activated by selecting The function is disabled by default CAPI Server TCP Port The field can only be edited...

Page 475: ...ns This inter val species the time gap in which the system checks whether at least one event has oc curred This event is used as the initiator for a configured action Caution The configuration of acti...

Page 476: ...ting event list select the event list you want and add at least one more event to it You can use event lists to create complex conditions for initiat ing an action The events are processed in the same...

Page 477: ...to be configured as initiator First select the System in which the MIB variable is saved then the MIB Table and finally the MIB Variable itself Only the MIB tables and MIB variables present in the res...

Page 478: ...e monitored as initiating an operation Possible values C default value Incoming data traffic is monitored C Outgoing data traffic is monitored Interface Traffic Condi tion Only for Event Type Select w...

Page 479: ...in Seconds after which a ping must be resent The default value is seconds Trials Only for Event Type Enter the number of ping tests to be performed until Destina tion IP Address as 0 applies The defa...

Page 480: ...nitiator becomes active daily from Monday to Saturday 3 3 The initiator becomes active on Sat urdays and Sundays Possible values for Condition Settings in Condition Type Start Time Enter the time from...

Page 481: ...s New consists of the following fields Fields in the Basic Parameters menu Field Description Description Enter your chosen designation for the action Command Type Select the desired action Possible va...

Page 482: ...elect how many of the con figured events must occur for the operation to be initiated Possible values default value The operation is initiated if all events oc cur The operation is initiated if a sing...

Page 483: ...ly if Command Type 5 Select what status the event must have in order to modify the MIB variable as defined Possible values default value The value of the MIB variable is mod ified if the initiator is...

Page 484: ...Type 3 Select the status to be set for the interface Possible values 0 default value 1 Source Location Only if Command Type 1 0 Select the source for the software update Possible values 23 1 default...

Page 485: ...e For Command Type 1 0 Enter the file name of the software version For Command Type 2 with Ac tion Enter the file name of the certificate file Action For Command Type 2 3 Select which operation is to...

Page 486: ...n is enabled by default Remote File Name Only if Command Type 2 3 For Action 3 Enter the name of the file under which it is saved on the server from which it is to be retrieved For Action 3 Enter the...

Page 487: ...rted The function is disabled by default Encrypt configuration Only for Command Type 2 3 and Action 3 or 3 Define whether the data of the selected Action are to be en crypted The function is disabled...

Page 488: ...ender address Enter the desired IP address in the input field Interval Only if Command Type Enter the time in Seconds after which a ping must be resent The default value is second Count Only if Comman...

Page 489: ...disabled by default Write certificate in con figuration Only for Command Type 2 and Action Select whether to integrate the certificate in a configuration file and if so select the desired configurati...

Page 490: ...th of the key to be created Possible values are default value to and Autosave Mode Only for Command Type 2 and Action 2 Select whether your device automatically stores the various steps of the enrolme...

Page 491: ...elect the WLAN module on which to perform the frequency band scan WLC SSID Only if Command Type 8 24 6 Select the wireless network administered over the WLAN con troller whose status should be changed...

Page 492: ...and are an unnecessary use of system resources 21 8 Surveillance In this menu you can configure an automatic availability check for hosts or interfaces and automatic ping tests You can monitor temper...

Page 493: ...tomatically created from to If an entry has not yet been created a new group is created using the 1 option If entries have been created you can select one from the list of created groups Each host to...

Page 494: ...The default value is Within a group the smallest Interval of the group members is used Successful Trials Specify how many pings need to be answered for the host to be regarded as accessible You can u...

Page 495: ...e used for other functions such as the Tracking IP Address 21 8 2 Interfaces A list of all monitored hosts is displayed in the Local Services Surveillance Interfaces menu 21 8 2 1 Edit or New Choose t...

Page 496: ...Devices from the WI series are fitted with a temperature sensor This is located on the main board under the first WLAN card The sensor measures the current temperature Its measurement range is from 55...

Page 497: ...ature limit value min max Possible values 3 3 1 Action Select the desired action Possible values default value Interface Select the interface to be used to perform the action Possible values default v...

