LANCOM 1722 VoIP – LANCOM 1723 VoIP – LANCOM 1724 VoIP – LANCOM 1823 VoIP
Chapter 11: Security settings
119
EN
Have you excluded certain stations from accessing the device?
A special filter list can be used to limit access to the device's internal func-
tions via TCP/IP. The phrase "internal functions" refers to configuration
sessions via LANconfig, WEBconfig, Telnet or TFTP. As standard this table
contains no entries, meaning that computers with any IP address can use
TCP/IP and Telnet or TFTP to commence accessing the device. The first time
an IP address is entered with its associated netmask, the filter is activated
and only the IP addresses contained in this entry are entitled to make use
of internal functions. Further entries can be used to extend the circle of
authorized parties. The filter entries can describe individual computers or
even entire networks. The access list can be found in the LANconfig in the
configuration area 'TCP/IP' on the 'General' tab.
Do you store your saved LANCOM configuration to a safe location?
Protect your saved configurations in a location that is safe from unauthor-
ized access. Otherwise, byway of example, an unauthorized person may
load your stored configuration file into another device and they can access
the Internet at your expense.
Have you activated the protection of your WAN access in case the
device is stolen?
After being stolen, the device can theoretically be operated at another
location by unauthorized persons. Password-protected device configura-
tions do not stop third parties from operating RAS access, LAN connectiv-
ity or VPN connections that are set up in the device: A thief could gain
access to a protected network.
The device’s operation can be protected by various means; for example, it
will cease to function if there is an interruption to the power supply, or if
the device is switched on in another location.
With the ISDN location verification, the device can only be operated at
one particular ISDN connection. After being switched on, the device calls
itself at the corresponding telephone number to check that it is still con-
nected to the “correct” ISDN connection (for further information see the
reference manual).
The scripting function can store the entire configuration in RAM only so
that restarting the device will cause the configuration to be deleted. The
configuration is not written to the non-volatile flash memory. A loss of
power because the device has been relocated will cause the entire config-
uration to be deleted (for further information see the reference manual).