BinTec RS120 Reference Manual
  1. Manuals
  2. Brands
  3. BinTec Manuals
  4. Gateway
  5. RS120
  6. Reference manual

BinTec RS120 Reference Manual

Hide thumbs
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
Table of Contents

Advertisement

Quick Links

Manual
bintec elmeg GmbH
Manual
bintec RS Series
Reference
Copyright© Version 9.0, 2014 bintec elmeg GmbH
bintec RS Series
1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the RS120 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for BinTec RS120

Summary of Contents for BinTec RS120

  • Page 1 Manual bintec elmeg GmbH Manual bintec RS Series Reference Copyright© Version 9.0, 2014 bintec elmeg GmbH bintec RS Series...

  • Page 2: Legal Notice

    This manual has been put together with the greatest possible care. However, the information con- tained in this manual is not a guarantee of the properties of your product. bintec elmeg GmbH is only li- able within the terms of its conditions of sale and supply and accepts no liability for technical inac- curacies and/or omissions.

  • Page 3: Table Of Contents

    Reset ......bintec RS120 and bintec RS120wu ....
  • Page 4 Table of Contents bintec elmeg GmbH bintec RS232j, bintec RS232jw and bintec RS232j-4G ..3.4.1 Setting up and connecting .....
  • Page 5 Table of Contents bintec elmeg GmbH 4.4.1 Internet connection over internal ADSL modem ... . 4.4.2 Internet connection over UMTS/LTE....
  • Page 6 Table of Contents bintec elmeg GmbH Interface Mode / Bridge Groups ....7.3.1 Interfaces ......
  • Page 7 Table of Contents bintec elmeg GmbH Chapter 9 LAN ......IP Configuration ......162 9.1.1...
  • Page 8 Table of Contents bintec elmeg GmbH 11.4 QoS ......226 11.4.1 QoS Filter .
  • Page 9 Table of Contents bintec elmeg GmbH 14.1.2 PPTP ......277 14.1.3 PPPoA .
  • Page 10 Table of Contents bintec elmeg GmbH Chapter 16 Firewall ......16.1 Policies ......376 16.1.1...
  • Page 11 Table of Contents bintec elmeg GmbH 18.2 HTTPS ......404 18.2.1 HTTPS Server ......404 18.3...
  • Page 12 Table of Contents bintec elmeg GmbH 18.10.2 General ......453 18.11 HotSpot Gateway ......454 18.11.1...
  • Page 13 Table of Contents bintec elmeg GmbH 20.3 Alert Service ......489 20.3.1 Alert Recipient ......489 20.3.2...
  • Page 14 Table of Contents bintec elmeg GmbH 21.8.1 QoS ......516 Glossary......

  • Page 15: Chapter 1 Introduction

    Password If you are already familiar with configuring bintec elmeg devices and want to get started right away, all you really need to know is the factory default user name and password. User Name:...
  • Page 16 The devices are also designed for use with Dime Manager. The Dime Manager manage- ment tool can locate your bintec devices within the network quickly and easily. The .NET-based application, which is designed for up to 50 devices, offers easy to use func- tions and a comprehensive overview of devices, their parameters and files.

  • Page 17: Chapter 2 About This Guide

    2 About this guide bintec elmeg GmbH Chapter 2 About this guide This document is valid for bintec elmeg devices with system software as of software ver- sion 9.1.8. The guide, which you have in front of you, contains the following chapters:...
  • Page 18 2 About this guide bintec elmeg GmbH Chapter Description Firewall VoIP Local Services Maintenance External Reporting Monitoring Glossary The glossary contains a reference to the most important tech- nical terms used in network technology. Index The index lists all the key terms for operating the device and all the configuration options and gives page numbers so they can be found easily.
  • Page 19 2 About this guide bintec elmeg GmbH Typographical element Use Menu->Submenu Indicates menus and sub-menus. File->Open Indicates commands that you must enter as written. bold, e.g. Windows Indicates keys, key combinations and Windows terms. Start menu bold, e.g. Licence Key Indicates fields.

  • Page 20: Chapter 3 Installation

    PBX cannot take any calls until an ISDN number is configured on the device. If no entry is specified, every incoming ISDN call is accepted by the ISDN Login service. bintec RS353jw is equipped with two external WLAN antennas, bintec RS353j-4G is bintec RS Series...
  • Page 21 When setting up and connecting, carry out the steps in the following sequence: (1) Antennas Screw the external WLAN antennas (only bintec RS353jw) supplied to the connec- tions provided for this purpose. With bintec RS353j-4G screw the two external UMTS antenna and the GPS antenna to the connections provided.
  • Page 22 The 19- inch cabinet installation Screw your device using the supplied brackets and screws into the cabinet. Wallmounting To attach the bintec RS353x series on the wall, use the tabs on the back side of the hous- ing. Warning Before drilling, make sure that there are no building installations where you are drilling.

  • Page 23: Connectors

    RESET Reset button On the back of the device the mains connection and the on/off switch is located. bintec RS353j-4G has connectors for two external Wi-Fi antenna. The devices bintec RS353j-4G have a connectors for the GPS antenna and 2 ports for the LTE/UMTS antenna. The con- nectors for the LTE/UMTS antenna are located on the sides of the device.

  • Page 24: Leds

    Rear pannel connections POWER IEC C6 power connection and on/off switch WLAN 1 / 2 Connections for the LTE/UMTS antenna (only bintec RS353jw) Connection for the GPS antenna (only bintec RS353j-4G) LTE 1 - 2 Connections for the LTE/UMTS antenna (only bintec RS353j-4G) 3.1.3 LEDs...
  • Page 25 3 Installation bintec elmeg GmbH Farbe Status Information WLAN (only green WLAN connection established. RS353jw) green flashing Data traffic via WLAN send / receive. No WLAN connection. green USB connection established. green flashing Data traffic via USB send / receive.

  • Page 26: Scope Of Supply

    3 Installation bintec elmeg GmbH LED BRRP-Anzeige Farbe Status Information STATUS green lights The device is functioning as a master router. STATUS green The device is functioning as a backup router. STATUS green flashing The device is being initialised. 3.1.4 Scope of supply...

  • Page 27: General Product Features

    3 Installation bintec elmeg GmbH 3.1.5 General Product Features The general product features cover performance features and the technical prerequisites for installation and operation of your device. The features are summarised in the following table: General Product Features bintec RS353j...

  • Page 28: Reset

    3 Installation bintec elmeg GmbH bintec RS353j bintec RS353jw bintec Property RS353j-4G CE symbol for all EU states SAFERNET TM Security Technology Community passwords, PAP, CHAP, MS-CHAP, MS- CHAP v.2, PPTP, PPPoE, PPPoA, Callback, Access Con- trol Lists, CLID, NAT, SIF, MPPE Encryption, PPTP En-...

  • Page 29: Bintec Rs120 And Bintec Rs120Wu

    You can now configure your device again as described from Basic configuration on page 50 3.2 bintec RS120 and bintec RS120wu 3.2.1 Setting up and connecting Note All you need for this are the cables and antennas supplied with the equipment.
  • Page 30 When setting up and connecting, carry out the steps in the following sequence: (1) Antennas With bintec RS120wu screw the external WLAN antennassupplied to the RSMA connections provided for this purpose, also screw the two UMTS antenna to the SMA connections.

  • Page 31: Connectors

    Attach the four self-adhesive feet on the bottom of the device. Place your device on a solid, level base. Wallmounting To attach the devices bintec RS120x to the wall, use the brackets on the back of the hous- ing. Warning Before drilling, make sure that there are no building installations where you are drilling.

  • Page 32: Antenna Connectors

    GmbH Note Note that the SFP connector on bintec RS120 and bintec RS120wu is not hotswap- capable. Switch off the device before connecting an SFP module and restart the device. You can only operate the Ethernet or the SFP connector for ETH5. When changing between Ethernet and SFP operation, you must restart the device so that the change can be completed correctly.

  • Page 33: Leds

    3 Installation bintec elmeg GmbH bintec RS120wu Fig. 8: Antenna configuration of the bintec RS120wu Fig. 9: Antenna configuration of the 3.2.4 LEDs The device LEDs provide information on certain activities and statuses of the device. The LEDs are arranged as follows: Fig.
  • Page 34 3 Installation bintec elmeg GmbH Colour Status Information Ethernet 1 to green The device is connected to the LAN at 1000 4: SPEED mbps. orange The device is connected to the LAN at 100 mbps. The device is connected to the LAN at 10 mbps or there is no data traffic.

  • Page 35: Scope Of Supply

    3 Installation bintec elmeg GmbH LED BRRP display Colour Status Information STATUS green lights The device is functioning as a master router. STATUS green The device is functioning as a backup router. STATUS green flashing The device is being initialised.
  • Page 36 3 Installation bintec elmeg GmbH bintec RS120 bintec RS120wu Property Transport weight (incl. doc- approx. 1500 g approx. 1600 g umentation, cables, pack- aging) Memory 64 MB RAM, 64 MB RAM, 16 MB flash ROM 16 MB flash ROM LEDs...

  • Page 37: Reset

    3 Installation bintec elmeg GmbH bintec RS120 bintec RS120wu Property UMTS/WCDMS bands 900/1900/2100 MHz, GSM/GPRS/EDGE bands 850/900/1800/1900 MHz, Available sockets: Serial interface V.24 5-pole mini USB socket 5-pole mini USB socket Ethernet interface (yellow) RJ45 socket RJ45 socket USB connection type A USB connection type A Standards &...

  • Page 38: Bintec Rs230A, Bintec Rs230Aw And Bintec Rs230Au

    3 Installation bintec elmeg GmbH 3.3 bintec RS230a, bintec RS230aw and bintec RS230au+ 3.3.1 Setting up and connecting Note All you need for this are the cables and antennas supplied with the equipment. Caution The use of the wrong mains equipment may damage your device. You should only use the power supply unit provided! If you require foreign adapters/mains units, please contact our bintec elmeg service.
  • Page 39 When setting up and connecting, carry out the steps in the following sequence: (1) Antennas With bintec RS230aw screw the external WLAN antennas supplied to the RSMA connections provided for this purpose. With bintec RS230au+ screw the two UMTS/ LTE antenna to the SMA connections.
  • Page 40 Attach the four self-adhesive feet on the bottom of the device. Place your device on a solid, level base. Wallmounting To attach the devices bintec RS230x to the wall, use the brackets on the back of the hous- ing. Warning Before drilling, make sure that there are no building installations where you are drilling.

  • Page 41: Connectors

    GmbH 3.3.2 Connectors bintec RS230a , bintec RS230aw and bintec RS230au+ have a 4-port gigabit switch, an ADSL interface (Annex A), a serial interface and a USB connector. bintec RS230aw has connectors for 3 external WLAN antenna. bintec RS230au+ has connectors for 2 external UMTS antenna.

  • Page 42: Leds

    3 Installation bintec elmeg GmbH bintec RS230au+ Fig. 13: Antenna configuration of the bintec RS230au+ Fig. 14: Antenna configuration of the 3.3.4 LEDs The device LEDs provide information on certain activities and statuses of the device. The LEDs are arranged as follows: Fig.
  • Page 43 3 Installation bintec elmeg GmbH Colour Status Information Ethernet 1 to green The device is connected to the LAN at 1000 4: SPEED mbps. orange The device is connected to the LAN at 100 mbps. The device is connected to the LAN at 10 mbps or there is no data traffic.

  • Page 44: Scope Of Supply

    3 Installation bintec elmeg GmbH LED BRRP display Colour Status Information STATUS green lights The device is functioning as a master router. STATUS green The device is functioning as a backup router. STATUS green flashing The device is being initialised.
  • Page 45 3 Installation bintec elmeg GmbH 3.3.6 General Product Features General Product Features bintec RS230a bintec RS230aw bintec RS230au+ Property Dimensions and weights: Equipment dimen- 235 mm x 32.6 mm x 235 mm x 32.6 mm x 235 mm x 32.6 mm x sions without cable 147.6 mm...
  • Page 46 3 Installation bintec elmeg GmbH bintec RS230a bintec RS230aw bintec RS230au+ Property Serial interface Permanently installed, Permanently installed, Permanently installed, V.24 supports Baud rates: supports Baud rates: 1200 supports Baud rates: 1200 to 115200 Baud to 115200 Baud 1200 to 115200 Baud...

  • Page 47: General Product Features

    The next time, the device will boot with the standard ex works settings. You can now configure your device again as described from Basic configuration on page 50 3.4 bintec RS232j, bintec RS232jw and bintec RS232j-4G 3.4.1 Setting up and connecting Note All you need for this are the cables and antennas supplied with the equipment.
  • Page 48 The use of the wrong mains equipment may damage your device. You should only use the power supply unit provided! If you require foreign adapters/mains units, please contact our bintec elmeg service. Incorrect cabling of the ISDN and ETH interfaces may also damage your device. Con-...
  • Page 49 ): (1) Antennas Screw the external WLAN antennas ( bintec RS232jw ) supplied to the RSMA con- nections provided for this purpose. With bintec RS232j-4G screw the two UMTS/ LTE antenna to the SMA connections.

  • Page 50: Connectors

    Attach the four self-adhesive feet on the bottom of the device. Place your device on a solid, level base. Wallmounting To attach the devices bintec RS232x to the wall, use the brackets on the back of the hous- ing. Warning Before drilling, make sure that there are no building installations where you are drilling.

  • Page 51: Antenna Connectors

    RS232j-4G) 3.4.3 Antenna connectors The devices bintec RS232jw have 3 connectors for the external WLAN antenna. The devices bintec RS232j-4G have two connectors for the external UMTS/LTE antenna (SMA connectors). The assignment of the two antenna connectors is shown in the following...
  • Page 52 3 Installation bintec elmeg GmbH Fig. 20: Arrangement of LEDs In operation mode, the LEDs display the following status information for your device: LED status display Colour Status Information POWER green The power supply is connected. No power supply. STATUS green After switching on: The device has started.

  • Page 53: Scope Of Supply

    3 Installation bintec elmeg GmbH Colour Status Information No connector. flashing Data traffic via the DSL interface. WLAN green The wireless module is active. No connector to wireless module. flashing Data traffic via the WLAN interface. green USB connection is active.

  • Page 54: General Product Features

    3 Installation bintec elmeg GmbH bintec RS232j bintec RS232jw bintec RS232j-4G Scope of supply ISDN cable (black) ISDN cable (black) ISDN cable (black) Mains unit Mains unit Mains unit 3 external WLAN an- 2 external UMTS/LTE tenna antenna Software Companion DVD, Dime...
  • Page 55 3 Installation bintec elmeg GmbH bintec RS232j bintec RS232jw bintec RS232j-4G Property Power consumption 4.7 Watt 4.7 Watt 4.7 Watt of the device Voltage supply 12 V DC 800 mA EU 12 V DC 800 mA EU PSU 12 V DC 800 mA EU...
  • Page 56 3 Installation bintec elmeg GmbH bintec RS232j bintec RS232jw bintec RS232j-4G Property to 21.1 mbps, HSUPA with up to 5.76 mbps), GPRS, Edge and GSM; UMTS/WCDMS bands 900/1900/2100 MHz, GSM/GPRS/EDGE bands 850/900/1800/1900 MHz LTE bands 800/900/1800/2100/2600 Available sockets: Serial interface...

  • Page 57: Reset

    3 Installation bintec elmeg GmbH bintec RS232j bintec RS232jw bintec RS232j-4G Property Online documenta- User's Guide User's Guide User's Guide tion Workshops Workshops Workshops MIB reference MIB reference MIB reference 3.4.7 Reset If the configuration is incorrect or if your device cannot be accessed, you can reset the device to the ex works standard settings using the Reset button on the back of the device.

  • Page 58: Ethernet Interface

    3 Installation bintec elmeg GmbH The interface is designed as a 5-pole mini USB socket. Fig. 21: 5-pole mini USB socket The pin assignment is as follows: Pin assignment of the mini USB socket Position Not used Not used 3.6.2 Ethernet interface The devices have an Ethernet interface with integrated 4 port switch.

  • Page 59: Adsl Interface

    The ADSL interface is connected via an RJ11 plug. For Annex A ( bintec RS230a , bintec RS230aw and bintec RS230au+ ), a cable with RJ 11 plug for the device connection and RJ 11 plug for connection to the ADSL splitter is re- quired.

  • Page 60: Isdn S0 Port

    3 Installation bintec elmeg GmbH 3.6.4 ISDN S0 port bintec RS232j , bintec RS232jw and bintec RS232j-4G have an additional ISDN-BRI(S0) interface, which can be used for backup functions, for example. The connection is made via an RJ45 connector (black).

  • Page 61: Inserting The Sim Card

    Shield 3.7 Inserting the SIM card The bintec RS120wu device is fitted with a card slot for a SIM card. Proceed as follows to insert the SIM card: • Unscrew the middle screw on the back of the device and slide the cover upwards.

  • Page 62: Support Information

    If you have any questions about your new product or are looking for additional information, the bintec elmeg GmbH Support Centre can be reached Monday to Friday between the hours of 9 am and 5 pm. They can be contacted as follows:...

  • Page 63: Weee Information

    3 Installation bintec elmeg GmbH 3.9 WEEE information bintec RS Series...

  • Page 64: Chapter 4 Basic Configuration

    • Password: Note All bintec elmeg devices are delivered with the same username and password. As long as the password remains unchanged, they are therefore not protected against unau- thorised use. Make sure you change the passwords to prevent unauthorised access to...

  • Page 65: Software Update

    4 Basic configuration bintec elmeg GmbH Note If you already run a DHCP server on your LAN, it is recommended that you configure the device on a separate PC that is not connected to your LAN. The following settings are transferred to a non-configured PC: •...

  • Page 66: Gathering Data

    • Basic configuration (obligatory if your device is in the ex works state) • Internet access (optional) • Wireless LAN (optional, only for bintec RS120wu , bintec RS230aw and bintec RS232jw ). The following tables show examples of possible values for the necessary data. You can enter your personal data in the "Your values"...
  • Page 67 4 Basic configuration bintec elmeg GmbH receive your personal access data from your ISP. The terms used for the required access data may vary from provider to provider, However, the type of information you need for dial- in in is basically the same.

  • Page 68: Configuring A Pc

    Login name Password Wireless LAN (only bintec RS120wu , bintec RS230aw and bintec RS232jw ) You can operate your device as an access point and therefore connect individual work sta- tions (e.g. laptops, PCs with wireless card or wireless adapter) by wireless connections to your local network via WLAN (Wireless LAN) and let them communicate with each other.

  • Page 69: Modify System Password

    Password: 4.3.3 Modify system password All bintec elmeg devices are delivered with the same username and password. As long as the password remains unchanged, they are therefore not protected against unauthorised use. Make sure you change the passwords to prevent unauthorised access to your device! Proceed as follows: (a) Go to the System Management->Global Settings->Passwords menu.

  • Page 70: Setting Up An Internet Connection

    4.4.1 Internet connection over internal ADSL modem Apart from bintec RS120wu and bintec RS120 , all devices in the RS series have an in- tegrated ADSL2+ modem for rapid Internet access set-up. To make it easier to configure an ADSL internet connection, the GUI has a wizard to guide you through the connection set-up process simply and quickly.

  • Page 71: Other Internet Connections

    Ethernet interface to which you have connected WANs). 4.5 Setting up wireless LAN Proceed as follows to use your device (only bintec RS120wu , bintec RS230aw and bintec RS232jw ) as an access point: (1) In GUI select the Assistants->Wireless LAN menu.

  • Page 72: Software Update

    The range of functions of bintec elmeg devices is continuously being extended. These ex- tensions are made available to you by bintec elmeg GmbH free of charge. Checking for new software versions and the installation of updates can be carried out easily with the GUI.
  • Page 73 4 Basic configuration bintec elmeg GmbH The device will now connect to the bintec elmeg GmbH download server and check wheth- er an updated version of the system software is available. If so, your device will be updated automatically. When installation of the new software is complete, you will be invited to re- start the device.

  • Page 74: Chapter 5 Access And Configuration

    • Via your LAN • Via the serial interface • Via an ISDN connection (only bintec RS232j , bintec RS232jw and bintec RS232j-4G) 5.1.1 Access via LAN Access via one of the Ethernet interfaces of your device allows you to to open the GUI in a web browser for configuration purposes and to access your device via Telnet or SSH.
  • Page 75 5 Access and configuration bintec elmeg GmbH You do not need any additional software on your PC to set up a Telnet connection to your device: Telnet is available on all operating systems. Proceed as follows: Windows (1) Click Run… in the Windows Start menu.
  • Page 76 5 Access and configuration bintec elmeg GmbH connect to the device via SSH: Note The device generates a key pair for each of the algorithms (RSA and DSA), i.e. two files must be stored in the flash for each algorithm (see example at above).

  • Page 77: Access Via The Serial Interface

    FAQs, which list the required settings. 5.1.2 Access via the Serial Interface Each bintec elmeg gateway has a serial interface, with which a PC can be connected dir- ectly. The following chapter describes what you have to remember when setting up a serial connection and what you can do to configure your device in this way.
  • Page 78 5 Access and configuration bintec elmeg GmbH of your PC) to start HyperTerminal. (2) Press Return (at least once) after the HyperTerminal window opens. A window with the login prompt appears. You are now in the SNMP shell of your device.

  • Page 79: Access Over Isdn

    5 Access and configuration bintec elmeg GmbH 5.1.3 Access over ISDN All devices that have an ISDN interface can be accessed and configured from another device via an ISDN call. Access over ISDN with ISDN Login is especially recommended if your device is to be re- motely configured or maintained.

  • Page 80: User Names And Passwords In Ex Works State

    Caution All bintec elmeg devices are delivered with the same username and password. As long as the password remains unchanged, they are therefore not protected against unau- thorised use. How to change the passwords is described in Passwords on page 87.

  • Page 81: Configuration Options

    5 Access and configuration bintec elmeg GmbH Log in via the HTML surface as follows: (1) Enter your user name in the User field of the input window. (2) Enter your password in the Password field of the input window and confirm with Re- turn or click the Login button.

  • Page 82: Gui (Graphical User Interface)

    5 Access and configuration bintec elmeg GmbH The following chapters describe the configuration based on GUI. Note To change the device configuration, you must log in with the user name . If you do not know the password, you cannot make any configuration settings. This applies to all types of configuration.
  • Page 83 5 Access and configuration bintec elmeg GmbH Fig. 28: home page 5.3.1.1 Calling up GUI (1) Check whether the device is connected and switched on and that all the necessary cables are correctly connected (see on page ). (2) Check the settings of the PC from which you want to configure your device (see...
  • Page 84 5 Access and configuration bintec elmeg GmbH • The header • The navigation bar • The main configuration window Fig. 29: Areas of the Header Fig. 30: header GUI header Menu Position Language: In the dropdown menu, choose the language in which you want to display the GUI.
  • Page 85 5 Access and configuration bintec elmeg GmbH Menu Position is displayed. Logout: If you want to end the configuration, click this button to log out of your device. A window is opened offering you the fol- lowing options: • Save configuration, save previous boot configuration, then exit.
  • Page 86 5 Access and configuration bintec elmeg GmbH The Save configuration button is found in the navigation bar. If you save a current configuration, you can save this as the boot configuration or you can also archive the previous boot configuration as a backup.
  • Page 87 5 Access and configuration bintec elmeg GmbH Button Position If you do not want to save a newly configured list entry, cancel this and any settings made by pressing Cancel. Confirms the settings of a new entry and the parameter changes in a list.
  • Page 88 5 Access and configuration bintec elmeg GmbH Symbol Position Indicates "Dormant" status for an interface or connection. Indicates "Up" status for an interface or connection. Indicates "Down" status for an interface or connection. Indicates "Blocked" status for an interface or connection.
  • Page 89 5 Access and configuration bintec elmeg GmbH Menu Position ing list entry directly in the list. Fig. 33: Configuration of the update interval Fig. 34: Filter list Structure of the GUI configuration menu The menus of the GUI contain the following basic structures:...
  • Page 90 5 Access and configuration bintec elmeg GmbH Menu Position Enter the data. Radio buttons e.g. Select the corresponding option. Checkboxes e.g. activation by selecting checkbox Selection of several possible options Dropdown menus e.g. Click the arrow to open the list. Select the required option using the mouse.
  • Page 91 All configuration parameters are stored in the MIB (Management Inform- ation Base) in the form of MIB tables and MIB variables. You can read and modify these directly via the SNMP browser. Caution This configuration method assumes an in-depth system knowledge of bintec devices! bintec RS Series...

  • Page 92: Snmp Shell

    5 Access and configuration bintec elmeg GmbH 5.3.2 SNMP shell SNMP (Simple Network Management Protocol) is a protocol that defines how you can ac- cess the configuration settings. All configuration settings are stored in the MIB (Management Information Base) in the form of MIB tables and MIB variables.
  • Page 93 5 Access and configuration bintec elmeg GmbH reaches the BOOTmonitor mode. The BOOTmonitor prompt is displayed if you are serially connected to your device. After display of the BOOTmonitor prompt, press the space bar within four seconds to use the functions of the BOOTmonitor. If you do not make an entry within four seconds, the device changes back to normal operating mode.

  • Page 94: Chapter 6 Assistants

    6 Assistants bintec elmeg GmbH Chapter 6 Assistants The Assistants menu offers step-by-step instructions for the following basic configuration tasks: • First steps • Internet Access • VPN • Wireless LAN • VoIP PBX in LAN Choose the corresponding task from the navigation bar and follow the instructions and ex- planations on the separate pages of the Wizard.

  • Page 95: Chapter 7 System Management

    7 System Management bintec elmeg GmbH Chapter 7 System Management The System Management menu contains general system information and settings. You see a system status overview. Global system parameters such as the system name, date/time, passwords and licences are managed and the access and authentication meth- ods are configured.
  • Page 96 7 System Management bintec elmeg GmbH System Management Status Fig. 36: -> The menu System Management->Status consists of the following fields: Fields in the System Information menu. Field Value Uptime Displays the time past since the device was rebooted. System Date Displays the current system date and system time.
  • Page 97 7 System Management bintec elmeg GmbH Field Value also displayed in brackets as a percentage. ISDN Usage External Shows the number of active B channels and the maximum num- ber of available B channels for external connections. Active Sessions (SIF, Displays the total of all SIF, TDRC, and IP load balancing ses- RTP, etc...

  • Page 98: Global Settings

    7 System Management bintec elmeg GmbH Field Value • is displayed if the SIM card is inser- ted, but the PIN has not yet been entered. • is displayed while he SIM card is initialized. • If the SIM card is operational, the Network Quality is dis- played.
  • Page 99 7 System Management bintec elmeg GmbH The System Management->Global Settings->System menu consists of the following fields: Fields in the menu Basic Settings Field Value System Name Enter the system name of your device. This is also used as the PPP host name.
  • Page 100 Enter the IP address of the WLAN controller. The value can only be modified it the WLAN controller function is enabled. LED mode This function is only available for bintec W1003n, bintec W2003n, bintec W2003n-ext and bintec W2004n. Select the LEDs' lighting behaviour. Possible values: •...

  • Page 101: Passwords

    -> Note All bintec elmeg devices are delivered with the same username and password. As long as the password remains unchanged, they are not protected against unauthorised use. Make sure you change the passwords to prevent unauthorised access to the device If the password is not changed, under System Management->Status there appears...

  • Page 102: Date And Time

    7 System Management bintec elmeg GmbH Field Value System Admin Pass- Enter the password for the user name word This password is also used with SNMPv3 for authentication (MD5) and encryption (DES). Confirm Admin Pass- Confirm the password by entering it again.
  • Page 103 7 System Management bintec elmeg GmbH System Management Global Settings Date and Time Fig. 39: -> -> You have the following options for determining the system time (local time): ISDN/Manual In devices with an ISDN interface, the system time can be updated via ISDN, i. e. the date and time are taken from the ISDN when the first outgoing call is made.
  • Page 104 7 System Management bintec elmeg GmbH You can obtain the system time automatically, e.g. using various time servers. To ensure that the device uses the desired current time, you should configure one or more time serv- ers. Switching from summer time to winter time (and back) must be carried out manually if the time is derived using this method by changing the value in the Time Zone field with an option UTC+ or UTC-.
  • Page 105 7 System Management bintec elmeg GmbH Fields in the menu Automatic Time Settings (Time Protocol) Field Description ISDN Timeserver Only for devices with an ISDN interface. Determine whether the system time is to be updated via ISDN. If a time server is configured, the time is only determined over ISDN until a successful update is received from this time server.
  • Page 106 7 System Management bintec elmeg GmbH Field Description • : This time server is not currently used for the time re- quest. Third Timeserver Enter the third time server, by using either a domain name or an IP address. In addition, select the protocol for the time server request.

  • Page 107: System Licences

    7 System Management bintec elmeg GmbH Field Description Internal Time Server Select whether the internal timeserver is to be used. The function is activated by selecting . Time requests from a client will be answered with the current system time. This is given as GMT, without offset.
  • Page 108 7 System Management bintec elmeg GmbH port section at www.bintec-elmeg.com . Please follow the online licensing instructions. (Please also note the information on the licence card for licences at additional cost.) You will then receive an e-mail containing the following data: •...

  • Page 109: Interface Mode / Bridge Groups

    7 System Management bintec elmeg GmbH Activating extra licences You activate extra licences by adding the received licence information in the System Man- agement->Global Settings->System Licences->New menu. The menu System Management->Global Settings->System Licences->New consists of the following fields: Fields in the Basic Settings menu.
  • Page 110 7 System Management bintec elmeg GmbH Bridging connects networks of the same type. In contrast to routing, bridges operate at lay- er 2 of the OSI model (data link layer), are independent of higher-level protocols and trans- mit data packets using MAC addresses. Data transmission is transparent, which means the information contained in the data packets is not interpreted.

  • Page 111: Interfaces

    7 System Management bintec elmeg GmbH Example: (first wireless network on the first wireless module) The name of the WDS link or bridge link is made up of the following parts: (a) Abbreviation for interface type (b) Number of the wireless module on which the WDS link or bridge link is configured...
  • Page 112 7 System Management bintec elmeg GmbH System Management Interface Mode / Bridge Groups Interfaces Fig. 41: -> -> The System Management->Interface Mode / Bridge Groups->Interfaces menu consists of the following fields: Fields in the Interfaces menu. Field Description Interface Description Displays the name of the interface.
  • Page 113 7 System Management bintec elmeg GmbH System Management Interface Mode / Bridge Groups Interfaces Fig. 42: -> -> -> The System Management->Interface Mode / Bridge Groups->Interfaces->Add menu consists of the following fields: Fields in the Interfaces menu. Field Description Interface Select the interface whose status should be changed.
  • Page 114 7 System Management bintec elmeg GmbH use the MAC Bridge. The System Management->Interface Mode / Bridge Groups->Interfaces-> menu consists of the following fields: Fields in the Layer-2.5 Options menu. Field Value Interface Shows the interface that is being edited. Wildcard Mode Select the Wildcard mode you want to use on the interface.

  • Page 115: Administrative Access

    Only for hybird devices: You can also authorise your device for maintenance work from bintec elmeg's Customer Service department. You do this you enable either Service Login (ISDN Web-Access) or Service Call Ticket (SSH Web Access), depending on the ser- vice you require, and select the OK button.

  • Page 116: Ssh

    7 System Management bintec elmeg GmbH Field Description Restore Default Set- Only when you make changes to the administrative access con- tings figuration are relevant access rules set up and activated. You can restore the default settings with the icon.
  • Page 117 7 System Management bintec elmeg GmbH System Management Administrative Access Fig. 46: -> -> You need an SSH client application, e.g. PuTTY, to be able to reach the SSH Daemon. If you wish to use SSH Login together with the PuTTY client, you may need to comply with some special configuration requirements, for which we have prepared FAQs.
  • Page 118 7 System Management bintec elmeg GmbH Field Value face. The function is activated by selecting The function is enabled by default. SSH Port Here you can enter the port via which the SSH connection is to be established. The default value is...
  • Page 119 7 System Management bintec elmeg GmbH Field Value RSA Key Status Shows the status of the RSA key. If an RSA key has not been generated yet, displayed in red and a link, , is provided. If you select the link, the generation process is triggered and the view is up- dated.

  • Page 120: Snmp

    7 System Management bintec elmeg GmbH Field Value The function is disabled by default. TCP Keepalives Select whether the device is to send keepalive packets. The function is activated by selecting The function is enabled by default. Logging Level Select the syslog level for the syslog messages generated by the SSH Daemon.

  • Page 121: Remote Authentication

    7 System Management bintec elmeg GmbH System Management Administrative Access SNMP Fig. 47: -> -> The menu System Management->Administrative Access->SNMP consists of the follow- ing fields: Fields in the Basic Settings menu. Field Value SNMP Version Select the SNMP version your device is to use to listen for ex- ternal SNMP access.

  • Page 122: Radius

    7 System Management bintec elmeg GmbH 7.5.1 RADIUS RADIUS (Remote Authentication Dial In User Service) is a service that enables authentica- tion and configuration information to be exchanged between your device and a RADIUS server. The RADIUS server administrates a database with information about user authen- tication and configuration and for statistical recording of connection data.
  • Page 123 7 System Management bintec elmeg GmbH Field Value ACCESS_REJECT Server -> Client If the information contained in the ACCESS_REQUEST does not correspond to the information in the user database of the RADIUS server, it sends an ACCESS_REJECT to reject the connection.
  • Page 124 7 System Management bintec elmeg GmbH System Management Remote Authentication RADIUS Fig. 48: -> -> -> The System Management->Remote Authentication->RADIUS->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Value Authentication Type Select what the RADIUS server is to be used for.
  • Page 125 7 System Management bintec elmeg GmbH Field Value • : The RADIUS server is used for controlling access to a wireless network. • : The RADIUS server is used for authenticating IPSec peers via XAuth. Vendor Mode Only for Authentication Type = In hotspot applications, select the mode define by the provider.
  • Page 126 7 System Management bintec elmeg GmbH Field Value servers for a group are queried according to Priority and the Policy . Possible values: • (default value): Enter a new group description in the text field. • : Select this entry for special applications, such as Hotspot Server configuration.
  • Page 127 7 System Management bintec elmeg GmbH Field Value The default value is (1 second). Alive Check Here you can activate a check of the accessibility of a RADIUS server in Status An Alive Check is carried out regularly (every 20 seconds) by sending an ACCESS_REQUEST to the IP address of the RADI- US server.

  • Page 128: Tacacs

    Like RADIUS, TACACS+ is an AAA protocol and offers authentication, authorisation and accounting services (TACACS+ Accounting is currently not supported by bintec elmeg devices). The following TACACS+ functions are available on your device: •...
  • Page 129 7 System Management bintec elmeg GmbH System Management Remote Authentication TACACS+ Fig. 49: -> -> -> The System Management->Remote Authentication->TACACS+ ->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Authentication Type Displays which TACACS+ function is to be used. The value cannot be changed.
  • Page 130 7 System Management bintec elmeg GmbH Field Description authentication. If no response is given or access is denied (only if Policy = ), the entry with the next- highest priority is used. The available values are to , the default value is .

  • Page 131: Options

    7 System Management bintec elmeg GmbH Field Description Block Time Enter the time in seconds for which the status of the current server shall remain blocked. When the block has ended, the server is set to the status spe- cified in the Entry active field.

  • Page 132: Configuration Access

    7 System Management bintec elmeg GmbH Fields in the Global RADIUS Options menu. Field Description Authentication for PPP By default, the following authentication sequence is used for in- Dialin coming calls with RADIUS: First CLID, then PPP and then PPP with RADIUS.
  • Page 133 7 System Management bintec elmeg GmbH System Management Configuration Access Access Profiles Fig. 51: -> -> 7.6.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create additional ac- cess profiles. To create an access profile you can use all the entries in the navigation bar of the GUI plus Save configuration and Switch to SNMP Browser.
  • Page 134 7 System Management bintec elmeg GmbH System Management Configuration Access Access Profiles Fig. 52: -> -> -> The menu System Management->Configuration Access->Access Profiles->New con- sists of the following fields: Fields in the menu Basic Settings Field Description Description Enter a unique name for the access profile.
  • Page 135 7 System Management bintec elmeg GmbH Fields in the menu Buttons Field Description Save configuration If you activate the button Save configuration the user is per- mitted to save configurations. Note Note that the passwords in the saved file can be viewed in clear text.

  • Page 136: Users

    7 System Management bintec elmeg GmbH Field Description Menus You see all the menus from the GUI's navigation bar. Menus that contain at least one sub-menu are flagged by The icon indicates pages. When you create a new access profile, no elements are as- signed yet, i.e.
  • Page 137 7 System Management bintec elmeg GmbH System Management Configuration Access Users Fig. 53: -> -> You can click the button to display the details of the configured user. You can see which fields and menus are assigned to the user.
  • Page 138 7 System Management bintec elmeg GmbH System Management Configuration Access Users Fig. 54: -> -> -> The icon means that Read-only is permitted. If a row is flagged with the icon the information is released for reading and writing. The icon indicates blocked entries.
  • Page 139 7 System Management bintec elmeg GmbH System Management Configuration Access Users Fig. 55: -> -> -> The menu System Management->Configuration Access->Users->New consists of the following fields: Fields in the menu Basic Settings Field Description User Enter a unique name for the user.

  • Page 140: Certificates

    7 System Management bintec elmeg GmbH Field Description If intersecting access profiles are assigned to a user, read and write have a higher priority than Read-only. Buttons cannot be set to the setting Read-only. 7.7 Certificates An asymmetric cryptosystem is used to encrypt data to be transported in a network, to gen- erate or check digital signatures and the authenticate users.
  • Page 141 7 System Management bintec elmeg GmbH 7.7.1.1 Edit Click the icon to display the content of the selected object (key, certificate, or request). System Management Certificates Certificate List Fig. 56: -> -> -> The certificates and keys themselves cannot be changed, but a few external attributes can be changed, depending on the type of the selected entry.
  • Page 142 7 System Management bintec elmeg GmbH Field Description Description Shows the name of the certificate, key, or request. Certificate is CA Certi- Mark the certificate as a certificate from a trustworthy certifica- ficate tion authority (CA). Certificates issued by this CA are accepted during authentica- tion.
  • Page 143 7 System Management bintec elmeg GmbH Caution It is extremely important for VPN security that the integrity of all certificates manually marked as trustworthy (certification authority and user certificates) is ensured. The dis- played "fingerprints" can be used to check this integrity: Compare the displayed values with the fingerprints specified by the issuer of the certificate (e.g.
  • Page 144 7 System Management bintec elmeg GmbH System Management Certificates Certificate List Certificate Request Fig. 57: -> -> -> The menu System Management->Certificates->Certificate List->Certificate Request consists of the following fields: Fields in the Certificate Request menu. Field Description Certificate Request De- Enter a unique description for the certificate.
  • Page 145 7 System Management bintec elmeg GmbH Field Description field. This file must be provided to the CA and the received certificate must then be imported manually to your device. • : The key is requested from a CA using the Simple Cer- tificate Enrolment Protocol.
  • Page 146 7 System Management bintec elmeg GmbH Field Description not configured on the device, the validity of certificates from this CA is not checked. • <name of an existing certificate>: If all the necessary certific- ates are already available in the system, you select these manually.
  • Page 147 7 System Management bintec elmeg GmbH Field Description If the field is not selected, enter the name components in Com- mon Name, E-mail, Organizational Unit, Organization, Loc- ality, State/Province and Country. The function is disabled by default. Summary Only for Custom = enabled.
  • Page 148 7 System Management bintec elmeg GmbH Field Description #1, #2, #3 For each entry, define the type of name and enter additional subject names. Possible values: • (default value): No additional name is entered. • : An IP address is entered.

  • Page 149: Crls

    7 System Management bintec elmeg GmbH System Management Certificates Certificate List Import Fig. 58: -> -> -> The menu System Management->Certificates->Certificate List->Import consists of the following fields: Fields in the Import menu. Field Description External Filename Enter the file path and name of the certificate to be imported, or use Browse...
  • Page 150 7 System Management bintec elmeg GmbH If a key is no longer to be used, e.g. because it has fallen into the wrong hands or has been lost, the corresponding certificate is declared invalid. The certification authority revokes the certificate and publishes it on a certificate blacklist, so-called CRL. Certificate users should always check against these lists to ensure that the certificate used is currently valid.

  • Page 151: Certificate Servers

    7 System Management bintec elmeg GmbH Field Description type of encoding. • • Password Enter the password required for the import. 7.7.3 Certificate Servers A list of certificate servers is displayed in the System Management->Certificates->Certi- ficate Servers menu. A certification authority (certification service provider, Certificate Authority, CA) issues your certificates to clients applying for a certificate via a certificate server.

  • Page 152: Chapter 8 Physical Interfaces

    IP Address and Netmask The port ETH5 (with connection option for an SFP module only available for bintec RS120 / bintec RS120wu) is assigned to the logical Ethernet interface and is not precon- figured.

  • Page 153: Port Configuration

    8 Physical Interfaces bintec elmeg GmbH Note If you want to operate the port ETH5 with an SFP module, this must be inserted before the system reboot! During operation, you cannot switch to operating the ETH5 without an SFP module. If the ETH5 port is used after adding an SFP module, the device must be rebooted.
  • Page 154 Ethernet ports on the back of the device. Switch-Port 5: Port ETH5 is configured here (connection option for an SFP module only available for bintec RS120 / bintec RS120wu). Ethernet Interface Se- Assign a logical Ethernet interface to the switch port.
  • Page 155 8 Physical Interfaces bintec elmeg GmbH Field Description • • • • • • • • • : The interface is created but remains inactive. Current Speed / Mode Shows the actual mode and actual speed of the interface. Possible values: •...

  • Page 156: Isdn Ports

    8 Physical Interfaces bintec elmeg GmbH Field Description works state, switch port 5 is assigned to interface Configured Speed / Select the mode in which the interface is to run. Mode Possible values: • (default value) • : The interface is created but remains inactive.
  • Page 157 8 Physical Interfaces bintec elmeg GmbH 8.2.1.1 Edit Choose the button to edit the configuration of the ISDN port. Physical Interfaces ISDN Ports ISDN Configuration Fig. 62: -> -> -> The Physical Interfaces->ISDN Ports->ISDN Configuration-> menu consists of the following fields: Fields in the Basic Parameters menu.
  • Page 158 8 Physical Interfaces bintec elmeg GmbH Field Description • All possible values for the Port Usage and the ISDN Config- uration Type. • : Detection is still running. Port Usage Only if Autoconfiguration on Bootup is disabled. Select the protocol that you want to use for the ISDN port.

  • Page 159: Msn Configuration

    • ISDN Login: The ISDN login service enables both incoming data connections with access to the SNMP shell of your device, and outgoing data connections to other bintec elmeg devices. As a result, your device can be remotely configured and administrated.
  • Page 160 8 Physical Interfaces bintec elmeg GmbH IP addresses to obtain a secure connection over the Internet. With the IPSec Callback function and using a direct ISDN call to an IPSec peer with a dynamic IP address you can signal to this IPSec peer that you are online and waiting for the setup of an IPSec tunnel over the Internet.
  • Page 161 8 Physical Interfaces bintec elmeg GmbH Physical Interfaces ISDN Ports MSN Configuration Fig. 63: -> -> -> The menu Physical Interfaces->ISDN Ports->MSN Configuration->New consists of the following fields: Fields in the Basic Parameters menu. Field Description ISDN Port Select the ISDN port for which the MSN is to be configured.

  • Page 162: Dsl Modem

    8 Physical Interfaces bintec elmeg GmbH Field Description MSN Recognition Select the mode your device is to use for the number comparis- on for MSN with the called party number of the incoming call. Possible values: • (default value) •...
  • Page 163 8 Physical Interfaces bintec elmeg GmbH Physical Interfaces DSL Modem DSL Configuration Fig. 64: -> -> The menu Physical Interfaces->DSL Modem->DSL Configuration consists of the follow- ing fields: Fields in the DSL Port Status menu. Field Description DSL Chipset Shows the key of the installed chipset.
  • Page 164 8 Physical Interfaces bintec elmeg GmbH Field Description • • • • Fields in the Current Line Speed menu. Field Description Downstream Displays the data rate in the receive direction (direction from CO/DSLAM to CPE/router) in bits per second. The value cannot be changed.

  • Page 165: Umts/Lte

    8 Physical Interfaces bintec elmeg GmbH Field Description Transmit Shaping Select whether the data rate in the send direction is to be re- duced. This is only needed in a few cases for special DSLAMs. Possible values: • : The data rate in the send direc- tion is not reduced.
  • Page 166 In the UMTS/LTE menu, configure the connection for the integrated UMTS/HSDPA/LTE modem (for bintec RS232j-4G), UMTS/HSDPA modem (for bintec RS120wu and bintec RS230au+ ) or an optional pluggable UMTS/LTE USB stick (for bintec RS120wu , bintec RS230au+ and bintec RS232j-4G).
  • Page 167 8 Physical Interfaces bintec elmeg GmbH Physical Interfaces UMTS/LTE UMTS/LTE Fig. 65: -> -> -> The menu Physical Interfaces->UMTS/LTE->UMTS/LTE-> consists of the following fields: Fields in the Basic Settings menu. Field Description UMTS/LTE Status Select whether the chosen UMTS/LTE modem should be en- abled or disabled.
  • Page 168 8 Physical Interfaces bintec elmeg GmbH Field Description • • • • • • • • • • Network Provider Only for UMTS/LTE Status = This is only displayed if the status of the modem is "up". Displays the Network Provider currently connected.
  • Page 169 8 Physical Interfaces bintec elmeg GmbH Field Description • : UMTS is preferentially used; should UMTS not be available, GPRS is used. • : Only LTE is used; should LTE be unavailable, no connection is established. • : LTE is prefer- ably used;...
  • Page 170 8 Physical Interfaces bintec elmeg GmbH Field Description Note An incoming data call (PPP dialin or ISDN login via V.110) can generally only be set up via GSM. Setup for UMTS/LTE is generally only possible if the provider has activated this functionality on demand.
  • Page 171 8 Physical Interfaces bintec elmeg GmbH Field Description call under Transfer own IP address over ISDN/GSM . This may shorten and simplify tunnel setup. This is only displayed if the device has made three failed at- tempts to establish a connection, e.g. if the PIN for the SIM card (see the SIM Card Uses PIN field) has been entered incorrectly three times.
  • Page 172 8 Physical Interfaces bintec elmeg GmbH Field Description Note Please note that the SIM card must support this function, and that not all mobile telephony providers relay voice calls over data SIM cards. APN (Access Point Only for UMTS/LTE Status =...
  • Page 173 8 Physical Interfaces bintec elmeg GmbH Field Description Network Provider. Close to a country border this could also be the network of a foreign roaming partner. Mobile Network Pro- Only for Roaming Mode = vider Select a Mobile Network Provider from the list.
  • Page 174 8 Physical Interfaces bintec elmeg GmbH Field Description Fixed IP Address Enter the Ip address that has been supplied by your provider. Clicking the button opens a page with detailed statistics on the current UMTS/LTE con- nection. Physical Interfaces UMTS/LTE Fig.
  • Page 175 8 Physical Interfaces bintec elmeg GmbH Field Description provider the SIM card is registered at. Selected PLMN Displays the selected PLMN. If no PLMN is selected, the Home PLNM is displayed. Actual Network Displays which kind of network is currently used (e.g., UMTS or GPRS).

  • Page 176: Chapter 9 Lan

    9 LAN bintec elmeg GmbH Chapter 9 LAN In this menu, you configure the addresses in your LAN and can structure your local network using VLANs. 9.1 IP Configuration In this menu, you can edit the IP configuration of the LAN and Ethernet interfaces of your device.
  • Page 177 9 LAN bintec elmeg GmbH Example of subnets If your device is connected to a LAN that consists of two subnets, you should enter a second IP Address / Netmask. The first subnet has two hosts with the IP addresses 192.168.42.1 and 192.168.42.2, for example, and the second subnet has two hosts with the IP addresses 192.168.46.1 and...
  • Page 178 9 LAN bintec elmeg GmbH Field Description Select the Ethernet interface for which the virtual interface is to be configured. Address Mode Select how an IP address is assigned to the interface. Possible values: • (default value): The interface is assigned a static IP address in IP Address / Netmask.
  • Page 179 9 LAN bintec elmeg GmbH Field Description face to a VLAN by entering the VLAN ID of the relevant VLAN. Possible values are (default value) to The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.

  • Page 180: Vlan

    9 LAN bintec elmeg GmbH Field Description The function is disabled by default. TCP-MSS Clamping Select whether your device is to apply MSS Clamping. To pre- vent IP packets fragmenting, the MSS (Maximum Segment Size) is automatically decreased by the device to the value set here.
  • Page 181 9 LAN bintec elmeg GmbH Fig. 68: VLAN segmenting VLAN for Bridging and VLAN for Routing In the LAN->VLAN menu, VLANs (virtual LANs) are configured with interfaces that operate in Bridging mode. Using the VLAN menu, you can make all the settings needed for this and query their status.

  • Page 182: Vlans

    9 LAN bintec elmeg GmbH 9.2.1 VLANs In this menu, you can display all the VLANs already configured, edit your settings and cre- ate new VLANs. By default, the VLAN is available, to which all interfaces are assigned. 9.2.1.1 Edit or New Choose the icon to edit existing entries.

  • Page 183: Port Configuration

    9 LAN bintec elmeg GmbH 9.2.2 Port Configuration In this menu, you can define and view the rules for receiving frames at the VLAN ports. VLANs Port Configuration Fig. 70: -> -> The LAN->VLANs->Port Configuration menu consists of the following fields: Fields in the Port Configuration menu.
  • Page 184 9 LAN bintec elmeg GmbH VLANs Administration Fig. 71: -> -> The LAN->VLANs->Administrationmenu consists of the following fields: Fields in the Bridge Group br<ID> VLAN Options menu Field Description Enable VLAN Enable or disable the specified bridge group for VLAN.

  • Page 185: Chapter 10 Wireless Lan

    10 Wireless LAN bintec elmeg GmbH Chapter 10 Wireless LAN In the case of wireless LAN or Wireless LAN (WLAN = Wireless Local Area Network), this relates to the creation of a network using wireless technology. Network functions Like a wired network, a WLAN offers all the main network functions. Access to servers, files, printers, and the e-mail system is just as reliable as company-wide Internet access.

  • Page 186: Wlan

    10 Wireless LAN bintec elmeg GmbH An amendment to the Telecommunications Act (TKG) allowed the 5.8 GHz band (5755 MHz - 5875 MHz) to be used for so-called BFWA applications (Broadband Fixed Wireless Access). This simply requires registration with the Federal Network Agency. However, the use of TPC and DFS is mandatory in this case.
  • Page 187 10 Wireless LAN bintec elmeg GmbH Wireless LAN WLAN Radio Settings Operation Mode Fig. 73: -> -> -> Wireless LAN WLAN Radio Settings Operation Mode Fig. 74: bintec RS Series...
  • Page 188 10 Wireless LAN bintec elmeg GmbH The Wireless LAN->WLAN->Radio Settings-> menu consists of the following fields: Fields in the menu Wireless Settings Field Description Operation Mode Define the mode in which the wireless module of your device is to operate.
  • Page 189 10 Wireless LAN bintec elmeg GmbH Field Description • : Your device runs in 5 GHz (Mode 802.11a/h) outside buildings. • : Your device is run with 5 GHz (Mode 802.11a/h) inside or outside buildings. • : Only for so-called Broadband Fixed Wireless Access (BFWA) applications.
  • Page 190 10 Wireless LAN bintec elmeg GmbH Field Description • : The country information of the access point is used. Channel The number of channels you can select depends on the country setting. Please consult the data sheet for your device.
  • Page 191 10 Wireless LAN bintec elmeg GmbH Field Description Possible values are (standard value) • For Operation Band = Only the option is possible here. Selected Channel Displays the channel used. Used Secondary Chan- Not for Operation Mode = and Operation Band = Displays the second channel used.
  • Page 192 10 Wireless LAN bintec elmeg GmbH Field Description Possible values: • (default value): The maximum antenna power is used. • • • • • Fields in the menu Performance Settings Field Description Wireless Mode Select the wireless technology that the access point is to use.
  • Page 193 10 Wireless LAN bintec elmeg GmbH Field Description • : Your device operates only according to 802.11n. In Operation Mode with Client Mode additional options are available for Operation Band = Possible values: • : The device operates only in accordance with 802.11a.
  • Page 194 10 Wireless LAN bintec elmeg GmbH Field Description client (e. g. a 802.11a client) is treated in the same way when apportioning. The function is enabled with The function is disabled by default. This fuction is only applied to unprioritized frames of the WMM Classe "Background".
  • Page 195 10 Wireless LAN bintec elmeg GmbH Field Description Enter the time in milliseconds between the sending of two beacons. This value is transmitted in Beacon and Probe Response Frames. Possible values are The default value is DTIM Period Only for Operation Mode =...
  • Page 196 10 Wireless LAN bintec elmeg GmbH Field Description Possible values are The default value is . Long Retry Limit Enter the maximum number of attempts to send a data packet. This value must be longer than the value specified in RTS Threshold.
  • Page 197 10 Wireless LAN bintec elmeg GmbH Wireless LAN WLAN Radio Settings Advanced Settings Operation Fig. 75: -> -> -> -> Mode Fields in the menu Advanced Settings for Access Client Mode. Field Description Scan channels Choose the channels which the WLAN client automatically scans for available wireless networks.
  • Page 198 10 Wireless LAN bintec elmeg GmbH Field Description wireless networks as soon as the radio signal of the existing radio connection becomes unsuitable for higher data rates. • (default value): Standard roaming. • : The WLAN client searches for available wireless networks as soon as the radio signal of the existing radio connection becomes weaker.
  • Page 199 10 Wireless LAN bintec elmeg GmbH Field Description Min. Period Passive Displays the minimum passive scanning time for a frequency in Scan milliseconds. The value can only be modified for Roaming Profile = . The default value is Max. Period Passive...

  • Page 200: Wireless Networks (Vss)

    10 Wireless LAN bintec elmeg GmbH Field Description Fragmentation Enter the maximum size as of which the data packets are to be Threshold fragmented (i.e. split into smaller units). Low values are recom- mended for this field in areas with poor reception and in the event of radio interference.
  • Page 201 10 Wireless LAN bintec elmeg GmbH and read by any attacker with the appropriate resources. Particular attention must therefore be paid to protecting the wireless connection. There are three security modes, WEP, WPA-PSK and WPA Enterprise. WPA Enterprise of- fers the highest level of security, but this security mode is only really suitable for compan- ies, because it requires a central authentication server.
  • Page 202 10 Wireless LAN bintec elmeg GmbH You can control which clients can access your wireless LAN via your device by creating an Access Control List (Access Control oder MAC-Filter). In the Access Control List, you enter the MAC addresses of the clients that may access your wireless LAN. All other clients have no access.
  • Page 203 10 Wireless LAN bintec elmeg GmbH Wireless LAN WLAN Wireless Networks (VSS) Fig. 76: -> -> -> -> The Wireless LAN->WLAN->Wireless Networks (VSS)-> ->New menu consists of the following fields: Fields in the menu Service Set Parameters Field Description Network Name (SSID) Enter the name of the wireless network (SSID).
  • Page 204 10 Wireless LAN bintec elmeg GmbH Field Description that ARP broadcasts that have been converted to ARP unicasts are forwarded to IP addresses that are known internally. Uni- casts are quicker and clients with an enabled power save func- tion are not addressed.
  • Page 205 10 Wireless LAN bintec elmeg GmbH Field Description • : WEP 40 bits • : WEP 104 bits • : WPA Preshared Key • : 802.11i/TKIP Transmit Key Only for Security Mode = Select one of the keys configured in WEP Key <1 - 4> as a de- fault key.
  • Page 206 10 Wireless LAN bintec elmeg GmbH Field Description WPA2 Cipher Only for Security Mode = and for WPA Mode = Select the type of encryption with which to apply WPA 2 . Possible values: • (default value): AES is used.

  • Page 207: Wds Links

    10 Wireless LAN bintec elmeg GmbH Field Description The function is disabled by default. Allowed Addresses Use Add to make entries and enter the MAC addresses (MAC Address) of the clients to be permitted. 10.1.3 WDS Links If you're operating your device in Access Point mode, ( Wireless LAN->WLAN->Radio Set- tings->...
  • Page 208 10 Wireless LAN bintec elmeg GmbH 10.1.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure additional WDS links. Wireless LAN WLAN WDS Links Fig. 77: -> -> -> The Wireless LAN->WLAN->WDS Links->New menu consists of the following fields: Fields in the Basic Parameters menu.
  • Page 209 10 Wireless LAN bintec elmeg GmbH Field Description link, and in Transmit Key select the default key. • : Data traffic on this WDS link is encrypted with WEP140. In WEP Key 1 to WEP Key 4 enter the keys for this WDS link, and in Transmit Key select the default key.

  • Page 210: Client Link

    10 Wireless LAN bintec elmeg GmbH Field Description Remote MAC Address Enter the MAC address of the WDS partner. 10.1.4 Client Link If you're operating your device in Access Point mode, ( Wireless LAN->WLAN->Radio Set- tings-> ->Operation Mode = ), you can edit the existing client links in the Wireless LAN->WLAN->Client Link->...
  • Page 211 10 Wireless LAN bintec elmeg GmbH Field Description Security Mode Select the security mode (encryption and authentication) for the wireless network. Possible values: • (default value): Neither encryption nor authentica- tion • : WEP 40 bits • : WEP 104 bits •...
  • Page 212 10 Wireless LAN bintec elmeg GmbH Field Description WPA Cipher Only for Security Mode = and WPA Mode = Select which encryption method should be used. Possible values: • (default value): Temporal Key Integrity Protocol • : Advanced Encryption Standard.

  • Page 213: Administration

    10 Wireless LAN bintec elmeg GmbH list. In the Action column, click Select to connect the local clients with this client. If the partners are connected with one another, the icon appears in the Connected column. icon appears in the Connected column if the connection is active.

  • Page 214: Basic Settings

    10 Wireless LAN bintec elmeg GmbH 10.2.1 Basic Settings Wireless LAN Administration Basic Settings Fig. 80: -> -> The Wireless LAN->Administration->Basic Settings menu consists of the following fields: Fields in the WLAN Administration menu. Field Description Region Select the country in which the access point is to be run.

  • Page 215: Chapter 11 Networking

    11 Networking bintec elmeg GmbH Chapter 11 Networking 11.1 Routes Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available. If you set up access to the Internet, you must configure the route to your Internet Service Provider (ISP) as a default route.
  • Page 216 11 Networking bintec elmeg GmbH Network Routes IPv4 Route Configuration Extended Route Fig. 81: -> -> -> with Standard. If the option is selected for the Route Class, an extra configuration section opens. Network Routes IPv4 Route Configuration Extended Fig. 82: ->...
  • Page 217 11 Networking bintec elmeg GmbH fields: Fields in the menu Basic Parameters Field Description Route Type Select the type of route. Possible values: • : Route via a specific in- terface which is to be used if no other suitable route is avail- able.
  • Page 218 11 Networking bintec elmeg GmbH Field Description ceived by DHCP are supplemented by routing information about a particular network. Note When the DHCP lease expires or when the device is re- started, the routes that consist from the combination of DH- CP settings and those made here are initially deleted once more from the active routing.
  • Page 219 11 Networking bintec elmeg GmbH Field Description When Route Type = Also enter the relevant netmask in the second field. Gateway IP Address Only for Route Type = Enter the IP address of the gateway to which your device is to forward the IP packets.
  • Page 220 11 Networking bintec elmeg GmbH Field Description • : Enables the entry of a port number. • : Enables the entry of a range of port numbers. • : Entry of privileged port numbers: 0 ... 1023. • : Entry of server port numbers: 5000 ... 32767.
  • Page 221 11 Networking bintec elmeg GmbH Field Description • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format). • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in hexadecimal format).

  • Page 222: Ipv4 Routing Table

    11 Networking bintec elmeg GmbH 11.1.2 IPv4 Routing Table A list of all IPv4 routes is displayed in the Network->Routes->IPv4 Routing Table menu. The routes do not all need to be active, but can be activated at any time by relevant data traffic.

  • Page 223: Options

    11 Networking bintec elmeg GmbH 11.1.3 Options Back Route Verify The term Back Route Verify describes a very simple but powerful function. If a check is ac- tivated for an interface, incoming data packets are only accepted over this interface if out- going response packets are routed over the same interface.

  • Page 224: Nat

    11 Networking bintec elmeg GmbH Field Description Displays the serial number of the list entry. Interface Only for Mode = Displays the name of the interface. Back Route Verify Only for Mode = Select whether is to be activated for the interface.

  • Page 225: Nat Configuration

    11 Networking bintec elmeg GmbH for this interface. Options in the menu NAT Interfaces Field Description NAT active Select whether NAT is to be activated for the interface. The function is disabled by default. Loopback active The NAT loopback function also enables network address trans- lation for connectors whereby NAT is not activated.
  • Page 226 11 Networking bintec elmeg GmbH 11.2.2.1 New Choose the New button to set up NAT. Networking NAT Configuration Fig. 86: -> -> -> The Networking->NAT->NAT Configuration ->New menu consists of the following fields: Fields in the menu Basic Parameters Field...
  • Page 227 11 Networking bintec elmeg GmbH Field Description • : Data traffic excluded from NAT. NAT method Only for Type of traffic = Select the NAT method for outgoing data traffic. The starting point for choosing the NAT method is a NAT scenario in which an "internal"...
  • Page 228 11 Networking bintec elmeg GmbH Field Description • Action Only for Type of traffic = Select which data packets are to be excluded by NAT. Possible values: • (default value): All the data packets that match the following parameters that are to be configured (protocol, source IP address/network mask, destination IP address/net- mask, etc.) are excluded by NAT.
  • Page 229 11 Networking bintec elmeg GmbH Field Description • • • • • • • • • • • • • • • • Source IP Address/ Only for Type of traffic = Netmask Enter the source IP address and corresponding netmask of the original data packets, as the case arises.
  • Page 230 11 Networking bintec elmeg GmbH Field Description Original Source Port/ Only for Type of traffic = , NAT Range method = , Service = and Pro- tocol = Enter the source port of the original data packets. The default setting means that the port remains unspecified.
  • Page 231 11 Networking bintec elmeg GmbH Field Description dress/Netmask Enter the destination IP address and corresponding netmask to which the original destination IP address is to be translated. New Destination Port Only for Type of traffic = Service = and Protocol = Leave the destination port as it appears or enter the destination port to which the original destination port is to be translated.

  • Page 232: Load Balancing

    11 Networking bintec elmeg GmbH 11.3 Load Balancing The increasing amount of data traffic over the Internet means it is necessary to send data over different interfaces to increase the total bandwidth available. IP load balancing en- ables the distribution of data traffic within a certain group of interfaces to be controlled.
  • Page 233 11 Networking bintec elmeg GmbH Networking Load Balancing Load Balancing Groups Fig. 87: -> -> -> The menu Networking->Load Balancing->Load Balancing Groups->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Group Description Enter the desired description of the interface group.
  • Page 234 11 Networking bintec elmeg GmbH Field Description • : Only the data rate in the send direction is con- sidered. By default, the options are disabled. Distribution Mode Select the state the interfaces in the group may have if they are to be included in load balancing.
  • Page 235 11 Networking bintec elmeg GmbH Field Description Distribution Policy Displays the type of data traffic selected. Fields in the Interface Selection for Distribution menu. Field Description Interface Select the interfaces that are to belong to the group from the available interfaces.

  • Page 236: Special Session Handling

    11 Networking bintec elmeg GmbH Field Description You can choose between all routes and all extended routes. Tracking IP Address You can use the Tracking IP Address parameter to have a particular route monitored. The load balancing status of the interface and the status of the routes connected to the interface can be influenced using this parameter.
  • Page 237 11 Networking bintec elmeg GmbH less detail. The first data packet which the properties configured here match specifies the route for particular subsequent data packets. Which data packets are subsequently routed via this route is configured in the Networking- >Load Balancing->Special Session Handling->New->Advanced Settings menu.
  • Page 238 11 Networking bintec elmeg GmbH The Networking->Load Balancing->Special Session Handling->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Admin Status Select whether the Special Session Handling should be activ- ated. The function is activated by selecting The function is enabled by default.
  • Page 239 11 Networking bintec elmeg GmbH Field Description Destination Port/Range Enter, if required, a destination port number or a range of des- tination port numbers. Possible values: • (default value): The destination port is not specified. • : Enter a destination port.

  • Page 240: Qos

    11 Networking bintec elmeg GmbH Field Description the subsequent data packets must be routed via the same Des- tination Port to the same Destination Address. The two parameters Destination Address and Destination Port are enabled by default. If you leave the default setting...
  • Page 241 11 Networking bintec elmeg GmbH Networking QoS Filter Fig. 90: -> -> -> The Networking->QoS->QoS Filter->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the filter. Service Select one of the preconfigured services. The extensive range of services configured ex works includes the following: •...
  • Page 242 11 Networking bintec elmeg GmbH Field Description Select the type. Possible values: See RFC 792. The default value is Connection State With Protocol = , you can define a filter that takes the status of the TCP connections into account.

  • Page 243: Qos Classification

    11 Networking bintec elmeg GmbH Field Description DSCP/TOS Filter Select the Type of Service (TOS). (Layer 3) Possible values: • (default value): The type of service is ignored. • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format, 6 bit).
  • Page 244 11 Networking bintec elmeg GmbH Networking QoS Classification Fig. 91: -> -> -> The Networking->QoS->QoS Classification->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Class map Choose the class plan you want to create or edit.
  • Page 245 11 Networking bintec elmeg GmbH Field Description To select a filter, at least one filter must be configured in the Networking->QoS->QoS Filter menu. Direction Select the direction of the data packets to be classified. Possible values: • : Incoming data packets are assigned to the class (Class ID) that is then to be defined.

  • Page 246: Qos Interfaces/Policies

    11 Networking bintec elmeg GmbH Field Description • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format). • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in hexadecimal format).
  • Page 247 11 Networking bintec elmeg GmbH Depending on the respective interface, a queue is created automatically for each class, but only for data traffic classified as outgoing and for data traffic classified in both directions. A priority is assigned to these automatic queues. The value of the priority is equal to the value of the class ID.
  • Page 248 11 Networking bintec elmeg GmbH Field Description ets are always handled with priority. • : QoS is activated on the inter- face. The available bandwidth is distributed as “fairly” as pos- sible among the (automatically detected) traffic flows in a queue.
  • Page 249 11 Networking bintec elmeg GmbH Field Description • Can only be selected for IPSec interfaces: • • • • Encryption Method Only if an IPSec Peers is selected as Interface, Traffic shap- ing is and Protocol Header Size below Layer 3 is not Select the encryption method used for the IPSec connection.
  • Page 250 11 Networking bintec elmeg GmbH Field Description • : All RTP streams are optimised. The function activates the RTP stream detection mechanism for the automatic detection of RTP streams. In this mode, the Real Time Jitter Control is activated as soon as an RTP stream has been detected.
  • Page 251 11 Networking bintec elmeg GmbH Field Description • : Queue for data that has not been classified or data of a class for which no queue has been configured. Class ID Only for Prioritisation queue = Select the QoS packet class to which this queue is to apply.
  • Page 252 11 Networking bintec elmeg GmbH Field Description The function is disabled by default. Maximum Upload Only for Traffic Shaping = enabled. Speed Enter a maximum data rate for the queue in kbits. Possible values are The default value is .

  • Page 253: Access Rules

    11 Networking bintec elmeg GmbH Field Description • (default value): The newest packet received is dropped. • : The oldest packet in the queue is dropped. • : A randomly selected packet is dropped from the queue. Congestion Avoidance Enable or disable preventative deletion of data packets.
  • Page 254 • source and/or destination port (port ranges are supported) Access lists are an effective means if, for example, sites with LANs interconnected over a bintec elmeg gateway wish to deny all incoming FTP requests or only allow Telnet sessions between certain hosts.

  • Page 255: Access Filter

    11 Networking bintec elmeg GmbH Caution Make sure you don’t lock yourself out when configuring filters: If possible, access your gateway for filter configuration over the serial console interface or ISDN Login. 11.5.1 Access Filter This menu is for configuration of access filter Each filter describes a certain part of the IP traffic and defines, for example, the IP addresses, the protocol, the source port or the des- tination port.
  • Page 256 11 Networking bintec elmeg GmbH Networking Access Rules Access Filter Fig. 94: -> -> -> The Networking->Access Rules->Access Filter->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a description for the filter.
  • Page 257 11 Networking bintec elmeg GmbH Field Description Possible values: • • • • • • • • • The default value is See RFC 792. Connection State Only if Protocol = You can define a filter that takes the status of the TCP connec- tions into account.
  • Page 258 11 Networking bintec elmeg GmbH Field Description Possible values: • (default value): The filter is valid for all port numbers • : Enables the entry of a port number. • : Enables the entry of a range of port numbers.

  • Page 259: Rule Chains

    11 Networking bintec elmeg GmbH Field Description COS Filter Enter the service class of the IP packets (Class of Service, (802.1p/Layer 2) CoS). Possible values are whole numbers between and . The default value is 11.5.2 Rule Chains Rules for IP filters are configured in the Rule Chains menu. These can be created separ- ately or incorporated in rule chains.
  • Page 260 11 Networking bintec elmeg GmbH fields: Fields in the Basic Parameters menu. Field Description Rule Chain Select whether to create a new rule chain or to edit an existing one. Possible values: • (default value): You can create a new rule chain with this setting.

  • Page 261: Interface Assignment

    11 Networking bintec elmeg GmbH 11.5.3 Interface Assignment In this menu, the configured rule chains are assigned to the individual interfaces and the gateway’s behavior is defined for denying IP packets. A list of all configured interface assignments is displayed in the Networking->Access Rules->Interface Assignment menu.

  • Page 262: Drop In

    11 Networking bintec elmeg GmbH Field Description Rule Chain Select a rule chain. Silent Deny Define whether the sender is to be informed if an IP packet is denied. • (default value): The sender is not informed. • : The sender receives an ICMP message.
  • Page 263 11 Networking bintec elmeg GmbH Networking Drop In Drop In Groups Fig. 99: -> -> -> The Networking->Drop In->Drop In Groups->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Group Description Enter a unique name for the Drop In group.
  • Page 264 11 Networking bintec elmeg GmbH Field Description The function is disabled by default. Network Configuration Select how an IP address / netmask is assigned to the Drop In network. Possible values: • (default value) • Network Address Only for Network Configuration = Enter the network address of the Drop In network.
  • Page 265 11 Networking bintec elmeg GmbH Field Description • Interface Selection Select all the ports which are to be included in the Drop In group (in the network). Add new entries with Add. bintec RS Series...

  • Page 266: Chapter 12 Routing Protocols

    12 Routing Protocols bintec elmeg GmbH Chapter 12 Routing Protocols 12.1 RIP The entries in the routing table can be defined statically or the routing table can be updated constantly by dynamic exchange of routing information between several devices. This ex- change is controlled by a Routing Protocol, e.g.
  • Page 267 12 Routing Protocols bintec elmeg GmbH Routing Protocols RIP Interfaces Fig. 101: -> -> -> The menu Networking->RIP->RIP Interfaces-> consists of the following fields: Fields in the RIP Parameters for menu. Field Description Send Version Decide whether routes are to be propagated via RIP and if so, select the RIP version for sending RIP packets over the inter- face in send direction.

  • Page 268: Rip Filter

    12 Routing Protocols bintec elmeg GmbH Field Description • (default value): RIP is not enabled. • : Enables sending and receiving of version 1 RIP packets. • : Enables sending and receiving of version 2 RIP packets. • :Enables sending and receiving RIP packets of both version 1 and 2.
  • Page 269 12 Routing Protocols bintec elmeg GmbH tion. You configure a filter for a default route with the following values: • IP Address / Netmask = no entry for IP address (this corresponds to IP address 0.0.0.0), for netmask = 255.255.255.255 A list of all RIP filters is displayed in the Routing Protocols->RIP->RIP Filter menu.
  • Page 270 12 Routing Protocols bintec elmeg GmbH Field Description Interface Select the interface to which the rule to be configured applies. IP Address / Netmask Enter the IP address and netmask to which the rule is to be ap- plied. This address can be in the LAN or WAN.

  • Page 271: Rip Options

    12 Routing Protocols bintec elmeg GmbH 12.1.3 RIP Options Routing Protocols RIP Options Fig. 104: -> -> The menu Routing Protocols->RIP->RIP Options consists of the following fields: Fields in the Global RIP Parameters menu. Field Description RIP UDP Port The setting option UDP Port, which is used for sending and re- ceiving RIP updates, is only for test purposes.
  • Page 272 12 Routing Protocols bintec elmeg GmbH Field Description (=“Network is not reachable“). The function is enabled with The function is disabled by default. RFC 2453 Variable For the timers described in RFC 2453, select whether the same Timer values that you can configure in the Timer for RIP V2 (RFC 2453) menu should be used.
  • Page 273 12 Routing Protocols bintec elmeg GmbH Field Description Garbage Collection Only for RFC 2453 Variable Timer = Timer The Garbage Collection Timer is started as soon as the route timeout has expired. After this timeout, the invalid route is deleted from the IPROUTETABLE if no update is carried out for the route.

  • Page 274: Chapter 13 Multicast

    13 Multicast bintec elmeg GmbH Chapter 13 Multicast What is multicasting? Many new communication technologies are based on communication from one sender to several recipients. Therefore, modern telecommunication systems such as voice over IP or video and audio streaming (e.g. IPTV or Webradio) focus on reducing data traffic, e.g. by offering TriplePlay (voice, video, data).

  • Page 275: General

    13 Multicast bintec elmeg GmbH dedicated host, but rather a group, i.e. during the routing of multicast packets, the decisive factor is whether a recipient is in a logged-in subnet. In the local network, all hosts are required to accept all multicast packets. For Ethernet or FDD, this is based on MAC mapping, where the group address is encoded into the destina- tion MAC address.

  • Page 276: General

    13 Multicast bintec elmeg GmbH 13.1.1 General In the Multicast->General->General menu you can disable or enable the multicast func- tion. Multicast General General Fig. 105: -> -> The Multicast->General->General menu consists of the following fields: Fields in the Basic Settings menu.

  • Page 277: Igmp

    13 Multicast bintec elmeg GmbH 13.2.1 IGMP In this menu, you configure the interfaces on which IGMP is to be enabled. 13.2.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure IGMP on other interfaces.
  • Page 278 13 Multicast bintec elmeg GmbH Field Description Time within which hosts must respond. The hosts randomly select a time delay from this interval before sending the response. This spreads the load in networks with several hosts, improving per- formance. Possible values are...

  • Page 279: Options

    13 Multicast bintec elmeg GmbH IGMP Proxy enables you to simulate several locally connected interfaces as a subnet to an adjacent router. Queries coming in to the IGMP Proxy interface are forwarded to the local subnets. Local reports are forwarded on the IPGM Proxy interface.
  • Page 280 13 Multicast bintec elmeg GmbH Multicast IGMP Options Fig. 108: -> -> The Multicast->IGMP->Options menu consists of the following fields: Fields in the Basic Settings menu. Field Description IGMP Status Select the IGMP status. Possible values: • (default value): Multicast is activated automatically for hosts if the hosts open applications that use multicast.

  • Page 281: Forwarding

    13 Multicast bintec elmeg GmbH Field Description IGMP State Limit Enter the maximum permitted total number of incoming queries and messages per second. The default value is , i.e. the number of IGMP status mes- sages is not limited. 13.3 Forwarding 13.3.1 Forwarding...
  • Page 282 13 Multicast bintec elmeg GmbH Field Description The option is deactivated by default. Multicast Group Ad- Only for All Multicast Groups = not active. dress Enter here the address of the multicast group you want to for- ward from a defined Source Interface to a defined Destination Interface.

  • Page 283: Chapter 14 Wan

    14 WAN bintec elmeg GmbH Chapter 14 WAN This menu offers various options for configuring accesses or connections from your LAN to the WAN. You can also optimise voice transmission here for telephone calls over the Inter- net. 14.1 Internet + Dialup In this menu, you can set up Internet access or dialup connections.

  • Page 284: Default Route

    14 WAN bintec elmeg GmbH Field Description administratively set to down (deactivated); connection setup not possible for leased lines: Authentication When a call is received, the calling party number is always sent over the ISDN D-channel. This number enables your device to identify the caller (CLID), provided the caller is entered on your device.

  • Page 285: Pppoe

    14 WAN bintec elmeg GmbH can answer an incoming call with a callback or request a callback from a connection part- ner. Identification can be based on the calling party number or PAP/CHAP/MS-CHAP au- thentication. Identification is made in the former case without call acceptance, as the calling party number is transferred over the ISDN D-channel, and in the latter case with call ac- ceptance.
  • Page 286 14 WAN bintec elmeg GmbH SL access. However, PPPoE is now offered here too by some providers. 14.1.1.1 New Choose the New button to set up new PPPoE interfaces. Internet + Dialup PPPoE Fig. 110: -> -> -> The menu WAN->Internet + Dialup->PPPoE->New consists of the following fields: Fields in the Basic Parameters menu.
  • Page 287 14 WAN bintec elmeg GmbH Field Description PPPoE Mode Select whether you want to use a standard Internet connection over PPPoE ( ) or your Internet access is to be set up over several interfaces ( ). If you choose...
  • Page 288 14 WAN bintec elmeg GmbH Field Description The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge. Connection Idle Only if Always on is disabled.
  • Page 289 14 WAN bintec elmeg GmbH Field Description The function is enabled by default. Local IP Address Only if IP Address Mode = Enter the static IP address of the connection partner. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner.
  • Page 290 14 WAN bintec elmeg GmbH Field Description crypted. • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol). • : Primarily run CHAP, on denial then the authentication protocol required by the connection partner.

  • Page 291: Pptp

    14 WAN bintec elmeg GmbH Field Description Possible values are The default value is . 14.1.2 PPTP A list of all PPTP interfaces is displayed in the WAN->Internet + Dialup->PPTP menu. In this menu, you configure an Internet connection that uses the Point Tunnelling Protocol (PPTP) to set up a connection.
  • Page 292 14 WAN bintec elmeg GmbH Internet + Dialup PPTP Fig. 111: -> -> -> The menu WAN->Internet + Dialup->PPTP->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the internet connection.
  • Page 293 14 WAN bintec elmeg GmbH Field Description When using the internal DSL modem, select here the EthoA in- terface configured in Physical Interfaces->ATM->Profiles->New, e.g. User Name Enter the user name. Password Enter the password. Always on Select whether the interface should always be activated.
  • Page 294 14 WAN bintec elmeg GmbH Field Description defined as the default route. The function is enabled with The function is enabled by default. Create NAT Policy Specify whether Network Address Translation (NAT) is to be ac- tivated. The function is enabled with The function is enabled by default.
  • Page 295 14 WAN bintec elmeg GmbH Field Description The default value is . Authentication Select the authentication protocol for this Internet connection. Select the authentication specified by your provider. Possible values: • (default value): Only run PAP (PPP Password Authentic- ation Protocol); the password is transferred unencrypted.

  • Page 296: Pppoa

    14 WAN bintec elmeg GmbH Field Description selected Ethernet port. Local PPTP IP Address Assign the PPTP interface an IP address that is used as the source address. The default value is Remote PPTP IP Ad- Enter the IP address of the PPTP partner.
  • Page 297 14 WAN bintec elmeg GmbH Internet + Dialup PPPoA Fig. 112: -> -> -> The menu WAN->Internet + Dialup->PPPoA->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the connection partner.
  • Page 298 14 WAN bintec elmeg GmbH Field Description Always on Select whether the interface should always be activated. The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge.
  • Page 299 14 WAN bintec elmeg GmbH Field Description The function is enabled with The function is enabled by default. Local IP Address Only for IP Address Mode = Enter the static IP address you received from your provider. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner.

  • Page 300: Isdn

    14 WAN bintec elmeg GmbH Field Description • : Only run CHAP (PPP Challenge Handshake Authentic- ation Protocol as per RFC 1994); password is transferred en- crypted. • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol).
  • Page 301 14 WAN bintec elmeg GmbH • Internet access over ISDN • LAN to LAN connection over ISDN • Remote (Mobile) dial-in • Use of the ISDN Callback function 14.1.4.1 New Choose the Newbutton to set up new ISDN interfaces. bintec RS Series...
  • Page 302 14 WAN bintec elmeg GmbH Internet + Dialup ISDN Fig. 113: -> -> -> The menu WAN->Internet + Dialup->ISDN->New consists of the following fields: Fields in the Basic Parameters menu. bintec RS Series...
  • Page 303 14 WAN bintec elmeg GmbH Field Description Description Enter a name for uniquely identifying the connection partner. The first character in this field must not be a number No special characters or umlauts must be used. Connection Type Select which layer 1 protocol your device should use.
  • Page 304 14 WAN bintec elmeg GmbH Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: • (default value): You enter a static IP address.
  • Page 305 14 WAN bintec elmeg GmbH Field Description IP Assignment Pool Only if IP Address Mode = Select IP pools configured in the WAN->Internet + Dialup->IP Poolsmenu. If an IP pool has not been configured here yet, the message appears in this field.
  • Page 306 14 WAN bintec elmeg GmbH Field Description • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol). • : Primarily run CHAP, on denial then the authentication protocol required by the connection partner.
  • Page 307 14 WAN bintec elmeg GmbH Field Description • : Your device calls back after a period of time suggested by the Microsoft client (NT: 10 seconds, new systems: 12 seconds. It uses the call number (Entries->Call Number) with the Mode entered for the connection partner.
  • Page 308 14 WAN bintec elmeg GmbH Field Description • : Static channel bundling. • : Dynamic channel bundling. Fields in the Dial Numbers menu Field Description Entries Add new entries with Add. Fields in menu Dial Number Configuration (appears only for Entries = Add)

  • Page 309: Umts/Lte

    14 WAN bintec elmeg GmbH Field Description • : OSPF is activated for this interface, i.e. routes are propagated or OSPF protocol packets sent over this interface. • : OSPF is disabled for this interface. Proxy ARP Mode Select whether and how ARP requests from your own LAN are to be responded to for the specified connection partner.
  • Page 310 14 WAN bintec elmeg GmbH the mobile network. 14.1.5.1 New Choose the New button to create additional connections. Internet + Dialup UMTS/LTE Fig. 114: -> -> -> The WAN->Internet + Dialup->UMTS/LTE->New menu consists of the following fields: Fields in the Basic Parameters menu.
  • Page 311 14 WAN bintec elmeg GmbH Field Description preselected. User Name Enter the user name. Password Enter the password. Always on Select whether the interface should always be activated. The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge.
  • Page 312 14 WAN bintec elmeg GmbH Field Description Create NAT Policy Specify whether Network Address Translation (NAT) is to be ac- tivated. The function is enabled with The function is enabled by default. Local IP Address Only if IP Address Mode = Enter the static IP address of the connection partner.
  • Page 313 14 WAN bintec elmeg GmbH Field Description • (default value): Only run (PPP Password Authentica- tion Protocol); the password is transferred unencrypted. • : Only run (PPP Challenge Handshake Authentica- tion Protocol as per RFC 1994); password is transferred en- crypted.

  • Page 314: Ip Pools

    14 WAN bintec elmeg GmbH 14.1.6 IP Pools The IP Pools menu displays a list of all IP pools. Your device can operate as a dynamic IP address server for PPP connections. You can use this function by providing one or more pools of IP addresses. These IP addresses can be assigned to dialling-in connection partners for the duration of the connection.

  • Page 315: Atm

    14 WAN bintec elmeg GmbH Field Description DNS Server Primary: Enter the IP address of the DNS server that is to be used, preferably, by clients who draw an address from this pool. Secondary: Optionally, enter the IP address of an alternative DNS server.

  • Page 316: Profiles

    14 WAN bintec elmeg GmbH 14.2.1 Profiles A list of all ATM profiles is displayed in the WAN->ATM->Profiles menu. If the connection for your Internet access is set up using the internal modem, the ATM con- nection parameters must be set for this. An ATM profile combines a set of parameters for a specific provider.
  • Page 317 14 WAN bintec elmeg GmbH Fields in the ATM Profiles Parameter menu. Field Description Provider Select one of the preconfigured ATM profiles for your provider from the list or manually define the profile using Description Only for Provider = Enter the desired description for the connection.
  • Page 318 14 WAN bintec elmeg GmbH Field Description tification number of the virtual channel. A virtual channel is the logical connection for the transport of ATM cells between two or more points. Note your provider's instructions. Possible values are The default value is 32.
  • Page 319 14 WAN bintec elmeg GmbH Field Description The function is enabled with The function is disabled by default. Address Mode Only for Type = Select how an IP address is to be assigned to the interface. Possible values: • (default value): The interface is assigned a static IP address in IP Address / Netmask.

  • Page 320: Service Categories

    14 WAN bintec elmeg GmbH Field Description The maximum length of the entry is 45 characters. Fields in menu Routed Protocols over ATM Settings (appears only for Type = Routed Protocols over ATM) Field Description IP Address/Netmask Enter the IP addresses (IP Address) and the corresponding netmasks (Netmask) of the ATM interface.
  • Page 321 (traffic contract). The configuration of ATM QoS requires extensive knowledge of ATM technology and the way the bintec elmeg devices function. An incorrect configuration can cause con- siderable disruption during operation. If applicable, save the original configuration on your PC.
  • Page 322 14 WAN bintec elmeg GmbH Field Description • (default value): No specif- ic data rate is guaranteed for the connection. The Peak Cell Rate (PCR) specifies the limit above which data is discarded. This category is suitable for non-critical applications.

  • Page 323: Oam Controlling

    Caution The configuration of OAM requires extensive knowledge of ATM technology and the way the bintec elmeg devices functions. An incorrect configuration can cause consid- erable disruption during operation. If applicable, save the original configuration on your In the WAN->ATM->OAM Controlling menu, a list of all monitored OAM flow levels is dis- played.
  • Page 324 14 WAN bintec elmeg GmbH OAM Controlling Fig. 118: -> -> -> The menu WAN->ATM->OAM Controlling->New consists of the following fields: Fields in the OAM Flow Configuration menu. Field Description OAM Flow Level Select the OAM flow level to be monitored.
  • Page 325 14 WAN bintec elmeg GmbH Field Description The function is enabled with The function is disabled by default. End-to-End Send Inter- Only if Loopback End-to-End is enabled. Enter the time in seconds after which a loopback cell is to be sent.
  • Page 326 14 WAN bintec elmeg GmbH Fields in the CC Activation menu. Field Description Continuity Check (CC) Select whether you activate the OAM-CC test for the connection End-to-End between the endpoints of the VCC or VPC. Possible values: • (default value): OAM CC requests are responded to after CC negotiation (CC activation negotiation).

  • Page 327: Real Time Jitter Control

    14 WAN bintec elmeg GmbH Field Description • : The function is disabled. Also select whether the test cells of the OAM CC are to be sent or received. Possible settings: • (default value): CC data is both received and generated.
  • Page 328 14 WAN bintec elmeg GmbH The menu WAN->Real Time Jitter Control->Controlled Interfaces->New consists of the following fields: Fields in the Basic Settings menu. Field Description Interface Define for which interfaces voice transmission is to be optim- ised. Control Mode Select the mode for the optimisation.

  • Page 329: Chapter 15 Vpn

    Encapsulated Security Payload (ESP) protocol and secondly through the use of crypto- graphic key administration mechanisms like the Internet Key Exchange (IKE) protocol. Additional Traffic Filter bintec elmeg gateways support two different methods of setting up IPSec connections: • a method based on policies and • a method based on routing.

  • Page 330: Ipsec Peers

    15 VPN bintec elmeg GmbH The routing-based method offers various advantages over the policy-based method, e.g., NAT/PAT within a tunnel, IPSec in combination with routing protocols and the creation of VPN backup scenarios. With the routing-based method, the configured or dynamically learned routes are used to negotiate the IPSec phase 2 SAs.
  • Page 331 15 VPN bintec elmeg GmbH IPSec IPSec Peers Fig. 120: -> -> Peer Monitoring The menu for monitoring a peer is called by selecting the button for the peer in the peer list. See Values in the IPSec Tunnels list on page 501.
  • Page 332 15 VPN bintec elmeg GmbH IPSec IPSec Peers Fig. 121: -> -> -> The menu VPN->IPSec->IPSec Peers->New consists of the following fields: Fields in the menu Peer Parameters bintec RS Series...
  • Page 333 15 VPN bintec elmeg GmbH Field Description Administrative Status Select the status to which you wish to set the peer after saving the peer configuration. Possible values: • (default value): The peer is available for setting up a tunnel immediately after saving the configuration.
  • Page 334 15 VPN bintec elmeg GmbH Field Description sion 1 • : Internet Kex Exchange Protocol Version 2 Authentication Method Only for Internet Key Exchange = Select the authentication method. Possible values: • (default value): If you do not use certific- ates for the authentication, you can select Preshared Keys.
  • Page 335 15 VPN bintec elmeg GmbH Field Description ternative subject name by default. Make sure you and your peer both use the same name, i.e. that your local ID and the peer ID your partner configures for you are identical. Preshared Key Enter the password agreed with the peer.
  • Page 336 15 VPN bintec elmeg GmbH Field Description Select whether the route to this IPSec peer is to be defined as the default route. The function is enabled with The function is disabled by default. Local IP Address Only for IP Address Assignment = Enter the WAN IP address of your IPSec tunnel.
  • Page 337 15 VPN bintec elmeg GmbH bintec elmeg Gateways support two different methods for establishing IPSec connections: • a method based on policies and • a method based on routing. The policy-based method uses data traffic filters to negotiate the IPSec phase 2 SAs. This enables the filtering of the IP packets to be very "fine grained"...
  • Page 338 15 VPN bintec elmeg GmbH IPSec IPSec Peers Fig. 122: -> -> -> -> Fields in the menu Basic Parameters Field Description Description Enter a description for the filter. Protocol Select a protocol. The option (default value) matches all protocols.
  • Page 339 15 VPN bintec elmeg GmbH Field Description (= -1) means that the port remains unspecified. Destination IP Ad- Enter the destination IP address and corresponding netmask of dress/Netmask the data packets. Destination Port Only for Protocol = Enter the destination port of the data packets. The default set- ting (= -1) means that the port remains unspecified.
  • Page 340 15 VPN bintec elmeg GmbH Field Description XAUTH Profile Select a profile created in VPN->IPSec->XAUTH Profiles if you wish to use this IPSec peer XAuth for authentication. If XAuth is used together with IKE Config Mode, the transac- tions for XAuth are carried out before the transactions for IKE Config Mode.
  • Page 341 Note that MobIKE requires a current IPSec client, e. g. the cur- rent Windows 7 or Windows 8 client or the latest version of the bintec elmeg IPSec client. Proxy ARP Select whether your device is to respond to ARP requests from its own LAN on behalf of the specific connection partner.
  • Page 342 IPSec peer. IPSec Callback bintec elmeg devices support the DynDNS service to enable hosts without fixed IP ad- dresses to obtain a secure connection over the Internet. This service enables a peer to be identified using a host name that can be resolved by DNS. You do not need to configure the IP address of the peer.
  • Page 343 15 VPN bintec elmeg GmbH Note If a tunnel is to be set up to a peer, the interface over which the tunnel is to be imple- mented is activated first by the IPSec Daemon. If IPSec with DynDNS is configured on the local device, the own IP address is propagated first and then the ISDN call is sent to the remote device.
  • Page 344 15 VPN bintec elmeg GmbH Note The callback configuration should be the same on the two devices so that your device is able to identify the IP address information from the called peer. The following roles are possible: • One side takes on the active role, the other the passive role.
  • Page 345 15 VPN bintec elmeg GmbH Field Description Mode Select the Callback Mode. Possible values: • (default value): IPSec callback is deactivated. The local device neither reacts to incoming ISDN calls nor initiates ISDN calls to the remote device. • : The local device only reacts to incoming ISDN calls and, if necessary, initiates setting up an IPSec tunnel to the peer.

  • Page 346: Phase-1 Profiles

    15 VPN bintec elmeg GmbH Field Description Possible values: • : Your device automatically de- termines the most favourable mode. It first tries all D channel modes before switching to the B channel. (Costs are incurred for using the B channel.) •...
  • Page 347 15 VPN bintec elmeg GmbH IPSec Phase-1 Profiles Fig. 123: -> -> In the Default column, you can mark the profile to be used as the default profile. 15.1.2.1 New Choose the New (at Create new IKEv1 Profile or Create new IKEv2 Profile ) button to create additional profiles.
  • Page 348 15 VPN bintec elmeg GmbH IPSec Phase-1 Profiles Fig. 124: -> -> -> The menu VPN->IPSec->Phase-1 Profiles->New consists of the following fields: Fields in the Phase-1 (IKE) Parameters menu. Field Description Description Enter a description that uniquely defines the type of rule.
  • Page 349 15 VPN bintec elmeg GmbH Field Description (Advanced Encryption Standard). It is rated as just as secure as Rijndael (AES), but is slower. • : Blowfish is a very secure and fast algorithm. Twofish can be regarded as the successor to Blowfish.
  • Page 350 DH Group Only for Phase-1 (IKE) Parameters The Diffie-Hellman group defines the parameter set used as the basis for the key calculation during phase 1. "MODP" as sup- ported by bintec elmeg devices stands for "modular exponenti- ation". Possible values: •...
  • Page 351 15 VPN bintec elmeg GmbH Field Description • (default value): If you do not use certific- ates for the authentication, you can select Preshared Keys. These are configured during peer configuration in the VPN->IPSec->IPSec Peers. The preshared key is the shared password.
  • Page 352 15 VPN bintec elmeg GmbH Field Description Local ID Type Only for Phase-1 (IKE) Parameters Select the local ID type. Possible values: • • • • Local ID Value Only for Phase-1 (IKE) Parameters Enter the ID of your device.
  • Page 353 15 VPN bintec elmeg GmbH Fields in the Advanced Settings menu. Field Description Alive Check Only for Phase-1 (IKE) Parameters Select the method to be used to check the functionality of the IPSec connection. In addition to the default method Dead Peer Detection (DPD), the (proprietary) Heartbeat method is implemented.
  • Page 354 15 VPN bintec elmeg GmbH Field Description Block Time Define how long a peer is blocked for tunnel setups after a phase 1 tunnel setup has failed. This only affects locally initiated setup attempts. Possible values are (seconds); means the...

  • Page 355: Phase-2 Profiles

    15 VPN bintec elmeg GmbH Field Description This option can only be configured if certificates are loaded. 15.1.3 Phase-2 Profiles You can define profiles for phase 2 of the tunnel setup just as for phase 1. In the VPN->IPSec->Phase-2 Profiles menu, a list of all configured IPSec phase 2 profiles is displayed.
  • Page 356 15 VPN bintec elmeg GmbH IPSec Phase-2 Profiles Fig. 126: -> -> -> The menu VPN->IPSec->Phase-2 Profiles->New consists of the following fields: Fields in the Phase-2 (IPSEC) Parameters menu. Field Description Description Enter a description that uniquely identifies the profile.
  • Page 357 15 VPN bintec elmeg GmbH Field Description , a key length of 128 bits is used. • : Rijndael has been nominated as AES due to its fast key setup, low memory requirements, high level of secur- ity against attacks and general speed. Here, it is used with a key length of 128 bits.
  • Page 358 15 VPN bintec elmeg GmbH Field Description used to protect the keys of a renewed phase 2 SA, even if the keys of the phase 1 SA have become known. The field has the following options: • : During the Diffie-Hellman key calculation, mod- ular exponentiation at 768 bits is used to create the encryption material.
  • Page 359 20 seconds, the SA is discarded as invalid. Possible values: • (default value): Automatic detection of whether the remote terminal is a bintec elmeg device. If it is, (for a remote terminal with bintec elmeg) or (for a remote terminal without bintec el- meg) is set.

  • Page 360: Xauth Profiles

    15 VPN bintec elmeg GmbH 15.1.4 XAUTH Profiles In the XAUTH Profiles menu a list of all XAUTH profiles is displayed. Extended Authentication for IPSec (XAuth) is an additional authentication method for IPSec tunnel users. The gateway can take on two different roles when using XAuth as it can act as a server or as a client: •...
  • Page 361 15 VPN bintec elmeg GmbH The VPN->IPSec->XAUTH Profiles ->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a description for this XAuth profile. Role Select the role of the gateway for XAuth authentication.

  • Page 362: Ip Pools

    15 VPN bintec elmeg GmbH Field Description entering the authentication name of the client (Name)) and the authentication password (Password). Add new members with Add. 15.1.5 IP Pools In the IP Pools menu a list of all IP pools for your configured IPSec connections is dis- played.

  • Page 363: Options

    15 VPN bintec elmeg GmbH Field Description DNS server. 15.1.6 Options IPSec Options Fig. 129: -> -> The menu VPN->IPSec->Options consists of the following fields: Fields in the Global Options menu. Field Description Enable IPSec Select whether you want to activate IPSec.
  • Page 364 The default val- ues are globally valid and enable your system to work correctly to other bintec elmeg devices, so that you only need to change these values if the remote terminal is a third-party product or you know special settings are necessary.
  • Page 365 15 VPN bintec elmeg GmbH Field Description The function is enabled with The function is disabled by default. Send Initial Contact Select whether IKE Initial Contact messages are to be sent dur- Message ing IKE (phase 1) if no SAs with a peer exist.

  • Page 366: L2Tp

    RSA encryption. Activate this function with to sup- press this behaviour. 15.2 L2TP The layer 2 tunnel protocol (L2TP) enables PPP connections to be tunnelled via a UDP connection. Your bintec elmeg device supports the following two modes: bintec RS Series...

  • Page 367: Tunnel Profiles

    15 VPN bintec elmeg GmbH • L2TP LNS Mode (L2TP Network Server): for incoming connections only • L2TP LAC Mode (L2TP Access Concentrator): for outgoing connections only Note the following when configuring the server and client: An L2TP tunnel profile must be created on each of the two sides (LAC and LNS).
  • Page 368 15 VPN bintec elmeg GmbH Fields in the Basic Parameters menu. Field Description Description Enter a description for the current profile. The device automatically names the profiles and numbers them, but the value can be changed. Enter the host name for LNS or LAC.
  • Page 369 15 VPN bintec elmeg GmbH Field Description Remote IP Address Enter the fixed IP address of the LNS used as the destination address for connections based on this profile. The destination must be a device that can behave like an LNS.

  • Page 370: Users

    15 VPN bintec elmeg GmbH Field Description value means that no L2TP HELLO messages are sent. Minimum Time Enter the minimum time (in seconds) that your device waits be- between Retries fore resending a L2TP control packet for which it received no re- sponse.
  • Page 371 15 VPN bintec elmeg GmbH L2TP Users Fig. 131: -> -> -> The menu VPN->L2TP->Users->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the L2TP partner. The first character in this field must not be a number No special characters or umlauts must be used.
  • Page 372 15 VPN bintec elmeg GmbH Field Description L2TP network server (LNS) or the functions of a L2TP access concentrator client (LAC client). Possible values: • (default value): If you select this option, the L2TP partner is configured so that it accepts L2TP tunnels and restores the encapsulated PPP traffic flow.
  • Page 373 15 VPN bintec elmeg GmbH Field Description • (default value): You enter a static IP address. • : Only for Connection Type = Your device dynamically assigns an IP address to the remote terminal. • : Only for Connection Type = .
  • Page 374 15 VPN bintec elmeg GmbH Fields in the Advanced Settings menu. Field Description Block after connection Enter the wait time in seconds before the device should try failure for again after an attempt to set up a connection has failed.
  • Page 375 15 VPN bintec elmeg GmbH Field Description checked by sending LCP echo requests or replies. This is re- commended for leased lines, PPTP and L2TP connections. The function is enabled with The function is enabled by default. Prioritize TCP ACK...

  • Page 376: Options

    15 VPN bintec elmeg GmbH Field Description til someone actually wants to use the route. • : Your device responds to an ARP request only if the status of the connection to the L2TP partner is (active), i.e. a connection already exists to the L2TP partner.

  • Page 377: Pptp

    15 VPN bintec elmeg GmbH Field Description The function is disabled by default. 15.3 PPTP The Point-to-Point Tunnelling Protocol (=PPTP) can be used to set up an encrypted PPTP tunnel to provide security for data traffic over an existing IP connection.
  • Page 378 15 VPN bintec elmeg GmbH 15.3.1.1 New Click on New to set up further PPTP partners. PPTP PPTP Tunnels Fig. 133: -> -> -> The VPN->PPTP->PPTP Tunnels->New menu consists of the following fields: Fields in the PPTP Partner Parameters menu.
  • Page 379 15 VPN bintec elmeg GmbH Field Description Description Enter a unique name for the tunnel. The first character in this field must not be a number No special characters or umlauts must be used. PPTP Mode Enter the role to be assigned to the PPTP interface.
  • Page 380 15 VPN bintec elmeg GmbH Fields in the IP Mode and Routes menu. Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: •...
  • Page 381 15 VPN bintec elmeg GmbH Field Description • : The lower the value, the higher the priority of the route (possible values ). The default value is . IP Assignment Pool Only if PPTP Mode = , IP Address Mode = (IPCP) Select a IP pool configured in the VPN->PPTP->IP Pools...
  • Page 382 15 VPN bintec elmeg GmbH Field Description Possible values: • : MPP encryption is not used. • (default value): MPP encryption V2 with 128 bit is used to RFC 3078. • : MPP encryption V2 with 128 bit is used as compatible with Microsoft and Cisco.
  • Page 383 15 VPN bintec elmeg GmbH Field Description propagated or OSPF protocol packets sent over this interface. • : OSPF is disabled for this interface. Proxy ARP Mode Select whether your device is to answer APR requests from your LAN on behalf of the specific PPTP partner.

  • Page 384: Options

    15 VPN bintec elmeg GmbH Field Description cial applications. Incoming ISDN Num- Only if Callback is enabled. Enter the ISDN number from which the remote device calls the local device (calling party number). Outgoing ISDN Num- Only if Callback is enabled.

  • Page 385: Ip Pools

    1 from Microsoft Windows XP. Since, in SP 1, Mi- crosoft has changed the confirmation algorithm in the GRE pro- tocol, the automatic window adaptation for GRE must be turned off for bintec elmeg devices. The function is enabled with The function is enabled by default.

  • Page 386: Gre

    15 VPN bintec elmeg GmbH 15.3.3.1 Edit or New Choose theNew button to set up new IP address pools. Choose the icon to edit existing entries. PPTP IP Pools Fig. 135: -> -> -> Fields in the menu Basic Parameters...

  • Page 387: Gre Tunnels

    15 VPN bintec elmeg GmbH over this interface is then encapsulated using GRE and sent to the specified recipient. 15.4.1 GRE Tunnels A list of all configured GRE tunnels is displayed in the VPN->GRE->GRE Tunnels menu. 15.4.1.1 New Choose the New button to set up new GRE tunnels.
  • Page 388 15 VPN bintec elmeg GmbH Field Description Default Route If you enable the Default Route, all data is automatically routed to one connection. The function is disabled by default. Local IP Address Here, enter the (LAN-side) IP address that is to be used as your device's source address for your own packets through the GRE tunnel.

  • Page 389: Chapter 16 Firewall

    16 Firewall bintec elmeg GmbH Chapter 16 Firewall The Stateful Inspection Firewall (SIF) provided for bintec elmeg gateways is a powerful se- curity feature. The SIF with dynamic packet filtering has a decisive advantage over static packet filtering: The decision whether or not to send a packet cannot be made solely on the basis of source and destination addresses or ports but also using dynamic packet filtering based on the state of the connection to a partner.

  • Page 390: Policies

    16 Firewall bintec elmeg GmbH One of the basic functions of NAT is the translation of the local IP addresses of your LAN into the global IP addresses you are assigned by your ISP and vice versa. All connections initiated externally are first blocked, i.e. every packet your device cannot assign to an exist- ing connection is rejected.
  • Page 391 16 Firewall bintec elmeg GmbH in succession until a rule matches. If overlapping occurs, i.e. more than one filter rule matches a packet, only the first rule is executed. This means that if the first rule denies a packet, whereas a later rule allows it, the packet is rejected. A deny rule also has no effect if a relevant packet has previously been allowed by another filter rule.
  • Page 392 16 Firewall bintec elmeg GmbH Field Description Source Select one of the preconfigured aliases for the source of the packet. In the list, all WAN/LAN interfaces, interface groups (see Fire- wall->Interfaces->Groups), addresses (see Firewall->Ad- dresses->Address List) and address groups (see Firewall->Addresses->Groups) are available.
  • Page 393 16 Firewall bintec elmeg GmbH Field Description Action Select the action to be applied to a filtered packet. Possible values: • (default value): The packets are forwarded on the basis of the entries. • : The packets are rejected. •...

  • Page 394: Qos

    16 Firewall bintec elmeg GmbH 16.1.2 QoS More and more applications need increasingly larger bandwidths, which are not always available. Quality of Service (QoS) makes it possible to distribute the available bandwidths effectively and intelligently. Certain applications can be given preference and bandwidth re- served for them.

  • Page 395: Options

    16 Firewall bintec elmeg GmbH Field Description Filter Rules This field contains a list of all configured firewall policies for which QoS was activated (Apply QoS = under Fire- wall->Policies->Filter Rules->New). The following options are available for each list entry: •...
  • Page 396 16 Firewall bintec elmeg GmbH Fields in the Global Firewall Options menu. Field Description Firewall Status Enable or disable the firewall function. The function is enabled with The function is enabled by default. Logged Actions Select the firewall syslog level.

  • Page 397: Interfaces

    16 Firewall bintec elmeg GmbH Field Description Possible values are The default value is Other Inactivity Enter the inactivity time after which a session of another type is to be regarded as expired (in seconds). Possible values are The default value is 16.2 Interfaces...

  • Page 398: Addresses

    16 Firewall bintec elmeg GmbH Field Description Description Enter the desired description of the interface group. Members Select the members of the group from the available interfaces. To do this, activate the field in the Selection column. 16.3 Addresses 16.3.1 Address List A list of all configured addresses is displayed in the Firewall->Addresses->Address List...

  • Page 399: Groups

    16 Firewall bintec elmeg GmbH Field Description • : Enter an IP address range with a start and end address. Address / Subnet Only for Address Type = Enter the IP address of the host or a network address and the related netmask.

  • Page 400: Services

    16 Firewall bintec elmeg GmbH Field Description Selection Select the members of the group from the available Addresses. To do this, activate the Fields in the Selection column. 16.4 Services 16.4.1 Service List In the Firewall->Services->Service List menu, a list of all available services is displayed.
  • Page 401 16 Firewall bintec elmeg GmbH Field Description specified port number is verified. If a port range is to be checked, enter the upper limit here. Possible values are Source Port Range Only for Protocol = In the first field, enter the source port to be checked, if applic- able.

  • Page 402: Groups

    16 Firewall bintec elmeg GmbH Field Description Code Selection options for the ICMP codes are only available for Type = Possible values: • (default value) • • • • • • • 16.4.2 Groups A list of all configured service groups is displayed in the Firewall->Services->Groups menu.
  • Page 403 16 Firewall bintec elmeg GmbH Firewall Services Groups Fig. 145: -> -> -> The menu Firewall->Services->Groups->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the desired description of the service group. Members Select the members of the group from the available service ali- ases.

  • Page 404: Chapter 17 Voip

    17 VoIP bintec elmeg GmbH Chapter 17 VoIP Voice over IP (VoIP) uses the IP protocol for voice and video transmission. The main difference compared with conventional telephony is that the voice information is not transmitted over a switched connection in a telephone network, but divided into data packets by the Internet protocol and these packets are then passed to the destination over undefined paths in a network.

  • Page 405: Rtsp

    17 VoIP bintec elmeg GmbH Field Description You must configure a proxy for each destination port to which VoIP clients from the LAN can connect. The ports can be provider-specific. The default value is Prioritize SIP Calls Select whether you want to prioritise SIP Calls.
  • Page 406 17 VoIP bintec elmeg GmbH Field Description RTSP Proxy Select whether you want to permit RTSP sessions. The function is activated by selecting The function is disabled by default. RTSP Port Select the port over which the RTSP messages are to come in and go out.

  • Page 407: Chapter 18 Local Services

    18 Local Services bintec elmeg GmbH Chapter 18 Local Services This menu offers services for the following application areas: • Name resolution (DNS) • Configuration via web browser (HTTPS) • Locating of dynamic IP addresses using a DynDNS provider • Configuration of gateway as a DHCP server (assignment of IP addresses) •...
  • Page 408 18 Local Services bintec elmeg GmbH Name server Under Local Services->DNS->DNS Servers->New you enter the IP addresses of name servers that are queried if your device cannot answer requests itself or by forwarding entries. Global name servers and name servers that are attached to an interface can both be entered.

  • Page 409: Global Settings

    18 Local Services bintec elmeg GmbH 18.1.1 Global Settings Local Services Global Settings Fig. 148: -> -> The menu Local Services->DNS->Global Settings consists of the following fields: Fields in the Basic Parameters menu. Field Description Domain Name Enter the standard domain name of your device.
  • Page 410 18 Local Services bintec elmeg GmbH Field Description i.e. successfully resolved names and IP addresses are to be stored in the cache. The function is activated by selecting The function is enabled by default. Negative Cache Select whether the negative dynamic cache is to be activated, i.e.

  • Page 411: Dns Servers

    18 Local Services bintec elmeg GmbH Fields in the IP address to use for DNS/WINS server assignment menu. Field Description As DHCP Server Select which name server addresses are sent to the DHCP cli- ent if your device is used as DHCP server.
  • Page 412 18 Local Services bintec elmeg GmbH Local Services DNS Servers Fig. 149: -> -> -> The Local Services->DNS->DNS Servers->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Admin Status Select whether the DNS server should be enabled.

  • Page 413: Static Hosts

    18 Local Services bintec elmeg GmbH Field Description • (default value) Interface Select the interface to which the DNS server pair is to be as- signed. For Interface Mode = A global DNS server is created with the setting For Interface Mode = A DNS server is configured for all interfaces with the setting.

  • Page 414: Domain Forwarding

    18 Local Services bintec elmeg GmbH The menu Local Services->DNS->Static Hosts->New consists of the following fields: Fields in the Basic Parameters menu. Field Description DNS Hostname Enter the host name to which the IP Address defined in this menu is to be assigned if a positive response is received to a DNS request.
  • Page 415 Enter the name of the host to be forwarded. The entry can also start with the wildcard *, e.g. *.bintec-elmeg.com. If a name is entered without a full stop, you complete with OK " <Default Domain>. " " is added.

  • Page 416: Cache

    18 Local Services bintec elmeg GmbH Field Description Forward to Select the forwarding destination requests to the name defined in Host or Domain. Possible values: • (default value): The request is forwarded to the defined Interface. • : The request is forwarded to the defined DNS Server.
  • Page 417 18 Local Services bintec elmeg GmbH 18.1.6 Statistics Local Services Statistics Fig. 153: -> -> In the Local Services->DNS->Statisticsmenu, the following statistical values are dis- played: Fields in the DNS Statistics menu. Field Description Received DNS Packets Shows the number of received DNS packets addressed direct to your device, including the response packets for forwarded re- quests.

  • Page 418: Https

    18 Local Services bintec elmeg GmbH 18.2 HTTPS You can operate the user interface of your device from any PC with an up-to-date Web browser via an HTTPS connection. HTTPS (HyperText Transfer Protocol Secure) is the procedure used to establish an en- crypted and authenticated connection by SSL between the browser used for configuration and the device.

  • Page 419: Dyndns Client

    18 Local Services bintec elmeg GmbH Field Description • : Under System Management->Cer- tificates->Certificate List select entered certificate. 18.3 DynDNS Client The use of dynamic IP addresses has the disadvantage that a host in the network can no longer be found once its IP address has changed. DynDNS ensures that your device can still be reached after a change to the IP address.
  • Page 420 18 Local Services bintec elmeg GmbH Local Services DynDNS Client DynDNS Update Fig. 155: -> -> -> The menu Local Services->DynDNS Client->DynDNS Update->New consists of the fol- lowing fields: Fields in the Basic Parameters menu. Field Description Host Name Enter the complete host name as registered with the DynDNS provider.

  • Page 421: Dyndns Provider

    18 Local Services bintec elmeg GmbH Field Description The default value is Enable update Select whether the DynDNS entry configured here is to be activ- ated. The function is activated by selecting The function is disabled by default. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
  • Page 422 18 Local Services bintec elmeg GmbH Local Services DynDNS Client DynDNS Provider Fig. 156: -> -> -> The menu Local Services->DynDNS Client->DynDNS Provider->New consists of the fol- lowing fields: Fields in the Basic Parameters menu. Field Description Provider Name Enter a name for this entry.

  • Page 423: Dhcp Server

    DHCP server as a network broadcast.* The client then receives its IP address from bintec elmeg (as part of a brief exchange). You therefore do not need to allocate fixed IP addresses to PCs, which reduces the amount of configuration work in your network.

  • Page 424: Dhcp Configuration

    18 Local Services bintec elmeg GmbH 18.4.1.1 Edit or New Choose the New button to set up new IP address pools. Choose the icon to edit exist- ing entries. Local Services DHCP Server IP Pool Configuration Fig. 157: -> ->...
  • Page 425 18 Local Services bintec elmeg GmbH Note In the ex works state the DHCP pool is preconfigured with the IP addresses 192.168.0.10 to 192.168.0.49 and is used if there is no other DHCP server available in the network. 18.4.2.1 Edit or New Choose the New button to set up new IP address pools.
  • Page 426 18 Local Services bintec elmeg GmbH Field Description Pool Usage Specify whether the IP pool is used for DHCP requests in the same subnet or for DHCP requests that have been forwarded to your device from another subnet. In this case it is possible to define IP addresses from another network.
  • Page 427 18 Local Services bintec elmeg GmbH Field Description • : Enter the IP address of the DNS server to be sent to the client. • : Enter the DNS domain to be sent to the client. • : Enter the IP address of the WINS/ NBNS server to be sent to the client.

  • Page 428: Ip/Mac Binding

    18 Local Services bintec elmeg GmbH Field Description Possible values: • (default value) • Provisioning Server Only für Select vendor = Enter which manufacturer value shall be transmitted. For the setting Select vendor = , the default value is displayed.

  • Page 429: Dhcp Relay Settings

    18 Local Services bintec elmeg GmbH 18.4.3.1 New Choose the New button to set up new IP/MAC bindings. Local Services DHCP Server IP/MAC Binding Fig. 159: -> -> -> The menu Local Services->DHCP Server->IP/MAC Binding->New consists of the follow- ing fields: Fields in the Basic Parameters menu.

  • Page 430: Web Filter

    18 Local Services bintec elmeg GmbH Local Services DHCP Server DHCP Relay Settings Fig. 160: -> -> The menu Local Services->DHCP Server->DHCP Relay Settings consists of the follow- ing fields: Fields in the Basic Parameters menu. Field Description Primary DHCP Server Enter the IP address of a server to which BootP or DHCP re- quests are to be forwarded.

  • Page 431: General

    18 Local Services bintec elmeg GmbH 18.5.1 General This menu contains the configuration of basic parameters for using the Proventia Web Fil- ter. Local Services Web Filter General Fig. 161: -> -> The Local Services->Web Filter->Generalmenu consists of the following fields: Fields in the Web Filter Options menu.
  • Page 432 18 Local Services bintec elmeg GmbH Field Description Press the Add button to add more interfaces. The requests from http Internet pages that reach your device via these interfaces are then monitored by web filtering. Maximum Number of Define the number of entries to be saved in the web filtering his- History Entries tory (History menu).

  • Page 433: Filter List

    18 Local Services bintec elmeg GmbH Field Description Licence Status Shows the result of the last validity check of the licence. The validity of the licence is checked every 23 hours. License valid until This shows the expiry date of the licence (relative to the time set on your device) and cannot be edited.
  • Page 434 18 Local Services bintec elmeg GmbH Field Description Category Select which category of addresses/URLs the filter is to be used The options are first the standard categories of the Proventia Web Filter (default value: ). Actions can also be defined for the following special cases, e.g.: •...

  • Page 435: Black / White List

    18 Local Services bintec elmeg GmbH Field Description • : Callup is allowed and not logged. 18.5.3 Black / White List The Local Services->Web Filter->Black / White List menu contains a list of URLs or IP addresses, as the case applies. The addresses on the White List can also be called if they had been blocked because of filter configuration and classification in the Proventia web filter.

  • Page 436: History

    18 Local Services bintec elmeg GmbH 18.5.4 History In the Local Services->Web Filter->History menu, you can view the recorded history of the web filter. The history logs all requests that are marked for logging by a relevant filter (Action = ), likewise all rejected requests.
  • Page 437 18 Local Services bintec elmeg GmbH 18.6.1.1 New Choose the New button to set up new CAPI users. Local Services CAPI Server User Fig. 165: -> -> -> The menu Local Services->CAPI Server->User->New consists of the following fields: Fields in the Basic Parameters menu.

  • Page 438: Options

    18 Local Services bintec elmeg GmbH 18.6.2 Options Local Services CAPI Server Options Fig. 166: -> -> The menu Local Services->CAPI Server->Options consists of the following fields: Fields in the Basic Parameters menu. Field Description Enable server Select whether your device is to be enabled as a CAPI server.

  • Page 439: Scheduling

    Caution The configuration of actions that are not available as defaults requires extensive know- ledge of the method of operation of bintec elmeg gateways. An incorrect configuration can cause considerable disruption during operation. If applicable, save the original configuration on your PC.
  • Page 440 18 Local Services bintec elmeg GmbH 18.7.1.1 New Choose the New button to create more event lists. Local Services Scheduling Trigger Fig. 167: -> -> -> The menu Local Services->Scheduling->Trigger->New consists of the following fields: Fields in the menu Basic Parameters...
  • Page 441 18 Local Services bintec elmeg GmbH Field Description Possible values: • (default value): The operations configured and assigned in Actions are initiated at specific points in time. • : The actions configured and assigned in Actions are initiated when the defined MIB variables assumes the as- signed values.
  • Page 442 18 Local Services bintec elmeg GmbH Field Description Only the MIB tables and MIB variables present in the respective area are displayed. Compare Condition Only for Event Type Select whether the MIB variable (default value), , must have the value given in or must lie within to initiate the operation.
  • Page 443 18 Local Services bintec elmeg GmbH Field Description • (default value): Incoming data traffic is monitored. • : Outgoing data traffic is monitored. Interface Traffic Condi- Only for Event Type tion Select whether the value for data traffic must be...
  • Page 444 18 Local Services bintec elmeg GmbH Field Description Enter the number of ping tests to be performed until Destina- tion IP Address as applies. The default value is . Monitored Certificate Only for Event Type Select the certificate whose validity should be checked.

  • Page 445: Actions

    18 Local Services bintec elmeg GmbH Field Description urdays and Sundays. Possible values for Condition Settings in Condition Type = Start Time Enter the time from which the initiator is to be activated. Activa- tion is carried on the next scheduling interval. the default value of this interval is 55 seconds.
  • Page 446 18 Local Services bintec elmeg GmbH Field Description Description Enter your chosen designation for the action. Command Type Select the desired action. Possible values: • (default value): Your device is rebooted. • : The desired value is entered for a MIB variable.
  • Page 447 18 Local Services bintec elmeg GmbH Field Description • : The operation is initiated if a single event occurs. • : The operation is triggered if no event occurs. • : The operation is triggered if one of the events does not occur.
  • Page 448 18 Local Services bintec elmeg GmbH Field Description Possible values: • (default value): The value of the MIB variable is mod- ified if the initiator is active. • : The value of the MIB variable is modified if the ini- tiator is inactive.
  • Page 449 18 Local Services bintec elmeg GmbH Field Description Select the desired wireless network whose status shall be changed. Set status Only if Command Type = Select the status for the wireless network. Possible values: • (default value) • Source Location Only if Command Type = Select the source for the software update.
  • Page 450 18 Local Services bintec elmeg GmbH Field Description Enter the file name of the software version. Where Command Type = with Action = Enter the file name of the certificate file. Action For Command Type = Select which operation is to be performed on a configuration file.
  • Page 451 18 Local Services bintec elmeg GmbH Field Description and Action = Select whether the file is to be sent in the CSV format. The CSV format can easily be read and modified. In addition, you can view the corresponding file clearly using Microsoft Ex- cel for example.
  • Page 452 18 Local Services bintec elmeg GmbH Field Description Select the file to be copied. Configuration contains Only where Command Type = certificates/keys and Action = Select whether the certificates and keys contained in the config- uration are to be imported or exported.
  • Page 453 18 Local Services bintec elmeg GmbH Field Description Possible values: • (default value): The IP address of the interface over which the ping is sent is automatically entered as sender address. • : Enter the desired IP address in the input field.
  • Page 454 18 Local Services bintec elmeg GmbH Field Description Overwrite similar certi- Only where Command Type = ficate and Action = Select whether to overwrite a certificate already present on the your device with the new one. The function is disabled by default.
  • Page 455 18 Local Services bintec elmeg GmbH Field Description Password Only where Command Type = and Action = To obtain certificates, you may need a password from the certi- fication authority. Enter the password you received from the cer- tification authority here.

  • Page 456: Options

    18 Local Services bintec elmeg GmbH Field Description Select the WLAN module on which to perform the frequency band scan. WLC SSID Only where Command Type = Select the wireless network administered over the WLAN con- troller whose status should be changed.

  • Page 457: Surveillance

    In this menu, you can configure an automatic availability check for hosts or interfaces and automatic ping tests. You can monitor temperature with devices from the bintec WI series. Note This function cannot be configured on your device for connections that are authentic- ated via a RADIUS server.
  • Page 458 18 Local Services bintec elmeg GmbH Local Services Surveillance Hosts Fig. 170: -> -> -> The menu Local Services->Surveillance->Hosts->New consists of the following fields: Fields in the Host Parameters menu Field Description Group ID If the availability of a group of hosts or the default gateway is to be monitored by your device, select an ID for the group or the default gateway.
  • Page 459 18 Local Services bintec elmeg GmbH Field Description • : Enter the IP address of the host to be monitored manually in the adjacent input field. Source IP Address Select how the IP address is to be determined that your device uses as the source address of the packet sent to the host to be monitored.

  • Page 460: Interfaces

    18 Local Services bintec elmeg GmbH Field Description Action to be performed Select which Action should be run. For most actions, you select an Interface to which the Action relates. All physical and virtual interfaces can be selected. For each interface, select whether it is to be enabled (...

  • Page 461: Ping Generator

    18 Local Services bintec elmeg GmbH Field Description Trigger Select the state or state transition of Monitored Interface that is to trigger a particular Interface Action. Possible values: • (default value) • Interface Action Select the action that is to follow the state or state transition defined in Trigger.
  • Page 462 18 Local Services bintec elmeg GmbH Local Services Surveillance Ping Generator Fig. 172: -> -> -> The menu Local Services->Surveillance->Ping Generator->New consists of the follow- ing fields: Fields in the Basic Parameters menu. Field Description Destination IP Address Enter the IP address to which the ping is automatically sent.

  • Page 463: Isdn Theft Protection

    18 Local Services bintec elmeg GmbH 18.9 ISDN Theft Protection With the ISDN theft protection function, you can prevent a thief who has stolen a gateway from gaining access to the gateway owner's LAN. (Without theft protection, he could dial in- to the LAN by ISDN if under WAN->Internet + Dialup->ISDN->...
  • Page 464 18 Local Services bintec elmeg GmbH Local Services ISDN Theft Protection Options Fig. 173: -> -> The menu Local Services->ISDN Theft Protection->Options consists of the following fields: Fields in the Basic Parameters menu. Field Description ISDN Theft Protection Enable or disable the ISDN theft protection function.

  • Page 465: Upnp

    18 Local Services bintec elmeg GmbH Field Description Use Add to add a new interface. Select from the available interfaces those to which the ISDN theft protection function is to be applied. Fields in the Advanced Settings menu. Field Description...

  • Page 466: Interfaces

    18 Local Services bintec elmeg GmbH . The ports are released internally to the gateway on demand, i.e. when an audio/video transfer is started in Messenger. When the application is closed, the ports are immediately closed again. The peer-to-peer-communication is initiated via public SIP servers with only the information from the two clients being forwarded.

  • Page 467: General

    18 Local Services bintec elmeg GmbH Field Description Interface is UPnP con- Determine whether the NAT configuration of this interface is trolled controlled by UPnP. The function is enabled with The function is disabled by default. 18.10.2 General In this menu, you make the basic UPnP settings.

  • Page 468: Hotspot Gateway

    Requirements To operate a Hotspot, the customer requires: • a bintec elmeg device as hotspot gateway with active Internet access and configured hot- spot server entries for login and accounting (see menu System Management->Remote Authentication->RADIUS->New with Group Description •...

  • Page 469: Hotspot Gateway

    Also refer to the WLAN Hotspot Workshop that is available to download from www.bintec-elmeg.com 18.11.1 HotSpot Gateway In the HotSpot Gateway menu, you can configure the bintec elmeg gateway installed onsite for the Hotspot Solution. A list of all configured hotspot networks is displayed in the Local Services->HotSpot...
  • Page 470 18 Local Services bintec elmeg GmbH Gateway->HotSpot Gateway menu. Local Services HotSpot Gateway HotSpot Gateway Fig. 176: -> -> You can use the Enabled option to enable or disable the corresponding entry. 18.11.1.1 Edit or New You configure the hotspot networks in the Local Services->HotSpot Gateway->HotSpot Gateway->...
  • Page 471 18 Local Services bintec elmeg GmbH Field Description Interface Choose the interface to which the Hotspot LAN or WLAN is con- nected. When operating over LAN, enter the Ethernet interface here (e. g. en1-0). If operating over WLAN, the WLAN interface to which the access point is connected must be selected.
  • Page 472 18 Local Services bintec elmeg GmbH Field Description Terms &Conditions Only if Walled Garden is enabled. In the Terms &Conditions input field, enter the address of the general terms and conditions on the intranet server, or public server, e.g., http://www.webserver.de/agb.htm. The page must lie within the address range of the walled garden network.

  • Page 473: Options

    18 Local Services bintec elmeg GmbH Field Description • : All clients are approved. • : Prevents users who have not received an IP address from DHCP from logging in. Login Frameset Enable or disable the login window. The login window on the HTML homepage consists of two frames.

  • Page 474: Wake-On-Lan

    18 Local Services bintec elmeg GmbH Local Services HotSpot Gateway Options Fig. 178: -> -> The Local Services->HotSpot Gateway->Options menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Host for multiple loca- If several locations (branches) are set up on the Hotspot server,...
  • Page 475 18 Local Services bintec elmeg GmbH Local Services Wake-On-LAN Wake-On-LAN Filter Fig. 179: -> -> -> The Local Services->Wake-On-LAN->Wake-On-LAN Filter->New menu consists of the following fields: Fields in the menu Basic Parameters Field Description Description Enter the name of the filter.
  • Page 476 18 Local Services bintec elmeg GmbH Field Description Select the type. Possible values: See RFC 792. The default value is Connection State With Protocol = , you can define a filter that takes the status of the TCP connections into account.

  • Page 477: Wol Rules

    18 Local Services bintec elmeg GmbH Field Description DSCP/TOS Filter Select the Type of Service (TOS). (Layer 3) Possible values: • (default value): The type of service is ignored. • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format, 6 bit).
  • Page 478 18 Local Services bintec elmeg GmbH Local Services Wake-On-LAN WOL Rules Fig. 180: -> -> -> The Local Services->Wake-On-LAN->WOL Rules->New menu consists of the following fields: Fields in the menu Basic Parameters Field Description Wake-On-LAN Rule Select whether to create a new rule chain or to edit an existing Chain one.

  • Page 479: Interface Assignment

    18 Local Services bintec elmeg GmbH Field Description Local Services->Wake-On-LAN->WOL Rules menu. Action Define the action to be taken for a filtered data packet. Possible values: • : Run WOL if the filter matches. • : Run WOL if the fil- ter does not match.

  • Page 480: Brrp

    Note You require a licence for devices in the R23x series and RS series. BRRP (Bintec Router Redundancy Protocol) is a bintec elmeg-specific implementation of the VRRP (Virtual Router Redundancy Protocol). A router redundancy procedure is used mainly to safeguard the availability of a physical gateway in a LAN or WAN.

  • Page 481: Virtual Routers

    18 Local Services bintec elmeg GmbH defined in the relevant RFC and in the Internet draft. BRRP terms Field Description “A router that uses the Virtual Router Redundancy Protocol. It VRRP router can be integrated into one or more “virtual routers” . ”...
  • Page 482 18 Local Services bintec elmeg GmbH It guarantees that if the active route fails, another router takes over the function of the failed device. The time that each router is active is determined by the priority assigned to the router.
  • Page 483 18 Local Services bintec elmeg GmbH Note The system automatically assigns the MAC address of the virtual interface according to the following model: 00:00:5E:00:01:<ID of the virtual router>. The ID of the virtual router therefore determines the MAC address of the interface, which is used to trans- mit the usage data.
  • Page 484 18 Local Services bintec elmeg GmbH Local Services BRRP Virtual Routers Fig. 182: -> -> -> The Local Services->BRRP->Virtual Routers->New menu consists of the following fields: Fields in the BRRP Advertisement Interface menu. Field Description Ethernet Interface Choose the interface via which BRRP advertisement packets are sent and expected.
  • Page 485 18 Local Services bintec elmeg GmbH Field Description based, if a new virtual interface is created. The name of the vir- tual interface is assigned automatically when it is created. Shows the name of the virtual interface, if a virtual interface that has already been created is edited.
  • Page 486 18 Local Services bintec elmeg GmbH Field Description Advertisement send in- Determine how often a BRRP advertisement packet is sent if terval the virtual router is defined as master. Only the current master sends via multicast BRRP advertisements, which also contain the ID and the priority of the master.

  • Page 487: Vr Synchronisation

    18 Local Services bintec elmeg GmbH Field Description enabled. The function is enabled by default. Note the following exception: If Virtual Interface Priority selected, the gateway with this priority certainly takes over the master role, i.e. the setting in Pre-empt mode (go back into master state) is ignored.
  • Page 488 18 Local Services bintec elmeg GmbH Local Services BRRP VR Synchronisation Fig. 183: -> -> -> The Local Services->BRRP->VR Synchronisation->New menu consists of the following fields: Fields in the Monitoring VR / Interface menu. Field Description Monitoring Mode Shows which mechanism is used for monitoring a virtual router.

  • Page 489: Options

    18 Local Services bintec elmeg GmbH Field Description Virtual Router ID Select the ID of the virtual router to be synchronised. Synchron- ising the virtual router implicitly synchronises the virtual inter- face associated with the virtual router. 18.13.3 Options In the Local Services->BRRP->Options menu,you can enable or disable the BRRP func- tion.

  • Page 490: Chapter 19 Maintenance

    19 Maintenance bintec elmeg GmbH Chapter 19 Maintenance This menu provides you with numerous functions for maintaining your device. It firstly provides a menu for testing availability within the network. You can manage your system configuration files. If more recent system software is available, you can use this menu to in- stall it.

  • Page 491: Dns Test

    19 Maintenance bintec elmeg GmbH 19.1.2 DNS Test Maintenance Diagnostics DNS Test Fig. 186: -> -> The DNS test is used to check whether the domain name of a particular host is correctly re- solved. The Outputfield displays the DSN test messages. The ping test is launched by en- tering the domain name to be tested in DNS Address and clicking the Go button.

  • Page 492: Software &Configuration

    An update of BOOTmonitor and/or Logic is recommended in a few cases. In this case, the release notes refer expressly to this fact. Only update BOOTmonitor or Logic if bintec elmeg GmbH explicitly recommends this. Flash Your device saves its configuration in configuration files in the flash EEPROM (Electrically Erasable Programmable Read Only Memory).
  • Page 493 19 Maintenance bintec elmeg GmbH stored in the working memory (RAM). The contents of the RAM are lost if the device is switched off. So if you modify your configuration and want to keep these changes for the next time you start your device, you must save the modified configuration in the flash memory before switching off: The Save configuration button over the navigation area of the GUI.
  • Page 494 19 Maintenance bintec elmeg GmbH The Maintenance->Software &Configuration ->Options menu consists of the following fields: Fields in the Currently Installed Software menu. Field Description BOSS Shows the current software version loaded on your device. Shows the current system logic loaded on your device.
  • Page 495 19 Maintenance bintec elmeg GmbH Field Description the current configuration was saved as boot configuration and the previ- ous boot configuration was also archived. You can load back the archived boot configuration. • : The file in the Select file field is deleted.
  • Page 496 19 Maintenance bintec elmeg GmbH Field Description Select the source of the update. Possible values: • (default value): The system software file is stored locally on your PC. • : The file is stored on a remote server specified in the URL.

  • Page 497: Reboot

    19 Maintenance bintec elmeg GmbH Field Description Enter the new name of the configuration file. 19.3 Reboot 19.3.1 System Reboot In this menu, you can trigger an immediate reboot of your device. Once your system has restarted, you must call the GUI again and log in.

  • Page 498: Chapter 20 External Reporting

    20 External Reporting bintec elmeg GmbH Chapter 20 External Reporting In this system menu, you define what system protocol messages are saved on which com- puters, and whether the system administrator should receive an e-mail for certain events. Information on IP data traffic can also be saved--depending on the individual interfaces. In addition, SNMP traps can be sent to specific hosts in case of error.
  • Page 499 20 External Reporting bintec elmeg GmbH A list of all configured system log servers displayed in the External Reporting->Syslog->Syslog Servers menu. 20.1.1.1 New Select the New button to set up additional syslog servers. External Reporting Syslog Syslog Servers Fig. 190: ->...
  • Page 500 20 External Reporting bintec elmeg GmbH Field Description • (lowest priority) Syslog messages are only sent to the host if they have a higher or identical priority to that indicated, i.e. at syslog level all messages generated are forwarded to the host.

  • Page 501: Ip Accounting

    20 External Reporting bintec elmeg GmbH 20.2 IP Accounting In modern networks, information about the type and number of data packets sent and re- ceived over the network connections is often collected for commercial reasons. This inform- ation is extremely important for Internet Service Providers that bill their customers by data volume.
  • Page 502 20 External Reporting bintec elmeg GmbH External Reporting IP Accounting Options Fig. 192: -> -> In the External Reporting->IP Accounting->Options menu, you can define the Log Format of the IP accounting messages. The messages can contain character strings in any order, sequences separated by a slash, e.g.

  • Page 503: Alert Service

    20 External Reporting bintec elmeg GmbH 20.3 Alert Service It was previously possible to send syslog messages from the router to any syslog host. De- pending on the configuration, e-mail alerts are sent to the administrator as soon as relevant syslog messages appear.
  • Page 504 20 External Reporting bintec elmeg GmbH Field Description Possible values: • E-mail • SMS Recipient Enter the recipient's e-mail address. The entry is limited to 40 characters. Message Compression Select whether the text in the alert E-mail is to be shortened.
  • Page 505 20 External Reporting bintec elmeg GmbH Field Description entered therefore usually contains wildcards. To be informed of all syslog messages of the selected level, just enter "*". Severity Select the severity level which the string configured in the Matching String field must reach to trigger an e-mail alert.

  • Page 506: Alert Settings

    20 External Reporting bintec elmeg GmbH 20.3.2 Alert Settings External Reporting Alert Service Alert Settings Fig. 194: -> -> The menu External Reporting->Alert Service->Alert Settings consists of the following fields: Fields in the Basic Parameters menu. Field Description Alert Service Select whether the alert service is to be enabled for the inter- face.
  • Page 507 20 External Reporting bintec elmeg GmbH Field Description Possible values: • (default value): The server accepts and send emails without further authentication. • : The server only accepts e-mails if the router logs in with the correct user name and password.

  • Page 508: Snmp

    20 External Reporting bintec elmeg GmbH 20.4 SNMP SNMP (Simple Network Management Protocol) is a protocol from the IP protocol family for transporting management information about network components. Every SNMP management system contains an MIB. SNMP can be used to configure, con- trol and administrate various network components from one system.

  • Page 509: Snmp Trap Hosts

    20 External Reporting bintec elmeg GmbH Field Description Your device then sends SNMP traps to the LAN's broadcast ad- dress. The function is activated by selecting The function is disabled by default. SNMP Trap UDP Port Only if SNMP Trap Broadcasting is enabled.

  • Page 510: Activity Monitor

    20 External Reporting bintec elmeg GmbH External Reporting SNMP SNMP Trap Hosts Fig. 196: -> -> -> The menu External Reporting->SNMP->SNMP Trap Hosts->New consists of the follow- ing fields: Fields in the Basic Parameters menu. Field Description IP Address Enter the IP address of the SNMP trap host.

  • Page 511: Options

    20 External Reporting bintec elmeg GmbH • Start and configure the Windows application on your PC (you can download BRICKware for Windows to your PC from the download area at www.bintec-elmeg.com and from there import it to your device). 20.5.1 Options...
  • Page 512 20 External Reporting bintec elmeg GmbH Field Description • : The UDP packets are sent to the IP address entered in the adjacent input field. Update Interval Enter the update interval (in seconds). Possible values are The default value is .

  • Page 513: Chapter 21 Monitoring

    21 Monitoring bintec elmeg GmbH Chapter 21 Monitoring This menu contains information that enable you to locate problems in your network and monitor activities, e.g. at your device's WAN interface. 21.1 Internal Log 21.1.1 System Messages In the Monitoring->Internal Log->System Messages menu, a list of all internally stored system messages is displayed.

  • Page 514: Ipsec

    21 Monitoring bintec elmeg GmbH Field Description Subsystem Displays which subsystem of the device generated the mes- sage. Message Displays the message text. 21.2 IPSec 21.2.1 IPSec Tunnels A list of all configured IPSec tunnel providers is displayed in the Monitoring->IPSec->IPSec Tunnels menu.
  • Page 515 21 Monitoring bintec elmeg GmbH Monitoring IPSec IPSec Tunnels Fig. 200: -> -> -> Values in the IPSec Tunnels list Field Description Description Shows the description of the peer. Local IP Address Shows the WAN IP address of your device.

  • Page 516: Ipsec Statistics

    21 Monitoring bintec elmeg GmbH Field Description Role / Algorithm / Life- time remaining / Status IPSec (Phase-2) SAs Shows the parameters of the IPSec (Phase 2) SAs. Role / Algorithm / Life- time remaining / Status Messages The system messages for this IPSec tunnel are displayed here.

  • Page 517: Isdn/Modem

    21 Monitoring bintec elmeg GmbH Field Description Status Displays the number of IPSec tunnels by their current status. • Up: Currently active IPSec tunnels. • Going up: IPSec tunnels currently in the tunnel setup phase. • Blocked: IPSec tunnels that are blocked.

  • Page 518: Call History

    21 Monitoring bintec elmeg GmbH Monitoring ISDN/Modem Current Calls Fig. 202: -> -> Values in the Current Calls list Field Description Service Displays the service to or from which the call is connected: Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls).

  • Page 519: Interfaces

    21 Monitoring bintec elmeg GmbH Monitoring ISDN/Modem Call History Fig. 203: -> -> Values in the Call History list Field Description Service Displays the service to or from which the call was connected: Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls).
  • Page 520 21 Monitoring bintec elmeg GmbH Monitoring Interfaces Statistics Fig. 204: -> -> Change the status of the interface by clicking the or the button in the Action column. Values in the Statistics list Field Description Shows the serial number of the interface.
  • Page 521 21 Monitoring bintec elmeg GmbH Monitoring Interfaces Statistics Fig. 205: -> -> -> Values in the Statistics list Field Description Description Displays the name of the interface. MAC Address Displays the interface text. IP Address / Netmask Shows the IP address and the netmask.

  • Page 522: Wlan

    21 Monitoring bintec elmeg GmbH 21.5 WLAN 21.5.1 WLANx In the Monitoring->WLAN->WLAN menu, current values and activities of the WLAN inter- face are displayed. The values for wireless mode 802.11n are listed separately. Monitoring WLAN WLAN Fig. 206: -> ->...
  • Page 523 21 Monitoring bintec elmeg GmbH Field Description Rx Packets Shows the total number of received packets for the data rate shown in mbps. You can choose the Advanced button to go to an overview of more details. Monitoring WLAN WLAN Advanced Fig.

  • Page 524: Vss

    21 Monitoring bintec elmeg GmbH Description Meaning ceived successfully sent with a unicast address. MSDUs that could not Displays the number of MSDUs that could not be sent. be transmitted Frame transmissions Displays the number of sent framesfor which an acknowledge- without ACK received ment frame was not received.
  • Page 525 21 Monitoring bintec elmeg GmbH Field Description Tx Packets Shows the total number of packets sent. Rx Packets Shows the total number of packets received. Signal dBm (RSSI1, Shows the received signal strength in dBm. RSSI2, RSSI3) Noise dBm Shows the received noise strength in dBm.
  • Page 526 21 Monitoring bintec elmeg GmbH Monitoring WLAN <connected client> Fig. 209: -> -> -> -> Values in the list <Connected Client> Field Description Client MAC Address Shows the MAC address of the associated client. IP Address Shows the IP address of the client.

  • Page 527: Client Links

    21 Monitoring bintec elmeg GmbH Field Description wireless connection. Values: • > 25 dB excellent • 15 – 25 dB good • 2 – 15 dB borderline • 0 – 2 dB bad. Data Rate mbps Shows the current transmission rate of data received by this cli- ent in mbps.
  • Page 528 21 Monitoring bintec elmeg GmbH Field Description Tx Packets Shows the total number of packets sent. Rx Packets Shows the total number of packets received. Signal dBm (RSSI1, Shows the received signal strength in dBm. RSSI2, RSSI3) Noise dBm Shows the received noise strength in dBm.

  • Page 529: Bridges

    21 Monitoring bintec elmeg GmbH Values in the Client Links list Field Description AP MAC Address Shows the MAC address of the client link partner. Uptime Shows the time in hours, minutes and seconds for which the cli- ent link in question is active.

  • Page 530: Hotspot Gateway

    21 Monitoring bintec elmeg GmbH 21.7 HotSpot Gateway 21.7.1 HotSpot Gateway A list of all linked hotspot users is displayed in the Monitoring->HotSpot Gateway->Hot- Spot Gateway menu. Monitoring HotSpot Gateway HotSpot Gateway Fig. 213: -> -> Values in the HotSpot Gateway list...
  • Page 531 21 Monitoring bintec elmeg GmbH Monitoring Fig. 214: -> -> Values in the QoS list Field Description Interface Shows the interface for which QoS has been configured. QoS Queue Shows the QoS queue, which has been configured for this inter- face.
  • Page 532 Glossary bintec elmeg GmbH Glossary See GSM. 3DES See DES. See UMTS. See LTE. 802.11 The 802.11 norm describes wireless LAN (WLAN). There are a vari- ety of amendments: 802.11a: Gross data transfer rates: 54 Mbit/s, frequency band: 5 GHz, 802.11b/g: Gross data transfer rates: 11 Mbit/s, frequency band: 2.4 GHz, 802.11g: Gross data transfer...
  • Page 533 Glossary bintec elmeg GmbH key length is 128, 192 or 256 bits. AES is a very fast and secure al- gorithm. Aggressive mode When an IPSec connection is being established, aggressive mode is used to implement a phase 1 exchange. Aggressive mode offers no identity protection for negotiating nodes, since they have to transmit their identity before they can establish a secure channel.
  • Page 534 Glossary bintec elmeg GmbH AUX is a signal input for external devices, e. g. analogue or GSM modems. B channel See Basic Rate Interface and Primary Rate Interface. Back Route Verify If a Back Route Verify is activated for an interface, incoming data packets are only accepted over this interface if outgoing response packets are routed over the same interface.
  • Page 535 Glossary bintec elmeg GmbH and reduces the load. Broadcast In a broadcast, data packets are sent from one point to all the sub- scribers in a network, e. g. if the recipient is not yet known. Ex- amples of this are the ARP and DHCP protocols. The communica- tion is via broadcast addresses: MAC networks: FF:FF:FF:FF:FF:FF, IPv4 networks: 255.255.255.255, IPv6 net-...
  • Page 536 Glossary bintec elmeg GmbH Channel bundling When channels are bundled, the B channels in an ISDN connection are combined to increase data throughput. CHAP The Challenge Handshake Authentication Protocol (CHAP) is an au- thentication protocol for PPP connections. As well as the standard CHAP, Microsoft also has the variants MS-CHAPv1 and MS- CHAPv2.
  • Page 537 Glossary bintec elmeg GmbH Datagram A datagram is a self-contained data entity with user and control data. It generally stands for the terms data frame, data packet and data segment. DCN stands for data communication network. Dead Peer Detection In IPSec, Dead Peer Detection is used to identify IKE peers that can no longer be accessed.
  • Page 538 Glossary bintec elmeg GmbH to-point. It is used to connect a PBX. A main phone number and a number block are issued. Each of the numbers in the number block is called a direct dial exception. (Example: Main number 1234, num- ber block: 1 - 99, numbers of the individual extensions: 1234-1, 1234-2, 1234-3, …)
  • Page 539 Glossary bintec elmeg GmbH Encryption Refers to the encryption of data, e.g. using MPPE. Encapsulating Security Payload (ESP) is a protocol for IPSec. It uses protocol number 50 and supports data encryption and authen- tication. Ethernet Ethernet is a specification for cable data networks. Ethernet works on the first and second layer of the OSI model.
  • Page 540 Glossary bintec elmeg GmbH G.992.1 Data transmission recommendation for ADSL. There are two coun- try-specific versions: G.992.1 Annex A and G.992.1 Annex B. Data transfer rates: 12 Mbit/s (downstream), 1.3 Mbit/s (upstream) G.992.2 Data transmission recommendation for ADSL (G.LITE / ADSL-Lite).
  • Page 541 Glossary bintec elmeg GmbH capsulating other protocols so that they can be transported via the Internet Protocol (IP) in the form of a tunnel (VPN). GRE uses pro- tocol number 47. The Global System for Mobile Communications (GSM), also known as 2G, is a mobile communications standard.
  • Page 542 Glossary bintec elmeg GmbH it uses port 80. HTTPS The HyperText Transfer Protocol Secure (HTTPS) is a protocol which protects against eavesdropping when transmitting HTML pages (web pages) between server and client. HTTPS is schematic- ally identical to HTTP. SSL / TLS is used for additional data encryp- tion.
  • Page 543 Glossary bintec elmeg GmbH IPCP The Internet Protocol Control Protocol (IPCP) is used, in a similar way to DHCP, to configure a host with an IP address, gateway and DNS server, when a PPP network connection is being used. With the extension Robust Header Compression over PPP, the header can be compressed for faster data transmission.
  • Page 544 Glossary bintec elmeg GmbH L2TP The Layer 2 Tunneling Protocol (L2TP) is a network protocol for en- capsulating other protocols so that they can be transported via the Internet Protocol (IP) in the form of a tunnel (VPN). By default, L2TP uses protocol number 1701.
  • Page 545 Glossary bintec elmeg GmbH Loopback In a loopback switch the sender and recipient are identical. Long Term Evolution (LTE), also known as 4G, is a mobile commu- nications standard with a standardised maximum data transmission rate of 300 Mbit/s. MAC address...
  • Page 546 Glossary bintec elmeg GmbH MPPE Microsoft Point-To-Point Encryption (MPPE) is used to encrypt data transmitted via PPP. It was developed by Microsoft and Cisco and specified as RFC 3078. MS-CHAP The Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) is a method of authentication. MS-CHAPv1 is intended for authenticating DCN connections and is largely the same as the standard CHAP.
  • Page 547 Glossary bintec elmeg GmbH NBNS Like DNS, NetBIOS Name Service (NBSN) is used in centralised name resolution. See also WINS and DNS. Netmask With IPv4 in connection with the IP address, the netmask, also net- work mask and subnet mask, defines the network by dividing the IP address into network and device parts and thus determining which addresses need to be routed.
  • Page 548 Glossary bintec elmeg GmbH Peer A peer is the endpoint of a communication in the network. Phase 1/2 See IKE. The Protocol Independent Multicast (PIM) enables the dynamic rout- ing of multicast packets on the Internet. Ping Ping is a diagnostic tool that can be used to check whether a partic- ular host in an IP network can be contacted.
  • Page 549 Glossary bintec elmeg GmbH POP3 The Post Office Protocol Version 3 (POP3) is a transmission pro- tocol which controls how a client accesses emails from an email server. Port The port number is used to decide the service (telnet, FTP, ...) to which an incoming data packet should be sent.
  • Page 550 Glossary bintec elmeg GmbH Proposal When an IPSec connection is being established, the initiator of the connection makes proposals with relation to the authentication and encryption methods to be used. Protocol Protocols regulate the flow of a data communication on different levels of the OSI model.
  • Page 551 Glossary bintec elmeg GmbH Reset This returns the device to its unconfigured state. A Request For Comments (RFC) is a document that describes the standards and guidelines for the Internet. Rijndael See AES. The Routing Information Protocol (RIP) is a routing protocol. It is re- stricted to small networks.
  • Page 552 Glossary bintec elmeg GmbH RTSP The Real-Time Streaming Protocol (RTSP) controls the transmis- sion of audio and video data (streams) via IP-based networks. While the Real-Time Transport Protocol (RTP) is used to transmit user data, the main function of RTSP lies in controlling the data streams.
  • Page 553 Glossary bintec elmeg GmbH SHA1 Secure Hash Algorithm version 1 (SHA1) is a hash function that generates a 160 bit hash value (checksum). See also Hash. SHDSL Symmetrical High-bit-rate Digital Subscriber Line. See DSL. Shell The shell is an input interface (e. g. command line or graphic user interface) between computer and user.
  • Page 554 Glossary bintec elmeg GmbH the Real-Time Transport Protocol (RTP) that is encrypted using AES. Secure Shell (SSH) is a network protocol that can be used to estab- lish an encrypted connection to a device's shell. SSID The Service Set Identifier (SSID) defines a wireless network that is based on IEEE 802.11.
  • Page 555 Glossary bintec elmeg GmbH sible IP addresses). Switch A switch is a network component that connects individual network segments to one another. On the one hand, a switch can be oper- ated as a bridge to the data link layer in the OSI model. Unlike the bridge, however, a switch has more than one input and output.
  • Page 556 Glossary bintec elmeg GmbH an ISDN terminal. See also NT. Telnet Telecommunication Network (Telnet) is a network protocol. It en- ables communication with another, remote device in the network, e. g. PCs, routers, etc. TFTP The Trivial File Transfer Protocol (TFTP) regulates the transmission of files.
  • Page 557 Glossary bintec elmeg GmbH control must take place in the application layer. Conversely, UDP is faster than connection-oriented protocols. Unique Local Addresses (ULA) are IPv6 addresses that are not routed. They can be used in private networks (e. g. a LAN). ULAs begin with the prefix fd.
  • Page 558 Glossary bintec elmeg GmbH also refers to a tunnel that is established between the private net- works of the two connected parties. VPN protocols are IPSec, PPTP, L2TP and GRE. The Virtual Service Set (VSS) refers to a prefix for wireless LAN in- terfaces.
  • Page 559 Glossary bintec elmeg GmbH WPA-PSK With WPA 1 / 2, WPA-PSK enables subscribers to be authenticated using pre-shared keys. The access point and the client use the same string for the key calculation in the WLAN. This string needs to be configured by the users.
  • Page 560 Index bintec elmeg GmbH Address List Index Address / Subnet Addresses Admin Status Custom DHCP Options Administration 169 , 199 Vendor Description Administrative Status 318 , 398 ISDN Timeserver Administrative Access Power Off Timeout ADSL Line Profile System Admin Password...
  • Page 561 Index bintec elmeg GmbH Autosave Mode 134 , 431 Certificate Revocation List (CRL) Checking Certificates Back Route Verify Channel 174 , 199 , 504 Back Route Verify Channel Bundling Bandwidth Channel Plan Based on Ethernet Interface Channel Sweep Beacon Period...
  • Page 562 Index bintec elmeg GmbH Control Mode 233 , 314 431 , 461 , 464 , 500 , 501 , 506 , Controlled Interfaces 507 , 509 Corrupt Frames Received Description - Connection Information - COS Filter (802.1p/Layer 2) 227 , 242...
  • Page 563 Index bintec elmeg GmbH Domain Forwarding Entries Domain at the HotSpot Server Entry active 110 , 115 Domain Name Errors 501 , 503 Downstream Ethernet Interface Drop non-members Ethernet Ports Drop In Ethernet Interface Selection 140 , 141 Drop In Groups...
  • Page 564 Index bintec elmeg GmbH IGMP State Limit IGMP Status Ignore Certificate Request Payloads Garbage Collection Timer Gateway 208 , 412 IKE (Phase-1) Gateway IP Address IKE (Phase-1) SAs General 261 , 417 , 453 IMEI Generate Private Key Include certificates and keys...
  • Page 565 Index bintec elmeg GmbH IP Address Mode 274 , 279 , 284 , Language for login window 289 , 297 , 358 , 366 Last Command IP Address Range 300 , 348 , 372 , Last configuration stored Last Member Query Interval...
  • Page 566 Index bintec elmeg GmbH Logged Actions Maximum Response Time Logging Level Maximum Time between Retries Login Frameset Maximum TTL for Negative Cache Login Grace Time Entries Logon Maximum TTL for Positive Cache Long Retry Limit 180 , 183 Entries Loopback End-to-End...
  • Page 567 Index bintec elmeg GmbH MSN Recognition MSN Configuration OAM Controlling 275 , 373 , 501 OAM Flow Level Multicast Oper Status Multicast Routing Operation Band Multicast Group Address Operation Mode Multicast MSDUs received Operation Mode (Active) successfully Operation Mode (Inactive)
  • Page 568 Index bintec elmeg GmbH Phase-1 Profiles Prioritize SIP Calls Phase-2 Profile Prioritize TCP ACK Packets 275 , 280 Phase-2 Profiles , 285 , 298 , 306 , 360 Physical Address Priority 110 , 115 , 236 , 377 , 398...
  • Page 569 Index bintec elmeg GmbH Rate 512 , 515 Roaming Profile Real Time Jitter Control Robustness Real Time Jitter Control Role Reboot Route Announce Reboot after execution Route Class Reboot device after Route Entries 274 , 279 , 284 , 289 ,...
  • Page 570 Index bintec elmeg GmbH Select radio Signal dBm (RSSI1, RSSI2, RSSI3) Select vendor 510 , 512 , 513 , 515 Select file Silent Deny Selected Channel Silent Deny Selected Channels SIM Card Uses PIN Selected PLMN Selected Ports SIP Port...
  • Page 571 Index bintec elmeg GmbH Start Mode Third Timeserver Start Time Ticket Type Start Time Time State Time Condition State/Province Time Update Interval 91 , 93 Static Hosts Time Update Policy Statistics 403 , 505 Time Zone Status 81 , 426 , 500 , 502 , 504 , 506...
  • Page 572 Index bintec elmeg GmbH UDP Source Port Selection Virtual Channel Connection (VCC) UMTS/LTE 151 , 295 307 , 310 UMTS/LTE Interface Virtual Interface Priority UMTS/LTE Status Virtual Path Connection (VPC) Unchanged for Virtual Path Identifier (VPI) Unicast MPDUs received successfully...
  • Page 573 Index bintec elmeg GmbH Wildcard Wildcard Mode Wildcard MAC Address WINS Server Wireless Mode Wireless LAN Wireless Networks (VSS) WLAN 172 , 508 WLANx WLC SSID WOL Rules WPA Cipher 190 , 196 WPA Mode 190 , 196 WPA2 Cipher...

This manual is also suitable for:

Rs120wuRs230au+Rs232jRs230aRs232jwRs230aw ... Show all

Table of Contents