Page 498: ...ng fields Fields in the Basic Parameters menu Field Description Destination IP Address Enter the IP address to which the ping is automatically sent Source IP Address Enter the source IP address of the...

Page 499: ...s on is activated 21 9 1 Options All interfaces for which the theft protection is enabled are administratively set to down when the gateway boots The gateway then calls itself by ISDN and checks its l...

Page 500: ...efault Dialling Number Only if ISDN Theft Protection Service is enabled Enter the subscriber number that the gateway dials to call itself Incoming Number Only if ISDN Theft Protection Service is enabl...

Page 501: ...behind a NAT enabled gateway UPnP enables mostly Windows based operating systems to take control of other devices with UPnP functionality on the local network These include gateways access points and...

Page 502: ...r gate way You can determine whether UPnP requests from clients are accepted by each interface for requests from the local network and or whether the interface can be controlled via UPnP requests Fig...

Page 503: ...Description UPnP Status Decide how the gateway processes UPnP requests from the LAN The function is enabled with The gateway proceeds with UPnP releases in accordance with the parameters con tained i...

Page 504: ...on as he attempts to access any Internet site with a browser the user is redirected to the home login page After the user has entered the registration data user password these are sent to the central...

Page 505: ...t for customers by customer dealer Walled Garden Server URL Individually set for customers by customer dealer Terms Conditions URL Individually set for customers by customer dealer Access data for con...

Page 506: ...configure the hotspot networks in the Local Services HotSpot Gateway HotSpot Gateway menu Choose the New button to set up additional Hotspot networks Fig 195 Local Services HotSpot Gateway HotSpot Ga...

Page 507: ...when setting up the Hot Spot server for this customer The domain name is required so that the Hotspot server can distinguish between the different cli ents customers Walled Garden Enable this function...

Page 508: ...choose the language for the start login page The following languages are supported 3 9 P Q 3 3R and The language can be changed on the start login page at any time The menu Advanced Settings consists...

Page 509: ...device uses pop up windows to display the status The function is enabled by default Default Idle Timeout Enable or disable the Default Idle Timeout If a hotspot user does not trigger any data traffic...

Page 510: ...are defined in the relevant RFC and in the Internet draft BRRP terms Field Description VRRP router A router that uses the Virtual Router Redundancy Protocol It can be integrated into one or more virtu...

Page 511: ...follows It ensures that only one routers within the logical connection is active It guarantees that if the active route fails another router takes over the function of the failed device The time that...

Page 512: ...ocol Configuration is performed in the Local Services BRRP Virtual Router New Eth ernet Interface menu In this step you configure the IP address settings and assign the interface to a virtual router T...

Page 513: ...RP VR Synchronisation New menu Switching on the redundancy procedure This configuration is performed in the Local Services BRRP Options menu You configure the advertisement interface and the virtual i...

Page 514: ...interface is based if a new virtual interface is created The name of the vir tual interface is assigned automatically when it is created Shows the name of the virtual interface if a virtual interface...

Page 515: ...a BRRP advertisement packet is sent if the virtual router is defined as master Only the current master sends via multicast BRRP advertisements which also contain the ID and the priority of the master...

Page 516: ...p router continues to be enabled even when the actual master router is accessible once more although the priority of the master router is higher than the priority of the backup router which is current...

Page 517: ...as Monitoring VR Interface R1 and as Synchronisation VR Interface you must use R2 For the second entry as Monitoring VR Interface R2 and as Synchronisation VR Interface you must use R1 21 12 2 1 New...

Page 518: ...ion VR Interface menu Field Description Synchronisation Mode Indicates the mechanism with which virtual routers or interfaces are synchronised Possible values BRRP is used to synchronise the virtual r...

Page 519: ...Field Description Enable BRRP Enable or disable the BRRP function The function is enabled with The function is disabled by default Teldat GmbH 21 Local Services bintec Rxxx2 RTxxx2 505...

Page 520: ...u can also trigger a system reboot in this menu 22 1 Diagnostics In the Maintenance Diagnostics menu you can test the availability of individual hosts the resolution of domain names and certain routes...

Page 521: ...articular host is correctly re solved The Outputfield displays the DSN test messages The ping test is launched by en tering the domain name to be tested in DNS Address and clicking the Go button 22 1...

Page 522: ...nd the current system software at www teldat de The current documentation is also available here Important If you want to update your software make sure you consider the corresponding re lease notes T...

Page 523: ...em software versions This is a CSV format which can be read and modified easily In addition you can view the corres ponding file clearly using Microsoft Excel for example The administrator can store e...

Page 524: ...file Current File Name in Flash is transferred to your local host If you click the Go button a dialog box is displayed in which you can select the storage location on your PC and enter the de sired f...

Page 525: ...l host If you click the Go button a dialog box is dis played in which you can select the storage location on your PC and enter the desired file name Action Select the action you wish to execute After...

Page 526: ...d the previous boot configura tion was also archived You can load back the archived boot configuration 2 3 The configuration file in the Source File Name field is saved asDestination File Name 3 The c...

Page 527: ...ft ware file is loaded Current File Name in Flash For Action 3 Select the configuration file to be exported Include certificates and keys For Action 3 3 1 Define whether the selected Action should als...

Page 528: ...in Pay attention to the LEDs on your device For information on the meaning of the LEDs see the Technical Data chapter of the manual Note Before a reboot make sure you confirm your configuration chang...

Page 529: ...should be transmitted to one or more external PCs for storage and processing e g to the system ad ministrator s PC The syslog messages saved internally on your device are lost when you reboot Warning...

Page 530: ...rvers New The menu External Reporting Syslog Syslog Servers New consists of the following fields Fields in the Basic Parameters menu Field Description IP Address Enter the IP address of the host to wh...

Page 531: ...nix computer Possible values The default value is Timestamp Select the format of the time stamp in the syslog Possible values default value No system time indicated System time without date K System t...

Page 532: ...bles you to collect a lot of useful information about the IP network traffic each individual IP session 23 2 1 Interfaces In this menu you can configure the IP Accounting function individually for eac...

Page 533: ...of the session start in the format DD MM YY t Time of the session start in the format HH MM SS a Duration of the session in seconds c Protocol i Source IP Address r Source Port f Source interface inde...

Page 534: ...layed in the Alert Recipient menu 23 3 1 1 New Select the New to create additional alert recipients Fig 208 External Reporting Alert Service Alert Recipient New The menu External Reporting Alert Servi...

Page 535: ...notification Possible values default value A Syslog mes sage includes a specific string 1 3 A new adjacent AP has been found 1 3 3 A new Rough AP has been found i e an AP using an SSID of its own netw...

Page 536: ...Add new subsystems with Add Message Timeout Enter how long the router must wait after a relevant event be fore it is forced to send the alert mail Possible values are to The value disables the timeou...

Page 537: ...s enabled by default Maximum E mails per Minute Limit the number of outgoing mails per minute Possible values are to the default value is Fields in the E mail Parameters menu Field Description E mail...

Page 538: ...tication Enter the address of the server from which the e mails are to be retrieved POP3 Timeout Only if SMTP Authentication Enter how long the router must wait after the POP3 call before it is forced...

Page 539: ...mation on the SNMP versions see the relevant RFCs and drafts SNMP V 1 RFC 1157 SNMP V 2c RFC 1901 1908 SNMP V 3 RFC 3410 3418 23 4 1 SNMP Trap Options In the event of errors a message known as a trap...

Page 540: ...P Trap Broadcasting is enabled Enter a new SNMP code This must be sent by the SNMP Man ager with every SNMP request so that this is accepted by your device A character string of between and characters...

Page 541: ...with a single tool A permanent overview of the utilisation of your device is possible Method of operation A Status Daemon collects information about your device and transfers it as UDP packets to the...

Page 542: ...ld Description Monitored Interfaces Select the type of information to be sent in the UDP packets to the Windows application Possible values default value Deactivates the sending of information to the...

Page 543: ...val in seconds Possible values are to The default value is UDP Destination Port Enter the port number for the Windows application Activity Monitor The default value is registered by IANA Internet As s...

Page 544: ...ou will find the configured vales for the Maximum Number of Syslog Entries and Maximum Message Level of Syslog Entries fields These values can be changed in the System Management Global Settings Syste...

Page 545: ...Displays the IP address of the remote IPSec Peers Remote Networks Displays the currently negotiated subnets of the remote termin al Security Algorithm Displays the encryption algorithm of the IPSec t...

Page 546: ...change type Authentication Method Shows the authentication method MTU Shows the current MTU Maximum Transfer Unit Alive Check Shows the method for checking that the peer is reachable NAT Detection Dis...

Page 547: ...s In the Monitoring IPSec IPSec Statistics menu statistical values for all IPSec connec tions are displayed Fig 216 Monitoring IPSec IPSec Statistics The Monitoring IPSec IPSec Statistics menu consist...

Page 548: ...number of phase 2 SAs Total Fields in the Packet Statistics menu Field Description Total Shows the number of all processed incoming In or outgoing Out packets Passed Shows the number of incoming In or...

Page 549: ...ion for PPP connections Direction Displays the send direction 3 Charge Displays the costs of the current connection Duration Displays the duration of the current connection Stack Displays the related...

Page 550: ...ions Direction Displays the send direction 3 Charge Displays the costs of the connection Start Time Displays the time at which the call was made or received Duration Displays the duration of the conne...

Page 551: ...tets sent Tx Errors Shows the total number of errors sent Rx Packets Shows the total number of packets received Rx Bytes Displays the total number of bytes received Rx Errors Shows the total number of...

Page 552: ...Packets Shows the total number of packets received Rx Bytes Displays the total number of bytes received Fields in the TCP Connections menu Field Description Status Displays the status of an active TC...

Page 553: ...ddress Shows the MAC addresses of the associated bridge Port Shows the port on which the bridge is active 24 6 HotSpot Gateway 24 6 1 HotSpot Gateway A list of all linked hotspot users is displayed in...

Page 554: ...configured is displayed in the Monitoring QoS QoS menu Fig 223 Monitoring QoS QoS Values in the QoS list Field Description Interface Shows the interface for which QoS has been configured QoS Queue Sh...

Page 555: ...OSPF Status menu a list of all interfaces configured for OSPF is dis played Fig 224 Monitoring OSPF Status Values in the Status list Field Description View Select the desired view from the dropdown me...

Page 556: ...se of the OSPF in which the DR and BDR are determined The interface is a point to point interface DR or BDR are not shown 3 The gateway is the designated router within the BMA network 3 73 The gateway...

Page 557: ...ighbor are now synchronized The headers of all Link State Advertisements LSA are listed in the section for the Link State Database Values in the OSPF Link State Database list Field Description Area In...

Page 558: ...s re ceived Sent Link State Ac knowledge Packets Displays the number of Link State Acknowlede packets sent Received Link State Request Packets Displays the number of Link State Request packets receive...

Page 559: ...ents have been received 24 9 PIM 24 9 1 Global Status The status of all configured PIM components is displayed in the Monitoring PIM Global Status menu Fig 226 Monitoring PIM Global Status Values in t...

Page 560: ...s how long the last PIM Neighbor is a neighbor of the local router Expiry Timer Indicates when the PIM Neighbor is no longer entered as neigh bor If the value is displayed the PIM Neighbor always re m...

Page 561: ...plays the IP address of the Rendezvous Point RP for the group Upstream Join State The Upstream RP Join Prune Status indicates the status of the Upstream RP State Machine in the PIM SM Specifica tion U...

Page 562: ...since the entry was generated by the local router Upstream Join Timer Indicates the remaining time until the local router sends out the next periodic G Join message on pimStarGRPFIfIndex In the PIM S...

Page 563: ...lays the multicast group address InetAddressType is defined in the pimStarGAddressType object Source IP Address Displays the source IP address InetAddressType is defined in the pimStarGAddressType obj...

Page 564: ...ce Join Prune State Indicates the status that results from the G Join Prune mes sages received on this interface This corresponds to the status of the Downstream Per Interface G State Machine in the P...

Page 565: ...PIM SM and PIM DM Uptime Indicates the time remaining before the local router reacts to an S G Prune message received on this interface The router waits this period to check whether another downstrea...

Page 566: ...une State Indicates whether the local router should sever the source of the RP tree This corresponds in the PIM SM specification to the status of the Upstream S G rpt State Machine for Triggered Messa...

Page 567: ...me IEEE standard can communicate with each oth er even if they come from different hardware manufacturers The IEEE802 11b standard specifies the data rates of 1 2 5 5 and 11 mbps a working frequency i...

Page 568: ...nt on a peer to peer basis Ad hoc mode is also known as IBSS mode Independent Ba sic Service Set and makes sense for the smallest networks e g if two notebooks are to be linked to each other without a...

Page 569: ...ng and end of the transmitted characters must be marked by start and stop bits in contrast to synchronous transmission ATM Asynchronous transfer mode Attention tone Superimposing of an acoustic signal...

Page 570: ...of their telephone Your telephone rings When you lift the re ceiver a connection to the required subscriber is established auto matically Automatic clearing of Internet connec tion ShortHold You can...

Page 571: ...he terminals subject to dialling control e g entry 0190 would block all connections to expensive service providers Block Cipher Modes Block based encryption algorithm Blowfish An algorithm developed b...

Page 572: ...larger PBXs can be grouped into bundles When an external call is initiated by the exchange code or in the event of automatic external line access a bundle released for this subscriber is used to estab...

Page 573: ...use the options of call forwarding in the exchange via the keypad if certain services are activated for your connection You can receive more information on this from your T Com advisor The exchange c...

Page 574: ...tion If you are taking a call a second caller hears the engaged tone Callback on Busy Performance feature in T ISDN PBXs and T Net A connection is set up automatically as soon as the Busy status on th...

Page 575: ...g Channel bundling CHAP Challenge Handshake Authentication Protocol Checksum field Frame Check Sequence FCS CLID Calling Line Identification Client A client uses the services provided by a server Clie...

Page 576: ...on Configuration of the PBX with the tele phone With some restrictions you can also program your PBX using the telephone For information on programming your PBX using the tele phone please see the acc...

Page 577: ...machine so that you are not disturbed you can use call assignment You can allocate each subscriber two different call allocations call assignment Day and call assignment Night With call assignments i...

Page 578: ...Digital voice trans mission As a result of the internationally standardised Pulse Code Modula tion PCM analogue voice signals are converted to a digital pulse flow of 64 kbps Advantages Better voice...

Page 579: ...omain Name System Do not disturb Station guarding DOI Domain of Interpretation Domain A domain refers to a logical group of devices in a network On the Internet this is part of a naming hierarchy e g...

Page 580: ...ctions These parameters are stored in lists which together permit the right con nection to be set up The PBX uses the PPP Point to Point Pro tocol for ISDN access and PPPoE Point to Point Protocol ove...

Page 581: ...now dial one of these numbers it is recognised by the PBX and a B channel of the T ISDN is automatically freed up for your emergency call Emer gency calls are not subject to configuration restriction...

Page 582: ...differentiate between local exchanges and remote exchanges Exchange access right PBXs differentiate between the following exchange access rights These can be set up differently for each subscriber in...

Page 583: ...ource and destination address These criteria can be used to se lect a packet from the traffic flow Such a packet can then be handled in a specific way For this purpose a certain action is asso ciated...

Page 584: ...keys Keys on the telephone that can be assigned telephone numbers or network functions G 991 1 Data transmission recommendation for HDSL G 991 2 Data transmission recommendation for SHDSL G 992 1 Dat...

Page 585: ...de uses Message Digest Al gorithm Version 5 HMAC SHA1 Hashed Message Authentication Code uses Secure Hash Al gorithm Version 1 Holding a call A telephone call is put on hold without breaking the conne...

Page 586: ...her IETF Internet Engineering Task Force Index The index from 0 9 is fixed Every external multiple subscriber number entered is assigned to an index You need this index when configuring performance fe...

Page 587: ...o netmask IPComP IP payload compression IPCONFIG A tool used on Windows computers to check or change its own IP settings IPoA IP over ATM ISDN Integrated Services Digital Network ISDN address The addr...

Page 588: ...by telephone from out side As a further call is signalled over the D channel your PBX can depending on the setting specifically shut down a B channel so that you can take the call ISDN Intern al Exter...

Page 589: ...dress Man in the Middle Attack Encryption using public keys requires the public keys to be ex changed first During this exchange the unprotected keys can be in tercepted easily making a man in the mid...

Page 590: ...inquiry or call forwarding a melody is played that the waiting subscriber hears On your PBX you can choose between two internal melodies MWI Transmission of a voice message from a mailbox e g T NetBo...

Page 591: ...ary codes e g call forwarding in the exchange NMS Network Management Station Notebook function During a telephone call a telephone number can be entered in the telephone s buffer so that it can be dia...

Page 592: ...laced Can be used for brokering Possible in T Net T ISDN and PBXs The ter minal must have MFC and the R key PBX Private Branch Exchange PBX The features offered by a PBX are manufacturer specific and...

Page 593: ...ultipoint Point to multipoint connection for the PBX You enter the multiple subscriber numbers received from T Com with the order confirmation in the table fields defined for them in the configuration...

Page 594: ...cedures etc Proxy ARP ARP Address Resolution Protocol PSN Packet Switched Network PSTN Public Switched Telephone Network PVID Port VLAN ID R key Telephones that have a R key inquiry key can also be co...

Page 595: ...defined initial state This may be necessary if you have made incor rect configuration settings or the device is to be reprogrammed RFC Specifications proposals ideas and guidelines relating to the In...

Page 596: ...Protocol S2M interface See Primary Rate Interface SAD The SAD Security Association Database contains information on security agreements such as AH or ESP algorithms and keys se quence numbers protocol...

Page 597: ...h audio 3k1Hz or telephony 3k1Hz The same applies for faxing Here too there is the collective term Fax plus a couple of more specific cases From a purely technical point of view the services are bits...

Page 598: ...You can connect SMS enabled telephones to your PBX and thus use the SMS performance feature in the T Com fixed network SMSs are forwarded to the recipient via the T Com SMS server To send an SMS with...

Page 599: ...isplay of call costs at the end of a connection inquiry brokering telephone num ber transmission In the special features connection three multiple subscriber numbers are included as standard Specify o...

Page 600: ...when the connec tion is set up Addressing that goes beyond the pure MSN which can be used e g specifically to locate several ISDN terminals that can be reached on one telephone number for a particular...

Page 601: ...mbps and 10 mbps networks Switchable dialling method Option of switching between the pulse dialling method and MFC method by means of a switch or key input on the terminal such as the telephone or fax...

Page 602: ...s T Net The digital telephone network of T Com for connecting analogue ter minals T NetBox The answering machine in T Net and T ISDN The T NetBox can store up to 30 messages T NetBox telephone number...

Page 603: ...nd computer technology and describes data communication between systems and devices Telnet Protocol from the TCP IP protocol family Telnet enables communic ation with a remote device in the network Te...

Page 604: ...ervers before it is dis carded Twofish Twofish was a possible candidate for the AES Advanced Encryp tion Standard It is regarded as just as secure as Rijndael AES but is slower U ADSL Universal Asymme...

Page 605: ...older V 34 modems data is sent in digital form to the client when the V 90 standard is used and does not need to be first converted from digital to analogue on one side of the modem provider as was t...

Page 606: ...anies and offers secure encryption and authentication Uses 802 1x and the Extensible Au thentication Protocol EAP and thus offers an effective means of user authentication WPA PSK Intended for private...

Page 607: ...ent with the telephone directory The Internet supports several databases with information on users such as e mail addresses telephone numbers and postal ad dresses You can search these databases to ob...

Page 608: ...t 392 Address Subnet 392 Addresses 392 Admin Status 211 250 Admin Status 541 Administration 152 Administrative Status 327 399 409 416 418 434 Administrative Access 89 ADSL Line Profile 141 ADSL Logic...

Page 609: ...532 C CA Certificate 111 CA Certificates 347 CA Name 467 Cache 438 Cache Hitrate 439 Cache Hits 439 Cache Size 431 Call Number 294 301 412 Call History 535 Call Routing 415 Call Translation 421 Call N...

Page 610: ...File Name in Flash 510 Current Local Time 79 Current Speed Mode 123 Custom 113 Custom Time Slots 130 Cyclic Background Scanning 171 D D Channel Mode 339 Data Packets Sequence Numbers 363 Date 530 Dat...

Page 611: ...op non members 152 Drop In 235 Drop In Groups 235 Drop untagged frames 152 Dropped 534 540 Dropping Algorithm 225 DSA Key Status 93 DSCP TOS Value 193 DSCP TOS Filter Layer 3 214 229 DSL Chipset 138 D...

Page 612: ...st seen 185 Flow Control 123 Force certificate to be trusted 108 Forward 437 Forward to 437 Forwarded Requests 439 Forwarding 261 Fragmentation Threshold 171 Frozen Parameters 212 Full Filtering 389 G...

Page 613: ...Interfaces 86 145 217 250 316 391 481 488 518 536 Internal Port 401 Internal IP Address 401 Internal Log 530 Internal Time Server 80 Internet Dialup 269 Internet Key Exchange 327 Interval 462 467 479...

Page 614: ...2 350 Line 418 Line Speed 120 Line Speed Interval 142 Link State ID 543 Load Balancing 182 Load Balancing 205 Load Balancing Groups 205 Local Address 422 Local Certificate 342 Local Hostname 362 Local...

Page 615: ...ay 402 Media Gateway Status 425 Media Stream Termination 425 Members 391 397 424 Memory Usage 71 Memory Card 71 Message 530 Message Compression 520 Message Timeout 520 Messages 532 Metric 192 195 330...

Page 616: ...78 389 424 460 477 485 495 504 508 518 528 Organization 113 Organizational Unit 113 OSPF 246 541 OSPF Status 252 OSPF Mode 294 318 321 369 376 Other Inactivity 390 Outbound Interface 223 Outbound Prox...

Page 617: ...Queueing 223 Profiles 304 Propagate PMTU 352 Propagate routes bound on discard re fuse interface 252 Propagation Delay 264 Proposals 342 350 Protocol 201 211 214 229 333 394 399 401 404 409 444 467 5...

Page 618: ...Resetting the settings 10 Response 436 Restore Default Settings 90 Result of Autoconfiguration 126 Retransmission Timer 246 Retries 100 Reverse Path Forwarding RPF 548 549 RFC 2091 Variable Timer 244...

Page 619: ...Server Failures 439 Server IP Address 98 103 Service 135 201 211 214 229 385 535 536 Service Categories 309 Session Timeout 399 Session Border Controller Mode 425 Set status 467 Set Time 79 Set COS v...

Page 620: ...520 Subject Name 467 Subsystem 530 Successful Trials 479 Successfully Answered Queries 439 Summary 113 Surveillance 478 Sustained Cell Rate SCR 310 Switch Port 123 Sync SAs with ISP interface state 3...

Page 621: ...547 548 548 Upstream Join Timer 547 548 548 Upstream Neighbor IP Address 547 548 548 Upstream Override Timer 549 Uptime 71 546 547 548 548 549 550 551 551 URL 187 510 URL IP Address 457 URL Path Depth...

Page 622: ...sted 457 Wildcard 443 Wildcard Mode 88 Wildcard MAC Address 88 WINS Server 431 Wire Mode 142 Wireless Mode 170 Wireless Networks VSS 174 182 WLC SSID 467 WMM 175 WPA Cipher 176 WPA Mode 176 WPA2 Ciphe...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands