bintec elmeg be.IP 4isdn Скачать руководство пользователя страница 293 | Manualshive

Страница: 293 / 488

background image

15.1.1 IPv4 Filter Rules

The default behaviour with Action =

,**

consists of two implicit filter rules: If an in-

coming packet can be assigned to an existing connection and if a suitable connection is ex-
pected (e.g. such as an affiliated connection of an existing connection), the packet is al-
lowed.

The sequence of filter rules in the list is relevant: The filter rules are applied to each packet
in succession until a rule matches. If overlapping occurs, i.e. more than one filter rule
matches a packet, only the first rule is executed. This means that if the first rule denies a
packet, whereas a later rule allows it, the packet is rejected. A deny rule also has no effect
if a relevant packet has previously been allowed by another filter rule.

The security concept is based on the assumption that an infrastructure consists of trusted
and untrusted zones. The security policies

)3

and

/3

describe this as-

sumption. They define the filter rules Trusted Interfaces and Untrusted Interfaces which
are created by default and cannot be deleted.

If you use the Security Policy

)3

, all data packets are accepted. You can create

additional filter rules that discard specific packets. In the same way, you can allow specific
packets when using the

/3

policy.

A list of all configured filter rules is displayed in the Firewall->Policies+IPv4 Filter Rules
menu.

Using the

button in the line Trusted Interfaces , you can determine which interfaces are

Trusted . A new window opens with an interface list. You can mark individual interfaces as
trusted.

You can use the

button to insert another policy above the list entry. The configuration

menu for creating a new policy opens.

You can use the

button to move the list entry. A dialog box opens, in which you can se-

lect the position to which the policy is to be moved.

15.1.1.1 New

Note

Informationen on the selection of Trusted Interfaces can be found here:

on page 279.

Choose the New button to create additional parameters.

bintec elmeg GmbH

15 Firewall

be.IP 4isdn

279

«
...
291
292
293
294
295
...
»

Содержание be.IP 4isdn

Страница 1: ...Manual be IP 4isdn Operation as a Media Gateway Copyright Version 10 1 27 RC 10 2017 bintec elmeg GmbH bintec elmeg GmbH Manual be IP 4isdn...

Страница 2: ...open source software that has been developed by third party suppliers and which is licensed under an open source software li cense These open source software files are subject to copyright For a curr...

Страница 3: ...ly 6 2 1 7 General Product Features 7 2 2 Reset 8 2 3 Presettings 9 2 4 Support Information 10 Chapter 3 Mounting 11 3 1 Connecting terminals 11 3 1 1 Internal ISDN connection 11 3 2 Reset button 11 3...

Страница 4: ...ternal VDSL modem 20 4 3 2 Other internet connections 20 4 3 3 Testing the configuration 21 4 4 User access 21 4 5 Software updates for be IP 4isdn 22 Chapter 5 Access and configuration 24 5 1 Access...

Страница 5: ...Access 65 7 6 1 Access Profiles 65 7 6 2 Users 68 7 7 Certificates 69 7 7 1 Certificate List 70 7 7 2 CRLs 77 7 7 3 Certificate Servers 78 Chapter 8 Physical Interfaces 79 8 1 Ethernet Ports 79 8 1 1...

Страница 6: ...lave AP Autoprofile 115 10 3 Slave AP configuration 116 10 3 1 Slave Access Points 116 10 3 2 Radio Profiles 119 10 3 3 Wireless Networks VSS 125 10 4 Monitoring 133 10 4 1 WLAN Controller 133 10 4 2...

Страница 7: ...Configuration 154 11 3 3 NAT Configuration example 160 11 4 Load Balancing 162 11 4 1 Load Balancing Groups 162 11 4 2 Special Session Handling 166 11 4 3 Load balancing Configuration example 169 11 5...

Страница 8: ...2 1 Profiles 223 13 2 2 Service Categories 227 13 2 3 OAM Controlling 229 13 3 Real Time Jitter Control 233 13 3 1 Controlled Interfaces 233 Chapter 14 VPN 235 14 1 IPSec 235 14 1 1 IPSec Peers 236 1...

Страница 9: ...oups 285 15 2 2 IPv6 Groups 286 15 3 Addresses 286 15 3 1 Address List 286 15 3 2 Groups 287 15 4 Services 288 15 4 1 Service List 288 15 4 2 Groups 290 15 5 Configuration 291 15 5 1 SIF Configuration...

Страница 10: ...333 17 3 DynDNS Client 333 17 3 1 DynDNS Update 334 17 3 2 DynDNS Provider 335 17 4 DHCP Server 337 17 4 1 IP Pool Configuration 337 17 4 2 DHCP Configuration 338 17 4 3 IP MAC Binding 342 17 4 4 DHC...

Страница 11: ...ces 381 17 9 2 General 381 17 10 HotSpot Gateway 382 17 10 1 HotSpot Gateway 384 17 10 2 Options 387 17 11 Wake On LAN 388 17 11 1 Wake On LAN Filter 388 17 11 2 WOL Rules 391 17 11 3 Interface Assign...

Страница 12: ...P Accounting 405 19 2 1 Interfaces 405 19 2 2 Options 406 19 3 Alert Service 407 19 3 1 Alert Recipient 407 19 3 2 Alert Settings 409 19 4 SNMP 411 19 4 1 SNMP Trap Options 411 19 4 2 SNMP Trap Hosts...

Страница 13: ...ry 418 20 4 Interfaces 418 20 4 1 Statistics 418 20 4 2 Network Status 420 20 5 Bridges 420 20 5 1 br x 420 20 6 HotSpot Gateway 420 20 6 1 HotSpot Gateway 420 20 7 QoS 421 20 7 1 QoS 421 Glossary 422...

Страница 14: ...Table of Contents bintec elmeg GmbH xii be IP 4isdn...

Страница 15: ...ly used voice channels to an ALL IP connection If you are in need of voice trans coding our Media Gateway be IP 4isdn is a perfect choice as well Due to the use of additional DSPs the number of simult...

Страница 16: ...n parameters but no screen shots An HTML based version containing the screen shots is available as a ZIP file in the download section of your device Unpack the ZIP file into a folder of your choice an...

Страница 17: ...s use the cable provided with the terminal 5 SIP telephones Connect your SIP telephones to the 10 100 1000 Base T Ethernet interfaces In a last step connect your PC and follow the instructions from th...

Страница 18: ...ections on the side 1 Function key 2 Console 2 1 4 Mounting brackets Due to the position of the devices in a rack it is recommended to use remote antenna At tach the mounting brackets to the device us...

Страница 19: ...onisation flickering Data transfer TEL on Telephony ready at IP connector Voice over IP off Telephony not configured ISDN1 to ISDN 4 on ISDN telephone system connected off On standby or not functionin...

Страница 20: ...Link Act off No Ethernet connection LAN 5 Speed Green on 1000 Mbit s transfer rate LAN 5 Speed Orange on 100 Mbit s transfer rate LAN 5 Speed off 10 Mbit s transfer rate LEDs back view The LEDs are li...

Страница 21: ...packaging approx 1 800 g Memory 128 MB SDRAM LEDs 20 9x Function 1 x Service 5x2 Ethernet Power consumption of the device max 30 W 12 V DC Voltage supply 12 V DC 2 5 A Environmental requirements Stora...

Страница 22: ...5 pole mini USB socket Barrel connector socket for power sup ply 2 2 Reset The reset is performed by using the reset button at the terminal area The device is rebooted by quickly pressing the key ca o...

Страница 23: ...onnections at this address IP Address Netmask In the ex works state you should use the following access data to configure your device using the configuration interface User Name Password Note After yo...

Страница 24: ...ass words are reset Provider selection After the first login to the web interface you are given the option to choose your Internet provider If you want to configure a connection provided by Deutschen...

Страница 25: ...ng a maximum of two unpowered ISDN terminals In its ex works state the internal ISDN connection is set up as a short passive bus S0 bus It is the simple bus cabling in an ISDN system with a length of...

Страница 26: ...nstallation to that of the device The sockets are used for a permanent installation for example in a hallway When they are installed the connecting cables are connected to the connect ors on the devic...

Страница 27: ...3 8 Pair 3 3 4 2 ISDN interface The connection is made via an RJ45 socket The pin assignment for the ISDN interface RJ45 socket is as follows RJ45 socket for ISDN connection Pin Function 1 Not used 2...

Страница 28: ...or VDSL connection Pin Function 1 Not used 2 Not used 3 Not used 4 Line 1a 5 Line 1b 6 Not used 7 Not used 8 Not used 3 4 4 Serial interface Your device has a serial interface for connection to a cons...

Страница 29: ...Pin Position 2 TxD 3 RxD 4 Not used 5 GND bintec elmeg GmbH 3 Mounting be IP 4isdn 15...

Страница 30: ...ingle PC to your be IP 4isdn so that a separate network is created 4 1 1 Systemsoftware Your device contains the version of the system software available at the time of production More recent versions...

Страница 31: ...r personal data in the Your values column so that you can refer to these values later when needed Basic configuration For a basic configuration of your device you need information that relates to your...

Страница 32: ...your device via the network and to be able to do a configuration using the con figuration interface the PC used for the configuration has to satisfy some prerequisites Make sure that the TCP IP protoc...

Страница 33: ...HCP client Assign an IP address to your PC as follows 1 Initially proceed as described to display the network properties 2 Select Internet Protocol TCP IP and click on Properties 3 Choose Determine IP...

Страница 34: ...Internet connection with your device 4 3 1 Internet connection via the internal VDSL modem To make it easier to configure an VDSL internet connection the configuration interface has a wizard to guide...

Страница 35: ...ce indicators for ISDN DSL and the Ethernet interfaces 4 4 User access Those who administer and set up the system can set up a personalised configuration ac cess for the users This will enable the use...

Страница 36: ...h Go Alternatively you can carry out a software update in the User view On the Status page click Update under Firmware Update to start the process Do not interrupt the Internet connection or the power...

Страница 37: ...nce you have clicked on Go the update cannot be cancelled interrupted If an error occurs during the update do not re start the device and contact support bintec elmeg GmbH 4 Basic configuration be IP...

Страница 38: ...an use from any PC with an up to date Web browser via an HTTP or HTTPS connection With the configuration interface you can perform all the configuration tasks easily and con veniently It is integrated...

Страница 39: ...r 4 Enter 455 in the address field of the web browser 5 You will prompted to change the administrator password Change the login password You are now in the status menu of your device s configuration i...

Страница 40: ...uration and close the window Exit the configuration without saving Online Help Click this button if you want help with the menu now active The description of the sub menu where you are now is displaye...

Страница 41: ...start again from here Save configuration button If you click the Save configuration button you will be asked Do you really want to save the current configuration as a boot configuration You can Save c...

Страница 42: ...pen the configuration interface the status page of your device is displayed after you log in The most important data of your device can be seen on this at a glance Main configuration window The sub me...

Страница 43: ...eter changes in a list Immediately starts the configured action Calls the sub menu to create a new entry Inserts an entry in an internal list Symbols Icon Function Deletes the list entry Displays the...

Страница 44: ...options Menu Function Update Interval Here you can set the interval in which the view is to be updated To do this enter a period in seconds in the input field and con firm it with Filter You can have...

Страница 45: ...elements You can therefore change the configuration of the correspond ing list entry directly in the list Configuration of the update interval Filter list On the status page you can open the option A...

Страница 46: ...r the basic settings for the function concerned Sub menu The New button is available in each menu in which a list of all the configured entries is displayed Click the button to display the configurati...

Страница 47: ...play of options that are not available Options that are not available because they depend on the selection of other options are generally hidden If the display of these options could be helpful for a...

Страница 48: ...ote Please note that not all devices have the full range of functions Use your product spe cification to check which software your device has 5 Access and configuration bintec elmeg GmbH 34 be IP 4isd...

Страница 49: ...ep by step instructions for the following basic configuration tasks Choose the corresponding task from the navigation bar and follow the instructions and ex planations on the separate pages of the Wiz...

Страница 50: ...or the power supply After installation of the new system software the system must be restarted In the Full Access and Expert views of your device the status page displays the most important system inf...

Страница 51: ...layed in brackets as a percentage ISDN Usage Internal Shows the number of active B channels and the maximum num ber of available B channels for incoming connections Active Sessions SIF RTP etc Display...

Страница 52: ...here and their most important settings are shown The system also displays whether the inter face is active 7 2 Global Settings The basic system parameters are managed in the Global Settings menu 7 2...

Страница 53: ...reated System messages are only recorded internally if they have a higher or identical priority to that indicated i e all messages generated are recorded at syslog level 73 Possible values 0 Only mess...

Страница 54: ...ou want to run your own management system you need to enter the address of your server here Manual WLAN Control ler IP Address This function is only available on devices with a wireless LAN controller...

Страница 55: ...ing the passwords is another basic system setting Note All bintec elmeg devices are delivered with the same username and password As long as the password remains unchanged they are not protected again...

Страница 56: ...ss OK or call the menu again they are displayed as asterisks 7 2 3 Date and Time You need the system time for tasks such as correct timestamps for system messages ac counting or IPSec certificates You...

Страница 57: ...r time and back must be carried out manually if the time is derived using this method by changing the value in the Time Zone field with an option UTC or UTC Note If a method for automatically deriving...

Страница 58: ...deactivated for the period in which the time is determined by means of a time server The function is activated by selecting 7 The function is disabled by default First Timeserver Enter the primary tim...

Страница 59: ...an IP address In addition select the protocol for the time server request Possible values 9 default value This server uses the simple network time protocol via UDP port 123 5 This server uses the Tim...

Страница 60: ...electing 7 Time requests from a client will be answered with the current system time This is given as GMT without offset The function is disabled by default Time requests from a client are not answere...

Страница 61: ...rd for licences at additional cost You will then receive an e mail containing the following data Licence Key and Licence Serial Number You enter this data in the System Management Global Settings Syst...

Страница 62: ...er the licence key you received by e mail Note If 9 is displayed as the status Enter the licence data again Check your hardware serial number If 9 3 is displayed as the status you have entered a licen...

Страница 63: ...es If your device has a radio port it receives the interface name WLAN If there are several ra dio modules the names of wireless ports in the user interface of your device are made up of the following...

Страница 64: ...arts a Abbreviation for interface type b Number of the wireless module on which the client link is configured c Number of the client link Example first client link on the first wireless module The nam...

Страница 65: ...after you click the OK button Configuration Interface Select the interface via which the configuration is to be carried out Possible values default value Ex works setting The right con figuration int...

Страница 66: ...figuration settings You can use the MAC Bridge The System Management Interface Mode Bridge Groups Interfaces menu consists of the following fields Fields in the Layer 2 5 Options menu Field Value Inte...

Страница 67: ...MAC address to establish the connection to the access point The function is enabled with 7 The function is disabled by default 7 4 Administrative Access In this menu you can configure the administrati...

Страница 68: ...istrative Access Access Add menu consists of the following fields Fields in the menu Access Field Description Interface Select the interface for which administrative access is to be con figured 7 4 2...

Страница 69: ...tivated by selecting 7 The function is enabled by default SSH Port Here you can enter the port via which the SSH connection is to be established The default value is Maximum number of concurrent conne...

Страница 70: ...d again You can then repeat generation If the B 2 status is displayed generation of a key is not possible for example because there is not enough space in the FlashROM The status is 9 by default ED255...

Страница 71: ...pace in the FlashROM The status is 9 by default The menu Advanced Settings consists of the following fields Fields in the menu Advanced Settings Field Value Login Grace Time Enter the time in seconds...

Страница 72: ...ckets that can be transmit ted as well as the communication process The data objects queried via SNMP are structured in tables and variables and defined in the MIB Management Information Base This con...

Страница 73: ...v3 you should if possible use this version as older versions transfer all data unencrypted 7 5 Remote Authentication This menu contains the settings for user authentication 7 5 1 RADIUS RADIUS Remote...

Страница 74: ...etween the RADIUS server and your device client Packet types Field Value ACCESS_REQUEST Client Server If an access request is received by your device a request is sent to the RADIUS server if no corre...

Страница 75: ...n Type Select what the RADIUS server is to be used for Possible values 3 default value only for PPP connec tions The RADIUS server is used for controlling access to a network 3 for PPP connections onl...

Страница 76: ...r with the highest priority is used first If this server does not an swer the server with the next highest priority is used Possible values from highest priority to lowest priority The default value i...

Страница 77: ...cation 1645 in older RFCs and 1813 for accounting 1646 in older RFCs You can obtain the port to be used from the documenta tion for your RADIUS server The default value is Server Timeout Enter the max...

Страница 78: ...alout routes This enables temporary interfaces to be configured automatically and your device can initiate outgoing connections that are not configured permanently The function is activated by selecti...

Страница 79: ...abled by default 3 7 is diabled by default 7 6 Configuration Access In the Configuration Access menu you can configure user profiles To do so you create access profiles and users and assign each user...

Страница 80: ...the access profile Level No The system automatically assigns a sequential number to the access profile This cannot be edited Fields in the menu Buttons Field Description Save configuration If you act...

Страница 81: ...You see all the menus from the GUI s navigation bar Menus that contain at least one sub menu are flagged by and The icon indicates pages When you create a new access profile no elements are as signed...

Страница 82: ...the information is released for reading and writing The icon indicates blocked entries 7 6 2 1 Edit or New Choose the icon to edit existing entries Choose the New button to enter additional users The...

Страница 83: ...key and a private key is used to encrypt and decrypt the data For encryption the sender requires the public key of the recipient The recipient decrypts the data using his private key To ensure that th...

Страница 84: ...e content of the selected object key certificate or request The certificates and keys themselves cannot be changed but a few external attributes can be changed depending on the type of the selected en...

Страница 85: ...disabled by default Caution It is extremely important for VPN security that the integrity of all certificates manually marked as trustworthy certification authority and user certificates is ensured T...

Страница 86: ...fault value Your device generates a PKCS 10 for the key This file can then be uploaded directly in the browser or copied in the menu using the View details field This file must be provided to the CA a...

Страница 87: ...th the enrolment process provided no more important para meters are missing In this case it returns to the Generate Certificate Request menu If the CA certificate does not contain a CRL distribution p...

Страница 88: ...me individually as specified by the CA or want to enter a special subject name If 7 is selected a subject name can be given in Sum mary with attributes not offered in the list Example CN VPNServer DC...

Страница 89: ...d Settings consists of the following fields Fields in the Subject Alternative Names menu Field Description 1 2 3 For each entry define the type of name and enter additional subject names Possible valu...

Страница 90: ...tificates Certificate List Import consists of the following fields Fields in the Import menu Field Description External Filename Enter the file path and name of the certificate to be imported or use B...

Страница 91: ...P supports the issue and revocation of certificates in networks 7 7 2 1 Import Choose the Import button to import CRLs The System Management Certificates CRLs Import menu consists of the following fie...

Страница 92: ...he private key and provides certificate revocation lists CRL that are accessed by the device via LDAP or HTTP in order to verify certificates 7 7 3 1 New Choose the New button to set up a certificate...

Страница 93: ...hed when splitting ports make sure that Ethernet interface with the preconfigured IP address and netmask is assigned to a port that can be reached via Ethernet If in doubt carry out the configuration...

Страница 94: ...oup together several switch ports into one interface the full bandwidth of max 1000 mbps full duplex is available for all the ports to gether The menu Physical Interfaces Ethernet Ports Port Configura...

Страница 95: ...interface Possible values 7 default value No flow control is performed 7 Flow will be controlled 3 Flow will be controlled automatically 8 2 ISDN Ports In this menu you configure the ISDN interfaces o...

Страница 96: ...a list of all ISDN ports and their configuration are displayed 8 2 1 1 Edit Choose the icon to edit the configuration of the ISDN port The Physical Interfaces ISDN Ports ISDN Configuration menu consi...

Страница 97: ...n the Advanced Settings menu Field Description X 31 X 25 in D Chan nel Select whether you want to use X 31 X 25 in the D channel e g for CAPI applications The function is enabled with 7 The function i...

Страница 98: ...device s general routing service This enables ISDN remote terminals to establish data connections with your LAN among oth er things This enables partners outside your own local network to access host...

Страница 99: ...nding service Note If no entry is specified ex works state every incoming ISDN call is accepted by the ISDN Login service To avoid this you should make the necessary entries here As soon as an entry e...

Страница 100: ...N Recognition MSN Recognition Select the mode your device is to use for the number comparis on for MSN with the called party number of the incoming call Possible values 1 default value 1 Always select...

Страница 101: ...TU G 992 2 G DMT Bis ITU G 992 3 ADSL2 Double Ended Line Test 3 ADSL2 Plus ITU G 992 5 3 ADSL2 Plus Double Ended Line Test Reach Extended ADSL2 Reach Extended ADSL2 Double Ended Line Test 6 6 6 F 6 F...

Страница 102: ...ly for Annex J devices ADSL2 Plus G 992 5 Annex J is used The ADSL interface is not active Transmit Shaping Select whether the data rate in the send direction is to be re duced This is only needed in...

Страница 103: ...sts of the following fields Fields in the Advanced Settings menu Field Description ADSL Line Profile Select the internet service provider you require and in doing so implicitly select the modem parame...

Страница 104: ...s Ethernet interfaces in routing mode You can use the New button to create virtual interfaces However this is only needed in special applications e g BRRP Depending on the option selected different fi...

Страница 105: ...you can manually specify a static value One host address can be created through 3 3 for additional host addresses you can specify static values If your device acts a router it commonly distributes the...

Страница 106: ...face is not assigned for a specific purpose E 9 This option only applies for routing inter faces You use this option to assign the interface to a VLAN This is done using the VLAN ID which is displayed...

Страница 107: ...onnection that has been initiated from a trus ted zone You can configure exceptions for the selected setting in the Firewall on page 277 menu Address Mode Select how an IP address is assigned to the i...

Страница 108: ...tside of your LAN You can configure exceptions for the selected setting in the Firewall on page 277 menu IPv6 Mode Only for IPv6 7 Select whether the interface is to be operated in host or in router m...

Страница 109: ...cept Router Advertisement 7 and DHCP Client 7 its IPv6 addresses are determined through SLAAC You need not configure an IPv6 address manually but you can enter addtional addresses if desired If your...

Страница 110: ...lds in the Link Prefix menu Field Description Setup Mode Select in which way the Link Prefix is to be determined Possible values 1 6 default value The Link Prefix is derived from a General Prefix You...

Страница 111: ...scribes the fourth of the four 16 bit fields of a Link Prefix Possible values are Upon subnet creation the decimal ID value is converted to a hexadecimal one Link Prefix Only for Setup Mode You can sp...

Страница 112: ...hould be set This al lows the host to enter the prefix from the prefix list The function is activated by selecting 3 The function is enabled by default Autonomous Flag Select whether the Autonomous Ad...

Страница 113: ...t name requested by the provider The maximum length of the entry is 45 characters DHCP Broadcast Flag Only for Address Mode Choose whether or not the BROADCAST bit is set in the DHCP requests for your...

Страница 114: ...ertise ment 7 Enter a time period in seconds The router remains in the de fault router list throughout this interval The default value is seconds The maximum value is seconds A value of means that the...

Страница 115: ...h SLAAC In this case the router sends only data via DHCP that are not address related By selecting hosts receive IPv6 addresses as well as not address related in formation through DHCP DNS Propagation...

Страница 116: ...ral VLAN segmenting can be configured with all interfaces VLAN for Bridging and VLAN for Routing In the LAN VLAN menu VLANs virtual LANs are configured with interfaces that operate in Bridging mode Us...

Страница 117: ...this port are to be transmitted i e with VLAN in formation or i e without VLAN information 9 2 2 Port Configuration In this menu you can define and view the rules for receiving frames at the VLAN port...

Страница 118: ...ke general settings for a VLAN The options must be configured sep arately for each bridge group The LAN VLANs Administrationmenu consists of the following fields Fields in the Bridge Group br ID VLAN...

Страница 119: ...configuration in succession i e they are managed via the WLAN controller and can no longer be amended externally With the WLAN controller you can automatically detect individual access points APs and...

Страница 120: ...must be entered for each AP in the Sys tem Management Global Settings System menu in the Manual WLAN Controller IP Address field Please note Make sure that option 138 is active when using an external...

Страница 121: ...yed in the list At least one wireless network VSS is set up This entry cannot be deleted Click on to edit an existing entry You can also delete entries using the icon With Add you can create new entri...

Страница 122: ...tant Change the default Preshared Key If the key has not been changed your device will not be protected against unauthorised access Radius Server You can control access to a wireless network via a RAD...

Страница 123: ...r all selected access points You can change these settings The following parameters are available in the Access Point Settings menu Location Displays the stated locality of the AP You can enter anothe...

Страница 124: ...rtially occupies the adjacent chan nels In the case of manual channel selection please make sure first that the APs actually sup port these channels Transmit Power Displays the transmission power in d...

Страница 125: ...VLAN function and assign a VLAN ID during the configuration of a VSS For the separation from other in terfaces to work properly you need to create a virtual interface with its own IP configura tion a...

Страница 126: ...his option if you intend to use your device as DHCP server for this VLAN IP Address Range Only for DHCP Server Specify the first and the last IP address which your device is to distribute inside the V...

Страница 127: ...to assign fixed IP addresses yourself Alternatively you can use your device as a DHCP server For this internal DHCP server CAPWAP option 138 is active in order to allow communication between the maste...

Страница 128: ...anage are located in the LAN or the WAN Possible values 9 default value 8 9 The 8 9 setting is useful if for example there is a wireless LAN controller installed at head office and its APs are distrib...

Страница 129: ...automatically when it is integrated into the network By default All is activated so that the entry matches every new access point IP Address Netmask Enter an IP address and a netmask You can enter hos...

Страница 130: ...on column You can disconnect the Access Point from the WLAN Controller and therefore remove it from your WLAN infrastructure by click on the button The Access Point then receives the status but is no...

Страница 131: ...le the data for wireless module 1 are displayed The menu consists of the following fields Fields in the Access Point Settings menu Field Description Device Displays the type of device for the AP Locat...

Страница 132: ...ng the network name SSID in Access Point mode means that wireless networks can be logically separated from each other but they can still physically interfere with each other if they are operating on t...

Страница 133: ...n troller Slave AP configuration Radio Profiles menu A profile with 2 4 GHz and a pro file with 5 GHz are created by default the 2 4 GHz profile cannot be deleted For each wireless module profile you...

Страница 134: ...operated at 5 GHz outside buildings H 5 3 Your device is operated at 5 GHz inside or outside buildings H 3 Only for so called Broadband Fixed Wireless Access BFWA applications The frequencies in the...

Страница 135: ...ort The data rates 5 5 and 11 mbps must be supported by all clients basic rates 75 5 Your device operates according to either 802 11b 802 11g or 802 11n 5 Your device operates according to either 802...

Страница 136: ...lient cannot achieve only a poor flow level because a less powerful client e g a 802 11a client is treated in the same way when apportioning The function is enabled with 7 The function is disabled by...

Страница 137: ...d channels your self User Defined Channel Plan Only for Channel Plan 1 The currently selected channels are displayed here With Add you can add channels If all available channels are displayed you cann...

Страница 138: ...3 A According to setting for Operation Band Band width Number of Spatial Streams and Wireless Mode vari ous fixed values in mbps are available Short Retry Limit Enter the maximum number of attempts t...

Страница 139: ...ign unassigned VSS to all radio modules click on the Start button to assign a newly created VSS to all wireless modules 10 3 3 1 Edit or New Choose the icon to edit existing entries Choose the New but...

Страница 140: ...ce or video prioritisation via WMM Wireless Multimedia is to be activated for the wireless network so that optimum transmission quality is always achieved for time critical applications Data prioritis...

Страница 141: ...urity Mode 8 or 8 Select one of the keys configured in WEP Key as a standard key The default value is 0 WEP Key 1 4 Only for Security Mode 8 8 Enter the WEP key Enter a character string with the right...

Страница 142: ...ult value AES is used TKIP is used AES or TKIP is used Preshared Key Only for Security Mode 8 Enter the WPA password Enter an ASCII string with 8 63 characters Note Change the default Preshared Key If...

Страница 143: ...oss all wireless networks configured for this radio module No more new wire less networks can be created and a warning message will ap pear if the maximum number of clients is reached Possible values...

Страница 144: ...o cells with as little delay as possible e g with Voice over WLAN G H 7 1 Preference is given to accept ing clients in the 2 4 GHz band H 7 1 Preference is given to accepting clients in the 5 GHz band...

Страница 145: ...time for a blacklist entry to be created Default values are failed attempts during seconds Blacklist blocktime Enter the time for which an entry in the dynamic blacklist re mains valid Default value i...

Страница 146: ...connected from the access point Select the rate profile to be applied 5 All clients supporting a transfer rate of 1 MBit s are allowed to connect to the access point 5 7 see above for clients with a m...

Страница 147: ...seconds during which the signal strength of a client may fall below the RSSI threshold without the client be ing disconnected The default value is seconds 10 4 Monitoring This menu is used to monitor...

Страница 148: ...LAN MAC Address Channel Tx Bytes and Rx Bytes Moreover you can see if an access point is in or state Via the icon you can open an summary with additional details about the Slave Access Points 10 4 2 1...

Страница 149: ...WLAN Authenticate The client is in the process of being authenticated Authenticated The client is authenticated Via the icon you can open a summary with additional details about the Active Clients Val...

Страница 150: ...r could attempt to spy on data in your network using a rogue AP Although each AP is found more than once it is only displayed once with the strongest sig nal You see the following parameters for each...

Страница 151: ...will receive a warn ing that the wireless modules of the access points must also be disabled for a certain peri od of time When you start the process with OK a progress bar is displayed The located A...

Страница 152: ...additional blacklist entries The menu consists of the following fields Fields in the New Blacklist Entry menu Field Description Rogue Client MAC Ad dress Enter the MAC address of the client you intend...

Страница 153: ...mware Maintenance menu consists of the following fields Fields in the Firmware Maintenance menu Field Description Action Select the action you wish to execute After each task a window is displayed sho...

Страница 154: ...URL Only for Source Location or Enter the URL of the update server from which the system soft ware file is loaded or on which the configuration file is saved 10 Wireless LAN Controller bintec elmeg Gm...

Страница 155: ...You can enter several default routes on your device but only one default route can be active at any one time If you enter several default routes you should thus note differing values for Metric 11 1 1...

Страница 156: ...tes can still be configured for data traffic via that interface The set tings received from the DHCP server are then copied along with those configured here to the active routing table This en ables e...

Страница 157: ...d with ex tended parameters If the function is active a route is created with extended routing parameters such as source interface and source IP address as well as protocol source and des tination por...

Страница 158: ...ption Enter a description for the IP route Source Interface Select the interface over which the data packets are to reach the device The default value is 9 Source IP Address Netmask Enter the IP addre...

Страница 159: ...all port numbers Enables the entry of a port number Enables the entry of a range of port numbers Entry of privileged port numbers 0 1023 Entry of server port numbers 5000 32767 Entry of client port nu...

Страница 160: ...lues 3 2 default value The route can be used if the interface is up If the interface is dormant then dial and wait until the interface is up 3 The route can always be used 3 3 The route can be used wh...

Страница 161: ...is enabled by default Route Type Select the type of route Possible values 1 3 3 1 Route via a specific in terface which is used if no other adequate route is available 1 3 3 2 0 Route via a specific g...

Страница 162: ...ge from to The default value is 11 1 3 IPv4 Routing Table A list of all IPv4 routes is displayed in the Network Routes IPv4 Routing Table menu The routes do not all need to be active but can be activa...

Страница 163: ...e symbol 11 1 4 IPv6 Routing Table A list of all configured IPv6 routes is displayed in the Network Routes IPv6 Routing Ta ble menu Fields in the IPv6 Routing Table menu Field Description Route Displa...

Страница 164: ...ields Fields in the Back Route Verify menu Field Description Mode Select how the interfaces to be activated for Back Route Verify are to be specified Possible values 7 1 1 Back Route Verify is activ a...

Страница 165: ...fix you need to introduce it into your system once All subnets and IPv6 addresses derived from the General Prefix change automatically after an update In order to IPv6 you need to configure how subnet...

Страница 166: ...fullfil the following conditions IPv6 is 7 IPv6 Mode DHCP Client is 7 Used Prefix Length Only with Type Enter the prefix to be used Enter the corresponding length This prefix must end with The default...

Страница 167: ...they were coming from the WAN You can use this to test the server ser vices The function is disabled by default Silent Deny Select whether IP packets are to be silently denied by NAT If this function...

Страница 168: ...figured Possible values 0 default value NAT is configured for all interfaces 1 A Select one of the interfaces from the list Type of traffic Select the type of data traffic for which NAT is to be confi...

Страница 169: ...ce port are administratively set Inbound only response packets within the existing connection are allowed In the NAT Configuration Specify original traffic menu you can configure for which data traffi...

Страница 170: ...network mask destination IP address net mask etc are excluded by NAT Protocol Only for certain services Not for Type of traffic 3 3 9 and NAT method 13 or In this case UDP is automatically defined Se...

Страница 171: ...e of traffic 9 Service 3 1 and Protocol 5 Enter the destination port or the destination port range of the original data packets The default setting means that the port is not specified Original Source...

Страница 172: ...0 Service 3 1 and Pro tocol 5 or Type of traffic 6 3 8 3 9 Service 3 1 and Protocol 5 Enter the destination port or the destination port range of the original data packets The default setting means t...

Страница 173: ...affic 3 3 9 NAT method 0 Service 3 1 Protocol 5 and Original Source Port Range or 10 Leave the source port as it appears or enter a new source port to which the original source port is to be translate...

Страница 174: ...entered on Ethernet interface ETH Example scenario Configuration target You configure NAT enables for accessing your gateway over HTTP You also want to access your terminal server and the corporate we...

Страница 175: ...n New New Destination IP Ad dress Netmask Network NAT NAT Configuration New New Destination Port Network NAT NAT Configuration New disabled Web server Field Menu Value Description Network NAT NAT Conf...

Страница 176: ...d Balancing The increasing amount of data traffic over the Internet means it is necessary to send data over different interfaces to increase the total bandwidth available IP load balancing en ables th...

Страница 177: ...New consists of the following fields Fields in the Basic Parameters menu Field Description Group Description Enter the desired description of the interface group Distribution Policy Select the way th...

Страница 178: ...match the current group context and config ure these You can also delete interfaces Use Add to create more entries Fields in the Basic Parameters menu Field Description Group Description Shows the de...

Страница 179: ...tiple load balancing groups configuration of the route selector is essential The route selector must be configured identically for all inter face entries within a load balancing group Select the Desti...

Страница 180: ...source data transmission using Load Balancing might be terminated at times without Special Session Handling The Networking Load Balancing Special Session Handling menu displays a list of entries If y...

Страница 181: ...nction is activated by selecting 7 The function is enabled by default Description Enter a name for the entry Service Select one of the preconfigured services if required The ex tensive range of servic...

Страница 182: ...the source IP address and netmask of the data packets Possible values 0 default value Enter the IP address of the host 9 2 B Enter the network address and the related net mask Source Port Range Enter...

Страница 183: ...by default If you leave the default setting 7 for one or both para meters the value of the parameter concerned must be the same as in the first data packet with data packets sent sub sequently You ca...

Страница 184: ...cific The configuration of the DNS servers is automatically created when you create the ADSL connections and can be seen in the menu Local SevicesDNSDNS Server Overview of Configuration Steps Set up f...

Страница 185: ...Menu Value Group Description Network Load Balancing Load Bal ancing Groups New e g Distribution Policy Network Load Balancing Load Bal ancing Groups New 3 7 Distribution Mode Network Load Balancing L...

Страница 186: ...assifying data Prioritising data 11 5 1 IPv4 IPv6 Filter In the Networking IPv4 IPv6 Filter QoS Filter menu IP filters are configured The list also displays any configured entries from Networking Acce...

Страница 187: ...new TCP connection on routing over the gateway match the filter 0 default value All TCP packets match the filter Destination IPv4 Ad dress Netmask Enter the destination IPv4 address of the data packe...

Страница 188: ...the source IPv4 address of the data packets and the cor responding netmask Possible values 0 default value The source IP address netmask are not specified Enter the source IP address of the host 9 2 B...

Страница 189: ...ode Point according to RFC 3260 is used to signal the priority of IP packets indicated in decimal format 6 E 3 Differentiated Services Code Point according to RFC 3260 is used to signal the priority o...

Страница 190: ...ss map Choose the class plan you want to create or edit Possible values 9 2 default value You can create a new class plan with this setting 9 1 A Shows a class plan that has already been created which...

Страница 191: ...a class Note The class ID is a label to assign data packets to specific classes The class ID does not define the priority Possible values are whole numbers between and Set DSCP Traffic Class Filter L...

Страница 192: ...olicies menu you set prioritisation of data Note Data can only be prioritized in the outgoing direction Packets in the high priority class always take priority over data with class IDs 1 254 It is pos...

Страница 193: ...ailable bandwidth is distributed according to the weighting weight of the queue Exception High priority pack ets are always handled with priority 8 D3 3 QoS is activated on the inter face The availabl...

Страница 194: ...ossible values 1 Value in byte Possible values are to 1 11 M default value Can only be selected for Ethernet interfaces E 9 E 9 Can only be selected for IPSec interfaces E 9 E 9 Encryption Method Only...

Страница 195: ...e values All RTP streams are optimised The function activates the RTP stream detection mechanism for the automatic detection of RTP streams In this mode the Real Time Jitter Control is activated as so...

Страница 196: ...queue Select the queue priority type Possible values default value Queue for data classified as normal 0 Queue for data classified as high priority 1 3 Queue for data that has not been classified or...

Страница 197: ...ng Activate or deactivate data rate Traffic Shaping limiting in the send direction The data rate limit applies to the selected queue This is not the limit that can be defined on the interface The func...

Страница 198: ...ets in the QoS queue if the maximum size of the queue is exceeded Possible values default value The newest packet received is dropped The oldest packet in the queue is dropped A randomly selected pack...

Страница 199: ...n IP address packet protocol source and or destination port port ranges are supported Access lists are an effective means if for example sites with LANs interconnected over a bintec elmeg gateway wish...

Страница 200: ...er can also be used in dif ferent rule chains You can also assign a rule chain individually to each interface Caution Make sure you don t lock yourself out when configuring filters If possible access...

Страница 201: ...sic Parameters menu Field Description Description Enter a description for the filter Service Select one of the preconfigured services The extensive range of services configured ex works includes the f...

Страница 202: ...0 default value The destination IP address netmask are not specified Enter the destination IP address of the host 9 2 B Enter the destination network address and the cor responding netmask Destinatio...

Страница 203: ...g netmask Source IPv6 Address Length Enter the source IPv6 address of the data packets and the pre fix length Possible values 0 default value The source IP address length are not specified Enter the s...

Страница 204: ...is specified in decimal format e g 63 6 E 3 The TOS value is specified in hexadecimal format e g 3F COS Filter 802 1p Layer 2 Enter the service class of the IP packets Class of Service CoS Possible va...

Страница 205: ...taken for a filtered data packet Possible values 2 1 1 default value Allow packet if it matches the filter 2 1 1 Allow packet if it does not match the filter 0 1 1 Deny packet if it matches the filter...

Страница 206: ...ich a configured rule chain is to be as signed Rule Chain Select a rule chain Silent Deny Define whether the sender is to be informed if an IP packet is denied 7 default value The sender is not inform...

Страница 207: ...to hold audio con ferences All subscribers are displayed in a window and the speaker s are indicated by a black box Other areas of use are of particular interest to companies Here multicasting makes...

Страница 208: ...ddresses Several senders with different IP addresses can therefore transmit to the same multicast group leading to a 1 to n rela tionship between groups and source addresses This information is forwar...

Страница 209: ...lients are taken into consideration At the moment there are three versions of IGMP V1 V3 most current sys tems use V3 and less often V2 Two packet types play a central role in IGMP queries and reports...

Страница 210: ...ks with several hosts improving per formance Possible values are G to G The default value is G Robustness Select the multiplier for controlling the timer values A higher value can e g compensate for p...

Страница 211: ...in the Advanced Settings menu Field Description IGMP Proxy Select whether your device is to forward the hosts IGMP mes sages in the subnet via its defined Proxy Interface Proxy Interface Only for IGMP...

Страница 212: ...t is always off Mode Only for IGMP Status or 3 Select Multicast Mode Possible values 7 0 default value The router uses IG MP version 3 If it notices a lower version in the network it uses the lowest v...

Страница 213: ...ddress range 224 0 0 0 4 are to be forwarded from the defined Source Interface to the defined Destination Interface To do this check 7 Disable the option if you only want to forward one defined mul ti...

Страница 214: ...e If you want to set up Internet access you must set up a connection to your Internet Service Provider ISP For broadband Internet access your device provides the PPP over Ethernet PPPoE PPP over PPTP...

Страница 215: ...partner The first character in this field must not be a number No special charac ters or umlauts must be used PPPoE Mode Select whether you want to use a standard Internet connection over PPPoE or you...

Страница 216: ...r your Internet connec tion Click the Add button to create new entries User Name Enter the user name Password Enter the password VLAN Certain Internet service providers require a VLAN ID Activate this...

Страница 217: ...ted to a connection that has been initi ated from a trusted zone You can configure exceptions for the selected setting in the Firewall on page 277 menu IP Address Mode Select whether your device is to...

Страница 218: ...lues The default value is Fields in the IPv6 Settings menu Field Description IPv6 Select whether the selected PPPoE interface should use Inter net Protocol version 6 IPv6 for data transmission The fun...

Страница 219: ...6 7 and IPv6 Mode Determine if your device is to act as DHCP client The function is activated by selecting 7 The function is enabled by default IPv6 Addresses Only for IPv6 7 You can assign IPv6 Addre...

Страница 220: ...IPv6 General Prefixes General Prefix Configuration New Auto Subnet Configur ation Only if Setup Mode 1 6 and if a Gener al Prefix has been selected Select if the subnet is to be created automatically...

Страница 221: ...ed by default EUI 64 triggers the following process The hexadecimal 48 bit MAC address is split into 2 x 24 bit is inserted into the created gap in order to obtain 64 bit The hexadecimal notation of t...

Страница 222: ...n MS CHAP version 1 PPP Microsoft Challenge Handshake Authentication Protocol 5 5 Primarily run CHAP on denial then the authentication protocol required by the connection partner MSCHAP version 1 or 2...

Страница 223: ...default value 3 the value is specified by link control at connection setup If you disable 3 you can enter a value Possible values are to The default value is 13 1 2 PPTP A list of all PPTP interfaces...

Страница 224: ...t whether the interface should always be activated The function is enabled with 7 The function is disabled by default Only activate this option if you have Internet access with a flat rate charge Conn...

Страница 225: ...ally assigned a temporarily valid IP address from the provider You enter a static IP address Default Route Select whether the route to this connection partner is to be defined as the default route The...

Страница 226: ...ec tion before the interface is blocked Possible values are to The default value is Authentication Select the authentication protocol for this Internet connection Select the authentication specified b...

Страница 227: ...disabled by default PPTP Address Mode Displays the address mode The value cannot be changed Possible values The Local PPTP IP Address will be assigned to the selected Ethernet port Local PPTP IP Addre...

Страница 228: ...oA New consists of the following fields Fields in the Basic Parameters menu Field Description Description Enter a name for uniquely identifying the connection partner The first character in this field...

Страница 229: ...IP packets are allowed through except for those which are explicitly prohibited 3 default value Only those packets are transmit ted that can be attributed to a connection that has been initi ated from...

Страница 230: ...uses a default netmask The lower the value the higher the priority of the route range of values The default value is Fields in the IPv6 Settings menu Field Description IPv6 Select whether the selected...

Страница 231: ...unction is activated by selecting 7 The function is enabled by default DHCP Client Only for IPv6 7 and IPv6 Mode Determine if your device is to act as DHCP client The function is activated by selectin...

Страница 232: ...You can choose from the General Prefixes available under Net work IPv6 General Prefixes General Prefix Configuration New Auto Subnet Configur ation Only if Setup Mode 1 6 and if a Gener al Prefix has...

Страница 233: ...I 64 The function is activated by selecting 7 The function is enabled by default EUI 64 triggers the following process The hexadecimal 48 bit MAC address is split into 2 x 24 bit is inserted into the...

Страница 234: ...en crypted 5 Primarily run CHAP otherwise PAP Only run MS CHAP version 1 PPP Microsoft Challenge Handshake Authentication Protocol 5 5 Primarily run CHAP on denial then the authentication protocol re...

Страница 235: ...pools This means that if an incoming call has been authenticated your device first checks whether a host route is entered in the routing table for this caller If not your device can al locate an IP ad...

Страница 236: ...ermines the route that the data should take for example Multiple virtual connections can be set up over a single physical interface The data is transmitted in so called cells or slots of constant size...

Страница 237: ...The menu WAN ATM Profiles New consists of the following fields Fields in the ATM Profiles Parameter menu Field Description Provider Select one of the preconfigured ATM profiles for your provider from...

Страница 238: ...VCI Only for Provider 1 Enter the VCI value of the ATM connection The VCI is the iden tification number of the virtual channel A virtual channel is the logical connection for the transport of ATM cell...

Страница 239: ...nterfaces Only for Type Select whether this Ethernet over ATM interface is to be used for all PPPoE connections The function is enabled with 7 The function is disabled by default Address Mode Only for...

Страница 240: ...or Address Mode If necessary enter the host name registered with the provider to be used by your device for DHCP requests The maximum length of the entry is 45 characters Fields in menu Routed Protoco...

Страница 241: ...only be used if your provider specifies a list of data traffic parameters traffic contract The configuration of ATM QoS requires extensive knowledge of ATM technology and the way the bintec elmegbint...

Страница 242: ...ded by the volume configured in Maximum Burst Size MBS Any additional ATM traffic is discarded The Peak Cell Rate PCR constitutes the maxim um possible data rate This category is suitable for non crit...

Страница 243: ...tual channel VC The VP is defined by the VPI value the VC by VPI and VCI Note Generally monitoring is not carried out by the terminal but is initiated by the ISP Your device then only needs to react c...

Страница 244: ...th Virtual Channel Con nection VCC Only for OAM Flow Level Select the already configured ATM connection to be monitored displayed by the combination of VPI and VCI Virtual Path Connec tion VPC Only fo...

Страница 245: ...tion is enabled with 7 The function is disabled by default Segment Send Interval Only if Loopback Segment is enabled Enter the time in seconds after which a loopback cell is sent Possible values are t...

Страница 246: ...ceived 3 CC data is generated Continuity Check CC Segment Select whether you want to activate the OAM CC test for the segment connection segment connection of the local end point to the next connectio...

Страница 247: ...during a telephone call 13 3 1 Controlled Interfaces In the WAN Real Time Jitter Control Controlled Interfaces a list of functions is dis played for which the Real Time Jitter Control function is conf...

Страница 248: ...imised Voice data transmission is not optimised 2 0 Voice data transmission is always optimised Maximum Upload Speed Enter the maximum available upstream bandwidth in kbp s for the selected interface...

Страница 249: ...ion and authentication of IP packets IPSec offers mechanisms for encrypting and decrypting the data transferred in the IP packets The IPSec implementation can also be smoothly integrated in a Public K...

Страница 250: ...Filter IPSec phase 2 negotiation begins and data traffic is transferred over the tunnel Note The parameter Additional IPv4 Traffic Filter is exclusively relevant for the initiator of the IPSec connect...

Страница 251: ...scription of the peer that identifies it The maximum length of the entry is 255 characters Peer Address Select the IP Version You can choose if IPv4 or IPv6 is to be preferred or if only one IP versio...

Страница 252: ...ex Exchange Protocol Version 2 Authentication Method Only for Internet Key Exchange Select the authentication method Possible values 0 default value If you do not use certific ates for the authenticat...

Страница 253: ...e sure your device selects the first al ternative subject name by default Make sure you and your peer both use the same name i e that your local ID and the peer ID your partner configures for you are...

Страница 254: ...erver for connecting clients This is taken from the selected IP Assignment Pool Config Mode Only where IP Address Assignment 1 or 1 Possible values 3 default value The client requests the IP address a...

Страница 255: ...ange from to The default value is Route Entries Only for IP Address Assignment or 1 Define routing entries for this connection partner IP address of the destination host or LAN 9 B Netmask for The low...

Страница 256: ...the value entered for Priority the higher the prior ity of the route Additional data traffic filters bintec elmeg Gateways support two different methods for establishing IPSec connections a method bas...

Страница 257: ...to the initiator of the IPSec connection it only applies to outgoing data traffic Note Please note that the phase 2 policies must be configured identically on both of the IPSec tunnel endpoints Add ne...

Страница 258: ...arked as standard in VPN IPSec Phase 1 Profiles 3 Uses a special profile which contains the proposals for Phase 1 3DES MD5 AES MD5 and Blowfish MD5 regardless of the proposal selection in menu VPN IPS...

Страница 259: ...ID specified in the client peer configuration since the ID is still used to differentiate the tunnels created via the dynamic peer The resulting gateway peer would match all incoming tunnel requests I...

Страница 260: ...selected for Public Interface Specify how strictly the setting is handled Possible values Only the selected interface is used independently from the priorities in the current routing table 1 The prior...

Страница 261: ...abled by default Note that MobIKE requires a current IPSec client e g the cur rent Windows 7 or Windows 8 client or the latest version of the bintec elmeg IPSec client IPv4 Proxy ARP Select whether yo...

Страница 262: ...the field Service This entry ensures that incoming calls for this number are routed to the IPSec service If callback is active the peer is caused to initiate setting up an IPSec tunnel by an ISDN cal...

Страница 263: ...he B channel but here the call must be accepted by the remote station and therefore incurs costs If a peer whose IP address has been assigned dynamically wants to arrange for another peer to set up an...

Страница 264: ...ode using preshared keys Note In some countries e g Switzerland the call in the D channel can also incur costs An incorrect configuration at the called side can mean that the called side opens the B c...

Страница 265: ...isabled by default Transfer Mode Only for Transfer own IP address over ISDN GSM enabled Select the mode in which your device is to attempt to transfer its IP address to the peer Possible values 3 7 Yo...

Страница 266: ...iles is displayed in the VPN IPSec Phase 1 Profiles menu In the Default column you can mark the profile to be used as the default profile 14 1 2 1 New Choose the Create new IKEv1 Profile or Create new...

Страница 267: ...ominated as AES due to its fast key setup low memory requirements high level of security against attacks and general speed The partner s AES key length is used here If this has also selected the param...

Страница 268: ...512 bit hash length Depending on the hardware of your device some options may not be available Please note that the quality of the algorithms is subject to relat ive aspects and may change due to mat...

Страница 269: ...reshared Keys These are configured during peer configuration in the VPN IPSec IPSec Peers The preshared key is the shared password 3 Phase 1 key calculations are authenticated using the DSA algorithm...

Страница 270: ...propose another mode Local ID Type Only for Phase 1 IKE Parameters Select the local ID type Possible values 3 0 D3 1 9 D 9 E 9 9 3 9 0 Local ID Value Only for Phase 1 IKE Parameters Enter the ID of y...

Страница 271: ...dvanced Settings menu Field Description Alive Check Only for Phase 1 IKE Parameters Select the method to be used to check the functionality of the IPSec connection In addition to the default method De...

Страница 272: ...setup has failed This only affects locally initiated setup attempts Possible values are to seconds means the value in the default profile is used and means that the peer is never blocked The default v...

Страница 273: ...ofile This option can only be configured if certificates are loaded 14 1 3 Phase 2 Profiles You can define profiles for phase 2 of the tunnel setup just as for phase 1 In the VPN IPSec Phase 2 Profile...

Страница 274: ...minated as AES due to its fast key setup low memory requirements high level of secur ity against attacks and general speed Here it is used with a key length of 128 bits Rijndael has been nominated as...

Страница 275: ...2 with 512 bit hash length Note that RipeMD 160 and Tiger 192 are not available for mes sage hashing in phase 2 Depending on the hardware of your device some options may not be available Use PFS Group...

Страница 276: ...at which the phase 2 keys are to be regenerated The percentage entered is applied to both the lifetime in seconds and the lifetime in kBytes The default value is The menu Advanced Settings consists of...

Страница 277: ...0 Your device expects no heart beat from the peer but sends one itself 7 N 6 Your device expects a heartbeat from the peer and sends one itself Propagate PMTU Select whether the PMTU Path Maximum Tra...

Страница 278: ...essfully and be fore IKE Phase 2 begins If XAuth is used together with IKE Config Mode the transactions for XAuth are carried out before the transactions for IKE Config Mode 14 1 4 1 New Choose the Ne...

Страница 279: ...the user group of this XAUTH profile here by entering the authentication name of the client Name and the authentication password Password Add new members with Add 14 1 5 IP Pools In the IP Pools menu...

Страница 280: ...Sec Select whether you want to activate IPSec The function is enabled with 7 The function is active as soon as an IPSec Peer is configured Delete complete IPSec configuration If you click the icon del...

Страница 281: ...rates with older IPSec implementations The menu Advanced Settings consists of the following fields Fields in the Advanced Settings menu Field Description IPSec over TCP Determine whether IPSec over TC...

Страница 282: ...ication Select whether RADIUS authentication is to be activated via IPSec The function is enabled with 7 The function is disabled by default Fields in the PKI Handling Options menu Field Description I...

Страница 283: ...structuring of the internet A large number of reasons warrants the introduction of LIPS the main one being the quickly increasing number of mobile devices accessing the internet as well as local net w...

Страница 284: ...device inside of the LIPS Site with a private address This private address has to be unique across all interconnected LIPS Sites but does not have to be globally unique If an IP packet has to be rout...

Страница 285: ...ETR propagates EID RLOC entries for its LISP Sites and re ceives LISP data unwraps them and sends them to the devices specidied in the EID The menu VPN LISP Light Router ITR ETR Add Egress Tunnel Rout...

Страница 286: ...Resolver An Ingress Tunnel Router wraps the data packets into the inner and outer header and sends them to the adequate LISP site using the address contained in the RLOC The menu VPN LISP Light Router...

Страница 287: ...l network and can be reached without a tunnel Remote Sites are address spaces that can only be reached through a tunnel The menu VPN LISP Light Local Remote Sites displays a list of all established LI...

Страница 288: ...rver The default value is minutes Exclude EID prefix from tree If you intend to use a continuous address range keep the de fault setting 3 You can remove a sub range from an already created address ra...

Страница 289: ...stance consists of the following fields Fields in the menu LISP Instance Field Description Description Choose a name for the instance in order to distinguish it from other instances more easily Instan...

Страница 290: ...minutes Normally the server provides a value for the TTL time to live Here you can specify a value for the case that the server does not provide one Default TTL Mode 7 B or the server provided value...

Страница 291: ...c elmeg The configuration work for the SIF is comparatively straightforward with systems like Net work Address Translation NAT and IP Access Lists IPAL As SIF NAT and IPAL are active in the system sim...

Страница 292: ...are processed as follows The SIF first checks if an incoming packet can be assigned to an existing connection If so it is forwarded If the packet cannot be assigned to an existing connection a check...

Страница 293: ...ion They define the filter rules Trusted Interfaces and Untrusted Interfaces which are created by default and cannot be deleted If you use the Security Policy 3 all data packets are accepted You can c...

Страница 294: ...address is checked Destination Select one of the preconfigured aliases for the destination of the packet In the list all WAN LAN interfaces interface groups see Fire wall Interfaces Groups addresses s...

Страница 295: ...he first rule is executed This means that if the first rule denies a packet whereas a later rule allows it the packet is rejected A deny rule also has no effect if a relevant packet has previously bee...

Страница 296: ...e list all WAN LAN interfaces interface groups see Fire wall Interfaces IPv6 Groups adresses see Firewall Ad dresses Address List and address groups see Firewall Addresses Groups are available for sel...

Страница 297: ...n disable or enable the IPv4 firewall and can log its activities In addi tion you can define after how many seconds of inactivity a session shall be ended Note The IPv6 firewall is always active and c...

Страница 298: ...llows the same kind data traffic in a complete session In order to allow the data traffic of incomplete sessions you have to disable IPv4 Full Filtering STUN Handler Enable this option if you intend t...

Страница 299: ...is Fields in the Factory Reset Firewall Field Description Factory Reset Firewall Click Reset to reset the firewall to factory defaults 15 2 Interfaces 15 2 1 IPv4 Groups A list of all configured IPv4...

Страница 300: ...to set up new IPv6 interface groups The menu Firewall Interfaces IPv6 Groups New consists of the following fields Fields in the Basic Parameters menu Field Description Description Enter the desired de...

Страница 301: ...h subnet mask Enter an IP address range with a start and end address Address Subnet Only for IPv4 7 and Address Type 5 37 Enter the IP address of the host or a network address and the related netmask...

Страница 302: ...Possible values is selected by default Selection Select the members of the group from the available Addresses To do this activate the Fields in the Selection column 15 4 Services 15 4 1 Service List I...

Страница 303: ...displayed this means that the previously specified port number is verified If a port range is to be checked enter the upper limit here Possible values are to Source Port Range Only for Protocol 5 or...

Страница 304: ...for Type 3 7 Possible values 0 default value 9 7 7 7 7 9 3 2 9 2 B 0 7 3 2 0 7 15 4 2 Groups A list of all configured service groups is displayed in the Firewall Services Groups menu You can group to...

Страница 305: ...p Members Select the members of the group from the available service ali ases To do this activate the Fields in the Selection column 15 5 Configuration 15 5 1 SIF Configuration example Requirements In...

Страница 306: ...g that is not explicitly allowed is prohibited This means accurate planning of the filter rules and filter rule chain is necessary to en sure correct operation Overview of Configuration Steps Aliases...

Страница 307: ...oups Field Menu Value Description Gro Firewall Addresses ups New e g 7 IP Version Gro Firewall Addresses ups New Selection Gro Firewall Addresses ups New e g and Service Sets Field Menu Value Descript...

Страница 308: ...s IPv4 Filter Rules New Action Firewall Policies IPv4 Filter Rules New Source Location Firewall Policie s IPv4 Filter Rules New 9 H2 B Destination Firewall Policies IPv4 Filter Rules New 7 Service Fi...

Страница 309: ...all Policie s IPv4 Filter Rules New 0 Action Firewall Policies IPv4 Filter Rules New Filter rules 5 Allow access to the Internet Staff Field Menu Value Source Location Firewall Policie s IPv4 Filter R...

Страница 310: ...ationssitzung 16 1 Settings 16 1 1 Extensions Here you can configure the numbers of the terminal devices Extensions connected to the media gateway i e the numbers of the SIP terminals and the numbers...

Страница 311: ...nds on the device used Select analogue inter face Only for Interface Type 3 Select an analogue interface Possible values fxs5 1 fxs5 2 fxs5 3 default value fxs5 4 Registration Only for Interface Type...

Страница 312: ...registration e g connection to a Mi crosoft Exchange Communication Server the connection can be set up as a static host This requires you to specify the static IP address of the terminal Authenticati...

Страница 313: ...ec in the first position in the menu will be used if possible D3 0 The codecs are sorted by quality If possible the codec with the best quality is used 2 The codecs are sorted by required bandwidth If...

Страница 314: ...utgoing calls any remaining codecs are dropped from the list that would require more than the available bandwidth Fields in the Voice Quality Settings menu Field Description Echo Cancellation Select w...

Страница 315: ...at not only all SIP provider accounts are configured here but also direct dial in PBXs connected with the media gateway Note In no case should you use this menu to configure SIP extensions i e for SIP...

Страница 316: ...The SIP ac count has only one number The media gateway is operated as DDI client It is assigned a DDI The media gateway is operated as a DDI server so that DDI clients can connect 2 0 The media gatewa...

Страница 317: ...Possible values default value or Enter the Port via which the data is to be transported The default value is In SIP client mode The ports can be provider specific User Name In SIP client mode Enter th...

Страница 318: ...and the Registration function is dis abled An example of this method is Microsoft Exchange SIP If a registration is required it can be carried out in either of two ways With this option a single MSN i...

Страница 319: ...them the invite is ignored The option is not active per default TLS certificate check Only for DDI SIP trunk connections If a connection is encryp ted using TLS Transport Layer Security a validity ch...

Страница 320: ...e actual phone number from which the calls is initiated e g for billing purposes is displayed SIP Header Field P Asserted Not for Trunk Mode 11 The so called p asserted identity field is added to the...

Страница 321: ...st quality is used 2 2 The codecs are sorted by required band width If possible the codec with the lowest bandwidth re quirement is used 2 The codecs are sorted by required band width If possible the...

Страница 322: ...n the Voice Quality Settings menu Field Description Echo Cancellation Select whether echo cancellation should be used Echo cancellation is a technique to suppress echo feedback in voice communication...

Страница 323: ...e parameters Description 9 Parent Location 9 Type 1 Interfaces 9 9 is displayed Fields in the Registration behavior for VoIP subscribers without assigned loca tion menu Field Description Default Behav...

Страница 324: ...sses Only for Type Enter the IP addresses of the devices at the SIP locations Click Add to configure new addresses Enter the IP address or DNS name that you want under IP Ad dress DNS Name Also enter...

Страница 325: ...gnal the priority of IP packets indicated in binary format 6 bit The preconfigured value is E 3 Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets in...

Страница 326: ...ault value Point to Point TE connection telecom party line 3 B Point to Point NT connection for connection of a PABX Members Select the desired ISDN interfaces to be included with this party line You...

Страница 327: ...r Call Routing and the local extensions For calls that are to be routed via a particular provider SIP account you must configure a cor responding call routing entry Internal calls from internal ex ten...

Страница 328: ...ension You can specify an extension to which incoming calls are for warded if they cannot be assigned to an extension or connected PABX Dial Latency Enter the maximum delay time before the system assu...

Страница 329: ...le above if a user types in Q the device dials If the user wishes to call extension he types in Q The device dials A period at the end of the number indicates a complete number This is dialled immedia...

Страница 330: ...ion instructions included with the module 16 2 1 Call Routing Here you can define the conditions for the routing of calls Define a list with rules or rule chains that are used to manipulate the indica...

Страница 331: ...s the routing entry to the selected BRI interface 3 A restricts the routing entry to the selected SIP account 0 No restriction of the entry Calling Address You can restrict the application of the entr...

Страница 332: ...ated The rule is enabled with 7 The rule is active by default Line Choose the ISDN line PRI BRI or SIP account used for the outgoing call Called Address Trans lation Enter how the subscriber number is...

Страница 333: ...D Translation New menu consists of the follow ing fields Fields in the Basic Parameters menu Field Description Description Enter the name of the entry Calling Line Select the ISDN line or SIP account...

Страница 334: ...dress is used then Called Line 0 can be set Calling Address Trans lation Enter the transformation rule applied to the call numbers Notation a b i e a is replaced by b Every rule must be ended with a s...

Страница 335: ...2 3 1 Edit or New Choose the icon to edit existing entries Select the New button to create entries for call translation The VoIP Media Gateway Call Translation New menu consists of the following field...

Страница 336: ...laceholder for an arbitrary digit See Local Address and External Address must contain the same number of wildcards External Address Enter the external number e g ISDN MSN or SIP account sub scriber nu...

Страница 337: ...NS Each device in a TCP IP network is usually located by its IP address Because host names are often used in networks to reach different devices it is necessary for the associated IP address to be kno...

Страница 338: ...the DNS servers can resolve the name the information is forwarded and a dynamic entry created in the cache 4 Otherwise if a suitable Internet or dialin connection is selected as the standard inter fac...

Страница 339: ...mic cache is to be activated i e whether queried names for which a DNS server has sent a negative response are stored as negative entries in the cache The function is activated by selecting 7 The func...

Страница 340: ...ment menu Field Description As DHCP Server Select which name server addresses are sent to the DHCP cli ent if your device is used as DHCP server Possible values 9 No name server address is sent 2 defa...

Страница 341: ...c Parameters menu Field Description Admin Status Select whether the DNS server should be enabled The function is activated by selecting 7 The function is enabled by default Description Enter a descrip...

Страница 342: ...e IP version used Possible values is selected by default Primary IPv4 DNS Server Only if Interface Mode Enter the IPv4 address of the first name server for Internet ad dress name resolution Secondary...

Страница 343: ...assigned if a positive response is received to a DNS request If a negative response is received to a DNS re quest no address is specified The entry can also start with the wildcard e g bintec elmeg co...

Страница 344: ...onsists of the following fields Fields in the Forwarding Parameters menu Field Description Forward Select whether requests for a host or domain are to be forwar ded Possible values default value Host...

Страница 345: ...terface 9 Requests are forwarded to the specified DNS Server Interface Only for Forward to 1 Select the interface that has the DNS server assinged which is to receive the DNS requests Primary DNS Serv...

Страница 346: ...lid DNS packets received and ad dressed direct to your device DNS Requests Shows the number of valid DNS requests received and ad dressed direct to your device Cache Hits Shows the number of requests...

Страница 347: ...al Certificate Select a certificate that you want to use for the HTTPS connec tion Possible values default value Select this option if you want to use the certificate built into the device 1 A Under S...

Страница 348: ...ions for updating is displayed 17 3 1 1 New Choose the New button to set up further DynDNS registrations to be updated The menu Local Services DynDNS Client DynDNS Update New consists of the fol lowin...

Страница 349: ...tly configured is not to receive mail Ask your provider about this forwarding service and make sure e mails can be received from the host entered as MX Wildcard Select whether forwarding of all subdom...

Страница 350: ...ur provider for the path to be used Port Enter the port at which your device is to reach your provider s server Ask your provider for the relevant port The default value is Protocol Select one of the...

Страница 351: ...gns IP addresses to hosts in the LAN for a defined period of time A DHCP server also transfers the addresses of the domain name server entered statically or by PPP negotiation DNS NetBIOS name server...

Страница 352: ...CP pool is preconfigured with the IP addresses 192 168 0 10 to 192 168 0 49 and is used if there is no other DHCP server available in the network 17 4 2 1 Edit or New Choose the New button to set up n...

Страница 353: ...networks 5 0 The DHCP pool can be used for both kinds of requests Description Enter any description to uniquely identify the DHCP pool The menu Advanced Settings consists of the following fields Fiel...

Страница 354: ...Enter the IP address of the CAPWAP controller to be sent to the client This option enables you to send a client any URL Use this option to send querying IP1x0 telephones the URL of the provisioning se...

Страница 355: ...c values shall be transmitted for the DHCP server Possible values default value 7 APN Only f r Select vendor 7 Enter the Access Point Namen APN of the SIM card PIN Only f r Select vendor 7 Enter the P...

Страница 356: ...elect vendor To identify the device enter the manufacturer ID Custom DHCP Options Only f r Select vendor Use Add to add more entries You can add custom DHCP options 17 4 3 IP MAC Binding The Local Ser...

Страница 357: ...ess to be assigned to the MAC address spe cified in MAC Address is to be assigned MAC Address Enter the MAC address to which the IP address specified in IP Address is to be assigned 17 4 4 DHCP Relay...

Страница 358: ...dary DHCP Serv er Enter the IP address of an alternative BootP or DHCP server The default value is 17 4 5 DHCP Configuration example Requirements An optional DHCP server Example scenaria Example scena...

Страница 359: ...Example scenario as DHCP Client bintec elmeg GmbH 17 Local Services be IP 4isdn 345...

Страница 360: ...IP Pool Name Local Services DHCP Server IP Pool Configuration New e g IP Address Range Local Services DHCP Server IP Pool Configuration New e g and Interface Local Services DHCP Server DH CP Configur...

Страница 361: ...enu Value Primary DHCP Server Local Services DHCP Server DH CP Relay Settings e g Secondary DHCP Serv er optional Local Services DHCP Server DH CP Relay Settings if one exists 17 5 DHCPv6 Server You c...

Страница 362: ...derived from a General IPv6 Prefix c The DHCP Server option has to be enabled for the interface Moreover the following settings are recommended The options Preferred Lifetime and Valid Lifetime shoul...

Страница 363: ...Pv6 is disabled for all interfaces If the in tended interface is not offered for selection configure it accord ing to the requirements detailed in the introduction of this sec tion Configuration is do...

Страница 364: ...ually specify DNS servers and have them propagated to the clients To do this disable the option Use RA or Global Fallback DNS Server and create the desired DNS server entries using Add SNTP Server Her...

Страница 365: ...ower priority if the set of parameters in the ad vertisement provides more of the options requested by the cli ent A value of means not specified lowest priority de notes the highest priority Fields i...

Страница 366: ...sists of the following fields Fields in the menu Basic Parameters Field Description DUID Clients use the DUID field DHCP Unique Identifier in order to identify themselves and request an IP address fro...

Страница 367: ...device to receive and send faxes Note All incoming calls to the CAPI are offered to all registered and eavesdropping CAPI applications in the LAN In the ex works state a user with the user name 1 3 a...

Страница 368: ...the following fields Fields in the Basic Parameters menu Field Description Enable server Select whether your device is to be enabled as a CAPI server The function is activated by selecting 7 The funct...

Страница 369: ...initiator Activate the Schedule Interval option under Options to put the event scheduler into oper ation The system uses this time interval to check if at least one event has occurrred This triggers t...

Страница 370: ...list 4Description Only for Event List 9 2 Enter your chosen designation for the Event List Event Type Select the type of initiator Possible values default value The operations configured and assigned...

Страница 371: ...le whose defined value is to be configured as initiator First select the System in which the MIB variable is saved then the MIB Table and finally the MIB Variable itself Only the MIB tables and MIB va...

Страница 372: ...s C default value Incoming data traffic is monitored C Outgoing data traffic is monitored Interface Traffic Condi tion Only for Event Type 1 11 Select whether the value for data traffic must be defaul...

Страница 373: ...alue is Monitored Certificate Only for Event Type 1 1 Select the certificate whose validity should be checked Remaining Validity Only for Event Type 1 1 Indicate the remaining validity of the certific...

Страница 374: ...0 default value 3 0 Possible values for Condition Settings in Condition Type 0 The initiator becomes active daily default value 0 0 The initiator becomes active daily from Monday to Friday 0 3 0 The...

Страница 375: ...Basic Parameters Field Description Description Enter your chosen designation for the action Command Type Select the desired action Possible values 7 default value Your device is rebooted 5 9 The desi...

Страница 376: ...alues default value The operation is initiated if all events oc cur The operation is initiated if a single event occurs 9 The operation is triggered if no event occurs The operation is triggered if on...

Страница 377: ...ified if the initiator is active The value of the MIB variable is modified if the ini tiator is inactive The value of the MIB variable is differentially modified if the initiator status changes MIB Va...

Страница 378: ...ose status shall be changed Set status Only if Command Type 8 3 or 8 4 E Select the status for the wireless network Possible values default value Source Location Only if Command Type 1 2 Select the so...

Страница 379: ...iguration file is to be retrieved or on which the configuration file is to be backed up File Name For Command Type 1 2 Enter the file name of the software version Where Command Type 1 with Action 1 En...

Страница 380: ...y be read and modified In addition you can view the corresponding file clearly using Microsoft Ex cel for example The function is enabled by default Remote File Name Only if Command Type 1 3 For Actio...

Страница 381: ...ct the file to be copied Configuration contains certificates keys Only where Command Type 1 3 and Action 1 3 or 6 1 3 Select whether the certificates and keys contained in the config uration are to be...

Страница 382: ...address to be used as sender address for the ping test Possible values 3 default value The IP address of the interface over which the ping is sent is automatically entered as sender address 1 Enter th...

Страница 383: ...ommand Type 1 and Action 1 Select whether to overwrite a certificate already present on the your device with the new one The function is disabled by default Write certificate in con figuration Only wh...

Страница 384: ...ti fication authority Enter the password you received from the cer tification authority here Key Size Only where Command Type 1 and Action Select the length of the key to be created Possible values ar...

Страница 385: ...requency band scan WLC SSID Only where Command Type 8 4 E Select the wireless network administered over the WLAN con troller whose status should be changed Operation Mode Act ive Only where Command Ty...

Страница 386: ...Description Schedule Interval Select whether the schedule interval is to be enabled Enter the interval in seconds after which the system checks whether events have occured Possible values are to The v...

Страница 387: ...of Configuration Steps Daily reboot Field Menu Value Event List Local Services Scheduling Trigger New 9 2 Description Local Services Scheduling Trigger New e g 7 Event Type Local Services Scheduling...

Страница 388: ...1 8 9 1 Event Type Local Services Scheduling Trigger New Time Condition Local Services Scheduling Trigger New Condition Type Condition Settings 3 0 3 0 Start Time Local Services Scheduling Trigger New...

Страница 389: ...tions New Configuration backup Command Type Local Services Scheduling Actions New Configuration Manage ment Event List Local Services Scheduling Actions New Trigger configuration backup Event List Con...

Страница 390: ...w Choose the icon to edit existing entries Choose the New button to create additional monitoring tasks The menu Local Services Surveillance Hosts New consists of the following fields Fields in the Hos...

Страница 391: ...the packet sent to the host to be monitored Possible values 3 default value The IP address is determined automatically 1 Enter the IP address in the adjacent input field Interval Enter the time inter...

Страница 392: ...bled 7 disabled 7 default value reset or the con nection restablished With Action you can monitor the IP address that is specified under Monitored IP Address This information can be used for other fun...

Страница 393: ...the action defined in Interface is to be performed You can choose all physical and virtual interfaces as well as op tions 1 and 1 17 8 3 Ping Generator In the Local Services Surveillance Ping Generat...

Страница 394: ...behind a NAT enabled gateway UPnP enables mostly Windows based operating systems to take control of other devices with UPnP functionality on the local network These include gateways access points and...

Страница 395: ...equests from the local network and or whether the interface can be controlled via UPnP requests The menu Local Services UPnP Interfaces consists of the following fields Fields in the Interfaces menu F...

Страница 396: ...nce IPv6 data traffic is not registered by the Hotspot Gateway and therefore cannot be controlled The HotSpot Solution allows provision of public Internet accesses using WLAN or wired Ethernet The sol...

Страница 397: ...evice as hotspot gateway with active Internet access and configured hotspot server entries for login and accounting see menu System Manage ment Remote Authentication RADIUS New with Group Description...

Страница 398: ...Gateway menu you can configure the bintec elmeg gateway installed onsite for the Hotspot Solution A list of all configured hotspot networks is displayed in the Local Services HotSpot Gateway HotSpot...

Страница 399: ...the Hotspot server can distinguish between the different cli ents customers Walled Garden Enable this function if you want to define a limited and free area of websites intranet The function is not a...

Страница 400: ...ot Solution Language for login window Here you can choose the language for the start login page The following languages are supported 3 T U 3 3V and 9 The language can be changed on the start login pa...

Страница 401: ...is enabled by default Default Idle Timeout Enable or disable the Default Idle Timeout If a hotspot user does not trigger any data traffic for a configurable length of time they are logged out of the h...

Страница 402: ...rule chains in the menu Access Rules 17 11 1 Wake On LAN Filter The menu Local Services Wake On LAN Wake On LAN Filter displays a list of all the WOL filters that have been configured 17 11 1 1 Edit o...

Страница 403: ...filter Destination IPv4 Ad dress Netmask Enter the destination IPv4 address of the data packets and the corresponding netmask Possible values 0 default value The destination IP address netmask are not...

Страница 404: ...ed Enter the source IP address of the host 9 2 B Enter the source network address and the corres ponding netmask Source IPv6 Address Length Enter the source IPv6 address of the data packets and the pr...

Страница 405: ...signal the priority of IP packets indicated in hexadecimal format 0 E 3 The TOS value is specified in binary format e g 00111111 E 3 The TOS value is specified in decimal format e g 63 6 E 3 The TOS v...

Страница 406: ...N Filter Select a WOL filter If the rule chain is new select the filter to be set at the first point of the rule chain If the rule chain already exists select the filter to be attached to the rule cha...

Страница 407: ...his device here The device is only enabled if the MAC address and password are correct 17 11 3 Interface Assignment In this menu the configured rule chains are assigned to individual interfaces which...

Страница 408: ...created file is displayed and you can either delete ot save it as a PCAP file 17 12 2 Trace VoIP SIP The menu Trace VoIP SIP allows you to capture VoIP SIP messages at various levels and save them to...

Страница 409: ...menu you are presented with a list of all active configuration sessions Fields in the manu Log out Users Field Description Class Dislays the class the signed on user belongs to User Displays the user...

Страница 410: ...t Ping Mode For link local addresses select the interface to be used for the ping test 1 3 can be used for global addresses Pressing the Go button starts the ping test The Output field displays the pi...

Страница 411: ...t a software update Every new system software includes new features better performance and any necessary bugfixes from the previous version You can find the current system software at www bintec elmeg...

Страница 412: ...mat of the configuration file allows encryption and ensures compatibility when restoring the configuration on the gateway in various system software versions This is a CSV format which can be read and...

Страница 413: ...displayed in which you can select the storage location on your PC and enter the de sired file name 1 3 Under Filename select a config uration file you want to import Please note Click Go to first load...

Страница 414: ...on from the RAM is transferred to your local host If you click the Go button a dialog box is dis played in which you can select the storage location on your PC and enter the desired file name 5 Occasi...

Страница 415: ...ile Name Only for Action 0 1 3 Enter the name of the copy Select file Only for Action 1 3 1 3 or 1 2 51 2 Select the file or configuration to be renamed or deleted New File Name Only for Action 1 3 En...

Страница 416: ...og in Pay attention to the LEDs on your device For information on the meaning of the LEDs see the Technical Data chapter of the manual Note Before a reboot make sure you confirm your configuration cha...

Страница 417: ...ternal PCs for storage and processing e g to the system ad ministrator s PC The syslog messages saved internally on your device are lost when you reboot Warning Make sure you only pass syslog messages...

Страница 418: ...to which syslog messages are passed Level Select the priority of the syslog messages that are to be sent to the host Possible values 0 highest priority 8 9 1 default value 73 lowest priority Syslog me...

Страница 419: ...k connections is often collected for commercial reasons This inform ation is extremely important for Internet Service Providers that bill their customers by data volume However there are also non comm...

Страница 420: ...ting messages The messages can contain character strings in any order sequences separated by a slash e g W or W or defined tags Possible format tags Format tags for IP Accounting messages Field Descri...

Страница 421: ...ds Fields in the Add Edit Alert Recipient menu Field Description Alert Service Displays the alert service You can select an alert service for devices with UMTS Possible values E mail SMS Recipient Ent...

Страница 422: ...cters Bear in mind that without the use of wildcards e g only those strings that correspond exactly to the entry fulfil the condition The Matching String entered therefore usually contains wildcards T...

Страница 423: ...the inter face The function is enabled with 7 The function is enabled by default Maximum E mails per Minute Limit the number of outgoing mails per minute Possible values are to the default value is Fi...

Страница 424: ...Authentication 1 Enter the address of the server from which the e mails are to be retrieved POP3 Timeout Only if SMTP Authentication 1 Enter how long the router must wait after the POP3 call before it...

Страница 425: ...3410 3418 19 4 1 SNMP Trap Options In the event of errors a message known as a trap packet is sent unrequested to monitor the system In the External Reporting SNMP SNMP Trap Options menu you can confi...

Страница 426: ...SNMP Trap Hosts In this menu you specify the IP addresses to which your device is to send the SNMP traps In the External Reporting SNMP SNMP Trap Hosts menu a list of all configured SN MP trap hosts i...

Страница 427: ...g SIA SIA you can create and download a file that provides extensive support information about the status of your device like e g the current configuration available memory uptime etc bintec elmeg Gmb...

Страница 428: ...hanged in the System Management Global Settings System menu Values in the System Messages list Field Description No Displays the serial number of the system message Date Displays the date of the recor...

Страница 429: ...eer Local IP Address Shows the WAN IP address of your device Remote IP Address Shows the WAN IP address of the connection partner Local ID Shows the ID of your device for this IPSec tunnel Remote ID S...

Страница 430: ...and the maximum number of licenses usable Maximum Fields in the Peers menu Field Description Status Displays the number of IPSec tunnels by their current status Up Currently active IPSec tunnels Goin...

Страница 431: ...the existing ISDN con nections incoming and outgoing is displayed Values in the Current Calls list Field Description Service Displays the service to or from which the call is connected C Remote Numbe...

Страница 432: ...Start Time Displays the time at which the call was made or received Duration Displays the duration of the connection 20 4 Interfaces 20 4 1 Statistics In the Monitoring Interfaces Statistics menu cur...

Страница 433: ...s the name of the interface MAC Address Displays the interface text IP Address Netmask Shows the IP address and the netmask NAT Indicates if NAT is activated for this interface Tx Packets Shows the to...

Страница 434: ...bridges are shown Values in the br x list Field Description MAC Address Shows the MAC addresses of the associated bridge Port Shows the port on which the bridge is active 20 6 HotSpot Gateway 20 6 1 H...

Страница 435: ...face Shows the interface for which QoS has been configured QoS Queue Shows the QoS queue which has been configured for this inter face Send Shows the number of sent packets with the corresponding pack...

Страница 436: ...ich the latter behaves like a wireless adapter vis a vis the higher level AP With an AP run in client mode individual computers or en tire sub networks can be connected to higher level networks Access...

Страница 437: ...ue signals are used to transmit data They are more suscept ible to errors than digital signals Analogue terminals Terminals that transmit voice and other information analogously e g telephones fax mac...

Страница 438: ...d party depending on the provider service QoS ATM Asynchronous Transfer Mode ATM is a data transmission techno logy in which the data traffic is coded in small packets called cells or slots with a fix...

Страница 439: ...of connection is often abbreviated to BRI A basic rate interface includes two basic channels B channels each with 64 kbps and one control and signalling channel D channel with 16 kbps There are two o...

Страница 440: ...the other conversa tion BRRP BRRP is an implementation of the Virtual Router Redundancy Pro tocol VRRP The aim of the method is to compensate for the fail ure of the default gateway Multiple routers a...

Страница 441: ...protec tion When call waiting protection is enabled other callers are not sig nalled on the terminal The caller hears the engaged tone Callback on Busy See Automatic callback on busy CCBS Callback on...

Страница 442: ...ined to increase data throughput CHAP The Challenge Handshake Authentication Protocol CHAP is an au thentication protocol for PPP connections As well as the standard CHAP Microsoft also has the varian...

Страница 443: ...onfiguration refers to all of a device s settings It is stored in ternally in MIB tables This data can be backed up loaded and de leted externally The configuration is edited using the HTTP S user int...

Страница 444: ...andard route Default route The default route is used when no other suitable route is available Default router See Default gateway Deffie Hellman Diffie Hellman is a public key algorithm for negotiatin...

Страница 445: ...int to point It is used to connect a PBX A main phone number and a number block are issued Each of the numbers in the number block is called a direct dial exception Example Main number 1234 num ber bl...

Страница 446: ...ssing is slower DSCP Data packets can be marked with a Differentiated Services Code point DSCP DSCP values classify data packets in such a way that important packets can be routed through the network...

Страница 447: ...ISDN Exchange access right The telephone system distinguishes between the following ex change access rights Unlimited Any international national or in ternal connection is permitted National long dis...

Страница 448: ...briefly to start certain functions such as inquiries Follow me Follow me is a performance feature This function can be used to route incoming calls from a different extension to one s own termin al F...

Страница 449: ...kbit s There are two different coding methods I 366 and X 420 G 729 G 729 is an audio codec Audio signals from the frequency range between 300 Hz and 2400 Hz are passed with a sampling rate of 16 kHz...

Страница 450: ...ream 200 Mbit s upstream G DMT See F 992 1 G Lite See F 992 2 G SHDSL See G 991 2 Gateway The gateway is a network component for connecting different types of network GPRS General Packet Radio Service...

Страница 451: ...hold without breaking the connection inquiry brokering A distinction is drawn between holding the con nection in the PBX holding in the system and holding in the switch board or by the SIP provider Ho...

Страница 452: ...ns The IKE process runs in two phases During phase 1 the IKE subscribers authenticate them selves to one another and establish a secure channel In phase 2 the two IPSec subscribers negotiate the SAs T...

Страница 453: ...et Protocol IP in the form of a tunnel VPN The protocol number for IPSec depends on the protocol used The Authentification Header AH uses protocol number 51 while the Encapsulating Security Payload ES...

Страница 454: ...d the L2TP network server LNS The LAC establishes the connections to the LNS and man ages them The authorisation is regulated using a network access server NAS which can be implemented in the LAC or L...

Страница 455: ...ansmission rate of 300 Mbit s MAC address The Media Access Control address MAC address is the hardware address of the network adapter and is used to identify the device at the hardware level Main Mode...

Страница 456: ...electronic device that converts digital signals to fre quency signals in order to distribute data in a wired or wireless net work MOH See Music on hold MPDU The MAC Protocol Data Unit MPDU refers to...

Страница 457: ...F is a signalling method for automatic telephone routing Key inputs are represented by overlaid sinusoid al signals See also Pulse dialling Multilink With multilink multiple interfaces PPP PPPoE are c...

Страница 458: ...nector is called a TAE with an analogue connection an NTBA with the basic ISDN connection and NTPMGF with the ISDN Primary Rate Interface In the NT operation the gateway is connected to the PABX s ext...

Страница 459: ...procedures on an in ternal terminal that is not part of active call allocation PIM The Protocol Independent Multicast PIM enables the dynamic rout ing of multicast packets on the Internet PIN A person...

Страница 460: ...ption Example Point to point connection number 1234 number block 1 99 numbers of the individual extensions 1234 1 1234 2 1234 3 See also Point to multipoint connection Pool An address pool is a collec...

Страница 461: ...o called a PRI or S2Minterface A Primary Rate Interface offers 30 user channels B channels each with 64 kbits s in Europe and 23 in the USA one control channel D channel with 64 kbits s and one synchr...

Страница 462: ...Control is used where necessary to reduce the size of data packets during a telephone conversation so that voice packets are not blocked Registrar The SIP server registrar needs to be used in case th...

Страница 463: ...ertisements are messages that the router sends to the network They announce the presence of the router in the network Router announcements are also used to issue prefixes organise the autoconfiguratio...

Страница 464: ...of databases These are the Security Policy Database SPD and the Security Association Database SAD The SAD receives information about every security connection That is which encryption algorithms keys...

Страница 465: ...as a point to multipoint connection It is used to connect VoIP terminals Multiple subscriber numbers MSNs are provided See also Direct dial in VoIP SIP The Session Initiation Protocol is a network pro...

Страница 466: ...data and telephone lines SRTP The Secure Real Time Transport Protocol SRTP is the variant of the Real Time Transport Protocol RTP that is encrypted using AES SSH Secure Shell SSH is a network protocol...

Страница 467: ...ograms on a PC Subnet A sub network in an IP network is known as a subnet A subnet is defined like a normal network via an IP address and sub netmask IPv4 and prefix length IPv6 Example 192 168 1 250...

Страница 468: ...CP The Transmission Control Protocol TCP is a connection oriented protocol It works on the transport layer of the OSI model With a connection oriented protocol a logical connection is established be f...

Страница 469: ...e service The Time protocol is used to synchronise the date and time The protocol uses port 37 via TCP and UDP Time slot A time slot is a period of time which is permanently assigned within a transmis...

Страница 470: ...esses that are not routed They can be used in private networks e g a LAN ULAs begin with the prefix fd UMTS The Universal Mobile Telecommunications System UMTS also known as 3G is a mobile communicati...

Страница 471: ...ransmitting of voice via an IP network The telephone is connected and disconnected using signalling protocols e g SIP VPN A virtual private network VPN is used to transport private data packets throug...

Страница 472: ...ccess WPA is an encryption protocol for WLANs WPA 2 uses AES WPA Enterprise With WPA 1 2 WPA Enterprise enables subscribers to be authen ticated using the Extensible Authentication Protocol EAP After...

Страница 473: ...sms to IKE After a successful phase 1 authentication the user can be separately identified again The identifying is done using the username and password PAP CHAP or hardware based systems Zone A zone...

Страница 474: ...s 199 Allowed Addresses 130 Allowed HotSpot Client 386 Always on 201 209 214 APN 341 ARP Processing 125 Assigned Wireless Network VSS 117 Associated Line 321 ATM Interface 223 ATM PVC 214 ATM Service...

Страница 475: ...54 167 172 176 182 187 190 201 209 214 223 237 243 252 259 264 285 286 287 288 289 291 296 301 309 312 316 319 321 327 338 343 356 361 388 392 Destination 280 282 Destination Address Length 147 Destin...

Страница 476: ...active 151 Generate Private Key 72 Generation Mode 97 207 219 Grace time 133 Group Description 61 163 164 Group ID 376 High Priority Class 176 Host 330 Host Name 334 IGMP Proxy 197 IGMP Snooping 125 I...

Страница 477: ...Burst Size MBS 227 Maximum Downstream Bandwidth 309 Maximum Number of Dialup Retries 207 212 219 Maximum Response Time 196 Maximum Upload Speed 179 182 233 Maximum Upstream Bandwidth 309 Members 285 2...

Страница 478: ...S Server 327 Prioritisation Algorithm 179 Prioritize TCP ACK Packets 207 212 219 226 Priority 61 182 318 327 Priority Queueing 182 Propagate PMTU 262 Proposals 252 259 Protocol 155 167 172 187 243 289...

Страница 479: ...y 407 Short Guard Interval 123 Short Retry Limit 123 Silent Deny 192 SIP Endpoint IP Address 296 301 SIP Header Field FROM Display 305 SIP Header Field FROM User 305 SIP Header Field P Asserted 305 SI...

Страница 480: ...iption 341 341 Vendor ID 341 341 Vendor Mode 61 Vendor Option String 341 Vendor Specific Information DHCP Op tion 43 339 Version Check 361 Virtual Channel Connection VCC 227 230 Virtual Channel Identi...

Страница 481: ...on 417 418 DNS domains search list 350 DNS Requests 332 DNS Server 351 Domain Name 325 Done 139 Drop non members 103 Drop untagged frames 103 Dropped 416 421 DSA Key Status 56 Duration 417 418 Dynamic...

Страница 482: ...ions 55 Maximum Number of Syslog Entries 38 Maximum Sources 198 Maximum TTL for Negative Cache Entries 325 Maximum TTL for Positive Cache Entries 325 Media Gateway Status 312 Media Stream Termination...

Страница 483: ...112 SMS Device 410 SMTP Authentication 409 SMTP Port 409 SMTP Server 409 SNMP Listen UDP Port 58 SNMP multicast discovery 58 SNMP Read Community 42 SNMP Trap Broadcasting 411 SNMP Trap Community 411...

Страница 484: ...l Translation 320 Certificate List 70 Certificate Servers 78 CLID Translation 319 Client Management 136 Controlled Interfaces 233 CRLs 77 Current Calls 417 Date and Time 42 DHCP Configuration 338 DHCP...

Страница 485: ...s 329 Statistics 332 418 Syslog Servers 403 System 38 System Licences 46 System Messages 414 System Reboot 402 Telnet 53 Traceroute Test 396 Trigger 355 User 353 Users 68 VLANs 102 Wake On LAN Filter...

Страница 486: ...2 3 75 A Access via LAN 24 ADSL Line Profile 89 Assistants 35 Authentication key 271 Autoconfiguration on Bootup 82 B Basic configuration 16 Basic settings in ex works state 9 Bearer Service 85 C Con...

Страница 487: ...balancing Configuration example 169 Local Services 323 M Map Resolver IP Address 272 Map Server IP Address 271 Map Register time period in sec 271 272 Map Resolver IP Address 274 Maximum number of cac...

Страница 488: ...Switch Port 80 System Management 36 System requirements 16 Systemsoftware 16 T Time controlled Tasks Configuration example 372 Transmit Shaping 88 U Upstream 87 User access 21 V VPN 235 W Wall mounti...

Отзывы:

Нет отзывов

Похожие инструкции для be.IP 4isdn

Бренд: ABB Страницы: 44

Бренд: TENA Страницы: 40

Бренд: Raymarine Страницы: 84

Бренд: Net2Phone Страницы: 129

Бренд: L&S Страницы: 28

Бренд: ViewSonic Страницы: 58

AirPoint AAP-1011-BYMG

Бренд: Arrive Страницы: 31

Бренд: Gardena Страницы: 2

Бренд: Fluke Страницы: 20

Бренд: Exegin Страницы: 84

Бренд: ZyXEL Communications Страницы: 53

Бренд: ZyXEL Communications Страницы: 307

Бренд: Arris Страницы: 228

ProtoNode FPC-N34

Бренд: Laars Страницы: 44

Бренд: AWB Страницы: 215

HomeConnect 3CRWE50194

Бренд: 3Com Страницы: 61

CT.TS005.002606

Бренд: Talkswitch Страницы: 29

Бренд: Zennio Страницы: 34

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды