Lancom WLC-4006 Скачать руководство пользователя страница 1 | Manualshive

Страница: 1 / 113

background image

LANCOM WLC

-

4006

LANCOM WLC

-

4025

1
2
3
...
»

Содержание WLC-4006

Страница 1: ...LANCOM WLC 4006 LANCOM WLC 4025...

Страница 2: ...entation if they were present at the time of printing Trademarks Windows Windows Vista Windows XP and Microsoft are registered trademarks of Microsoft Corp The LANCOM Systems logo LCOS and the name LA...

Страница 3: ...be seamlessly integrated any IP connection will do Smaller sites also benefit from the RADIUS EAP server integrated into the LANCOM WLAN Controller At the same time the LANCOM WLAN Controllers ensure...

Страница 4: ...anual and reference manual The documentation of your device consists of the following parts Installation guide User manual Reference manual You are now reading the user manual It contains all informat...

Страница 5: ...discussed in this manual or require any further support The area Support will help you with many answers to frequently asked questions FAQs Furthermore the knowledgebase offers you a large reserve of...

Страница 6: ...2 System requirements 20 2 2 1 Configuring the LANCOM devices 20 2 2 2 Operating access points in managed mode 21 2 3 Introducing the LANCOM WLAN Controller 21 2 3 1 Status displays 21 2 3 2 LC displa...

Страница 7: ...Further configuration details 61 4 3 1 Accept new Access Points into the WLAN infrastructure manually 61 4 3 2 Manually removing Access Points from the WLAN infra structure 63 4 3 3 Inheritance of pa...

Страница 8: ...3 1 Wizard for LANconfig 85 5 3 2 Wizard for WEBconfig 85 5 4 The firewall wizard 85 5 4 1 Wizard for LANconfig 86 5 4 2 Configuration under WEBconfig 86 5 5 The security checklist 87 6 Setting up In...

Страница 9: ...etBIOS routing 102 8 2 Settings for the dial in computer 103 8 3 Instructions for LANconfig 103 8 4 1 Click VPN for LANCOM Advanced VPN Client 104 8 5 Instructions for WEBconfig 105 9 Appendix 106 9 1...

Страница 10: ...tions medium air requires effective coordination of the Access Points to avoid frequency interference and optimize network performance Access Points in public places pose a potential security risk bec...

Страница 11: ...via UDP This also makes DTLS suitable for the transfer of VoIP packets unlike TLS because even after the loss of a packet the subsequent packets can be authenticated again Data channel optionally als...

Страница 12: ...igence Split MAC With this variant only a portion of the WLAN functions are transferred to the WLAN Controller Normally realtime applications will continue to be processed in the Access Point the non...

Страница 13: ...nfrastructure of this type prevents the WLAN Controller from becoming a central bottleneck that has to process large portions of the overall data traffic In remote MAC and split MAC architectures all...

Страница 14: ...t is already configured at least one WLAN module is manually set to operate as managed Configuring the Access Points Page 79 The Access Point searches for a WLAN Controller in the LAN on behalf of the...

Страница 15: ...tion For the Access Point the best WLAN Controller is the one with the least load i e the lowest ratio of managedAccess Points compared to the maximum possible Access Points In case of two or more equ...

Страница 16: ...he certificate and configuration provided they are not explicitly deactivated in the configuration The management and configuration data will then be transferred via the CAP WAP tunnel The payload dat...

Страница 17: ...e configuration in the Access Point all other functions can be managed separately This division of the configuration tasks makes LANCOM WLAN Controllers perfect for building a company wide WLAN infras...

Страница 18: ...S EAP TTLS PEAP MSCHAP or MSCHAPv2 Proxy mode for external RADIUS EAP servers forwarding and realm handling 802 11e WME Automatic VLAN tagging 802 1p in the Access Points Conversion to DiffServ attrib...

Страница 19: ...erading NAT PAT to conceal individual LAN workstations behind a single pub lic IP address Stateful inspection firewall Firewall filter for blocking individual IP addresses protocols and ports MAC addr...

Страница 20: ...essories If anything is missing please contact your retailer or the address stated on the delivery slip of the unit 2 2 System requirements 2 2 1 Configuring the LANCOM devices Computers that connect...

Страница 21: ...or higher and a current loader version 1 86 or higher 2 3 Introducing the LANCOM WLAN Controller This section introduces your device We will give you an overview of all status displays connections and...

Страница 22: ...d colour Flashing means that the LED lights up very briefly in the respective col our and stay then clearly longer approximately 10x longer switched off Inverse flashing means the opposite The LED lig...

Страница 23: ...after power up Green On perma nently Device operational Red green Blinking alter nately Device insecure Configuration password not set Orange green In the housing cover blinking alternately with the o...

Страница 24: ...monitor shows you when a charge or time limit has been reached To reset the toll protec tion activate the context menu right mouse click Reset charge and time limits The charge settings are defined in...

Страница 25: ...st one expected access point has not been found Off No VPN tunnel established Green Blinking Connection establishment Green Flashing First connection Green Inverse flashing Other connections Green On...

Страница 26: ...r have to be updated before the Access Point can be accepted by a WLAN Controller As soon as the Access Point has made contact to the WLAN Controller the LEDs resume their normal function as described...

Страница 27: ...Number of authenticated Access Points Number of expected Access Points actively configured Number of new discovered and as yet unauthenticated Access Points Number of unfound expected Access Points If...

Страница 28: ...ted by someone pressing the reset button too long With the suitable setting the behavior of the reset but ton can be controlled accordingly Reset button This option controls the behavior of the reset...

Страница 29: ...leads to a loss on the WLAN encryption settings within the device and that the default WEP key is active again Connector for the IEC cable LANCOM WLC 4025 or power supply unit LANCOM WLC 4006 Power sw...

Страница 30: ...LANCOM WLC 4006 use only the supplied power adapter The use of the wrong power adapter can be of danger to the device or persons Supply power and switch on Using the IEC cable supply power to the devi...

Страница 31: ...l of your LANCOM routers and LANCOM access points WLANmonitor enables the observation and surveillance of wireless LAN networks Clients connected to the access points are shown and even non authentica...

Страница 32: ...le free access to the device 3 1 Which information is necessary The basic configuration wizard will take care of the basic TCP IP configuration of the device and protect the device with a configuratio...

Страница 33: ...uration is optional You may also select man ual configuration instead Make your selection after the following considera tions Choose automatic configuration if you are not familiar with networks and I...

Страница 34: ...ministrators can be set up Further information can be found in the section Managing rights for different administrators in the LCOS reference manual In the managed mode the LANCOM Wireless Routers and...

Страница 35: ...address from a suitable address range to the LANCOM Confirm your choice with Next Specify whether or not the router should act as a DHCP server Make your selection and confirm with Next In the follow...

Страница 36: ...wo server processes exchange the assignment of IP addresses to symbolic names within the LAN between each other After powered on unconfigured LANCOM devices check first whether a DHCP server is alread...

Страница 37: ...configuration PC Network with DHCP server If a DHCP server is active in the LAN to assign IP addresses an unconfigured LANCOM device will turn off its own DHCP server It will change into DHCP client m...

Страница 38: ...config Start your web browser e g Internet Explorer Firefox Opera and call the LANCOM Router there http IP address of the LANCOM or with a name as discribed above If you cannot access an unconfigured...

Страница 39: ...ult your device may offer different wiz ards than those shown here If you have chosen automatic TCP IP configuration please continue with Step If you would like to configure the TCP IP settings manual...

Страница 40: ...with a password In the next window select your DSL provider from the list that is displayed Confirm your choice with Apply If you select My provider is not listed here you must enter the transfer pro...

Страница 41: ...uses DHCP to specify its own IP address as that of the default gateway and DNS server The PCs must therefore be configured so that they automatically obtain their own IP address and the IP addresses...

Страница 42: ...LANCOM WLC 4006 LANCOM WLC 4025 Chapter 3 Basic configuration 42 EN...

Страница 43: ...set to the Access Point mode Instructions on setting the operating mode for WLAN modules are to be found under Configuring the Access Points Page 79 4 1 Basic settings for the LANCOM WLAN Controller...

Страница 44: ...from a time server by means of the Network Time Pro tocol NTP Information on NTP and its configuration can be found in the LCOS reference manual As soon as the WLAN Controller has valid time informat...

Страница 45: ...l tab activate the options for the automatic acceptance of new Access Points and the provision of a default configuration Automatically accept new Access Points Enables the WLAN Controller to provide...

Страница 46: ...tion method suitable for the WLAN cli ents being used and enter a key or passphrase as applicable Deactivate the MAC check Instructions on the use of MAC filter lists in managed WLAN infrastructures c...

Страница 47: ...COM WLC 4006 LANCOM WLC 4025 Chapter 4 Configuring the WLAN Controller 47 EN Create a new WLAN profile give it an unique name and assign the above logical WLAN network and physical WLAN parameters to...

