Download Print this page

bintec elmeg be.IP 4isdn Manual

Table Of Contents

page of 488

/ 488
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Quick Links

Download this manual

Manual

bintec elmeg GmbH

Manual

be.IP 4isdn

Operation as a Media Gateway

Copyright© Version 10.1.27 RC 10/2017 bintec elmeg GmbH

be.IP 4isdn

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the be.IP 4isdn and is the answer not in the manual?

Questions and answers

Summary of Contents for bintec elmeg be.IP 4isdn

Page 1 Manual bintec elmeg GmbH Manual be.IP 4isdn Operation as a Media Gateway Copyright© Version 10.1.27 RC 10/2017 bintec elmeg GmbH be.IP 4isdn...
Page 2 GmbH offers no warranty whatsoever for information contained in this manu- al. bintec elmeg GmbH is not liable for any direct, indirect, collateral, consequential or any other damage connected to the delivery, supply or use of this manual.
Page 3: Table Of Contents
Introduction ......2 be.IP 4isdn ......2 2.1.1...
Page 4 User access ......Software updates for be.IP 4isdn ....
Page 5 Table of Contents bintec elmeg GmbH 7.2.4 System Licences ......Interface Mode / Bridge Groups ....
Page 6 Table of Contents bintec elmeg GmbH 9.1.1 Interfaces ......VLAN ......102 9.2.1...
Page 7 Table of Contents bintec elmeg GmbH Chapter 11 Networking ......11.1 Routes ......141 11.1.1...
Page 8 Table of Contents bintec elmeg GmbH 12.2 IGMP ......195 12.2.1 IGMP .
Page 9 Table of Contents bintec elmeg GmbH 14.3.1 Router (ITR/ETR) ......271 14.3.2 Local/Remote-Sites ..... . . 273 14.3.3...
Page 10 Table of Contents bintec elmeg GmbH 16.2.2 CLID Translation ......319 16.2.3 Call Translation ......320 Chapter 17 Local Services .
Page 11 Table of Contents bintec elmeg GmbH 17.6.2 Options ......354 17.7 Scheduling .
Page 12 Table of Contents bintec elmeg GmbH 18.2.3 Traceroute Test ......396 18.3 Software &Configuration ..... 397 18.3.1...
Page 13 Table of Contents bintec elmeg GmbH 20.3 ISDN/Modem ......417 20.3.1 Current Calls ......417 20.3.2...
Page 14 Table of Contents bintec elmeg GmbH be.IP 4isdn...
Page 15: Chapter 1 Introduction
ISDN point-to-multi-point or point-to-point connec- tions. If the four ports prove to be insufficient, you can link two be.IP 4isdn. The resulting unit enables you to migrate an ISDN PABX with up to eight ISDN connections and 16 sim- ultaneously used voice channels to an ALL-IP connection.
Page 16: Chapter 2 Introduction
“start.html” in a web browser. 2.1.1 Setting up and connecting be.IP 4isdn is operated at a purely IP-based connection. Telephony is exclusively VoIP- based, but your choice of connected devices is not restricted in any way. You can connect SIP, analogue and ISDN phones as well as PCs.
Page 17 PC and follow the instructions from the installation poster. (6) PC Connect a suitable PC to one of the Ethernet ports of be.IP 4isdn using an Ethernet cable. Should you run into any problems with the connection between your PC and your be.IP 4isdn , read the corresponding sections on the basic configuration of...
Page 18: Connectors
2 Introduction bintec elmeg GmbH 2.1.2 Connectors DSL interface Annex B/J 10/100/1000 Base-T Ethernet interface (LAN 1 - LAN4) Etherne WAN interface (LAN5) Interface for ISDN telephones (ISDN1 - ISDN4) SYNC interface Socket for the power supply unit 2.1.3 Connections (on the side)
Page 19: Leds
GmbH 2.1.5 LEDs The LEDs provide information on the device's activities and statuses. The LEDs on your be.IP 4isdn are arranged as follows: In operation mode, the LEDs display the following status information for your device: LED status display...
Page 20: Scope Of Supply
2 Introduction bintec elmeg GmbH Colour Status Information LAN 1 to 4 Green flashing Data transmission via Ethernet (Link/Act) LAN 1 to 4 No Ethernet connection (Link/Act) LAN 1 to 4 (Speed) Green 1000 Mbit/s transfer rate LAN 1 to 4 (Speed) Orange...
Page 21: General Product Features
19" kit and screws 2.1.7 General Product Features Die allgemeinen Produktmerkmale umfassen die Leistungsmerkmale und die technischen Voraussetzungen für Installation und Betrieb Ihres Geräts. General Product Features be.IP 4isdn Property Dimensions and weights: Equipment dimensions without cable (B 328 x 193 x 44 mm...
Page 22: Reset
2 Introduction bintec elmeg GmbH Property autosensing, MDIX ISDN interfaces (ISDN1 to ISDN4) 4 internal ISDN interfaces, ISDN termination SYNC interface SYNC Serial interface V.24 Permanently installed, supports Baud rates: 1200 to 115200 Baud Available sockets: VDSL interface 1 x RJ45 socket (grey)
Page 23: Presettings
When the configuration procedure is complete, select the Save configura- tion button! Otherwise the new, secure password will be lost when there is a restart. Select operating mode be.IP 4isdn allows you to switch between the operation modes of a PABX and that of a media gateway. be.IP 4isdn...
Page 24: Support-Information
After switching to the media gateway operation mode you can find an adequate docu- mentation of the software in the manual of the be.IP 4isdn. Case 1: If the password has not yet been changed, you can select the operating mode once you log in.
Page 25: Chapter 3 Mounting
(TNV electric circuits). LAN ports also use RJ connectors. Caution To ensure that the be.IP 4isdn can operate free of faults, it must be mounted upright on a wall or well ventilated inside of a device rack. The device should not be exposed to direct sunlight or other sources of heat.
Page 26: Pin Assignments
(4) Mark the drilling holes in the wall. (5) Check that all the points where the be.IP 4isdn is attached to the wall can bear its weight. Ensure that there are no utility lines, cables etc located in the area where the holes are marked.
Page 27: Isdn Interface
3 Mounting bintec elmeg GmbH follows: RJ45 socket for Ethernet connection Function Pair 0 + Pair 0 - Pair 1 + Pair 2 + Pair 2 - Pair 1 - Pair 3 + Pair 3 - 3.4.2 ISDN interface The connection is made via an RJ45 socket:...
Page 28: Vdsl Interface
3 Mounting bintec elmeg GmbH 3.4.3 VDSL interface The be.IP 4isdn has an xDSL interface. The VDSL interface is connected via an RJ45 plug. Only the two inner pins are used for the VDSL connection. The pin assignment for the vDSL interface (RJ45 socket) is as follows:...
Page 29 3 Mounting bintec elmeg GmbH Position Not used be.IP 4isdn...
Page 30: Chapter 4 Basic Configuration
Note If you already run a DHCP server on your LAN, it is recommended that you connect only a single PC to your be.IP 4isdn so that a separate network is created. 4.1.1 Systemsoftware Your device contains the version of the system software available at the time of production.
Page 31: Gathering Data
4 Basic configuration bintec elmeg GmbH 4.1.3 Gathering data You will quickly collect the main data for doing the configuration with the configuration inter- face. Before you start the configuration, you should gather the data for the following purposes: • Network settings (only if you intend to integrate your device into an existing network infra- structure) •...
Page 32: Setting Up A Pc
4 Basic configuration bintec elmeg GmbH Access data Example value Your values gistrar, e. g. e. g. Call number Data for internet access over xDSL Access data Example value Your values Provider name Protocol Encapsulation VPI (Virtual Path Identifier) VCI (Virtual Circuit Identifier)
Page 33: Configuring The System
4 Basic configuration bintec elmeg GmbH (2) Click on LAN Connection. (3) Click on Properties in the status window. (4) Look for the Internet Protocol (TCP/IP) entry in the list of network components. Installing the TCP/IP protocol If you cannot find the Internet Protocol (TCP/IP) entry, install the TCP/IP protocol as fol- lows: (1) First click Properties, then Install in the status window of the LAN Connection.
Page 34: Network Setting (Lan)
4 Basic configuration bintec elmeg GmbH 4.2.1 Network setting (LAN) If you intend to integrate your device into an existing network infrastructure, select the As- sistants->First steps->Basic Settings menu for the network settings. For the LAN IP con- figuration, the Address Mode is set to Static by default, since your system is delivered ex works with a fixed IP.
Page 35: Testing The Configuration
4 Basic configuration bintec elmeg GmbH 4.3.3 Testing the configuration Once you have finished configuring your device, you can test the connection in your LAN and to the Internet. Carry out the following steps to test your device: (1) Test the connection from any device in the local network to your device. In the Win-...
Page 36: Software Updates For Be.ip 4Isdn
GmbH 4.5 Software updates for be.IP 4isdn The range of functions in the be.IP 4isdn is continuously being extended. For new software versions can be carried out easily with the GUI. A functional Internet connection is required for any kind of an automatic update.
Page 37 4 Basic configuration bintec elmeg GmbH Caution Once you have clicked on Go the update cannot be cancelled/interrupted. If an error occurs during the update, do not re-start the device and contact support. be.IP 4isdn...
Page 38: Chapter 5 Access And Configuration
5 Access and configuration bintec elmeg GmbH Chapter 5 Access and configuration 5.1 Access via LAN Access via one of your device's Ethernet interfaces allows you to open the configuration in- terface in a web browser. 5.1.1 HTTP/HTTPS With a current web browser, you can use the HTML interface to configure your device. For this, enter the following in your web browser's address field •...
Page 39 5 Access and configuration bintec elmeg GmbH 5.2.1.1 Open the configuration interface (1) Check whether the device is connected and switched on and that all the necessary cables are correctly connected. (2) Check the settings of the PC from which you want to configure your device.
Page 40 5 Access and configuration bintec elmeg GmbH Header Configuration interface header bar Menu Function Opens the navigation bar. Logout: If you want to end the configuration, click this button to log out of your device. A window is opened offering you the fol- lowing options: •...
Page 41 5 Access and configuration bintec elmeg GmbH Menu Function View: Select the desired view from the dropdown menu. can be selected. Also the Initial operation can be start again from here. Save configuration button. If you click the Save configuration button, you will be asked "Do you really want to save the current configuration as a boot...
Page 42 5 Access and configuration bintec elmeg GmbH The navigation bar contains the main configuration menus and their sub-menus. Click the main menu you require. The corresponding sub-menu then opens. If you go to the sub-menu you want, the entry selected will be displayed in color. After se- lecting the sub-menu the navigation bar will be closed.
Page 43 5 Access and configuration bintec elmeg GmbH tional options. Configuration elements The various actions that you can perform when configuring your device in the configuration interface are triggered by means of the following buttons: Buttons Button Function Updates the view.
Page 44 5 Access and configuration bintec elmeg GmbH Icon Function Sets the status of the entry to Sets the status of the entry to Indicates "Dormant" status for an interface or connection. Indicates "Up" status for an interface or connection. Indicates "Down" status for an interface or connection.
Page 45 5 Access and configuration bintec elmeg GmbH Menu Function ter inx <Option> y and entering the search word in the input field. launches filter operation. Configuration elements Some lists contain configuration elements. You can therefore change the configuration of the correspond- ing list entry directly in the list.
Page 46 5 Access and configuration bintec elmeg GmbH Structure of the configuration menu The menus contain the following basic structures: Menu structure Menu Function Basic configuration When you select a menu from the navigation bar, the menu of menu/list basic parameters is displayed first. In a sub-menu containing several pages, the menu containing the basic parameters is dis- played on the first page.
Page 47 5 Access and configuration bintec elmeg GmbH Menu Function Enter the data. Radiobuttons e.g. Select the corresponding option. Checkbox e.g. activation by selecting checkbox Dropdown-Menüs e.g. Click the arrow to open the list. Select the required option using the mouse.
Page 48 5 Access and configuration bintec elmeg GmbH Note Please note that not all devices have the full range of functions. Use your product spe- cification to check which software your device has. be.IP 4isdn...
Page 49: Chapter 6 Assistants
6 Assistants bintec elmeg GmbH Chapter 6 Assistants The Assistants menu offers step-by-step instructions for the following basic configuration tasks. Choose the corresponding task from the navigation bar and follow the instructions and ex- planations on the separate pages of the Wizard.
Page 50: Chapter 7 System Management
7 System Management bintec elmeg GmbH Chapter 7 System Management The System Management menu contains general system information and settings. You see a system status overview. Global system parameters such as the system name, date/time, passwords and licences are managed and the access and authentication meth- ods are configured.
Page 51 7 System Management bintec elmeg GmbH The menu System Management->Status consists of the following fields: Fields in the System Information menu Field Value Uptime Displays the time past since the device was rebooted. System Date Displays the current system date and system time.
Page 52: Global Settings
7 System Management bintec elmeg GmbH Field Value Link Displays the current status of the connection to this SIP pro- vider. Fields in the Physical Interfaces menu Field Value Interface - Connection The physical interfaces are listed here and their most important Information - Link settings are shown (ISDN: only the first 4 ports are listed).
Page 53 7 System Management bintec elmeg GmbH Field Value Location Enter the location of your device. Contact Enter the relevant contact person. Here you can enter the e- mail address of the system administrator, for example. A character string with a maximum of 255 characters is pos- sible.
Page 54 Only for devices with support for being managed by the Cloud dress NetManager. The address of the bintec elmeg Cloud NetManager is precon- figured. If you want to run your own management system, you need to enter the address of your server here.
Page 55: Passwords
Setting the passwords is another basic system setting. Note All bintec elmeg devices are delivered with the same username and password. As long as the password remains unchanged, they are not protected against unauthorised use. Make sure you change the passwords to prevent unauthorised access to the device If the password is not changed, under System Management->Status there appears...
Page 56: Date And Time
7 System Management bintec elmeg GmbH Field Value word Fields in the SNMP Communities menu. Field Value SNMP Read Com- Enter the password for the user name munity SNMP Write Com- Enter the password for the user name munity Fields in the Global Password Options menu...
Page 57 7 System Management bintec elmeg GmbH from 2 a.m. to 3 a.m. The calendar-related or schedule-related switches that are scheduled for the missing hour are then carried out. Winter time starts on the last Sunday in October by switching from 3 a.m. to 2 a.m. The calendar-related or schedule-related switches that are scheduled for the additional hour are then carried out.
Page 58 7 System Management bintec elmeg GmbH Field Description • Day: dd • Month: mm • Year: yyyy Set Time Enter a new time. Format: • Hour: hh • Minute: mm Fields in the menu Automatic Time Settings (Time Protocol) Field...
Page 59 7 System Management bintec elmeg GmbH Field Description Second Timeserver Enter the secondary time server, by using either a domain name or an IP address. In addition, select the protocol for the time server request. Possible values: • (default value): This server uses the simple network time protocol via UDP port 123.
Page 60: System Licences
7 System Management bintec elmeg GmbH Field Description time server after 1, 2, 4, 8, and 16 minutes. • : For ten minutes, the system attempts to con- tact the time server after 1, 2, 4, 8 seconds and then every 10 seconds.
Page 61 7 System Management bintec elmeg GmbH The following licence types exist: • Licences already available in the device's ex works state • Free extra licences • Extra licences at additional cost The data sheet for your device tells you which licences are available in the device's ex works state and which can also be obtained free of charge or at additional cost.
Page 62 7 System Management bintec elmeg GmbH 7.2.4.1 Edit or New Choose the icon to edit existing entries. Choose the New button to enter more licences. Activating extra licences You activate extra licences by adding the received licence information in the System Man- agement->Global Settings->System Licences->New menu.
Page 63: Interface Mode / Bridge Groups
7 System Management bintec elmeg GmbH 7.3 Interface Mode / Bridge Groups In this menu, you define the operation mode for your device's interfaces. Routing versus bridging Bridging connects networks of the same type. In contrast to routing, bridges operate at lay- er 2 of the OSI model (data link layer), are independent of higher-level protocols and trans- mit data packets using MAC addresses.
Page 64: Interfaces
7 System Management bintec elmeg GmbH Example: (first bridge group) The name of the wireless network (VSS) is made up of the following parts: Abbreviation for interface type, whereby stands for wireless network. (a) Number of the wireless module (b) Number of the interface...
Page 65 7 System Management bintec elmeg GmbH The default setting for all existing interfaces is routing mode. When selecting the option for Mode / Bridge Group, a bridge group, i.e. etc. is automatically created and the interface is run in bridging mode.
Page 66 7 System Management bintec elmeg GmbH For WLAN clients in bridge mode (so-called MAC Bridge) you can also edit additional set- tings via the icon. You can realise bridging for devices behind access clients with the MAC Bridge function. In wildcard mode you cannot define how Unicast non-IP frames or non-ARP frames are pro- cessed.
Page 67: Administrative Access
ISDN interfaces Note Not all of the options above will be available in every bintec elmeg device. Consult the data sheet of your device which connection types are supported! For PABX systems only: You can also authorise your device for maintenance work from bintec elmeg's Customer Service department.
Page 68: Ssh
7 System Management bintec elmeg GmbH (ISDN Web-Access) or Service Call Ticket (SSH Web Access), depending on the ser- vice you require, and select the OK button. Follow the instructions given by Telekom's Cus- tomer Service! Service Login (ISDN Web-Access) is disabled by default. If the option is activated, it is deactived again after ca.
Page 69 7 System Management bintec elmeg GmbH Note If configuration of an SSH connection is not possible, restart the device to initialise the SSH Daemon correctly. The System Management->Administrative Access->SSH menu consists of the following fields: Fields in the menu SSH (Secure Shell) Parameters...
Page 70 7 System Management bintec elmeg GmbH Field Value Hashing Algorithms Select the algorithms that are to be available for message au- thentication of the SSH connection. Possible options: • • • By default are enabled. Fields in the menu Key Status...
Page 71 7 System Management bintec elmeg GmbH Field Value FlashROM. The status is by default. DSA Key Status Shows the status of the DSA key. If no DSA key has yet been generated, is dis- played in red and a link, , is provided.
Page 72: Snmp
7 System Management bintec elmeg GmbH Field Value the SSH Daemon. Possible settings: • (default value): Fatal and simple errors of the SSH Daemon and information messages are recorded. • : Only fatal errors of the SSH Daemon are recorded.
Page 73: Remote Authentication
7 System Management bintec elmeg GmbH Field Value • : SNMP Version 1 • : Community-Based SNMP Version 2 • : SNMP Version 3 By default, are enabled. If no option is selected, the function is deactivated. SNMP Listen UDP Port Shows the UDP port ( ) at which the device receives SNMP requests.
Page 74 7 System Management bintec elmeg GmbH For an incoming connection, your device sends a request with user name and password to the RADIUS server, which then searches its database. If the user is found and can be au- thenticated, the RADIUS server sends corresponding confirmation to your device. This con- firmation also contains parameters (called RADIUS attributes), which your device uses as WAN connection parameters.
Page 75 7 System Management bintec elmeg GmbH Field Value ACCOUNTING_STOP Client -> Server If a RADIUS server is used for accounting, your device sends an accounting message to the RADIUS server at the end of each connection. A list of all entered RADIUS servers is displayed in the System Management->Remote Authentication->RADIUS menu.
Page 76 7 System Management bintec elmeg GmbH Field Value In standard applications, leave the value set to Possible values for hotspot applications: • : For France Telecom hotspot applications. • : For hotspot applications. Server IP Address Enter the IP address of the RADIUS server.
Page 77 7 System Management bintec elmeg GmbH Field Value • : Select a predefined group from the list. The Advanced Settings menu consists of the following fields: Fields in the Advanced Settings menu. Field Value Policy Select how your device is to react if a negative response to a re- quest is received.
Page 78: Options
7 System Management bintec elmeg GmbH Field Value switched line (dialup connection), this can cause additional costs if the server is for a long time. The function is activated by selecting The function is enabled by default. Retries Enter the number of retries for cases when there is no response to a request.
Page 79: Configuration Access
7 System Management bintec elmeg GmbH The menu System Management->Remote Authentication->Options consists of the fol- lowing fields: Fields in the Global RADIUS Options menu. Field Description Authentication for PPP By default, the following authentication sequence is used for in- Dialin coming calls with RADIUS: First CLID, then PPP and then PPP with RADIUS.
Page 80 7 System Management bintec elmeg GmbH 7.6.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create additional ac- cess profiles. To create an access profile you can use all the entries in the navigation bar of the GUI plus Save configuration and Switch to SNMP Browser.
Page 81 7 System Management bintec elmeg GmbH Field Description Caution Note that the permission for Switch to SNMP Browser means that the user can access the entire MIB, because no individual access profile can be created in this view. The user can save the changed MIB with the permission for Save configuration.
Page 82: Users
7 System Management bintec elmeg GmbH Field Description Elements that are assigned to the current access profile are flagged with the icon indicates a menu that is blocked, but which has at least one released sub-menu. 7.6.2 Users The menu System Management->Configuration Access->Users displays a list of all the users that have been configured.
Page 83: Certificates
7 System Management bintec elmeg GmbH Field Description Enable or disable User must change password. The function is enabled with The function is disabled by default. Access Level Use Add to assign at least one access profile to the user. Se- lecting Read-only specifies that the user can view the paramet- ers of the access profile, but not change them.
Page 84: Certificate List
7 System Management bintec elmeg GmbH the most commonly use standard for digital certificates. Qualified certificates are personal and extremely trustworthy. Digital certificates are part of a so-called Public Key Infrastructure (PKI). PKI refers to a system that can issue, distribute and check digital certificates.
Page 85 7 System Management bintec elmeg GmbH Field Description to be included in the validation of certificates issued by the own- er of this certificate. Possible settings: • : No CRLs check. • : CRLs are always checked. • (default value): A check is only carried out if a CRL Distribution Point entry is included in the certificate.
Page 86 7 System Management bintec elmeg GmbH When a certificate is downloaded automatically, i.e. if CA Certificate = is selected, all the certificates needed for the operation are loaded automatically. If all the necessary certificates are already available in the system, these can also be selec- ted manually.
Page 87 7 System Management bintec elmeg GmbH Field Description SCEP URL Only for Mode = Enter the URL of the SCEP server, e.g. ht- tp://scep.bintec-elmeg.com:8080/scep/scep.dll Your CA administrator can provide you with the necessary data. CA Certificate Only for Mode = Select the CA certificate.
Page 88 7 System Management bintec elmeg GmbH Field Description If you use one of your own certificates to sign communication with the RA, you can select another one here to encrypt com- munication. The default value is , i.e. the same certificate is used as for signing.
Page 89 7 System Management bintec elmeg GmbH Field Description Organizational Unit Only for Custom = disabled. Enter the organisational unit according to CA. Organization Only for Custom = disabled. Enter the organisation according to CA. Locality Only for Custom = disabled.
Page 90 7 System Management bintec elmeg GmbH Field Description steps of the enrolment internally. This is an advantage if enrol- ment cannot be concluded immediately. If the status has not been saved, the incomplete registration cannot be completed. As soon as the enrolment is completed and the certificate has been downloaded from the CA server, it is automatically saved in the device configuration.
Page 91: Crls
7 System Management bintec elmeg GmbH 7.7.2 CRLs In the System Management->Certificates->CRLs menu, a list of all CRLs (Certification Revocation List) is displayed. If a key is no longer to be used, e.g. because it has fallen into the wrong hands or has been lost, the corresponding certificate is declared invalid.
Page 92: Certificate Servers
7 System Management bintec elmeg GmbH 7.7.3 Certificate Servers A list of certificate servers is displayed in the System Management->Certificates->Certi- ficate Servers menu. A certification authority (certification service provider, Certificate Authority, CA) issues your certificates to clients applying for a certificate via a certificate server. The certificate server also issues the private key and provides certificate revocation lists (CRL) that are accessed by the device via LDAP or HTTP in order to verify certificates.
Page 93: Chapter 8 Physical Interfaces
8 Physical Interfaces bintec elmeg GmbH Chapter 8 Physical Interfaces In this menu, you configure the physical interfaces that you have used when connecting your gateway. The configuration interface only shows the interfaces that are available on your device. In the System Management->Status menu, you can see a list of all physical interfaces and information on whether the interfaces are connected or active and whether they have already been configured.
Page 94: Port Configuration
8 Physical Interfaces bintec elmeg GmbH 8.1.1 Port Configuration Port Separation Your device makes it possible to run the switch ports as one interface or to logically separ- ate these from each other and to configure them as independent Ethernet interfaces.
Page 95: Isdn Ports
8 Physical Interfaces bintec elmeg GmbH Field Description • • • • • • • • : The interface is created but remains inactive. Current Speed / Mode Shows the actual mode and actual speed of the admin inter- face.
Page 96: Isdn Configuration
8 Physical Interfaces bintec elmeg GmbH of your ISDN connection. • MSN Configuration: Here you tell your device how to react to incoming calls from the WAN. 8.2.1 ISDN Configuration Note If the ISDN protocol is not detected, it must be selected manually under Port Usage und ISDN Configuration Type .
Page 97 8 Physical Interfaces bintec elmeg GmbH Field Description Port Usage Only if Autoconfiguration on Bootup is disabled. Select the protocol that you want to use for the ISDN port. Possible values: • : The ISDN connection is not used. •...
Page 98: Msn Configuration
8 Physical Interfaces bintec elmeg GmbH Field Description Possible values: • • • (default value) are only for the use of X.31 TEI for CAPI applications. For , the TEI value set in the CAPI ap- plication is used. For...
Page 99 8 Physical Interfaces bintec elmeg GmbH enough information to initiate setting up a tunnel. • X.25 PAD: X.25 PAD is used to provide a protocol converter, which converts non- packet-oriented protocols to packet-oriented communication protocols and vice versa. Data terminal equipment sending or receiving data on a non-data-packet-oriented basis can this be adapted in line with Datex-P (public data packet network based on the prin- ciple of a packet switching exchange).
Page 100: Dsl Modem
8 Physical Interfaces bintec elmeg GmbH Field Description cept • : Enables a number to be defined for IPSec callback. • : Other services can be selected: (Allows 64 kpbs PPP data connections), (Allows 56 kpbs PPP data connections), (Allows PPP connections with V.110 and bitrates of 9,600 bps, 14,400 bps, 19,200 bps, 38,400 bps), (Allows PPP connections with V.120).
Page 101 8 Physical Interfaces bintec elmeg GmbH The menu Physical Interfaces->DSL Modem->DSL Configuration consists of the follow- ing fields: Fields in the DSL Port Status menu. Field Description DSL Chipset Shows the key of the installed chipset. Physical Connection Shows the current ADSL operation mode. The value cannot be changed.
Page 102 8 Physical Interfaces bintec elmeg GmbH Fields in the DSL Parameter menu. Field Description DSL Mode Select the ADSL synchronization type. Possible values: • (default value): The ADSL mode is auto- matically adapted for the remote terminal. • :ADSL1 / G.DMT is used.
Page 103 8 Physical Interfaces bintec elmeg GmbH Field Description SNR Margin The signal-to-noise ratio (SNR) can be controlled via the slider from 0 to 5 dB. Change the value only for DLS line problems. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
Page 104: Chapter 9 Lan
9 LAN bintec elmeg GmbH Chapter 9 LAN In this menu, you configure the addresses in your LAN and can structure your local network using VLANs. 9.1 IP Configuration In this menu, you can edit the IP configuration of the LAN and Ethernet interfaces of your device.
Page 105 9 LAN bintec elmeg GmbH will only be able to access your device over this IP address. The device will no longer obtain an IP configuration dynamically over DHCP. Example of subnets If your device is connected to a LAN that consists of two subnets, you should enter a second IP Address / Netmask.
Page 106 9 LAN bintec elmeg GmbH 9.1.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create virtual inter- faces. The LAN->IP Configuration->Interfaces->/New menu consists of the following fields: Fields in the Basic Parameters menu.
Page 107 9 LAN bintec elmeg GmbH Field Description locate a virtual MAC address. The first 6 characters of the MAC are preset (but can be changed). If Use built-in is active, the predefined MAC address of the al- located physical interface is used.
Page 108 9 LAN bintec elmeg GmbH Field Description The function is disabled by default. Security Policy Only for IPv6 = Select the security settings to be used with the interface. Possible values: • (default value): All IP packets are allowed through except for those which are explicitly prohibited.
Page 109 9 LAN bintec elmeg GmbH Field Description Specify if your device is to act as DHCP server, i.e., if it is to transmit DHCP options in order to distribute information about the DNS servers to the clients. Enable this option if hosts are to create IPv6 addresses through SLAAC.
Page 110 9 LAN bintec elmeg GmbH Field Description DNS servers. The function is activated by selecting The function is enabled by default. Use Add to create more entries. Fields in the Basic Parameters menu. Field Description Advertise Only for IPv6 Mode =...
Page 111 9 LAN bintec elmeg GmbH Field Description subnet creation will use ID for the first subnet, ID for the second, etc. Possible values for the sub net ID are: The subnet ID describes the fourth of the four 16 bit fields of a Link Prefix.
Page 112 9 LAN bintec elmeg GmbH Field Description • The hexadecimal notation of the 64 bit is converted to a bin- ary notation. • Bit no. 7 of the first 8 bit field is set to . Static Addresses Independently of the automatic creation described under Gen- eration Mode, you can manually specify the Host Identifier of one or more IPv6 addresses with Add.
Page 113 9 LAN bintec elmeg GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced IPv4 Settings menu. Field Description DHCP MAC Address Only for Address Mode = If Use built-in is activated (default setting), the hardware MAC address of the Ethernet interface is used.
Page 114 9 LAN bintec elmeg GmbH Field Description The function is activated by selecting The function is disabled by default. TCP-MSS Clamping Select whether your device is to apply MSS Clamping. To pre- vent IP packets fragmenting, the MSS (Maximum Segment Size) is automatically decreased by the device to the value set here.
Page 115 9 LAN bintec elmeg GmbH Field Description • • (default value) • DHCP Mode Only for IPv6 = , IPv6 Mode = and Transmit Router Advertise- ment = Select the information to be forwarded to the DHCP client. Note To achieve this, your router must not be set up as a DHCP server.
Page 116: Vlan
9 LAN bintec elmeg GmbH Field Description • ULA (Unique Local Addresses) • Link local addresses • : Statically configured as well as dynamically learned DNS server entries are propagated according to their priority. If there are no entries, no address is propagated.
Page 117: Port Configuration
9 LAN bintec elmeg GmbH The LAN->VLAN->VLANs->New menu consists of the following fields: Fields in the Configure VLAN menu. Field Description VLAN Identifier Enter the number that identifies the VLAN. In the menu, you can no longer change this value.
Page 118: Administration
9 LAN bintec elmeg GmbH Field Description Drop non-members If this option is enabled, all tagged frames that are tagged with a VLAN ID to which the selected port does not belong are dis- carded. 9.2.3 Administration In this menu, you make general settings for a VLAN. The options must be configured sep- arately for each bridge group.
Page 119: Chapter 10 Wireless Lan Controller
10 Wireless LAN Controller bintec elmeg GmbH Chapter 10 Wireless LAN Controller By using the wireless LAN controller, you can set up and manage a WLAN infrastructure with multiple access points (APs). The WLAN controller has a Wizard which assists you in the configuration of your access points.
Page 120 10 Wireless LAN Controller bintec elmeg GmbH 10.1.1.1 Basic Settings The wireless LAN controller uses the following settings: Region Select the country in which the wireless controller is to be operated. Please note: The range of channels that can be used varies depending on the country set- ting.
Page 121 10 Wireless LAN Controller bintec elmeg GmbH 10.1.1.2 Radio Profile Select which frequency band your WLAN controller shall use. If the is set then the 2.4 GHz frequency band is used. If the is set then the 5 GHz frequency band is used.
Page 122 10 Wireless LAN Controller bintec elmeg GmbH Enter an ASCII string with a maximum of 32 characters. Also select whether the Network Name (SSID) is to be transmitted. IGMP Snooping IGMP snooping reduces the data traffic and thus the network load.
Page 123 10 Wireless LAN Controller bintec elmeg GmbH VLAN Select whether the VLAN segmentation is to be used for this wireless network. If you wish to use VLAN segmentation, enter a value between in the input field in order to identify the VLAN. (VLAN ID is not possible!).
Page 124 10 Wireless LAN Controller bintec elmeg GmbH Displays the wireless module profile that is currently selected. You can select another wire- less module profile from the list if more than one wireless module profile are being set up. Channel Displays the channel that is assigned. You can select an alternative channel.
Page 125: Wireless Lan Controller Vlan Configuration
10 Wireless LAN Controller bintec elmeg GmbH played you will see how far the installation has progressed. The display is continuously up- dated. Provided that non-overlapping wireless channels are located for all access points, the con- figuration that is set in the Wizard is transferred to the access points.
Page 126: Controller Configuration
10 Wireless LAN Controller bintec elmeg GmbH Field Dsecription VLAN ID Select an existing VLAN from the pull down menu. Only those IDs without a configuration are offered. IP Address/Netmask Specify the IP configuration of the new interface. Make sure that the address has not been used before.
Page 127 10 Wireless LAN Controller bintec elmeg GmbH Field Description Status Enable theStatus option to make the basic settings for the wire- less LAN controller. The function is disabled by default. Delete the complete Only for Status = disabled. WLAN Controller con- You can delete a configuration using the icon.
Page 128 10 Wireless LAN Controller bintec elmeg GmbH Field Description WLAN Controller IP Address field. Possible values: • (default value): An external DHCP server with an CAPWAP option 138 enabled assigns the IP addresses to the APs or you can give static IP addresses to the APs.
Page 129: Slave Ap Autoprofile
10 Wireless LAN Controller bintec elmeg GmbH 10.2.2 Slave AP Autoprofile The Wireless LAN Controller offers the option of automatically including and configuring an access point that is being integrated into the network accessible by the WLAN Controller. In order to be able to automatically assign a configuration to a new access point you have to configure a profile that is valid for all new access points that match certain criteria.
Page 130: Slave Ap Configuration
10 Wireless LAN Controller bintec elmeg GmbH Field Description Possible values: • • Assigned Wireless Only for Operating Mode = Network (VSS) Add a new radio profile with Add. 10.3 Slave AP configuration In this menu, you will find all of the settings that are required to manage the slave access points.
Page 131 10 Wireless LAN Controller bintec elmeg GmbH Status Meaning the GUI. No License Available The AP does not have an unassigned licence for this AP. Offline The AP is either administratively disabled or switched off or has its power supply cut off etc.
Page 132 10 Wireless LAN Controller bintec elmeg GmbH Field Description Operation Mode Displays the mode in which the wireless module is to be oper- ated. You can change the mode. Possible values: • (default value): The wireless module is used as an access point in your network.
Page 133: Radio Profiles
10 Wireless LAN Controller bintec elmeg GmbH Field Description Used Channel Only for managed APs. Displays the channel that is currently in use. Transmit Power Displays the transmission power. You can select another trans- mission power. Possible values: • (default value): The maximum antenna power is used.
Page 134 10 Wireless LAN Controller bintec elmeg GmbH Field Description Description Enter the desired description of the wireless module profile. Operation Mode Define the mode in which the wireless module profile is to be operated. Possible values: • (default value): The wireless module profile is not active.
Page 135 10 Wireless LAN Controller bintec elmeg GmbH Field Description 802.11b and forces all clients to adapt to it. • : Your device adapts to the client technology and operates according to either 802.11b or 802.11g. • : Your device adapts to the cli- ent technology and operates according to either 802.11b or...
Page 136 10 Wireless LAN Controller bintec elmeg GmbH Field Description • (default value): One channel with 20 MHz bandwidth is used. • : Two channels each with 20 MHz bandwidth are used. In the case one channel acts as a control channel and the other as an expansion channel.
Page 137 10 Wireless LAN Controller bintec elmeg GmbH Fields in the menu Advanced Settings Field Description Channel Plan Select the desired channel plan. The channel plan makes a preselection when a channel is se- lected. This ensures that no channels overlap, i.e. a distance of four channels is maintained between the channels used.
Page 138 10 Wireless LAN Controller bintec elmeg GmbH Field Description come alive at the right time and receive the data. Possible values are The default value is . RTS Threshold Here you can specify the data packet length threshold in bytes (1..2346) as of which the RTS/CTS mechanism is to be used.
Page 139: Wireless Networks (Vss)
10 Wireless LAN Controller bintec elmeg GmbH Field Description mended for this field in areas with poor reception and in the event of radio interference. Possible values are The default value is 10.3.3 Wireless Networks (VSS) An overview of all created wireless networks is displayed in the Wireless LAN Controller- >Slave AP configuration->Wireless Networks (VSS) menu.
Page 140 10 Wireless LAN Controller bintec elmeg GmbH Field Description Intra-cell Repeating Select whether communication between the WLAN clients is to be permitted within a radio cell. The function is activated by selecting The function is enabled by default. ARP Processing Select whether the ARP processing function should be enabled.
Page 141 10 Wireless LAN Controller bintec elmeg GmbH Field Description The function is activated by selecting The function is disabled by default. Fields in the menu Security Settings Field Description Security Mode Select the security mode (encryption and authentication) for the wireless network.
Page 142 10 Wireless LAN Controller bintec elmeg GmbH Field Description • : Only WPA is used. • : Only WPA2 is used. WPA Cipher Only for Security Mode = and for WPA Mode = Select the type of encryption you want to apply to WPA.
Page 143 10 Wireless LAN Controller bintec elmeg GmbH Field Description Select whether the EAP preauthentification function is to be ac- tivated. This function tells your device that WLAN clients, which are already connected to another access point, can first carry out 802.1x authentication as soon as they are within range.
Page 144 10 Wireless LAN Controller bintec elmeg GmbH Field Description - soft limit and Max. number of clients - hard limit to identical values. Client Band select Not all devices support this function. This function requires a dual radio setup where the same wire- less networkis configured on both radio modules, but in different frequency bands.
Page 145 10 Wireless LAN Controller bintec elmeg GmbH Field Description the duration of the block can be configured. A blocked client is blocked at all the APs that are managed by the wireless LAN controller for the VSS concerned, so neither are they able to log into a different radio cell in that VSS.
Page 146 10 Wireless LAN Controller bintec elmeg GmbH Field Description • up to in single Mbit/s steps, Tx Shaping Select a bandwidth limitation in the transmit direction. Possible values are • (default value) • up to in single Mbit/s steps, Fields in the menu Data-rate trimming...
Page 147: Monitoring
10 Wireless LAN Controller bintec elmeg GmbH Fields in the menu Low RSSI threshold management Field Description RSSI threshold The option RSSI threshold allows you to define a threshold for the expected strength of a client signal. If the signal strength of...
Page 148: Slave Access Points
10 Wireless LAN Controller bintec elmeg GmbH Status Meaning Wireless LAN Controller. AP managed Displays the number of managed access points. WLAN Controller: VSS Displays the data traffic in receive and transmit direction in throughput bytes per second. CPU usage [%] Displays the percentaged CPU load over time.
Page 149: Active Clients
10 Wireless LAN Controller bintec elmeg GmbH Status Meaning Throughput/client Displays the received and transmitted data traffic per client over time. 10.4.3 Active Clients In the Wireless LAN Controller->Monitoring->Active Clients menu, current values of all active clients are displayed. For each client you will see an entry with the following parameter set: Location, Slave AP Name, VSS, Client MAC, Client IP Address, Signal : Noise (dBm) , Tx Bytes, Rx Bytes, Tx Discards, Rx Discards, Status, Uptime.
Page 150: Client Management
10 Wireless LAN Controller bintec elmeg GmbH 10.4.5 Client Management The Wireless LAN Controller->Monitoring->Client Management menu displays informa- tion on the client management by the access points. You can, e.g., see the number of con- nected clients, the number of clients that are affected by the 2,4/5 GHz changeover and the number of rejected clients.
Page 151: Rogue Aps
10 Wireless LAN Controller bintec elmeg GmbH 10.5.2 Rogue APs APs which are using an SSID from their own network but are not managed by Wireless LAN Controller are displayed in the Wireless LAN Controller->Neighbor Monitoring->Rogue APs menu. Rogue APs which have been found for the first time are displayed with a red background.
Page 152: Maintenance
10 Wireless LAN Controller bintec elmeg GmbH Status Meaning access. Type of attack This displays the type of potential attack, e. g. an incorrect au- thentication. First seen Displays the time of the first registered attempted access. Last seen Displays the time of the last registered attempted access.
Page 153 10 Wireless LAN Controller bintec elmeg GmbH Click the Select all button to select all of the entries for a firmware update. Click the Deselect all button to disable all entries and to then select individual entries if required (e.g. if there is a large number of entries and only individual APs are to be given software updates).
Page 154 10 Wireless LAN Controller bintec elmeg GmbH Field Description Only for Source Location = Enter the URL of the update server from which the system soft- ware file is loaded or on which the configuration file is saved. be.IP 4isdn...
Page 155: Chapter 11 Networking
11 Networking bintec elmeg GmbH Chapter 11 Networking 11.1 Routes Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available. If you set up access to the Internet, you must configure the route to your Internet Service Provider (ISP) as a default route.
Page 156 11 Networking bintec elmeg GmbH Field Description Route Type Select the type of route. Possible values: • : Route via a specific in- terface which is to be used if no other suitable route is avail- able. • : Route via a specific gate- way which is to be used if no other suitable route is available.
Page 157 11 Networking bintec elmeg GmbH Field Description Note When the DHCP lease expires or when the device is re- started, the routes that consist from the combination of DH- CP settings and those made here are initially deleted once more from the active routing. If the DHCP is reconfigured they are re-generated and re-activated.
Page 158 11 Networking bintec elmeg GmbH Field Description Gateway IP Address Only for Route Type = Enter the IP address of the gateway to which your device is to forward the IP packets. Metric Select the priority of the route. The lower the value, the higher the priority of the route.
Page 159 11 Networking bintec elmeg GmbH Field Description • : Enables the entry of a range of port numbers. • : Entry of privileged port numbers: 0 ... 1023. • : Entry of server port numbers: 5000 ... 32767. • : Entry of client port numbers: 1024 ... 4999.
Page 160: Ipv6 Route Configuration
11 Networking bintec elmeg GmbH Field Description according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format). • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in hexadecimal format).
Page 161 11 Networking bintec elmeg GmbH 11.1.2.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create additional routes. Routes without an icon have been created by the router automatically and cannot be edited. The Network->Routes->IPv6 Route Configuration->New menu consists of the following...
Page 162: Ipv4 Routing Table
11 Networking bintec elmeg GmbH Field Description Source Address / Enter the source IPv6 address along with the corresponding Length prefix length. describes an unspecific address. By default the prefix length is predefined. Destination Address / Enter the destination IPv6 address along with the corresponding Length prefix length.
Page 163: Ipv6 Routing Table
11 Networking bintec elmeg GmbH Field Description when routes are received by DHCP. Interface Displays the interface used for this route. Metric Displays the route's priority. The lower the value, the higher the priority of the route. Route Type Displays the route type.
Page 164: Options
11 Networking bintec elmeg GmbH 11.1.5 Options Back Route Verify The term Back Route Verify describes a very simple but powerful function. If a check is ac- tivated for an interface, incoming data packets are only accepted over this interface if out- going response packets are routed over the same interface.
Page 165: Ipv6 General Prefixes
11 Networking bintec elmeg GmbH Field Description By default, the function is deactivated for all interfaces. 11.2 IPv6 General Prefixes IPv6 General Prefixes are usually distributed by IPv6 providers. They can be statically as- signed or obtained through DHCP. In most cases, they define /48 or /56 networks. You can derive /64 subnets from these prefixes and have them distributed in your network.
Page 166: Nat
11 Networking bintec elmeg GmbH Field Description A meaningful name helps selecting the General Prefix from a prefix list. Type Specify how the address range is to be assigned. Possible values: • (default value): The general prefix will be set dy- namically by DHCP transmission, e.g.
Page 167: Nat Interfaces
11 Networking bintec elmeg GmbH 11.3.1 NAT Interfaces A list of all NAT interfaces is displayed in the Networking->NAT->NAT Interfaces menu. For every NAT interface, the can be selected. In addition, displays how many port forwarding rules were configured for this interface.
Page 168: Nat Configuration
11 Networking bintec elmeg GmbH 11.3.2 NAT Configuration In the Networking->NAT->NAT Configuration menu you can exclude data from NAT simply and conveniently as well as translate addresses and ports. For outgoing data traffic you can configure various NAT methods, i.e. you can determine how an external host es- tablishes a connection to an internal host.
Page 169 11 Networking bintec elmeg GmbH Field Description ternally valid source port. Possible values: • (UDP only): Any given external host may send IP packets via the external address and the external port to the initiating source address and the initial source port.
Page 170 11 Networking bintec elmeg GmbH Field Description mask, etc.) are excluded by NAT. • : All the data packets that do not match the following parameters that are to be configured (protocol, source IP address/network mask, destination IP address/net- mask, etc.) are excluded by NAT.
Page 171 11 Networking bintec elmeg GmbH Field Description • • • • • • • • • Source IP Address/ Only for Type of traffic = Netmask Enter the source IP address and corresponding netmask of the original data packets, as the case arises.
Page 172 11 Networking bintec elmeg GmbH Field Description If you select you can specify a single port, if you select you can specify a continu- ous range of ports which will be a applied for filtering the outgo- ing data traffic...
Page 173 11 Networking bintec elmeg GmbH Field Description Leave the destination port as it appears or enter the destination port to which the original destination port is to be translated. Select to leave the original destination port. If you disable , an input field appears and you can enter a new destination port.
Page 174: Nat - Configuration Example
11 Networking bintec elmeg GmbH 11.3.3 NAT - Configuration example Requirements • Basic configuration of the gateway • A working Internet access. For example, Company Connect with 8 IP addresses. • The Ethernet interface ETH is connected to the access router to the internet (IP address •...
Page 175 11 Networking bintec elmeg GmbH Field Menu Value Description Network->NAT->NAT e.g. Configuration->New Interface Network->NAT->NAT Configuration->New Type of traffic Network->NAT->NAT Configuration->New Service Network->NAT->NAT Configuration->New Protocol Network->NAT->NAT Configuration->New Original Destination IP Network->NAT->NAT , e.g. Address/Netmask Configuration->New Original Destination Network->NAT->NAT Port/Range Configuration->New New Destination IP Ad- Network->NAT->NAT...
Page 176: Load Balancing
11 Networking bintec elmeg GmbH Terminal Server Field Menu Value Description Network->NAT->NAT e.g. Configuration->New Interface Network->NAT->NAT Configuration->New Type of traffic Network->NAT->NAT Configuration->New Service Network->NAT->NAT Configuration->New Protocol Network->NAT->NAT Configuration->New Original Destination IP Network->NAT->NAT Address/Netmask Configuration->New Original Destination Network->NAT->NAT Port/Range Configuration->New New Destination IP Ad- Network->NAT->NAT...
Page 177 11 Networking bintec elmeg GmbH • Related (dependent) sessions are always routed over the same interface. • A decision on distribution is only made for outgoing sessions. A list of all configured load balancing groups is displayed in the Networking->Load Balan- cing->Load Balancing Groups menu.
Page 178 11 Networking bintec elmeg GmbH Field Description sidered. Options: • : Only the data rate in the receive direction is con- sidered. • : Only the data rate in the send direction is con- sidered. By default, the options are disabled.
Page 179 11 Networking bintec elmeg GmbH Field Description • For is based on the number of distrib- uted sessions. • For , the data rate is the de- cisive factor. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
Page 180: Special Session Handling
11 Networking bintec elmeg GmbH Field Description taken into account in the context of load balancing. Links between the load balancing function and the host surveillance function are made through the configuration of the Tracking IP Address in the Load Balancing->Load Balancing Groups->Advanced Settings menu.
Page 181 11 Networking bintec elmeg GmbH 11.4.2.1 Edit or New Choose the icon to edit existing entries. Select the New button create new entries. The Networking->Load Balancing->Special Session Handling->New menu consists of the following fields: Fields in the Basic Parameters menu.
Page 182 11 Networking bintec elmeg GmbH Field Description • (default value) • : Enter the IP address of the host. • : Enter the network address and the related net- mask. Destination Port/Range Enter, if required, a destination port number or a range of des- tination port numbers.
Page 183: Load Balancing - Configuration Example
11 Networking bintec elmeg GmbH Fields in the Advanced Settings menu. Field Description Frozen Parameters Specify whether, when data packets are subsequently sent, the two parameters Destination Address and Destination Port must have the same value as the first data packet, i. e. whether the subsequent data packets must be routed via the same Des- tination Port to the same Destination Address.
Page 184 11 Networking bintec elmeg GmbH Configuration target • The data traffic is distributed half and half to the two ADSL lines based on IP sessions. • We shall then take the example of encrypted HTTP connections (HTTPS) to describe how to effectively avoid any loss of connection that might occur when distributing to dif- ferent Internet accesses.
Page 185 11 Networking bintec elmeg GmbH Set up the second Internet connection Field Menu Value Connection Type Assistants->Internet Access->Internet Connections->New Description Assistants->Internet Access->Internet e.g. Connections->New->Next Physical Ethernet Assistants->Internet Access->Internet e.g. Port Connections->New->Next Type Assistants->Internet Access->Internet Connections->New->Next Login Name Assistants->Internet Access->Internet e.g.
Page 186: Qos
11 Networking bintec elmeg GmbH Field Menu Value Special Handling Network->Load Balancing->Special seconds Timer Session Handling->New 11.5 QoS QoS (Quality of Service) makes it possible to distribute the available bandwidths effectively and intelligently. Certain applications can be given preference and bandwidth reserved for them.
Page 187 11 Networking bintec elmeg GmbH Field Description • • • • The default value is Protocol Select a protocol. option (default value) matches any protocol. Type Only for Protocol = Select the type. Possible values: See RFC 792. The default value is...
Page 188 11 Networking bintec elmeg GmbH Field Description Possible values: • (default value): The destination IP address/length are not specified. • : Enter the destination IP address of the host. • : Enter the destination network address and the pre- fix length.
Page 189 11 Networking bintec elmeg GmbH Field Description Possible values: • (default value): The source port is not specified. • : Enter a source port. • : Enter a source port range. DSCP/TOS Filter Select the Type of Service (TOS). (Layer 3) Possible values: •...
Page 190: Qos Classification
11 Networking bintec elmeg GmbH 11.5.2 QoS Classification The data traffic is classified in the Networking->QoS->QoS Classification menu, i.e. the data traffic is associated using class IDs of various classes. To do this, create class plans for classifying IP packets based on pre-defined IP filters. Each class plan is associated to at least one interface via its first filter.
Page 191 11 Networking bintec elmeg GmbH Field Description • : Incoming data packets are assigned to the class (Class ID) that is then to be defined. • (default value): Outgoing data packets are as- signed to the class (Class ID) that is then to be defined.
Page 192: Qos Interfaces/Policies
11 Networking bintec elmeg GmbH Field Description • : The TOS value is specified in binary format, e.g. 00111111. • : The TOS value is specified in decimal format, e.g. 63. • : The TOS value is specified in hexadecimal format, e.g. 3F.
Page 193 11 Networking bintec elmeg GmbH 11.5.3.1 New Choose the New button to create additional prioritisations. The Networking->QoS->QoS Interfaces/Policies->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Interface Select the interface for which QoS is to be configured.
Page 194 11 Networking bintec elmeg GmbH Field Description send direction in kbit per second. Possible values are The default value is , i.e. no limits are set, the selected inter- face can occupy its maximum bandwidth. Protocol Header Size Only for Traffic shaping = enabled.
Page 195 11 Networking bintec elmeg GmbH Field Description • • AES128, AES192, AES256, Twofish - (cipher block size = 128 Bit) Real Time Jitter Con- Only for Traffic shaping = enabled trol Real Time Jitter Control optimises latency when forwarding real time datagrams.
Page 196 11 Networking bintec elmeg GmbH Field Description and for data traffic classified as moving in both directions). Add new entries with Add. The Edit Queue/Policy menu opens. By creating a QoS policy a DEFAULT entry with the lowest pri- ority 255 is automatically created.
Page 197 11 Networking bintec elmeg GmbH Field Description Choose the priority of the queue. Possible values are The default value is . RTT Mode (Realtime Active or deactivate the real time transmission of the data. Traffic Mode) The function is enabled with The function is disabled by default.
Page 198 11 Networking bintec elmeg GmbH Field Description occupy bandwidth beyond the bandwidth limit that has been set. The function is enabled with The function is disabled by default. Burst size Only for Traffic Shaping = enabled. Enter the maximum number of bytes that may still be transmit- ted temporarily when the data rate permitted for this queue has been reached.
Page 199: Access Rules
• source and/or destination port (port ranges are supported) Access lists are an effective means if, for example, sites with LANs interconnected over a bintec elmeg gateway wish to deny all incoming FTP requests or only allow Telnet sessions between certain hosts.
Page 200: Access Filter
11 Networking bintec elmeg GmbH There are various approaches for the definition of rules and rule chains: Allow all packets that are not explicitly denied, i.e.: • Deny all packets that match Filter 1. • Deny all packets that match Filter 2.
Page 201 11 Networking bintec elmeg GmbH 11.6.1.1 Edit or New Choose the icon to edit existing entries. To configure access fitters, select the New but- ton. The Networking->Access Rules->Access Filter->New menu consists of the following fields: Fields in the Basic Parameters menu.
Page 202 11 Networking bintec elmeg GmbH Field Description • • • The default value is See RFC 792. Connection State Only if Protocol = You can define a filter that takes the status of the TCP connec- tions into account. Possible values: •...
Page 203 11 Networking bintec elmeg GmbH Field Description Possible values: • (default value): The filter is valid for all port numbers • : Enables the entry of a port number. • : Enables the entry of a range of port numbers.
Page 204: Rule Chains
11 Networking bintec elmeg GmbH Field Description • (default value): The type of service is ignored. • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format, 6 bit).
Page 205: Interface Assignment
11 Networking bintec elmeg GmbH Field Description Rule Chain Select whether to create a new rule chain or to edit an existing one. Possible values: • (default value): You can create a new rule chain with this setting. • : Select an already existing rule chain, and thus add another rule to it.
Page 206 11 Networking bintec elmeg GmbH A list of all configured interface assignments is displayed in the Networking->Access Rules->Interface Assignment menu. 11.6.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure additional assignments. The Networking->Access Rules->Interface Assignment->New menu consists of the fol- lowing fields: Fields in the Basic Parameters menu.
Page 207: Chapter 12 Multicast
12 Multicast bintec elmeg GmbH Chapter 12 Multicast What is multicasting? Many new communication technologies are based on communication from one sender to several recipients. Therefore, modern telecommunication systems such as voice over IP or video and audio streaming (e.g. IPTV or Webradio) focus on reducing data traffic, e.g. by offering TriplePlay (voice, video, data).
Page 208: General
12 Multicast bintec elmeg GmbH dedicated host, but rather a group, i.e. during the routing of multicast packets, the decisive factor is whether a recipient is in a logged-in subnet. In the local network, all hosts are required to accept all multicast packets. For Ethernet or FDD, this is based on MAC mapping, where the group address is encoded into the destina- tion MAC address.
Page 209: Igmp
12 Multicast bintec elmeg GmbH 12.1.1 General In the Multicast->General->General menu you can disable or enable the multicast func- tion. The Multicast->General->General menu consists of the following fields: Fields in the Basic Settings menu. Field Description Multicast Routing Select whether Multicast Routing should be used.
Page 210 12 Multicast bintec elmeg GmbH The Multicast->IGMP->IGMP->New menu consists of the following fields: Fields in the IGMP Settings menu. Field Description Interface Select the interface on which IGMP is to be enabled, i.e. queries are sent and responses are accepted.
Page 211 12 Multicast bintec elmeg GmbH Field Description IGMP State Limit Limit the number of reports/queries per second for the selected interface. Mode Specify whether the interface defined here only works in host mode or in both host mode and routing mode.
Page 212: Options
12 Multicast bintec elmeg GmbH 12.2.2 Options In this menu, you can enable and disable IGMP on your system. You can also define whether IGMP is to be used in compatibility mode or only IGMP V3 hosts are to be accep- ted.
Page 213: Forwarding
12 Multicast bintec elmeg GmbH Field Description The default value is , i.e. the number of IGMP status mes- sages is not limited. 12.3 Forwarding 12.3.1 Forwarding In this menu, you specify which multicast groups are always passed between the interfaces of your device.
Page 214: Chapter 13 Wan
13 WAN bintec elmeg GmbH Chapter 13 WAN This menu offers various options for configuring accesses or connections from your LAN to the WAN. You can also optimise voice transmission here for telephone calls over the Inter- net. 13.1 Internet + Dialup In this menu, you can set up Internet access or dialup connections.
Page 215: Pppoe
13 WAN bintec elmeg GmbH Field Description administratively set to down (deactivated); connection setup not possible 13.1.1 PPPoE A list of all PPToE interfaces is displayed in the WAN->Internet + Dialup->PPPoE menu. PPP over Ethernet (PPPoE) is the use of the Point-to-Point Protocol (PPP) network pro- tocol over an Ethernet connection.
Page 216 13 WAN bintec elmeg GmbH Field Description Select the Ethernet interface specified for a standard PPPoE connection. If you want to use an external DSL modem, select the Ethernet port to which the modem is connected. When using the internal DSL modem, select here the EthoA in- terface configured in WAN->ATM->Profiles->New.
Page 217 13 WAN bintec elmeg GmbH Field Description connection. Possible values are (seconds). deactivates the short hold. The default value is Example: for FTP transmission, for LAN-to-LAN trans- mission, for Internet connections. Fields in the IPv4 Settings menu. Field Description Security Policy Select the security settings to be used with the interface.
Page 218 13 WAN bintec elmeg GmbH Field Description The function is enabled with The function is enabled by default. Local IP Address Only if IP Address Mode = Enter the static IP address of the connection partner. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner.
Page 219 13 WAN bintec elmeg GmbH Field Description We recommend you use this setting if you want to use IPv6 on your LAN. You can configure exceptions for the selected setting in the Firewall on page 277 menu. IPv6 Mode Only for IPv6 = The selected PPPoE interface is operated in host mode.
Page 220 13 WAN bintec elmeg GmbH Field Description Advertisement = and DHCP Server = you need to configure its IPv6 addresses here. Use Add to create more entries. Fields in the Link Prefix menu. Field Description Setup Mode Select in which way the Link Prefix is to be determined.
Page 221 13 WAN bintec elmeg GmbH Field Description Enter a Subnet ID in order to define a subnet. The subnet ID de- scribes the fourth of the four 16 bit fields of a Link Prefix. Possible values are Upon subnet creation the decimal ID value is converted to a hexadecimal one.
Page 222 13 WAN bintec elmeg GmbH Field Description fault value is Maximum Number of Enter the number of unsuccessful attempts to setup a connec- Dialup Retries tion before the interface is blocked. Possible values are The default value is . Authentication Select the authentication protocol for this connection partner.
Page 223: Pptp
13 WAN bintec elmeg GmbH Field Description The function is disabled by default. LCP Alive Check Select whether the availability of the remote terminal is to be checked by sending LCP echo requests or replies. This makes it possible to switch to a backup connection more quickly in the event of line faults.
Page 224 13 WAN bintec elmeg GmbH Field Description The first character in this field must not be a number No special characters or umlauts must be used. PPTP Ethernet Inter- Select the IP interface over which packets are to be transported face to the remote PPTP terminal.
Page 225 13 WAN bintec elmeg GmbH Field Description Possible values: • : All IP packets are allowed through except for those which are explicitly prohibited.. • (default value): Only those packets are transmit- ted that can be attributed to a connection that has been initi- ated from a trusted zone.
Page 226 13 WAN bintec elmeg GmbH Field Description • : IP address of the destination host or network. • : Netmask for Remote IP Address If no entry is made, your device uses a default netmask. • : The lower the value, the higher the priority of the route (range of values ...
Page 227 13 WAN bintec elmeg GmbH Field Description lect this option. DNS Negotiation Select whether your device receives IP addresses for Primary DNS Server and Secondary DNS Server from the connection partner or sends these to the connection partner. The function is enabled with The function is enabled by default.
Page 228: Pppoa
13 WAN bintec elmeg GmbH 13.1.3 PPPoA A list of all PPPoA interfaces is displayed in the WAN->Internet + Dialup->PPPoA menu. In this menu, you configure a xDSL connection used to set up PPPoA connections. With PPPoA, the connection is configured so that the PPP data flow is transported directly over an ATM network (RFC 2364).
Page 229 13 WAN bintec elmeg GmbH Field Description Enter the idle time in seconds for static short hold. The static short hold setting determines how many seconds should pass between sending the last traffic data packet and clearing the connection. Possible values are (seconds).
Page 230 13 WAN bintec elmeg GmbH Field Description Create NAT Policy Specify whether Network Address Translation (NAT) is to be ac- tivated. The function is enabled with The function is enabled by default. Local IP Address Only for IP Address Mode = Enter the static IP address you received from your provider.
Page 231 13 WAN bintec elmeg GmbH Field Description • : All IP packets are allowed through except for those which are explicitly prohibited. We recommend you use this setting if you want to use IPv6 on your LAN. You can configure exceptions for the selected setting in the Firewall on page 277 menu.
Page 232 13 WAN bintec elmeg GmbH Field Description If your device is operating in router mode (IPv6 Mode = , Transmit Router Advertisement = and DHCP Server = you need to configure its IPv6 addresses here. Use Add to create more entries.
Page 233 13 WAN bintec elmeg GmbH Field Description Subnet ID Only if Auto Subnet Configuration is not active. Enter a Subnet ID in order to define a subnet. The subnet ID de- scribes the fourth of the four 16 bit fields of a Link Prefix.
Page 234 13 WAN bintec elmeg GmbH Field Description failure for again after an attempt to set up a connection has failed. The de- fault value is Maximum Number of Enter the number of unsuccessful attempts to setup a connec- Dialup Retries tion before the interface is blocked.
Page 235: Ip Pools
13 WAN bintec elmeg GmbH Field Description The function is enabled with The function is disabled by default. LCP Alive Check Select whether the availability of the remote terminal is to be checked by sending LCP echo requests or replies. This is re- commended for leased lines, PPTP and L2TP connections.
Page 236: Atm
13 WAN bintec elmeg GmbH Field Description DNS Server Primary: Enter the IP address of the DNS server that is to be used, preferably, by clients who draw an address from this pool. Secondary: Optionally, enter the IP address of an alternative DNS server.
Page 237: Profiles
13 WAN bintec elmeg GmbH 13.2.1 Profiles A list of all ATM profiles is displayed in the WAN->ATM->Profiles menu. If the connection for your Internet access is set up using the internal modem, the ATM con- nection parameters must be set for this. An ATM profile combines a set of parameters for a specific provider.
Page 238 13 WAN bintec elmeg GmbH Field Description (EthoA) is used for the ATM connection (Permanent Virtual Circuit, PVC). • : Routed Protocols over ATM (RPoA) is used for the ATM connection (Permanent Vir- tual Circuit, PVC). • : PPP over ATM (PPPoA) is used for the ATM connection (Permanent Virtual Circuit, PVC).
Page 239 13 WAN bintec elmeg GmbH Field Description Check Sequence (checksums). • (default value for Routed Protocols over ATM): Is only displayed for Type = Encapsulation with LLC/SNAP header, suitable for IP routing. • : only displayed for Type = Encapsulation with LLC header.
Page 240 13 WAN bintec elmeg GmbH Field Description connection, e.g. . An entry is only re- quired in special cases. For Internet connections, it is sufficient to select the option Use built-in (default setting). An address is used which is derived...
Page 241: Service Categories
13 WAN bintec elmeg GmbH Field Description Client Type Select whether the PPPoA connection is to be set up perman- ently or on demand. Possible values: • (default value): The PPPoA is only set up on demand, e.g. for Internet access.
Page 242 13 WAN bintec elmeg GmbH Field Description ATM Service Category Select how the data traffic of the ATM connection is to be con- trolled. A priority is implicitly assigned when you select the ATM service category: from CBR (highest priority) through VBR.1 /VBR.3 to VBR (lowest priority).
Page 243: Oam Controlling
13 WAN bintec elmeg GmbH Field Description in bits per second. Possible values: The default value is . Maximum Burst Size Only for ATM Service Category = (MBS) Enter a value for the maximum number of bits per second by which the PCR can be exceeded briefly.
Page 244 13 WAN bintec elmeg GmbH In the WAN->ATM->OAM Controlling menu, a list of all monitored OAM flow levels is dis- played. 13.2.3.1 New Choose the New button to set up monitoring for other flow levels. The menu WAN->ATM->OAM Controlling->New consists of the following fields: Fields in the OAM Flow Configuration menu.
Page 245 13 WAN bintec elmeg GmbH Field Description Possible values are The default value is 5. End-to-End Pending Only if Loopback End-to-End is enabled. Requests Enter the number of directly consecutive loopback cells that may fail to materialise before the connection is regarded as in- terrupted ("down").
Page 246 13 WAN bintec elmeg GmbH Field Description • (default value): OAM CC requests are responded to after CC negotiation (CC activation negotiation). • : OAM CC requests are sent after CC negotiation (CC activation negotiation). • : OAM CC requests are sent and answered after CC ne- gotiation (CC activation negotiation).
Page 247: Real Time Jitter Control
13 WAN bintec elmeg GmbH Field Description • (default value): CC data is both received and gener- ated. • : CC data is received. • : CC data is generated. 13.3 Real Time Jitter Control When telephoning over the Internet, voice data packets normally have the highest priority.
Page 248 13 WAN bintec elmeg GmbH Field Description • : All RTP streams are optimised. • : Voice data transmission is not optimised. • : Voice data transmission is always optimised. Maximum Upload Enter the maximum available upstream bandwidth in kbp/s for Speed the selected interface.
Page 249: Chapter 14 Vpn
Internet Key Exchange (IKE) protocol. Additional IPv4 Traffic Filter bintec elmeg gateways support two different methods of setting up IPSec connections: • a method based on policies and • a method based on routing.
Page 250: Ipsec Peers
14 VPN bintec elmeg GmbH learned routes are used to negotiate the IPSec phase 2 SAs. Although this method does simplify many configurations, problems may also be caused by competing routes or the "coarser" filtering of data traffic. The Additional IPv4 Traffic Filter parameter fixes this problem. You can apply a "finer" fil- ter, i.e.
Page 251 14 VPN bintec elmeg GmbH The menu VPN->IPSec->IPSec Peers->New consists of the following fields: Fields in the menu Peer Parameters Field Description Administrative Status Select the status to which you wish to set the peer after saving the peer configuration.
Page 252 14 VPN bintec elmeg GmbH Field Description The maximum length of the entry is 255 characters. Possible ID types: • : Any string • • • • : Any string On the peer device, this ID corresponds to the Local ID Value.
Page 253 14 VPN bintec elmeg GmbH Field Description • : Any string Local ID Only for Internet Key Exchange = Enter the ID of your device. For Authentication Method = the option Use Subject Name from certificate is dis- played. When you enable the option Use Subject Name from certific-...
Page 254 14 VPN bintec elmeg GmbH Field Description those which are explicitly prohibited. • (default value): Only those packets are transmit- ted that can be attributed to a connection that has been initi- ated from a trusted zone. You can configure exceptions for the selected setting in the Firewall on page 277 menu.
Page 255 14 VPN bintec elmeg GmbH Field Description The function is enabled with The function is disabled by default. Local IP Address Only for IP Address Assignment = Enter the WAN IP address of your IPSec tunnel. This can be the same IP address as the address configured on your router as the LAN IP address.
Page 256 . The lower the value entered for Priority, the higher the prior- ity of the route. Additional data traffic filters bintec elmeg Gateways support two different methods for establishing IPSec connections: • a method based on policies and • a method based on routing.
Page 257 14 VPN bintec elmeg GmbH "finely", i. e. you can, e. g., specify the source IP address or the source port. If there is a Additional IPv4 Traffic Filter configured, it is used to negotiate the IPSec phase 2 SAs;...
Page 258 14 VPN bintec elmeg GmbH Field Description (= -1) means that the port remains unspecified. Destination IP Ad- Enter the destination IP address and corresponding netmask of dress/Netmask the data packets. Destination Port Only for Protocol = Enter the destination port of the data packets. The default set- ting (= -1) means that the port remains unspecified.
Page 259 14 VPN bintec elmeg GmbH Field Description XAUTH Profile Select a profile created in VPN->IPSec->XAUTH Profiles if you wish to use this IPSec peer XAuth for authentication. If XAuth is used together with IKE Config Mode, the transac- tions for XAuth are carried out before the transactions for IKE Config Mode.
Page 260 14 VPN bintec elmeg GmbH Field Description This solution requires that the routing for the peers has to be configured in a way that a connection to the remote site is actu- ally possible via either of them. Moreover, the routing metric for the backup peer should be lesser than for the primary peer.
Page 261 Note that MobIKE requires a current IPSec client, e. g. the cur- rent Windows 7 or Windows 8 client or the latest version of the bintec elmeg IPSec client. IPv4 Proxy ARP Select whether your device is to respond to ARP requests from its own LAN on behalf of the specific connection partner.
Page 262 GmbH IPSec Callback bintec elmeg devices support the DynDNS service to enable hosts without fixed IP ad- dresses to obtain a secure connection over the Internet. This service enables a peer to be identified using a host name that can be resolved by DNS. You do not need to configure the IP address of the peer.
Page 263 14 VPN bintec elmeg GmbH Note To use the IP address transfer over ISDN function, you must obtain a free-of-charge extra licence. You can obtain the licence data for extra licences via the online licensing pages in the support section at www.bintec-elmeg.com...
Page 264 14 VPN bintec elmeg GmbH rent IP address in the MIB entry belonging to peer B. (3) Your device sends the initial ISDN call to peer B, which transfers the IP address of peer A and the token as per the callback configuration.
Page 265 14 VPN bintec elmeg GmbH Field Description tunnel is executed (after an incoming ISDN call) and initiated (by an outgoing ISDN call). Incoming Phone Num- Only for Mode = Enter the ISDN number from which the remote device calls the local device (calling party number).
Page 266: Phase-1 Profiles
14 VPN bintec elmeg GmbH Field Description address in the B channel. This incurs costs. D Channel Mode Only for Transfer Mode = Select the D channel mode in which your device tries to transfer the IP address. Possible values: •...
Page 267 14 VPN bintec elmeg GmbH Field Description hash algorithms gives 24 possible values in this field. At least one proposal must exist. Therefore the first line of the table can- not be deactivated. Encryption algorithms (Encryption): • : 3DES is an extension of the DES algorithm with an ef- fective key length of 112 bits, which is rated as secure.
Page 268 The Diffie-Hellman group defines the parameter set used as the basis for the key calculation during phase 1. "MODP" as sup- ported by bintec elmeg devices stands for "modular exponenti- ation". The following groups with their corresponding bit values are available: •...
Page 269 14 VPN bintec elmeg GmbH Field Description • Input in Seconds: Enter the lifetime for phase 1 key in seconds. The value can be a whole number from 0 to 2147483647. The default value is , which means the key must be renewed once four hours have elapsed.
Page 270 14 VPN bintec elmeg GmbH Field Description • (default value): The Aggressive Mode is ne- cessary if one of the peers does not have a static IP address and preshared keys are used for authentication. It requires only three messages to configure a secure channel.
Page 271 14 VPN bintec elmeg GmbH Field Description both use the same name, i.e. that your local ID and the peer ID your partner configures for you are identical. Alive Check During communication between two IPSec peers, one of the peers may become unavail- able, e.g.
Page 272 14 VPN bintec elmeg GmbH Field Description accordance with RFC 3706. DPD uses a request-reply pro- tocol to check the availability of the remote terminal and can be configured independently on both sides. This option only checks the availability of the peer if data is to be sent to it.
Page 273: Phase-2 Profiles
14 VPN bintec elmeg GmbH Field Description Possible values: • (default value): NAT Traversal is enabled. • : NAT Traversal is disabled. • : The device always behaves as it would if NAT were in use. Only for The function is enabled with The function is enabled by default.
Page 274 14 VPN bintec elmeg GmbH Field Description The maximum length of the entry is 255 characters. Proposals In this field, you can select any combination of encryption and message hash algorithms for IKE phase 2 on your default. The combination of six encryption algorithms and two message hash algorithms gives 12 possible values in this field.
Page 275 14 VPN bintec elmeg GmbH Field Description Hash algorithms (Authentication): • : MD5 (Message Digest #5) is an older hash algorithm. It is used with a 96 bit digest length for IPSec. • : All options can be used. •...
Page 276 The function is enabled with The function is disabled by default. Alive Check Select whether and how IPSec heartbeats are used. A bintec elmeg IPSec heartbeat is implemented to determine be.IP 4isdn...
Page 277: Xauth Profiles
20 seconds, the SA is discarded as invalid. Possible values: • (default value): Automatic detection of whether the remote terminal is a bintec elmeg device. If it is, (for a remote terminal with bintec elmeg) or (for a remote terminal without bintec el- meg) is set.
Page 278 14 VPN bintec elmeg GmbH iPhones. Authorisation is verified either on the basis of a list or via a Radius Server. If using a one time password (OTP), the password check can be carried out by a token server (e.g.
Page 279: Ip Pools
14 VPN bintec elmeg GmbH Field Description • : Authentication is carried out via a local list. Name Only for Role = Enter the authentication name of the client. Password Only for Role = Enter the authentication password. RADIUS Server Group Only for Role = Select the desired list in System Management->Remote Au-...
Page 280: Options
14 VPN bintec elmeg GmbH Field Description IP Address Range Enter the first (first field) and last (second field) IP address of the IP address pool. DNS Server Primary: Enter the IP address of the DNS server that is to be used, preferably, by clients who draw an address from this pool.
Page 281 The default val- ues are globally valid and enable your system to work correctly to other bintec elmeg devices, so that you only need to change these values if the remote terminal is a third-party product or you know special settings are necessary.
Page 282 14 VPN bintec elmeg GmbH Field Description The function is disabled by default. Use Zero Cookies Select whether zeroed ISAKMP Cookies are to be sent. These are equivalent to the SPI (Security Parameter Index) in IKE proposals; as they are redundant, they are normally set to the value of the negotiation currently in progress.
Page 283: Be.ip Secure Client
14 VPN bintec elmeg GmbH Field Description The function is enabled by default. Deactivate this function if you do not wish to send the peer the certificates of all levels (from your level to the CA level). Send CRLs Select whether CRLs are to be sent during IKE (phase 1).
Page 284 14 VPN bintec elmeg GmbH been replaced. As a result, all routes to the previous address and to the device have to be replaced, as well. From the perspective of LISP addressing, the internet can be seen as structured as follows: The internet is broken into a public realm, the Internet Core, and into private, LISP-enabled networks, LISP sites, which are connected to the Internet Core.
Page 285: Router (Itr/Etr)
14 VPN bintec elmeg GmbH 14.3.1 Router (ITR/ETR) The menu VPN->LISP Light->Router (ITR/ETR) displays a list of all Egress Tunnel Routers (ETR, top card) and of all Ingress Tunnel Routers (ITR, bottom card). Your device operates as Egress Tunnel Router as well as as Ingress Tunnel Router.
Page 286 14 VPN bintec elmeg GmbH Field Description Map-Register time Configure the time to pass between two register messages sent period (in sec.) to the Map Server in seconds. The default value is HMAC truncation The message signature can be written to the data packet either...
Page 287: Local/Remote-Sites
14 VPN bintec elmeg GmbH Field Description The default value is one second. Max. Number of Specify how many consequent Map Requests may remain un- pending Map-Requests answered before switching to the next Map Resolver. This settings determines data loss tolerance.
Page 288 14 VPN bintec elmeg GmbH Field Description Route Locator (RLOC) In order for the remote tunnel router to know at which IP ad- IP address dress your device can be reached, a globally routable IP ad- dress (RLOC of the ETR role) is automatically determined and displayed.
Page 289: Eid Prefix Segregation (Lisp Instances)
14 VPN bintec elmeg GmbH 14.3.3 EID Prefix Segregation (LISP Instances) The menu VPN->LISP Light->EID Prefix Segregation (LISP Instances) displays a list of all configured LIPS Instances. Note If you intend to operate only a single network, you do not need to create any instances.
Page 290 14 VPN bintec elmeg GmbH Field Description MTU) in bytes that can be used for the connection between the virtual LISP interfaces. The default value is Maximum number of Specify the maximum number of EID/RLOC entries in the cached EID/RLOC cache.
Page 291: Chapter 15 Firewall
15 Firewall bintec elmeg GmbH Chapter 15 Firewall The Stateful Inspection Firewall (SIF) provided for bintec elmeg gateways is a powerful se- curity feature. The SIF with dynamic packet filtering has a decisive advantage over static packet filtering: The decision whether or not to send a packet cannot be made solely on the basis of source and destination addresses or ports but also using dynamic packet filtering based on the state of the connection to a partner.
Page 292: Policies
15 Firewall bintec elmeg GmbH One of the basic functions of NAT is the translation of the local IP addresses of your LAN into the global IP addresses you are assigned by your ISP and vice versa. All connections initiated externally are first blocked, i.e. every packet your device cannot assign to an exist- ing connection is rejected.
Page 293: Ipv4 Filter Rules
15 Firewall bintec elmeg GmbH 15.1.1 IPv4 Filter Rules The default behaviour with Action = consists of two implicit filter rules: If an in- coming packet can be assigned to an existing connection and if a suitable connection is ex- pected (e.g.
Page 294 15 Firewall bintec elmeg GmbH The menu Firewall->Policies+IPv4 Filter Rules->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Source Select one of the preconfigured aliases for the source of the packet. In the list, all WAN/LAN interfaces, interface groups (see Fire- wall->Interfaces->Groups), addresses (see Firewall->Ad-...
Page 295: Ipv6 Filter Rules
15 Firewall bintec elmeg GmbH Field Description In addition, the service groups configured in Firewall->Services->Groups can be selected. Action Select the action to be applied to a filtered packet. Possible values: • (default value): The packets are forwarded on the basis of the entries.
Page 296 15 Firewall bintec elmeg GmbH You can use the button to insert another policy above the list entry. The configuration menu for creating a new policy opens. You can use the button to move the list entry. A dialog box opens, in which you can se- lect the position to which the policy is to be moved.
Page 297: Options
15 Firewall bintec elmeg GmbH Field Description Additional services are created in Firewall->Services->Service List. In addition, the service groups configured in Firewall->Services->Groups can be selected. Select the action to be applied to a filtered packet. Action Possible values: • (default value): The packets are forwarded on the basis of the entries..
Page 298 15 Firewall bintec elmeg GmbH Field Description • (default value): All firewall activities are displayed. • : Only reject and deny events are shown, see "Action". • : Only accept events are shown. • : Syslog messages are not generated.
Page 299: Interfaces
15 Firewall bintec elmeg GmbH Field Description garded as expired (in seconds). Possible values are The default value is PPTP Inactivity Enter the inactivity time after which a PPTP session is to be re- garded as expired (in seconds). Possible values are...
Page 300: Ipv6 Groups
15 Firewall bintec elmeg GmbH Field Description Description Enter the desired description of the IPv4 interface group. Members Select the members of the group from the available interfaces. To do this, activate the field in the Selection column. 15.2.2 IPv6 Groups A list of all configured IPv6 interface routes is displayed in the Firewall->Interfaces+IPv6...
Page 301: Groups
15 Firewall bintec elmeg GmbH Fields in the Basic Parameters menu. Field Description Description Enter the desired description of the address. IPv4 Allows configuration of IPv4 address lists. The function is enabled with The function is enabled by default. Address Type Only for IPv4 = Select the type of address you want to specify.
Page 302: Services
15 Firewall bintec elmeg GmbH You can group together addresses. This makes it easier to configure firewall rules. 15.3.2.1 New Choose the New button to set up additional address groups. The menu Firewall->Addresses->Groups->New consists of the following fields: Fields in the Basic Parameters menu.
Page 303 15 Firewall bintec elmeg GmbH The menu Firewall->Services->Service List->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter an alias for the service you want to configure. Protocol Select the protocol on which the service is to be based. The most important protocols are available for selection.
Page 304: Groups
15 Firewall bintec elmeg GmbH Field Description • • • • • • • • • • • • Code Selection options for the ICMP codes are only available for Type = Possible values: • (default value) • • •...
Page 305: Configuration
15 Firewall bintec elmeg GmbH 15.4.2.1 New Choose the New button to set up additional service groups. The menu Firewall->Services->Groups->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the desired description of the service group.
Page 306 15 Firewall bintec elmeg GmbH TPS, FTP, DNS). • The gateway should operate as a DNS proxy, which means that the clients use the gate- way as a DNS server. • Only the system administrator and the director should be able to established an HTTP and a Telnet connection to the gateway.
Page 307 15 Firewall bintec elmeg GmbH Field Menu Value dress List ->New Address / Subnet Firewall-> Addresses ->Ad- e.g. dress List-> New with Description Firewall ->Addresses-> Ad- e.g. dress List ->New Address Type Firewall-> Addresses ->Ad- dress List-> New Address / Subnet Firewall->...
Page 308 15 Firewall bintec elmeg GmbH Field Menu Value Source Location Firewall ->Policies ->IPv4 Filter Rules-> New Destination Firewall-> Policies ->IPv4 Filter Rules-> New Service Firewall ->Policies ->IPv4 Filter Rules-> New Action Firewall-> Policies ->IPv4 Filter Rules-> New Filter rules 2: Use gateway as DNS proxy...
Page 309 15 Firewall bintec elmeg GmbH Filter rules 4: Allow access to all services on the Internet (Director) Field Menu Value Source Location Firewall ->Policie s->IPv4 Filter Rules-> New Destination Firewall-> Policies-> IPv4 Filter Rules-> New Service Firewall ->Policie s->IPv4 Filter Rules-> New Action Firewall->...
Page 310: Chapter 16 Voip
16 VoIP bintec elmeg GmbH Chapter 16 VoIP Voice over IP (VoIP) uses the IP protocol for voice and video transmission. The main difference compared with conventional telephony is that the voice information is not transmitted over a switched connection in a telephone network, but divided into data packets by the Internet protocol and these packets are then passed to the destination over undefined paths in a network.
Page 311 16 VoIP bintec elmeg GmbH Field Description Interface Type Select the interface type to be used. The selection depends on the interfaces available. Possible values: • : A SIP terminal device is used for the call. • : An ISDN terminal device is used for the call. Can only be selected if ISDN interfaces configured with Euro ISDN point-to-multipoint (NT mode) are available.
Page 312 16 VoIP bintec elmeg GmbH Field Description correspondent. Registration and authentication are not then needed and the Registration function is disabled. An example of this method is Microsoft Exchange SIP. Expire Time Only if Registration is enabled. Enter the time in seconds after which the current registration be- comes invalid and a new registration request is therefore sent.
Page 313 16 VoIP bintec elmeg GmbH Field Description If a protocol has been automatically recognised, it should not be changed. Port Enter the number of the UDP, TCP port or TLS ports to be used for the connection to the server or proxy.
Page 314 16 VoIP bintec elmeg GmbH Field Description • : Compressed from 55 to 32 kbps • : Compressed from 47 to 24 kbps • : Compressed from 39 to 16 kbps • : DTMF Outband. First the system attempts to use RFC 2833.
Page 315: Sip Accounts
16 VoIP bintec elmeg GmbH Field Description Packet Size Specify how many milliseconds of voice an RTP data packet should contain. Possible values are The default value is 16.1.2 SIP Accounts If your want your device to connect to other SIP servers (e.g. servers of Internet SIP Ser- vice providers), you can configure the necessary entries here.
Page 316 16 VoIP bintec elmeg GmbH Field Description Description Enter the name of the SIP account. Administrative Status Select whether the SIP account should be enabled or disabled. The function is enabled with The function is enabled by default. Trunk Mode Select whether and in which trunk mode the SIP account should be operated.
Page 317 16 VoIP bintec elmeg GmbH Field Description A maximum of 32 characters can be entered. Here you must make an entry only if, for all SIP sessions, the communication is not to be direct but via a further proxy. In SIP client mode: Enter a name or IP address only if this is ex- plicitly specified by the provider.
Page 318 16 VoIP bintec elmeg GmbH Field Description In SIP server mode: Define a PIN or a password. A maximum of 40 characters can be entered. Location Set the location of the VoIP subscriber. Possible values: • (default value): The VoIP subscriber is only registered if located within the private network.
Page 319 16 VoIP bintec elmeg GmbH Field Description number is extracted. Possible values: • (default value): Extracts the number from the first part of the address. If this fails, the number is extracted from the second part of the address. •...
Page 320 16 VoIP bintec elmeg GmbH Field Description Possible values: • (default value): The user-configured user name is displayed. • : The user-configured number the called party is displayed. • : The actual phone number from which the calls is initiated (e.g. for billing purposes) is displayed.
Page 321 16 VoIP bintec elmeg GmbH Field Description (exchange) number of an exchange. Billing Number Enter the phone number from which the call is established. The menu Advanced Settings consists of the following fields: Fields in the Codec Settings menu. Field...
Page 322 16 VoIP bintec elmeg GmbH Field Description use RFC 2833. If the remote terminal does not use this stand- ard, SIP Info is used. • : Allows the transmission of fax messages over data networks. • : SRTP is an encrypted variant of the Real-Time Trans- port Protocol (RTP).
Page 323: Locations
16 VoIP bintec elmeg GmbH Field Description The default value is 16.1.3 Locations In the VoIP->Settings->Locations menu you configure the locations of the VoIP sub- scribers who have been configured on your system, and define the bandwidth management for the VoIP traffic.
Page 324 16 VoIP bintec elmeg GmbH Field Description Description Enter the description of the entry. Parent Location You can cascade the SIP locations as you wish. Define here which SIP location that has been defined constitutes the high- level node for the SIP location to be configured here.
Page 325: Isdn Trunks
16 VoIP bintec elmeg GmbH Field Description Downstream Band- Determine whether the downstream bandwidth is to be restric- width Limitation ted. The bandwidth is reduced with The function is disabled by default. Maximum Downstream Enter the maximum data rate in the receive direction in kBits per Bandwidth second.
Page 326: Options
16 VoIP bintec elmeg GmbH In this menu, the ISDN party lines (bundles) are defined. 16.1.4.1 Edit or New Choose the icon to edit existing entries. Select the New button to create a new party line. The VoIP->Settings->ISDN Trunks menu consists of the following fields: Fields in the Basic Parameters menu.
Page 327 16 VoIP bintec elmeg GmbH Field Description The function is enabled with The function is disabled by default. Session Border Con- Specify how the media gateway should behave in conjunction troller Mode with a session border controller mode. Possible values: •...
Page 328 16 VoIP bintec elmeg GmbH Field Description tion If the function is enabled, RTP sessions are terminated on the media gateway, i.e. all RTP streams are controlled by the media gateway and routed via the media gateway. The participating terminal devices (e.g. SIP telephones) are not connected dir- ectly with one another.
Page 329: Media Gateway
16 VoIP bintec elmeg GmbH Field Description Possible values: • : The type of number is not detected. • : The type of number is detected. If re- quired, the International Prefix / Country Code and/or the National Prefix / Area Code are removed from the sub-...
Page 330: Call Routing
16 VoIP bintec elmeg GmbH The bintec elmegbintec elmeg Media Gateway supports the binding of several SIP Provider Accounts. With this gateway, you can set up extensions, create an extension number plan and configure exchange functions and optimise voice data transmission for low bandwidth of the upload connection.
Page 331 16 VoIP bintec elmeg GmbH Field Description Possible values: • : For calls forwarded by the media gateway to a PBX or an ISDN TE connector or a SIP DDI client. For this, the following can be used: PRI interfaces in NT mode, BRI in- terfaces in NT mode, SIP accounts in trunk mode (server mode).
Page 332 16 VoIP bintec elmeg GmbH In the Routing Rules menu you can define rules to determine how the subscriber number is manipulated before it is used for dialling. Use Add to create more entries. Fields in the Routing Rules menu (For Type = Accept Rule only)
Page 333: Clid Translation
16 VoIP bintec elmeg GmbH 16.2.2 CLID Translation Here you define the processing of the calling party number for incoming calls. You can, for example, add a prefix to a received call number in order to route correspond- ing outgoing calls via a particular SIP account.
Page 334: Call Translation
16 VoIP bintec elmeg GmbH Field Description PRI interface. • : Restricts the entry to the selected BRI interface. • : Restricts the entry to the selected SIP ac- count. • : No restriction of the entry. Enter either Called Line or Called Address.
Page 335 16 VoIP bintec elmeg GmbH Note Which number (called party number or calling party number) is translated depends on the direction (incoming or outgoing) of the call in question. For incoming calls it is the called party number, for outgoing calls the calling party number that is translated.
Page 336 16 VoIP bintec elmeg GmbH Field Description • : restricts the call to the selected SIP ac- count. Local Address Enter the internal number (e.g. extension or PABX number). For incoming calls, the signalled Called Party Number (corresponds in the menu to the External Address) is translated to Local Address.
Page 337: Chapter 17 Local Services
17 Local Services bintec elmeg GmbH Chapter 17 Local Services This menu offers services for the following application areas: • Name resolution (DNS) • Configuration via web browser (HTTPS) • Locating of dynamic IP addresses using a DynDNS provider • Configuration of gateway as a DHCP server (assignment of IP addresses) •...
Page 338: Global Settings
17 Local Services bintec elmeg GmbH Under Local Services->DNS->DNS Servers->New you enter the IP addresses of name servers that are queried if your device cannot answer requests itself or by forwarding entries. Global name servers and name servers that are attached to an interface can both be entered.
Page 339 17 Local Services bintec elmeg GmbH Fields in the Basic Parameters menu Field Description Domain Name Enter the standard domain name of your device. WINS Server Enter the IP address of the first and, if necessary, alternative global Windows Internet Name Server (=WINS) or NetBIOS Primary Name Server (=NBNS).
Page 340 17 Local Services bintec elmeg GmbH Field Description the value for Maximum TTL for Positive Cache Entries . The default value is Maximum TTL for Neg- Enter the value set to which the TTL is to be set in the case of a ative Cache Entries negative dynamic entry in the cache.
Page 341: Dns Servers
17 Local Services bintec elmeg GmbH 17.1.2 DNS Servers A list of all configured DNS servers is displayed in the Local Services->DNS->DNS Serv- ers menu. 17.1.2.1 Edit or New Choose the icon to edit existing entries. Select the New button to set up additional DNS servers.
Page 342 17 Local Services bintec elmeg GmbH Field Description entered, depending on the priority. Possible values: • • (default value) Interface Select the interface to which the DNS server pair is to be as- signed. For Interface Mode = A global DNS server is created with the setting...
Page 343: Static Hosts
17 Local Services bintec elmeg GmbH Field Description Optionally, enter the IPv6 address of an alternative name serv- 17.1.3 Static Hosts A list of all configured static hosts is displayed in the Local Services->DNS->Static Hosts menu. 17.1.3.1 New Choose the New button to set up new static hosts.
Page 344: Domain Forwarding
17 Local Services bintec elmeg GmbH Field Description Enter the IPv4 address assigned to DNS Hostname. IPv6 Address Only if Response = Enter the IPv6 address assigned to DNS Hostname. 17.1.4 Domain Forwarding In the Local Services->DNS->Domain Forwarding menu, a list of all configured forward- ings for defined domains is displayed.
Page 345: Dynamic Hosts
17 Local Services bintec elmeg GmbH Field Description warded. The entry can start with the wildcard "*", e.g. "*.bintec-elmeg.com". If you enter a name without a leading wildcard "*" a leading wild- card "*" is supplemented as soon as you confirm with OK.
Page 346: Statistics
17 Local Services bintec elmeg GmbH You can select individual entries using the checkbox in the corresponding line, or select them all using the Select all button. A dynamic entry can be converted to a static entry by marking the entry and confirming with Make static.
Page 347: Https Server
17 Local Services bintec elmeg GmbH crypted and authenticated connection by SSL between the browser used for configuration and the device. 17.2.1 HTTPS Server In the Local Services->HTTPS->HTTPS Server menu, configure the parameters of the backed up configuration connection via HTTPS.
Page 348: Dyndns Update
17 Local Services bintec elmeg GmbH The registration of a host name means that you define an individual user name for the DynDNS service, e.g. . The service providers offer various domain names for this, so that a unique host name results for your device , e.g.
Page 349: Dyndns Provider
17 Local Services bintec elmeg GmbH Field Description Other DynDNS providers can be configured in the Local Ser- vices->DynDNS Client->DynDNS Provider menu. The default value is Enable update Select whether the DynDNS entry configured here is to be activ- ated.
Page 350 17 Local Services bintec elmeg GmbH Fields in the Basic Parameters menu. Field Description Provider Name Enter a name for this entry. Server Enter the host name or IP address of the server on which the provider’s DynDNS service runs.
Page 351: Dhcp Server
DHCP server as a network broadcast.* The client then receives its IP address from bintec elmeg (as part of a brief exchange). You therefore do not need to allocate fixed IP addresses to PCs, which reduces the amount of configuration work in your network.
Page 352: Dhcp Configuration
17 Local Services bintec elmeg GmbH Field Description used, preferably, by clients who draw an address from this pool. Secondary: Optionally, enter the IP address of an alternative DNS server. 17.4.2 DHCP Configuration To activate your device as a DHCP server, you must first define IP address pools from which the IP addresses are distributed to the requesting clients.
Page 353 17 Local Services bintec elmeg GmbH Field Description Pool Usage Select if the DHCP pool is to be used for requests from clients in a network directly connected to an Ethernet interface, or if it is to be used for DHCP requests from a remote network that are sent to your device via a DHCP relay station.
Page 354 17 Local Services bintec elmeg GmbH Field Description DHCP Options Specify which additional data is forwarded to the DHCP client. Possible values for Option: • (default value): Enter the IP address of the time server to be sent to the client.
Page 355 17 Local Services bintec elmeg GmbH Note For some products settings have already been predefined in this section. These are required for the seamless integration of telephones or LTE access routers and should not be changed or deleted. Choose the icon to edit an existing entry or one of the Add buttons to add an entry.
Page 356: Ip/Mac Binding
17 Local Services bintec elmeg GmbH Field Description shall be transmitted for the DHCP server. Possible values: • (default value) • Provisioning Server Only für Select vendor = Enter which manufacturer value shall be transmitted. For the setting Select vendor = , the default value is displayed.
Page 357: Dhcp Relay Settings
17 Local Services bintec elmeg GmbH Note You can only create new static IP/MAC bindings if IP address ranges were configured in Local Services->DHCP Server->DHCP Pool, and in the Local Services->DHCP Server->IP Pool Configuration menu is assigned a valid IP Pool.
Page 358: Dhcp - Configuration Example
17 Local Services bintec elmeg GmbH Field Description quests are to be forwarded. The default value is Secondary DHCP Serv- Enter the IP address of an alternative BootP or DHCP server. The default value is 17.4.5 DHCP - Configuration example Requirements •...
Page 359 17 Local Services bintec elmeg GmbH Example scenario as DHCP Client be.IP 4isdn...
Page 360 17 Local Services bintec elmeg GmbH Example scenario as DHCP Relay Server Configuration target You can use your device as a DHCP server, DHCP client or DHCP relay agent. Overview of Configuration Steps DHCP Server Field Menu Value IP Pool Name Local Services->DHCP Server->IP...
Page 361: Dhcpv6 Server
17 Local Services bintec elmeg GmbH Field Menu Value Gateway Local Services->DHCP Server->DH- CP Configuration->New->Ad- vanced Settings Lease Time Local Services->DHCP Server->DH- e.g. CP Configuration->New->Ad- vanced Settings IP address to use for Local Services->DNS->Global Set- e.g. DNS/WINS server as- tings->Advanced Settings...
Page 362 17 Local Services bintec elmeg GmbH Note An IPv6 address pool is created by assigning an IPv6 Link Prefix (a subnet with a length of /64) to an DHCPv6 option set. The definition of a separate set of IP ad- dresses like, e.g.
Page 363: Dhcpv6 Server
17 Local Services bintec elmeg GmbH 17.5.1 DHCPv6 Server Here you can create interface-related address pools and define DHCP options inside of an DHCP Option Set. 17.5.1.1 Edit or New Use the New button in order to create an Option Set. Use the icon in order to edit an existing entry.
Page 364: Dhcpv6 Global Options
17 Local Services bintec elmeg GmbH Fields in the menu Server Options Field Description DNS domains search Use Add to create a list of domain names which is queried by list the client during name resolution (DHCPv6 Option 24 "Domain Search List").
Page 365 17 Local Services bintec elmeg GmbH Field Description Search List"). Domain names will be transmitted to the clients in the order defined by the list. The domain name (e.g. dev.bintec.de.) mast end with a dot (.). The menu Advanced Settings consist of the following fields:...
Page 366: Stateful Clients
17 Local Services bintec elmeg GmbH Field Description Server"). Use Add to create the desired time server entries. 17.5.3 Stateful Clients Here you see an entry for each Stateful Client that has contacted the server and has been assigned an IPv6 address.
Page 367: Capi Server
17 Local Services bintec elmeg GmbH Field Description IPv6 address, i.e., the last 64 Bit of the IP address. This prefix must start with ::. 17.6 CAPI Server You can use the CAPI Server function to assign user names and passwords to users of the CAPI applications on your device.
Page 368: Options
17 Local Services bintec elmeg GmbH Field Description be allowed or denied. Password Enter the password which the user User Name shall use for identification to gain access to the CAPI service. Access Select whether access to the CAPI service is to be permitted or denied for the user.
Page 369: Scheduling
Caution The configuration of actions that are not available as defaults requires extensive know- ledge of the method of operation of bintec elmeg gateways. An incorrect configuration can cause considerable disruption during operation. If applicable, save the original configuration on your PC.
Page 370 17 Local Services bintec elmeg GmbH 17.7.1.1 New Choose the New button to create additional event lists. The menu Local Services->Scheduling->Trigger->New consists of the following fields: Fields in the Basic Parameters menu Field Description Event List You can create a new event list with (default value).
Page 371 17 Local Services bintec elmeg GmbH Field Description signed in Actions are initiated when the defined period of validity is reached. • : The option determ- ines that pushing the function button on the device can serve as a trigger for any configured action. Pushing the button for approx.
Page 372 17 Local Services bintec elmeg GmbH Field Description Select the interface whose defined status or data traffic shall ini- tiate an event. Interface Status Only for Event Type Select the status that the interface must have in order to initiate the intended operation.
Page 373 17 Local Services bintec elmeg GmbH Field Description Possible values: • (default value): The IP address of the interface over which the ping is sent is automatically entered as sender address. • : Enter the desired IP address in the input field.
Page 374 17 Local Services bintec elmeg GmbH Field Description state is checked cyclically at the configured schedule interval. Fields in the Select time interval menu Field Description Time Condition Only for Event Type = First select the type of time entry in Condition Type.
Page 375: Actions
17 Local Services bintec elmeg GmbH Field Description activation is carried on the next scheduling interval. If you do not enter a Stop Time or set a Stop Time = Start Time, the initiat- or is activated, and deactivated after 10 seconds.
Page 376 17 Local Services bintec elmeg GmbH Field Description LAN. A scan of the 5.8 GHz frequency range is performed. • : Only for devices with a WLAN controller. A Neighbor Scan is initiated by the WLAN network controlled by the WLAN controller.
Page 377 17 Local Services bintec elmeg GmbH Field Description • (default value): An existing entry shall be modified. • : A new entry shall be created. Index Variables Only if Command Type = Where required, select MIB variables to uniquely identify a spe- cific data set in MIB Table, e.g.
Page 378 17 Local Services bintec elmeg GmbH Field Description Use Add to create more entries. Interface Only if Command Type = Select the interface whose status should be changed. Set interface status Only if Command Type = Select the status to be set for the interface.
Page 379 17 Local Services bintec elmeg GmbH Field Description • : The latest software will be downloaded from an TFTP server that you define in Server URL Where Command Type = if Source Loc- ation not Enter the URL of the server from which the desired software version is to be retrieved.
Page 380 17 Local Services bintec elmeg GmbH Field Description • (default value) • • Protocol Only for Command Type = if Action = Select the protocol for the data transfer. Possible values: • (default value) • • CSV File Format Only where Command Type = and Action = Select whether the file is to be sent in the CSV format.
Page 381 17 Local Services bintec elmeg GmbH Field Description At import, renaming or copying enter a name for the configura- tion file under which to save it locally on the device. File Name in Flash Where Command Type = and Action = Select the file to be exported.
Page 382 17 Local Services bintec elmeg GmbH Field Description The function is disabled by default. Version Check Only where Command Type = and Action = Select whether, when importing a configuration file, to check on the server for the presence of a more current version of the already loaded configuration.
Page 383 17 Local Services bintec elmeg GmbH Field Description Local Certificate De- Where Command Type = scription Action = Enter a description for the certificate under which to save it on the device. Where Command Type = Action = Select the certificate to be deleted.
Page 384 17 Local Services bintec elmeg GmbH Field Description Your CA administrator can provide you with the necessary data. Subject Name Only where Command Type = and Action = Enter a subject name with attributes. Example: CA Name Only where Command Type =...
Page 385 17 Local Services bintec elmeg GmbH Field Description Use CRL Only where Command Type = and Action = Define the extent to which certificate revocation lists (CRLs) are to be included in the validation of certificates issued by the own- er of this certificate.
Page 386: Options
17 Local Services bintec elmeg GmbH 17.7.3 Options You configure the schedule interval in the Local Services->Scheduling->Options menu. The Local Services->Scheduling->Options menu consists of the following fields: Fields in the Scheduling Options menu Field Description Schedule Interval Select whether the schedule interval is to be enabled.
Page 387 17 Local Services bintec elmeg GmbH Example scenario Time-controlled Tasks Configuration target • You want to reboot your gateway automatically overnight. • The WLAN interface is to be suspended at the weekend. • In addition, the configuration is to be backed up automatically once a month on a TFTP server.
Page 388 17 Local Services bintec elmeg GmbH Field Menu Value Command Type Local Services -> Scheduling -> Actions -> New Event List Local Services -> Scheduling -> Actions -> New Event List Condition Local Services -> Scheduling -> Actions -> New Reboot device after Local Services ->...
Page 389 17 Local Services bintec elmeg GmbH Field Menu Value Actions -> New Schedule Interval Local Services -> Scheduling -> Options Monthly configuration backup Field Menu Value Event List Local Services -> Scheduling -> Trigger -> New Description Local Services -> Scheduling ->...
Page 390: Surveillance
17 Local Services bintec elmeg GmbH Field Menu Value Schedule Interval Local Services -> Scheduling -> Options 17.8 Surveillance In this menu, you can configure an automatic availability check for hosts or interfaces and automatic ping tests. You can monitor temperature with devices from the bintec WI series.
Page 391 17 Local Services bintec elmeg GmbH Field Description The operation configured in Interface is only executed if no group member can be reached. Fields in the Trigger menu. Field Description Monitored IP Address Enter the IP address of the host to be monitored.
Page 392: Interfaces
17 Local Services bintec elmeg GmbH Field Description The default value is . Unsuccessful Trials Specify how many pings need to be unanswered for the host to be regarded as inaccessible. You can use this setting to specify, for example, when a host is deemed to be inaccessible, and that a backup device should be used.
Page 393: Ping Generator
17 Local Services bintec elmeg GmbH Field Description Trigger Select the state or state transition of Monitored Interface that is to trigger a particular Interface Action. Possible values: • (default value) • Interface Action Select the action that is to follow the state or state transition defined in Trigger.
Page 394: Upnp
17 Local Services bintec elmeg GmbH Field Description Source IP Address Enter the source IP address of the outgoing ICMP echo request packets. Possible values: • : The IP address is determined automatically. • (default value): Enter the IP address in the adja- cent input field e.g.
Page 395: Interfaces
17 Local Services bintec elmeg GmbH . The ports are released internally to the gateway on demand, i.e. when an audio/video transfer is started in Messenger. When the application is closed, the ports are immediately closed again. The peer-to-peer-communication is initiated via public SIP servers with only the information from the two clients being forwarded.
Page 396: Hotspot Gateway
17 Local Services bintec elmeg GmbH The Local Services->UPnP->General menu consists of the following fields: Fields in the General menu. Field Description UPnP Status Decide how the gateway processes UPnP requests from the LAN. The function is enabled with . The gateway proceeds...
Page 397 - You then receive the Hotspot server's login data. Note Activation may require 2-3 business days. Access data for gateway configuration RADIUS Server IP 62.245.165.180 RADIUS Server Password Set by bintec elmeg GmbH be.IP 4isdn...
Page 398: Hotspot Gateway
Also refer to the WLAN Hotspot Workshop that is available to download from www.bintec-elmeg.com 17.10.1 HotSpot Gateway In the HotSpot Gateway menu, you can configure the bintec elmeg gateway installed onsite for the Hotspot Solution. A list of all configured hotspot networks is displayed in the Local Services->HotSpot Gateway->HotSpot Gateway menu.
Page 399 17 Local Services bintec elmeg GmbH Field Description here (e. g. en1-0). If operating over WLAN, the WLAN interface to which the access point is connected must be selected. Caution For security reasons you cannot configure your device over an interface that is configured for the Hotspot. Therefore take care when selecting the interface you want to use for the Hotspot.
Page 400 17 Local Services bintec elmeg GmbH Field Description In the Terms &Conditions input field, enter the address of the general terms and conditions on the intranet server, or public server, e.g., http://www.webserver.de/agb.htm. The page must lie within the address range of the walled garden network.
Page 401: Options
17 Local Services bintec elmeg GmbH Field Description address from DHCP from logging in. Max. Sessions per Enter the maximum number of sessions per user. User Login Frameset Enable or disable the login window. The login window on the HTML homepage consists of two frames.
Page 402: Wake-On-Lan
17 Local Services bintec elmeg GmbH 17.11 Wake-On-LAN With the function Wake-On-LAN you can start network devices that are switched off via an integrated network card. The network card also needs a power supply, even when the com- puter is switched off. You can use filters and rule chains to define the conditions that need to be met to send the so-called magic packet, and select the interfaces that are to be mon- itored for the defined rule chains.
Page 403 17 Local Services bintec elmeg GmbH Field Description Protocol Select a protocol. The option (default value) matches any protocol. Type Only for Protocol = Select the type. Possible values: See RFC 792. The default value is Connection State With Protocol = , you can define a filter that takes the status of the TCP connections into account.
Page 404 17 Local Services bintec elmeg GmbH Field Description fix length. Destination Port/Range Only for Protocol = Enter a destination port number or a range of destination port numbers. Possible values: • (default value): The destination port is not specified. •...
Page 405: Wol Rules
17 Local Services bintec elmeg GmbH Field Description DSCP/TOS Filter Select the Type of Service (TOS). (Layer 3) Possible values: • (default value): The type of service is ignored. • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format, 6 bit).
Page 406 17 Local Services bintec elmeg GmbH The Local Services->Wake-On-LAN->WOL Rules->New menu consists of the following fields: Fields in the menu Basic Parameters Field Description Wake-On-LAN Rule Select whether to create a new rule chain or to edit an existing Chain one.
Page 407: Interface Assignment
17 Local Services bintec elmeg GmbH Field Description Type Select whether the Wake on LAN magic packet is to be sent as a UDP packet or as an Ethernet frame via the interface spe- cified in Send WOL packet over Interface .
Page 408: Trace Interface
17 Local Services bintec elmeg GmbH 17.12 Trace Interface The menu Trace Interface allows recording the data traffic of a specific interface and al- lows you to save the recording as a PCAP file once the process has been stopped.
Page 409: Chapter 18 Maintenance
18 Maintenance bintec elmeg GmbH Chapter 18 Maintenance This menu provides you with numerous functions for maintaining your device. It firstly provides a menu for testing availability within the network. You can manage your system configuration files. If more recent system software is available, you can use this menu to in- stall it.
Page 410: Diagnostics
18 Maintenance bintec elmeg GmbH 18.2 Diagnostics In the Maintenance->Diagnostics menu, you can test the availability of individual hosts, the resolution of domain names and certain routes. 18.2.1 Ping Test You can use the ping test to check whether a certain host in the LAN or an internet address can be reached.
Page 411: Software &Configuration
Do not turn your device off during the update. An update of BOOTmonitor and/or Logic is recommended in a few cases. In this case, the release notes refer expressly to this fact. Only update BOOTmonitor or Logic if bintec elmeg GmbH explicitly recommends this. be.IP 4isdn...
Page 412 18 Maintenance bintec elmeg GmbH Flash Your device saves its configuration in configuration files in the flash EEPROM (Electrically Erasable Programmable Read Only Memory). The data even remains stored in the flash when your device is switched off. The current configuration and all changes you set on your device during operation are stored in the working memory (RAM).
Page 413 18 Maintenance bintec elmeg GmbH Fields in the Currently Installed Software menu. Field Description BOSS Shows the current software version loaded on your device. Shows the current system logic loaded on your device. System Logic ADSL Logic Shows the current version of the ADSL logic loaded on your device.
Page 414 18 Maintenance bintec elmeg GmbH Field Description You can load back the archived boot configuration. • : The file in the Select file field is deleted. • : You can import additional language ver- sions of the GUI into your device. You can download the files to your PC from the download area at www.bintec-elmeg.com...
Page 415 18 Maintenance bintec elmeg GmbH Field Description The function is activated by selecting The function is disabled by default. If the function is enabled, you can enter the Password in the text field. Filename Only for Action = Enter the path and name of the file or select the file with Browse...
Page 416: Reboot
18 Maintenance bintec elmeg GmbH Field Description Enter the URL of the update server from which the system soft- ware file is loaded. In the Advanced Settings menu, the version of the currently installed system flash files will be displayed.
Page 417: Chapter 19 External Reporting
19 External Reporting bintec elmeg GmbH Chapter 19 External Reporting In this system menu, you define what system protocol messages are saved on which com- puters, and whether the system administrator should receive an e-mail for certain events. Information on IP data traffic can also be saved--depending on the individual interfaces. In addition, SNMP traps can be sent to specific hosts in case of error.
Page 418 19 External Reporting bintec elmeg GmbH A list of all configured system log servers displayed in the External Reporting->Syslog->Syslog Servers menu. 19.1.1.1 New Select the New button to set up additional syslog servers. The menu External Reporting->Syslog->Syslog Servers->New consists of the following fields: Fields in the Basic Parameters menu.
Page 419: Ip Accounting
19 External Reporting bintec elmeg GmbH Field Description Timestamp Select the format of the time stamp in the syslog. Possible values: • (default value): No system time indicated. • : System time without date. • : System time with date.
Page 420: Options
19 External Reporting bintec elmeg GmbH In the External Reporting->IP Accounting->Interfaces menu, a list of all interfaces con- figured on your device is shown. For each entry, you can activate IP Accounting by setting the checkmark. In the IP Accounting column, you do not need to click each entry individu- ally.
Page 421: Alert Service
19 External Reporting bintec elmeg GmbH 19.3 Alert Service It was previously possible to send syslog messages from the router to any syslog host. De- pending on the configuration, e-mail alerts are sent to the administrator as soon as relevant syslog messages appear.
Page 422 19 External Reporting bintec elmeg GmbH Field Description Select the event to trigger an email notification. Possible values: • (default value): A Syslog mes- sage includes a specific string. • : A new adjacent AP has been found. • : A new Rogue AP has been found, i.e.
Page 423: Alert Settings
19 External Reporting bintec elmeg GmbH Field Description Number of Messages Enter the number of syslog messages that must be reached be- fore an E-mail can be sent for this case. If timeout is configured, the mail is sent when this expires, even if the number of mes- sages has not been reached.
Page 424 19 External Reporting bintec elmeg GmbH Field Description Possible values: • (default value): The server accepts and send emails without further authentication. • : The server only accepts e-mails if the router logs in with the correct user name and password.
Page 425: Snmp
19 External Reporting bintec elmeg GmbH 19.4 SNMP SNMP (Simple Network Management Protocol) is a protocol from the IP protocol family for transporting management information about network components. Every SNMP management system contains an MIB. SNMP can be used to configure, con- trol and administrate various network components from one system.
Page 426: Snmp Trap Hosts
19 External Reporting bintec elmeg GmbH Field Description Any whole number is possible. The default value is SNMP Trap Com- Only if SNMP Trap Broadcasting is enabled. munity Enter a new SNMP code. This must be sent by the SNMP Man- ager with every SNMP request so that this is accepted by your device.
Page 427: Sia
19 External Reporting bintec elmeg GmbH 19.5.1 SIA In the menu External Reporting->SIA->SIA, you can create and download a file that provides extensive support information about the status of your device like, e.g., the current configuration, available memory, uptime etc.
Page 428: Chapter 20 Monitoring
20 Monitoring bintec elmeg GmbH Chapter 20 Monitoring This menu contains information that enable you to locate problems in your network and monitor activities, e.g. at your device's WAN interface. 20.1 Internal Log 20.1.1 System Messages In the Monitoring->Internal Log->System Messages menu, a list of all internally stored system messages is displayed.
Page 429 20 Monitoring bintec elmeg GmbH Field Description Remote IP Displays the IP address of the remote IPSec Peers. Remote Networks Displays the currently negotiated subnets of the remote termin- Security Algorithm Displays the encryption algorithm of the IPSec tunnel. Status Displays the operating status of the IPSec tunnel.
Page 430: Ipsec Statistics
20 Monitoring bintec elmeg GmbH Field Description IPSec (Phase-2) SAs Shows the parameters of the IPSec (Phase 2) SAs. Role / Algorithm / Life- time remaining / Status Messages The system messages for this IPSec tunnel are displayed here. 20.2.2 IPSec Statistics In the Monitoring->IPSec->IPSec Statistics menu, statistical values for all IPSec connec-...
Page 431: Isdn/Modem
20 Monitoring bintec elmeg GmbH Field Description Total Shows the number of all processed incoming (In) or outgoing (Out) packets. Passed Shows the number of incoming (In) or outgoing (Out) packets forwarded in plain text. Dropped Shows the number of all rejected incoming (In) or outgoing (Out) packets.
Page 432: Call History
20 Monitoring bintec elmeg GmbH 20.3.2 Call History In the Monitoring->ISDN/Modem->Call History menu, a list of the last 20 ISDN calls (incoming and outgoing) completed since the last system start is displayed. Values in the Call History list Field Description...
Page 433 20 Monitoring bintec elmeg GmbH Field Description Tx Bytes Displays the total number of octets sent. Tx Errors Shows the total number of errors sent. Rx Packets Shows the total number of packets received. Rx Bytes Displays the total number of bytes received.
Page 434: Network Status
20 Monitoring bintec elmeg GmbH 20.4.2 Network Status The menu Monitoring->Interfaces->Network Status provides an overview of all IP inter- faces currently configured on the device. You can find information on the status of an inter- face as well as on relevant parameters like its IPv4 and/or IPv6 IP address, the MAC ad- dress of the interface and the currently valid MTU.
Page 435: Qos
20 Monitoring bintec elmeg GmbH 20.7 QoS In the Monitoring->QoS menu, statistics are displayed for interfaces on which QoS has been configured. 20.7.1 QoS A list of all interfaces for which QoS was configured is displayed in the Monitoring->QoS->QoS menu.
Page 436: Glossary
Glossary bintec elmeg GmbH Glossary See GSM. 3DES See DES. See UMTS. See LTE. 802.11 The 802.11 norm describes wireless LAN (WLAN). There are a vari- ety of amendments: 802.11a: Gross data transfer rates: 54 Mbit/s, frequency band: 5 GHz, 802.11b/g: Gross data transfer rates: 11 Mbit/s, frequency band: 2.4 GHz, 802.11g: Gross data transfer...
Page 437 Glossary bintec elmeg GmbH mode and is useful in very small networks, e. g. when linking two notebooks with no access point. ADSL Asymmetric digital subscriber line. See DSL. Advanced Encryption Standard (AES, Rijndael) is an encryption method (see Cipher). AES uses a fixed block length of 128 bits. The key length is 128, 192 or 256 bits.
Page 438 Glossary bintec elmeg GmbH Announcement The announcement is a performance feature. The announcement function enables a connection to be established to other phones which is automatically accepted by the subscribers called. The caller speaks and those called hear the announcement. If one of those called lifts the receiver, a normal connection is established.
Page 439 Glossary bintec elmeg GmbH Automatic redialling If the connection of the called party is engaged, an automatic redial can be initiated. This notifies the caller as soon as the line is free. Automatic Route Se- Automatic route selection can be used to route calls whatever the lection number (zone) dialled, via specified providers or bundles.
Page 440 Glossary bintec elmeg GmbH BootP The Bootstrap Protocol (BootP) is used to automatically issue an IP address. Bits per second. A unit of measure for the transmission rate. See Basic Rate Interface Bridge A bridge is a network component for connecting the same types of network at Level 2 of the OSI model.
Page 441 Glossary bintec elmeg GmbH ded without it having been taken. Call deflection (CD) See Call forwarding. Call forwarding Call forwarding is a performance feature. When call forwarding (CF) is used, incoming calls can be routed to another, internal or external, phone number.
Page 442 Glossary bintec elmeg GmbH block length of 64 bits. The key length can be between 40 and 128 bits. Alternative names are CAST-128 and CAST5. Certificate A certificate identifies a person, an institution, a device or an applic- ation. A public key certificate is a digital certificate and it creates a connection between the identity and a public key.
Page 443 Glossary bintec elmeg GmbH normal number can also be suppressed using CLIP, so that the party called only sees the other number. CLIP off Hook See Display caller number (CLIP / CLIR). CLIR See Display caller number (CLIP / CLIR).
Page 444 Glossary bintec elmeg GmbH Daemon A daemon refers to a program that runs in the background and provides certain services. Data compression Data compression is a method of reducing the data volume transmit- ted. See STAC and MPPC. Datagram A datagram is a self-contained data entity with user and control data.
Page 445 Glossary bintec elmeg GmbH clients need to be configured accordingly. Dial preparation Dial preparation describes the entering of the telephone number be- fore initiating the call, e. g. by lifting the receiver. Dialling control See Black / White List. Dialup connection...
Page 446 Glossary bintec elmeg GmbH Identification Restriction (CLIR) is used to suppress the transmission of the phone number of the caller to the called party. The Domain Name System (DNS) is used to convert the domain name (e. g. www.example.org) to an IP address (name resolution).
Page 447 Glossary bintec elmeg GmbH temporarily by DHCP. Network components such as the web server or printer usually have static IP address, while clients such as note- books or workstations usually have dynamic IP addresses. DynDNS A DynDNS provider can be used to link a domain name with a dy- namically changing IP address.
Page 448 Glossary bintec elmeg GmbH range Fax is used to send text, graphics and documents over the phone network. A distinction is drawn between Group 3 fax machines for the analogue network (transmission rate: 9.6 or 14,4 kbit/s) and Group 4 fax machines for ISDN (transmission rate: 64 kbit/s). To connect Group 3 fax machines to ISDN, a terminal adapter or a suit- able PBX is required.
Page 449 Glossary bintec elmeg GmbH Foreign Exchange Office (FXO) refers to the connection to the ana- logue terminal. See also FXS. Foreign Exchange Station (FXS) refers to the analogue connection to the connection socket or PBX. See also FXO. G.711 G.711 is an audio codec. Audio signals from the frequency range between 300 Hz and 3400 Hz are passed with a sampling rate of 8 kHz.
Page 450 Glossary bintec elmeg GmbH in the downstream and 2.5 Mbit/s in the upstream. G.992.4 Data transmission recommendation for ADSL2 with Annex A/B. Data transmission rates: 12 Mbit/s (downstream), 1.0 Mbit/s (upstream) G.992.5 Data transmission recommendation for xDSL2+. There are three variants: G.992.5 Annex A/B (ADSL2+) with data transmission rates...
Page 451 Glossary bintec elmeg GmbH Hash To ensure data integrity, the information needs to be protected from unauthorised manipulation while it is being transmitted. To ensure that this happens, every item of communication received has to match the information originally sent. Therefore erratic mathematical value functions (hash functions) are used to calculate checksums (hash values).
Page 452 Glossary bintec elmeg GmbH which protects against eavesdropping when transmitting HTML pages (web pages) between server and client. HTTPS is schematic- ally identical to HTTP. SSL / TLS is used for additional data encryp- tion. The standard port for HTTPS connections is 443.
Page 453 Glossary bintec elmeg GmbH 4.294.967.296 addresses can be represented, with IPv6 2128 = 340.282.366.920.938.463.463.374.607.431.768.211.456 addresses. Dotted decimal notation, e. g. 192.168.0.250, is used for IPv4. Hexadecimal notation, e. g. 2001:db8:85a3::8a2e:370:7344, is used for IPv6. See also netmask. IPCP The Internet Protocol Control Protocol (IPCP) is used, in a similar way to DHCP, to configure a host with an IP address, gateway and DNS server, when a PPP network connection is being used.
Page 454 Glossary bintec elmeg GmbH the Internet. The International Telecommunication Union (ITU) coordinates the setting up and operating of telecommunications networks and ser- vices. Keepalive Keepalive packets are used to check that the communication part- ner can be contacted. Keepalive Keepalive is a mechanism for maintaining the network connection and for checking that the communication partner can be reached.
Page 455 Glossary bintec elmeg GmbH Lease time The lease time refers to the validity period of a dynamic IP address that a client has been given by a DHCP server. Leased line See Leased line Leased line A leased line is a permanent connection of two communication part- ners via telecommunications network.
Page 456 Glossary bintec elmeg GmbH with the smallest number of node points (routers). See Multifrequency code dialling method. See Multifrequency code dialling method. The Management Information Base (MIB) describes the data that can be queried or modified via a network management protocol (e.
Page 457 Glossary bintec elmeg GmbH The Maximum Segment Size (MSS) defines the maximum number of bytes that can be used as user data in a TCP segment. The MSS must be smaller than the Maximum Transmission Unit (MTU) to avoid fragmenting the IP packets.
Page 458 Glossary bintec elmeg GmbH Netmask With IPv4 in connection with the IP address, the netmask, also net- work mask and subnet mask, defines the network by dividing the IP address into network and device parts and thus determining which addresses need to be routed. Example of a netmask: 255.255.255.0.
Page 459 Glossary bintec elmeg GmbH PABX PABX is another term for a telephone system. The Password Authentication Protocol (PAP) is an authentication method for connections via PPP. Unlike with CHAP, the username and password are not sent encrypted. Parallel call See Mobile subscriber.
Page 460 Glossary bintec elmeg GmbH fy digital certificates for an encryption procedure. PMTU The Path MTU (PMTU) describes the maximum packet size that can be transmitted along the entire connection route without needing to be fragmented. Point-to-multipoint Point-to-multipoint connection is an ISDNB connection. It is used to connect ISDN terminals.
Page 461 Glossary bintec elmeg GmbH PPTP The Point-to-Point Tunneling Protocol (PPTP) is a network protocol for encapsulating other protocols so that they can be transported via the Internet Protocol (IP) in the form of a tunnel (VPN). PPTP uses protocol number 1723. The PPTP architecture is divided into two lo- gical systems.
Page 462 Glossary bintec elmeg GmbH signed this ID. Q-SIG Q-Interface Signalling Protocol (Q-SIG) is an ISDN-based signalling protocol for linking PABX systems. Quality of Service (QoS) describes the properties of the communica- tion service. It is defined using bandwidth, delay, packet losses and jitter.
Page 463 Glossary bintec elmeg GmbH The Routing Information Protocol (RIP) is a routing protocol. It is re- stricted to small networks. See also OSPF. RipeMD 160 RACE Integrity Primitives Evaluation Message Digest (RipeMD 160) is a hash function that generates a 160 bit hash value (checksum).
Page 464 Glossary bintec elmeg GmbH data, the main function of RTSP lies in controlling the data streams. Rule chain A rule chain contains a combination of different filter rules. A filter rule selects part of the data traffic based on particular features, e. g.
Page 465 Glossary bintec elmeg GmbH SHA1 Secure Hash Algorithm version 1 (SHA1) is a hash function that generates a 160 bit hash value (checksum). See also Hash. SHDSL Symmetrical High-bit-rate Digital Subscriber Line. See DSL. Shell The shell is an input interface (e. g. command line or graphic user interface) between computer and user.
Page 466 Glossary bintec elmeg GmbH ciated screen display. Spatial streams Spatial streams are data streams that are sent out at the same time on the same frequency in the wireless LAN. The transmission rate is multiplied as a result. All the parameters that are set while configuring IPSec are stored in the router in the form of databases.
Page 467 Glossary bintec elmeg GmbH STAC STAC is used to reduce the data volume transmitted (data compres- sion). Static IP Address In contrast to a dynamic IP address, the static IP address is as- signed permanently by the user. Network components such as the...
Page 468 Glossary bintec elmeg GmbH network. In this way, different network components can be mon- itored from a single, central system. Syslog messages are sent as unencrypted text messages over the UDP port 514. System telephone A system telephone has multiple function and special keys and can use the performance features of a PBX.
Page 469 Glossary bintec elmeg GmbH Telefax See Fax. Telnet Telecommunication Network (Telnet) is a network protocol. It en- ables communication with another, remote device in the network, e. g. PCs, routers, etc. Terminal adapter A terminal adapter (TA) can be used to connect terminals to an in- terface on which they cannot be operated directly, e.
Page 470 Glossary bintec elmeg GmbH TTL is reduced by 1 with each hop. If a data packet has not yet reached its destination when its TTL expires, it is discarded. Twofish Twofish is an encryption method (see Cipher). Twofish uses a fixed block length of 128 bits.
Page 471 Glossary bintec elmeg GmbH V.110 V.110 describes a method of aligning bitsteams with 0.6, 1.2, 2.4, 2.8, 7.2, 9.6, 12, 14.4, 19.2 and 38.4 kbit/s with the ISDN bitstream of 64 kbit/s. VDSL Very High Speed Digital Subscriber Line. See DSL.
Page 472 Glossary bintec elmeg GmbH Web server A web server provides HTML documents (web pages). Wired Equivalent Privacy (WEP) is an encryption protocol for WLANs. The key length is 40 or 104 bits. WINS The Windows Internet Name Service (WINS) is a translation of the NetBIOS over TCP/IP network protocol by Microsoft.
Page 473 Glossary bintec elmeg GmbH transmission rate of 64 kbit/s. XAuth XAUTH (Extended Authentication) is used to add further authentica- tion mechanisms to IKE. After a successful phase 1 authentication, the user can be separately identified again. The identifying is done using the username and password, PAP, CHAP or hardware-based systems.
Page 474 Index bintec elmeg GmbH Index ARP Processing Assigned Wireless Network (VSS) 2,4 GHz band basic rates (Mbit/s) Associated Line 2,4 GHz band rate profile ATM Interface 2,4 GHz band supported rates (Mbit/s) ATM PVC ATM Service Category 5 GHz band basic rates (Mbit/s)
Page 475 Index bintec elmeg GmbH Client Band select 285 , 286 , 287 , 288 , 289 , 291 , Client Type 296 , 301 , 309 , 312 , 316 , 319 , Code 321 , 327 , 338 , 343 , 356 , 361 ,...
Page 476 Index bintec elmeg GmbH DSCP/Traffic Class Filter (Layer 3) Group Description 61 , 163 , 164 172 , 187 , 388 Group ID DTIM Period High Priority Class DUID Host Dynamic blacklisting Host Name E-mail IGMP Proxy EAP Preauthentification IGMP Snooping...
Page 477 Index bintec elmeg GmbH ISDN Mode Key Size Maximum Number of Dialup Retries Language for login window 207 , 212 , 219 Last Member Query Interval Maximum Response Time Layer 4 Protocol Maximum Upload Speed 179 , 182 , LCP Alive Check...
Page 478 Index bintec elmeg GmbH mask Priority Queueing Original Destination Port/Range Propagate PMTU Original Source IP Address/Netmask Proposals 252 , 259 Protocol 155 , 167 , 172 , 187 , 243 , Original Source Port/Range 289 , 296 , 301 , 336 , 361 , 388 ,...
Page 479 Index bintec elmeg GmbH Route Selector SIP Endpoint IP Address 296 , 301 Route Type 141 , 147 SIP Header Field: FROM Display Router Lifetime SIP Header Field: FROM User Router Preference SIP Header Field: P-Asserted RSSI threshold SIP Header Field: P-Preferred...
Page 480 Index bintec elmeg GmbH Ticket Type Vendor Specific Information (DHCP Op- Time Condition tion 43) Timestamp Version Check Tracking IP Address Virtual Channel Connection (VCC) Traffic Direction 227 , 230 Traffic shaping 179 , 182 Virtual Channel Identifier (VCI) Transfer Mode...
Page 481 Index bintec elmeg GmbH Attacked Access Point Done Authentication for PPP Dialin Drop non-members Authentication Method Drop untagged frames Autosave Configuration Dropped 416 , 421 Back Route Verify DSA Key Status BOSS Duration 417 , 418 Bytes Dynamic RADIUS Authentication...
Page 482 Index bintec elmeg GmbH IP Address Entries IP Address / Netmask Media Gateway Status IP Address Range Media Stream Termination IPSec (Phase-2) Memory usage [%] IPSec (Phase-2) SAs Message IPSec Debug Level Messages IPSec over TCP Metric 148 , 149...
Page 483 Index bintec elmeg GmbH Remote Networks SNMP multicast discovery Remote Number 417 , 418 SNMP Read Community Remote Port 415 , 419 SNMP Trap Broadcasting Restore Default Settings SNMP Trap Community Rogue Client MAC Address SNMP Trap UDP Port Route...
Page 484 Index bintec elmeg GmbH Type of attack Certificate List UDP Inactivity Certificate Servers Unchanged for CLID Translation UPnP Status Client Management UPnP TCP Port Controlled Interfaces 139 , 399 CRLs Use Interface Current Calls Use Zero Cookies Date and Time...
Page 485 Index bintec elmeg GmbH ISDN Trunks System Reboot Load Balancing Groups Telnet Log out Users Traceroute Test NAT Configuration Trigger NAT Interfaces User Neighbor APs Users Network Status VLANs OAM Controlling Wake-On-LAN Filter Options 64 , 150 , 198 , 266 , 283 ,...
Page 486 Index bintec elmeg GmbH Load Balancing Access via LAN Log out Users ADSL Line Profile Maintenance Assistants Media Gateway Authentication key Monitoring Autoconfiguration on Bootup Neighbor Monitoring Policies Basic configuration 172 , 421 Basic settings in ex works state Real Time Jitter Control...
Page 487 Index bintec elmeg GmbH DSL Mode Local Services DSL Modem DSP Channels Map Resolver IP Address Map Server IP Address EID prefix (IP address) / Length Map-Register time period (in sec.) Ethernet Ports 271 , 272 Ethernet Interface Selection Map-Resolver IP Address...
Page 488 Index bintec elmeg GmbH Radio1 X.31 TEI Service Reset X.31 TEI Value Reset button Route Locator (RLOC) IP address Scheduling (Configuration example) Service Setting up a PC SNR Margin Software updates Status Support Switch Port System Management System requirements Systemsoftware...