Lancom 7100 VPN Manual
  1. Manuals
  2. Brands
  3. Lancom Manuals
  4. Network Hardware
  5. 7100 VPN
  6. Manual
Lancom 7100 VPN Manual

Lancom 7100 VPN Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
. . . c o n n e c t i n g
LANCOM 7100 VPN
LANCOM 9100 VPN
Handbuch
Manual
y o u r
b u s i n e s s

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the 7100 VPN and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Lancom 7100 VPN

Summary of Contents for Lancom 7100 VPN

  • Page 1 . . . c o n n e c t i n g y o u r b u s i n e s s LANCOM 7100 VPN LANCOM 9100 VPN Handbuch Manual...
  • Page 2 LANCOM 7100 VPN LANCOM 9100 VPN...
  • Page 3 The reproduction and distribution of the documentation and software supplied with this product and the use of its contents is subject to written authorization from LANCOM Systems. We reserve the right to make any alterations that arise as the result of technical development.
  • Page 4 1000 remote sites VRRP and load balancing Advanced Routing and Forwarding with 256 VLAN / IP contexts with LANCOM 7100 VPN, 128 VLAN / IP contexts with LANCOM 9100 VPN Status and error display 4 x Gigabit Ethernet + ISDN BRI...
  • Page 5 CD supplied) describes all of the parameters in LCOS, the operating system used by LANCOM products. This guide is an aid to users during the configu- ration of devices by means of WEBconfig or the telnet console. This documentation was created by …...
  • Page 6 LANCOM 7100 VPN – LANCOM 9100 VPN Chapter : and contact addresses for LANCOM Support, please refer to the enclosed leaflet or the LANCOM Systems Web site. Information symbols Very important instructions. Failure to observe these may result in damage.

  • Page 7: Table Of Contents

    LANCOM 7100 VPN – LANCOM 9100 VPN Contents Contents 1 Introduction 1.1 What does VPN offer? 1.2 Just what can your LANCOM Router do? 2 Installation 2.1 Package content 2.2 System requirements 2.3 Status displays and interfaces 2.3.1 Front 2.3.2 Rear panel 2.4 Hardware installation...
  • Page 8 LANCOM 7100 VPN – LANCOM 9100 VPN Contents 5 Connecting two networks 5.1 Which details are necessary? 5.1.1 General information 5.1.2 Settings for the TCP/IP router 5.1.3 Settings for NetBIOS routing 5.2 Instructions for LANconfig 5.3 1-Click-VPN for networks (site-to-site) 5.4 Instructions for WEBconfig...
  • Page 9 LANCOM 7100 VPN – LANCOM 9100 VPN Contents 9 Advice & assistance 9.1 No WAN connection can be established 9.2 Slow DSL transmission 9.3 Unwanted connections under Windows XP 10 Appendix 10.1 Performance and characteristics 10.2 Connector wiring 10.2.1 Ethernet interface 10/100/1000Base-TX, DSL interface 10.2.2 ISDN-S...

  • Page 10: Introduction

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 1: Introduction 1 Introduction The models LANCOM 7100 VPN and LANCOM 9100 VPN are high-perform- ance central-site VPN gateways which support 100 resp. 200 VPN connec- tions. With the LANCOM VPN Option, the routers provide VPN connections for up to 200 resp.

  • Page 11: What Does Vpn Offer

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 1: Introduction The management systems LANconfig and LANmonitor are included and offer not only cost-effective remote maintenance of entire installations along with highly convenient setup wizards, but also full real-time monitoring and log- ging.

  • Page 12: Just What Can Your Lancom Router Do

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 1: Introduction The Internet is available virtually everywhere and typically has low access costs. Significant savings can thus be achieved in relation to switched or ded- icated connections, especially over long distances.
  • Page 13 LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 1: Introduction LANCOM 7100 LANCOM 9100 ✔ ✔ Policy-based routing Load balancing for bundling multiple DSL channels 4 channels 4 channels ✔ ✔ Backup solutions and load balancing with VRRP ✔ ✔...
  • Page 14 ISDN call numbers ✔ ✔ FirmSafe for no-risk firmware updates Optional software extensions ✔ LANCOM VPN Option with 200 active tunnels for secure network connec- tivity ✔ LANCOM VPN Option with 500 active tunnels for secure network connec- tivity ✔...

  • Page 15: Installation

    Should anything be missing, please take up immediate contact to your dealer or to the address on the delivery note supplied with your device. System requirements Computers that connect to a LANCOM must meet the following minimum requirements: Operating system with TCP/IP support, such as Windows, Linux, BSD Unix, Apple Mac OS, OS/2.

  • Page 16: Status Displays And Interfaces

    Flickering means, that the LED is switched on and off in irregular inter- vals. 2.3.1 Front The LANCOM Routers are equipped with the following status displays on the front panel: LANCOM 7100 VPN ³ · »...
  • Page 17  password has been set. Without a configuration password, the con- figuration data in the LANCOM is unprotected. Normally you would set a configuration password during the basic configuration (instruc- tions in the following chapter). Information about setting a configu- ration password at a later time is available in the section 'The Security Wizard'.
  • Page 18 LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 2: Installation » Connection status of the serial configuration interface No session logged on Green On (perma- Serial configuration session logged on nently) Orange Flickering Data transmission during the configuration session ¿...
  • Page 19 Date and time CPU load Memory load Number of VPN tunnels Data transfer in reception direction Data transfer in transmission direction The LANCOM Routers are equipped with the following interfaces on the front panel: LANCOM 7100 VPN µ ¾ ¸...
  • Page 20 LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 2: Installation Each Ethernet socket has two LEDs (green and yellow). Green No networking device attached Green On (perma- Connection to network device operational, not data traffic nently) Green Flickering Data traffic...

  • Page 21: Rear Panel

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 2: Installation Reset button This option controls the behavior of the reset button when it is pressed: Ignore: The button is ignored. Boot only: With a suitable setting, the behavior of the reset button can be controlled;...

  • Page 22: Hardware Installation

    If necessary fix the rubber pads to the underside of the device to prevent any scratching to other equipment. LAN – first of all connect your LANCOM Router to the LAN or to an indi- vidual PC. Plug one end of the supplied network cable (green connectors) into an Ethernet port on the device µ, and the other end into an available...

  • Page 23: Software Installation

    Software installation The following section describes the installation of the Windows-compatible system software LANtools, as supplied. You may skip this section if you use your LANCOM VPN Router exclu-  sively with computers running operating systems other than Win- dows.

  • Page 24: Which Software Should I Install

    Which software should I install? LANconfig is the Windows configuration program for all LANCOM routers and LANCOM access points. WEBconfig can be used alterna- tively or in addition via a web browser. With LANmonitor you can use a Windows computer to monitor all of your LANCOM routers and LANCOM access points.

  • Page 25: Basic Configuration

    Details you will need The Basic Settings Wizard is used to set the LANCOM VPN Routers basic TCP/ IP parameters and to protect the device with a configuration password. The following description of the information required by the wizard is divided into...
  • Page 26 This usually happens in the fol- lowing situations: Only a single PC is going to be attached to the LANCOM VPN Router Setting up a new network Fully automatic TCP/IP configuration will not be offered if you are integrating the LANCOM VPN Router into an existing TCP/IP LAN.

  • Page 27: Configuration Protection

    If you operate the LANCOM Router on a DSL link that is charged on a time basis you can set the maximum connection time in minutes. The budget can be completely deactivated by entering a value of '0'.

  • Page 28: Instructions For Lanconfig

    (assuming that the appropriate networking environment exists). If the Setup Wizard does not start automatically, you can manually  search for new devices at all interfaces (if the LANCOM VPN Router is connected via the serial configuration interface) or in the network (File Find devices).

  • Page 29: Instructions For Webconfig

    Instructions for WEBconfig Device settings can be configured from any Web browser. WEBconfig config- uration software is an integral component of the LANCOM. A Web browser is all that is required to access WEBconfig. WEBconfig offers similar Setup Wiz- ards to LANconfig and hence provides the perfect conditions for easy config- uration of the LANCOM –...
  • Page 30 Windows Me or Windows 9x, or with command ifconfig in the console under Linux). In this case, the LANCOM can be accessed with address x.x.x.254 (the “x”s stand for the first three...
  • Page 31 "search for other devices" option from any other networked LANCOM. Use suitable tools to find out the IP address assigned to the LANCOM by DHCP and access the device directly using this IP address. Use the serial configuration interface to connect a computer running a terminal program to the device.
  • Page 32 LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 3: Basic configuration As an alternative, the login dialog provides a link for an encrypted  connection over HTTPS. Always use the HTTPS connection for increased security whenever possible. Setup Wizards The setup Wizards allow quick and easy configuration of the most common device settings.

  • Page 33: Tcp/Ip Settings For Pc Workstations

    Manual IP address assignment If IP addresses in a network are statically assigned, then the IP address of the LANCOM is to be set as the standard gateway and DNS server in the TCP/IP configuration of each PC in the LAN.

  • Page 34: Setting Up Internet Access

    Chapter 4: Setting up Internet access 4 Setting up Internet access The LANCOM provides a central point of Internet access for all of the comput- ers in the LAN. The connection to the Internet provider can be established via any WAN connector, i.e. via DSL or ISDN (where available). Internet access via ISDN can be used to backup a DSL connection.
  • Page 35 Billing by time or flatrate – select the method by which you are billed by your Internet provider. In case of billing by time, you can set the LANCOM to cut connections automatically if no data flows for a certain time (the hold time).

  • Page 36: The Internet Connection Wizard

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 4: Setting up Internet access The Internet Connection Wizard 4.1.1 Instructions for LANconfig Mark your device in the selection window. From the command line, select Extras Setup Wizard. In the selection menu, select the Setup Wizard, Set up Internet connec- tion and confirm the selection with Next.

  • Page 37: Instructions For Webconfig

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 4: Setting up Internet access The Wizard will inform you as soon as the entries are complete. Close the configuration with Finish. LANconfig: Fast starting of the Setup Wiz- ards The fastest way of starting the Setup Wizards under LANconfig is to use the command button in the button bar.

  • Page 38: Connecting Two Networks

    Security aspects Of course your LAN has to be protected from unauthorized access. For this reason, a LANCOM provides a range of security mechanisms that offer an out- standing level of protection. VPN: VPN-based connectivity relies on IPsec for transferring data. The...

  • Page 39: Which Details Are Necessary

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 5: Connecting two networks Which details are necessary? The Wizard requests you for all of the necessary details step by step. If possi- ble, you should have all of this information to hand before you start the Wiz- ard.
  • Page 40 VPN connections to remote sites that use dynamic IP addresses. If you have not yet given a name to your LANCOM, the Wizard will ask you to enter a new name for your device. Entering a name will cause your LANCOM to be renamed.

  • Page 41: Settings For The Tcp/Ip Router

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 5: Connecting two networks channel from the caller. An ISDN ID generally consists of the country code and an MSN. The password for the ISDN connection is an alternative to the ISDN calling line ID.

  • Page 42: Settings For Netbios Routing

    The domain can only be specified in the LANconfig Wizard. With  WEBconfig, the necessary changes are made later in the manual con- figuration. Refer to the LANCOM Router reference manual for more detailed information. VPN extranet In the case of LAN-LAN connectivity via VPN, you can mask the individual computers behind another IP address.

  • Page 43: Instructions For Lanconfig

    Once you have completed the set-up of both routers, you can start testing the network connection. Try to communicate with a computer in the remote LAN (e. g. with ping). The LANCOM Router should automatically connect to the remote site and make contact to the requested computer.

  • Page 44: 1-Click-Vpn For Networks (Site-To-Site)

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 5: Connecting two networks 1-Click-VPN for networks (site-to- site) The site-to-site-to-site connectivity of networks is now very simple with the help of the 1-Click-VPN wizard. It is even possible to simultaneously couple multiple routers to a central network.

  • Page 45: Instructions For Webconfig

    Once you have completed the set-up of both routers, you can start testing the network connection. Try to communicate with a computer in the remote LAN (e. g. with ping). The LANCOM Router should automatically connect to the remote site and make contact to the requested computer.

  • Page 46: Providing Dial-In Access

    Security aspects Of course your LAN has to be protected from unauthorized access. For this reason, a LANCOM provides a range of security mechanisms that offer an outstanding level of protection. VPN: VPN-based connectivity relies on IPsec for transferring data. The...

  • Page 47: General Information

    User name and password: This access data serves to identify the user when dialing in. Incoming number: The optional ISDN calling line ID is used by the LANCOM Router for additional user authentication. This security function should not be employed if the user will be dialing-in from various ISDN connections.

  • Page 48: Settings For Tcp/Ip

    This IP address can be manually set to a fixed value when the user is created. A simpler option is to allow the LANCOM Router to assign the user with a free IP address when dialing in. In this case, all you have to do is to set the range of IP addresses which are to be available for assignment to the RAS users by the LANCOM Router.

  • Page 49: Settings For Netbios Routing

    Internet access A VPN client LANCOM Systems offers you a 30-day test version of the LANCOM Advanced VPN Client on the CD supplied. A precise description of the VPN client and notes on its setup are also to be found on the CD.

  • Page 50: Instructions For Lanconfig

    Advanced VPN Client are very easy to set up with the Setup Wizard and exported to a file. This file can then be imported as a profile by the LANCOM Advanced VPN Client. All of the information about the LANCOM VPN Router's configuration is also included, and then supplemented with randomly gener- ated values (e.g.
  • Page 51 When setting up the VPN access, certain settings are made to optimize oper- ations with the LANCOM Advanced VPN Client, including: Gateway: If defined in the LANCOM VPN Router, a DynDNS name is used here, or alternatively the IP address FQDN: Combination of the name of the connection, a sequential number and the internal domain in the LANCOM VPN Router.

  • Page 52: Instructions For Webconfig

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 6: Providing dial- in access Instructions for WEBconfig In the main menu, launch the Wizard 'Provide remote access (RAS)'. Fol- low the Wizard’s instructions and enter the necessary data. Configure the access account on the dial-in PC as described. Subsequently test the connection (see box 'Ping –...

  • Page 53: Fax Transmission With Lancapi

    Chapter 7: Fax transmission with LANCAPI 7 Fax transmission with LANCAPI LANCAPI from LANCOM Systems is a specialized version of the widespread ISDN CAPI interface. CAPI stands for Common ISDN Application Programming Interface and it links ISDN adapters and communications software. This soft- ware in turn provides the computer with office-communications functions such as a fax or answering machine.

  • Page 54: Installing The Lancom Capi Faxmodem

    LANCOM CAPI Faxmodem and MS Windows Fax Service. Installing the LANCOM CAPI Faxmodem From the setup program on your LANCOM CD, select the entry LANCOM software installation. Select the option CAPI Faxmodem, click on Next and follow the instruc-...

  • Page 55: Installing The Ms Windows Fax Service

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 7: Fax transmission with LANCAPI After successful installation, the LANCOM CAPI Fax Modem is entered into the Control Panel under Phone and modem options. Installing the MS Windows Fax Service Go to the Control Panel and select the option Printers and faxes.

  • Page 56: Sending A Fax

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 7: Fax transmission with LANCAPI Sending a fax After installing the necessary components, there are a number of ways to send a fax from your computer. If you have a file ready to send, you can send this straight from its application.
  • Page 57 LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 7: Fax transmission with LANCAPI The fax client console opens up. Select the menu item Send file/fax. A Wizard guides you through the remaining procedure.

  • Page 58: Security Settings

    Chapter 8: Security settings 8 Security settings Your LANCOM features numerous security functions. This chapter provides you with all of the information you need to optimally protect your device. You can carry out the configuration of security settings very quickly ...

  • Page 59: Lanconfig Wizard

    Along with these basic settings, you can use the Security settings Wizard to check the settings of your wireless network (if so equipped). 8.2.1 LANconfig Wizard Mark your LANCOM in the selection window. From the command line, select Extras Setup Wizard. In the selection menu, select the Setup Wizard, Check security settings and confirm the selection with Next.

  • Page 60: The Security Checklist

    'Management' configuration area on the 'Security' tab. Have you activated the firewall? The stateful inspection firewall of LANCOM devices ensures that you local network cannot be attacked from the outside. Activate the firewall in LANconfig under 'Firewall/QoS' on the 'General' tab.
  • Page 61 'Routing' tab. Have you used filters to close critical ports? The firewall filters in LANCOM devices offer filter functions for individual computers or entire networks. It is possible to set up source and destina- tion filters for individual ports or port ranges. Furthermore, filters can be set for individual protocols or any combination of protocols (TCP/UDP/ ICMP).
  • Page 62 The access list can be found in the LANconfig in the configuration area 'TCP/IP' on the 'General' tab. Do you store your saved LANCOM configuration to a safe location? Protect your saved configurations in a location that is safe from unauthor- ized access.

  • Page 63: Advice & Assistance

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 9: Advice & assistance 9 Advice & assistance See this chapter for first-aid assistance if some of the typical problems should occur. No WAN connection can be established After starting, the router attempts automatically to connect to the Internet provider.

  • Page 64: Unwanted Connections Under Windows Xp

    Instructions for increasing the windows size are available in the Knowledge- Base in the Support area of the LANCOM Systems Web site (www.lancom.eu). Unwanted connections under Windows XP When booting, Windows XP computers attempt to update the time by access- ing a time server in the Internet.

  • Page 65: Appendix

    CE-conformity to EN 300 328, EN 301 893, EN 55024, EN 55022, EN 55011, EN 50081, EN 60950, ES 59005, EN 60950 Approvals Notified in Germany, Belgium, Netherlands, Luxembourg, Austria, Switzerland, UK, and Italy. For information on new notifications, see www.lancom.eu. Environment/ Temperature range 0–40°C; humidity 5–90%; non-condensing Temperature...

  • Page 66: Connector Wiring

    LANCOM 7100 VPN – LANCOM 9100 VPN Chapter 10: Appendix 10.2 Connector wiring 10.2.1 Ethernet interface 10/100/1000Base-TX, DSL interface 8-pin RJ45 sockets (ISO 8877, EN 60603-7) Connector Fast Gigabit Ethernet Ethernet BI_DA+* BI_DA- BI_DB+ PoE/G BI_DC+ PoE/G BI_DC- BI_DB- PoE/ -48 V...

  • Page 67: Configuration Interface (Outband)

    Line 10.3 CE-declarations of conformity LANCOM Systems herewith declares that the devices of the type described in this documentation are in agreement with the basic requirements and other relevant regulations of the 1995/5/EC directive. The CE declarations of conformity for your device can be found on the relevant...
  • Page 68 LANCOM 7100 VPN – LANCOM 9100 VPN Index Index Numerics DHCP server 10/100Base-TX Dial-in access 100-Mbit network Dial-up adapter 3 DES DNS access to the remote LAN DNS server Domain Autosensing Download DSL transmission too slow Blowfish Encryption Call-back function...
  • Page 69 LANCOM 7100 VPN – LANCOM 9100 VPN Index Filter Network mask IP address Network segment IP masquerading Number of VPN tunnels IP router IPsec Package content ISDN Password Connector cable Password for the ISDN connection D channel PAT – see IP masquerading...
  • Page 70 LANCOM 7100 VPN – LANCOM 9100 VPN Index System requirements Transmission protocol TCP/IP USB connector Connect test Settings Virtual Private Network TCP/IP configuration Virtual Private Networks (VPN) Fully automatic Manual VPN client TCP/IP filter TCP/IP router Settings TCP/IP windows size...

This manual is also suitable for:

9100 vpn

Table of Contents