Страница 48: ...ters Upon assignment of the configuration the Access Points change their status in the WLAN Controller management from New Access Point to Expected Access Point and they are listed in the device displ...

Страница 49: ...accept new APs Auto accept Enables the WLAN Controller to provide all new Access Points with a configuration even those not in possession of a valid certificate Enables the WLAN Controller to provide...

Страница 50: ...various settings that are to be assigned to the Access Points The allocation of WLAN profiles to the Access Points is set in the AP table The following parameters can be defined for every WLAN profile...

Страница 51: ...defined in a profile Consequently each LANCOM Access Point be it a model offering 2 4 GHz or 5 GHz support can choose from a maximum of eight logical WLAN networks Physical WLAN parameters A set of p...

Страница 52: ...ork name Name of the logical WLAN network under which the settings are saved This name is only used for internal administration of logical networks Maximum 32 ASCII characters Inheritance Selection of...

Страница 53: ...ntinue to operate with the configuration stored in flash for the time period entered here The Access Point can also continue to work with this flash configuration after a local power outage If there i...

Страница 54: ...uration provided by the WLAN Controller is not stored in flash memory but in RAM meaning that a power outage causes the configuration to be lost immediately 9999 Continues working indefinitely with th...

Страница 55: ...are to be inherited Inheritance of parameters Page 64 Country The country in which the Access Point is to be operated This information is used to define country specific settings such as the permitted...

Страница 56: ...l values 0 Switches the use of VLAN off 1 Switches the use of VLAN on the management network remains untagged however 2 to 4094 Switches the use of VLAN on the management network uses the VLAN ID set...

Страница 57: ...he Access Point in managed mode Maximum 251 ASCII characters WLAN profile WLAN profile from the list of defined profiles WLAN profiles Page 50 WLAN interface 1 Frequency of the first WLAN module This...

Страница 58: ...mmunications over the control channel Without encryption the control data is exchanged as plain text In both cases authentication is by certificate Values DTLS no default Special values Default makes...

Страница 59: ...notification Values Active Access Point notification Missing Access Point notification New Access Point notification Default parameters For some parameters default values can be defined centrally and...

Страница 60: ...activate the WLAN module Values 2 4 GHz 5 GHz off WLAN interface 2 Frequency of the second WLAN module This parameter can also be used to deactivate the WLAN module Values 2 4 GHz 5 GHz off Encryption...

Страница 61: ...ccess Point with the right hand mouse key From the context menu that pops up you select the configuration which is to be assigned to the device Assignment of the configuration causes the Access Point...

Страница 62: ...configuration New Access Points that do not have a valid certificate and do not have an entry in the AP table can be manually accepted by means of a wizard in WEBconfig A configuration is selected tha...

Страница 63: ...il assignment of the certificate is completed 4 3 2 Manually removing Access Points from the WLAN infrastructure The following actions are required to remove an Access Point under manage ment of the W...

Страница 64: ...e to inherit selected properties from the logical WLAN networks and the physical WLAN parameters You should initially generate the basic settings that are valid for the majority of the managed Access...

Страница 65: ...WLAN Controllers are employed in parallel in the same WLAN infra structure for load balancing or if a device is being replaced or reconfigured the same root certificates should always be used to avoi...

Страница 66: ...entries for SCEP CA as data type one after the other and confirm with Start download PKCS12 container with CA backup PKCS12 container with RA backup The backup file is then stored to your data medium...

Страница 67: ...vice certificates issued for the individual Access Points by the SCEP CA If the root certificates only were backed up then any issued device certificates can no longer be revoked For this reason the f...

Страница 68: ...Start upload 4 3 6 Backup solutions LANCOM WLAN Controllers manage a large number of Access Points which in turn may have a large number of WLAN clients associated with them WLAN Controllers thus play...

Страница 69: ...ation to ensure that checks on the certificate validity period all produce the same result Apart from these basic settings you can choose between two different backup scenarios Backup with redundant W...

Страница 70: ...icates Because the Access Points are also entered into the backup controller s AP table along with their MAC addresses the backup controller can fully take over the management of the Access Points Cha...

Страница 71: ...A LANCOM Access Point in managed mode will search the LAN for a WLAN Controller that will provide the configuration During this search the Access Point may find var ious suitable WLAN Controllers The...

Страница 72: ...on After being started the Access Points search for a WLAN Controller by emitting a discovery message In this case all three LANCOM WLAN Controllers respond to this message the Access Points select th...

Страница 73: ...s from primary and secondary WLAN Controllers then primary controllers are preferred From the available WLAN Controllers the Access Point selects the one with the lowest load i e that with the lowest...

Страница 74: ...e RADIUS requests are automatically forwarded to the WLAN Controller This forwards the request in turn to the configured RADIUS server The RADIUS server can check the access rights of the WLAN clients...

Страница 75: ...n external RADIUS server An external RADIUS server is required for the automatic assignment of a VLAN ID based on registration data To forward RADIUS requests to another RADIUS server use LANconfig to...

Страница 76: ...ints or permanently removing them from the WLAN infrastructure Occasionally it is necessary to temporarily deactivate or even permanently remove a WLAN Controller managed Access Point Access Point dea...

Страница 77: ...from the WLAN infrastructure In order to permanently remove an Access Point from a centrally managed WLAN infrastructure the certificates in the SCEP client have to be either deleted or revoked If yo...

Страница 78: ...ess the utilized frequency band and channel Using the right hand mouse key a context menu can be opened for the Access Points and the following commands are available Assign new Access Point to profil...

Страница 79: ...il they discover a suitable WLAN Controller or until the operating mode of the WLAN module is changed manually When shipped the WLAN modules in LANCOM Wireless Routers are set to the Access point oper...

Страница 80: ...nge the operating mode for multiple devices you can use a simple script on the devices with the following lines Script 7 22 23 08 2007 lang English flash 0 cd Setup Interfaces WLAN Operational set WLA...

Страница 81: ...LAN VPN in combination with external VPN gate way 5 1 1 Closed network Each Wireless LAN according to IEEE 802 11 has its own network name SSID This network name serves as identification and enables a...

Страница 82: ...sources of passphrase sharing LEPS uses an additional column in the ACL to assign an individual passphrase consisting of any 4 to 64 ASCII characters to each MAC address The connection to the access p...

Страница 83: ...cases a combination of these two mechanisms is possible Further details to WLAN security and the used encoding methods can be found in the LCOS reference manual 5 1 5 802 1x EAP The international indu...

Страница 84: ...in case of smallest suspicion of a leak LEPS prevents the global spread of passphrases Activate LEPS to enable the use of individual passphrases 5 3 The security settings wizard Access to the configu...

Страница 85: ...Inspection ping blocking and Stealth mode in the the firewall configuration The wizard will inform you when entries are complete Complete the con figuration with Finish 5 3 2 Wizard for WEBconfig Unde...

Страница 86: ...e setup wizard Configuring Firewall and confirm your choice with Next In the following windows select the services protocols the rule should be related to Then you define the source and destination st...

Страница 87: ...ration If you do not require remote configuration then deactivate it If you require remote configuration then be sure to assign a password protec tion for the configuration see previous section The fi...

Страница 88: ...ombinations of protocols TCP UDP ICMP can be filtered It is particularly easy to set up the filters with LANconfig The Rules tab under Firewall QoS can assist you to define and change the filter rules...

Страница 89: ...II characters to each MAC address The connection to the access point and the subsequent encryption with IEEE 802 11i or WPA is only possible with the right combination of passphrase and MAC address Ha...

Страница 90: ...period Have you ensured that the reset button is safe from accidental configuration resets ome devices simply cannot be installed under lock and key There is con sequently a risk that the configurati...

Страница 91: ...r any further transfer parameters to configure your Internet access Only the authentication data that are supplied by your provider are required Additional information for unknown Internet providers I...

Страница 92: ...an also be used with flat rate billing to con tinuously check the function of the remote station You also have the option of keeping flat rate connections alive if required Dropped connections are the...

Страница 93: ...the following window select your country and your Internet provider if possible and enter your access information Depending on their availability the wizard will display additional options for your I...

Страница 94: ...more extensive configuration measures for both devices however Please refer to the reference manual for more information in this regard A setup wizard handles the configuration of the connection in th...

Страница 95: ...ic VPN connections can be enabled not only between gateways with fixed static IP addresses but even between gate ways with dynamic IP addresses Entry Gateway 1 Gateway 2 Type of the local IP address s...

Страница 96: ...r in our example 10 0 1 x and 10 0 2 x These network numbers may not be identical Unlike when accessing the Internet all of the IP addresses in the involved net works are visible on the remote side wh...

Страница 97: ...Extranet VPN mode is hidden behind its gateway s address 10 10 2 100 and on of its IP stations e g 10 10 2 13 accesses the IP station 10 10 1 2 of the branch office then the branch office s IP statio...

Страница 98: ...required computer 7 3 1 Click VPN for networks site to site The site to site coupling of networks is now very simple with the help of the 1 Click VPN wizard It is even possible to simultaneously coupl...

Страница 99: ...he devices onto the entry for the central router The 1 Click VPN Site to Site Wizard will be started Enter a name for this access and select the address under which the router is accessible from the I...

Страница 100: ...gu ration For details please see the reference manual Perform the configuration on both routers one at a time From the main menu launch the Connect two local area networks wiz ard Follow the wizard s...

Страница 101: ...cts You must of course protect your LAN against unauthorized access Network couplings via VPN transmit data by IPSec The data are encrypted by AES 3 DES Blowfish or CAST encryption algorithms 8 1 Whic...

Страница 102: ...users During both manual and automatic IP address assignment please ensure that only free addresses from the address range of your local network are used In our example the IP address 10 0 1 101 will...

Страница 103: ...requires an Internet access a VPN client LANCOM Systems offers a 30 days trial version of the LANCOM Advanced VPN Client on the LANCOM CD A detailed description of the LANCOM Advanced VPN Client and...

Страница 104: ...th 1 Click VPN Enter a name for this access and select the address under which the router is accessible from the Internet In the final step you can select how the access data is to be entered Save pro...

Страница 105: ...to be used is Aggressive Mode IKE config mode The IKE config mode is activated the IP address infor mation for the LANCOM Advanced VPN Client is automatically assigned by the LANCOM VPN Router 8 5 In...

Страница 106: ...EU CE certification EN 55022 EN 55024 EN 60950 Environment Temperature 41 00 F to 95 00 F at 80 max humidity non condensing 41 00 F to 104 00 F at 80 max humidity non condensing Package con tent LAN...

Страница 107: ...hernet interface 10 100Base TX 8 pin RJ45 socket corresponding to ISO 8877 EN 60603 7 9 2 2 Configuration interface Outband 8 pin mini DIN socket Connector Pin IAE 1 T 2 T 3 R 4 PoE G 5 PoE G 6 R 7 Po...

Страница 108: ...eclares that the devices of the type described in this documentation are in agreement with the basic requirements and other relevant regulations of the 1995 5 EC directive The CE declarations of confo...

Страница 109: ...p with redundant WLAN Controllers 69 Blowfish 94 101 Broadcast 51 C CA 15 CAPWAP 11 14 16 17 CAPWAP tunneling 14 CAST 94 101 Certificate 43 44 49 61 62 65 Certificates Backup 65 Certification Authorit...

Страница 110: ...Power adapter 30 Interconnection 94 Security aspects 94 Internet access 18 91 Authentication data 91 Flat rate 91 Internet provider 91 IP Filter 88 Lock ports 88 IP address 29 33 IP masquerading 19 IP...

Страница 111: ...mber 15 44 Remote Access Service RAS Configuring the dial in computer 103 NetBIOS 102 Searching for Windows workgroups 102 Security aspects 101 Server 18 setup 101 TCP IP 102 User name 102 Remote conf...

Страница 112: ...the LAN 41 TCP IP configuration Automatic 39 fully automatic 32 33 manual 32 33 TCP IP filter 19 88 TCP IP router Settings 96 Temperature 27 Time 27 Time information 43 TLS 11 U UDP 88 V Virtual Priva...

Страница 113: ...LANCOM WLC 4006 LANCOM WLC 4025 Index 113 EN...

Отзывы:

Нет отзывов

Похожие инструкции для WLC-4006

ShareCenter DNS-320L

Бренд: D-Link Страницы: 4

Бренд: Udoo Страницы: 7

Бренд: Maxim Страницы: 26

Бренд: NetComm Страницы: 3

Бренд: Digitus Страницы: 8

X-Pedition 2000

Бренд: Enterasys Страницы: 86

Fast SwitchHub-8mi SNMP

Бренд: Accton Technology Страницы: 13

Бренд: EnGenius Страницы: 3

Бренд: Neo Instruments Страницы: 2

Бренд: Avenview Страницы: 28

Бренд: Magma Страницы: 2

Бренд: Cypress Semiconductor Страницы: 15

PacketMate 1000

Бренд: General DataComm Страницы: 20

Бренд: VideoWave Страницы: 12

Бренд: JAKA Страницы: 37

H8S/2646 Series

Бренд: Renesas Страницы: 20

Бренд: Socket Страницы: 28

JetStream T2600G-28TS

Бренд: TP-Link Страницы: 1136

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды