Funkwerk R1202 Reference Manual

page of 594

/ 594
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Manual

Funkwerk Enterprise Communications GmbH

Manual

bintec Rxxx2/RTxxx2

Reference

bintec Rxxx2/RTxxx2

Table of Contents

Summary of Contents for Funkwerk R1202

Page 2: Legal Notice
Legal Notice Aim and purpose This document is part of the user manual for the installation and configuration of funkwerk devices. For the latest information and notes on the current software release, please also read our release notes, particularly if you are updating your software to a higher release version. You will find the latest release notes under www.funkwerk-ec.com...
Page 3: Table Of Contents
Table of Contents Funkwerk Enterprise Communications GmbH Table of Contents Chapter 1 Introduction ......1 Chapter 2 About this guide.
Page 4 Table of Contents Funkwerk Enterprise Communications GmbH Chapter 6 Technical data ......19 Scope of supply ......
Page 5 Configuration options ..... . . 8.3.1 Funkwerk Configuration Interface ....8.3.2 SNMP shell .
Page 6 Table of Contents Funkwerk Enterprise Communications GmbH Chapter 11 Physical Interfaces ..... 11.1 AUX ......121 11.1.1...
Page 7 Table of Contents Funkwerk Enterprise Communications GmbH 13.1.4 Start automatic installation ..... 160 13.2 Controller Configuration ..... . 161 13.2.1...
Page 8 Table of Contents Funkwerk Enterprise Communications GmbH 14.5.1 Access Filter ......219 14.5.2 Rule Chains ......223 14.5.3...
Page 9 Table of Contents Funkwerk Enterprise Communications GmbH Chapter 17 WAN......17.1 Internet + Dialup ......260 17.1.1...
Page 10 Table of Contents Funkwerk Enterprise Communications GmbH 18.3 PPTP ......354 18.3.1...
Page 11 Table of Contents Funkwerk Enterprise Communications GmbH 20.2.4 CLID Translation ......402 20.2.5 Call Translation......404 20.2.6...
Page 12 Table of Contents Funkwerk Enterprise Communications GmbH 21.6.1 User ......439 21.6.2...
Page 13 Table of Contents Funkwerk Enterprise Communications GmbH 22.3 Reboot ......490 22.3.1 System Reboot .
Page 14 Table of Contents Funkwerk Enterprise Communications GmbH 24.5 Bridges ......513 24.5.1 br<x>...
Page 15: Chapter 1 Introduction
Funkwerk Enterprise Communications GmbH Chapter 1 Introduction The powerful gateways R1202 / R3002 / R3502 / R3802 / R4402 / RT1202 / RT3002 / RT3502 / RT4202 have been specially developed for high-speed Internet access and for VPN connections in SMEs and branch offices.
Page 16 1 Introduction Funkwerk Enterprise Communications GmbH Workshops Step-by-step instructions for the most important configuration tasks can be found in the separate FEC Application Workshop guide for each application, which can be down- loaded from the www.funkwerk-ec.com website under Solutions. Dime Manager The devices are also designed for use with Dime Manager.
Page 17: Chapter 2 About This Guide
2 About this guide Funkwerk Enterprise Communications GmbH Chapter 2 About this guide This document is valid for bintec devices with system software as of software version 7.10.1. The Reference, which you have in front of you, contains the following chapters:...
Page 18 2 About this guide Funkwerk Enterprise Communications GmbH Chapter Description Multicast Firewall VoIP Local Services Maintenance External Reporting Monitoring Glossary The glossary contains a reference to the most important tech- nical terms used in network technology. The index lists all the key terms for operating the device and all...
Page 19 2 About this guide Funkwerk Enterprise Communications GmbH Typographical element Use • Indicates lists. Menu->Submenu Indicates menus and sub-menus in the Funkwerk Configura- tion Interface and Windows interface. File->Open Non-proportional Indicates commands that you must enter as written. (Courier), e.g.
Page 20: Chapter 3 Installation
3 Installation Funkwerk Enterprise Communications GmbH Chapter 3 Installation Caution Please read the safety notices carefully before installing and starting up your device. These can be found at the end of the printed manual. 3.1 Setting up and connecting Note All you need for this is the cable supplied with the equipment.
Page 21 3 Installation Funkwerk Enterprise Communications GmbH bintec RT4202 Fig. 2: Connection options using the example of When setting up and connecting, carry out the steps in the following sequence (refer to the connection diagrams for the individual devices in chapter...
Page 22: Cleaning
• Analog telephone /analog fax (only bintec RT4202) Connect your analog telephone or your analog fax to the FXS connections. The device is now prepared for configuration using the Funkwerk Configuration Interface. Chapter Basic configuration on page 10 provides a detailed step-by-step guide to the basic functions on your device.
Page 23: Support Information
3 Installation Funkwerk Enterprise Communications GmbH 3.3 Support information If you have questions about your product or are looking for additional information, the Funk- werk Enterprise Communications GmbH Support Centre can be reached Monday to Friday between the hours of 8.00 am and 5 pm. They can be contacted as follows: Email hotline@funkwerk-ec.com...
Page 24: Chapter 4 Basic Configuration
Funkwerk Enterprise Communications GmbH Chapter 4 Basic configuration You configure your device using the Funkwerk Configuration Interface . The way to obtain the basic configuration is explained below step-by-step. Detailed know- ledge of networks is not necessary. A detailed online help system gives you extra support.
Page 25: System Requirements
This installation is optional and not essential for the configuration or operation of the device. 4.3.1 Gathering data You can gather the main data for configuration with the Funkwerk Configuration Inter- face quickly, because you do not need any information that requires in-depth knowledge of networks.
Page 26 4 Basic configuration Funkwerk Enterprise Communications GmbH The following table shows examples of possible values for the necessary access data. You can enter your personal data in the "Your values" column, so that you can refer to these values later when needed.
Page 27: Configuring A Pc
00012345678906112345678#0001@t-online.de 4.3.2 Configuring a PC In order to reach your device via the Funkwerk Configuration Interface and to be able to carry out configuration, the PC used for the configuration has to satisfy some prerequisites. • Make sure that the TCP/IP protocol is installed on the PC.
Page 28: Modify System Password
The computer now has an IPSec configuration. Note You can now launch Funkwerk Configuration Interface for configuration by entering the IP address of your device (192.168.0.254) in a supported browser (Internet Ex- plorer 6 or later, Mozilla Firefox 1.2 or later) and entering the pre-configured login in-...
Page 29: Setting Up An Internet Connection
4.5 Setting up an internet connection You can set up different types of internet connections using your device. The most com- mon configuration is described below. The Funkwerk Configuration Interface internet wizard can be used to help configure alternative configuration types.
Page 30: Other Internet Connections
The range of functions of bintec devices is continuously being extended. These extensions are made available to you by Funkwerk Enterprise Communications GmbH free of charge. Checking for new software versions and the installation of updates can be carried out eas- ily with the Funkwerk Configuration Interface .
Page 31 Funkwerk Enterprise Communications GmbH (3) Confirm with Go. The device will now connect to the Funkwerk Enterprise Communications GmbH download server and check whether an updated version of the system software is available. If so, your device will be updated automatically. When installation of the new software is com- plete, you will be invited to restart the device.
Page 32: Chapter 5 Reset
5 Reset Funkwerk Enterprise Communications GmbH Chapter 5 Reset Resetting the device enables you to return your device to a predefined initial state. This may be necessary if you have made incorrect configuration settings or the device is to be reprogrammed.
Page 33: Chapter 6 Technical Data
6 Technical data Funkwerk Enterprise Communications GmbH Chapter 6 Technical data This chapter summarises all the hardware properties of the R1202, R3002, R3502, R3802, R4402, RT1202, RT3002, RT3502 and RT4202 devices. 6.1 Scope of supply Your device is supplied with the following parts:...
Page 34 6 Technical data Funkwerk Enterprise Communications GmbH Product Cable sets/other Software Documentation name VDSK cable Release Notes, if required 19-inch installation kit Installation poster (printed) 4x rubber feet - self- adhesive R3802 Ethernet cable Companion DVD Quick Install Guide and...
Page 35: General Product Features
4x rubber feet - self- Installation poster (printed) adhesive 6.2 General Product Features The general product features cover performance features and the technical prerequisites for installation and operation of your device. General product features bintec R1202, bintec RT1202 bintec Rxxx2/RTxxx2...
Page 36 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec R1202 bintec RT1202 Dimensions and weights: Equipment dimensions 19" housing (482.6 mm x 220 mm 19" housing (482.6 mm x 220 mm without cable (B x H x D): x 45 mm)
Page 37 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec R1202 bintec RT1202 ETH5 Permanently installed (twisted pair Permanently installed (twisted pair only), 10/100/1000 mbps, auto- only), 10/100/1000 mbps, auto- sensing, MDIX sensing, MDIX ISDN-BRI (S0) Euro-ISDN Euro-ISDN (point-to-multipoint/point-to-point (point-to-multipoint/point-to-point connection)
Page 38 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec R3002 bintec R3502 bintec R3802 Dimensions and weights: Equipment dimensions 19" housing (482.6 19" housing (482.6 19" housing (482.6 without cable (B x H x D): mm x 220 mm x 45...
Page 39 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec R3002 bintec R3502 bintec R3802 ADSL2+ interface Internal ADSL2+ mo- dem for Annex A and Annex B VDSL2 interface In accordance with ITU G.993.2; supports Baud plan ISDN 998. Autodetection of VD- SL profile.
Page 40 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec R3002 bintec R3502 bintec R3802 Ethernet interfaces RJ45 socket RJ45 socket RJ45 socket ISDN BRI interface RJ45 socket RJ45 socket RJ45 socket ADSL interface RJ45 socket VDSL2 interface RJ45 socket SHDSL interface RJ45 socket Standards &...
Page 41 6 Technical data Funkwerk Enterprise Communications GmbH General product features bintec RT3002, bintec RT3502 Property bintec RT3002 bintec RT3502 Dimensions and weights: Equipment dimensions 19" housing (482.6 mm x 220 mm 19" housing (482.6 mm x 220 mm without cable (B x H x D):...
Page 42 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec RT3002 bintec RT3502 VDSL2 interface In accordance with ITU G.993.2; supports Baud plan ISDN 998. Autodetection of VDSL profile. Ethernet IEEE 802.3 LAN Permanently installed (twisted pair Permanently installed (twisted pair...
Page 43 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec RT3002 bintec RT3502 funkwerk Dime Manager User's funkwerk Dime Manager User's Guide (on DVD) Guide (on DVD) Installation poster Installation poster Online documentation User's Guide User's Guide Workshops Workshops Release Notes, if required...
Page 44 6 Technical data Funkwerk Enterprise Communications GmbH Property bintec R4402 bintec RT4202 Relative atmospheric hu- 10 % to 90 % non-condensing in 10 % to 90 % non-condensing in midity operation, operation, 5 % to 95 % non-condensing when 5 % to 95 % non-condensing when...
Page 45: Leds
6 Technical data Funkwerk Enterprise Communications GmbH Property bintec R4402 bintec RT4202 SAFERNET TM Security Community passwords, PAP, Community passwords, PAP, Technology CHAP, MS-CHAP, MS-CHAP v.2, CHAP, MS-CHAP, MS-CHAP v.2, PPTP, PPPoE, PPPoA, Callback, PPTP, PPPoE, PPPoA, Callback, Access Control Lists, CLID, NAT,...
Page 46: Connectors
6 Technical data Funkwerk Enterprise Communications GmbH Colour Status Information ing operation: An error has occurred. green flashing The device is active. green During operation: An error has occurred. ETH 1 to 5 green The device is connected to the Ethernet at 1...
Page 47 6 Technical data Funkwerk Enterprise Communications GmbH All other connections are located on the front of the device. bintec R1202 has a 4-port Ethernet switch, a serial interface, an ETH5 interface and an ISDN BRI interface. The connections are arranged as follows: bintec R1202 Fig.
Page 48 6 Technical data Funkwerk Enterprise Communications GmbH CONSOLE Serial interface POWER / LED display for power and status STATUS RESET Reset button ETH5 Ethernet interface ETH1 - ETH4 10/100/1000 Base-T Ethernet interface BRI1 - BRI2 ISDN BRI interface LED display bintec R3002, bintec R3502 and bintec 3802 have a 4-port Ethernet switch, a serial inter- face, an ETH5 interface and an ISDN BRI interface as well as a DSL interface.
Page 49 6 Technical data Funkwerk Enterprise Communications GmbH bintec RT3002 Fig. 8: Front of Front of bintec RT3002 , bintec RT3502 CONSOLE Serial interface POWER / STATUS LED display for power and status RESET Reset button ETH5 Ethernet interface ETH1 - ETH4...
Page 50: Pin Assignments
6 Technical data Funkwerk Enterprise Communications GmbH RESET Reset button ETH5 Ethernet interface ETH1 - ETH4 10/100/1000 Base-T Ethernet interface BRI1 - BRI2 ISDN BRI interface PRI1 - PRI2 ISDN-PRI interface LED display bintec RT4202 has a 4-port Ethernet switch, a serial interface, an ETH5 interface, four ISDN BRI interfaces and four FXS interfaces.
Page 51: Ethernet Interface
6 Technical data Funkwerk Enterprise Communications GmbH The interface is designed as a 5-pole mini USB socket. Fig. 11: 5-pole mini USB socket The pin assignment is as follows: Pin assignment of the mini USB socket Function Not used Not used 6.5.2 Ethernet interface...
Page 52: Adsl Interface
6 Technical data Funkwerk Enterprise Communications GmbH Function Pair 0 - Pair 1 + Pair 2 + Pair 2 - Pair 1 - Pair 3 + Pair 3 - The Ethernet 10/100/1000 BASE-T interface does not have an Auto-MDI-X function.
Page 53: Shdsl Interface
6 Technical data Funkwerk Enterprise Communications GmbH 6.5.4 SHDSL interface The SHDSL interface on bintec R3802 is connected via an RJ45 connector. The cable supplied connects the RJ45 connector needed for the device to an RJ45 connector needed for the SHDSL connection.
Page 54: Isdn-Pri Interface
6 Technical data Funkwerk Enterprise Communications GmbH bintec R3502 bintec RT3502 Fig. 15: VDSL2 interface (RJ45 connector) The pin assignment for the VDSL2 interface (RJ45 connector) is as follows: RJ45 socket for VDSL connection bintec R3502 and bintec RT3502 Function...
Page 55: Isdn Bri Interface
ISDN BRI interfaces. The devices bintec RT3002, RT3502 and RT4202 have four ISDN BRI interfaces. The devices bintec R1202, R3002, R3502 and R3802 can only be operated in TE mode. The devices bintec R4402 and bintec RTxxxx can be operated in TE mode or in NT mode.
Page 56: Fxs Interface
6 Technical data Funkwerk Enterprise Communications GmbH Function Not used Not used Transmit (+) Receive (+) Receive (-) Transmit (-) Not used Not used The pin assignment for the ISDN BRI interface (RJ45 socket) in NT mode is as follows:...
Page 57 6 Technical data Funkwerk Enterprise Communications GmbH Function Not used Not used Not used Not used Not used Not used bintec Rxxx2/RTxxx2...
Page 58: Weee Information
6 Technical data Funkwerk Enterprise Communications GmbH 6.6 WEEE information bintec Rxxx2/RTxxx2...
Page 59: Chapter 7 Variable Switching Of S0 Interfaces
7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH Chapter 7 Variable switching of S0 interfaces 7.1 Switching the S0 interfaces from external to in- ternal The devices bintec R4402, bintec RT1202, bintec RT3002, bintec RT3502 and bintec RT4202 have two or four BRI connections. All BRI connections can be operated as internal or as external S0 connections.
Page 60 7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH To carry out the switch proceed as follows: Unscrew the two screws on the back of the device and slide the cover upwards. The link plugs for the BRI-1 and BRI-2 interfaces can be found on all devices on the main PCB behind the terminal block.
Page 61 7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH You can also switch the interfaces BRI-3 and BRI-4. The link plugs are on the side of the ISDN-L module. Insert the link plugs for interfaces BRI-3 and BRI-4 as shown in the following figure: * "on"...
Page 62 7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH Interface Link plug area Position Position Internal/external switching BRI-3 Internal external Internal/external switching BRI-4 Internal external Power supply for internal con- BRI-3 nection Power supply for internal con- BRI-4 nection...
Page 63: Chapter 8 Access And Configuration
• Via an ISDN connection 8.1.1 Access via LAN Access via one of the Ethernet interfaces of your device allows you to open the Funkwerk Configuration Interface in a web browser for configuration purposes and to access your device via Telnet or SSH.
Page 64 8 Access and configuration Funkwerk Enterprise Communications GmbH 8.1.1.2 Telnet Apart from configuration using a web browser, with a Telnet connection you can also ac- cess the SNMP shell and use other configuration options. You do not need any additional software on your PC to set up a Telnet connection to your device: Telnet is available on all operating systems.
Page 65 (see example at above). If no keys are available, you have to generate these first. Proceed as follows: (1) Leave the Flash Management shell with (2) Call the Funkwerk Configuration Interface and log on to your device (see Calling the Funkwerk Configuration Interface on page 58).
Page 66: Access Via The Serial Interface
8 Access and configuration Funkwerk Enterprise Communications GmbH Login via SSH Proceed as follows to log in on your device via SSH: If you have made sure that all the keys needed are available on the device, you have to check whether an SSH client is installed on your PC.
Page 67 8 Access and configuration Funkwerk Enterprise Communications GmbH dows installation. However, you can also use any other terminal program that can be set to the corresponding parameters (see below). Proceed as follows to access your device via the serial interface: (1) In the Windows Start menu, click Programs ->...
Page 68: Access Over Isdn
8 Access and configuration Funkwerk Enterprise Communications GmbH Example of a command line for using Example of a command line for using 8.1.3 Access over ISDN All devices that have an ISDN interface can be accessed and configured from another device via an ISDN call.
Page 69: User Names And Passwords In Ex Works State
8 Access and configuration Funkwerk Enterprise Communications GmbH A login prompt appears first, regardless of how you access your device. You cannot view any information on the device or change the configuration without authentication. 8.2.1 User names and passwords in ex works state...
Page 70: Configuration Options
(2) Enter your password in the Password field of the input window and confirm with Re- turn or click the Login button. The status page of the Funkwerk Configuration Interface opens in the browser. SNMP shell Log into the SNMP shell as follows: (1) Enter your user name e.g.
Page 71: Funkwerk Configuration Interface
Type of connection Possible types of configuration Serial connection Shell command The following section describes how to configure your device using the Funkwerk Config- uration Interface. Note To change the device configuration, you must log in with the user name .
Page 72 (5) Enter in the User field and in the Password field and click LOGIN. You are not in the status menu of your device's Funkwerk Configuration Interface (see Status on page 77). 8.3.1.2 Operating elements...
Page 73 8 Access and configuration Funkwerk Enterprise Communications GmbH The Funkwerk Configuration Interface window is divided into three areas: • The header • The navigation bar • The main configuration window Funkwerk Configuration Interface Fig. 21: Areas of the Header Funkwerk Configuration Interface Fig.
Page 74 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function now active. The description of the sub-menu where you are now is displayed. Logout: If you want to end the configuration, click this button to log out of your device. A window is opened offering you the fol- lowing options: •...
Page 75 8 Access and configuration Funkwerk Enterprise Communications GmbH Fig. 24: Menus The Save configuration button is found in the navigation bar. If you save a current configuration, you can save this as the boot configuration or you can also archive the previous boot configuration as a backup.
Page 76 You can see at a glance the sub-menu you are in. Status page If you call the Funkwerk Configuration Interface , after you log in the status page of your device is displayed. The most important data of your device can be seen on this at a glance.
Page 77 8 Access and configuration Funkwerk Enterprise Communications GmbH Button Function In the System Management->Certificates->Certificate List menu and the System Management->Certificates->CRLs menu, this button activates the sub-menus for configuration of the certificate or CRL imports. In the System Management->Certificates->Certificate List menu, this button activates the sub-menu for the configuration of the certificate request.
Page 78 Fig. 25: Configuration of the update interval Fig. 26: Filter list Structure of the Funkwerk Configuration Interface configuration menus The menus of the Funkwerk Configuration Interface contain the following basic struc- tures: bintec Rxxx2/RTxxx2...
Page 79 8 Access and configuration Funkwerk Enterprise Communications GmbH Funkwerk Configuration Interface menu structure Menu Function Basic configuration When you select a menu from the navigation bar, the menu of menu/list basic parameters is displayed first. In a sub-menu containing several pages, the menu containing the basic parameters is dis- played on the first page.
Page 80 Pay particular attention to the following message: "Warning: Changes not supported by the Setup Tool!" If you makes these changes with the Funkwerk Configuration Interface , this can cause inconsistencies or mal- functions. Therefore, it is recommended that the configuration is continued with the Setup Tool.
Page 81 Note Please note that not all devices have the full range of functions. Check the software of your device on the corresponding product page under www.funkwerk-ec.com The Funkwerk Configuration Interface contains the following menus: Assistants Menu Function In this menu you can make the basic settings that are required First steps to add your gateway to your local network (LAN).
Page 82 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function such as, for example, system name, system date, system time and passwords. You can also manage licences that are necessary for the use of certain functions. Interface Mode / Bridge...
Page 83 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function VDSL Only for R3502 and RT3502. In this menu, you configure the VDSL interface of your device. Menu Function IP Configuration In this menu, you carry out the IP configuration of the LAN inter- faces for your device.
Page 84 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function gically without abandoning the entire network. Routing Protocols Menu Function In this menu, you configure the dynamic updating of the routing table via RIP. OSPF In this menu all global and interface-specific OSPF settings are performed.
Page 85 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function This menu shows a list of all configured GRE tunnels. Firewall Menu Function Policies In this menu you configure the filter rules for the firewall. Interfaces In this menu, you can group together the interfaces to be filtered.
Page 86 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function Web Filter from ISS (www.iss.net). CAPI Server In this menu, you configure your device as a CAPI server. Scheduling In this menu, you configure time-dependent standard actions of your devices.
Page 87: Snmp Shell
8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function E-mail Alert Depending on the configuration, in this menu e-mails are sent to the administrator as soon as relevant syslog messages occur. SNMP In this menu, you configure whether the device is to listen for external SNMP accesses and send SNMP traps.
Page 88: Bootmonitor
8 Access and configuration Funkwerk Enterprise Communications GmbH 8.4 BOOTmonitor The BOOTmonitor is only available over a serial connection to the device. The BOOTmonitor provides the following functions, which you select by entering the cor- responding number: (1) Boot System (reboot the system): The device loads the compressed boot file from the flash memory to the working memory.
Page 89 8 Access and configuration Funkwerk Enterprise Communications GmbH After display of the BOOTmonitor prompt, press the space bar within four seconds to use the functions of the BOOTmonitor. If you do not make an entry within four seconds, the device changes back to normal operating mode.
Page 90: Chapter 9 Assistants
9 Assistants Funkwerk Enterprise Communications GmbH Chapter 9 Assistants The Assistants menu offers step-by-step instructions for the following basic configuration tasks: • First steps • Internet Access • VPN • SWYX (only with active optional DSP module) • VoIP PBX in LAN Choose the corresponding task from the navigation bar and follow the instructions and ex- planations on the separate pages of the Wizard.
Page 91: Chapter 10 System Management
10.1 Status If you log into the Funkwerk Configuration Interface , your device's status page is dis- played, which shows the most important system information. You see an overview of the following data: •...
Page 92 10 System Management Funkwerk Enterprise Communications GmbH System Management Status Fig. 28: -> The menu System Management->Status consists of the following fields: Fields in the System Information menu Field Value Uptime Displays the time past since the device was rebooted.
Page 93 10 System Management Funkwerk Enterprise Communications GmbH Field Value to the available total working memory in MByte. The usage is also displayed in brackets as a percentage. ISDN Usage Internal Shows the number of active B channels and the maximum num- ber of available B channels for internal connections.
Page 94: Global Settings
10 System Management Funkwerk Enterprise Communications GmbH Field Value tion Information - Link settings are shown. The system also displays whether the inter- face is active. 10.2 Global Settings Basic system parameters are managed in the Global Settings menu. 10.2.1 System Your device's basic system data are entered in the System Management->Global Set-...
Page 95 10 System Management Funkwerk Enterprise Communications GmbH Field Value Contact Enter the relevant contact person. Here you can enter the e- mail address of the system administrator, for example. A character string of up to 255 characters is possible. The default value is...
Page 96: Passwords
10 System Management Funkwerk Enterprise Communications GmbH Field Value Maximum Number of Enter the maximum number of accounting entries that are Accounting Log stored internally in the device. Entries Possible values are The default value is 10.2.2 Passwords Setting the passwords is another basic system setting.
Page 97: Date And Time
10 System Management Funkwerk Enterprise Communications GmbH Fields in the System Password menu Field Value System Admin Pass- Enter the password for the user name word This password is also used with SNMPv3 for authentication (MD5) and encryption (DES). Confirm Admin Pass- Confirm the password by entering it again.
Page 98 10 System Management Funkwerk Enterprise Communications GmbH System Management Global Settings Date and Time Fig. 31: -> -> You have the following options for determining the system time (local time): ISDN/Manual The system time is updated via ISDN, i.e. the date and time are taken from the ISDN when the first outgoing call is made, or is set manually on the device.
Page 99 10 System Management Funkwerk Enterprise Communications GmbH that the device uses the desired current time, you should configure one or more time serv- ers. Switching from summer time to winter time (and back) must be carried out manually if the time is derived using this method by changing the value in the Time Zone field with an option UTC+ or UTC-.
Page 100 10 System Management Funkwerk Enterprise Communications GmbH Fields in the Automatic Time Settings (Time Protocol) menu Field Description ISDN Timeserver Define whether the time information received at an incoming ISDN connection is used to update the system time. If a time server is configured, the time is only determined over ISDN until a successful update is received from this time server.
Page 101 10 System Management Funkwerk Enterprise Communications GmbH Field Description quest. Third Timeserver Enter the tertiary time server, using either a domain name or an IP address. In addition, select the protocol for the time server request. Possible values: • (default value): This server uses the simple network time protocol with UDP port 123.
Page 102: System Licences
10 System Management Funkwerk Enterprise Communications GmbH Field Description The function is activated by selecting . Time requests from a client will be answered with the current system time. This is given as GMT, without offset. The function is disabled by default. Time requests from a client are not answered.
Page 103 10 System Management Funkwerk Enterprise Communications GmbH Licence Meaning Not OK Subsystem is not activated. Not supported You have entered a licence for a subsystem your device does not support. In addition, above the list is shown the System Licence ID required for online licensing.
Page 104: Interface Mode / Bridge Groups
10 System Management Funkwerk Enterprise Communications GmbH Note is displayed as the status: • Enter the licence data again. • Check your hardware serial number. is displayed as the status, you have entered a license for a sub- system that your device does not support. This means you cannot use the functions of this licence.
Page 105: Interfaces
10 System Management Funkwerk Enterprise Communications GmbH Example: The names of the interfaces connected to an Ethernet port are made up of the following parts: (a) Abbreviation for interface type (b) Number of the Ethernet port (c) Number of the interface...
Page 106 10 System Management Funkwerk Enterprise Communications GmbH System Management Interface Mode / Bridge Groups Interfaces Fig. 33: -> -> The System Management->Interface Mode / Bridge Groups->Interfacesmenu consists of the following fields: Fields in the Interfaces menu Field Description Interface Description Displays the name of the interface.
Page 107: Administrative Access
10 System Management Funkwerk Enterprise Communications GmbH System Management Interface Mode / Bridge Groups Interfaces Fig. 34: -> -> -> The System Management->Interface Mode / Bridge Groups->Interfaces->Addmenu consists of the following fields: Fields in the Add menu Field Description Interface Select the interface whose status should be changed.
Page 108: Ssh
10 System Management Funkwerk Enterprise Communications GmbH 10.4.1.1 Add Press the Add button to configure administrative access for additional interfaces. System Management Administrative Access Access Fig. 36: -> -> The System Management+Administrative Access->Access->Addmenu consists of the following fields: Fields in the Access menu...
Page 109 10 System Management Funkwerk Enterprise Communications GmbH You need an SSH client application, e.g. PuTTY, to be able to reach the SSH Daemon. If you wish to use SSH Login together with the PuTTY client, you may need to comply with some special configuration requirements, for which we have prepared FAQs.
Page 110 10 System Management Funkwerk Enterprise Communications GmbH Field Value SSH Daemon and information messages are recorded. • : Only fatal errors of the SSH Daemon are recorded. • : Fatal and simple errors of the SSH Daemon are re- corded.
Page 111: Snmp
10 System Management Funkwerk Enterprise Communications GmbH Field Value from . If an error has occurred dur- ing generation, is displayed again with link . You can then repeat generation. If the status is displayed, generation of a key is not possible, for example because there is not enough space in the FlashROM.
Page 112: Remote Authentication
10 System Management Funkwerk Enterprise Communications GmbH System Management Administrative Access SNMP Fig. 38: -> -> The menu System Management->Administrative Access->SNMP consists of the follow- ing fields: Fields in the Basic Settings menu Field Value SNMP Version Select the SNMP version your device is to use to listen for ex- ternal SNMP accesses.
Page 113: Radius
10 System Management Funkwerk Enterprise Communications GmbH 10.5.1 RADIUS RADIUS (Remote Authentication Dial In User Service) is a service that enables authentica- tion and configuration information to be exchanged between your device and a RADIUS server. The RADIUS server administrates a database with information about user authen- tication and configuration and for statistical recording of connection data.
Page 114 10 System Management Funkwerk Enterprise Communications GmbH Field Value ACCESS_REJECT Server -> Client If the information contained in the ACCESS_REQUEST does not correspond to the information in the user database of the RADIUS server, it sends an ACCESS_REJECT to reject the connection.
Page 115 10 System Management Funkwerk Enterprise Communications GmbH System Management Remote Authentication RADIUS Fig. 39: -> -> -> The System Management->Remote Authentication->RADIUS->Newmenu consists of the following fields: Fields in the Basic Parameters menu Field Value Authentication Type Select what the RADIUS server is to be used for.
Page 116 10 System Management Funkwerk Enterprise Communications GmbH Field Value • : The RADIUS server is used for authenticating IPSec peers via XAuth. Vendor Mode Only for Authentication Type = In hotspot applications, select the mode define by the provider. In standard applications, leave the value set to Possible values for hotspot applications: •...
Page 117 10 System Management Funkwerk Enterprise Communications GmbH Field Value Possible values: • (default value): Enter a new group description in the text field. • : Select this entry for special applications, such as Hotspot Server configuration. • : Select a predefined group from the list.
Page 118 10 System Management Funkwerk Enterprise Communications GmbH Field Value Alive Check Here you can activate a check of the accessibility of a RADIUS server in Status An Alive Check is carried out regularly (every 20 seconds) by sending an ACCESS_REQUEST to the IP address of the RADI- US server.
Page 119: Tacacs
10 System Management Funkwerk Enterprise Communications GmbH 10.5.2 TACACS+ TACACS+ permits access control for your device, network access servers (NAS) and other network components via one or more central servers. Like RADIUS, TACACS+ is an AAA protocol and offers authentication, authorisation and accounting services (TACACS+ Accounting is currently not supported by bintec devices).
Page 120 10 System Management Funkwerk Enterprise Communications GmbH The System Management->Remote Authentication->TACACS+ ->Newmenu consists of the following fields: Fields in the Basic Parameters menu Field Description Authentication Type Displays which TACACS+ function is to be used. The value cannot be changed.
Page 121 10 System Management Funkwerk Enterprise Communications GmbH Field Description ers are queried in order of their priority (see Priority) until a positive response is received or a negative response is re- ceived from an authoritative server. • : A negative response to a request is accep- ted, i.e.
Page 122: Options
10 System Management Funkwerk Enterprise Communications GmbH 10.5.3 Options This setting possible here causes your device to carry out authentication negotiation for in- coming calls, if it cannot identify the calling party number (e.g. because the remote terminal does not signal the calling party number). If the data (password, partner PPP ID) obtained by executing the authentication protocol is the same as the data of a listed remote terminal or RADIUS user, your device accepts the incoming call.
Page 123: Certificates
10 System Management Funkwerk Enterprise Communications GmbH 10.6 Certificates An asymmetric cryptosystem is used to encrypt data to be transported in a network, to gen- erate or check digital signatures and the authenticate users. A key pair consisting of a pub- lic key and a private key is used to encrypt and decrypt the data.
Page 124 10 System Management Funkwerk Enterprise Communications GmbH System Management Certificates Certificate List Fig. 42: -> -> -> The certificates and keys themselves cannot be changed, but a few external attributes can be changed, depending on the type of the selected entry.
Page 125 10 System Management Funkwerk Enterprise Communications GmbH Field Description Certificates issued by this CA are accepted during authentica- tion. The function is enabled with The function is disabled by default. Certificate Revocation Only for Certificate is CA Certificate = List (CRL) Checking...
Page 126 10 System Management Funkwerk Enterprise Communications GmbH 10.6.1.2 Certificate Request Registration authority certificates in SCEP If SCEP (Simple Certificate Enrollment Protocol) is used, your device also supports separ- ate registration authority certificates. Registration authority certificates are used by some Certificate Authorities (CAs) to handle certain tasks (signature and encryption) during SCEP communication with separate keys, and to delegate the operation to separate registration authorities, if applicable.
Page 127 10 System Management Funkwerk Enterprise Communications GmbH System Management Certificates Certificate List Certificate Request Fig. 43: -> -> -> The menu System Management->Certificates->Certificate List->Certificate Request consists of the following fields: Fields in the Certificate Request menu Field Description Certificate Request De- Enter a unique description for the certificate.
Page 128 10 System Management Funkwerk Enterprise Communications GmbH Field Description field. This file must be provided to the CA and the received certificate must then be imported manually to your device. • : The key is requested from a CA using the Simple Cer- tificate Enrolment Protocol.
Page 129 10 System Management Funkwerk Enterprise Communications GmbH Field Description not configured on the device, the validity of certificates from this CA is not checked. • <name of an existing certificate>: If all the necessary certific- ates are already available in the system, you select these manually.
Page 130 10 System Management Funkwerk Enterprise Communications GmbH Field Description If the field is not selected, enter the name components in Com- mon Name, E-mail, Organizational Unit, Organization, Loc- ality, State/Province and Country. The function is disabled by default. Summary Only for Custom = enabled.
Page 131 10 System Management Funkwerk Enterprise Communications GmbH Field Description #1, #2, #3 For each entry, define the type of name and enter additional subject names. Possible values: • (default value): No additional name is entered. • : An IP address is entered.
Page 132: Crls
10 System Management Funkwerk Enterprise Communications GmbH System Management Certificates Certificate List Import Fig. 44: -> -> -> The menu System Management->Certificates->Certificate List->Import consists of the following fields: Fields in the Import menu Field Description External Filename Enter the file path and name of the certificate to be imported, or use Browse...
Page 133 10 System Management Funkwerk Enterprise Communications GmbH If a key is no longer to be used, e.g. because it has fallen into the wrong hands or has been lost, the corresponding certificate is declared invalid. The certification authority revokes the certificate and publishes it on a certificate blacklist, so-called CRL.
Page 134: Certificate Servers
10 System Management Funkwerk Enterprise Communications GmbH Field Description type of encoding. • • Password Enter the password to be used for the import. 10.6.3 Certificate Servers A list of all certificate servers is displayed in the System Management->Certificates->Cer- tificate Servers menu.
Page 135: Chapter 11 Physical Interfaces
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Chapter 11 Physical Interfaces In this menu, you configure the physical interfaces that you have used when connecting your gateway. The configuration interface only shows the interfaces that are available on your device. In the System Management->Status menu, you can see a list of all physical interfaces and information on whether the interfaces are connected or active and whether they have already been configured.
Page 136 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Physical Interfaces Fig. 48: -> -> The Physical Interfaces->AUX->AUXmenu consists of the following fields: Fields in the Basic Settings menu Field Description AUX Port Status Select whether the AUX port should be enabled or disabled.
Page 137 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description logue modem. Incoming Service Type Only for AUX Port Status enabled Here you select the gateway subsystem to which an incoming call over the modem is to be assigned. Possible values: •...
Page 138: Ethernet Ports
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description vider must be entered, e.g. internet.eplus.de for eplus and so A maximum of 40 characters can be entered. If no APN or an incorrect APN is entered, a configured GPRS connection will not function.
Page 139: Port Configuration
11 Physical Interfaces Funkwerk Enterprise Communications GmbH VLANs for Routing Interfaces Configure VLANs to separate individual network segments from each other, for example (e.g. individual departments of a company) or to reserve bandwidth for individual VLANs when managed switches are used with the QoS function.
Page 140 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description to the numbering of the Ethernet ports on the back of the device. Ethernet Interface Se- Assign a logical Ethernet interface to the switch port. lection You can select from five interfaces, .
Page 141: Isdn Ports
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Flow Control Select whether a flow control should be conducted on the cor- responding interface. Possible values: • (default value): No flow control is performed. • : Flow control is performed.
Page 142 11 Physical Interfaces Funkwerk Enterprise Communications GmbH You can use the ISDN BRI interface of your gateway for both dialup connections and leased lines over ISDN. Physical Interfaces ISDN Ports ISDN Configuration Fig. 50: -> -> -> The Physical Interfaces->ISDN Ports->ISDN Configuration->...
Page 143 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description uration Type. • : Detection is still running. Port Usage Only if Autoconfiguration on Bootup is disabled. Select the protocol that you want to use for the ISDN port. Possible values: •...
Page 144 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : Leased line over B channel 2 (64 kbps) Call Number This parameter is exclusively used by Media Gateway. Only for Port Usage and ISDN Con- figuration Type Only for the devices RTxxx2 Enter the basic number of the Point-to-Point.
Page 145 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • • • (default value) are only for the use of X.31 TEI for CAPI applications. For , the TEI value set in the CAPI ap- plication is used. For , the value of the CAPI ap- plication is ignored and the default value set here is always used.
Page 146 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Physical Interfaces ISDN Ports ISDN Configuration Fig. 51: -> -> -> The Physical Interfaces->ISDN Ports->ISDN Configuration-> menu consists of the following fields: Fields in the Basic Parameters menu Field Description Port Name Shows the name of the ISDN port.
Page 147 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description ectly coupled. • : You can select a leased line. • : Q-SIG S2M User Profile • : Q-SIG S2M Network Profile ISDN Line Framing Only if Port Usage is selected.
Page 148 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description all channels are available. The exchange of the PABX selects the channel to be used. • : The device sends no IE (Information Element) for channel identification. The exchange selects the channel to be used.
Page 149 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description You have the option to bundle any channels on the physical lay- er as so-called hyper channels. You can also group together channels as PPP multilink channel bundles. Timeslots divide the available 2 Mbps bandwidth of an S2M connection into logical channels.
Page 150: Msn Configuration
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Timeslot Matrix Only if Timeslot Selection = shows a list of all channels in detail. If you do not wish to use all the chan- nels between a certain start and end channel for a channel bundle, you can make a selective assignment here.
Page 151 11 Physical Interfaces Funkwerk Enterprise Communications GmbH • X.25 PAD: X.25 PAD is used to provide a protocol converter, which converts non- packet-oriented protocols to packet-oriented communication protocols and vice versa. Data terminal equipment sending or receiving data on a non-data-packet-oriented basis can this be adapted in line with Datex-P (public data packet network based on the prin- ciple of a packet switching exchange).
Page 152 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description ISDN Port Select the ISDN port for which the MSN is to be configured. Service Select the service to which a call is to be assigned on the MSN below. Possible values: •...
Page 153: Adsl Modem
11 Physical Interfaces Funkwerk Enterprise Communications GmbH 11.4 ADSL Modem The ADSL modem on the bintec R3002 and bintec RT3002 is compatible with ANNEX A and ANNEX B standards and so can be used universally in several countries. It is particu- larly suitable for high-speed Internet access and remote access use in SMEs or remote of- fices.
Page 154 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : ANSI T1.413 • : ADSL classic, G.DMT, ITU G.992.1 • : Splitterless ADSL, ITU G.992.2 • : G.DMT.Bis, ITU G.992.3 • : ADSL2 Double Ended Line Test • : ADSL2 Plus, ITU G.992.5 •...
Page 155 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): The ADSL mode is auto- matically adapted for the remote terminal. • :ADSL1 / G.DMT is used. • : ADSL2 / G.992.3 is used. • : ADSL2 Plus / G.992.5 is used.
Page 156: Shdsl
11 Physical Interfaces Funkwerk Enterprise Communications GmbH 11.5 SHDSL bintec R3802 has an integrated SHDSL modem. The device supports G.SHDSL according to ITU-T recommendations G.991.2 Annex A and B and SHDLS.bis according to G.991.2 Annex F and G. Depending on the device type and configuration the gateway transmits the...
Page 157 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Physical Interfaces SHDSL SHDSL Configuration Fig. 54: -> -> Fields in the SHDSL Parameters menu Field Description ATM Interface Displays the name of the ATM interface. Device Mode Define the role within the connection.
Page 158 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Clock Rate Define whether the clock rate should be negotiated. Possible values: • : The clock rate is predefined. • (default value): The clock rate is negotiated de- pending on the line quality.
Page 159: Vdsl Modem
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description For Wire Mode = the second and third pair of wires is defined here. Wire pairs already used in defined connections are not available for selection. If these continue to be used for this SHDSL con- nection, the existing connection must first be terminated.
Page 160 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Physical Interfaces VDSL Modem VDSL Configuration Fig. 55: -> -> The menu Physical Interfaces->VDSL Modem->VDSL Configuration consists of the fol- lowing fields: Fields in the DSL Port Status menu Field Description DSL Chipset Shows the key of the installed chipset.
Page 161 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : The VDSL interface is not active. • : ETSI T1.413 • :ADSL1 / G.DMT is used. • : The ADSL mode is automatically adapted for the remote terminal. •...
Page 162: Chapter 12 Lan
12 LAN Funkwerk Enterprise Communications GmbH Chapter 12 LAN In this menu, you configure the addresses in your LAN and can structure your local network using VLANs. 12.1 IP Configuration In this menu, you can edit the IP configuration of the LAN and Ethernet interfaces of your device.
Page 163 12 LAN Funkwerk Enterprise Communications GmbH 12.1.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create virtual inter- faces. IP Configuration Interfaces /New Fig. 56: -> -> -> The LAN->IP Configuration->Interfaces-> /new menu consists of the following fields:...
Page 164 12 LAN Funkwerk Enterprise Communications GmbH Field Description IP Address / Netmask Only for Address Mode = With Add, add a new address entry, enter the IP Address and the corresponding Netmask of the virtual interface. Interface Mode Only for physical interfaces in routing mode.
Page 165 12 LAN Funkwerk Enterprise Communications GmbH Field Description address of the Ethernet interface is used. In the case of physical interfaces, the current MAC address is entered by default. If you disable Use built-in, you enter an MAC address for the virtual interface, e.g.
Page 166: Vlan
12 LAN Funkwerk Enterprise Communications GmbH 12.2 VLAN By implementing VLAN segmentation in accordance with 802.1Q, you can configure VLANs on your device. The wireless ports of an access point, in particular, are able to re- move the VLAN tag of a frame sent to the clients and to tag received frames with a pre- defined VLAN ID.
Page 167: Vlans
12 LAN Funkwerk Enterprise Communications GmbH Caution For interfaces that operate in Routing mode, you only assign a VLAN ID to the inter- face. You define this via the parameters Interface Mode = and field VLAN ID in menu LAN->IP Configuration->Interfaces->New.
Page 168: Port Configuration
12 LAN Funkwerk Enterprise Communications GmbH Field Description For each entry, also select whether the frames to be transmitted from this port are to be transmitted (i.e. with VLAN in- formation) or (i.e. without VLAN information). 12.2.2 Port Configuration In this menu, you can define and view the rules for receiving frames at the VLAN ports.
Page 169: Administration
12 LAN Funkwerk Enterprise Communications GmbH 12.2.3 Administration In this menu, you make general settings for a VLAN. The options must be configured sep- arately for each bridge group. VLANs Administration Fig. 60: -> -> The LAN->VLANs->Administrationmenu consists of the following fields: Fields in the Bridge Group br<ID>...
Page 170: Chapter 13 Wireless Lan Controller
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Chapter 13 Wireless LAN Controller By using the wireless LAN controller, you can set up and manage a WLAN infrastructure with multiple access points (APs). The WLAN controller has a Wizard which assists you in the configuration of your access points.
Page 171: Basic Settings
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH 13.1.1 Basic Settings Here you can configure all of the various settings that you require for the actual wireless LAN controller. The wireless LAN controller uses the following settings: Region Select the country in which the wireless controller is to be operated.
Page 172 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH 13.1.3 Wireless Networks All of the configured wireless networks (VSS) are displayed in the list. At least one wireless network (VSS) is set up. This entry cannot be deleted. Click on to edit an existing entry.
Page 173 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Note: Enter a character string with the right number of characters for the selected WEP mode. For you need a character string with 5 characters, for with 13 characters, e. g. WPA Mode...
Page 174: Start Automatic Installation
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH , to identify the VLAN (VLAN ID is not possible!). Note: Before you continue, please ensure that all access points that the WLAN controller shall manage are correctly wired and switched on.
Page 175: Controller Configuration
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH In the case of manual channel selection, please make sure first that the APs actually sup- port these channels. Transmit Power Displays the transmission power in dBm. You can select another transmission power.
Page 176: General
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH 13.2.1 General Wireless LAN Controller Controller Configuration General Fig. 61: -> -> The Wireless LAN Controller->Controller Configuration->Generalmenu consists of the following fields: Fields in the Basic Settings menu Field Description Region Select the country in which the wireless LAN controller is to be operated.
Page 177: Slave Ap Configuration
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): An external DHCP server with active CAPWAP option 138 assigns the IP addresses to the APs. • : Your device, on which the CAPWAP option 138 is active, assigns the IP addresses to the APs.
Page 178: Slave Access Points
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH 13.3.1 Slave Access Points Wireless LAN Controller Slave AP configuration Slave Access Points Fig. 62: -> -> In the Wireless LAN Controller->Slave AP configuration->Slave Access Points menu a list of all APs found with the wizard is displayed.
Page 179 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH ated again but shall not be configured. Wireless LAN Controller Slave AP configuration Slave Access Points Fig. 63: -> -> -> In the menu Wireless LAN Controller->Slave AP configuration->Slave Access Points- >...
Page 180 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description The function is activated by selecting The function is enabled by default. You can override the encryption in order to view the communic- ation for debugging purposes. Location Displays the stated locality of the AP. You can enter another locality.
Page 181 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description channels apart, as a network also partially occupies the adja- cent channels. In the case of manual channel selection, please make sure first that the APs actually support these channels.
Page 182: Radio Profile
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH 13.3.2 Radio Profile Wireless LAN Controller Slave AP configuration Radio Profile Fig. 64: -> -> An overview of all created wireless module profiles is displayed in the Wireless LAN Con- troller->Slave AP configuration->Radio Profile menu. A profile with 2.4 GHz and a pro- file with 5 GHz are created by default;...
Page 183 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Wireless LAN Controller Slave AP configuration Radio Profile Fig. 65: -> -> -> The Wireless LAN Controller->Slave AP configuration->Radio Profile-> +New menu consists of the following fields: Fields in the Radio Profile Definition menu...
Page 184 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description • (default value): The wireless module profile is not active. • : Your device is used as an access point in your network. Operation Band Select the frequency band of the wireless module profile.
Page 185 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Fields in the Performance Settings menu Field Description Wireless Mode Select the wireless technology that the access point is to use. Für Operation Band = Possible values: • : The device operates only in accordance with 802.11g.
Page 186 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description Max. Transmission Select the transmission speed. Rate Possible values: • (default value): The transmission speed is determined automatically. • : According to setting for Operation Band, Band- width, Number of Spatial Streams and Wireless Mode vari- ous fixed values in mbps are available.
Page 187 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description User Defined Channel Only for Channel Plan = Plan The currently selected channels are displayed here. With Add you can add channels. If all available channels are displayed, you cannot add any more entries.
Page 188: Wireless Networks (Vss)
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description Possible values are The default value is . Long Retry Limit Enter the maximum number of attempts to send a data packet of length greater than the value defined in RTS Threshold.
Page 189 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH 13.3.3.1 Edit or New Choose the icon to edit existing entries. Choose the Newbutton to configure additional wireless networks. Wireless LAN Controller Slave AP configuration Wireless Networks Fig. 67: -> -> (VSS) ->...
Page 190 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description be permitted within a radio cell. The function is activated by selecting The function is enabled by default. ARP Processing Select whether the ARP processing function should be enabled. The ARP data traffic is reduced in the network by the fact that ARP broadcasts that have been converted to ARP unicasts are forwarded to IP addresses that are known internally.
Page 191 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description wireless network. Possible values: • (default value): Neither encryption nor authentica- tion • : WEP 40 bits • : WEP 104 bits • : WPA Preshared Key • : 802.11x...
Page 192 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): TKIP is used. • : AES is used. • : AES or TKIP is used. WPA2 Cipher Only for Security Mode = and for WPA Mode = Select the type of encryption you want to apply to WPA2.
Page 193: Monitoring
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description The function is enabled by default. Fields in the MAC-Filter menu Field Description ACL Mode Select whether only certain clients are to be permitted for this wireless network. The function is activated by selecting The function is disabled by default.
Page 194: Active Clients
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH 13.4.1 Active Clients Wireless LAN Controller Monitoring Active Clients Fig. 68: -> -> In the Wireless LAN Controller->Monitoring->Active Clients menu, current values of all active clients are displayed. For each Active Clientsyou will see an entry with a parameter set (Location, VSS, Client MAC, Signal dBm, Status, Uptime).
Page 195: Wireless Networks
13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH For each adjacent AP, you see an entry with a parameter set ( Detected via AP, MAC Ad- dress, SSID, Signal dBm, Channel, Last Seen; under Detected via AP you see the re- spective device location).
Page 196 (default value): The file is stored respectively on a remote server specified in the URL. • : The file is on the official Funkwerk update server. (Only for Action= • : The file is stored respectively on a TFTP server specified in the URL.
Page 197 13 Wireless LAN Controller Funkwerk Enterprise Communications GmbH Field Description Only for Source Location = Enter the URL of the update server from which the system soft- ware file is loaded or on which the configuration file is saved. bintec Rxxx2/RTxxx2...
Page 198: Chapter 14 Networking
14 Networking Funkwerk Enterprise Communications GmbH Chapter 14 Networking 14.1 Routes Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available. If you set up access to the Internet, you must configure the route to your Internet Service Provider (ISP) as a default route.
Page 199 14 Networking Funkwerk Enterprise Communications GmbH Networking Routes IP Routes Extended Route Fig. 72: -> -> -> with = not enabled. If the option is selected for Route Class, an extra configuration section opens. Networking Routes IP Routes Extended Route Fig.
Page 200 14 Networking Funkwerk Enterprise Communications GmbH The menu Networking->Routes->IP Routes->New consists of the following fields: Field in the Route Class menu Field Description Extended Route Select whether the route is to be defined with extended para- meters. If the function is active, a route is created with extended...
Page 201 14 Networking Funkwerk Enterprise Communications GmbH Field Description • in the WAN: You define a route without a transit network. • • in the LAN: You define a gateway route. • in the WAN: You define a route with a transit network.
Page 202 14 Networking Funkwerk Enterprise Communications GmbH Field Description First select the port number range. Possible values: • (default value): The route is valid for all port numbers. • : Enables the entry of a port number. • : Enables the entry of a range of port numbers.
Page 203: Options
14 Networking Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): The type of service is ignored. • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format).
Page 204 14 Networking Funkwerk Enterprise Communications GmbH The term Back Route Verify describes a very simple but powerful function. If a check is ac- tivated for an interface, incoming data packets are only accepted over this interface if out- going response packets are routed over the same interface. You can therefore prevent the acceptance of packets with false IP addresses - even without using filters.
Page 205: Nat
14 Networking Funkwerk Enterprise Communications GmbH Field Description Displays the name of the interface. Back Route Verify Only for Mode = Select whether is to be activated for the interface. The function is enabled with By default, the function is deactivated for all interfaces.
Page 206 14 Networking Funkwerk Enterprise Communications GmbH Networking NAT Interfaces Fig. 75: -> -> For every NAT interface, the tions can be selected . In addition, displays how many port forwarding rules were configured for this interface. Options in the menu NAT Interfaces...
Page 207: Nat Configuration
14 Networking Funkwerk Enterprise Communications GmbH 14.2.2 NAT Configuration In the Networking->NAT->NAT Configuration menu you can exclude data from NAT simply and conveniently as well as translate addresses and ports. For outgoing data traffic you can configure various NAT methods, i.e. you can determine how an external host es- tablishes a connection to an internal host.
Page 208 14 Networking Funkwerk Enterprise Communications GmbH Field Description Type of traffic Select the type of data traffic for which NAT is to be configured. Possible values: • (default value): The data traffic that comes from outside. • : Outgoing data traffic.
Page 209 14 Networking Funkwerk Enterprise Communications GmbH Field Description Service Not for Type of traffic = and NAT method = Select one of the preconfigured services. Possible values: • (default value) • Protocol Only for certain services. Not for Type of traffic =...
Page 210 14 Networking Funkwerk Enterprise Communications GmbH Field Description • • • • • • • • • • • Source IP Address/ For Type of traffic = Netmask only.Enter the source IP address and corresponding netmask of the original data packets, as the case arises.
Page 211: Load Balancing
14 Networking Funkwerk Enterprise Communications GmbH Field Description case arises. New Source IP Ad- Only for Type of traffic = and NAT dress/Netmask method = Enter the source IP address to which the original source IP ad- dress is to be translated, with corresponding netmask, as the case arises.
Page 212 14 Networking Funkwerk Enterprise Communications GmbH Networking Load Balancing Load Balancing Groups Fig. 77: -> -> -> The menu Networking->Load Balancing->Load Balancing Groups->New consists of the following fields: Fields in the Basic Parameters menu Field Description Group Description Enter the desired description of the interface group.
Page 213 14 Networking Funkwerk Enterprise Communications GmbH Field Description sidered. • : Only the data rate in the send direction is con- sidered. By default, the options are disabled. Distribution Mode Select the state the interfaces in the group may have if they are to be included in load balancing.
Page 214 14 Networking Funkwerk Enterprise Communications GmbH Feld Beschreibung Group Description Displays the description of the interface group. Distribution Policy Displays the selected mode of the data traffic. Fields in the Interface Selection for Distribution menu Field Description Interface Select the interfaces that are to belong to the group from the available interfaces.
Page 215: Special Session Handling
14 Networking Funkwerk Enterprise Communications GmbH Field Description You can select from all routes and all extended routes. Tracking IP Address The parameter Tracking IP Address serves to monitor a spe- cific route by modifying the load balancing status of he respect- ive interface or the routes connected with the interface.
Page 216 14 Networking Funkwerk Enterprise Communications GmbH >Load Balancing->Special Session Handling->New->Advanced Settings menu. If in the Networking->Load Balancing->Special Session Handling->New menu, for ex- ample, you select the parameter Service = (and leave the default value for all the other parameters), the first HTTPS packet specifies the Destination Address and the Destination Port (i.
Page 217 14 Networking Funkwerk Enterprise Communications GmbH Field Description Administrative Status Select whether the Special Session Handling should be activ- ated. The function is activated by selecting The function is enabled by default. Description Enter a name for the entry. Service Select one of the preconfigured services, if required.
Page 218 14 Networking Funkwerk Enterprise Communications GmbH Field Description • (default value): The destination port is not specified. • : Enter a destination port. • : Enter a destination port range. Source Interface If required, select your device's source interface. Source IP Address/...
Page 219: Qos
14 Networking Funkwerk Enterprise Communications GmbH Field Description If you leave the default setting for one or both para- meters, the value of the parameter concerned must be the same as in the first data packet with data packets sent sub- sequently.
Page 220 14 Networking Funkwerk Enterprise Communications GmbH Networking QoS Filter Fig. 80: -> -> -> The Networking->QoS->QoS Filter->New menu consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter the name of the filter. Service Select one of the preconfigured services. The extensive range of services configured ex works includes the following: •...
Page 221 14 Networking Funkwerk Enterprise Communications GmbH Field Description Select the type. Possible values: See RFC 792. The default value is Connection State With Protocol = , you can define a filter that takes the status of the TCP connections into account.
Page 222: Qos Classification
14 Networking Funkwerk Enterprise Communications GmbH Field Description DSCP/TOS Filter Specify how the priority of the IP packets is signalled. (Layer 3) Possible values: • (default value): No priority signalling is used. • : Differentiated Services Code Point is used to signal the priority of IP packets (indicated in binary format, 6 bit).
Page 223 14 Networking Funkwerk Enterprise Communications GmbH Networking QoS Classification Fig. 81: -> -> -> The Networking->QoS->QoS Classification->New menu consists of the following fields: Fields in the Basic Parameters menu Field Description Class map Choose the class plan you want to create or edit.
Page 224 14 Networking Funkwerk Enterprise Communications GmbH Field Description To select a filter, at least one filter must be configured in the Networking->QoS->QoS Filter menu. Direction Select the direction of the data packets to be classified. Possible values: • : Incoming data packets are assigned to the class (Class ID) that is then to be defined.
Page 225: Qos Interfaces/Policies
14 Networking Funkwerk Enterprise Communications GmbH Field Description packets (indicated in decimal format). • : The TOS value is specified in binary format, e.g. 00111111. • : The TOS value is specified in decimal format, e.g. 63. Set COS value Here you can set/change the service class (Layer 2 priority) in (802.1p/Layer 2)
Page 226 14 Networking Funkwerk Enterprise Communications GmbH 14.4.3.1 New Choose the New button to create additional prioritisations. Networking QoS Interfaces/Policies Fig. 82: -> -> -> The Networking->QoS->QoS Interfaces/Policies->New menu consists of the following fields: Fields in the Basic Parameters menu Field...
Page 227 14 Networking Funkwerk Enterprise Communications GmbH Field Description • (default value): QoS is deactivated on the inter- face. The existing configuration is not deleted, but can be ac- tivated again if required. Traffic shaping Activate or deactivate data rate limiting in the send direction.
Page 228 14 Networking Funkwerk Enterprise Communications GmbH Field Description • : Uses a special profile that contains the propos- als DES, 3DES and Blowfish. • Real Time Jitter Con- Only for Traffic shaping enabled trol Real Time Jitter Control optimises latency when forwarding real time datagrams.
Page 229 14 Networking Funkwerk Enterprise Communications GmbH Field Description with the selected interface, a queue is generated automatically and displayed here (only for data traffic classified as outgoing and for data traffic classified as moving in both directions). Add new entries with Add. The Edit Queue/Policy menu opens.
Page 230 14 Networking Funkwerk Enterprise Communications GmbH Field Description The default value is . RTT Mode (Realtime Active or deactivate the real time transmission of the data. Traffic Mode) The function is enabled with The function is disabled by default. RTT mode should be activated for QoS classes in which real time data has priority.
Page 231 14 Networking Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is disabled by default. Burst size Only for Traffic Shaping enabled. Enter the maximum number of bytes that may still be transmit- ted temporarily when the data rate permitted for this queue has been reached.
Page 232: Access Rules
14 Networking Funkwerk Enterprise Communications GmbH Field Description data congestion (RED) in bytes. Possible values are The default value is . Max. queue size Enter the upper threshold value for the process prevention of data congestion (RED) in bytes. Possible values are The default value is 14.5 Access Rules...
Page 233: Access Filter
14 Networking Funkwerk Enterprise Communications GmbH Allow all packets that are not explicitly denied, i.e.: • Deny all packets that match Filter 1. • Deny all packets that match Filter 2. • ... • Allow the rest. • Allow all packets that are explicitly allowed, i.e.: •...
Page 234 14 Networking Funkwerk Enterprise Communications GmbH Networking Access Rules Access Filter Fig. 83: -> -> 14.5.1.1 Edit or New Choose the icon to edit existing entries. To configure access fitters, select the New but- ton. Networking Access Rules Access Filter Fig.
Page 235 14 Networking Funkwerk Enterprise Communications GmbH Field Description • • • • • The default value is Protocol Select a protocol. option (default value) matches any protocol. Type Only if Protocol = Possible values: • • • • • •...
Page 236 14 Networking Funkwerk Enterprise Communications GmbH Field Description Destination IP Ad- Enter the destination IP address and netmask of the data pack- dress/Netmask ets. Possible values: • (default value) • : Enter the IP address of the host. • : Enter the network address and the related net- mask.
Page 237: Rule Chains
14 Networking Funkwerk Enterprise Communications GmbH Field Description • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format). • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in hexadecimal format).
Page 238 14 Networking Funkwerk Enterprise Communications GmbH Networking Access Rules Rule Chains Fig. 86: -> -> The Networking->Access Rules+Rule Chains->New menu consists of the following fields: Fields in the Basic Parameters menu Field Description Rule Chain Select whether to create a new rule chain or to edit an existing one.
Page 239: Interface Assignment
14 Networking Funkwerk Enterprise Communications GmbH Field Description • : Deny packet if it matches the filter. • : Deny packet if it does not match the filter. • : Use next rule. To set the rules of a rule chain in a different order select the button in the list menu for the entry to be shifted.
Page 240 14 Networking Funkwerk Enterprise Communications GmbH Networking Access Rules Interface Assignment Fig. 88: -> -> -> The Networking->Access Rules->Interface Assignment->New menu consists of the fol- lowing fields: Fields in the Basic Parameters menu Field Description Interface Select the interface for which a configured rule chain is to be as- signed.
Page 241: Drop In
14 Networking Funkwerk Enterprise Communications GmbH 14.6 Drop In Drop In Mode enables you to separate a network into multiple segments without creating subnets inside the IP network. In order to achive this, multiple interfaces can be collected into a Drop In Group. All interfaces are then assigned to the same netweork and are con- figured with a single IP address.
Page 242 14 Networking Funkwerk Enterprise Communications GmbH Field Description Group Description Enter a unique name for the Drop In group. Mode Select which mode is to be used to send the MAC addresses of network components. Possible values: • (default value): ARP packets and IP packets belonging to the Drop In network are passed on transparently (unmodified).
Page 243 14 Networking Funkwerk Enterprise Communications GmbH Field Description that are a member of the Drop In group. ARP Lifetime Specifies how long an ARP entry is kept in the cache. The default value is seconds. DNS assignment via The gateway can modify packets passing the Drop In group and DHCP insert itself as offered DNS server.
Page 244: Chapter 15 Routing Protocols
15 Routing Protocols Funkwerk Enterprise Communications GmbH Chapter 15 Routing Protocols 15.1 RIP The entries in the routing table can be defined statically or the routing table can be updated constantly by dynamic exchange of routing information between several devices. This ex- change is controlled by a Routing Protocol, e.g.
Page 245 15 Routing Protocols Funkwerk Enterprise Communications GmbH Routing Protocols RIP Interfaces Fig. 91: -> -> -> The menu Networking->RIP->RIP Interfaces-> consists of the following fields: Fields in the RIP Parameters for menu Field Description Send Version Decide whether routes are to be propagated via RIP and if so, select the RIP version for sending RIP packets over the inter- face in send direction.
Page 246: Rip Filter
15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description • (default value): RIP is not enabled. • : Enables sending and receiving of version 1 RIP packets. • : Enables sending and receiving of version 2 RIP packets. • :Enables sending and receiving RIP packets of both version 1 and 2.
Page 247 15 Routing Protocols Funkwerk Enterprise Communications GmbH tion. You configure a filter for a default route with the following values: • IP Address / Netmask = no entry for IP address (this corresponds to IP address 0.0.0.0), for netmask = 255.255.255.255 A list of all RIP filters is displayed in the Routing Protocols->RIP->RIP Filter menu.
Page 248 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Interface Select the interface to which the rule to be configured applies. IP Address / Netmask Enter the IP address and netmask to which the rule is to be ap- plied. This address can be in the LAN or WAN.
Page 249: Rip Options
15 Routing Protocols Funkwerk Enterprise Communications GmbH 15.1.3 RIP Options Routing Protocols RIP Options Fig. 94: -> -> The menu Routing Protocols->RIP->RIP Options consists of the following fields: Fields in the Global RIP Parameters menu Field Description RIP UDP Port The setting option UDP Port, which is used for sending and re- ceiving RIP updates, is only for test purposes.
Page 250 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description (=“Network is not reachable“). The function is enabled with The function is disabled by default. RFC 2453 Variable For the timers described in RFC 2453, select whether the same Timer values that you can configure in the Timer for RIP V2 (RFC 2453) menu should be used.
Page 251: Ospf
15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Garbage Collection Only for RFC 2453 Variable Timer = Timer The Garbage Collection Timer is started as soon as the route timeout has expired. After this timeout, the invalid route is deleted from the IPROUTETABLE if no update is carried out for the route.
Page 252 15 Routing Protocols Funkwerk Enterprise Communications GmbH • Connection costs: OSPF differs from RIP in that the connection costs are not calculated from the number of next hops, but from the bandwidth of the respective transport medi- • No limitation of the number of hops: The limitation of the maximum number of 16 hops for RIP does not exist for OSPF.
Page 253: Areas
15 Routing Protocols Funkwerk Enterprise Communications GmbH Certain areas can be defined as stub areas in OSPF. This prevents external networks, e.g. those propagated from other protocols by redistribution in OSPF, being propagated into the stub area. Externally routing of such areas is propagated with a default route. The configur- ation of a stub area reduces the database size in the area and reduces the amount of stor- age space needed on the gateways incorporated in the area.
Page 254 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Area ID Enter the ID to identify the OSPF aea. The backbone area is Import external routes Specifies whether the gateway routing information generated from external autonomous systems (not areas) is to be impor- ted.
Page 255: Interfaces
15 Routing Protocols Funkwerk Enterprise Communications GmbH 15.2.2 Interfaces In the Routing Protocols->OSPF->Interfaces menu, a list of all interfaces is displayed. Routing Protocols OSPF Interfaces Fig. 97: -> -> Caution If your interfaces are not only to be assigned to Backbone Area 0.0.0.0, you must first define OSPF areas in the Routing Protocols+OSPF+Areas menu.
Page 256 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Possible values: • : OSPF is activated for this interface, i.e. routes are propagated or OSPF protocol packets sent over this interface. • : OSPF is not activated for this interface, i.e. no routes are propagated or OSPF protocol packets sent over this interface.
Page 257: Global Settings
15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description hash, which is sent with each packet Authentication Key Enter a text string to be used in combination with the defined Authentication Type. Export indirect static If this value is set to (default), only direct routes (i.e.
Page 258 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Generate default route If this option is activated, the gateway propagates a default for the AS route over all active OSPF interfaces. The function is disabled by default. Propagate routes The logical interfaces REFUSE and IGNORE have the following...
Page 259: Chapter 16 Multicast
16 Multicast Funkwerk Enterprise Communications GmbH Chapter 16 Multicast What is multicasting? Many new communication technologies are based on communication from one sender to several recipients. Therefore, modern telecommunication systems such as voice over IP or video and audio streaming (e.g. IPTV or Webradio) focus on reducing data traffic, e.g. by offering TriplePlay (voice, video, data).
Page 260: General
16 Multicast Funkwerk Enterprise Communications GmbH dedicated host, but rather a group, i.e. during the routing of multicast packets, the decisive factor is whether a recipient is in a logged-in subnet. In the local network, all hosts are required to accept all multicast packets. For Ethernet or FDD, this is based on MAC mapping, where the group address is encoded into the destina- tion MAC address.
Page 261: General
16 Multicast Funkwerk Enterprise Communications GmbH 16.1.1 General In the Multicast->General->General Multicast menu you can disable or enable the multic- ast function. Multicast General General Fig. 100: -> -> The Multicast->General->Generalmenu consists of the following fields: Fields in the Basic Settings menu...
Page 262: Igmp
16 Multicast Funkwerk Enterprise Communications GmbH 16.2.1 IGMP In this menu, you configure the interfaces on which IGMP is to be enabled. 16.2.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure IGMP on other interfaces.
Page 263 16 Multicast Funkwerk Enterprise Communications GmbH Field Description Time within which hosts must respond. The hosts randomly select a time delay from this interval before sending the response. This spreads the load in networks with several hosts, improving per- formance.
Page 264: Options
16 Multicast Funkwerk Enterprise Communications GmbH IGMP Proxy enables you to simulate several locally connected interfaces as a subnet to an adjacent router. Queries coming in to the IGMP Proxy interface are forwarded to the local subnets. Local reports are forwarded on the IPGM Proxy interface.
Page 265 16 Multicast Funkwerk Enterprise Communications GmbH Multicast IGMP Options Fig. 103: -> -> The Multicast->IGMP->Options menu consists of the following fields: Fields in the Basic Settings menu Field Description IGMP Status Select the IGMP status. Possible values: • (default value): Multicast is activated automatically for hosts if the hosts open applications that use multicast.
Page 266: Forwarding
16 Multicast Funkwerk Enterprise Communications GmbH Field Description IGMP State Limit Enter the maximum permitted total number of incoming queries and messages per second. The default value is , i.e. the number of IGMP status mes- sages is not limited.
Page 267: Pim
16 Multicast Funkwerk Enterprise Communications GmbH Field Description The option is deactivated by default. Multicast Group Ad- Only for All Multicast Groups = not active. dress Enter here the address of the multicast group you want to for- ward from a defined Source Interface to a defined Destination Interface.
Page 268 16 Multicast Funkwerk Enterprise Communications GmbH 16.4.1.1 Edit or New Choose the icon to edit existing entries. To configure PIM lists, select the New button. Multicast PIM Interfaces Fig. 106: -> -> -> The Multicast->PIM->PIM Interfaces->New menu consists of the following fields:...
Page 269 16 Multicast Funkwerk Enterprise Communications GmbH Field Description are released. Designated Router Pri- Define the value of the designated router priority entered in the ority Designated Router Priority option. The higher the value, the greater the probability that the corres- ponding router will be used as the designated router.
Page 270 16 Multicast Funkwerk Enterprise Communications GmbH Field Description Join/Prune Interval Define the frequency at which the PIM Join/Prune messages are sent on the interface. The value means that no periodic PIM Join/Prune messages are sent on this interface. Possible values: seconds.
Page 271: Pim Rendezvous Points
16 Multicast Funkwerk Enterprise Communications GmbH 16.4.2 PIM Rendezvous Points In menu Multicast->PIM->PIM Rendezvous Points you determine which Rendezvous Point is responsible for which group. A list of all PIM Rendezvous Points is displayed. Multicast PIM Rendezvous Points Fig. 107: ->...
Page 272: Pim Options
16 Multicast Funkwerk Enterprise Communications GmbH Field Description Here you enter the IP address of the multicast network seg- ment. Multicast Group Prefix Only if Multicast Group Range = Length Here you enter the network mask length of the multicast net- work segment.
Page 273 16 Multicast Funkwerk Enterprise Communications GmbH The Multicast->PIM+PIM Optionsmenu consists of the following fields: Fields in the Basic Settings menu Field Description PIM Status Select whether PIM should be activated. The function is activ- ated by selecting The function is disabled by default.
Page 274: Chapter 17 Wan
17 WAN Funkwerk Enterprise Communications GmbH Chapter 17 WAN This menu offers various options for configuring accesses or connections from your LAN to the WAN. You can also optimise voice transmission here for telephone calls over the Inter- net. 17.1 Internet + Dialup In this menu, you can set up Internet access or dialup connections.
Page 275: Default Route
17 WAN Funkwerk Enterprise Communications GmbH Field Description specified number of seconds) administratively set to down (deactivated); connection setup not possible for leased lines: Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available.
Page 276: Pppoe
17 WAN Funkwerk Enterprise Communications GmbH enter a common password and two codes. You get this information, for example, from your Internet Service Provider (ISP) or the system administrator at your head office. If the data you entered on your device is the same as the caller's data, the call is accepted. The call is rejected if the data is not the same.
Page 277 17 WAN Funkwerk Enterprise Communications GmbH 17.1.1.1 New Choose the Newbutton to set up new PPPoE interfaces. Internet + Dialup PPPoE Fig. 110: -> -> -> The menu WAN->Internet + Dialup->PPPoE->New consists of the following fields: Fields in the Basic Parameters menu...
Page 278 17 WAN Funkwerk Enterprise Communications GmbH Field Description up over several interfaces ( ). If you choose , you can connect several DSL connections from a pro- vider over PPP as a static bundle in order to obtain more band- width.
Page 279 17 WAN Funkwerk Enterprise Communications GmbH Field Description rate charge. Connection Idle Only if Always on is disabled Timeout Enter the idle time in seconds for static short hold. The static short hold setting determines how many seconds should pass between sending the last traffic data packet and clearing the connection.
Page 280 17 WAN Funkwerk Enterprise Communications GmbH Field Description Enter the static IP address of the connection partner. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner. Add new entries with Add. • : IP address of the destination host or network.
Page 281 17 WAN Funkwerk Enterprise Communications GmbH Field Description Challenge Handshake Authentication Protocol). • : Primarily run CHAP, on denial then the authentication protocol required by the connection partner. (MSCHAP version 1 or 2 possible.) • : Run MS-CHAP version 2 only.
Page 282: Pptp
17 WAN Funkwerk Enterprise Communications GmbH 17.1.2 PPTP A list of all PPTP interfaces is displayed in the WAN->Internet + Dialup->PPTP menu. In this menu, you configure an Internet connection that uses the Point Tunnelling Protocol (PPTP) to set up a connection, e.g. required in Austria.
Page 283 17 WAN Funkwerk Enterprise Communications GmbH Fields in the Basic Parameters menu Field Description Description Enter a name for uniquely identifying the internet connection. The first character in this field must not be a number No special characters or umlauts must be used.
Page 284 17 WAN Funkwerk Enterprise Communications GmbH Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: • (default value): Your device is automatic- ally assigned a temporarily valid IP address from the provider.
Page 285 17 WAN Funkwerk Enterprise Communications GmbH Field Description Block after connection Enter the wait time in seconds before the device should try failure for again after an attempt to set up a connection has failed. The de- fault value is...
Page 286: Pppoa
17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is disabled by default. PPTP Address Mode Displays the address mode. The value cannot be changed. Possible values: • : The IP address of the Ethernet port selected in PPTP Interface will be used.
Page 287 17 WAN Funkwerk Enterprise Communications GmbH Internet + Dialup PPPoA Fig. 112: -> -> -> The menu WAN->Internet + Dialup->PPPoA->New consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter a name for uniquely identifying the connection partner.
Page 288 17 WAN Funkwerk Enterprise Communications GmbH Field Description Always on Select whether the interface should always be activated. The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge.
Page 289 17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is enabled by default. Local IP Address Only for IP Address Mode = Enter the static IP address you received from your provider. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner.
Page 290: Isdn
17 WAN Funkwerk Enterprise Communications GmbH Field Description • Only run CHAP (PPP Challenge Handshake Authentic- ation Protocol as per RFC 1994); password is transferred en- crypted. • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol).
Page 291 17 WAN Funkwerk Enterprise Communications GmbH • Internet access over ISDN • LAN-to-LAN connection over ISDN • Remote (Mobile) Dialin • Use of the ISDN Callback function 17.1.4.1 New Choose the New button to set up new ISDN interfaces. bintec Rxxx2/RTxxx2...
Page 292 17 WAN Funkwerk Enterprise Communications GmbH Internet + Dialup ISDN Fig. 113: -> -> -> The menu WAN->Internet + Dialup->ISDN->New consists of the following fields: Fields in the Basic Parameters menu bintec Rxxx2/RTxxx2...
Page 293 17 WAN Funkwerk Enterprise Communications GmbH Field Description Description Enter a name for uniquely identifying the connection partner. The first character in this field must not be a number No special characters or umlauts must be used. Connection Type Select which layer 1 protocol your device should use.
Page 294 17 WAN Funkwerk Enterprise Communications GmbH Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: • (default value): You enter a static IP address.
Page 295 17 WAN Funkwerk Enterprise Communications GmbH Field Description made, your device uses a default netmask. • : The lower the value, the higher the priority of the route (range of values ... ). The default value is . IP Assignment Pool Only if IP Address Mode = Select IP pools configured in the WAN->Internet + Dialup->IP...
Page 296 17 WAN Funkwerk Enterprise Communications GmbH Field Description • Only run CHAP (PPP Challenge Handshake Authentic- ation Protocol as per RFC 1994); password is transferred en- crypted. • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol).
Page 297 17 WAN Funkwerk Enterprise Communications GmbH Field Description • : Your device calls back im- mediately when requested to do so by the connection part- ner. • : Your device calls back after a period of time suggested by the Microsoft client (NT: 10 seconds, new systems: 12 seconds.
Page 298 17 WAN Funkwerk Enterprise Communications GmbH Field Description • (default value): No channel bundling, only one B- channel is ever available for connections. • : Static channel bundling. • : Dynamic channel bundling. Number of B Channels Select how many B channels your device should use.
Page 299: Aux
17 WAN Funkwerk Enterprise Communications GmbH Field Description • : OSPF is activated for this interface, i.e. routes are propagated or OSPF protocol packets sent over this interface. • : OSPF is disabled for this interface. Proxy ARP Mode Select whether and how ARP requests from your own LAN are to be responded to for the specified connection partner.
Page 300 17 WAN Funkwerk Enterprise Communications GmbH 17.1.5.1 New Choose the Newbutton to set up new AUX interfaces. Internet + Dialup Fig. 114: -> -> -> The WAN->Internet + Dialup->AUX->New menu consists of the following fields: Fields in the Basic Parameters menu...
Page 301 17 WAN Funkwerk Enterprise Communications GmbH Field Description User Name Enter the user name. Password Enter the password. Always on Select whether the interface should always be activated. The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge.
Page 302 17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is enabled by default. Create NAT Policy Specify whether Network Address Translation (NAT) is to be ac- tivated. The function is enabled with The function is enabled by default. Local IP Address Only if IP Address Mode = Enter the static IP address of the connection partner.
Page 303 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values are The default value is . Usage Type If necessary, select a special interface use. Possible values: • (default value): No special type is selected. • : The interface is used for incoming dialup con- nections and callbacks initiated externally.
Page 304 17 WAN Funkwerk Enterprise Communications GmbH Field Description Prioritize TCP ACK Select whether the TCP download is to be optimised in the Packets event of intensive TCP upload. This function can be specially applied for asymmetrical bandwidths (ADSL). The function is enabled with The function is disabled by default.
Page 305 17 WAN Funkwerk Enterprise Communications GmbH Field Description prox. four seconds if your device is requested to do so by the connection partner. Only makes sense for CLID. • : like with the option of termination. This setting should be avoided for security reasons. The Mi-...
Page 306: Ip Pools
17 WAN Funkwerk Enterprise Communications GmbH Field Description connection partner. • : Your device only responds to an ARP re- quest if the status of the connection to the connection partner . In the case of , your device only re- sponds to the ARP request;...
Page 307: Atm
17 WAN Funkwerk Enterprise Communications GmbH Field Description IP Pool Name Enter the name of the IP pool. IP Pool Range In the first field, enter the first IP address of the range. In the second field, enter the last IP address of the range.
Page 308: Profiles
17 WAN Funkwerk Enterprise Communications GmbH 17.2.1 Profiles A list of all ATM profiles is displayed in the WAN->ATM->Profiles menu. If the connection for your Internet access is set up using the internal modem, the ATM con- nection parameters must be set for this. An ATM profile combines a set of parameters for a specific provider.
Page 309 17 WAN Funkwerk Enterprise Communications GmbH Fields in the ATM Profiles Parameter menu Field Description Provider Select one of the preconfigured ATM profiles for your provider from the list or manually define the profile using Description Only for Provider = Enter the desired description for the connection.
Page 310 17 WAN Funkwerk Enterprise Communications GmbH Field Description tification number of the virtual channel. A virtual channel is the logical connection for the transport of ATM cells between two or more points. Note your provider's instructions. Possible values are The default value is 32.
Page 311 17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is disabled by default. Address Mode Only for Type = Select how an IP address is to be assigned to the interface. Possible values: •...
Page 312: Service Categories
17 WAN Funkwerk Enterprise Communications GmbH Field Description The maximum length of the entry is 45 characters. Fields in menu Routed Protocols over ATM Settings (appears only for Type = Routed Protocols over ATM) Field Description IP Address/Netmask Enter the IP addresses (IP Address) and the corresponding netmasks (Netmask) of the ATM interface.
Page 313 17 WAN Funkwerk Enterprise Communications GmbH Caution ATM QoS should only be used if your provider specifies a list of data traffic parameters (traffic contract). The configuration of ATM QoS requires extensive knowledge of ATM technology and the way the bintec devices function. An incorrect configuration can cause consider- able disruption during operation.
Page 314 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible settings: • (default value): (Unspecified Bit Rate) A particular data rate is not guaranteed for the connection. The Peak Cell Rate (PCR) specifies the limit above which data is discarded. This category is suitable for non-critical applications.
Page 315: Oam Controlling
17 WAN Funkwerk Enterprise Communications GmbH Field Description Maximum Burst Size Only for ATM Service Category = (MBS) Enter a value for the maximum number of bits per second by which the PCR can be exceeded briefly. Possible values: The default value is .
Page 316 17 WAN Funkwerk Enterprise Communications GmbH OAM Controlling Fig. 118: -> -> -> The menu WAN->ATM->OAM Controlling->New consists of the following fields: Fields in the OAM Flow Configuration menu Field Description OAM Flow Level Select the OAM flow level to be monitored.
Page 317 17 WAN Funkwerk Enterprise Communications GmbH Field Description Loopback End-to-End Select whether you activate the loopback test for the connection between the endpoints of the VCC or VPC. The function is enabled with The function is disabled by default. End-to-End Send Inter- Only if Loopback End-to-End is enabled.
Page 318 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values are The default value is . Fields in the CC Activation menu Field Description Continuity Check (CC) Select whether you activate the OAM-CC test for the connection End-to-End between the endpoints of the VCC or VPC.
Page 319: Leased Line
17 WAN Funkwerk Enterprise Communications GmbH Field Description • : OAM CC requests are sent and answered after CC ne- gotiation (CC activation negotiation). • Depending on the setting in the Direction field, OAM CC requests are either sent and/or responded to.
Page 320 17 WAN Funkwerk Enterprise Communications GmbH 17.3.1.1 Edit Choose the button to edit the configuration of the corresponding leased line for a BRI interface. Leased Line Interfaces Autogenerated from BRI (ISDN-S0) Fig. 120: -> -> -> -> The WAN->Leased Line->Interfaces->Autogenerated from BRI (ISDN-S0)->...
Page 321 17 WAN Funkwerk Enterprise Communications GmbH Field Description Local IP Address Enter the IP address you received from your network operator. Route Entries Define other routing entries for this connection class. Add new entries with Add. The menu Advanced Settings consists of the following fields:...
Page 322 17 WAN Funkwerk Enterprise Communications GmbH Field Description • (default value): OSPF is not activated for this inter- face, i.e. no OSPF protocol packets sent over this interface. Networks reachable over this interface are, however, included when calculating the routing information and propagated over active interfaces.
Page 323 17 WAN Funkwerk Enterprise Communications GmbH Leased Line Interfaces Autogenerated from PRI (ISDN-S2M) Fig. 121: -> -> -> -> The WAN->Leased Line->Interfaces->Autogenerated from PRI (ISDN-S2M)-> menu consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter the desired description for the connection.
Page 324 17 WAN Funkwerk Enterprise Communications GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu Field Description LCP Alive Check Select whether the reachability of the remote terminal is to be checked. The function is enabled with The function is disabled by default.
Page 325: Real Time Jitter Control
17 WAN Funkwerk Enterprise Communications GmbH Field Description protocol packets sent over this interface. • : OSPF is disabled for this interface. Proxy ARP Mode Select whether and how ARP requests are to be responded to for the specified connection partner.
Page 326 17 WAN Funkwerk Enterprise Communications GmbH Real Time Jitter Control Controlled Interfaces Fig. 122: -> -> -> The menu WAN->Real Time Jitter Control->Controlled Interfaces->New consists of the following fields: Fields in the Basic Settings menu Field Description Interface Define for which interfaces voice transmission is to be optim- ised.
Page 327: Chapter 18 Vpn
Public Key Infrastructure (PKI, see Certificates on page 109). The funkwerk IPSec implementation achieves this firstly by using the Authentication Header (AH) protocol and Encapsulated Security Payload (ESP) protocol, and secondly through the use of cryptographic key administration mechanisms like the Internet Key Exchange (IKE) protocol.
Page 328 18 VPN Funkwerk Enterprise Communications GmbH IPSec IPSec Peers Fig. 123: -> -> Peer Monitoring The menu for monitoring a peer is called by selecting the button for the peer in the peer list. See Values in the IPSec Tunnels list on page 508.
Page 329 18 VPN Funkwerk Enterprise Communications GmbH IPSec IPSec Peers Fig. 124: -> -> -> The menu VPN->IPSec->IPSec Peers->New consists of the following fields: Fields in the Peer Parameters menu Field Description Administrative Status Select the status to which you wish to set the peer after saving the peer configuration.
Page 330 18 VPN Funkwerk Enterprise Communications GmbH Field Description • (default value): The peer is available for setting up a tunnel immediately after saving the configuration. • : The peer is initially not available after the configuration has been saved. Description Enter a description of the peer that identifies it.
Page 331 18 VPN Funkwerk Enterprise Communications GmbH Field Description Authentication Method Only for Internet Key Exchange = Select the authentication method. Possible values: • (default value): If you do not use certific- ates for the authentication, you can select Preshared Keys.
Page 332 18 VPN Funkwerk Enterprise Communications GmbH Field Description your partner configures for you are identical. Fields in the Interface Routes menu Field Description IP Address Assign- Select the configuration mode of the interface. ment Possible values: • (default value): Enter a static IP address.
Page 333 18 VPN Funkwerk Enterprise Communications GmbH Field Description • : Netmask for Remote IP Address • : The lower the value, the higher the priority of the route (possible values ). The default value is . The menu Advanced Settings consists of the following fields:...
Page 334 18 VPN Funkwerk Enterprise Communications GmbH Field Description Number of Admitted Choose how many users can connect using this peer profile. Connections Possible values: • (default value): Only one peer can be connected with the data defined in this profile.
Page 335 18 VPN Funkwerk Enterprise Communications GmbH IPSec Callback bintec devices support the DynDNS service to enable hosts without fixed IP addresses to obtain a secure connection over the Internet. This service enables a peer to be identified using a host name that can be resolved by DNS. You do not need to configure the IP ad- dress of the peer.
Page 336 18 VPN Funkwerk Enterprise Communications GmbH Note To use the IP address transfer over ISDN function, you must obtain a free-of-charge extra licence. You can obtain the licence data for extra licences via the online licensing pages in the support section at www.funkwerk-ec.com...
Page 337 18 VPN Funkwerk Enterprise Communications GmbH rent IP address in the MIB entry belonging to peer B. (3) Your device sends the initial ISDN call to peer B, which transfers the IP address of peer A and the token as per the callback configuration.
Page 338 18 VPN Funkwerk Enterprise Communications GmbH Field Description (by an outgoing ISDN call). Incoming Phone Num- Only for Mode = Enter the ISDN number from which the remote device calls the local device (calling party number). Wildcards may also be used.
Page 339: Phase-1 Profiles
18 VPN Funkwerk Enterprise Communications GmbH Field Description D Channel Mode Only for Transfer Mode = Select the D channel mode in which your device tries to transfer the IP address. Possible values: • (default value): The IP address is transferred in the "LLC information elements"...
Page 340 18 VPN Funkwerk Enterprise Communications GmbH IPSec Phase-1 Profiles Fig. 126: -> -> -> The menu VPN->IPSec->Phase-1 Profiles->New consists of the following fields: Fields in the Phase-1 (IKE) Parameters menu Field Description Description Enter a description that uniquely defines the type of rule.
Page 341 18 VPN Funkwerk Enterprise Communications GmbH Field Description • : Twofish was a final candidate for the AES (Advanced Encryption Standard). It is rated as just as secure as Rijndael (AES), but is slower. • : Blowfish is a very secure and fast algorithm.
Page 342 18 VPN Funkwerk Enterprise Communications GmbH Field Description and opinion at the time of creating this User Guide. In particular, the quality of the algorithms is subject to relative aspects and may change due to mathematical or cryptographic develop- ments.
Page 343 18 VPN Funkwerk Enterprise Communications GmbH Field Description • (default value): If you do not use certific- ates for the authentication, you can select Preshared Keys. These are configured during peer configuration in the IPSec Peers. The preshared key is the shared password.
Page 344 18 VPN Funkwerk Enterprise Communications GmbH Field Description Select the local ID type. Possible values: • • • • Local ID Value Only for Phase-1 (IKE) Parameters Enter the ID of your device. For Authentication Method = the Use Subject Name from certi- ficate option is displayed.
Page 345 18 VPN Funkwerk Enterprise Communications GmbH Field Description Alive Check Select the method to be used to check the functionality of the IPSec connection. In addition to the default method Dead Peer Detection (DPD), the (proprietary) Heartbeat method is implemented. This sends and receives signals every 5 seconds, depending on the config- uration.
Page 346: Phase-2 Profiles
18 VPN Funkwerk Enterprise Communications GmbH Field Description NAT Traversal NAT Traversal (NAT-T) also enables IPSec tunnels to be opened via one or more devices on which network address translation (NAT) is activated. Without NAT-T, incompatibilities may arise between IPSec and NAT (see RFC 3715, section 2).
Page 347 18 VPN Funkwerk Enterprise Communications GmbH 18.1.3.1 New Choose the New button to create additional profiles. IPSec Phase-2 Profiles Fig. 128: -> -> -> The menu VPN->IPSec->Phase-2 Profiles->New consists of the following fields: Fields in the Phase-2 (IPSEC) Parameters menu...
Page 348 18 VPN Funkwerk Enterprise Communications GmbH Field Description • : All options can be used. • : Rijndael has been nominated as AES due to its fast key setup, low memory requirements, high level of secur- ity against attacks and general speed. Here, it is used with a key length of 128 bits.
Page 349 18 VPN Funkwerk Enterprise Communications GmbH Field Description a renewed phase 2 SA, even if the keys of the phase 1 SA have become known. The field has the following options: • : During the Diffie-Hellman key calculation, mod- ular exponentiation at 768bits is used to create the encryption material.
Page 350: Xauth Profiles
18 VPN Funkwerk Enterprise Communications GmbH Field Description during compression. The function is enabled with The function is disabled by default. Alive Check Select whether and how IPSec heartbeats are used. A bintec IPSec heartbeat is implemented to determine whether or not a Security Association (SA) is still valid.
Page 351 18 VPN Funkwerk Enterprise Communications GmbH The gateway can take on two different roles when using XAuth as it can act as a server or as a client: • As a server the gateway requires a proof of authorisation. • As a client the gateway provides proof of authorisation.
Page 352 18 VPN Funkwerk Enterprise Communications GmbH Field Description Role Select the role of the gateway for XAuth authentication. Possible values: • (default value): The gateway requires a proof of au- thorisation. • : The gateway provides proof of authorisation. Mode Only for Role = Select how authentication is carried out.
Page 353: Ip Pools
18 VPN Funkwerk Enterprise Communications GmbH 18.1.5 IP Pools In the IP Pools menu a list of all IP pools for your configured IPSec connections is dis- played. If for an IPSec peer you have set IP Address Assignment you must define the IP pools here from which the IP addresses are assigned.
Page 354: Options
18 VPN Funkwerk Enterprise Communications GmbH 18.1.6 Options IPSec Options Fig. 131: -> -> The menu VPN->IPSec->Options consists of the following fields: Fields in the Global Options menu Field Description Enable IPSec Select whether you want to activate IPSec. The function is enabled with The function is active as soon as an IPSec Peer is configured.
Page 355 18 VPN Funkwerk Enterprise Communications GmbH Field Description You can only delete the configuration if Enable IPSec = not ac- tivated. IPSec Debug Level Select the priority of the syslog messages of the IPSec subsys- tem to be recorded internally.
Page 356 18 VPN Funkwerk Enterprise Communications GmbH Field Description Send Initial Contact Select whether IKE Initial Contact messages are to be sent dur- Message ing IKE (phase 1) if no SAs with a peer exist. The function is enabled with The function is enabled by default.
Page 357: L2Tp
18 VPN Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. Send Certificate Re- Select whether certificate requests are to be sent during IKE quest Payloads (phase 1). The function is enabled with The function is enabled by default.
Page 358: Tunnel Profiles
18 VPN Funkwerk Enterprise Communications GmbH created on each of the two sides (LAC and LNS). The corresponding L2TP tunnel profile is used on the initiator side (LAC) to set up the connection. The L2TP tunnel profile is needed on the responder side (LNS) to accept the connection.
Page 359 18 VPN Funkwerk Enterprise Communications GmbH Field Description Description Enter a description for the current profile. The device automatically names the profiles and numbers them, but the value can be changed. Enter the host name for LNS or LAC. Local Hostname •...
Page 360 18 VPN Funkwerk Enterprise Communications GmbH Field Description address for connections based on this profile. The destination must be a device that can behave like an LNS. UDP Source Port Enter how the port number to be used as the source port for all outgoing L2TP connections based on this profile is to be de- termined.
Page 361: Users
18 VPN Funkwerk Enterprise Communications GmbH Field Description between Retries fore resending a L2TP control packet for which it received no re- sponse. The wait time is dynamically extended until it reaches the Max- imum Time between Retries. The available values are , the default value is .
Page 362 18 VPN Funkwerk Enterprise Communications GmbH L2TP Users Fig. 133: -> -> -> The menu VPN->L2TP->Users->New consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter a name for uniquely identifying the L2TP partner. The first character in this field must not be a number No special characters or umlauts must be used.
Page 363 18 VPN Funkwerk Enterprise Communications GmbH Field Description Connection Type Select whether the L2TP partner is to take on the role of the L2TP network server (LNS) or the functions of a L2TP access concentrator client (LAC client). Possible values: •...
Page 364 18 VPN Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): You enter a static IP address. • : Only for Connection Type = Your device dynamically assigns an IP address to the remote terminal. • : Only for Connection Type = .
Page 365 18 VPN Funkwerk Enterprise Communications GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu Field Description Block after connection Enter the wait time in seconds before the device should try failure for again after an attempt to set up a connection has failed. The de-...
Page 366 18 VPN Funkwerk Enterprise Communications GmbH Field Description Compression If necessary, select the type of encryption that should be used for data traffic to the connection partner. If encryption is set, the remote terminal must also support it, otherwise a connection cannot be set up.
Page 367: Options
18 VPN Funkwerk Enterprise Communications GmbH Field Description • : OSPF is disabled for this interface. Proxy ARP Mode Select whether your device is to respond to ARP requests from its own LAN on behalf of the specific L2TP partner.
Page 368: Pptp
18 VPN Funkwerk Enterprise Communications GmbH Field Description UDP Destination Port Enter the port to be monitored by the LNS on incoming L2TP tunnel connections. Available values are all whole numbers from , the default value is as specified in RFC 2661.
Page 369 18 VPN Funkwerk Enterprise Communications GmbH 18.3.1.1 New Click on New to set up further PPTP partners. PPTP PPTP Tunnels Fig. 135: -> -> -> The VPN->PPTP->PPTP Tunnels->New menu consists of the following fields: Fields in the PPTP Partner Parameters menu...
Page 370 18 VPN Funkwerk Enterprise Communications GmbH Field Description Description Enter a unique name for the tunnel. The first character in this field must not be a number No special characters or umlauts must be used. PPTP Mode Enter the role to be assigned to the PPTP interface.
Page 371 18 VPN Funkwerk Enterprise Communications GmbH Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: • (default value): You enter a static IP address.
Page 372 18 VPN Funkwerk Enterprise Communications GmbH Field Description IP Assignment Pool Only if IP Address Mode = (IPCP) Select IP pools configured in the WAN->Internet + Dialup->IP Poolsmenu. If an IP pool has not been configured here yet, the message appears in this field.
Page 373 18 VPN Funkwerk Enterprise Communications GmbH Field Description • : MPP encryption is not used. • (default value): MPP encryption V2 with 128 bit is used to RFC 3078. • : MPP encryption V2 with 128 bit is used as compatible with Microsoft and Cisco.
Page 374 18 VPN Funkwerk Enterprise Communications GmbH Field Description Proxy ARP Mode Select whether your device is to answer APR requests from your LAN on behalf of the specific PPTP partner. Possible values: • (default value): Disables Proxy-ARP (Address Resolution Protocol) for this PPTP partner.
Page 375: Options
18 VPN Funkwerk Enterprise Communications GmbH Field Description Enter the ISDN number from which the remote device calls the local device (calling party number). Outgoing ISDN Num- Only if Callback is enabled. Enter the ISDN number with which the local device calls the re- mote device calls (called party number).
Page 376: Ip Pools
Since, in SP 1, Microsoft has changed the confirma- tion algorithm in the GRE protocol, the automatic window adapt- ation for GRE must be turned off on the funkwerk side. The function is enabled with The function is enabled by default.
Page 377: Gre
18 VPN Funkwerk Enterprise Communications GmbH PPTP IP Pools Fig. 137: -> -> -> The VPN->PPTP->IP Pools->Add menu consists of the following fields: Fields in the IP Pools menu Field Description IP Pool Name Enter the name of the IP pool.
Page 378 18 VPN Funkwerk Enterprise Communications GmbH 18.4.1.1 New Choose the New button to set up new GRE tunnels. GRE Tunnels Fig. 138: -> -> -> The VPN->GRE->GRE Tunnels->Newmenu consists of the following fields: Fields in the Basic Parameters menu Field...
Page 379 18 VPN Funkwerk Enterprise Communications GmbH Field Description Local IP Address Here, enter the (LAN-side) IP address that is to be used as your device's source address for your own packets through the GRE tunnel. Route Entries Define other routing entries for this connection partner.
Page 380: Chapter 19 Firewall
19 Firewall Funkwerk Enterprise Communications GmbH Chapter 19 Firewall The Stateful Inspection Firewall (SIF) provided for bintec gateways is a powerful security feature. The SIF with dynamic packet filtering has a decisive advantage over static packet filtering: The decision whether or not to send a packet cannot be made solely on the basis of source and destination addresses or ports but also using dynamic packet filtering based on the state of the connection to a partner.
Page 381: Policies
19 Firewall Funkwerk Enterprise Communications GmbH One of the basic functions of NAT is the translation of the local IP addresses of your LAN into the global IP addresses you are assigned by your ISP and vice versa. All connections initiated externally are first blocked, i.e.
Page 382: Filter Rules
19 Firewall Funkwerk Enterprise Communications GmbH 19.1.1 Filter Rules The default behaviour with Action = consists of two implicit filter rules: If an incom- ing packet can be assigned to an existing connection and if a suitable connection is expec- ted (e.g.
Page 383 19 Firewall Funkwerk Enterprise Communications GmbH Firewall Policies Filter Rules Fig. 140: -> -> -> The menu Firewall->Policies->Filter Rules->New consists of the following fields: Fields in the Basic Parameters menu Field Description Source Select one of the preconfigured aliases for the source of the packet.
Page 384 19 Firewall Funkwerk Enterprise Communications GmbH Field Description • • • • • • • • Additional services are created in Firewall->Services->Service List. In addition, the service groups configured in Firewall->Services->Groups can be selected. Action Select the action to be applied to a filtered packet.
Page 385: Qos
19 Firewall Funkwerk Enterprise Communications GmbH Field Description Select the priority with which the data specified by the policy is handled on the send side. Possible values: • (default value): No priority. • : Low Latency Transmission (LTT), i.e. hand- ling of data with the lowest possible latency, e.g.
Page 386: Options
19 Firewall Funkwerk Enterprise Communications GmbH Field Description Interface Select the interface on which bandwidth management is to be carried out. Traffic Shaping Select whether you want to activate bandwidth management for the selected interface. The function is enabled with The function is disabled by default.
Page 387 19 Firewall Funkwerk Enterprise Communications GmbH Firewall Policies Options Fig. 142: -> -> The menu Firewall->Policies->Options consists of the following fields: Fields in the Global Firewall Options menu Field Description Firewall Status Enable or disable the firewall function. The function is enabled with The function is enabled by default.
Page 388: Interfaces
19 Firewall Funkwerk Enterprise Communications GmbH Field Description UDP Inactivity Enter the inactivity time after which a UDP session is to be re- garded as expired (in seconds). Possible values are The default value is TCP Inactivity Enter the inactivity time after which a TCP session is to be re- garded as expired (in seconds).
Page 389: Addresses
19 Firewall Funkwerk Enterprise Communications GmbH Firewall Interfaces Groups Fig. 143: -> -> -> The menu Firewall->Interfaces->Groups->New consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter the desired description of the interface group. Members Select the members of the group from the available interfaces.
Page 390: Groups
19 Firewall Funkwerk Enterprise Communications GmbH Firewall Addresses Address List Fig. 144: -> -> -> The menu Firewall->Addresses->Address List->New consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter the desired description of the address.
Page 391: Services
19 Firewall Funkwerk Enterprise Communications GmbH 19.3.2.1 New Choose the New button to set up additional address groups. Firewall Addresses Groups Fig. 145: -> -> -> The menu Firewall->Addresses->Groups->New consists of the following fields: Fields in the Basic Parameters menu...
Page 392 19 Firewall Funkwerk Enterprise Communications GmbH Firewall Services Service List Fig. 146: -> -> -> The menu Firewall->Services->Service List->New consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter an alias for the service you want to configure.
Page 393 19 Firewall Funkwerk Enterprise Communications GmbH Field Description Type Only for Protocol = The Type field shows the class of ICMP messages, the Code field specifies the type of message in greater detail. Possible values: • (default value) • •...
Page 394: Groups
19 Firewall Funkwerk Enterprise Communications GmbH 19.4.2 Groups A list of all configured service groups is displayed in the Firewall->Services->Groups menu. You can group together services. This makes it easier to configure firewall rules. 19.4.2.1 New Choose the New button to set up additional service groups.
Page 395 19 Firewall Funkwerk Enterprise Communications GmbH Field Description Description Enter the desired description of the service group. Members Select the members of the group from the available service ali- ases. To do this, activate the field in the Members column.
Page 396: Chapter 20 Voip
20 VoIP Funkwerk Enterprise Communications GmbH Chapter 20 VoIP Voice over IP (VoIP) uses the IP protocol for voice and video transmission. The main difference compared with conventional telephony is that the voice information is not transmitted over a switched connection in a telephone network, but divided into data packets by the Internet protocol and these packets are then passed to the destination over undefined paths in a network.
Page 397 20 VoIP Funkwerk Enterprise Communications GmbH 20.1.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create application level gateway entries. VoIP Application Level Gateway SIP Proxies Fig. 148: -> -> -> The VoIP->Application Level Gateway->SIP Proxies->...
Page 398: Sip Endpoints
20 VoIP Funkwerk Enterprise Communications GmbH Field Description data packets are sent or received. This value must be greater than the SIP Expire Time of the con- nected SIP client (SIP telephone, terminal adapter etc.) The default value is Low Latency Trans-...
Page 399 20 VoIP Funkwerk Enterprise Communications GmbH Note Entries created dynamically for active sessions cannot be edited. These entries can only be removed resulting in the immediate termination of the corresponding SIP con- nection. VoIP Application Level Gateway SIP Endpoints Fig. 149: ->...
Page 400: Media Gateway
(IP networks). With the Funkwerk Media Gateway, a company equipped with an automatic PBX on a wired telephone network can be connected to a SIP Trunking Service Provider on the Inter- net in order to use IP telephony.
Page 401 20 VoIP Funkwerk Enterprise Communications GmbH A list of all existing subscribers is displayed in the VoIP->Media Gateway->Extensions menu. 20.2.1.1 Edit or New Choose the icon to edit existing entries. Select the New button to create new exten- sions. VoIP...
Page 402 20 VoIP Funkwerk Enterprise Communications GmbH Field Description Extension / User Name ISDN terminals: Enter the subscriber number the extension. SIP terminals: Enter the user name. A maximum of 40 characters can be entered. Interface Type Select the interface type to be used.
Page 403 20 VoIP Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is enabled by default. Apart from this standard procedure, the relevant data can also be sent to a particular IP address that is already known to the correspondent.
Page 404 20 VoIP Funkwerk Enterprise Communications GmbH Field Description The password given here must also be entered on the SIP tele- phone. Protocol Select the protocol to be used for data transmission. Possible values: (default value), If a protocol has been automatically recognised, it should not be changed.
Page 405 20 VoIP Funkwerk Enterprise Communications GmbH Field Description • : ISDN codec according to US law • : ISDN codec according to EU law • : Compressed from 31 to 8 kbps; good voice quality • : Compressed from 63 to 40 kbps •...
Page 406: Sip Accounts
20 VoIP Funkwerk Enterprise Communications GmbH Field Description Packet Size Specify how many milliseconds of voice an RTP data packet should contain. Possible values are The default value is 20.2.2 SIP Accounts If your want your device to connect to other SIP servers (e.g. servers of Internet SIP Ser- vice providers), you can configure the necessary entries here.
Page 407 20 VoIP Funkwerk Enterprise Communications GmbH VoIP Media Gateway SIP Accounts Fig. 151: -> -> -> The VoIP->Media Gateway->SIP Accounts-> +New menu consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter the name of the SIP account.
Page 408 20 VoIP Funkwerk Enterprise Communications GmbH Field Description Trunk Mode Select whether and in which trunk mode the SIP account should be operated. Trunk mode (DDI, Direct Dial In) allows an incoming call to be assigned correctly to a terminal (DDI). For an outgoing call, the caller can be indicated to the called party.
Page 409 20 VoIP Funkwerk Enterprise Communications GmbH Field Description Realm Enter a new domain name or a new IP address for the SIP proxy server. If you do not make an entry, the entry in the Registrar field is used. In SIP client mode: Enter a name or IP address only if this is ex- plicitly specified by the provider.
Page 410 20 VoIP Funkwerk Enterprise Communications GmbH Field Description GISTER message. This information about the user and his cur- rent address is held by the REGISTRAR server and queried by other proxies to find the user. The function is enabled with The function is enabled by default.
Page 411 20 VoIP Funkwerk Enterprise Communications GmbH Field Description • : The so-called "p-preferred-identity" field is ad- ded to the SIP header and contains the sender ID. • : The so-called "p-asserted-identity" field is ad- ded to the SIP header and contains the sender ID.
Page 412: Call Routing
20 VoIP Funkwerk Enterprise Communications GmbH Field Description • : Compressed from 55 to 32 kbps • : Compressed from 47 to 24 kbps • : Compressed from 39 to 16 kbps • : DTMF Outband. First the system attempts to use RFC 2833.
Page 413 20 VoIP Funkwerk Enterprise Communications GmbH 20.2.3 Call Routing Here you can define the conditions for the routing of calls. Define a list with rules or rule chains that are used to manipulate the indicated destination numbers. A list of all existing entries is displayed in the VoIP->Media Gateway->Call Routing menu.
Page 414 20 VoIP Funkwerk Enterprise Communications GmbH Field Description Administrative Status Select whether the entry should be activated. The function is enabled with The function is enabled by default. Type Specify how calls are to be routed. Possible values: • : For calls forwarded by the media gateway to a PBX or an ISDN TE connector or a SIP DDI client.
Page 415 20 VoIP Funkwerk Enterprise Communications GmbH Field Description The following wildcards can be used: • * means that at the end of a character string any number of characters may follow, • ? is a placeholder for an arbitrary character.
Page 416: Clid Translation
20 VoIP Funkwerk Enterprise Communications GmbH Field Description ? is a placeholder for an arbitrary character. Example 20.1. Example of a rule • Rule: <:+49911>; • number dialled: 96731234 • manipulated number: +4991196731234 20.2.4 CLID Translation Here you define the processing of the calling party number for incoming calls. You can, for example, add a prefix to a received call number in order to route corresponding outgoing calls via a particular SIP account.
Page 417 20 VoIP Funkwerk Enterprise Communications GmbH Field Description Description Enter the name of the entry. Calling Line Select the ISDN line or SIP account from which the call comes. The selection depends on the interfaces available and on the SIP accounts that have been created.
Page 418: Call Translation
20 VoIP Funkwerk Enterprise Communications GmbH Field Description lation Notation: <a:b>; i.e. a is replaced by b. Every rule must be ended with a semicolon. A number of rules can be chained to- gether using semicolons as separators, e.g. <a:b>;<c:d>;<e:f>;.
Page 419 20 VoIP Funkwerk Enterprise Communications GmbH VoIP Media Gateway Call Translation Fig. 154: -> -> -> The VoIP->Media Gateway->Call Translation-> +New menu consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter the name of the call translation.
Page 420: Isdn Trunks
20 VoIP Funkwerk Enterprise Communications GmbH Field Description incoming calls, the signalled Called Party Number (corresponds in the menu to the External Address) is translated to Local Address. For outgoing calls, the signalled Calling Party Number (corresponds in the menu to the Local Address field) is trans- lated to External Address.
Page 421: Options
20 VoIP Funkwerk Enterprise Communications GmbH VoIP Media Gateway ISDN Trunks Fig. 155: -> -> The VoIP->Media Gateway->ISDN Trunksmenu consists of the following fields: Fields in the Basic Parameters menu Field Description Description Enter the name of the party line.
Page 422 20 VoIP Funkwerk Enterprise Communications GmbH VoIP Media Gateway Options Fig. 156: -> -> The VoIP->Media Gateway->Optionsmenu consists of the following fields: Fields in the Basic Parameters menu Field Description Media Gateway Status Select whether the media gateway function should be enabled.
Page 423 20 VoIP Funkwerk Enterprise Communications GmbH Field Description routed via a particular provider (SIP account), you must con- figure a corresponding call routing entry. Internal calls (from internal extension to internal extension) that are only to be routed internally do not require an additional call routing entry.
Page 424: Rtsp
20 VoIP Funkwerk Enterprise Communications GmbH Field Description The default value is . If you terminate the number entered with #, dialling is immedi- ate. Fields in the Advanced Settings menu Field Description Speed Dialing Define short sequences of numbers that can be dialled instead of the entire number.
Page 425: Rtsp Proxy
20 VoIP Funkwerk Enterprise Communications GmbH 20.3.1 RTSP Proxy In the VoIP->RTSP->RTSP Proxy menu, you configure the use of the RealTime Streaming protocol. VoIP RTSP RTSP Proxy Fig. 157: -> -> The VoIP->RTSP->RTSP Proxymenu consists of the following fields: Fields in the Basic Parameters menu...
Page 426: Chapter 21 Local Services
21 Local Services Funkwerk Enterprise Communications GmbH Chapter 21 Local Services This menu offers services for the following application areas: • Name resolution (DNS) • Configuration via web browser (HTTPS) • Locating of dynamic IP addresses using a DynDNS provider •...
Page 427 21 Local Services Funkwerk Enterprise Communications GmbH Under Local Services->DNS->DNS Servers->New you enter the IP addresses of name servers that are queried if your device cannot answer requests itself or by forwarding entries. Global name servers and name servers that are attached to an interface can both be entered.
Page 428: Global Settings
21 Local Services Funkwerk Enterprise Communications GmbH 21.1.1 Global Settings Local Services Global Settings Fig. 158: -> -> The menu Local Services->DNS->Global Settings consists of the following fields: Fields in the Basic Parameters menu Field Description Domain Name Enter the standard domain name of your device.
Page 429 21 Local Services Funkwerk Enterprise Communications GmbH Field Description i.e. successfully resolved names and IP addresses are to be stored in the cache. The function is activated by selecting The function is enabled by default. Negative Cache Select whether the negative dynamic cache is to be activated, i.e.
Page 430: Dns Servers
21 Local Services Funkwerk Enterprise Communications GmbH Fields in the IP address to use for DNS/WINS server assignment menu Field Description As DHCP Server Select which name server addresses are sent to the DHCP cli- ent if your device is used as DHCP server.
Page 431 21 Local Services Funkwerk Enterprise Communications GmbH Local Services DNS Servers Fig. 159: -> -> -> The Local Services->DNS->DNS Servers->New menu consists of the following fields: Fields in the Basic Parameters menu Field Description Admin Status Select whether the DNS server should be enabled.
Page 432: Static Hosts
21 Local Services Funkwerk Enterprise Communications GmbH Field Description entered, depending on the priority. Possible values: • • (default value) Primary DNS Server Only if Interface Mode = Enter the IP address of the first name server for Internet ad- dress name resolution.
Page 433: Domain Forwarding
DNS request. If a negative response is received to a DNS re- quest, no address is specified. The entry can also start with the wildcard *, e.g. *.funkwerk.de. If a name is entered without a dot, this is completed with OK "<Name.>...
Page 434 Only for Forwarding = Enter the name of the host to be forwarded. The entry can also start with the wildcard *, e.g. *.funkwerk.com. If a name is entered without a full stop, you complete with OK " <Default Domain>. " after confirmation.
Page 435: Cache
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • (default value): The request is forwarded to the defined Interface. • : The request is forwarded to the defined DNS Server. Interface Only for Forward to = Select the interface via which the requests for the defined Do- main are to be received and forwarded to the DNS server.
Page 436: Statistics
21 Local Services Funkwerk Enterprise Communications GmbH 21.1.6 Statistics Local Services Statistics Fig. 163: -> -> In the Local Services->DNS->Statisticsmenu, the following statistical values are dis- played: Fields in the DNS Statistics menu Field Description Received DNS Packets Shows the number of received DNS packets addressed direct to your device, including the response packets for forwarded re- quests.
Page 437: Https
21 Local Services Funkwerk Enterprise Communications GmbH 21.2 HTTPS You can operate the user interface of your device from any PC with an up-to-date Web browser via an HTTPS connection. HTTPS (HyperText Transfer Protocol Secure) is the procedure used to establish an en- crypted and authenticated connection by SSL between the browser used for configuration and the device.
Page 438: Dyndns Client
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • : Under System Management->Cer- tificates->Certificate List entered certificate. 21.3 DynDNS Client The use of dynamic IP addresses has the disadvantage that a host in the network can no longer be found once its IP address has changed. DynDNS ensures that your device can still be reached after a change to the IP address.
Page 439 21 Local Services Funkwerk Enterprise Communications GmbH Local Services DynDNS Client DynDNS Update Fig. 165: -> -> -> The menu Local Services->DynDNS Client->DynDNS Update->New consists of the fol- lowing fields: Fields in the Basic Parameters menu Field Description Host Name Enter the complete host name as registered with the DynDNS provider.
Page 440: Dyndns Provider
21 Local Services Funkwerk Enterprise Communications GmbH Field Description The default value is Enable update Select whether the DynDNS entry configured here is to be activ- ated. The function is activated by selecting The function is disabled by default. The menu Advanced Settings consists of the following fields:...
Page 441 21 Local Services Funkwerk Enterprise Communications GmbH Local Services DynDNS Client DynDNS Provider Fig. 166: -> -> -> The menu Local Services->DynDNS Client->DynDNS Provider->New consists of the fol- lowing fields: Fields in the Basic Parameters menu Field Description Provider Name Enter a name for this entry.
Page 442: Dhcp Server
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • • • • • • Update Interval Enter the minimum time (in seconds) that your device must wait before it is allowed to propagate its current IP address to the DynDNS provider again.
Page 443 21 Local Services Funkwerk Enterprise Communications GmbH 21.4.1.1 New Choose the New button to set up new IP address pools. Choose the icon to edit exist- ing entries. Local Services DHCP Server DHCP Pool Fig. 167: -> -> -> The menu Local Services->DHCP Server->DHCP Pool->New consists of the following...
Page 444 21 Local Services Funkwerk Enterprise Communications GmbH Field Description define IP addresses from another network. Possible values: • (default value): The DHCP pool is only used for DHCP requests in the same subnet. • : The DHCP pool is used for DHCP requests in the same subnet and from other subnets.
Page 445: Ip/Mac Binding
21 Local Services Funkwerk Enterprise Communications GmbH Field Description client. • : Enter the IP address of the WINS/ NBNS server to be sent to the client. • : Enter the type of the WINS/NBT node to be sent to the client.
Page 446: Dhcp Relay Settings
21 Local Services Funkwerk Enterprise Communications GmbH Local Services DHCP Server IP/MAC Binding Fig. 168: -> -> -> The menu Local Services->DHCP Server->IP/MAC Binding->New consists of the follow- ing fields: Fields in the Basic Parameters menu Field Description Description Enter the name of the host to which the MAC Address the IP Address is to be bound.
Page 447: Web Filter
21 Local Services Funkwerk Enterprise Communications GmbH Local Services DHCP Server DHCP Relay Settings Fig. 169: -> -> The menu Local Services->DHCP Server->DHCP Relay Settings consists of the follow- ing fields: Fields in the Basic Parameters menu Field Description Primary DHCP Server Enter the IP address of a server to which BootP or DHCP re- quests are to be forwarded.
Page 448: General
21 Local Services Funkwerk Enterprise Communications GmbH 21.5.1 General This menu contains the configuration of basic parameters for using the Proventia Web Fil- ter. Local Services Web Filter General Fig. 170: -> The Local Services->Web Filter+Generalmenu consists of the following fields:...
Page 449 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Press the Add button to add more interfaces. The requests from http Internet pages that reach your device via these interfaces are then monitored by web filtering. Maximum Number of Define the number of entries to be saved in the web filtering his- History Entries tory (History menu).
Page 450: Filter List
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Licence Status Shows the result of the last validity check of the licence. The validity of the licence is checked every 23 hours. License valid until This shows the expiry date of the licence (relative to the time set on your device) and cannot be edited.
Page 451 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Category Select which category of addresses/URLs the filter is to be used The options are first the standard categories of the Proventia Web Filter (default value: ). Actions can also be defined for the following special cases, e.g.: •...
Page 452: Black / White List
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • : Callup is allowed and not logged. 21.5.3 Black / White List The Local Services->Web Filter->Black / White List menu contains a list of URLs or IP addresses, as the case applies. The addresses on the White List can also be called if they had been blocked because of filter configuration and classification in the Proventia web filter.
Page 453: History
21 Local Services Funkwerk Enterprise Communications GmbH 21.5.4 History In the Local Services->Web Filter->History menu, you can view the recorded history of the web filter. The history logs all requests that are marked for logging by a relevant filter (Action = ), likewise all rejected requests.
Page 454 21 Local Services Funkwerk Enterprise Communications GmbH 21.6.1.1 New Choose the New button to set up new CAPI users. Local Services CAPI Server User Fig. 174: -> -> -> The menu Local Services->CAPI Server->User->New consists of the following fields: Fields in the Basic Parameters menu...
Page 455: Options
21 Local Services Funkwerk Enterprise Communications GmbH 21.6.2 Options Local Services CAPI Server Options Fig. 175: -> -> The menu Local Services->CAPI Server->Options consists of the following fields: Fields in the Basic Parameters menu Field Description Enable server Select whether your device is to be enabled as a CAPI server.
Page 456: Trigger
21 Local Services Funkwerk Enterprise Communications GmbH which conditions the Actions are to be carried out. A Trigger may be a single event or a sequence of events which are combined into an Event List. You also create an event list for a single event, but it only contains one event.
Page 457 21 Local Services Funkwerk Enterprise Communications GmbH Local Services Scheduling Trigger Fig. 176: -> -> -> The menu Local Services->Scheduling->Trigger->New consists of the following fields: Fields in the Basic Parameters menu Field Description Event List You can create a new event list with (default value).
Page 458 21 Local Services Funkwerk Enterprise Communications GmbH Field Description tions are initiated when the defined MIB variables assumes the assigned values. • : Operations configured and assigned in Actions are initiated, when the defined interfaces take on a specified status.
Page 459 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Monitored Interface Only for Event Type Select the interface whose defined status shall trigger an opera- tion. Interface Status Only for Event Type Select the status that the interface must have in order to initiate the intended operation.
Page 460 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Enter an IP address to be used as sender address for the ping test. Possible values: • (default value): The IP address of the interface over which the ping is sent is automatically entered as sender address.
Page 461: Actions
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • : Select a weekday in Condition Settings. • (default value): In Condition Settings, select a par- ticular period. • : Select a specific day of the month in Condi- tion Settings.
Page 462 21 Local Services Funkwerk Enterprise Communications GmbH 21.7.2.1 New Choose the New button to configure additional operations. Local Services Scheduling Actions Fig. 177: -> -> -> The menu Local Services->Scheduling->Actions->New consists of the following fields: Fields in the Basic Parameters menu...
Page 463 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Event List Select the event list you want which has been created in Local Services->Scheduling->Trigger. Event List Condition For the selected chains of events, select how many of the con- figured events must occur for the operation to be initiated.
Page 464 21 Local Services Funkwerk Enterprise Communications GmbH Field Description identification of a particular table entry is derived from the com- bination of Index Variable (usually an index variable which is flagged with *) and Index Value. Use Index Variables to create more entries with Add.
Page 465 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Select the status to be set for the interface. Possible values: • (default value) • • Source Location Only if Command Type = Select the source for the software update. Possible values: •...
Page 466 21 Local Services Funkwerk Enterprise Communications GmbH Field Description For Command Type = with Ac- tion = Enter the file name of the certificate file. Action For Command Type = Select which operation is to be performed on a configuration file.
Page 467 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Select whether the file is to be sent in the CSV format. The CSV format can easily be read and modified. In addition, you can view the corresponding file clearly using Microsoft Ex- cel for example.
Page 468 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Configuration contains Only for Command Type = certificates/keys and Action = Select whether the certificates and keys contained in the config- uration are to be imported or exported. The function is disabled by default.
Page 469 21 Local Services Funkwerk Enterprise Communications GmbH Field Description • (default value): The IP address of the interface over which the ping is sent is automatically entered as sender address. • : Enter the desired IP address in the input field.
Page 470 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Select whether to overwrite a certificate already present on the your device with the new one. The function is disabled by default. Write certificate in con- Only for Command Type =...
Page 471 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Action = To obtain certificates, you may need a password from the certi- fication authority. Enter the password you received from the cer- tification authority here. Key Size Only for Command Type = Action = Select the length of the key to be created.
Page 472: Options
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Set status Only if Command Type = Select the status for the selected wireless network. Possible values: • (default value) • 21.7.3 Options You configure the schedule interval in the Local Services->Scheduling->Options.
Page 473: Surveillance
21 Local Services Funkwerk Enterprise Communications GmbH 21.8 Surveillance In this menu, you can configure an automatic availability check for hosts or interfaces and automatic ping tests. Note This function cannot be configured on your device for connections that are authentic- ated via a RADIUS server.
Page 474 21 Local Services Funkwerk Enterprise Communications GmbH Field in the Host Parameters menu Field Description Group ID Select an ID for the group of hosts whose availability is to be monitored by your device. The group IDs are automatically created from .
Page 475: Interfaces
21 Local Services Funkwerk Enterprise Communications GmbH Field Description a backup device. Possible values are The default value is . Unsuccessful Trials Specify how many pings need to be unanswered for the host to be regarded as inaccessible. You can use this setting to specify, for example, when a host is deemed to be inaccessible, and that a backup device should be used.
Page 476 21 Local Services Funkwerk Enterprise Communications GmbH Local Services Surveillance Interfaces Fig. 180: -> -> -> The menu Local Services->Surveillance->Interfaces->New consists of the following fields: Fields in the Basic Parameters menu Field Description Monitored Interface Select the interface on your device that is to be monitored.
Page 477: Ping Generator
21 Local Services Funkwerk Enterprise Communications GmbH 21.8.3 Ping Generator In the Local Services->Surveillance->Ping Generator menu, a list of all configured, auto- matically generated pings is displayed. 21.8.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create additional pings.
Page 478: Isdn Theft Protection
21 Local Services Funkwerk Enterprise Communications GmbH Field Description The default value is Trials Enter the number of ping tests to be performed until Destina- tion IP Address as applies. The default value is . 21.9 ISDN Theft Protection With the ISDN theft protection function, you can prevent a thief who has stolen a gateway from gaining access to the gateway owner's LAN.
Page 479 21 Local Services Funkwerk Enterprise Communications GmbH Local Services ISDN Theft Protection Options Fig. 182: -> -> The menu Local Services->ISDN Theft Protection->Options consists of the following fields: Fields in the Basic Parameters menu Field Description ISDN Theft Protection Enable or disable the ISDN theft protection function.
Page 480: Upnp
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Use Add to add a new interface. Select from the available interfaces those to which the ISDN theft protection function is to be applied. Fields in the Advanced Settings menu Field...
Page 481: Interfaces
21 Local Services Funkwerk Enterprise Communications GmbH . The ports are released internally to the gateway on demand, i.e. when an audio/video transfer is started in Messenger. When the application is closed, the ports are immediately closed again. The peer-to-peer-communication is initiated via public SIP servers with only the information from the two clients being forwarded.
Page 482: General
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Interface is UPnP con- Determine whether the NAT configuration of this interface is trolled controlled by UPnP. The function is enabled with The function is enabled by default. 21.10.2 General In this menu, you make the basic UPnP settings.
Page 483: Hotspot Gateway
21 Local Services Funkwerk Enterprise Communications GmbH 21.11 HotSpot Gateway The bintec HotSpot Solution allows provision of public Internet accesses (using WLAN or wired Ethernet). The solution is adapted to setup of smaller and larger Hotspot solutions for cafes, hotels, companies, communal residences, campgrounds, etc.
Page 484: Hotspot Gateway
Activation may require 2-3 business days. Access data for gateway configuration RADIUS Server IP 62.245.165.180 RADIUS Server Password Set by Funkwerk Enterprise Communications GmbH Domain Individually set for customers by customer/dealer Walled Garden Network Individually set for customers by customer/dealer...
Page 485 21 Local Services Funkwerk Enterprise Communications GmbH A list of all configured hotspot networks is displayed in the Local Services->HotSpot Gateway->HotSpot Gateway menu. Local Services HotSpot Gateway HotSpot Gateway Fig. 185: -> -> You can use the Enabled option to enable or disable the corresponding entry.
Page 486 21 Local Services Funkwerk Enterprise Communications GmbH Field Description here (e.g. en1-0). If operating over WLAN, the WLAN interface to which the access point is connected must be selected. Caution For security reasons you cannot configure your device over an interface that is configured for the Hotspot. Therefore take care when selecting the interface you want to use for the Hotspot.
Page 487 21 Local Services Funkwerk Enterprise Communications GmbH Field Description In the Terms &Conditions input field, enter the address of the general terms and conditions on the intranet server, or public server, e.g., http://www.webserver.de/agb.htm. The page must lie within the address range of the walled garden network.
Page 488: Brrp
21 Local Services Funkwerk Enterprise Communications GmbH Local Services HotSpot Gateway Options Fig. 187: -> -> The Local Services->HotSpot Gateway->Optionsmenu consists of the following fields: Fields in the Basic Parameters menu Field Description Host for multiple loca- If several locations (branches) are set up on the Hotspot server,...
Page 489: Virtual Routers
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Router Identifier (Virtual Router ID) and an IP address or a group of associated IP addresses in a common LAN. A VRRP router can protect the data traffic of one or more virtual routers.”...
Page 490 21 Local Services Funkwerk Enterprise Communications GmbH tasks of a “virtual router” and the switching of services from one gateway to the other are controlled by the BRRP redundancy procedure. The BRRP conforms to the specifications in RFC 2338 and the relevant Internet draft (see www.ietf.org...
Page 491 21 Local Services Funkwerk Enterprise Communications GmbH tion of the virtual router ( sending interval for advertisement, master down trials) must be identical on all routers with the same virtual router ID within the logical group. You must use IP addresses from different subnets for the advertisement interface and for the virtual interface.
Page 492 21 Local Services Funkwerk Enterprise Communications GmbH Local Services BRRP Virtual Routers Fig. 188: -> -> -> The Local Services->BRRP->Virtual Routers->New menu consists of the following fields: Fields in the BRRP Advertisement Interface menu Field Description Ethernet Interface Choose the interface via which BRRP advertisement packets are sent and expected.
Page 493 21 Local Services Funkwerk Enterprise Communications GmbH Field Description based, if a new virtual interface is created. The name of the vir- tual interface is assigned automatically when it is created. Shows the name of the virtual interface, if a virtual interface that has already been created is edited.
Page 494 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Advertisement send in- Determine how often a BRRP advertisement packet is sent if terval the virtual router is defined as master. Only the current master sends via multicast BRRP advertisements, which also contain the ID and the priority of the master.
Page 495: Vr Synchronisation
21 Local Services Funkwerk Enterprise Communications GmbH Field Description enabled. The function is enabled by default. Note the following exception: If Virtual Router Priority selected, the gateway with this priority certainly takes over the master role, i.e. the setting in Pre-empt mode (go back into master state) is ignored.
Page 496 21 Local Services Funkwerk Enterprise Communications GmbH Local Services BRRP VR Synchronisation Fig. 189: -> -> -> The Local Services->BRRP->VR Synchronisation->New menu consists of the following fields: Fields in the Monitoring VR / Interface menu Field Description Monitoring Mode Shows which mechanism is used for monitoring a virtual router.
Page 497: Options
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Virtual Router ID Select the ID of the virtual router to be synchronised. Synchron- ising the virtual router implicitly synchronises the virtual inter- face associated with the virtual router. 21.12.3 Options In the Local Services->BRRP->Options menu,you can enable or disable the BRRP func-...
Page 498: Chapter 22 Maintenance
22 Maintenance Funkwerk Enterprise Communications GmbH Chapter 22 Maintenance This menu provides you with numerous functions for maintaining your device. It firstly provides a menu for testing availability within the network. You can manage your system configuration files. If more recent system software is available, you can use this menu to in- stall it.
Page 499: Dns Test
22 Maintenance Funkwerk Enterprise Communications GmbH 22.1.2 DNS Test Maintenance Diagnostics DNS Test Fig. 192: -> -> The DNS test is used to check whether the domain name of a particular host is correctly re- solved. The Outputfield displays the DSN test messages. The DSN test is launched by en- tering the domain name to be tested in DNS Address and clicking the Go button.
Page 500: Software &Configuration
22.2 Software &Configuration You can use this menu to manage the software version of your device, your configuration files and the language of the Funkwerk Configuration Interface . 22.2.1 Options Your device contains the version of the system software available at the time of production.
Page 501 Save configuration button via the Funkwerk Configuration Interface navigation area. This configuration is then saved in the flash in a file with the name .
Page 502 Note: The files to be imported must be in CSV format! • : You can import additional language ver- sions of the Funkwerk Configuration Interface into your device. You can download the files to your PC from the down- load area at www.funkwerk-ec.com...
Page 503 22 Maintenance Funkwerk Enterprise Communications GmbH Field Description The active configuration from the RAM is transferred to your local host. If you press the Go button, a dialog box is dis- played, in which you can select the storage location on your PC and enter the desired file name.
Page 504: Reboot
In this menu, you can trigger an immediate reboot of your device. Once your system has restarted, you must call the Funkwerk Configuration Interface again and log in. Pay attention to the LEDs on your device. For information on the meaning of the LEDs, see the Technical Data chapter of the manual.
Page 505 22 Maintenance Funkwerk Enterprise Communications GmbH Note Before a reboot, make sure you confirm your configuration changes by clicking the Save configuration button, so that these are not lost when you reboot. Maintenance Reboot System Reboot Fig. 195: -> ->...
Page 506: Chapter 23 External Reporting
23 External Reporting Funkwerk Enterprise Communications GmbH Chapter 23 External Reporting In this system menu, you define what system protocol messages are saved on which com- puters, and whether the system administrator should receive an e-mail for certain events. Information on IP data traffic can also be saved--depending on the individual interfaces. In addition, SNMP traps can be sent to specific hosts in case of error.
Page 507 23 External Reporting Funkwerk Enterprise Communications GmbH A list of all configured system log servers displayed in the External Reporting->Syslog->Syslog Servers menu. 23.1.1.1 New Select the New button to set up additional syslog servers. External Reporting Syslog Syslog Servers Fig. 196: ->...
Page 508 23 External Reporting Funkwerk Enterprise Communications GmbH Field Description • (lowest priority) Syslog messages are only sent to the host if they have a higher or identical priority to that indicated, i.e. at syslog level all messages generated are forwarded to the host.
Page 509: Ip Accounting
23 External Reporting Funkwerk Enterprise Communications GmbH 23.2 IP Accounting In modern networks, information about the type and number of data packets sent and re- ceived over the network connections is often collected for commercial reasons. This inform- ation is extremely important for Internet Service Providers that bill their customers by data volume.
Page 510 23 External Reporting Funkwerk Enterprise Communications GmbH External Reporting IP Accounting Options Fig. 198: -> -> In the External Reporting->IP Accounting->Options menu, you can define the Log Format of the IP accounting messages. The messages can contain character strings in any order, sequences separated by a slash, e.g.
Page 511: E-Mail Alert
23 External Reporting Funkwerk Enterprise Communications GmbH 23.3 E-mail Alert Depending on the configuration, E-mails are sent to the administrator as soon as relevant syslog messages occur. 23.3.1 E-mail Alert Server External Reporting E-mail Alert E-mail Alert Server Fig. 199: ->...
Page 512: E-Mail Alert Recipient
23 External Reporting Funkwerk Enterprise Communications GmbH Field Description SMTP Authentication Authentication expected by the SMTP server. Possible values: • (default value): The server accepts and send emails without further authentication. • : The server only accepts e-mails if the router logs in with the correct user name and password.
Page 513 23 External Reporting Funkwerk Enterprise Communications GmbH 23.3.2.1 New Choose the New button to create additional e-mail alert recipients. External Reporting E-mail Alert E-mail Alert Recipient Fig. 200: -> -> -> The menu External Reporting->E-mail Alert->E-mail Alert Recipient->New consists of...
Page 514 23 External Reporting Funkwerk Enterprise Communications GmbH Field Description • : A new unconfigured AP has reported to the WLAN. • : A managed AP is no longer access- ible. Matching String You must enter a "Matching String". This must occur in a syslog message as a necessary condition for triggering an alert.
Page 515: Snmp
23 External Reporting Funkwerk Enterprise Communications GmbH Field Description Subsystem Select the subsystems to be monitored. Add new subsystems with Add. 23.4 SNMP SNMP (Simple Network Management Protocol) is a protocol from the IP protocol family for transporting management information about network components.
Page 516: Snmp Trap Hosts
23 External Reporting Funkwerk Enterprise Communications GmbH Fields in the Basic Parameters menu Field Description SNMP Trap Broadcast- Select whether the transfer of SNMP traps is to be activated. Your device then sends SNMP traps to the LAN's broadcast ad- dress.
Page 517: Activity Monitor
23 External Reporting Funkwerk Enterprise Communications GmbH External Reporting SNMP SNMP Trap Hosts Fig. 202: -> -> -> The menu External Reporting->SNMP->SNMP Trap Hosts->New consists of the follow- ing fields: Fields in the Basic Parameters menu Field Description IP Address Enter the IP address of the SNMP trap host.
Page 518: Options
23 External Reporting Funkwerk Enterprise Communications GmbH • Start and configure the Windows application on your PC (you can download BRICKware for Windows to your PC from the download area at www.funkwerk-ec.com and from there import it to your device).
Page 519 23 External Reporting Funkwerk Enterprise Communications GmbH Field Description • : The UDP packets are sent to the IP address entered in the adjacent input field. Update Interval Enter the update interval (in seconds). Possible values are The default value is .
Page 520: Chapter 24 Monitoring
24 Monitoring Funkwerk Enterprise Communications GmbH Chapter 24 Monitoring This menu contains information that enable you to locate problems in your network and monitor activities, e.g. at your device's WAN interface. 24.1 Internal Log 24.1.1 System Messages In the Monitoring->Internal Log->System Messages menu, a list of all internally stored system messages is displayed.
Page 521: Ipsec
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Subsystem Displays which subsystem of the device generated the mes- sage. Message Displays the message text. 24.2 IPSec 24.2.1 IPSec Tunnels A list of all configured IPSec tunnels is displayed in the Monitoring->IPSec->IPSec Tun- nels menu.
Page 522 24 Monitoring Funkwerk Enterprise Communications GmbH Monitoring IPSec IPSec Tunnels Fig. 206: -> -> -> Values in the IPSec Tunnels list Field Description Description Shows the description of the peer. Local IP Address Shows the WAN IP address of your device.
Page 523: Ipsec Statistics
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Role / Algorithm / Life- time remaining / Status IPSec (Phase-2) SAs Shows the parameters of the IPSec (Phase 2) SAs. Role / Algorithm / Life- time remaining / Status Messages The system messages for this IPSec tunnel are displayed here.
Page 524: Isdn/Modem
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Status Displays the number of IPSec tunnels by their current status. • Up: Currently active IPSec tunnels. • Going up: IPSec tunnels currently in the tunnel setup phase. • Blocked: IPSec tunnels that are blocked.
Page 525: Call History
24 Monitoring Funkwerk Enterprise Communications GmbH Monitoring ISDN/Modem Current Calls Fig. 208: -> -> Values in the Current Calls list Field Description Service Displays the service to or from which the call is connected: Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls).
Page 526: Interfaces
24 Monitoring Funkwerk Enterprise Communications GmbH Monitoring ISDN/Modem Call History Fig. 209: -> -> Values in the Call History list Field Description Service Displays the service to or from which the call was connected: Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls).
Page 527: Bridges
24 Monitoring Funkwerk Enterprise Communications GmbH Monitoring Interfaces Statistics Fig. 210: -> -> Change the status of the interface by pressing the button or button in the Action column. Press the button to display the statistical data for the individual interfaces in de- tail.
Page 528: Br
24 Monitoring Funkwerk Enterprise Communications GmbH 24.5.1 br<x> In the Monitoring->Bridges-> br<x> menu, the current values of the configured bridges are shown. Monitoring Bridges Fig. 211: -> Values in the br<x> list Field Description MAC Address Shows the MAC addresses of the associated bridge.

Page 529: Qos
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description IP Address Shows the IP address of the user. Physical Address Shows the physical address of the user. Logon Shows the login time. Interface Shows the interface used. 24.7 QoS In the Monitoring->QoS menu, statistics are displayed for interfaces on which QoS has been configured.
Page 530: Ospf
24 Monitoring Funkwerk Enterprise Communications GmbH 24.8 OSPF In the Monitoring+OSPF menu information on OSPF is monitored . The OSPF monitor is arranged horizontally in three sections and shows information about OSPF interfaces, the detected neighbor and the LinkStateDatabase entries.
Page 531 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Designated Router Shows the IP address of the designated router. The designated router generates network links and distributes these to all gateways within the BMA network (BMA = Broad- cast Multi Access Network, e.g. Ethernet, FDDI, Tokenring).
Page 532: Statistics
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description lowing values: • : The connection to this OSPF neighbor is inactive. • : The initial phase. A HELLO packet is received from the neighbor. • : Bidirectional communication with the neighbor. The HELLO packets sent are accepted by the neighbor gateway (with correct parameters).
Page 533 24 Monitoring Funkwerk Enterprise Communications GmbH Monitoring OSPF Statistics Fig. 215: Values in the Statistics list Field Description Received Hello Mes- Displays the number of Hello packets received. sages Sent Hello Messages Displays the number of Hello packets sent. Received Database De- Displays the number of received databank entries.
Page 534: Pim
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Links Advertisements ceived. Routing table updates Displays the number of incremental routing table updates per- caused by External Ad- formed when new external Advertisements have been received. vertisements 24.9 PIM 24.9.1 Global Status The status of all configured PIM components is displayed in the Monitoring+PIM+Global Status menu.
Page 535: Not Interface-Specific Status
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Interface Displays the name of the PIM interface. IP Address Displays the primary IP address of the PIM interface. Designated Router Displays the primary IP address of the designated router on this PIM interface.
Page 536 24 Monitoring Funkwerk Enterprise Communications GmbH Monitoring Not Interface-Specific Status Fig. 217: Values in the Not Interface-Specific Status list Field Description View Select the desired view from the dropdown menu. Are available: Values in the (*,*,RP) States list Field Description...
Page 537 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Upstream Join Timer Join/Prune Timer is used to periodically send Join(*,*,RP) mes- sages, and to correct Prune(*,*,RP) messages from peers on an Upstream LAN interface. Values in the (*,G) States list Field...
Page 538: Interface-Specific States
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description entry. This corresponds to the status of the Upstream (S,G) State Machine in the PIM-SM specification. Uptime Indicates the timespan since the entry was generated by the local router. Upstream Join Timer Indicates the remaining time until the local router sends out the next periodic (S,G) Join message on pimSGRPFIfIndex.
Page 539 24 Monitoring Funkwerk Enterprise Communications GmbH Monitoring Interface-Specific States Fig. 218: Values in the Interface-Specific States list Field Description View Select the desired view from the dropdown menu. Are available: Values in the (*,G,I) States list Field Description Multicast Group Ad- Displays the multicast group address.
Page 540 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Assert State Displays the (*,G) Assert State for this interface. This corres- ponds to the status of the Per-Interface (*,G) Assert State Ma- chinen in the PIM-SM specification. If pimStarGPimMode is 'bid- ir', this object must 'noInfo' be.
Page 541 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Multicast Group Ad- Displays the multicast IP address. InetAddressType is defined dress through the object pimSGAddressType. Source IP Address Displays the source IP address. InetAddressType is defined through the object pimStarGAddressType. Interface Displays the name of the interface.
Page 542: Glossary
Glossary Funkwerk Enterprise Communications GmbH Glossary 10 Base 2 Thin Ethernet connection. Network connection for 10-mbps net- works with BNC connector. T-connectors are used for the connec- tion of equipment with BNC sockets. 100Base-T Twisted pair connection, Fast Ethernet. Network connection for 100-mbps networks.
Page 543 Glossary Funkwerk Enterprise Communications GmbH the optional wired Ethernet is connected, the signals between the two physical media, the wireless interface and wired interface, are bridged (bridging). Access protection Filters can be used to prevent external persons from accessing the data on the computers in your LAN.
Page 544 Glossary Funkwerk Enterprise Communications GmbH having to pick up the receiver. Announcement func- Performance feature of a PBX. On suitable telephones (e.g. system tion telephones), announcements can be made as on an intercom. Answering machine You configure an analogue answering machine under "Terminal Type".
Page 545 Glossary Funkwerk Enterprise Communications GmbH on busy (CCBS) scriber. However, when you call, you always hear the engaged tone. If you were to receive notification that the subscriber had ended the call, your chance of reaching them would be very good. With "Call- back on Busy"...
Page 546 Glossary Funkwerk Enterprise Communications GmbH Base station Central unit of wireless telephone devices. There are two different types: The simple base station is used to charge the handheld unit. For special-feature telephones, the base station can also be used as a telephone, the handheld unit is charged using separate charging stations.
Page 547 Glossary Funkwerk Enterprise Communications GmbH Break-in In a PBX, the option of breaking in to an existing call. This is sig- nalled acoustically by an attention tone. Basic Rate Interface Bridge Network component for connecting homogeneous networks. As op- posed to a gateway, bridges operate at layer 2 of the OSI model, are independent of higher-level protocols and transmit data packets using MAC addresses.
Page 548 Glossary Funkwerk Enterprise Communications GmbH signment. For each day of the week, you can select any day/night switching time. A calendar has four switch times, which can be spe- cifically assigned to each individual day of the week. Call allocation In a PBX, calls can be assigned to certain terminals.
Page 549 Glossary Funkwerk Enterprise Communications GmbH to several different teams, this is not surprising. You can now form various groups of subscribers in which call pickup is possible. A call can only be picked up by subscribers/terminals in the same pickup group.
Page 550 Glossary Funkwerk Enterprise Communications GmbH Block Cipher Modes. Cipher Block Chaining CCITT Consultative Committee for International Telegraphy and Telephony CD (Call Deflection) The forwarding of calls. This performance feature enables you to forward a call without having to take it yourself. If you forward a call to an external subscriber, you bear any connection costs from your connection to the destination of the forwarded call.
Page 551 Glossary Funkwerk Enterprise Communications GmbH Combination device If an analogue terminal connection of the PBX is set up as a "multi- functional port" for combination devices, all calls are received, re- gardless of the service. In the case of trunk prefixes using codes, the service ID "Analogue Telephony"...
Page 552 Glossary Funkwerk Enterprise Communications GmbH Data compression A process for reducing the amount of data transmitted. This enables higher throughput to be achieved in the same transmission time. Ex- amples of this technique include STAC, VJHC and MPPC. Data Link Layer...
Page 553 Glossary Funkwerk Enterprise Communications GmbH tack host in a LAN with fake requests so that it is completely overloaded. This means the system or a certain service can no longer be run. Data Encryption Standard Destination number Speeddial memory memory...
Page 554 Glossary Funkwerk Enterprise Communications GmbH matically overwritten when the new configuration is transferred to the PBX. Direct dial-in Performance feature of larger PBXs at the point-to-point connection: The extensions can be called directly from outside. Direct dialling range See Extension numbers range...
Page 555 Glossary Funkwerk Enterprise Communications GmbH the ring button. Your door intercom can have up to 4 ring buttons. The door opener can be pressed during an intercom call. It is not possible activate the door opener if an intercom call is not taking place.
Page 556 Glossary Funkwerk Enterprise Communications GmbH DTMF Dual Tone Multi Frequency (tone dialling system) Dynamic IP address In contrast to a static IP address, a dynamic IP address is assigned temporarily by DHCP. Network components such as the web server or printer usually have static IP address, while clients such as note- books or workstations usually have dynamic IP addresses.
Page 557 Glossary Funkwerk Enterprise Communications GmbH Ethernet connec- The 4 connections are led equally through an internal switch. Net- tions work clients can be directly connected to the connection sockets. The ports are designed as 100/BaseT full-duplex, autosensing, auto MDIX upwardly compatible to 10/Base T. Up to 4 SIP telephones or IP softclients with SIP standard can be directly connected to PCs with a network card.
Page 558 Glossary Funkwerk Enterprise Communications GmbH via the standard access after a predefined number of attempts, setup is attempted using the second entry then subsequent entries. If the final entry in the list does not enable a connection to be set up successfully, the operation is terminated until a new request is made.
Page 559 Glossary Funkwerk Enterprise Communications GmbH Fragmentation Process by which an IP datagram is divided into small parts in order to meet the requirements of a physical network. The reverse pro- cess is known as reassembly. Frame Unit of information sent via a data connection.
Page 560 Glossary Funkwerk Enterprise Communications GmbH conduct a call without using your hands. As a result, other people in the room can also participate in the call. Hashing The process of deriving a number (hash) from a character string. A hash is generally far shorter than the text flow it was derived from.
Page 561 Glossary Funkwerk Enterprise Communications GmbH host computer. HTTP HyperText Transfer Protocol Network component used to connect several network components together to form a local network (star-shaped). ISDN connection unit, ISDN connection socket. ICMP Internet Control Message Protocol Integrity Check Value Identify malicious You have to request this performance feature from T-Com.
Page 562 Glossary Funkwerk Enterprise Communications GmbH al calls. Internal calls Free-of-charge connection between terminals in a PBX. Internal telephone Your PBX has a fixed internal telephone number plan. numbers Internet The Internet consists of a number of regional, local and university networks.
Page 563 Glossary Funkwerk Enterprise Communications GmbH the other hand, uses the PC's resources. ISDN Login Function of your gateway. Your gateway can be configured and ad- ministrated remotely using ISDN Login. ISDN Login operates on gateways in the ex works state as soon they are connected to an ISDN connection and therefore reachable via an extension number.
Page 564 Glossary Funkwerk Enterprise Communications GmbH Link Control Protocol LDAP Lightweight Directory Access Protocol Lease Time The "Lease Time" is the time a computer keeps the IP address as- signed to it without having to "talk" to the DHCP server. Leased Line...
Page 565 Glossary Funkwerk Enterprise Communications GmbH MPPC Microsoft Point-to-Point Compression MPPE Microsoft Point-to-Point Encryption MSDU MAC Service Data Unit - a data packet that ignores fragmentation in the WLAN. Multiple subscriber number MSSID See SSID Maximum Transmission Unit Multicast A specific form of broadcast in which a message is simultaneously transmitted to a defined user group.
Page 566 Glossary Funkwerk Enterprise Communications GmbH NetBIOS Network Basic Input Output System Netmask The second part of an address in an IP network, used for identifica- tion of a device, e.g. 255.255.255.0. See also IP address. Network Your PBX has a DSL router so that one or more PCs can surf the In- ternet and download information.
Page 567 Glossary Funkwerk Enterprise Communications GmbH OSPF Open Shortest Path First Outgoing extension The "outgoing extension number signal" is intended for internal con- number signal nections on the point-to-point to which an explicit extension number was not assigned. When an external call is made, the extension number entered under Outgoing Extension Number Signal is also transmitted.
Page 568 The PBX has an internal phone book. You can store up to 300 tele- phone numbers and the associated names. You can access the PBX's phone book with the funkwerk devices (for example CS 410). You add entries to the phone book using the configuration interface.
Page 569 Glossary Funkwerk Enterprise Communications GmbH Point-to-Point Protocol PPP authentication Security mechanism. A method of authentication using passwords in PPP. PPPoA Point to Point Protocol over ATM PPPoE Point to Point Protocol over Ethernet Primary Rate Interface Primary Rate Inter- ISDN subscriber connection. The PRI consists of one D channel and face (PRI) 30 B channels (in Europe).
Page 570 Glossary Funkwerk Enterprise Communications GmbH Recording telephone Performance feature of an answering machine. Enables a conversa- calls tion to be recorded during the telephone call. Remote Remote, as opposed to local. Remote access Opposite to local access, see Remote. Remote CAPI bintec's own interface for CAPI.
Page 571 Glossary Funkwerk Enterprise Communications GmbH and the receiver must be lifted or "Hands-free" switched on. If you replace the telephone receiver or turn off "Hands-free", room mon- itored ends and the performance feature is switched off. Room monitoring This function can be used to monitor rooms from an external tele- from external tele- phone.
Page 572 Glossary Funkwerk Enterprise Communications GmbH the information providers. The provided information is accessed us- ing the telephone number 0190 which is uniform across Germany plus a 6-digit telephone number. Information offering: Entertainment, weather, finance, sport, health, support and service hotlines.
Page 573 Glossary Funkwerk Enterprise Communications GmbH activates the Loudspeaker function so that a conversation can take place immediately. Please see the information on the telephone user's guide on the simplex operation function. Session Initiation Protocol Short Message Service SMS receipt If you have connected an SMS-enabled terminal, you can decide whether SMS receipt is to be permitted for the connection.
Page 574 Glossary Funkwerk Enterprise Communications GmbH So connection See ISDN Basic Rate Interface So interface Internationally standardised interface for ISDN systems. This inter- face is provided on the network side by the NTBA . On the user side, the interface is intended for connecting a PBX (point-to-point connection) and for connecting up to eight ISDN terminals (point-to-multipoint connection).
Page 575 Glossary Funkwerk Enterprise Communications GmbH Spoofing Technique for reducing data traffic (and thus saving costs), espe- cially in WANs. SSID The Service Set Identifier (SSID) or Network Name refers to the wireless network code based on IEEE 802.11. Secure Sockets Layer A technology, now standard, developed by Netscape, which is generally used to secure HTTP traffic between a web browser and a web server.
Page 576 Glossary Funkwerk Enterprise Communications GmbH Suppress B tele- COLP/COLR: Connected line identification presentation/connected phone number line identification restriction = Activate/suppress transmission of (COLR) called party's telephone number to caller. This performance feature suppresses the display of the called subscriber's telephone number.
Page 577 Glossary Funkwerk Enterprise Communications GmbH option, which can be used with the existing telephone cable, costs less than two telephone connections but offers far greater quality and ease of use: Two independent lines, so that you can still make a phone call, receive a fax, or surf the Internet when another family member is making a long call on the other line.
Page 578 Glossary Funkwerk Enterprise Communications GmbH TAPI Telephony Application Program Interface TAPI configuration You can use the TAPI configuration to modify the TAPI driver in line with the program that uses this driver. You can check which MSN is to be assigned to a terminal, define a line name, and configure the dialling parameters.
Page 579 Glossary Funkwerk Enterprise Communications GmbH telephone number is stored in your telephone's caller list. However, because your connection is automatically set to Automatic Outside Line as a result of the ex works settings, you would first have to dial ** for a callback in order to obtain the internal dialling tone, and then 22.
Page 580 Glossary Funkwerk Enterprise Communications GmbH Signalling 1) phones. V.11 ITU-T recommendation for balanced dual-current interface lines (up to 10 mbps). V.24 CCITT and ITU-T recommendation that defines the interface between a PC or terminal as Data Terminal Equipment (DTE) and a modem as Data Circuit-terminating Equipment (DCE).
Page 581 Glossary Funkwerk Enterprise Communications GmbH Web server Server that provides documents in HTML format for access over the Internet (WWW). Webmail T-Online service with which e-mails can be sent and received world- wide on the Internet by means of a browser.
Page 582 Glossary Funkwerk Enterprise Communications GmbH in ISDN (D channel). X.500 ITU-T standards that cover user directory services, see LDAP. Ex- ample: The phone book is the directory in which you find people on the basis of their name (agreement with the telephone directory).
Page 583: Index
Index Funkwerk Enterprise Communications GmbH Index Allowed Addresses Allowed HotSpot Client Always on 263 , 269 , 273 , 278 , 286 ISDN Timeserver , 348 , 355 Modem Init Sequence Answer to client request System Admin Password APN (Access Point Name)
Page 584 Index Funkwerk Enterprise Communications GmbH 270 , 275 , 281 , 288 , 351 , 358 Codec Proposal Sequence 390 , 397 Block Time 106 , 330 Comfort Noise Generation (CNG) BOSS , 398 BOSS Version Command Mode Bundle Type...
Page 585 Index Funkwerk Enterprise Communications GmbH DHCP Hostname 150 , 296 DHCP Options DHCP Server D Channel Mode DHCP Broadcast Flag Data Packets Sequence Numbers DHCP Client on Interface DHCP MAC Address 150 , 296 Date Dial Latency Dialling Number Default Route...
Page 586 Index Funkwerk Enterprise Communications GmbH Enable update Filter Rules Enable BRRP Filtered Input Interface(s) Enable IPSec Firewall Status Enable server First Timeserver Enable VLAN Flow Control Enabled Force certificate to be trusted Encapsulation Forward Encrypt configuration Forward to Encrypted Forwarded Requests...
Page 587 Index Funkwerk Enterprise Communications GmbH IGMP Status IP Address Range Ignore Certificate Request Payloads IP Address Range IP Address / Netmask 149 , 233 IKE (Phase-1) IP Address Owner IKE (Phase-1) SAs IP Assignment Pool 279 , 287 , 318...
Page 588 Index Funkwerk Enterprise Communications GmbH Level 493 , 506 Manually resetting the device Licence Key Master down trials Licence Status Matching String Licence Key Max. Clients Licence Serial Number Max. incomming control connections per License valid until remote IP Address...
Page 589 Index Funkwerk Enterprise Communications GmbH Metric Determination Network Name (SSID) Metric (direct routes) New Destination IP Address/Netmask Metric Offset for Inactive Interfaces New File Name Metric Offset for Active Interfaces New Source IP Address/Netmask MIB Variables , 196 MIB/SNMP Variable to add/edit 190 , 506 , 513 Min.
Page 590 Index Funkwerk Enterprise Communications GmbH 488 , 497 , 504 401 , 417 Password for protected Certificate Propagate PMTU Propagate routes bound on discard/re- Peak Cell Rate (PCR) fuse interface Peer Address Propagation Delay Peer ID Proposals 326 , 333...
Page 591 Index Funkwerk Enterprise Communications GmbH Received Link State Request Packets Route Entries 265 , 269 , 274 , 279 , 287 , 306 , 309 , 318 , 349 , 356 , Received Link State Update Packets Route Selector Recipient...
Page 592 Index Funkwerk Enterprise Communications GmbH Send information to SMTP Server Send Initial Contact Message SNMP Send Key Hash Payloads SNMP Version Sender E-Mail Address SNMP Listen UDP Port Sent Database Description Packets SNMP Read Community SNMP Trap Broadcasting Sent Hello Messages...
Page 593 Index Funkwerk Enterprise Communications GmbH Switch Port Sync SAs with ISP interface state Tunnel Profile Synchronisation Mode Tx Bytes System Logic Tx Errors System Name Tx Packets System Date Type 206 , 220 , 295 , 378 , 399 , 513...
Page 594 Index Funkwerk Enterprise Communications GmbH User Defined Channel Plan User Name 263 , 269 , 273 , 278 , WPA Cipher 286 , 348 , 355 , 393 , 425 , 440 , WPA Mode 497 , 514 WPA2 Cipher...

This manual is also suitable for:

R3802 Rt1202 R3002 Rt3502 Rt3002 Rt4202 ... Show all

Funkwerk R1202 Reference Manual

Chapter 1 Introduction

Chapter 2 About this Guide

Chapter 3 Installation

Chapter 4 Basic Configuration

Chapter 5 Reset

Chapter 6 Technical Data

Chapter 7 Variable Switching of S0 Interfaces

Chapter 8 Access and Configuration

Chapter 9 Assistants

Chapter 10 System Management

Chapter 11 Physical Interfaces

Chapter 12 LAN

Chapter 13 Wireless LAN Controller

Chapter 14 Networking

Chapter 15 Routing Protocols

Chapter 16 Multicast

Chapter 17 WAN

Chapter 18 VPN

Chapter 19 Firewall

Chapter 20 Voip

Chapter 21 Local Services

Chapter 22 Maintenance

Chapter 23 External Reporting

Chapter 24 Monitoring

Quick Links

Related Manuals for Funkwerk R1202

Summary of Contents for Funkwerk R1202