BinTec RS120 Скачать руководство пользователя страница 360 | Manualshive

Страница: 360 / 573

background image

15.1.4 XAUTH Profiles

In the XAUTH Profiles menu a list of all XAUTH profiles is displayed.

Extended Authentication for IPSec (XAuth) is an additional authentication method for IPSec
tunnel users.

The gateway can take on two different roles when using XAuth as it can act as a server or
as a client:

• As a server the gateway requires a proof of authorisation.

• As a client the gateway provides proof of authorisation.

In server mode multiple users can obtain authentication via XAuth, e.g. users of Apple
iPhones. Authorisation is verified either on the basis of a list or via a Radius Server. If using
a one time password (OTP), the password check can be carried out by a token server (e.g.
SecOVID from Kobil), which is installed behind the Radius Server. If a company's
headquarters is connected to several branches via IPSec, several peers can be configured.
A specific user can then use the IPSec tunnel over various peers depending on the assign-
ment of various profiles. This is useful, for example, if an employee works alternately in dif-
ferent branches, if each peer represents a branch and if the employee wishes to have on-
site access to the tunnel.

XAuth is carried out once IPSec IKE (Phase 1) has been completed successfully and be-
fore IKE (Phase 2) begins.

If XAuth is used together with IKE Config Mode, the transactions for XAuth are carried out
before the transactions for IKE Config Mode.

15.1.4.1 New

Choose the New button to create additional profiles.

Fig. 127:

VPN

->

IPSec

->

XAUTH Profiles

->

New

15 VPN

bintec elmeg GmbH

346

bintec RS Series

«
...
358
359
360
361
362
...
»

Содержание RS120

Страница 1: ...Manual bintec RS Series Reference Copyright Version 9 0 2014 bintec elmeg GmbH bintec elmeg GmbH Manual bintec RS Series 1...

Страница 2: ...u must monitor the product in order to avoid unwanted charges bintec elmeg GmbH accepts no re sponsibility for data loss unwanted connection costs and damage caused by unintended operation of the prod...

Страница 3: ...4 3 2 bintec RS120 and bintec RS120wu 15 3 2 1 Setting up and connecting 15 3 2 2 Connectors 17 3 2 3 Antenna connectors 18 3 2 4 LEDs 19 3 2 5 Scope of supply 21 3 2 6 General Product Features 21 3 2...

Страница 4: ...Ethernet interface 44 3 6 3 ADSL interface 45 3 6 4 ISDN S0 port 46 3 6 5 USB interface 46 3 7 Inserting the SIM card 47 3 8 Support information 48 3 9 WEEE information 49 Chapter 4 Basic configuratio...

Страница 5: ...1 2 Access via the Serial Interface 63 5 1 3 Access over ISDN 65 5 2 Login 65 5 2 1 User names and passwords in ex works state 66 5 2 2 Logging in for Configuration 66 5 3 Configuration options 67 5...

Страница 6: ...118 7 6 1 Access Profiles 118 7 6 2 Users 122 7 7 Certificates 126 7 7 1 Certificate List 126 7 7 2 CRLs 135 7 7 3 Certificate Servers 137 Chapter 8 Physical Interfaces 138 8 1 Ethernet Ports 138 8 1...

Страница 7: ...S 186 10 1 3 WDS Links 193 10 1 4 Client Link 196 10 2 Administration 199 10 2 1 Basic Settings 200 Chapter 11 Networking 201 11 1 Routes 201 11 1 1 IPv4 Route Configuration 201 11 1 2 IPv4 Routing Ta...

Страница 8: ...248 11 6 1 Drop In Groups 248 Chapter 12 Routing Protocols 252 12 1 RIP 252 12 1 1 RIP Interfaces 252 12 1 2 RIP Filter 254 12 1 3 RIP Options 257 Chapter 13 Multicast 260 13 1 General 261 13 1 1 Gene...

Страница 9: ...rfaces 313 Chapter 15 VPN 315 15 1 IPSec 315 15 1 1 IPSec Peers 316 15 1 2 Phase 1 Profiles 332 15 1 3 Phase 2 Profiles 341 15 1 4 XAUTH Profiles 346 15 1 5 IP Pools 348 15 1 6 Options 349 15 2 L2TP 3...

Страница 10: ...385 16 4 Services 386 16 4 1 Service List 386 16 4 2 Groups 388 Chapter 17 VoIP 390 17 1 SIP 390 17 1 1 Options 390 17 2 RTSP 391 17 2 1 RTSP Proxy 391 Chapter 18 Local Services 393 18 1 DNS 393 18 1...

Страница 11: ...Filter 416 18 5 1 General 417 18 5 2 Filter List 419 18 5 3 Black White List 421 18 5 4 History 422 18 6 CAPI Server 422 18 6 1 User 422 18 6 2 Options 424 18 7 Scheduling 425 18 7 1 Trigger 425 18 7...

Страница 12: ...3 2 VR Synchronisation 473 18 13 3 Options 475 Chapter 19 Maintenance 476 19 1 Diagnostics 476 19 1 1 Ping Test 476 19 1 2 DNS Test 477 19 1 3 Traceroute Test 477 19 2 Software Configuration 478 19 2...

Страница 13: ...499 21 1 1 System Messages 499 21 2 IPSec 500 21 2 1 IPSec Tunnels 500 21 2 2 IPSec Statistics 502 21 3 ISDN Modem 503 21 3 1 Current Calls 503 21 3 2 Call History 504 21 4 Interfaces 505 21 4 1 Stat...

Страница 14: ...21 8 1 QoS 516 Glossary 518 Index 546 Table of Contents bintec elmeg GmbH xii bintec RS Series...

Страница 15: ...up your device within a few minutes from a Windows PC with the help of a Configuration Wizard and how to install other useful online assistants At the end of the chapter you will be in a position to s...

Страница 16: ...ers easy to use func tions and a comprehensive overview of devices their parameters and files By using SNMP multicast all of the devices in your local network can be located irrespect ive of their cur...

Страница 17: ...the basic func tions on your device Reset This chapter explains how to reset your device to the ex works state Technical data This section contains a description of all the device s technical propert...

Страница 18: ...following visual aids List of visual aids Symbol Use Indicates practical information Indicates general and important points Indicates a warning of risk level Attention points out possible dangers tha...

Страница 19: ...s written bold e g Windows Start menu Indicates keys key combinations and Windows terms bold e g Licence Key Indicates fields italic e g Indicates values that you enter or that can be configured Onlin...

Страница 20: ...please contact our bintec elmeg service Incorrect cabling of the ISDN and ETH interfaces may also damage your device Con nect only the ETH interface of the device to the LAN interface of the computer...

Страница 21: ...Connect the first switch port ETH1 yellow connector your device through the sup plied Ethernet cable to your LAN to configure the device The device automatically detects whether It is connected to a...

Страница 22: ...vices are optionally equipped with straps in the housing on the wall as a table top unit or for installation in 19 inch cabinet Use as a table top device Attach the four self adhesive feet on the bott...

Страница 23: ...te 10 100 1000 Base T Ethernet interfaces 4 BRI black SFP Slot for 10 100 1000 Mbit s Ethernet SFP module optional 5 USB USB connection type A 6 USB CONSOLE USB console type B 7 FUNCTION Function butt...

Страница 24: ...r device provide information about specific activities and states of the device The LEDs are arranged as follows Fig 5 Arrangement of the LEDs LED status display LED Farbe Status Information POWER gre...

Страница 25: ...ACT green on Ethernet connection established green flashing Data traffic via Ethernet off No Ethernet connection LAN 1 bis 4 Speed green on 1000 Mbits transfer rate orange on 100 Mbits transfer rate...

Страница 26: ...ISDN cable black Power cable 19 Mounting frame Screws 2 exteral WLAN an tenna Ethernet cable yellow xDSL cable Type 2 gray ISDN cable black Power cable 19 Mounting frame Screws 2 external LTE UMTS an...

Страница 27: ...he device 4 7 Watt Voltage supply AC 100 bis 240 V 50 bis 60 Hz Environmental requirements Storage temperature 25 C to 70 C Operating temperature 0 C to 40 C Relative atmospheric humidity 10 to 95 non...

Страница 28: ...t yellow RJ45 socket yellow Ethernet interface RJ45 socket white RJ45 socket white RJ45 socket white VDSL ADSL RJ45 socket gray RJ45 socket gray RJ45 socket gray ISDN BRI interface RJ45 socket black R...

Страница 29: ...50 3 2 bintec RS120 and bintec RS120wu 3 2 1 Setting up and connecting Note All you need for this are the cables and antennas supplied with the equipment Caution The use of the wrong mains equipment...

Страница 30: ...base 3 Mains connection Connect the device to a mains socket using the mains device supplied You can set up further connections as required DMZ Connect the WAN interface ETH white connector of your d...

Страница 31: ...evel base Wallmounting To attach the devices bintec RS120x to the wall use the brackets on the back of the hous ing Warning Before drilling make sure that there are no building installations where you...

Страница 32: ...t interface 3 ETH5 white 10 100 1000 Base T Ethernet interface 4 ETH5 white SFP Slot for 10 100 1000 mbps Ethernet SFP modules optional 5 USB USB connector 6 CONSOLE Serial interface 7 RESET Reset but...

Страница 33: ...tion for your device LED status display LED Colour Status Information POWER green on The power supply is connected off No power supply STATUS green on After switching on The device has started During...

Страница 34: ...e WAN at 100 mbps off The device is connected to the LAN at 10 mbps or there is no data traffic SFP green on SFP connection is active off No connector flashing Data traffic via the SFP interface WLAN...

Страница 35: ...Companion DVD Dime Manager on DVD Documentation Quick Install Guide and safety no tices printed Quick Install Guide and safety no tices printed Online documentation User s Guide Workshops MIB referenc...

Страница 36: ...ud rates 1200 to 115200 Baud Permanently installed supports Baud rates 1200 to 115200 Baud Ethernet IEEE 802 3 LAN 4 port switch Permanently installed twisted pair only 10 100 1000 mbps auto sensing M...

Страница 37: ...D NAT SIF MPPE Encryption PPTP En cryption VPN with PPTP or IPSec 3 2 7 Reset If the configuration is incorrect or if your device cannot be accessed you can reset the device to the ex works standard s...

Страница 38: ...uld only use the power supply unit provided If you require foreign adapters mains units please contact our bintec elmeg service Incorrect cabling of the ISDN and ETH interfaces may also damage your de...

Страница 39: ...tandard configuration of your device via Ethernet connect the first switch port 1 yellow connector of your device to your LAN using the Ethernet cable yellow cable supplied The device automatically de...

Страница 40: ...I Chapter Basic configuration on page 50 provides a detailed step by step guide to the basic functions on your device Installation The access points can be fitted to the wall using brackets or can use...

Страница 41: ...Ethernet interface 3 ETH5 white 10 100 1000 Base T Ethernet interface 5 USB USB connector 6 CONSOLE Serial interface 7 RESET Reset button 8 POWER Socket for plug in power pack 9 WLAN ANT1 ANT2 ANT3 RS...

Страница 42: ...ation for your device LED status display LED Colour Status Information POWER green on The power supply is connected off No power supply STATUS green on After switching on The device has started During...

Страница 43: ...e WAN at 100 mbps off The device is connected to the LAN at 10 mbps or there is no data traffic ADSL green on DSL connection is active off No connector flashing Data traffic via the DSL interface WLAN...

Страница 44: ...able for Annex A grey Mains unit 3 external WLAN an tenna Ethernet cable yellow ADSL cable for Annex A grey Mains unit 2 external UMTS an tenna Software Companion DVD Dime Manager on DVD Companion DVD...

Страница 45: ...rnet 3x Func tion Power consumtion of the device 4 7 Watt 4 7 Watt 4 7 Watt Voltage supply 12 V DC 500 mA EU PSU 12 V DC 800 mA EU PSU 12 V DC 800 mA EU PSU Environmental re quirements Storage tempera...

Страница 46: ...pair only 10 100 1000 mbps auto sensing MDIX WLAN interface antennas 802 11a b g h with an tenna diversity data rates of 1 2 5 5 6 9 11 12 18 24 36 48 54 mbps 802 11n data rates up to 300 mbps UMTS G...

Страница 47: ...s standard settings using the Reset button on the back of the device All the existing data will be deleted if you do this Proceed as follows 1 Switch off your device 2 Press the Reset button on your d...

Страница 48: ...r hub or a WAN interface if available and the ISDN interface of the device only to the ISDN con nection Note If you connect an unconfigured device to an ISDN connection in parallel to a PBX the PBX ca...

Страница 49: ...p further connections as required ISDN Connect the ISDN interface BRI black connector of the device to your ISDN socket us ing the ISDN cable black cable provided DMZ Connect the WAN interface ETH whi...

Страница 50: ...Kensington Lock The devicesoffer the option to fit a Kensington Lock The opening required for this can be found on the right side of the housing 3 4 2 Connectors bintec RS232j bintec RS232jw and bint...

Страница 51: ...nnectors The devices bintec RS232jw have 3 connectors for the external WLAN antenna The devices bintec RS232j 4G have two connectors for the external UMTS LTE antenna SMA connectors The assignment of...

Страница 52: ...a traffic via the LAN interface off No connector Ethernet 1 to 4 SPEED green on The device is connected to the LAN at 1000 mbps orange on The device is connected to the LAN at 100 mbps off The device...

Страница 53: ...flashing At least one B channel is active You can determine the status of the router in BRRP operation with the aid of the status LED LED BRRP display LED Colour Status Information STATUS green lights...

Страница 54: ...4 6 General Product Features The general product features cover performance features and the technical prerequisites for installation and operation of your device The features are summarised in the f...

Страница 55: ...terface V 24 Permanently installed supports Baud rates 1200 to 115200 Baud Permanently installed supports Baud rates 1200 to 115200 Baud Permanently installed supports Baud rates 1200 to 115200 Baud E...

Страница 56: ...l for all EU states SAFERNET TM Se curity Technology Community passwords PAP CHAP MS CHAP MS CHAP v 2 PPTP PPPoE PPPoA Call back Access Control Lists CLID NAT SIF MPPE Encryption PPTP Encryption VPN w...

Страница 57: ...hed five times release the Reset button Note If you delete the boot configuration via the GUI menu Maintenance Software Configuration all passwords are also reset and the current boot configuration is...

Страница 58: ...ith integrated 4 port switch This is used to con nect individual PCs or other switches The connection is made via an RJ45 connector yellow The devices also have a fifth Eth ernet interface white Fig 2...

Страница 59: ...on and RJ 11 plug for connection to the ADSL splitter is re quired cable included For Annex B J bintec RS232j bintec RS232jw and bintec RS232j 4G a cable with RJ 11 plug for the device connection and...

Страница 60: ...or the ISDN S0 BRI interface RJ45 socket is as follows RJ45 socket for ISDN connection Pin Position 1 Not used 2 Not used 3 Transmit 4 Receive 5 Receive 6 Transmit 7 Not used 8 Not used 3 6 5 USB inte...

Страница 61: ...ot To do this push the card lock in the direction of the arrow and lift the card slot slightly Make sure that that contacts on the SIM card are facing downwards Push the SIM card into the card slot so...

Страница 62: ...tre can be reached Monday to Friday between the hours of 9 am and 5 pm They can be contacted as follows International Support Coordina tion Telephone 49 911 9673 0 Fax 49 911 688 0725 For detailed inf...

Страница 63: ...3 9 WEEE information bintec elmeg GmbH 3 Installation bintec RS Series 49...

Страница 64: ...Presettings 4 1 1 IP Configuration Your device is shipped with a pre defined IP configuration IP Address Netmask Use the following access data to configure your device in an ex works state User Name...

Страница 65: ...ware Configuration menu For a description of the update procedure see Software Update on page 58 4 2 System requirements For configuration of the device your PC must meet the following system requirem...

Страница 66: ...ory if your device is in the ex works state Internet access optional Wireless LAN optional only for bintec RS120wu bintec RS230aw and bintec RS232jw The following tables show examples of possible valu...

Страница 67: ...ple value Your values User account 12 digits T Online number usually 12 digits Joint user account Note To configure T Online Internet access enter the following succession of numbers without interveni...

Страница 68: ...ppropriate resources Particular attention must therefore be paid to protecting the wireless connection Note the following Follow the safety precautions when configuring your WLAN Please also read Sich...

Страница 69: ...address of your device 192 168 0 254 in a supported browser Internet Explorer 6 or 7 Mozilla Firefox ver sion 1 2 or later and entering the pre configured login information User Password 4 3 3 Modify...

Страница 70: ...easier 1 In GUI select the Assistants Internet Access menu 2 With New make a new entry and take over the Connection Type 1 35 0 3 Follow the steps shown by the wizard The wizard has its own online hel...

Страница 71: ...e and then the IP ad dress of your device e g A window appears with the response 2 Test the internet access by entering www bintec elmeg com in the internet browser bintec elmeg GmbH s Internet site o...

Страница 72: ...ured preshared key 5 Exit each menu with OK Note Windows XP allows several menus to be modified Depending on the configuration the path to the wireless network connection you want to configure may be...

Страница 73: ...so your device will be updated automatically When installation of the new software is complete you will be invited to re start the device Caution After confirming with Go the update cannot be aborted...

Страница 74: ...vice via Telnet or SSH Caution If you carry out the initial configuration with the GUI this can result in inconsistencies or malfunctions as soon as you carry out additional settings using other confi...

Страница 75: ...ly viewable Telnet session you can also con nect to your device via an SSH connection This is encrypted so all the remote mainten ance options can be carried out securely The following preconditions m...

Страница 76: ...e available you ll see in both fields RSA Key Status and DSA Key Status the value 5 If one or both of these fields contains the value you must generate the relevant key To have the device generate the...

Страница 77: ...hich a PC can be connected dir ectly The following chapter describes what you have to remember when setting up a serial connection and what you can do to configure your device in this way Access via t...

Страница 78: ...r second Data bits Parity Stopbits Flow control 3 Enter the values and click OK 4 Make the following settings in the Settings tab Emulation 9 5 Click OK The changes to the terminal program settings do...

Страница 79: ...evice Access over ISDN costs money If your device and your computer are in the LAN it is cheaper to access your device via the LAN or via the serial interface Your device in your LAN merely needs to b...

Страница 80: ...lain text The security concept of your device enables you to read all the other configuration settings with the user name but not the access information It is therefore impossible to log in with read...

Страница 81: ...leting the configuration enter 1 and press Return 5 3 Configuration options This chapter first offers an overview of the various tools you can use for configuration of your device You can configure yo...

Страница 82: ...nteg rated in your device and is available in English If required other languages can be down loaded from the download area of www bintec elmeg com and installed on your device To do this proceed as d...

Страница 83: ...o configure your device see Con figuring a PC on page 54 3 Open a web browser 4 Enter 8 in the address field of the web browser 5 Enter in the User field and enter in the Password field and click LO G...

Страница 84: ...display the GUI Here you can choose the language in which you perform the configuration German and English are available View Select the desired view from the dropdown menu Stand ard and SNMP browser...

Страница 85: ...your device A window is opened offering you the fol lowing options Save configuration save previous boot configuration then exit Save configuration then exit Exit without saving Navigation bar Fig 31...

Страница 86: ...he main configuration menus and their sub menus Click the main menu you require The corresponding sub menu then opens If you click the sub menu you want the entry selected will be displayed in red All...

Страница 87: ...m Management Certificates Certificate List menu this button activates the sub menu for the configuration of the certificate request In the Monitoring ISDN Modem Current Calls menu press ing this butto...

Страница 88: ...e view is to be updated To do this enter a period in seconds in the input field and con firm it with Filter You can have the list entries filtered and displayed according to certain criteria You can d...

Страница 89: ...The menu contains either a list of all the configured entries or the basic settings for the function concerned Sub menu The New button is available in each menu in which a list of all the configured...

Страница 90: ...mpty these are not saved when you confirm with OK Delete the entries by clicking the icon Display of options that are not available Options that are not available because they depend on the selection...

Страница 91: ...dow Note Please note that not all devices have the full range of functions Check the software of your device on the corresponding product page under www bintec elmeg com SNMP Browser If you select the...

Страница 92: ...cally on starting 2 Software Update via TFTP The devices performs a software update via a TFTP server 3 Software Update via XMODEM The device performs a software update via a serial interface with XMO...

Страница 93: ...nctions of the BOOTmonitor If you do not make an entry within four seconds the device changes back to normal operating mode Note If you change the baudrate the preset value is 9600 baud make sure the...

Страница 94: ...ollowing basic configuration tasks First steps Internet Access VPN Wireless LAN VoIP PBX in LAN Choose the corresponding task from the navigation bar and follow the instructions and ex planations on t...

Страница 95: ...overview of the following data System status Your device s activities Resource utilisation active sessions and tunnels Status and basic configuration of the LAN WAN ISDN and ADSL interfaces Informatio...

Страница 96: ...vice serial number BOSS Version Displays the currently loaded version of the system software Last configuration stored Displays day date and time of the last saved configuration boot configuration in...

Страница 97: ...nterfaces are listed here and their most important settings are shown The system also displays whether the inter face is connected or active Connection Information for Ethernet interfaces IP address N...

Страница 98: ...tion Information Link All the WAN interfaces are listed here and their most important settings are shown The system also displays whether the inter face is active 7 2 Global Settings The basic system...

Страница 99: ...tring with a maximum of 255 characters is pos sible The default value is 1 Maximum Number of Syslog Entries Enter the maximum number of syslog messages that are stored internally in the device Possibl...

Страница 100: ...ber of Accounting Log Entries Enter the maximum number of login process entries that are stored internally in the device Possible values are to The default value is Manual WLAN Control ler IP Address...

Страница 101: ...Note All bintec elmeg devices are delivered with the same username and password As long as the password remains unchanged they are not protected against unauthorised use Make sure you change the passw...

Страница 102: ...eld Value Show passwords and keys in clear text Define whether the passwords are to be displayed in clear text plain text The function is enabled with 7 The function is disabled by default If you acti...

Страница 103: ...s independent of the exchange time or the ntp server time Summer time starts on the last Sunday in March by switching from 2 a m to 3 a m The calendar related or schedule related switches that are sch...

Страница 104: ...rity A manually entered system time is therefore overwritten The menu System Management Global Settings Date and Time consists of the fol lowing fields Fields in the menu Basic Settings Field Descript...

Страница 105: ...omain name or an IP address In addition select the protocol for the time server request Possible values default value This server uses the simple network time protocol via UDP port 123 5 This server u...

Страница 106: ...omatic ally updated The default value is Time Update Policy Enter the time period after which the system attempts to contact the time server again following a failed time update Possible values 1 defa...

Страница 107: ...that the system time is up dated every time the GPS is fixed The function is activated by selecting 1 The function is disabled by default 7 2 4 System Licences This chapter describes how to activate t...

Страница 108: ...ayed Description Licence Type Licence Serial Number Status Possible values for Status Licence Meaning OK Subsystem is activated Not OK Subsystem is not activated Not supported You have entered a licen...

Страница 109: ...hardware serial number If is displayed as the status you have entered a license for a sub system that your device does not support This means you cannot use the functions of this licence Deactivating...

Страница 110: ...de up of the following parts a WLAN b Number of the physical port 1 or 2 Example 203 The name of the Ethernet port is made up of the following parts a ETH b Number of the port Example The name of the...

Страница 111: ...he name of the virtual interface connected to an Ethernet port is made up of the following parts a Abbreviation for interface type b Number of the Ethernet port c Number of the interface connected to...

Страница 112: ...w bridge group is automatically created after you click the OK button Configuration Interface Select the interface via which the configuration is to be carried out Possible values 1 default value Ex w...

Страница 113: ...s clients with the MAC Bridge function In wildcard mode you cannot define how Unicast non IP frames or non ARP frames are pro cessed To use the MAC bridge function you must carry out configuration ste...

Страница 114: ...erfaces is used as the wildcard MAC address This wildcard MAC address can only be reset by rebooting the device or by selecting another wildcard mode 1 If you choose this setting the internal WLAN MAC...

Страница 115: ...you can select the access parameters 1 and for the ISDN interfaces 5 0 Only for hybird devices You can also authorise your device for maintenance work from bintec elmeg s Customer Service department Y...

Страница 116: ...ative Access Access Add The System Management Administrative Access Access Add menu consists of the following fields Fields in the menu Access Field Description Interface Select the interface for whic...

Страница 117: ...intec elmeg com To be able to reach the shell of your device via an SSH client make sure the settings for the SSH Daemon and SSH client are the same Note If configuration of an SSH connection is not p...

Страница 118: ...e default value is Fields in the menu Authentication and Encryption Parameters Field Value Encryption Algorithms Select the algorithms that are to be used to encrypt the SSH connection Possible option...

Страница 119: ...select the link the generation process is triggered and the view is up dated The status is displayed in green When generation has been completed successfully the status changes from to If an error occ...

Страница 120: ...o monitor and control network elements e g routers servers switches printers computers etc from a central station SNMP controls communication between the monitored devices and monit oring station The...

Страница 121: ...1 Community Based SNMP Version 2 SNMP Version 3 By default and are enabled If no option is selected the function is deactivated SNMP Listen UDP Port Shows the UDP port at which the device receives SN...

Страница 122: ...ibutes which your device uses as WAN connection parameters If the RADIUS server is used for accounting your device sends an accounting message at the start of the connection and a message at the end o...

Страница 123: ...an accounting message to the RADIUS server at the start of each connection ACCOUNTING_STOP Client Server If a RADIUS server is used for accounting your device sends an accounting message to the RADIU...

Страница 124: ...e used for Possible values 3 default value only for PPP connec tions The RADIUS server is used for controlling access to a network 3 for PPP connections only The RADIUS server is used for recording st...

Страница 125: ...re a user password for each RADI US request Enter the password that your device sends as the default user password in the prompt for the dialout routes on the RADIUS server Priority If a number of RAD...

Страница 126: ...d A negative response to a request is not accepted A request is sent to the next RADIUS server un til your device receives a response from a server configured as authoritative UDP Port Enter the UDP p...

Страница 127: ...attempts the Status is set to 7 In Alive Check 1 your device attempts to reach the server every 20 seconds If the server responds Status is set back to 1 Possible values are whole numbers between and...

Страница 128: ...by bintec elmeg devices The following TACACS functions are available on your device Authentication for login shell Command authorisation on the shell e g telnet show TACACS uses TCP port 49 and estab...

Страница 129: ...r is to be used for login authentication to your device Server IP Address Enter the IP address of the TACACS server that is to be re quested for login authentication TACACS Secret Enter the password t...

Страница 130: ...rity see Priority until a positive response is received or a negative response has been received from an authoritative server 3 A negative response to a request is accep ted i e a request is not sent...

Страница 131: ...ll related inform ation are transferred unencrypted Unencrypted transfer is not recommended as a default setting and should only be used for debugging 7 5 3 Options This setting possible here causes y...

Страница 132: ...cess menu you can configure user profiles To do so you create access profiles and users and assign each user at least one access profile An access profile makes available that part of the GUI that a u...

Страница 133: ...entries Choose the New button to create additional ac cess profiles To create an access profile you can use all the entries in the navigation bar of the GUI plus Save configuration and Switch to SNMP...

Страница 134: ...Profiles New con sists of the following fields Fields in the menu Basic Settings Field Description Description Enter a unique name for the access profile Level No The system automatically assigns a s...

Страница 135: ...ser view access the parameters and modify all the settings displayed there Caution Note that the permission for Switch to SNMP Browser means that the user can access the entire MIB because no individu...

Страница 136: ...level menus are blocked 311 7 The menu is released Lower level menus may need to be specifically released 311 7 11 The menu and all its lower level menus are re leased You can select 311 7 and 311 7...

Страница 137: ...ent Configuration Access Users You can click the button to display the details of the configured user You can see which fields and menus are assigned to the user bintec elmeg GmbH 7 System Management...

Страница 138: ...ed If a row is flagged with the icon the information is released for reading and writing The icon indicates blocked entries 7 6 2 1 Edit or New Choose the icon to edit existing entries Choose the New...

Страница 139: ...s not enabled a warning message displays Enable or disable User must change password The function is enabled with 1 The function is disabled by default Access Level Use Add to assign at least one acce...

Страница 140: ...passport and as such certificates can be issued by several different issuers and in varying qualities the trustworthiness of the is suer is extremely important The quality of a certificate is regulat...

Страница 141: ...tificate List The certificates and keys themselves cannot be changed but a few external attributes can be changed depending on the type of the selected entry The System Management Certificates Certifi...

Страница 142: ...the own er of this certificate Possible settings 5 1 No CRLs check 317 CRLs are always checked 1 6A0 5 default value A check is only carried out if a CRL Distribution Point entry is included in the ce...

Страница 143: ...your device also supports separ ate registration authority certificates Registration authority certificates are used by some Certificate Authorities CAs to handle certain tasks signature and encrypti...

Страница 144: ...equest menu Field Description Certificate Request De scription Enter a unique description for the certificate Mode Select the way in which you want to request the certificate Possible settings 1 defau...

Страница 145: ...s SCEP URL Only for Mode 6 Enter the URL of the SCEP server e g ht tp scep bintec elmeg com 8080 scep scep dll Your CA administrator can provide you with the necessary data CA Certificate Only for Mod...

Страница 146: ...tion with the RA you can select another one here to encrypt com munication The default value is A3 6 i e the same certificate is used as for signing Password Only for Mode 6 You may need a password fr...

Страница 147: ...Only for Custom disabled Enter the e mail address according to CA Organizational Unit Only for Custom disabled Enter the organisational unit according to CA Organization Only for Custom disabled Enter...

Страница 148: ...iption Autosave Mode Select whether your device automatically stores the various steps of the enrolment internally This is an advantage if enrol ment cannot be concluded immediately If the status has...

Страница 149: ...Enter a unique description for the certificate File Encoding Select the type of coding so that your device can decode the certificate Possible values 3 default value Activates automatic code recogniti...

Страница 150: ...in networks 7 7 2 1 Import Choose the Import button to import CRLs Fig 59 System Management Certificates CRLs Import The System Management Certificates CRLs Importmenu consists of the following fields...

Страница 151: ...issues the private key and provides certificate revocation lists CRL that are accessed by the device via LDAP or HTTP in order to verify certificates 7 7 3 1 New Choose the New button to set up a cer...

Страница 152: ...ress and netmask to a port that can be reached via Ethernet If in doubt carry out the configuration using a serial connection via the Console interface ETH1 ETH4 The interfaces can be used separately...

Страница 153: ...a company or to reserve bandwidth for individual VLANs when managed switches are used with the QoS function 8 1 1 Port Configuration Port Separation Your device makes it possible to run the switch por...

Страница 154: ...ce Switch Port 5 Port ETH5 is configured here connection option for an SFP module only available for bintec RS120 bintec RS120wu Ethernet Interface Se lection Assign a logical Ethernet interface to th...

Страница 155: ...interface Possible values 5 1 default value No flow control is performed 1 Flow control is performed 3 Automatic flow control is performed To use port ETH5 with an SFP module you can activate the foll...

Страница 156: ...oth dialup and leased lines over ISDN Proceed as follows to configure the ISDN BRI interface Enter the settings for your ISDN connection Here you set the most important parameters of your ISDN connect...

Страница 157: ...the ISDN switch type D channel detection for switched line is to be automatically identified The function is enabled with 1 The function is enabled by default Result of Autoconfig uration Shows the st...

Страница 158: ...oint to multipoint connection Point to point ISDN access The menu Advanced Settings consists of the following fields Fields in the Advanced Settings menu Field Description X 31 X 25 in D Chan nel Sele...

Страница 159: ...not possible for leased lines Your device distributes the incoming calls to the internal services according to the settings in this menu Your own number is included as the calling party number for out...

Страница 160: ...riented basis can this be adapted in line with Datex P public data packet network based on the prin ciple of a packet switching exchange When a call comes in your device first uses the entries in this...

Страница 161: ...for PPP routing Contains automatic detection of the PPP connections stated below ex cept 5 9 Enables a number to be defined for IPSec callback Other services can be selected Allows 64 kpbs PPP data co...

Страница 162: ...select if your device is con nected to a point to point connection Bearer Service Select the type of incoming call service detection Possible values 5 9 default value Both data and voice calls 5 data...

Страница 163: ...s the current ADSL operation mode The value cannot be changed Possible values 7 The ADSL link is not active 3 ANSI T1 413 35 0 ADSL classic G DMT ITU G 992 1 1 Splitterless ADSL ITU G 992 2 35 0 G DMT...

Страница 164: ...e Select the ADSL synchronization type Possible values 35 0 3 default value The ADSL mode is auto matically adapted for the remote terminal 35 0 ADSL1 G DMT is used 35 0 ADSL2 G 992 3 is used 35 0 1 A...

Страница 165: ...Upstream Bandwidth The default value is 5 1 0 Maximum Upstream Bandwidth Only for Transmit Shaping Enter the maximum data rate in the send direction in bits per second The menu Advanced Settings cons...

Страница 166: ...ted when an SMS is sent Note LTE cannot currently be used for incoming connections via ISDN login LTE cannot currently be used together with the SMS alert service 8 4 1 1 Edit Click the icon to edit t...

Страница 167: ...c Settings menu Field Description UMTS LTE Status Select whether the chosen UMTS LTE modem should be en abled or disabled The function is enabled with 1 The function is enabled by default Modem Status...

Страница 168: ...The value cannot be changed Preferred Network Type Only for UMTS LTE Status 1 Select which network type should preferably be used Possible values 3 default value GPRS UMTS or LTE is auto matically se...

Страница 169: ...used 0 UMTS is used If the strength and quality of the signal are insufficient with UMTS then LTE is used A UMTS is used If the strength and quality of the signal are insufficient with UMTS then GPRS...

Страница 170: ...default value for LTE con nections 5 0 The call is assigned to the ISDN Login subsys tem default value for UMTS connections 5 1 The call is assigned to the PPP subsystem The call is made via IPSec Pl...

Страница 171: ...If the device has made three failed attempts to establish a connection e g because the PIN has been entered incor rectly three times you will need to enter the PUK in order to unblock the SIM card Fa...

Страница 172: ...Possible values 5 1 Roaming is disabled The Home PLMN Public Land Mobile Network is used i e the provider the SIM card is registered at 3 1 Default setting Use this mode if neither Roaming Mode 5 1 no...

Страница 173: ...Germany is 01 This results in the PLMN Fields in the menu Closed User Group Field Description Authentication Method Select an authentication protocol for the Closed User Group Select only an authentic...

Страница 174: ...l Displays the modem model description IMEI The IMEI International Mobile Station Equipment Identity dis plays the 15 digit serial number of the modem Oper Status Displays the operation mode of the mo...

Страница 175: ...the modem is currently connected to Cell ID Displays the Cell ID of the cell the modem is currently registered in Last Command Displays the last command sent to the modem by the system Last Reply Dis...

Страница 176: ...e groups Ethernet interfaces in routing mode You can use the New button to create virtual interfaces However this is only needed in special applications e g BRRP Depending on the option selected diffe...

Страница 177: ...ice uses the IP address 192 168 42 3 for example and 192 168 46 3 for the second subnet The netmasks for both subnets must also be indicated 9 1 1 1 Edit or New Choose the icon to edit existing entrie...

Страница 178: ...default value The interface is not assigned for a specific purpose 903 This option only applies for routing inter faces You use this option to assign the interface to a VLAN This is done using the VL...

Страница 179: ...amically If your provider has assigned you a MAC address enter this here DHCP Hostname Only for Address Mode 5 6 Enter the host name requested by the provider The maximum length of the entry is 45 cha...

Страница 180: ...is entered in the input field 9 2 VLAN By implementing VLAN segmentation in accordance with 802 1Q you can configure VLANs on your device The wireless ports of an access point in particular are able t...

Страница 181: ...ing mode Using the VLAN menu you can make all the settings needed for this and query their status Caution For interfaces that operate in Routing mode you only assign a VLAN ID to the inter face You de...

Страница 182: ...ields in the Configure VLAN menu Field Description VLAN Identifier Enter the number that identifies the VLAN In the menu you can no longer change this value Possible values are to VLAN Name Enter a un...

Страница 183: ...ID Port VLAN Identifi er If a packet without a VLAN tag reaches this port it is assigned this PVID Drop untagged frames If this option is enabled untagged frames are discarded If the option is disable...

Страница 184: ...ge Group br ID VLAN Options menu Field Description Enable VLAN Enable or disable the specified bridge group for VLAN The function is enabled with 1 The function is not activated by default Management...

Страница 185: ...vely as possible with a low transmission power that poses no health risks A 802 11g compatible standard is 802 11b which operates in the 2 4 GHz range 2400 MHz 2485 MHz and offers a maximum data trans...

Страница 186: ...AN menu you can configure all WLAN modules of your device Depending on the model one or two WLAN modules WLAN 1 and where applicable WLAN 2 are available 10 1 1 Radio Settings In the Wireless LAN WLAN...

Страница 187: ...Fig 73 Wireless LAN WLAN Radio Settings for Operation Mode 3 Fig 74 Wireless LAN WLAN Radio Settings for Operation Mode 3 61 bintec elmeg GmbH 10 Wireless LAN bintec RS Series 173...

Страница 188: ...ture mode all clients communicate with each other via access points only There is no direct communication between the in dividual clients 3 In ad hoc mode an access client can be used as central inter...

Страница 189: ...values F Your device runs in 2 4 Mode 802 11b and Mode 802 11g or 5 GHz Mode 802 11a h F default value Your device runs in 5 GHz Mode 802 11a h F Your device runs in 2 4 GHz Mode 802 11b and Mode 802...

Страница 190: ...locate the networks to different channels Each of these should be spaced at least four channels apart as a network also partially occupies the adja cent channels In the case of manual channel selectio...

Страница 191: ...ls each with 20 MHz bandwidth are used In the case one channel acts as a control channels and the other as an expansion channel Number of Spatial Streams Only for Wireless Mode Select how many traffic...

Страница 192: ...according to either 802 11b or 802 11g 1 Your device adapts to the cli ent technology and operates according to either 802 11b or 802 11g Only a data rate of 1 and 2 mbps needs to be sup ported by al...

Страница 193: ...nd Wireless Mode vari ous fixed values in mbps are available Burst Mode Activate this function to increase the transmission speed for 802 11g through frame bursting As a result several packets are sen...

Страница 194: ...t no channels overlap i e a distance of four channels is maintained between the channels used This is useful if more access points are used with overlapping radio cells Possible values 311 All channel...

Страница 195: ...how the RTS CTS mechanism is to be switched on off If you choose you can specify in the input field the data packet length threshold in bytes 1 2346 as of which the RTS CTS mechanism is to be used Thi...

Страница 196: ...default value is Fragmentation Threshold Enter the maximum size as of which the data packets are to be fragmented i e split into smaller units Low values are recom mended for this field in areas with...

Страница 197: ...311 default value All channels are scanned 3 The channel is automatically selected The desired channels can therefore be defined User Defined Channel Plan Only for Scan channels Define the channels w...

Страница 198: ...t value is Scan Interval Indicates the interval in milliseconds after which the system scans for available wireless networks The value can only be modified for Roaming Profile 6 A The default value is...

Страница 199: ...ess range are run in one access point The mechanism can also be switched on off independently of the data packet length by selecting the value 317 or 317 default value Short Guard Interval Enable this...

Страница 200: ...WPA2 Cipher 3 4 The Preshared Key is filled with an internal system value which you must change during configuration Setting network names In contrast to a LAN set up over Ethernet a wireless LAN doe...

Страница 201: ...ems contains basic security specifications for wire less networks in particular with regard to encryption It replaces the insecure WEP Wired Equivalent Privacy with WPA Wi Fi Protected Access It also...

Страница 202: ...s select Security Mode 2 2 2 3 4 or 2 3 and enter the relevant key in the access point un der WEP Key 1 4 or Preshared Key and in the WLAN clients The WEP key should be changed regularly To do this ch...

Страница 203: ...o select whether the Network Name SSID is to be trans mitted The network name is displayed by selecting 9 1 It is visible by default Intra cell Repeating Select whether communication between the WLAN...

Страница 204: ...ode Point or IEEE802 1d The function is activated by selecting 1 The function is enabled by default Max Clients Enter the maximum number of clients that can be connected to this wireless network SSID...

Страница 205: ...ter string with 5 characters for 2 with 13 characters e g 11 for 2 7 for 2 WPA Mode Only for Security Mode 2 3 4 and 2 3 Select whether you want to use WPA with TKIP encryption or WPA 2 with AES encry...

Страница 206: ...Only for Security Mode 2 3 Select whether the EAP preauthentification function is to be ac tivated This function tells your device that WLAN clients which are already connected to another access poin...

Страница 207: ...ich are generally used to connect clients with networks that are not directly ac cessible to them e g because the distance is too great The access point sends from one client to another access point w...

Страница 208: ...automatically gen erated name of the interface is used If the option is not activated you can enter a suitable name in the input field Option 1 is active by default Fields in the WDS Security Settings...

Страница 209: ...4 WEP Key 1 to WEP Key 4 Only for Privacy 2 2 Enter the WEP key There are two ways of entering a WEP key Direct entry in hexadecimal form If the entry starts with the generator is deactivated Enter a...

Страница 210: ...is no direct communication between the individual clients In ad hoc mode an access client can be used as central interface between a number of terminals In this way devices such as computers and print...

Страница 211: ...t key The default value is 4 WEP Key 1 4 Only for Security Mode 2 2 Enter the WEP key Enter a character string with the right number of characters for the selected WEP mode For 2 you need a character...

Страница 212: ...Select which encryption method is to be used Possible values 3 default value Advanced Encryption Standard 4 Temporal Key Integrity Protocol Both encryption methods are rated as secure with AES offerin...

Страница 213: ...following list If the partner client cannot be found check the line of sight and the antenna installation Then carry out the Scan The partner should then be found AP MAC Address Shows the MAC address...

Страница 214: ...on menu Field Description Region Select the country in which the access point is to be run Possible values are all the countries configured on the device s wireless module The range of channels availa...

Страница 215: ...over your device If for example you configure both Internet access and a corporate network connection enter a default route to the ISP and a network route to the head office You can enter several def...

Страница 216: ...f the option is selected for the Route Class an extra configuration section opens Fig 82 Network Routes IPv4 Route Configuration New with Extended 1 The Network Routes IPv4 Route Configuration New men...

Страница 217: ...a traffic via that interface The set tings received from the DHCP server are then copied along with those configured here to the active routing table This en ables e g in the case of dynamically chang...

Страница 218: ...with the default parameters Select whether the route is to be defined with ex tended parameters If the function is active a route is created with extended routing parameters such as source interface...

Страница 219: ...ute Parameters Field Description Description Enter a description for the IP route Source Interface Select the interface over which the data packets are to reach the device The default value is Source...

Страница 220: ...efault value The route is valid for all port numbers 1 Enables the entry of a port number A Enables the entry of a range of port numbers 1 Entry of privileged port numbers 0 1023 Entry of server port...

Страница 221: ...9 1 Mode Select when the interface defined in Route Parameters Inter face is to be used Possible values 5 1 7 default value The route can be used if the interface is up If the interface is dormant th...

Страница 222: ...tmask of the destination host or destination net work Gateway Displays the gateway IP address Nothing is displayed here when routes are received by DHCP Interface Displays the interface used for this...

Страница 223: ...ters Fig 84 Networking Routes Options The Networking Routes Optionsmenu consists of the following fields Fields in the Back Route Verify menu Field Description Mode Select how the interfaces to be act...

Страница 224: ...d conversion of source and destination addresses of IP packets If NAT is activated IP connections are still only allowed by default in one direction outgoing forward protective function Excep tions to...

Страница 225: ...ropriate ICMP or TCP RST mes sage The function is disabled by default PPTP Passthrough Select whether the setup and operation of several simultan eous outgoing PPTP connections from hosts in the netwo...

Страница 226: ...cription for the NAT configuration Interface Select the interface for which NAT is to be configured Possible values 3 default value NAT is configured for all interfaces B C Select one of the interface...

Страница 227: ...tiating source address and the initial source port UDP only Like full cone NAT as ex ternal host however only the initial external destination host is allowed UDP only Like restricted cone NAT however...

Страница 228: ...cluded by NAT 5 1 All the data packets that do not match the following parameters that are to be configured protocol source IP address network mask destination IP address net mask etc are excluded by...

Страница 229: ...rresponding netmask of the original data packets as the case arises Original Destination Port Range Only for Type of traffic 5 3 Service and Protocol 6 5 6 5 Enter the destination port or the destinat...

Страница 230: ...ffic 1 2 3 or 3 and NAT method Enter the destination IP address and corresponding netmask of the original data packets as the case arises Destination Port Range Only for Type of traffic 3 NAT method S...

Страница 231: ...nal source IP ad dress is to be translated with corresponding netmask as the case arises New Source Port Only for Type of traffic 3 NAT method Service and Pro tocol 6 5 6 5 Leave the source port as it...

Страница 232: ...with different providers Session based load balancing is achieved Related dependent sessions are always routed over the same interface A decision on distribution is only made for outgoing sessions A l...

Страница 233: ...ed ses sion is assigned to one of the group interfaces according to the percentage assignment of sessions to the interfaces The number of sessions is decisive 0 7 A newly added session is assigned to...

Страница 234: ...lue Also includes idle interfaces 1 Only interfaces in the up state are included In the Interface area you add interfaces that match the current group context and config ure these You can also delete...

Страница 235: ...e Route Selector parameter is an additional criterion to help define a load balancing group more precisely Here routing in formation is added to the interface entry within a load balan cing group The...

Страница 236: ...ce s load bal ancing status now varies according to the status of the assigned host surveillance entry Select the IP address for the route to be monitored You can choose from the IP addresses you have...

Страница 237: ...s the first HTTPS packet specifies the Destination Address and the Destination Port i e Port 443 with HTTPS for data packets sent subsequently If underFrozen Parameters for the two parameters Destinat...

Страница 238: ...entry Service Select one of the preconfigured services if required The ex tensive range of services configured ex works includes the fol lowing 1 1 G The default value is Protocol Select a protocol if...

Страница 239: ...Port Range Enter if required a source port number or a range of source port numbers Possible values 311 default value The destination port is not specified Enter a destination port Enter a destination...

Страница 240: ...ubsequently as it did in the first data packet So it cannot be disabled 11 4 QoS QoS Quality of Service makes it possible to distribute the available bandwidths effectively and intelligently Certain a...

Страница 241: ...cription Description Enter the name of the filter Service Select one of the preconfigured services The extensive range of services configured ex works includes the following 1 1 G The default value is...

Страница 242: ...and the corresponding netmask Destination Port Range Only for Protocol 6 or 5 Enter a destination port number or a range of destination port numbers Possible values 311 default value The destination...

Страница 243: ...The TOS value is specified in binary format e g 00111111 5 1 9 1 The TOS value is specified in decimal format e g 63 1 9 1 The TOS value is specified in hexadecimal format e g 3F COS Filter 802 1p La...

Страница 244: ...an create a new class plan with this setting B 1 1 C Shows a class plan that has already been created which you can select and edit You can add new filters Description Only for Class map 7 Enter the n...

Страница 245: ...with the highest priority and priority 0 is set automatically The function is enabled with 1 The function is disabled by default Class ID Only for High Priority Class not active Choose a number which...

Страница 246: ...kets based on the class Class ID that has been defined Possible values are whole numbers between and The default value is Interfaces Only for Class map 7 When creating a new class plan select the inte...

Страница 247: ...S Interfaces Policies New The Networking QoS QoS Interfaces Policies New menu consists of the following fields Fields in the Basic Parameters menu Field Description Interface Select the interface for...

Страница 248: ...e send direction The function is enabled with 1 The function is disabled by default Maximum Upload Speed Only for Traffic shaping enabled Enter a maximum data rate for the queue in the send direction...

Страница 249: ...AES256 Twofish cipher block size 128 Bit Real Time Jitter Con trol Only for Traffic shaping enabled Real Time Jitter Control optimises latency when forwarding real time datagrams The function ensures...

Страница 250: ...the class plan which is associated with the selected interface a queue is generated automatically and displayed here only for data traffic classified as outgoing and for data traffic classified as mo...

Страница 251: ...default value is RTT Mode Realtime Traffic Mode Active or deactivate the real time transmission of the data The function is enabled with 1 The function is disabled by default RTT mode should be activ...

Страница 252: ...deactivated the queue can never occupy bandwidth beyond the bandwidth limit that has been set The function is enabled with 1 The function is disabled by default Burst size Only for Traffic Shaping ena...

Страница 253: ...led by default Min queue size Enter the lower threshold value for the process Congestion Avoidance RED in bytes Possible values are to The default value is Max queue size Enter the upper threshold val...

Страница 254: ...ation port You use the rules that you set up in the access lists to tell the gateway what to do with the filtered data packets i e whether it should allow or deny them You can also define several rule...

Страница 255: ...filter describes a certain part of the IP traffic and defines for example the IP addresses the protocol the source port or the des tination port A list of all access filters is displayed in the Netwo...

Страница 256: ...Field Description Description Enter a description for the filter Service Select one of the preconfigured services The extensive range of services configured ex works includes the following 1 1 G The...

Страница 257: ...ould not open any new TCP connection on routing over the gateway match the filter Destination IP Ad dress Netmask Enter the destination IP address and netmask of the data pack ets Possible values 3 de...

Страница 258: ...he Type of Service TOS Possible values default value The type of service is ignored 5 6 9 1 Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets indica...

Страница 259: ...created separ ately or incorporated in rule chains In the Networking Access Rules Rule Chains menu all created filter rules are listed Fig 95 Networking Access Rules Rule Chains 11 5 2 1 Edit or New...

Страница 260: ...chain already exists select the filter to be attached to the rule chain Action Define the action to be taken for a filtered data packet Possible values 311 7 1 default value Allow packet if it matches...

Страница 261: ...orking Access Rules Interface Assignment 11 5 3 1 Edit or New Choose the icon to edit existing entries Choose the New button to configure additional assignments Fig 98 Networking Access Rules Interfac...

Страница 262: ...to smaller segments without having to divide the IP network into subnets Several interfaces can be combined in a drop in group and as signed to a network to do this All of the interfaces are then conf...

Страница 263: ...network components Possible values default value ARP packets and IP packets belonging to the drop in network are routed transparently unchanged ARP packets and IP packets related to the drop in networ...

Страница 264: ...t on Inter face Only for Network Configuration 5 6 Here you can select an Ethernet interface on your router which is to act as the DHCP client You need this setting for example if your provider s rout...

Страница 265: ...ield Description 7 3 Interface Selection Select all the ports which are to be included in the Drop In group in the network Add new entries with Add bintec elmeg GmbH 11 Networking bintec RS Series 251...

Страница 266: ...anged In this case only the changed information is sent Observing the information sent by other devices enables new routes and shorter paths for existing routes to be saved in the routing table As rou...

Страница 267: ...sion 1 RIP packets A 9 Enables sending and receiving of version 2 RIP packets A 9 9 Enables sending and receiving RIP packets of both version 1 and 2 A 9 1 For sending RIP V2 messages over multicast a...

Страница 268: ...nd interfaces for leased lines Routes are propagated if the interface status is up or ready 1 default value Routes are only propagated if the interface status is up 317 Routes are always propagated in...

Страница 269: ...utton to insert another filter above the list entry The configuration menu for creating a new window opens You can use the button to move the list entry A dialog box opens in which you can se lect the...

Страница 270: ...to the export or import of routes Possible values default value Metric Offset for Active Interfaces Select the value to be added to the route metric if the status of the interface is up During export...

Страница 271: ...that no other devices use The default value should be retained Default Route Distribu tion Select whether the default route of your device is to be propag ated via RIP updates The function is enabled...

Страница 272: ...lues that you can configure in the Timer for Triggered RIP RFC 2091 menu should be used The function is enabled with 1 The function is disabled by default If the function is not activated the times de...

Страница 273: ...2091 menu Field Description Hold Down Timer Only for RFC 2091 Variable Timer 1 The hold down timer is activated as soon as your device re ceives an unreachable route metric 16 The route may deleted on...

Страница 274: ...o hold audio con ferences All subscribers are displayed in a window and the speaker s are indicated by a black box Other areas of use are of particular interest to companies Here multicasting makes it...

Страница 275: ...resses Several senders with different IP addresses can therefore transmit to the same multicast group leading to a 1 to n rela tionship between groups and source addresses This information is forwarde...

Страница 276: ...ckets explicitly wanted by a host enter the subnet Special mechanisms ensure that the requirements of the individual clients are taken into consideration At the moment there are three versions of IGMP...

Страница 277: ...P New menu consists of the following fields Fields in the IGMP Settings menu Field Description Interface Select the interface on which IGMP is to be enabled i e queries are sent and responses are acce...

Страница 278: ...ible values are to The default value is Last Member Query In terval Define the time after a query for which the router waits for an answer If you shorten the interval it will be more quickly detected...

Страница 279: ...e Advanced Settings menu Field Description IGMP Proxy Select whether your device is to forward the hosts IGMP mes sages in the subnet via its defined Proxy Interface Proxy Interface Only for IGMP Prox...

Страница 280: ...ways off Mode Only for IGMP Status or 3 Select Multicast Mode Possible values 6 1 default value The router uses IG MP version 3 If it notices a lower version in the network it uses the lowest version...

Страница 281: ...ing rules for new multicast groups Fig 109 Multicast Forwarding Forwarding New The Multicast Forwarding Forwarding New menu consists of the following fields Fields in the Basic Parameters menu Field D...

Страница 282: ...group you want to for ward from a defined Source Interface to a defined Destination Interface Source Interface Select the interface on your device to which the selected multic ast group is sent Destin...

Страница 283: ...to your Internet Service Provider ISP For broadband Internet access your device provides the PPP over Ethernet PPPoE PPP over PPTP and PPP over ATM PPPoA protocols You can also configure Internet acce...

Страница 284: ...to your Internet Service Provider ISP as a default route If for example you configure a cor porate network connection only enter the route to the head office or branch office as a de fault route if y...

Страница 285: ...connection is set up Dynamic Dynamic channel bundling means that your device connects other ISDN B channels to in crease the throughput for connections if this is required e g for large data rates If...

Страница 286: ...ialup PPPoE New The menu WAN Internet Dialup PPPoE New consists of the following fields Fields in the Basic Parameters menu Field Description Description Enter a name to uniquely identify the PPPoE pa...

Страница 287: ...run your device s Ethernet switch in Split Port mode PPPoE Ethernet Inter face Only for PPPoE Mode Select the Ethernet interface specified for a standard PPPoE connection If you want to use an externa...

Страница 288: ...FTP transmission for LAN to LAN transmis sion for Internet connections Fields in the IP Mode and Routes menu Field Description IP Address Mode Select whether your device is to be assigned a static IP...

Страница 289: ...ngs menu Field Description Block after connection failure for Enter the wait time in seconds before the device should try again after an attempt to set up a connection has failed The de fault value is...

Страница 290: ...ed by default Prioritize TCP ACK Packets Select whether the TCP download is to be optimised in the event of intensive TCP upload This function can be specially applied for asymmetrical bandwidths ADSL...

Страница 291: ...layed in the WAN Internet Dialup PPTP menu In this menu you configure an Internet connection that uses the Point Tunnelling Protocol PPTP to set up a connection This is required in Austria for example...

Страница 292: ...identifying the internet connection The first character in this field must not be a number No special characters or umlauts must be used PPTP Ethernet Inter face Select the IP interface over which pa...

Страница 293: ...many seconds should pass between sending the last traffic data pack et and clearing the connection Possible values are to seconds deactivates the timeout The default value is Example for FTP transmis...

Страница 294: ...s with Add A 3 IP address of the destination host or network Netmask for Remote IP Address If no entry is made your device uses a default netmask The lower the value the higher the priority of the rou...

Страница 295: ...ection partner MSCHAP version 1 or 2 possible 6 3 Run MS CHAP version 2 only Some providers use no authentication In this case se lect this option DNS Negotiation Select whether your device receives I...

Страница 296: ...e function is enabled with 1 The function is enabled by default 14 1 3 PPPoA A list of all PPPoA interfaces is displayed in the WAN Internet Dialup PPPoA menu In this menu you configure a xDSL connect...

Страница 297: ...identifying the connection partner The first character in this field must not be a number No special characters or umlauts must be used ATM PVC Select an ATM profile created in the ATM Profiles menu i...

Страница 298: ...onds deactivates the short hold The default value is Example for FTP transmission for LAN to LAN transmis sion for Internet connections Fields in the IP Mode and Routes menu Field Description IP Addre...

Страница 299: ...ced Settings consists of the following fields Fields in the Advanced Settings menu Field Description Block after connection failure for Enter the wait time in seconds before the device should try agai...

Страница 300: ...ection partner or sends these to the connection partner The function is enabled with 1 The function is enabled by default Prioritize TCP ACK Packets Select whether the TCP download is to be optimised...

Страница 301: ...cess over ISDN LAN to LAN connection over ISDN Remote Mobile dial in Use of the ISDN Callback function 14 1 4 1 New Choose the Newbutton to set up new ISDN interfaces bintec elmeg GmbH 14 WAN bintec R...

Страница 302: ...Fig 113 WAN Internet Dialup ISDN New The menu WAN Internet Dialup ISDN New consists of the following fields Fields in the Basic Parameters menu 14 WAN bintec elmeg GmbH 288 bintec RS Series...

Страница 303: ...s User Name Enter your device code local PPP user name Remote User for Dial in only Enter the code of the remote terminal remote PPP user name Password Enter the password Always on Select whether the...

Страница 304: ...licy Only for IP Address Mode and 3 When you configure an ISDN Internet connection specify whether Network Address Translation NAT is to be activated The function is enabled with 1 The function is dis...

Страница 305: ...onnec tion before the interface is blocked Possible values are to The default value is Usage Type If necessary select a special interface use Possible values default value No special type is selected...

Страница 306: ...ion If Encryption is set the remote terminal must also sup port it otherwise a connection cannot be set up Possible values default value MPP encryption is not used 1 MPP encryption V2 with 128 bit is...

Страница 307: ...without call back This only applies if no fixed outgoing number has been configured for the connection partner This is done by closing the dialog box that appears with Cancel Fields in the Bandwith on...

Страница 308: ...your device For outgoing calls where you dial your connec tion partner The calling party number of the incoming call is compared with the number entered under Call Number Call Number Enter the connect...

Страница 309: ...to an ARP request only if the status of the connection to the connection partner is i e a connection already exists to the connection partner DNS Negotiation Select whether your device receives IP ad...

Страница 310: ...ield Description Description Enter a name for uniquely identifying the internet connection The first character in this field must not be a number No special characters or umlauts must be used UMTS LTE...

Страница 311: ...pass between sending the last traffic data packet and clearing the connection Possible values are to seconds deactivates the short hold The default value is Fields in the IP Mode and Routes menu Field...

Страница 312: ...alue the higher the priority of the route range of values The default value is The menu Advanced Settings consists of the following fields Fields in the Advanced Settings menu Field Description Block...

Страница 313: ...receives IP addresses for DNS Serverprimary domain name serverPrimary and DNS Serversecondary domain name serverSecondary from the con nection partner or sends these to the connection partner The fun...

Страница 314: ...IP address from an address pool if available If address pools have more than one IP address you cannot specify which connection partner receives which address The addresses are initially assigned in o...

Страница 315: ...mines the route that the data should take for example Multiple virtual connections can be set up over a single physical interface The data is transmitted in so called cells or slots of constant size E...

Страница 316: ...ult an ATM profile with the description 3 6A 3 5 is preconfigured Its values VPI 1 and VCI 32 are suitable for a Telekom ATM connection for example Note The ATM encapsulations are described in RFCs 14...

Страница 317: ...he ATM connection Possible values 3 default value Ethernet over ATM EthoA is used for the ATM connection Permanent Virtual Circuit PVC A 1 3 Routed Protocols over ATM RPoA is used for the ATM connecti...

Страница 318: ...s 006 6 only displayed for Type 3 Bridged Ethernet with LLC SNAP encapsulation with Frame Check Sequence checksums default value for Routed Protocols over ATM Is only displayed for Type A 1 3 Encapsul...

Страница 319: ...erface of ATM connection e g 8 8 8 8 8 An entry is only re quired in special cases For Internet connections it is sufficient to select the option Use built in standard setting An address is used which...

Страница 320: ...n is enabled with 1 The function is disabled by default Field in menu PPP over ATM Settings appears only for Type PPP over ATM Field Description Client Type Select whether the PPPoA connection is to b...

Страница 321: ...s Fig 117 WAN ATM Service Categories New The menu WAN ATM Service Categories New consists of the following fields Fields in the Basic Parameters menu Field Description Virtual Channel Con nection VCC...

Страница 322: ...itical applications with burst data traffic 9 1 A 9 9 A A guaranteed data rate is assigned to the connection Sustained Cell Rate SCR This may be exceeded by the volume configured in Maximum Burst Size...

Страница 323: ...ated by the ISP Your device then only needs to react correctly to the signals received This is ensured without a specific OAM configuration for both flow level 4 and flow level 5 Two mechanisms are av...

Страница 324: ...ngs are used on the vir tual path Virtual Channel Con nection VCC Only for OAM Flow Level Select the already configured ATM connection to be monitored displayed by the combination of VPI and VCI Virtu...

Страница 325: ...is Loopback Segment Select whether you want to activate the loopback test for the segment connection segment connection of the local end point to the next connection point of the VCC or VPC The functi...

Страница 326: ...ct whether the test cells of the OAM CC are to be sent or received Possible values default value CC data is both received and generated CC data is received CC data is generated Continuity Check CC Seg...

Страница 327: ...ccur when other packets are routed at the same time The real time jitter control function solves this problem So that the line is not blocked for too long for the voice data packets the size of the ot...

Страница 328: ...the optimisation Possible values 6 11 A 1 default value By means of the data routed via the media gateway the system detects voice data traffic and optimises the voice transmis sion 311 A All RTP str...

Страница 329: ...devices used function here as the endpoints of the VPN tunnel IPSec involves a num ber of Internet Engineering Task Force IETF standards which specify mechanisms for the protection and authentication...

Страница 330: ...the IPSec phase 2 SAs the route now only determines which data traffic is to be routed If an IP packet does not match the defined Additional Traffic Filter it is rejected If an IP packet meets the re...

Страница 331: ...menu for monitoring a peer is called by selecting the button for the peer in the peer list See Values in the IPSec Tunnels list on page 501 15 1 1 1 New Choose the New button to set up more IPSec pee...

Страница 332: ...Fig 121 VPN IPSec IPSec Peers New The menu VPN IPSec IPSec Peers New consists of the following fields Fields in the menu Peer Parameters 15 VPN bintec elmeg GmbH 318 bintec RS Series...

Страница 333: ...s resolvable host name The entry can be omitted in certain configurations whereby your device then cannot initiate an IPSec connection Peer ID Select the ID type and enter the peer ID This entry is no...

Страница 334: ...ange 4 Select the local ID type Possible ID types 11 H 1 5 H5 1 3 9 3 3 5 5 4 5 Any string Local ID Only for Internet Key Exchange 4 Enter the ID of your device For Authentication Method 5 3 or A 3 th...

Страница 335: ...eceives an IP ad dress from the server as IPSec client 4 6 Select this option if your gate way assigns an IP address as server for connecting clients This is taken from the selected IP Assignment Pool...

Страница 336: ...te 1 Select the priority of the route The lower the value the higher the priority of the route Value range from to The default value is Route Entries Only for IP Address Assignment or 4 6 61 Define ro...

Страница 337: ...due to compet ing routes or the coarser filtering of the data traffic The Additional Traffic Filter parameter fixes this problem You can filter more finely i e you can e g specify the source IP addre...

Страница 338: ...value matches all protocols Source IP Address Netmask Enter if required the source IP address and netmask of the data packets Possible values 3 Enter the IP address of the host 7 default value Enter t...

Страница 339: ...rked as standard in VPN IPSec Phase 1 Profiles 1 1 Uses a special profile which contains the proposals for Phase 1 3DES MD5 AES MD5 and Blowfish MD5 regardless of the proposal selection in menu VPN IP...

Страница 340: ...ve a peer ID specified in the client peer configuration since the ID is still used to differentiate the tunnels created via the dynamic peer The resulting gateway peer would match all incoming tunnel...

Страница 341: ...led with 1 In the input field enter the public IP address that is to be used as the sender address The function is disabled by default Back Route Verify Select whether a check on the back route should...

Страница 342: ...set up an IPSec tunnel over the Internet If the called peer currently has no connection to the Internet the ISDN call causes a connec tion to be set up This ISDN call costs nothing depending on count...

Страница 343: ...rted tunnel setup if the current IP address of the initiator could be determined by indirect means e g via DynDNS However DynDNS has serious disadvantages such as the latency until the IP address is a...

Страница 344: ...cts the IP address of peer A and the token from the ISDN call and as signs them to peer A based on the calling party number configured the ISDN number used by peer A to send the initial call to peer B...

Страница 345: ...etting up of an IPSec tunnel is executed after an incoming ISDN call and initiated by an outgoing ISDN call Incoming Phone Num ber Only for Mode or Enter the ISDN number from which the remote device c...

Страница 346: ...IP address is transferred in the B channel This incurs costs 1 6 1 Your device transfers the IP address in the B channel This incurs costs D Channel Mode Only for Transfer Mode 5 6 1 or 5 6 1 J 11 6 1...

Страница 347: ...Default column you can mark the profile to be used as the default profile 15 1 2 1 New Choose the New at Create new IKEv1 Profile or Create new IKEv2 Profile button to create additional profiles bint...

Страница 348: ...for IKE phase 1 on your device The combination of six encryption algorithms and four message hash algorithms gives 24 possible values in this field At least one proposal must exist Therefore the firs...

Страница 349: ...ed with a key length of 128 bits 3 Rijndael has been nominated as AES due to its fast key setup low memory requirements high level of secur ity against attacks and general speed Here it is used with a...

Страница 350: ...ular exponentiation at 1024 bits is used to create the en cryption material During the Diffie Hellman key calculation modular exponentiation at 1536 bits is used to create the en cryption material Lif...

Страница 351: ...d the name under which it is saved This field is only shown for authentication settings based on certificates and indicates that a certificate is essential Mode Only for Phase 1 IKE Parameters Select...

Страница 352: ...ake sure your device selects the first al ternative subject name by default Make sure you and your peer both use the same name i e that your local ID and the peer ID your partner configures for you ar...

Страница 353: ...e peer but does not send one itself 1 Your device expects no heart beat from the peer but sends one itself K Your device expects a heartbeat from the peer and sends one itself 5 5 Use DPD dead peer de...

Страница 354: ...nt the setup of an IPSec tunnel from a host within a LANs and behind a NAT device to another host or device NAT T enables these kinds of tunnels without conflicts with NAT device activated NAT is auto...

Страница 355: ...setup just as for phase 1 In the VPN IPSec Phase 2 Profiles menu a list of all configured IPSec phase 2 profiles is displayed Fig 125 VPN IPSec Phase 2 Profiles In the Default column you can mark the...

Страница 356: ...The combination of six encryption algorithms and two message hash algorithms gives 12 possible values in this field Encryption algorithms Encryption 5 default value 3DES is an extension of the DES al...

Страница 357: ...the successor to Blowfish 63 CAST is also a very secure algorithm marginally slower than Blowfish but faster than 3DES 5 DES is an older encryption algorithm which is rated as weak due to its small ef...

Страница 358: ...rtly before expiry of the current SAs As for RFC 2407 the default value is eight hours which means the key must be renewed once eight hours have elapsed The following options are available for definin...

Страница 359: ...ives signals every 5 seconds depend ing on the configuration If these signals are not received after 20 seconds the SA is discarded as invalid Possible values 3 default value Automatic detection of wh...

Страница 360: ...n server e g SecOVID from Kobil which is installed behind the Radius Server If a company s headquarters is connected to several branches via IPSec several peers can be configured A specific user can t...

Страница 361: ...rver It is configured in the System Management Re mote Authentication RADIUSmenu and selected in the RADIUS Server Group ID field 0 1 Authentication is carried out via a local list Name Only for Role...

Страница 362: ...or New Choose the New button to set up new IP address pools Choose the icon to edit exist ing entries Fig 128 VPN IPSec IP Pools New Fields in the menu Basic Parameters Field Description IP Pool Name...

Страница 363: ...Global Options menu Field Description Enable IPSec Select whether you want to activate IPSec The function is enabled with 1 The function is active as soon as an IPSec Peer is configured Delete complet...

Страница 364: ...tain functions and features to the special requirements of your environment i e mostly interoperability flags are set The default val ues are globally valid and enable your system to work correctly to...

Страница 365: ...ookies are to be sent These are equivalent to the SPI Security Parameter Index in IKE proposals as they are redundant they are normally set to the value of the negotiation currently in progress Altern...

Страница 366: ...wish to send the peer the certificates of all levels from your level to the CA level Send CRLs Select whether CRLs are to be sent during IKE phase 1 The function is enabled with 1 The function is disa...

Страница 367: ...el profile is used on the initiator side LAC to set up the connection The L2TP tunnel profile is needed on the responder side LNS to accept the connection 15 2 1 Tunnel Profiles A list of all configur...

Страница 368: ...in the SCCRQs received from the LNS and the SCCRPs received from the LAC A Local Hostname con figured in the LAC must match Remote Hostname configured for the intended profile in the LNS and vice ver...

Страница 369: ...Destination Port Enter the destination port number to be used for all calls based on this profile The remote LNS that receives the call must mon itor this port on L2TP connections Possible values are...

Страница 370: ...ich it received no re sponse The available values are to the default value is Maximum Retries Enter the maximum number of times your device is to try to re send the L2TP control packet for which is re...

Страница 371: ...Description Enter a name for uniquely identifying the L2TP partner The first character in this field must not be a number No special characters or umlauts must be used The maximum length of the entry...

Страница 372: ...ame Enter the code of your device Password Enter the password Always on Select whether the interface should always be activated The function is enabled with 1 The function is disabled by default Conne...

Страница 373: ...icy Only for IP Address Mode 3 and Specify whether Network Address Translation NAT is to be ac tivated for this connection The function is enabled with 1 The function is disabled by default IP Assignm...

Страница 374: ...crypted 3 6 3 Primarily run CHAP otherwise PAP 6 3 Only run MS CHAP version 1 PPP Microsoft Challenge Handshake Authentication Protocol 6 3 Run MS CHAP version 2 only Some providers use no authenticat...

Страница 375: ...ivated for this inter face i e no routes are propagated or OSPF protocol packets sent over this interface Networks reachable over this inter face are however included when calculating the routing in f...

Страница 376: ...function is enabled with 1 The function is enabled by default 15 2 3 Options Fig 132 VPN L2TP Options The menu VPN L2TP Options consists of the following fields Fields in the Global Options menu Field...

Страница 377: ...tunnel is set up to the PPTP partner over the Internet using PPTP The PPTP subsystem sets up a control connection between the endpoints of the tunnel This is used to send control data to set up keep a...

Страница 378: ...w to set up further PPTP partners Fig 133 VPN PPTP PPTP Tunnels New The VPN PPTP PPTP Tunnels New menu consists of the following fields Fields in the PPTP Partner Parameters menu 15 VPN bintec elmeg G...

Страница 379: ...lways be activated The function is enabled with 1 The function is disabled by default Connection Idle Timeout Only if Always on is disabled Enter the idle interval in seconds This determines how many...

Страница 380: ...partner is to be defined as the default route The function is enabled with 1 The function is disabled by default Create NAT Policy Only if IP Address Mode When you configure an PPTP connection specif...

Страница 381: ...ord Authentication Protocol the password is transferred unencrypted 6 3 Only run CHAP PPP Challenge Handshake Authentic ation Protocol as per RFC 1994 password is transferred en crypted 3 6 3 Primaril...

Страница 382: ...ility of the remote terminal is to be checked by sending LCP echo requests or replies This is re commended for leased lines PPTP and L2TP connections The function is enabled with 1 The function is ena...

Страница 383: ...connection to the PPTP partner has already been estab lished DNS Negotiation Select whether your device receives IP addresses for Primary DNS Server and Secondary DNS Server from the PPTP part ner or...

Страница 384: ...y if callback activated Field Description Selected Ports Enter the ISDN port over which callback is carried out Possible values 311 The callback is routed over an available ISDN port In Specific Ports...

Страница 385: ...s The IP Pools menu displays a list of all IP pools for PPTP connections Your device can operate as a dynamic IP address server for PPTP connections You can use this function by providing one or more...

Страница 386: ...sed preferably by clients who draw an address from this pool Secondary Optionally enter the IP address of an alternative DNS server 15 4 GRE Generic Routing Encapsulation GRE is a network protocol tha...

Страница 387: ...lds Fields in the Basic Parameters menu Field Description Description Enter a description for the GRE tunnel Local GRE IP Address Enter the source IP address of the GRE packets to the GRE partner If n...

Страница 388: ...device uses a default netmask The lower the value the higher the priority of the route range of values The default value is MTU Enter the maximum packet size Maximum Transfer Unit MTU in bytes that i...

Страница 389: ...lmeg The configuration work for the SIF is comparatively straightforward with systems like Net work Address Translation NAT and IP Access Lists IPAL As SIF NAT and IPAL are active in the system simult...

Страница 390: ...warded If the packet cannot be assigned to an existing connection a check is made to see if a suitable connection is expected e g as affiliated connection of an exist ing connection If so the packet i...

Страница 391: ...all Policies Filter Rules menu Fig 137 Firewall Policies Filter Rules You can use the button to insert another policy above the list entry The configuration menu for creating a new policy opens You ca...

Страница 392: ...t In the list all WAN LAN interfaces interface groups see Fire wall Interfaces Groups addresses see Firewall Ad dresses Address List and address groups see Firewall Addresses Groups The value 3 means...

Страница 393: ...d by default If QoS is not activated for this policy bear in mind that the data cannot be prioritised on the sender side either A policy for which QoS has been enabled is also set for the fire wall Ma...

Страница 394: ...set up new QoS rules Fig 139 Firewall Policies QoS New The Firewall Policies QoS New menu consists of the following fields Fields in the Configure QoS Interface menu Field Description Interface Select...

Страница 395: ...whether the bandwidth defined in Band width can be exceeded in the longer term By activating this field you specify that it cannot be exceeded If the option is deactivated the bandwidth can be exceede...

Страница 396: ...re you define whether packets are only to be filtered if they are sent to an interface other than the interface that created the connection With 1 all the packets are filtered default value Fields in...

Страница 397: ...list of all configured interface routes is displayed in the Firewall Interfaces Groups menu You can group together the interfaces of your device This makes it easier to configure fire wall rules 16 2...

Страница 398: ...Addresses Address List menu 16 3 1 1 New Choose the New button to create additional addresses Fig 142 Firewall Addresses Address List New The menu Firewall Addresses Address List New consists of the f...

Страница 399: ...list of all configured address groups is displayed in the Firewall Addresses Groups menu You can group together addresses This makes it easier to configure firewall rules 16 3 2 1 New Choose the New b...

Страница 400: ...following fields Fields in the Basic Parameters menu Field Description Description Enter an alias for the service you want to configure Protocol Select the protocol on which the service is to be based...

Страница 401: ...nter the last port of the port range By default the field does not contain an entry If a value is displayed this means that the previously specified port number is verified If a port range is to be ch...

Страница 402: ...1 6 7 5 7 3 1 6 7 5 3 1 16 4 2 Groups A list of all configured service groups is displayed in the Firewall Services Groups menu You can group together services This makes it easier to configure firew...

Страница 403: ...elds Fields in the Basic Parameters menu Field Description Description Enter the desired description of the service group Members Select the members of the group from the available service ali ases To...

Страница 404: ...hares this with other communication services 17 1 SIP SIP serves as a translation instance between different telecommunications networks e g between the plain old phone network and the next generation...

Страница 405: ...media traffic flows in IP based networks Payload data is not transferred using RTSP Rather it is used to control a multimedia ses sion between sender and recipient If you want to use RTSP the firewall...

Страница 406: ...RTSP sessions The function is activated by selecting 1 The function is disabled by default RTSP Port Select the port over which the RTSP messages are to come in and go out Possible values are to The d...

Страница 407: ...redundant gateway BRRP 18 1 DNS Each device in a TCP IP network is usually located by its IP address Because host names are often used in networks to reach different devices it is necessary for the as...

Страница 408: ...queried and then the secondary DNS server If one of the DNS servers can resolve the name the information is forwarded and a dynamic entry created in the cache 4 Otherwise if a suitable Internet or dia...

Страница 409: ...in name of your device WINS Server Primary Secondary Enter the IP address of the first and if necessary alternative global Windows Internet Name Server WINS or NetBIOS Name Server NBNS The menu Advanc...

Страница 410: ...essary Statistical entries are not deleted Cache Size cannot be set to lower than the current number of static entries Possible values The default value is Maximum TTL for Pos itive Cache Entries Ente...

Страница 411: ...ions Possible values No name server address is sent 7 3 The address of your device is transferred as the name server address 5 default value The addresses of the global name servers entered on your de...

Страница 412: ...assign more than one pair of DNS servers Primary DNS Server and Secondary DNS Server to an interface i e for example to an Ethernet port or a PPPoE WAN partner The pair with the highest priority is us...

Страница 413: ...y if Interface Mode Enter the IP address of the first name server for Internet ad dress name resolution Secondary DNS Server Only if Interface Mode Optionally enter the IP address of an alternative na...

Страница 414: ...t allowed Response In this entry select the type of response to DNS requests Possible values A DNS request for DNS Hostname gets a negat ive response default value A DNS request for DNS Host name is a...

Страница 415: ...le values default value 5 Host Only for Forwarding Enter the name of the host to be forwarded The entry can also start with the wildcard e g bintec elmeg com If a name is entered without a full stop y...

Страница 416: ...rd to 5 Enter the IP address of the primary and secondary DNS server 18 1 5 Cache In the Local Services DNS Cachemenu a list of all available cache entries is dis played Fig 152 Local Services DNS Cac...

Страница 417: ...vice DNS Requests Shows the number of valid DNS requests received and ad dressed direct to your device Cache Hits Shows the number of requests that were answered with static or dynamic entries from th...

Страница 418: ...of the backed up configuration connection via HTTPS Fig 154 Local Services HTTPS HTTPS Server The Local Services HTTPS HTTPS Servermenu consists of the following fields Fields in the HTTPS Parameters...

Страница 419: ...the DynDNS service e g G 1 The service providers offer various domain names for this so that a unique host name results for your device e g G 1 The DynDNS provider relieves you of the task of answer...

Страница 420: ...r the DynDNS service e g the interface of the Internet Ser vice Provider User Name Enter the user name as registered with the DynDNS provider Password Enter the password as registered with the DynDNS...

Страница 421: ...nfigured is not to receive mail Ask your provider about this forwarding service and make sure e mails can be received from the host entered as MX Wildcard Select whether forwarding of all subdomains o...

Страница 422: ...erver on which the provider s DynDNS service runs Update Path Enter the path on the provider s server that contains the script for managing the IP address of your device Ask your provider for the path...

Страница 423: ...r the first time it sends a DHCP request with its MAC address to the available DHCP server as a network broadcast The client then receives its IP address from bintec elmeg as part of a brief exchange...

Страница 424: ...ddress of the DNS server that is to be used preferably by clients who draw an address from this pool Secondary Optionally enter the IP address of an alternative DNS server 18 4 2 DHCP Configuration To...

Страница 425: ...rver DHCP Configuration New The Local Services DHCP Server DHCP Configuration New menu consists of the following fields Fields in the menu Basic Parameters Field Description Interface Select the inter...

Страница 426: ...of the following fields Fields in the menu Advanced Settings Field Description Gateway Select which IP address is to be transferred to the DHCP client as gateway Possible values 7 default value Here...

Страница 427: ...automatically The URL then needs to take the form 8 B C G 9 Vendor Specific Information This enables you to send the client any manufacturer specific information in any text string Several entries ar...

Страница 428: ...tries You can add custom DHCP options 18 4 3 IP MAC Binding The Local Services DHCP Server IP MAC Binding menu displays a list of all clients that received an IP address from your device via DHCP You...

Страница 429: ...Address Enter the IP address to be assigned to the MAC address spe cified in MAC Address is to be assigned MAC Address Enter the MAC address to which the IP address specified in IP Address is to be as...

Страница 430: ...ndary DHCP Serv er Enter the IP address of an alternative BootP or DHCP server 18 5 Web Filter In theLocal Services Web Filter menu you can configure a URL based Web Filter ser vice which during opera...

Страница 431: ...sists of the following fields Fields in the Web Filter Options menu Field Description Web Filter Status Activate or deactivate the filter The function is activated by selecting 1 The function is disab...

Страница 432: ...Callup is permitted 1 11 Callup of the requested page is blocked 0 11 Callup is permitted but logged Action if license not re gistered Select what is to be done with URL requests if the licence key s...

Страница 433: ...configuring the filters First a filter list can be created that only contains entries for those addresses that are to be blocked In this case it is necessary to make an entry at the end of the filter...

Страница 434: ...every day of the week B2 C The filter is used on a certain day of the week Only one day can be selected per filter several filters must be configured if several individual days are to be covered The f...

Страница 435: ...figuration neither of the two lists contains entries Use the Add button to add further URLs or IP addresses to the list Fig 163 Local Services Web Filter Black White List Add The Local Services Web Fi...

Страница 436: ...rvice allows connection of incoming and outgoing data and voice calls to com munications applications on hosts in the LAN that access the Remote CAPI interface of your device This enables for example...

Страница 437: ...User Name Enter the user name for which access to the CAPI service is to be allowed or denied Password Enter the password which the user User Name shall use for identification to gain access to the C...

Страница 438: ...on is activated by selecting 1 The function is enabled by default Faxheader Only for devices the RTxxx2 series Select whether the fax header should be printed at the top of outgoing faxes The function...

Страница 439: ...s possible to set up every MIB variable as initiator with any value To take the event scheduler live enable the Schedule Interval under Options This inter val species the time gap in which the system...

Страница 440: ...h Description You use the remaining parameters to create the first event in the list If you want to add to an existing event list select the event list you want and add at least one more event to it Y...

Страница 441: ...essible or not accessible 6 0 Operations configured and as signed in Actions are initiated when the defined period of validity is reached N Operations configured and assigned in Actions are initiated...

Страница 442: ...ar table entry is derived from the com bination of Index Variable usually an index variable which is flagged with and Index Value Use Index Variables to create more entries with Add Monitored Interfac...

Страница 443: ...he IP address whose accessibility is to be checked Source IP Address Only for Event Type Enter an IP address to be used as sender address for the ping test Possible values 3 default value The IP addre...

Страница 444: ...nt Type only First select the type of time entry in Condition Type Possible values 2 Select a weekday in Condition Settings default value In Condition Settings select a par ticular period 5 Select a s...

Страница 445: ...f you do not enter a Stop Time or set a Stop Time Start Time the initiat or is activated and deactivated after 10 seconds 18 7 2 Actions In the Local Services Scheduling Actions menu is displayed a li...

Страница 446: ...e 5 GHz frequency band is performed F 203 Only for devices with a wireless LAN A scan of the 5 8 GHz frequency range is performed 2068 7 Only for devices with a WLAN controller A Neighbor Scan is init...

Страница 447: ...esent in the respective area are displayed Command Mode Only if Command Type Select how the MIB entry is to be manipulated Possible settings 6 default value An existing entry shall be modified 6 7 A n...

Страница 448: ...ve Value If the initiator is inactive Trigger Status the MIB variable is described with the value entered in Inactive Value If the MIB variable is to be modified depending on whether the initiator is...

Страница 449: ...nloaded from an HTTP server that you define in A0 The latest software will be downloaded from an HTTPS server that you define in A0 The latest software will be downloaded from an TFTP server that you...

Страница 450: ...ed on a configuration file Possible values default value A 5 1 6 For Command Type 6 Select which operation you wish to perform on a certificate file Possible values default value 5 1 6 Protocol Only f...

Страница 451: ...hich it is to be retrieved For Action Enter the file name under which it should be saved on the serv er Local File Name Only where Command Type 6 and Action A or 6 At import renaming or copying enter...

Страница 452: ...Command Type 6 Select whether your device should restart after the intended Ac tion The function is disabled by default Version Check Only where Command Type 6 and Action Select whether when importin...

Страница 453: ...nreachable The default value is Server Address Only where Command Type 6 and Action Enter the URL of the server from which a certificate file is to be retrieved Local Certificate De scription Where Co...

Страница 454: ...and Type 6 and Action 6 Enter a description under which the SCEP certificate on your device is to be saved URL SCEP Server URL Only where Command Type 6 and Action 6 Enter the URL of the SCEP server e...

Страница 455: ...not been saved the incomplete registration cannot be completed As soon as the enrolment is completed and the certificate has been downloaded from the CA server it is automatically saved in the device...

Страница 456: ...to device Operation Mode Inact ive Only where Command Type 203 8 Select the required operating mode for the selected radio mod ule if it currently has the status 5 7 You may select from any of the ope...

Страница 457: ...erfaces and automatic ping tests You can monitor temperature with devices from the bintec WI series Note This function cannot be configured on your device for connections that are authentic ated via a...

Страница 458: ...ly created from to If an entry has not yet been created a new group is created using the 7 5 option If entries have been created you can select one from the list of created groups Each host to be moni...

Страница 459: ...fault value is Within a group the smallest Interval of the group members is used Successful Trials Specify how many pings need to be answered for the host to be regarded as accessible You can use this...

Страница 460: ...can be used for other functions such as the Tracking IP Address 18 8 2 Interfaces A list of all monitored hosts is displayed in the Local Services Surveillance Interfaces menu 18 8 2 1 Edit or New Cho...

Страница 461: ...t value Activation of interface s 5 1 Deactivation of interface s Interface Select the interface s for which the action defined in Interface is to be performed You can choose all physical and virtual...

Страница 462: ...outgoing ICMP echo request packets Possible values 3 The IP address is determined automatically default value Enter the IP address in the adja cent input field e g to test a particular extended route...

Страница 463: ...s enabled are administratively set to down when the gateway boots The gateway then calls itself by ISDN and checks its location If the configured ISDN call numbers differ from the numbers dialled the...

Страница 464: ...efault Dialling Number Only if ISDN Theft Protection Service is enabled Enter the subscriber number that the gateway dials to call itself Incoming Number Only if ISDN Theft Protection Service is enabl...

Страница 465: ...behind a NAT enabled gateway UPnP enables mostly Windows based operating systems to take control of other devices with UPnP functionality on the local network These include gateways access points and...

Страница 466: ...gate way You can determine whether UPnP requests from clients are accepted by each interface for requests from the local network and or whether the interface can be controlled via UPnP requests Fig 17...

Страница 467: ...escription UPnP Status Decide how the gateway processes UPnP requests from the LAN The function is enabled with 1 The gateway proceeds with UPnP releases in accordance with the parameters con tained i...

Страница 468: ...as he attempts to access any Internet site with a browser the user is redirected to the home login page After the user has entered the registration data user password these are sent to the central RAD...

Страница 469: ...mers by customer dealer Walled Garden Server URL Individually set for customers by customer dealer Terms Conditions URL Individually set for customers by customer dealer Access data for configuration...

Страница 470: ...configure the hotspot networks in the Local Services HotSpot Gateway HotSpot Gateway menu Choose the New button to set up additional Hotspot networks Fig 177 Local Services HotSpot Gateway HotSpot Gat...

Страница 471: ...hen setting up the Hot Spot server for this customer The domain name is required so that the Hotspot server can distinguish between the different cli ents customers Walled Garden Enable this function...

Страница 472: ...RL a user is redirected to after log ging in to the Hotspot Solution Language for login window Here you can choose the language for the start login page The following languages are supported 1 5 1 P Q...

Страница 473: ...ble websites is dis played The function is enabled by default Pop Up window for status indication Specify whether the device uses pop up windows to display the status The function is enabled by defaul...

Страница 474: ...etwork card The network card also needs a power supply even when the computer is switched off You can use filters and rule chains to define the conditions that need to be met to send the so called mag...

Страница 475: ...rameters Field Description Description Enter the name of the filter Service Select one of the preconfigured services The extensive range of services configured ex works includes the following 1 1 G Th...

Страница 476: ...nd the corresponding netmask Destination Port Range Only for Protocol 6 or 5 Enter a destination port number or a range of destination port numbers Possible values 311 default value The destination po...

Страница 477: ...e priority of IP packets indicated in hexadecimal format 9 1 The TOS value is specified in binary format e g 00111111 5 1 9 1 The TOS value is specified in decimal format e g 63 1 9 1 The TOS value is...

Страница 478: ...rule chain with this setting B 1 C Shows a rule chain that has already been created which you can select and edit Description Only where Wake On LAN Rule Chain 7 Enter the name of the rule chain Wake...

Страница 479: ...et over Interface Select the interface which is to be used to send the Wake on LAN magic packet Target MAC Address Only where Action 2 0 1 and 1 Enter the MAC address of the network device that is to...

Страница 480: ...chain is to be as signed Rule Chain Select a rule chain 18 13 BRRP In the BRRPmenu you can configure the redundancy of your gateway Note You require a licence for devices in the R23x series and RS se...

Страница 481: ...lgorithm option is the selection of the first address VRRP advertisements are always sent with the primary IP address as source of the IP packet VRRP Advertisement A keepalive that sends the master to...

Страница 482: ...tisement data packets and possibly to transmit keepalive monitoring data packets Another interface must be configured in the next step to transmit the usage data Configuration of the advertisement int...

Страница 483: ...he virtual router Controlling the operating status of a virtual router implicitly also controls the operating status of the interface to which the virtual router is linked If an error occurs all inter...

Страница 484: ...Ethernet interface is displayed and cannot be changed Please note The Ethernet interface for sending the advertise ments is always up and running and cannot therefore be used as the Virtual Router In...

Страница 485: ...ent by the current master Possible values are whole numbers between and Virtual Interface Prior ity Define the transmitted BRRP priority of the interface for the vir tual router Higher priorities dete...

Страница 486: ...master down interval is the time calculated from the number of expected but omitted BRRP advertisements the advertisement interval and the skew time which adds a minim um period depending on the prio...

Страница 487: ...function is disabled by default 18 13 2 VR Synchronisation The watchdog daemon is configured in the Local Services BRRP VR Synchronisation menu i e you define how state changes are handled After open...

Страница 488: ...tual Routers New Advanced Set tings menu Virtual Router ID Select a virtual router using the Virtual Router ID and define which interface is to be checked You can choose previously defined IDs see Vir...

Страница 489: ...ons In the Local Services BRRP Options menu you can enable or disable the BRRP func tion Fig 184 Local Services BRRP Options The Local Services BRRP Optionsmenu consists of the following fields Fields...

Страница 490: ...can also trigger a system reboot in this menu 19 1 Diagnostics In the Maintenance Diagnostics menu you can test the availability of individual hosts the resolution of domain names and certain routes...

Страница 491: ...rticular host is correctly re solved The Outputfield displays the DSN test messages The ping test is launched by en tering the domain name to be tested in DNS Address and clicking the Go button 19 1 3...

Страница 492: ...urrent system software at www bintec elmeg com The current documentation is also available here Important If you want to update your software make sure you consider the corresponding re lease notes Th...

Страница 493: ...software versions This is a CSV format which can be read and modified easily In addition you can view the corres ponding file clearly using Microsoft Excel for example The administrator can store enc...

Страница 494: ...ion file Current File Name in Flash is transferred to your local host If you click the Go button a dialog box is displayed in which you can select the storage location on your PC and enter the de sire...

Страница 495: ...is inserted In file name select the G7 1 F file that you wish to import 7 The active configuration from the RAM is transferred to your local host If you click the Go button a dialog box is dis played...

Страница 496: ...or Action Select the configuration file to be exported Include certificates and keys For Action 7 Define whether the selected Action should also be applied for certificates and keys The function is ac...

Страница 497: ...to the LEDs on your device For information on the meaning of the LEDs see the Technical Data chapter of the manual Note Before a reboot make sure you confirm your configuration changes by clicking th...

Страница 498: ...d be transmitted to one or more external PCs for storage and processing e g to the system ad ministrator s PC The syslog messages saved internally on your device are lost when you reboot Warning Make...

Страница 499: ...s New The menu External Reporting Syslog Syslog Servers New consists of the following fields Fields in the Basic Parameters menu Field Description IP Address Enter the IP address of the host to which...

Страница 500: ...mputer Possible values 1 1 The default value is 1 1 Timestamp Select the format of the time stamp in the syslog Possible values default value No system time indicated System time without date 5 K Syst...

Страница 501: ...les you to collect a lot of useful information about the IP network traffic each individual IP session 20 2 1 Interfaces In this menu you can configure the IP Accounting function individually for each...

Страница 502: ...f the session start in the format DD MM YY t Time of the session start in the format HH MM SS a Duration of the session in seconds c Protocol i Source IP Address r Source Port f Source interface index...

Страница 503: ...isplayed in the Alert Recipient menu 20 3 1 1 New Select the New to create additional alert recipients Fig 193 External Reporting Alert Service Alert Recipient New The menu External Reporting Alert Se...

Страница 504: ...cation Possible values 1 default value A Syslog mes sage includes a specific string 7 3 A new adjacent AP has been found 7 A 3 A new Rough AP has been found i e an AP using an SSID of its own network...

Страница 505: ...d Add new subsystems with Add Message Timeout Enter how long the router must wait after a relevant event be fore it is forced to send the alert mail Possible values are to The value disables the timeo...

Страница 506: ...abled by default Maximum E mails per Minute Limit the number of outgoing mails per minute Possible values are to the default value is Fields in the E mail Parameters menu Field Description Sender E ma...

Страница 507: ...entication Enter the address of the server from which the e mails are to be retrieved POP3 Timeout Only if SMTP Authentication Enter how long the router must wait after the POP3 call before it is forc...

Страница 508: ...tion on the SNMP versions see the relevant RFCs and drafts SNMP V 1 RFC 1157 SNMP V 2c RFC 1901 1908 SNMP V 3 RFC 3410 3418 20 4 1 SNMP Trap Options In the event of errors a message known as a trap pa...

Страница 509: ...P Trap Broadcasting is enabled Enter a new SNMP code This must be sent by the SNMP Man ager with every SNMP request so that this is accepted by your device A character string of between and characters...

Страница 510: ...th a single tool A permanent overview of the utilisation of your device is possible Method of operation A Status Daemon collects information about your device and transfers it as UDP packets to the br...

Страница 511: ...Description Monitored Interfaces Select the type of information to be sent in the UDP packets to the Windows application Possible values default value Deactivates the sending of information to the Act...

Страница 512: ...val in seconds Possible values are to The default value is UDP Destination Port Enter the port number for the Windows application Activity Monitor The default value is registered by IANA Internet As s...

Страница 513: ...will find the configured vales for the Maximum Number of Syslog Entries and Maximum Message Level of Syslog Entries fields These values can be changed in the System Management Global Settings System...

Страница 514: ...Displays the IP address of the remote IPSec Peers Remote Networks Displays the currently negotiated subnets of the remote termin al Security Algorithm Displays the encryption algorithm of the IPSec tu...

Страница 515: ...ange type Authentication Method Shows the authentication method MTU Shows the current MTU Maximum Transfer Unit Alive Check Shows the method for checking that the peer is reachable NAT Detection Displ...

Страница 516: ...In the Monitoring IPSec IPSec Statistics menu statistical values for all IPSec connec tions are displayed Fig 201 Monitoring IPSec IPSec Statistics The Monitoring IPSec IPSec Statistics menu consists...

Страница 517: ...umber of phase 2 SAs Total Fields in the Packet Statistics menu Field Description Total Shows the number of all processed incoming In or outgoing Out packets Passed Shows the number of incoming In or...

Страница 518: ...ation for PPP connections Direction Displays the send direction Charge Displays the costs of the current connection Duration Displays the duration of the current connection Stack Displays the related...

Страница 519: ...ions Direction Displays the send direction Charge Displays the costs of the connection Start Time Displays the time at which the call was made or received Duration Displays the duration of the connect...

Страница 520: ...ets sent Tx Errors Shows the total number of errors sent Rx Packets Shows the total number of packets received Rx Bytes Displays the total number of bytes received Rx Errors Shows the total number of...

Страница 521: ...ackets Shows the total number of packets received Rx Bytes Displays the total number of bytes received Fields in the TCP Connections menu Field Description Status Displays the status of an active TCP...

Страница 522: ...e values for wireless mode 802 11n are listed separately Fig 206 Monitoring WLAN WLAN Values in the WLAN list Field Description mbps Displays the possible data rates on this wireless module Tx Packets...

Страница 523: ...cessfully Displays the number of MSDUs successfully sent to unicast ad dresses since the last reset An acknowledgement was received for each of these packets Multicast MSDUs transmitted success fully...

Страница 524: ...Displays the number of received MSDUs that could not be en crypted One reason for this could be that a suitable key was not entered RTS frames with no CTS received Displays the number of RTS frames fo...

Страница 525: ...ved by this cli ent in mbps The following clock rates are possible IEEE 802 11b 11 5 5 2 and 1 mbps IEEE 802 11g a 54 48 36 24 18 12 9 6 mbps If the 5 GHz frequency band is used the indication of 11 5...

Страница 526: ...ess Shows the IP address of the client Uptime Shows the time in hours minutes and seconds for which the cli ent is logged in Signal dBm RSSI1 RSSI2 RSSI3 Shows the received signal strength in dBm Nois...

Страница 527: ...es on the wireless module Tx Packets Shows the number of sent packets for the data rate Rx Packets Shows the number of received packets for the data rate 21 5 3 Client Links In the Monitoring WLAN Cli...

Страница 528: ...received signal strength in dBm Noise dBm Shows the received noise strength in dBm Data Rate mbps Shows the current clock rate of data received on this client link in Mbps Client Link Details You can...

Страница 529: ...nt clock rate of data received on this client link in Mbps Rate For each of the specified data rates displays the values for Tx Packets and Rx Packets Tx Packets Shows the total number of packets sent...

Страница 530: ...ys the user s name IP Address Shows the IP address of the user Physical Address Shows the physical address of the user Logon Displays the time of the notification Interface Shows the interface used 21...

Страница 531: ...been configured for this inter face Send Shows the number of sent packets with the corresponding pack et class Dropped Shows the number of rejected packets with the corresponding packet class in case...

Страница 532: ...computers The AP thus serves to create a wireless network WLAN and connect that WLAN to a wired Ethernet network bridging Accounting Accounting refers to the recording of connection data e g date time...

Страница 533: ...onnections require no splitter and have a greater range and faster transmission speed Annex L Annex L is an extension of Annex A The range is increased at the expense of the data transmission rate Ann...

Страница 534: ...oint sends beacons to create a wireless LAN in infrastructure mode These messages contain the network name SSID a list of the supported transmission rates and the type of en cryption Bit A binary digi...

Страница 535: ...tion Programming Interface CAPI is a programming interface for ISDN It enables application programs to access ISDN hardware from a PC See also TAPI CAPWAP Control And Provisioning of Wireless Access P...

Страница 536: ...ternally The configuration is edited using the HTTP S user interface an SNMP client or connected telephones CoS The term Class of Service CoS means different things depending on the area in which it i...

Страница 537: ...ck DoS a network component is flooded with queries so that it becomes totally overloaded As a res ult the system or a particular service can no longer function DES The Data Encryption Standard DES is...

Страница 538: ...tion is quicker with DSA than with RSA but key processing is slower DSCP Data packets can be marked with a Differentiated Services Code point DSCP DSCP values classify data packets in such a way that...

Страница 539: ...ransmitted by the gateway Firmware The firmware system software is programming code that is per manently embedded in the device It provides the device s functions Fragmentation If the overall length o...

Страница 540: ...ssion rates 12 Mbit s downstream 1 0 Mbit s upstream G 992 5 Data transmission recommendation for xDSL2 There are three variants G 992 5 Annex A B ADSL2 with data transmission rates of 25 Mbit s in th...

Страница 541: ...rn checks the signature before opening the packet If the signature and thus the content of the data packet has changed the packet is discarded The hash al gorithms used most frequently are Message Dig...

Страница 542: ...phase 1 the IKE subscribers authenticate them selves to one another and establish a secure channel In phase 2 the two IPSec subscribers negotiate the SAs There are two ver sions of the IKE mechanism I...

Страница 543: ...cludes telephony fax and data transmission There are two ISDN connection variants Basic Rate Interface and Primary Rate Interface ISDN address The ISDN address of an ISDN device comprises an ISDN numb...

Страница 544: ...a company head office Layer A layer refers to a layer in the OSI model LCP The Link Control Protocol LCP is used in PPP connections to auto matically negotiate encapsulation process limits for varyin...

Страница 545: ...ateway converts the network type of digital voice audio or image information For example the signals from an ISDN network can be converted to an IP network Metric The metric is a measure for the prope...

Страница 546: ...tworks with different Maximum Transmission Units MTU MTU The Maximum Transmission Unit MTU is the largest possible data unit that can be transmitted over a physical line Multicast With a multicast dat...

Страница 547: ...analogue connection an NTBA with the basic ISDN connection and NTPMGF with the ISDN Primary Rate Interface In the NT operation the gateway is connected to the PABX s external S0 and is an ex ternal e...

Страница 548: ...procedure PMTU The Path MTU PMTU describes the maximum packet size that can be transmitted along the entire connection route without needing to be fragmented Point to multipoint Point to multipoint co...

Страница 549: ...e is divided into two lo gical systems The PPTP Access Concentrator PAC and the PPTP Network Server PNS The PAC is usually integrated into the Win dows client It establishes the connection to the PNS...

Страница 550: ...m ing as quickly as possible QoS is used to sort all the data packets into groups and forward them on in the network either more quickly or slowly depending on their priority Queue The data packets ac...

Страница 551: ...ep the routing tables up to date the routers exchange information via routing pro tocols e g OSPF RIP Router advertise ment Router advertisements are messages that the router sends to the network They...

Страница 552: ...he form of databases These are the Security Policy Database SPD and the Security Association Database SAD The SAD receives information about every security connection That is which encryption algorith...

Страница 553: ...ed for IP telephony VoIP SIP provider A SIP provider does the switching between a SIP connection and other analogue ISDN and VoIP connections SNMP The Simple Network Management Protocol SNMP is used t...

Страница 554: ...wser STAC STAC is used to reduce the data volume transmitted data compres sion Static IP Address In contrast to a dynamic IP address the static IP address is as signed permanently by the user Network...

Страница 555: ...authenticates the client by checking e g the username and password In contrast to the UDP based RADIUS protocol TACACS uses TCP on port 49 and transmits the entire communication encrypted TAPI The Tel...

Страница 556: ...eried destination host Trigger This refers to a trigger impulse Triple DES See DES TTL The Time to live TTL is the configured period of validity of a data packet With the Internet Protocol IP TTL spec...

Страница 557: ...website V 110 V 110 describes a method of aligning bitsteams with 0 6 1 2 2 4 2 8 7 2 9 6 12 14 4 19 2 and 38 4 kbit s with the ISDN bitstream of 64 kbit s VDSL Very High Speed Digital Subscriber Lin...

Страница 558: ...ranslation of the NetBIOS over TCP IP network protocol by Microsoft Like DNS WINS is used for centralised name resolution See also DNS WLAN Wireless Local Area Network Wireless LAN WLAN refers to a lo...

Страница 559: ...ing card terminals X 500 The X 500 standard describes the setting up of a directory ser vice See also LDAP X 509 The X 509 standard describes the generating of certificates for a public key insfrastru...

Страница 560: ...ype 384 Address List 384 Address Subnet 384 Addresses 384 Admin Status 224 Administration 169 199 Administrative Status 318 398 Administrative Access 101 ADSL Line Profile 151 ADSL Logic 480 Advertise...

Страница 561: ...0 431 Certificate Revocation List CRL Checking 127 Certificates 126 Channel 174 199 504 Channel Bundling 293 Channel Plan 180 Channel Sweep 183 Charge 504 505 Class ID 230 236 Class map 230 Client Mod...

Страница 562: ...8 324 334 342 347 354 357 364 373 383 384 385 386 389 398 415 426 431 461 464 500 501 506 507 509 Description Connection Information Link 84 Destination 377 Destination Interface 267 Destination Port...

Страница 563: ...cryption Algorithms 104 End to End Pending Requests 310 End to End Send Interval 310 Entries 294 Entry active 110 115 Errors 501 503 Ethernet Interface 470 Ethernet Ports 138 Ethernet Interface Select...

Страница 564: ...IKE Phase 1 SAs 501 IMEI 160 Include certificates and keys 480 Incoming Number 450 Incoming ISDN Number 369 Incoming Phone Number 330 Incoming Service Type 153 Index Variables 426 431 Interface 99 10...

Страница 565: ...alue 373 L L2TP 352 LAN 162 Language for login window 456 Last Command 160 Last configuration stored 82 Last Member Query Interval 263 Last Reply 160 Layer 4 Protocol 205 LCP Alive Check 275 280 285 2...

Страница 566: ...5 Maximum number of concurrent connec tions 103 Maximum Response Time 263 Maximum Time between Retries 355 Maximum TTL for Negative Cache Entries 395 Maximum TTL for Positive Cache Entries 395 Maximum...

Страница 567: ...Number of Dialling Retries 451 Number of Admitted Connections 325 Number of Used Ports 294 O OAM Controlling 309 OAM Flow Level 310 Oper Status 160 Operation Band 174 Operation Mode 174 Operation Mode...

Страница 568: ...0 194 196 318 Primary DHCP Server 416 Primary DNS Server 398 Primary IP Address 467 Prioritisation Algorithm 233 Prioritize SIP Calls 390 Prioritize TCP ACK Packets 275 280 285 298 306 360 Priority 11...

Страница 569: ...e Timer 257 RFC 2453 Variable Timer 257 RIP 252 RIP Filter 254 RIP Interfaces 252 RIP Options 257 RIP UDP Port 257 Roaming Mode 158 Roaming Profile 183 Robustness 263 Role 347 Route Announce 253 Route...

Страница 570: ...180 183 Short Retry Limit 180 183 Show passwords and keys in clear text 88 Signal 199 Signal dBm RSSI1 RSSI2 RSSI3 510 512 513 515 Silent Deny 247 Silent Deny 211 SIM Card Uses PIN 153 SIP 390 SIP Po...

Страница 571: ...16 TCP MSS Clamping 165 Telnet 101 Terms Conditions 456 Third Timeserver 91 Ticket Type 458 Time 499 Time Condition 430 Time Update Interval 91 93 Time Update Policy 91 Time Zone 90 Timeout 116 451 Ti...

Страница 572: ...10 Version Check 431 Virtual Routers 467 Virtual Channel Identifier VCI 303 Virtual Channel Connection VCC 307 310 Virtual Interface Priority 470 Virtual Path Connection VPC 310 Virtual Path Identifie...

Страница 573: ...86 WLAN 172 508 WLANx 508 WLC SSID 431 WMM 189 WOL Rules 463 WPA Cipher 190 196 WPA Mode 190 196 WPA2 Cipher 190 196 Write certificate in configuration 431 X X 31 X 25 in D Channel 144 X 31 TEI Servic...

Отзывы:

Нет отзывов

Похожие инструкции для RS120

Power Xpert Meter 2000

Бренд: Eaton Страницы: 71

Power Xpert Gateway 900

Бренд: Eaton Страницы: 25

Fibre to the Curb

Бренд: NBN Страницы: 9

Бренд: RTA Страницы: 72

Бренд: VisionNet Страницы: 102

Бренд: Fife Страницы: 48

Бренд: 2N Страницы: 113

Бренд: Sole Digital Страницы: 15

MULTIVOIP MVP-410ST

Бренд: Multitech Страницы: 8

MultiVOIP 100 MVP120

Бренд: Multitech Страницы: 48

Conduit MTCDT-L4E1

Бренд: Multitech Страницы: 28

Бренд: Intermatic Страницы: 6

Бренд: ipf electronic Страницы: 34

Бренд: 2Wire Страницы: 30

Бренд: wowvision Страницы: 145

Бренд: ZyXEL Communications Страницы: 2

Бренд: ZyXEL Communications Страницы: 35

Бренд: DECODE Страницы: 34

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды