Teldat bintec R3002 Manual

page of 622

/ 622
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Manual

Teldat GmbH

Manual

bintec Rxxx2/RTxxx2

Reference

bintec Rxxx2/RTxxx2

Table of Contents

Summary of Contents for Teldat bintec R3002

Page 2: Legal Notice
This manual has been put together with the greatest possible care. However, the information con- tained in this manual is not a guarantee of the properties of your product. Teldat GmbH is only liable within the terms of its conditions of sale and supply and accepts no liability for technical inaccuracies and/or omissions.
Page 3: Table Of Contents
Table of Contents Teldat GmbH Table of Contents Chapter 1 Introduction ......1 Chapter 2 About this guide.
Page 4 Table of Contents Teldat GmbH Chapter 6 Variable switching of S0 interfaces ... . . 37 Switching the S0 interfaces from external to internal ..
Page 5 Table of Contents Teldat GmbH 8.3.1 GUI (Graphical User Interface) ....8.3.2 SNMP shell ......
Page 6 Table of Contents Teldat GmbH 11.1 AUX ......119 11.1.1 AUX ......119 11.2...
Page 7 Table of Contents Teldat GmbH 13.3.1 Slave Access Points ..... . . 163 13.3.2 Radio Profiles ......167 13.3.3...
Page 8 Table of Contents Teldat GmbH 14.5.2 Rule Chains ......232 14.5.3 Interface Assignment ..... . . 233 14.6...
Page 9 Table of Contents Teldat GmbH 17.1 Internet + Dialup ......269 17.1.1 PPPoE ......271 17.1.2...
Page 10 Table of Contents Teldat GmbH 18.3.2 Options ......378 18.3.3 IP Pools ......379 18.4...
Page 11 Table of Contents Teldat GmbH 20.2.7 Options ......424 20.3 RTSP ......427 20.3.1...
Page 12 Table of Contents Teldat GmbH 21.7 Scheduling......460 21.7.1 Trigger ......461 21.7.2...
Page 13 Table of Contents Teldat GmbH 22.3 Reboot ......514 22.3.1 System Reboot ......514 Chapter 23 External Reporting .
Page 14 Table of Contents Teldat GmbH 24.5 Bridges ......539 24.5.1 br<x> ......539 24.6...
Page 15: Chapter 1 Introduction
Password If you are already familiar with configuring Teldat devices and want to get started right away, all you really need to know is the factory default user name and password. Note...
Page 16 The devices are also designed for use with Dime Manager. The Dime Manager manage- ment tool can locate your Teldat devices within the network quickly and easily. The .NET-based application, which is designed for up to 50 devices, offers easy to use func- tions and a comprehensive overview of devices, their parameters and files.
Page 17: Chapter 2 About This Guide
2 About this guide Teldat GmbH Chapter 2 About this guide This document is valid for Teldat devices with system software as of software version 9.1.2. The Reference, which you have in front of you, contains the following chapters: User's Guide - Reference...
Page 18 2 About this guide Teldat GmbH Chapter Description Firewall VoIP Local Services Maintenance External Reporting Monitoring Glossary The glossary contains a reference to the most important tech- nical terms used in network technology. The index lists all the key terms for operating the device and all...
Page 19 2 About this guide Teldat GmbH Symbol Indicates a warning of risk level Warning (points out possible dangers that may cause physical injury or even death if not ob- served). The following typographical elements are used to help you find and interpret the informa-...
Page 20: Chapter 3 Installation
3 Installation Teldat GmbH Chapter 3 Installation Caution Please read the safety notices carefully before installing and starting up your device. These are supplied with the device. 3.1 Setting up and connecting Note All you need for this is the cable supplied with the equipment.
Page 21 (ETH1) of your device to your LAN using the Ethernet cable supplied. The device automatically detects whether it is connected to a switch or directly to a PC. (4) ADSL (only bintec R3002 and bintec RT3002) Connect the DSL interface (DSL) of your device to the DSL output of the splitter us- ing the DSL cable supplied.
Page 22: Cleaning
3 Installation Teldat GmbH • ISDN-BRI (see Variable switching of S0 interfaces on page 37) Connect the ISDN BRI interface (BRI1, BRI2 or BRI3, BRI4) of the device to your ISDN socket using the ISDN BRI cable provided. • ISDN-PRI (only bintec R4402) Connect the ISDN PRI interface (PRI-1 or PRI-2) of the device to your PRI connection using the ISDN PRI cable provided.
Page 23: Support Information
If you have any questions about your new product or are looking for additional information, the Teldat GmbH Support Centre can be reached Monday to Friday between the hours of 8 am and 5 pm. They can be contacted as follows: Email hotline@teldat.de...
Page 24: Chapter 4 Reset
4 Reset Teldat GmbH Chapter 4 Reset Resetting the device enables you to return your device to a predefined initial state. This may be necessary if you have made incorrect configuration settings or the device is to be reprogrammed. Manually resetting the device You can reset the device to the ex works state with the RESET button.
Page 25: Chapter 5 Technical Data
5 Technical data Teldat GmbH Chapter 5 Technical data This chapter summarises all the hardware properties of the R1202, R3002, R3502, R3802, R4402, RT1202, RT3002, RT3502 and RT4202 devices. 5.1 Scope of supply Your device is supplied with the following parts:...
Page 26 5 Technical data Teldat GmbH Product Cable sets/other Software Documentation name VDSK cable Release Notes, if required 19-inch installation kit Installation poster (printed) 4x rubber feet - self- adhesive R3802 Ethernet cable Companion DVD Quick Install Guide and safety notices (printed)
Page 27: General Product Features
5 Technical data Teldat GmbH Product Cable sets/other Software Documentation name ISDN BRI cable User's Guide (on DVD) Serial cable bintec Dime Manager User's Guide (on DVD) Network cable Release Notes, if required 2 ADSL cables (for Annex A and for Annex B)
Page 28 5 Technical data Teldat GmbH Property bintec R1202 bintec RT1202 Dimensions and weights: Equipment dimensions 19" housing (482.6 mm x 220 mm 19" housing (482.6 mm x 220 mm without cable (B x H x D): x 45 mm) x 45 mm) Weight approx.
Page 29 Dime Manager User's Guide on DVD on DVD Installation poster Installation poster Online documentation User's Guide User's Guide Workshops Workshops Release Notes, if required Release Notes, if required General product features bintec R3002, bintec R3502, bintec R3802 bintec Rxxx2/RTxxx2...
Page 30 5 Technical data Teldat GmbH Property bintec R3002 bintec R3502 bintec R3802 Dimensions and weights: Equipment dimensions 19" housing (482.6 19" housing (482.6 19" housing (482.6 without cable (B x H x D): mm x 220 mm x 45 mm x 220 mm x 45...
Page 31 5 Technical data Teldat GmbH Property bintec R3002 bintec R3502 bintec R3802 ADSL2+ interface Internal ADSL2+ mo- dem for Annex A and Annex B VDSL2 interface In accordance with ITU G.993.2; supports Baud plan ISDN 998. Autodetection of VD- SL profile.
Page 32 5 Technical data Teldat GmbH Property bintec R3002 bintec R3502 bintec R3802 Ethernet interfaces RJ45 socket RJ45 socket RJ45 socket ISDN BRI interface RJ45 socket RJ45 socket RJ45 socket ADSL interface RJ45 socket VDSL2 interface RJ45 socket SHDSL interface RJ45 socket Standards &...
Page 33 5 Technical data Teldat GmbH Property bintec RT3002 bintec RT3502 Dimensions and weights: Equipment dimensions 19" housing (482.6 mm x 220 mm 19" housing (482.6 mm x 220 mm without cable (B x H x D): x 45 mm) x 45 mm) Weight approx.
Page 34 5 Technical data Teldat GmbH Property bintec RT3002 bintec RT3502 supports Baud plan ISDN 998. Autodetection of VDSL profile. Ethernet IEEE 802.3 LAN Permanently installed (twisted pair Permanently installed (twisted pair (4-port switch) only), 10/100/1000 mbps, auto- only), 10/100/1000 mbps, auto-...
Page 35 5 Technical data Teldat GmbH Property bintec RT3002 bintec RT3502 bintec Dime Manager User's Guide bintec Dime Manager User's Guide on DVD on DVD Installation poster Installation poster Online documentation User's Guide User's Guide Workshops Workshops Release Notes, if required...
Page 36 5 Technical data Teldat GmbH Property bintec R4402 bintec RT4202 Relative atmospheric hu- 10 % to 90 % non-condensing in 10 % to 90 % non-condensing in midity operation, operation, 5 % to 95 % non-condensing when 5 % to 95 % non-condensing when...
Page 37: Leds
5 Technical data Teldat GmbH Property bintec R4402 bintec RT4202 SAFERNET TM Security Community passwords, PAP, Community passwords, PAP, Technology CHAP, MS-CHAP, MS-CHAP v.2, CHAP, MS-CHAP, MS-CHAP v.2, PPTP, PPPoE, PPPoA, Callback, PPTP, PPPoE, PPPoA, Callback, Access Control Lists, CLID, NAT,...
Page 38 5 Technical data Teldat GmbH Colour Status Information router. STATUS green flashing The device is being initialised. In operation mode, the LEDs display the following status information for your device: LED status display Colour Status Information POWER green The power supply is connected.
Page 39: Connectors
5 Technical data Teldat GmbH 5.4 Connectors The network connection and the on/off switch are located on the back of the device. Fig. 4: Mains connection All other connections are located on the front of the device. bintec R1202 has a 4-port Ethernet switch, a serial interface, an ETH5 interface and an ISDN BRI interface.
Page 40 ISDN BRI interface LED display bintec R3002, bintec R3502 and bintec 3802 have a 4-port Ethernet switch, a serial inter- face, an ETH5 interface and an ISDN BRI interface as well as a DSL interface. The connections are arranged as follows: bintec R3002 Fig.
Page 41 ETH1 - ETH4 10/100/1000 Base-T Ethernet interface BRI1 ISDN BRI interface DSL interface (ADSL2+ interface for bintec R3002, VDSL2 interface for bintec R3502, SHDSL interface for bintec R3802) LED display bintec RT3002 and bintec RT3502 have a 4-port Ethernet switch, a serial interface, an ETH5 interface, four ISDN BRI interfaces as well as a DSL interface.
Page 42 5 Technical data Teldat GmbH bintec R4402 Fig. 9: Front of Front of bintec R4402 CONSOLE Serial interface POWER / STATUS LED display for power and status RESET Reset button ETH5 Ethernet interface ETH1 - ETH4 10/100/1000 Base-T Ethernet interface...
Page 43: Pin Assignments
5 Technical data Teldat GmbH ETH1 - ETH4 10/100/1000 Base-T Ethernet interface BRI1 - BRI4 ISDN BRI interface LED display FXS1 - FXS4 FXS interfaces 5.5 Pin Assignments 5.5.1 Serial interface Your device has a serial interface for connection to a console. This supports Baud rates from 1200 to 115200 Bps.
Page 44: Adsl Interface
The Ethernet 10/100/1000 BASE-T interface does not have an Auto-MDI-X function. 5.5.3 ADSL interface The ADSL interface on bintec R3002 and RT3002 is connected via an RJ45 plug. The cable supplied connects the RJ45 plug needed for the device to an RJ11 plug provided for Annex A.
Page 45: Shdsl Interface
5 Technical data Teldat GmbH RJ45 socket for ADSL connection bintec R3002 and RT3002 Position Not used Not used Not used Line 1a Line 1b Not used Not used Not used 5.5.4 SHDSL interface The SHDSL interface on bintec R3802 is connected via an RJ45 connector. The cable supplied connects the RJ45 connector needed for the device to an RJ45 connector needed for the SHDSL connection.
Page 46: Vdsl2 Interface
5 Technical data Teldat GmbH Position Line b2 5.5.5 VDSL2 interface The VDSL2 interface on bintec R3502 and RT3502 is connected via an RJ45 plug. The following pins are used for the VDSL connection: bintec R3502 bintec RT3502 Fig. 15: VDSL2 interface (RJ45 connector)
Page 47: Isdn Bri Interface
5 Technical data Teldat GmbH Fig. 16: ISDN PRI interface (RJ45 socket) The pin assignment for the ISDN PRI interface (RJ45 socket) is as follows: RJ45 socket for ISDN PRI connection Position Not used Not used Not used Not used...
Page 48: Fxs Interface
5 Technical data Teldat GmbH Fig. 17: ISDN BRI interface (RJ45 socket) The pin assignment for the ISDN BRI interface (RJ45 socket) in TE mode is as follows: RJ45 socket for ISDN connection in TE mode Position Not used Not used...
Page 49: Weee Information
5 Technical data Teldat GmbH Fig. 18: FXS interface (RJ45 connector) The pin assignment for the FXS interface (RJ45 connector) is as follows: RJ45 connector for FXS connection Position Not used Not used Not used Not used Not used Not used...
Page 50 5 Technical data Teldat GmbH 5.6 WEEE information bintec Rxxx2/RTxxx2...
Page 51: Variable Switching Of S0 Interfaces
6 Variable switching of S0 interfaces Teldat GmbH Chapter 6 Variable switching of S0 interfaces 6.1 Switching the S0 interfaces from external to in- ternal The devices bintec R4402, bintec RT1202, bintec RT3002, bintec RT3502 and bintec RT4202 have two or four BRI connections. All BRI connections can be operated as internal or as external S0 connections.
Page 52 6 Variable switching of S0 interfaces Teldat GmbH To carry out the switch proceed as follows: Unscrew the two screws on the back of the device and slide the cover upwards. The link plugs for the BRI-1 and BRI-2 interfaces can be found on all devices on the main PCB behind the terminal block.
Page 53 6 Variable switching of S0 interfaces Teldat GmbH You can also switch the interfaces BRI-3 and BRI-4. The link plugs are on the side of the ISDN-L module. Insert the link plugs for interfaces BRI-3 and BRI-4 as shown in the following figure: * "on"...
Page 54 6 Variable switching of S0 interfaces Teldat GmbH Interface Link plug area Position Position Internal/external switching BRI-4 Internal external Power supply for internal con- BRI-3 nection Power supply for internal con- BRI-4 nection 100 Ohm terminator BRI-3 100 Ohm terminator...
Page 55: Basic Configuration
• Password: Note All Teldat devices are delivered with the same username and password. As long as the password remains unchanged, they are therefore not protected against unauthor- ised use. Make sure you change the passwords to prevent unauthorised access to...
Page 56: System Requirements
7 Basic configuration Teldat GmbH 7.2 System requirements Your Teldat gateway contains extensive features for encrypted data transfer and Internet access for both individual users and companies. For configuration of the device, your PC must meet the following system requirements: •...
Page 57 7 Basic configuration Teldat GmbH values later when needed. If you configure a new network, you can use the given example values for IP addresses and netmasks. In cases of doubt, ask your system administrator. Basic configuration For a basic configuration of your gateway, you need information that relates to your net-...
Page 58: Configuring A Pc
7 Basic configuration Teldat GmbH Access data Example value Your values T-Online number (usually 12 digits) Joint user account Note To configure T-Online Internet access, enter the following succession of numbers without intervening spaces in the User Name field: User account (12 digits) + T-Online number (usually 12 digits) + co-user number (for the main user, always 0001).
Page 59: Modify System Password
Password: 7.4 Modify system password All Teldat devices are delivered with the same username and password. As long as the password remains unchanged, they are therefore not protected against unauthorised use. Make sure you change the passwords to prevent unauthorised access to your device!
Page 60: Setting Up An Internet Connection
7 Basic configuration Teldat GmbH Proceed as follows: (a) Go to the System Management->Global Settings->Passwords menu. (b) Enter a new password for System Admin Password . (c) Enter the new password again under Confirm Admin Password . (d) Click OK.
Page 61: Other Internet Connections
The range of functions of Teldat devices is continuously being extended. These extensions are made available to you by Teldat GmbH free of charge. Checking for new software ver- sions and the installation of updates can be carried out easily with the GUI. An existing in- ternet connection is needed for an automatic update.
Page 62 7 Basic configuration Teldat GmbH The device will now connect to the Teldat GmbH download server and check whether an updated version of the system software is available. If so, your device will be updated auto- matically. When installation of the new software is complete, you will be invited to restart the device.
Page 63: Access And Configuration
8 Access and configuration Teldat GmbH Chapter 8 Access and configuration This chapter describes all the access and configuration options. 8.1 Access Options The various access options are presented below. Select the procedure to suit your needs. There are various ways you can access your device to configure it: •...
Page 64 8 Access and configuration Teldat GmbH 8.1.1.2 Telnet Apart from configuration using a web browser, with a Telnet connection you can also ac- cess the SNMP shell and use other configuration options. You do not need any additional software on your PC to set up a Telnet connection to your device: Telnet is available on all operating systems.
Page 65 8 Access and configuration Teldat GmbH Login on page 54). (2) Enter for the input prompt. You are now in the Flash Management shell. (3) Call up a list of all the files saved on the device: If you see a display like the one below, the keys needed are already there and you can...
Page 66: Access Via The Serial Interface
FAQs, which list the required settings. 8.1.2 Access via the Serial Interface Each Teldat gateway has a serial interface, with which a PC can be connected directly. The following chapter describes what you have to remember when setting up a serial connec- tion and what you can do to configure your device in this way.
Page 67 8 Access and configuration Teldat GmbH Proceed as follows to access your device via the serial interface: (1) In the Windows Start menu, click Programs -> Accessories -> Communication -> HyperTerminal -> Device on COM1 (or Device on COM2, if you use the COM2 port of your PC) to start HyperTerminal.
Page 68: Access Over Isdn
8 Access and configuration Teldat GmbH 8.1.3 Access over ISDN All devices that have an ISDN interface can be accessed and configured from another device via an ISDN call. Access over ISDN with ISDN Login is especially recommended if your device is to be re- motely configured or maintained.
Page 69: User Names And Passwords In Ex Works State
Caution All Teldat devices are delivered with the same username and password. As long as the password remains unchanged, they are therefore not protected against unauthor- ised use. How to change the passwords is described in Passwords on page 75.
Page 70: Configuration Options
8 Access and configuration Teldat GmbH Log in via the HTML surface as follows: (1) Enter your user name in the User field of the input window. (2) Enter your password in the Password field of the input window and confirm with Re- turn or click the Login button.
Page 71: Gui (Graphical User Interface)
8 Access and configuration Teldat GmbH The following chapters describe the configuration based on GUI. Note To change the device configuration, you must log in with the user name . If you do not know the password, you cannot make any configuration settings. This applies to all types of configuration.
Page 72 8 Access and configuration Teldat GmbH Fig. 20: Home page 8.3.1.1 Call up the GUI . (1) Check whether the device is connected and switched on and that all the necessary cables are correctly connected (see Setting up and connecting on page 6).
Page 73 8 Access and configuration Teldat GmbH • The header • The navigation bar • The main configuration window Fig. 21: Areas of the Header Fig. 22: Header GUI Header Menu Position Language: In the dropdown menu, choose the language in which you want to display the GUI.
Page 74 8 Access and configuration Teldat GmbH Menu Position Logout: If you want to end the configuration, click this button to log out of your device. A window is opened offering you the fol- lowing options: • Save configuration, save previous boot configuration, then exit.
Page 75 8 Access and configuration Teldat GmbH The Save configuration button is found in the navigation bar. If you save a current configuration, you can save this as the boot configuration or you can also archive the previous boot configuration as a backup.
Page 76 8 Access and configuration Teldat GmbH Button Position If you do not want to save a newly configured list entry, cancel this and any settings made by pressing Cancel. Confirms the settings of a new entry and the parameter changes in a list.
Page 77 8 Access and configuration Teldat GmbH Symbol Position Indicates "Dormant" status for an interface or connection. Indicates "Up" status for an interface or connection. Indicates "Down" status for an interface or connection. Indicates "Blocked" status for an interface or connection.
Page 78 8 Access and configuration Teldat GmbH Menu Position ing list entry directly in the list. Fig. 25: Configuration of the update interval Fig. 26: Filter list Structure of the GUI configuration menu The menus of the GUI contain the following basic structures:...
Page 79 8 Access and configuration Teldat GmbH Menu Position Enter the data. Radio buttons e.g. Select the corresponding option. Checkboxes e.g. activation by selecting checkbox Selection of several possible options Dropdown menus e.g. Click the arrow to open the list. Select the required option using the mouse.
Page 80: Snmp Shell
8 Access and configuration Teldat GmbH Symbol Meaning This symbol appears in messages referring you to settings that were made with the Setup Tool. This symbol appears in messages referring you to the fact that values were entered or selected incorrectly.
Page 81 8 Access and configuration Teldat GmbH (2) Software Update via TFTP: The devices performs a software update via a TFTP server. (3) Software Update via XMODEM: The device performs a software update via a serial interface with XMODEM. (4) Delete configuration: The device is reset to the ex works state.
Page 82 8 Access and configuration Teldat GmbH Note If you change the baudrate (the preset value is 9600 baud), make sure the terminal program used also uses this baudrate. If this is not the case, you will not be able to es- tablish a serial connection to the device.
Page 83: Assistants
9 Assistants Teldat GmbH Chapter 9 Assistants The Assistants menu offers step-by-step instructions for the following basic configuration tasks: • First steps • Internet Access • VPN • SWYX (only with active optional DSP module) • VoIP PBX in LAN Choose the corresponding task from the navigation bar and follow the instructions and ex- planations on the separate pages of the Wizard.
Page 84: Chapter 10 System Management
10 System Management Teldat GmbH Chapter 10 System Management The System Management menu contains general system information and settings. You see a system status overview. Global system parameters such as the system name, date/time, passwords and licences are managed and the access and authentication meth- ods are configured.
Page 85 10 System Management Teldat GmbH System Management Status Fig. 28: -> The menu System Management->Status consists of the following fields: Fields in the System Information menu. Field Value Uptime Displays the time past since the device was rebooted. System Date Displays the current system date and system time.
Page 86 10 System Management Teldat GmbH Field Value CPU Usage Displays the CPU usage as a percentage. Memory Usage Displays the usage of the working memory in MByte in relation to the available total working memory in MByte. The usage is also displayed in brackets as a percentage.
Page 87: Global Settings
10 System Management Teldat GmbH Field Value Interface specifics for LTE connection: • Current quality of the UMTS/LTE connection Fields in the WAN Interfaces menu. Field Value Description - Connec- All the WAN interfaces are listed here and their most important tion Information - Link settings are shown.
Page 88 10 System Management Teldat GmbH Field Value System Name Enter the system name of your device. This is also used as the PPP host name. A character string with a maximum of 255 characters is pos- sible. The device type is entered as the default value.
Page 89: Passwords
10 System Management Teldat GmbH Field Value • : Messages with emergency, alert, critical, error and warning priority are recorded. • : Messages with emergency, alert, critical, error, warning and notice priority are recorded. • (default value): Messages with emergency, alert, critical, error, warning, notice and information priority are recorded.
Page 90 -> Note All Teldat devices are delivered with the same username and password. As long as the password remains unchanged, they are not protected against unauthorised use. Make sure you change the passwords to prevent unauthorised access to the device If the password is not changed, under System Management->Status there appears...
Page 91: Date And Time
10 System Management Teldat GmbH Field Value munity Fields in the Global Password Options menu Field Value Show passwords and Define whether the passwords are to be displayed in clear text keys in clear text (plain text). The function is enabled with The function is disabled by default.
Page 92 10 System Management Teldat GmbH System Management Global Settings Date and Time Fig. 31: -> -> You have the following options for determining the system time (local time): ISDN/Manual The system time is updated via ISDN, i.e. the date and time are taken from the ISDN when the first outgoing call is made, or is set manually on the device.
Page 93 10 System Management Teldat GmbH that the device uses the desired current time, you should configure one or more time serv- ers. Switching from summer time to winter time (and back) must be carried out manually if the time is derived using this method by changing the value in the Time Zone field with an option UTC+ or UTC-.
Page 94 10 System Management Teldat GmbH Fields in the Automatic Time Settings (Time Protocol) menu. Field Description ISDN Timeserver Only for devices with ISDN interface. Determine whether the system time is to be updated via ISDN. If a time server is configured, the time is only determined over ISDN until a successful update is received from this time server.
Page 95 10 System Management Teldat GmbH Field Description • : This time server is not currently used for the time re- quest. Third Timeserver Enter the third time server, by using either a domain name or an IP address. In addition, select the protocol for the time server request.
Page 96: System Licences
10 System Management Teldat GmbH Field Description Internal Time Server Select whether the internal timeserver is to be used. The function is activated by selecting . Time requests from a client will be answered with the current system time. This is given as GMT, without offset.
Page 97 10 System Management Teldat GmbH Licence Meaning Subsystem is activated. Not OK Subsystem is not activated. Not supported You have entered a licence for a subsystem your device does not support. In addition, above the list is shown the System Licence ID required for online licensing.
Page 98: Interface Mode / Bridge Groups
10 System Management Teldat GmbH Note is displayed as the status: • Enter the licence data again. • Check your hardware serial number. is displayed as the status, you have entered a license for a sub- system that your device does not support. This means you cannot use the functions of this licence.
Page 99 10 System Management Teldat GmbH (a) WLAN (b) Number of the physical port (1 or 2) Example: The name of the Ethernet port is made up of the following parts: (a) ETH (b) Number of the port Example: The name of the interface connected to an Ethernet port is made up of the following parts: (a) Abbreviation for interface type, whereby stands for internet.
Page 100: Interfaces
10 System Management Teldat GmbH Example: (first client link on the first wireless module) The name of the virtual interface connected to an Ethernet port is made up of the following parts: (a) Abbreviation for interface type (b) Number of the Ethernet port...
Page 101 10 System Management Teldat GmbH Field Description When selecting , a new bridge group is automatically created after you click the OK button. Configuration Interface Select the interface via which the configuration is to be carried out. Possible values: •...
Page 102 10 System Management Teldat GmbH System Management Interface Mode / Bridge Groups Interfaces Fig. 35: -> -> -> You can realise bridging for devices behind access clients with the MAC Bridge function. In wildcard mode you cannot define how Unicast non-IP frames or non-ARP frames are pro- cessed.
Page 103: Administrative Access
10 System Management Teldat GmbH Field Value on any of the Ethernet interfaces, is used as the wildcard MAC address. This wildcard MAC address can only be reset by rebooting the device or by selecting another wildcard mode. • : If you choose this setting, the internal WLAN MAC ad- dress is used to establish a connection to the access point.
Page 104 Only for hybird devices: You can also authorise your device for maintenance work from Teldat's Customer Service department. You do this you enable either Service Login (ISDN Web-Access) or Service Call Ticket (SSH Web Access), depending on the service you require, and select the OK button.
Page 105: Ssh
10 System Management Teldat GmbH The System Management->Administrative Access->Access->Add menu consists of the following fields: Fields in the menu Access Field Description Interface Select the interface for which administrative access is to be con- figured. 10.4.2 SSH Your devices offers encrypted access to the shell. You can enable or disable this access in the System Management->Administrative Access->SSH Enabled menu (standard...
Page 106 10 System Management Teldat GmbH To be able to reach the shell of your device via an SSH client, make sure the settings for the SSH Daemon and SSH client are the same. Note If configuration of an SSH connection is not possible, restart the device to initialise the SSH Daemon correctly.
Page 107 10 System Management Teldat GmbH Field Value By default are enabled. Hashing Algorithms Select the algorithms that are to be available for message au- thentication of the SSH connection. Possible options: • • • By default are enabled. Fields in the menu Key Status...
Page 108 10 System Management Teldat GmbH Field Value possible, for example because there is not enough space in the FlashROM. The menu Advanced Settings consists of the following fields: Fields in the menu Advanced Settings Field Value Login Grace Time Enter the time (in seconds) that is available for establishing the connection.
Page 109: Snmp
10 System Management Teldat GmbH 10.4.3 SNMP SNMP (Simple Network Management Protocol) is a network protocol used to monitor and control network elements (e.g. routers, servers, switches, printers, computers etc.) from a central station. SNMP controls communication between the monitored devices and monit- oring station.
Page 110: Remote Authentication
10 System Management Teldat GmbH Field Value By default, are enabled. If no option is selected, the function is deactivated. SNMP Listen UDP Port Shows the UDP port ( ) at which the device receives SNMP requests. The value cannot be changed.
Page 111 10 System Management Teldat GmbH RADIUS packets The following types of packets are sent between the RADIUS server and your device (client): Packet types Field Value ACCESS_REQUEST Client -> Server If an access request is received by your device, a request is sent to the RADIUS server if no corresponding connection part- ner has been found on your device.
Page 112 10 System Management Teldat GmbH 10.5.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to add RADIUS serv- ers. System Management Remote Authentication RADIUS Fig. 40: -> -> -> The System Management->Remote Authentication->RADIUS->Newmenu consists of the following fields: Fields in the Basic Parameters menu.
Page 113 In standard applications, leave the value set to Possible values for hotspot applications: • : For France Telecom hotspot applications. • : For Teldat hotspot applications. Server IP Address Enter the IP address of the RADIUS server. RADIUS Secret Enter the shared password used for communication between the RADIUS server and your device.
Page 114 10 System Management Teldat GmbH Field Value be used. The function is activated by selecting The function is enabled by default. Group Description Define a new RADIUS group description or assign the new RA- DIUS entry to a predefined group. The configured RADIUS servers for a group are queried according to Priority and the Policy .
Page 115 10 System Management Teldat GmbH Field Value Server Timeout Enter the maximum wait time between ACCESS_REQUEST and response in milliseconds. After timeout, the request is repeated according to Retries or the next configured RADIUS server is requested. Possible values are whole numbers between The default value is (1 second).
Page 116: Tacacs
Like RADIUS, TACACS+ is an AAA protocol and offers authentication, authorisation and accounting services (TACACS+ Accounting is currently not supported by Teldat devices). The following TACACS+ functions are available on your device: •...
Page 117 10 System Management Teldat GmbH System Management Remote Authentication TACACS+ Fig. 41: -> -> -> The System Management->Remote Authentication->TACACS+ ->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Authentication Type Displays which TACACS+ function is to be used. The value cannot be changed.
Page 118 10 System Management Teldat GmbH Field Description authentication. If no response is given or access is denied (only if Policy = ), the entry with the next- highest priority is used. The available values are to , the default value is .
Page 119: Options
10 System Management Teldat GmbH Field Description Block Time Enter the time in seconds for which the status of the current server shall remain blocked. When the block has ended, the server is set to the status spe- cified in the Entry active field.
Page 120: Certificates
10 System Management Teldat GmbH Fields in the Global RADIUS Options menu. Field Description Authentication for PPP By default, the following authentication sequence is used for in- Dialin coming calls with RADIUS: First CLID, then PPP and then PPP with RADIUS.
Page 121: Certificate List
10 System Management Teldat GmbH Certificates are issued for a specific period, usually one year, i.e. they have a limited valid- ity period. Your device is designed to use certificates for VPN connections and for voice connections over Voice over IP.
Page 122 10 System Management Teldat GmbH System Management Certificates Certificate List Fig. 43: -> -> -> The certificates and keys themselves cannot be changed, but a few external attributes can be changed, depending on the type of the selected entry. The System Management->Certificates->Certificate List->...
Page 123 10 System Management Teldat GmbH Field Description Certificates issued by this CA are accepted during authentica- tion. The function is enabled with The function is disabled by default. Certificate Revocation Only for Certificate is CA Certificate = List (CRL) Checking...
Page 124 10 System Management Teldat GmbH 10.6.1.2 Certificate Request Registration authority certificates in SCEP If SCEP (Simple Certificate Enrollment Protocol) is used, your device also supports separ- ate registration authority certificates. Registration authority certificates are used by some Certificate Authorities (CAs) to handle certain tasks (signature and encryption) during SCEP communication with separate keys, and to delegate the operation to separate registration authorities, if applicable.
Page 125 10 System Management Teldat GmbH System Management Certificates Certificate List Certificate Request Fig. 44: -> -> -> The menu System Management->Certificates->Certificate List->Certificate Request consists of the following fields: Fields in the Certificate Request menu. Field Description Certificate Request De- Enter a unique description for the certificate.
Page 126 10 System Management Teldat GmbH Field Description field. This file must be provided to the CA and the received certificate must then be imported manually to your device. • : The key is requested from a CA using the Simple Cer- tificate Enrolment Protocol.
Page 127 10 System Management Teldat GmbH Field Description not configured on the device, the validity of certificates from this CA is not checked. • <name of an existing certificate>: If all the necessary certific- ates are already available in the system, you select these manually.
Page 128 10 System Management Teldat GmbH Field Description If the field is not selected, enter the name components in Com- mon Name, E-mail, Organizational Unit, Organization, Loc- ality, State/Province and Country. The function is disabled by default. Summary Only for Custom = enabled.
Page 129 10 System Management Teldat GmbH Field Description #1, #2, #3 For each entry, define the type of name and enter additional subject names. Possible values: • (default value): No additional name is entered. • : An IP address is entered.
Page 130: Crls
10 System Management Teldat GmbH System Management Certificates Certificate List Import Fig. 45: -> -> -> The menu System Management->Certificates->Certificate List->Import consists of the following fields: Fields in the Import menu. Field Description External Filename Enter the file path and name of the certificate to be imported, or use Browse...
Page 131 10 System Management Teldat GmbH If a key is no longer to be used, e.g. because it has fallen into the wrong hands or has been lost, the corresponding certificate is declared invalid. The certification authority revokes the certificate and publishes it on a certificate blacklist, so-called CRL. Certificate users should always check against these lists to ensure that the certificate used is currently valid.
Page 132: Certificate Servers
10 System Management Teldat GmbH Field Description type of encoding. • • Password Enter the password required for the import. 10.6.3 Certificate Servers A list of certificate servers is displayed in the System Management->Certificates->Certi- ficate Servers menu. A certification authority (certification service provider, Certificate Authority, CA) issues your certificates to clients applying for a certificate via a certificate server.
Page 133: Chapter 11 Physical Interfaces
11.1 AUX You require a special cable for the console port of your gateway (e.g. AUX Backup cable) to connect an external analogue modem to the AUX port on a Teldat gateway. 11.1.1 AUX With an analogue/GSM interface, the gateway also supports connections for analogue and GSM modems (e.g.
Page 134 11 Physical Interfaces Teldat GmbH Physical Interfaces Fig. 49: -> -> The Physical Interfaces->AUX->AUXmenu consists of the following fields: Fields in the Basic Settings menu. Field Description AUX Port Status Select whether the AUX port should be enabled or disabled.
Page 135 11 Physical Interfaces Teldat GmbH Field Description logue modem. Incoming Service Type Only for AUX Port Status = enabled Here you select the gateway subsystem to which an incoming call over the modem is to be assigned. Possible values: •...
Page 136: Ethernet Ports
11 Physical Interfaces Teldat GmbH Field Description vider must be entered, e.g. internet.eplus.de for eplus and so A maximum of 40 characters can be entered. If no APN or an incorrect APN is entered, a configured GPRS connection will not function.
Page 137: Port Configuration
11 Physical Interfaces Teldat GmbH VLANs for Routing Interfaces Configure VLANs to separate individual network segments from each other, for example (e.g. individual departments of a company) or to reserve bandwidth for individual VLANs when managed switches are used with the QoS function.
Page 138 11 Physical Interfaces Teldat GmbH Field Description to the numbering of the Ethernet ports on the back of the device. Ethernet Interface Se- Assign a logical Ethernet interface to the switch port. lection You can select from five interfaces, . In the ba-...
Page 139: Isdn Ports
11 Physical Interfaces Teldat GmbH Field Description Flow Control Select whether a flow control should be conducted on the cor- responding interface. Possible values: • (default value): No flow control is performed. • : Flow control is performed. • : Automatic flow control is performed.
Page 140 11 Physical Interfaces Teldat GmbH You can use the ISDN BRI interface of your gateway for both dialup connections and leased lines over ISDN. Physical Interfaces ISDN Ports ISDN Configuration Fig. 51: -> -> -> The Physical Interfaces->ISDN Ports->ISDN Configuration->...
Page 141 11 Physical Interfaces Teldat GmbH Field Description uration Type. • : Detection is still running. Port Usage Only if Autoconfiguration on Bootup is disabled. Select the protocol that you want to use for the ISDN port. Possible values: • : The ISDN connection is not used.
Page 142 11 Physical Interfaces Teldat GmbH Field Description • : Leased line over B channel 2 (64 kbps) Call Number This parameter is exclusively used by Media Gateway. Only for Port Usage and ISDN Con- figuration Type Only for the devices RTxxx2 Enter the basic number of the Point-to-Point.
Page 143 11 Physical Interfaces Teldat GmbH Field Description • • • (default value) are only for the use of X.31 TEI for CAPI applications. For , the TEI value set in the CAPI ap- plication is used. For , the value of the CAPI ap- plication is ignored and the default value set here is always used.
Page 144 11 Physical Interfaces Teldat GmbH Physical Interfaces ISDN Ports ISDN Configuration Fig. 52: -> -> -> The Physical Interfaces->ISDN Ports->ISDN Configuration-> menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Port Name Shows the name of the ISDN port.
Page 145 11 Physical Interfaces Teldat GmbH Field Description ectly coupled. • : You can select a leased line. • : Q-SIG S2M User Profile • : Q-SIG S2M Network Profile ISDN Line Framing Only if Port Usage is selected. Select the framing type for layer 1.
Page 146 11 Physical Interfaces Teldat GmbH Field Description • : The device sends no IE (Information Element) for channel identification. The exchange selects the channel to be used. • : The device selects the channel to be used and signals this to the exchange.
Page 147 11 Physical Interfaces Teldat GmbH Field Description er as so-called hyper channels. You can also group together channels as PPP multilink channel bundles. Timeslots divide the available 2 Mbps bandwidth of an S2M connection into logical channels. No distinction is made below between timeslots and channels, as the difference is immaterial for configuration purposes.
Page 148: Msn Configuration
• ISDN Login: The ISDN login service enables both incoming data connections with access to the SNMP shell of your device, and outgoing data connections to other Teldat devices. As a result, your device can be remotely configured and administrated.
Page 149 11 Physical Interfaces Teldat GmbH • X.25 PAD: X.25 PAD is used to provide a protocol converter, which converts non- packet-oriented protocols to packet-oriented communication protocols and vice versa. Data terminal equipment sending or receiving data on a non-data-packet-oriented basis can this be adapted in line with Datex-P (public data packet network based on the prin- ciple of a packet switching exchange).
Page 150 11 Physical Interfaces Teldat GmbH Field Description ISDN Port Select the ISDN port for which the MSN is to be configured. Service Select the service to which a call is to be assigned on the MSN below. Possible values: •...
Page 151: Dsl Modem
Teldat GmbH 11.4 DSL Modem The ADSL modem on the bintec R3002 and bintec RT3002 is compatible with ANNEX A and ANNEX B standards and so can be used universally in several countries. It is particu- larly suitable for high-speed Internet access and remote access use in SMEs or remote of- fices.
Page 152 11 Physical Interfaces Teldat GmbH Physical Interfaces DSL Modem DSL Configuration Fig. 55: VDSL modem: -> -> The menu Physical Interfaces->DSL Modem->DSL Configuration consists of the follow- ing fields: Fields in the DSL Port Status menu. Field Description DSL Chipset Shows the key of the installed chipset.
Page 153 The value cannot be changed. Fields in the DSL Parameter menu. Field Description DSL Mode Only for devices with an ADSL modem (bintec R3002 / bintec RT3002) Define which Annex of ITU-T Recommendation G.991.2 is used for the connection. Possible values: •...
Page 154 11 Physical Interfaces Teldat GmbH Field Description for the remote terminal. • : ADSL2 / G.992.3 is used. • : ADSL2 Plus / G.992.5 is used. • (default value): VDSL is used. • : VDSL/ADSL multi mode is used. DSL SyncType Only for devices with an ADSL modem Select the ADSL synchronization type.
Page 155: Shdsl
11 Physical Interfaces Teldat GmbH Field Description in Maximum Upstream Bandwidth. Maximum Upstream Only for Transmit Shaping = Bandwidth Enter the maximum data rate in the send direction in bits per second. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
Page 156 11 Physical Interfaces Teldat GmbH Choose the button to edit the predefined SHDSL interfaces. In the ex works state, the logical SHDSL interfaces are each preset with one pair of wires. Physical Interfaces SHDSL SHDSL Configuration Fig. 56: -> ->...
Page 157 11 Physical Interfaces Teldat GmbH Field Description • (default value): For applications in Europe (provider-dependent) for example. Clock Rate Define whether the clock rate should be negotiated. Possible values: • : The clock rate is predefined. • (default value): The clock rate is negotiated de- pending on the line quality.
Page 158 11 Physical Interfaces Teldat GmbH Field Description For Wire Mode = the second pair of wires is defined here. For Wire Mode = the second and third pair of wires is defined here. Wire pairs already used in defined connections are not available for selection.
Page 159: Chapter 12 Lan
12 LAN Teldat GmbH Chapter 12 LAN In this menu, you configure the addresses in your LAN and can structure your local network using VLANs. 12.1 IP Configuration In this menu, you can edit the IP configuration of the LAN and Ethernet interfaces of your device.
Page 160 12 LAN Teldat GmbH Example of subnets If your device is connected to a LAN that consists of two subnets, you should enter a second IP Address / Netmask. The first subnet has two hosts with the IP addresses 192.168.42.1 and 192.168.42.2, for example, and the second subnet has two hosts with the IP addresses 192.168.46.1 and...
Page 161 12 LAN Teldat GmbH Field Description Select the Ethernet interface for which the virtual interface is to be configured. Address Mode Select how an IP address is assigned to the interface. Possible values: • (default value): The interface is assigned a static IP address in IP Address / Netmask.
Page 162 12 LAN Teldat GmbH Field Description This option only applies for routing interfaces. Assign the inter- face to a VLAN by entering the VLAN ID of the relevant VLAN. Possible values are (default value) to The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
Page 163: Vlan
12 LAN Teldat GmbH Field Description The function is disabled by default. TCP-MSS Clamping Select whether your device is to apply MSS Clamping. To pre- vent IP packets fragmenting, the MSS (Maximum Segment Size) is automatically decreased by the device to the value set here.
Page 164 12 LAN Teldat GmbH Fig. 58: VLAN segmenting VLAN for Bridging and VLAN for Routing In the LAN->VLAN menu, VLANs (virtual LANs) are configured with interfaces that operate in Bridging mode. Using the VLAN menu, you can make all the settings needed for this and query their status.
Page 165: Vlans
12 LAN Teldat GmbH 12.2.1 VLANs In this menu, you can display all the VLANs already configured, edit your settings and cre- ate new VLANs. By default, the VLAN is available, to which all interfaces are assigned. 12.2.1.1 Edit or New Choose the icon to edit existing entries.
Page 166: Port Configuration
12 LAN Teldat GmbH 12.2.2 Port Configuration In this menu, you can define and view the rules for receiving frames at the VLAN ports. VLANs Port Configuration Fig. 60: -> -> The LAN->VLANs->Port Configurationmenu consists of the following fields: Fields in the Port Configuration menu.
Page 167 12 LAN Teldat GmbH VLANs Administration Fig. 61: -> -> The LAN->VLANs->Administrationmenu consists of the following fields: Fields in the Bridge Group br<ID> VLAN Options menu Field Description Enable VLAN Enable or disable the specified bridge group for VLAN. The function is enabled with The function is not activated by default.
Page 168: Chapter 13 Wireless Lan Controller
13 Wireless LAN Controller Teldat GmbH Chapter 13 Wireless LAN Controller By using the wireless LAN controller, you can set up and manage a WLAN infrastructure with multiple access points (APs). The WLAN controller has a Wizard which assists you in the configuration of your access points.
Page 169: Basic Settings
Please note: Make sure that option 138 is active when using an external DHCP server. If you wish to use a Teldat Gateway for example as a DHCP server, click on the GUI menu for this device under Local Services->DHCP Server->DHCP Pool->New->Advanced Settings in the DHCP Options field on the Add button.
Page 170: Radio Profile
13 Wireless LAN Controller Teldat GmbH 13.1.2 Radio Profile Select which frequency band your WLAN controller shall use. If the is set then the 2.4 GHz frequency band is used. If the is set then the 5 GHz frequency band is used.
Page 171 13 Wireless LAN Controller Teldat GmbH Enter an ASCII string with a maximum of 32 characters. Also select whether the Network Name (SSID) is to be transmitted. Security Mode Select the security mode (encryption and authentication) for the wireless network.
Page 172: Start Automatic Installation
13 Wireless LAN Controller Teldat GmbH Note Before you continue, please ensure that all access points that the WLAN controller shall manage are correctly wired and switched on. 13.1.4 Start automatic installation You will see a list of all detected access points.
Page 173 13 Wireless LAN Controller Teldat GmbH The number of channels you can select depends on the country setting. Please consult the data sheet for your device. Note Configuring the network name (SSID) in Access Point mode means that wireless net-...
Page 174: Controller Configuration
13 Wireless LAN Controller Teldat GmbH Under Configure the Alert Service for WLAN surveillance, click Start to monitor your managed APs. You are taken to the External Reporting->Alert Service->Alert Recipient menu with the default setting Event = . You can specify that you wish to be notified by e-mail if the event occurs.
Page 175 Please note: Make sure that option 138 is active when using an external DHCP server. If you wish to use a Teldat Gateway for example as a DHCP server, click on the GUI menu for this device under Local Ser- vices->DHCP Server->DHCP Pool->New->Advanced Set-...
Page 176: Slave Ap Configuration
13 Wireless LAN Controller Teldat GmbH Field Description Slave AP location Select whether the APs that the wireless LAN controller is to manage are located in the LAN or the WAN. Possible values: • (default value) • setting is useful if, for example, there is a wireless LAN controller installed at head office and its APs are distributed to different branches.
Page 177: Slave Access Points
13 Wireless LAN Controller Teldat GmbH 13.3.1 Slave Access Points Wireless LAN Controller Slave AP configuration Slave Access Points Fig. 63: -> -> In the Wireless LAN Controller->Slave AP configuration->Slave Access Points menu a list of all APs found with the wizard is displayed.
Page 178 13 Wireless LAN Controller Teldat GmbH 13.3.1.1 Edit Choose the icon to edit existing entries. You can also delete entries using the icon. If you have deleted APs, these will be loc- ated again but shall not be configured. Wireless LAN Controller...
Page 179 13 Wireless LAN Controller Teldat GmbH Field Description Name Displays the name of the AP. You can change the name. Description Enter a unique description for the AP. CAPWAP Encryption Select whether communication between the master and slaves is to be encrypted.
Page 180 13 Wireless LAN Controller Teldat GmbH Field Description different channels. Each of these should be spaced at least four channels apart, as a network also partially occupies the adja- cent channels. In the case of manual channel selection, please make sure first that the APs actually support these channels.
Page 181: Radio Profiles
13 Wireless LAN Controller Teldat GmbH 13.3.2 Radio Profiles Wireless LAN Controller Slave AP configuration Radio Profiles Fig. 65: -> -> An overview of all created wireless module profiles is displayed in the Wireless LAN Con- troller->Slave AP configuration->Radio Profiles menu. A profile with 2.4 GHz and a pro- file with 5 GHz are created by default;...
Page 182 13 Wireless LAN Controller Teldat GmbH Wireless LAN Controller Slave AP configuration Radio Profiles / New Fig. 66: -> -> -> The Wireless LAN Controller->Slave AP configuration->Radio Profiles-> / New menu consists of the following fields: Fields in the menu Radio Profile Definition...
Page 183 13 Wireless LAN Controller Teldat GmbH Field Description your network. Operation Band Select the frequency band of the wireless module profile. Possible values: • (default value): Your device is oper- ated at 2.4 GHz (mode 802.11b, mode 802.11g and mode 802.11n), inside or outside buildings.
Page 184 13 Wireless LAN Controller Teldat GmbH Fields in the menu Performance Settings Field Description Wireless Mode Select the wireless technology that the access point is to use. For Operation Band = Possible values: • : The device operates only in accordance with 802.11g.
Page 185 13 Wireless LAN Controller Teldat GmbH Field Description Max. Transmission Select the transmission speed. Rate Possible values: • (default value): The transmission speed is determined automatically. • : According to setting for Operation Band, Band- width, Number of Spatial Streams and Wireless Mode vari- ous fixed values in mbps are available.
Page 186 13 Wireless LAN Controller Teldat GmbH Field Description lected. This ensures that no channels overlap, i.e. a distance of four channels is maintained between the channels used. This is useful if more access points are used with overlapping radio cells.
Page 187 13 Wireless LAN Controller Teldat GmbH Field Description RTS Threshold Here you can specify the data packet length threshold in bytes (1..2346) as of which the RTS/CTS mechanism is to be used. This makes sense if several clients that are not in each other's wireless range are run in one access point.
Page 188: Wireless Networks (Vss)
13 Wireless LAN Controller Teldat GmbH Field Description The function is enabled with The function is not activated by default. 13.3.3 Wireless Networks (VSS) Wireless LAN Controller Slave AP configuration Wireless Networks (VSS) Fig. 67: -> -> An overview of all created wireless networks is displayed in the Wireless LAN Controller- >Slave AP configuration->Wireless Networks (VSS) menu.
Page 189 13 Wireless LAN Controller Teldat GmbH Wireless LAN Controller Slave AP configuration Wireless Networks Fig. 68: -> -> (VSS) -> The Wireless LAN Controller->Slave AP configuration->Wireless Networks (VSS)->New menu consists of the following fields: Fields in the menu Service Set Parameters...
Page 190 13 Wireless LAN Controller Teldat GmbH Field Description The function is activated by selecting The function is enabled by default. ARP Processing Select whether the ARP processing function should be enabled. The ARP data traffic is reduced in the network by the fact that ARP broadcasts that have been converted to ARP unicasts are forwarded to IP addresses that are known internally.
Page 191 13 Wireless LAN Controller Teldat GmbH Field Description Transmit Key Only for Security Mode = Select one of the keys configured in WEP Key as a standard key. The default value is WEP Key 1-4 Only for Security Mode = Enter the WEP key.
Page 192 13 Wireless LAN Controller Teldat GmbH Field Description • (default value): AES is used. • : TKIP is used. Preshared Key Only for Security Mode = Enter the WPA password. Enter an ASCII string with 8 - 63 characters. Note: Change the default Preshared Key! If the key has not...
Page 193 13 Wireless LAN Controller Teldat GmbH Field Description Possible values are whole numbers between The default value is Max. number of clients Not all devices support this function. - soft limit To avoid a radio module being fully utilised, you can set a "soft"...
Page 194 13 Wireless LAN Controller Teldat GmbH Field Description • : Preference is given to accepting clients in the 5 GHz band. Fields in the menu MAC-Filter Field Description Access Control Select whether only certain clients are to be permitted for this wireless network.
Page 195: Monitoring
13 Wireless LAN Controller Teldat GmbH Field Description VLAN Select whether the VLAN segmentation is to be used for this wireless network. The function is activated by selecting The function is disabled by default. VLAN ID Enter the number that identifies the VLAN.
Page 196: Wireless Networks (Vss)
13 Wireless LAN Controller Teldat GmbH Status Meaning Authenticated The client is authenticated. 13.4.2 Wireless Networks (VSS) Wireless LAN Controller Monitoring Wireless Networks (VSS) Fig. 70: -> -> In menu Wireless LAN Controller->Monitoring->Wireless Networks (VSS) an overview of the currently used AP is displayed. You see which wireless module is assigned to which wireless network.
Page 197: Neighbor Aps
13 Wireless LAN Controller Teldat GmbH 13.4.4 Neighbor APs Wireless LAN Controller Monitoring Neighbor APs Fig. 72: -> -> In the Wireless LAN Controller->Monitoring->Neighbor APs menu, the adjacent AP's found during the scan are displayed. Rogue APs, i.e. APs which are not managed by the WLAN controller but are using an SSID managed by the WLAN controller are highlighted in red.
Page 198: Rogue Aps
13 Wireless LAN Controller Teldat GmbH 13.4.5 Rogue APs Wireless LAN Controller Monitoring Rogue APs Fig. 73: -> -> APs which are using an SSID from their own network but are not managed by Wireless LAN Controller are displayed in the Wireless LAN Controller->Monitoring->Rogue APs menu.
Page 199: Rogue Clients
13 Wireless LAN Controller Teldat GmbH 13.4.6 Rogue Clients Wireless LAN Controller Monitoring Rogue Clients Fig. 74: -> The Wireless LAN Controller->Monitoring+Rogue Clients menu displays the clients which have attempted to gain unauthorised access to the network and which are therefore on the blacklist.
Page 200: Maintenance
13 Wireless LAN Controller Teldat GmbH Wireless LAN Controller Monitoring Rogue Clients Fig. 75: -> The menu consists of the following fields: Fields in the New Blacklist Entry menu. Field Description Rogue Client MAC Ad- Enter the MAC address of the client you intend to include in the dress static blacklist.
Page 201 Select the source for the action. Possible values: • (default value): The file is stored respectively on a remote server specified in the URL. • : The file is on the official Teldat update server. (Only for Action= bintec Rxxx2/RTxxx2...
Page 202 13 Wireless LAN Controller Teldat GmbH Field Description • : The file is stored respectively on a TFTP server specified in the URL. Only for Source Location = Enter the URL of the update server from which the system soft- ware file is loaded or on which the configuration file is saved.
Page 203: Chapter 14 Networking
14 Networking Teldat GmbH Chapter 14 Networking 14.1 Routes Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available. If you set up access to the Internet, you must configure the route to your Internet Service Provider (ISP) as a default route.
Page 204 14 Networking Teldat GmbH If the option is selected for the Route Class, an extra configuration section opens. Network Routes IPv4 Routes Extended Fig. 78: -> -> -> with The Network->Routes->IPv4 Routes->New menu consists of the following fields: Fields in the menu Basic Settings...
Page 205 14 Networking Teldat GmbH Field Description • : Route to an individual host via a specific interface. • : Route to an individual host via a specific gateway. • (default value): Route to a network via a specific interface. •...
Page 206 14 Networking Teldat GmbH Field Description Route Class Select the type of Route Class. Possible values: • : Defines a route with the default parameters. • : Select whether the route is to be defined with ex- tended parameters. If the function is active, a route is created...
Page 207 14 Networking Teldat GmbH Fields in the menu Extended Route Parameters Field Description Description Enter a description for the IP route. Source Interface Select the interface over which the data packets are to reach the device. The default value is...
Page 208 14 Networking Teldat GmbH Field Description First select the port number range. Possible values: • (default value): The route is valid for all port numbers. • : Enables the entry of a port number. • : Enables the entry of a range of port numbers.
Page 209: Ipv4 Routing Table
14 Networking Teldat GmbH Field Description Mode Select when the interface defined in Route Parameters ->Inter- face is to be used. Possible values: • (default value): The route can be used if the interface is "up". If the interface is "dormant", then dial and wait until the interface is "up".
Page 210: Options
14 Networking Teldat GmbH Field Description Destination IP Address Displays the IP address of the destination host or destination network. Netmask Displays the netmask of the destination host or destination net- work. Gateway Displays the gateway IP address. Nothing is displayed here when routes are received by DHCP.
Page 211: Nat
14 Networking Teldat GmbH Fields in the Back Route Verify menu. Field Description Mode Select how the interfaces to be activated for Back Route Verify are to be specified. Possible values: • : Back Route Verify is activ- ated for all interfaces.
Page 212 14 Networking Teldat GmbH Networking NAT Interfaces Fig. 81: -> -> For every NAT interface, the can be selected. In addition, displays how many port forwarding rules were configured for this interface. Options in the menu NAT Interfaces Field Description NAT active Select whether NAT is to be activated for the interface.
Page 213: Nat Configuration
14 Networking Teldat GmbH Field Description If PPTP Passthrough is enabled, the device itself cannot be configured as a tunnel endpoint. Port Shows the number of portforwarding rules configured in Net- working->NAT->NAT Configuration . 14.2.2 NAT Configuration In the Networking->NAT->NAT Configuration menu you can exclude data from NAT simply and conveniently as well as translate addresses and ports.
Page 214 14 Networking Teldat GmbH Field Description Interface Select the interface for which NAT is to be configured. Possible values: • (default value): NAT is configured for all interfaces. • : Select one of the interfaces from the list. Type of traffic Select the type of data traffic for which NAT is to be configured.
Page 215 14 Networking Teldat GmbH Field Description within the existing connection are allowed. In the NAT Configuration ->Specify original traffic menu, you can configure for which data traffic NAT is to be used. Fields in the Specify original traffic menu. Field...
Page 216 14 Networking Teldat GmbH Field Description • (default value) • • • • • • • • • • • • • • • • • • • • • • • • • • • • Source IP Address/...
Page 217 14 Networking Teldat GmbH Field Description original data packets, as the case arises. Original Destination IP Only for Type of traffic = Address/Netmask Enter the destination IP address and corresponding netmask of the original data packets, as the case arises.
Page 218 14 Networking Teldat GmbH Field Description Enter the destination port or the destination port range of the original data packets. The default setting means that the port is not specified. In the NAT Configuration ->Replacement Values menu you can define, depending on whether you're dealing with inbound or outbound data traffic, new addresses and ports, to which specific addresses and ports from the NAT Configuration ->Specify original traffic...
Page 219: Load Balancing
14 Networking Teldat GmbH Field Description leaves the original source port. If you disable , an input field appears in which you can enter a new source port. is active by default. 14.3 Load Balancing The increasing amount of data traffic over the Internet means it is necessary to send data over different interfaces to increase the total bandwidth available.
Page 220 14 Networking Teldat GmbH Networking Load Balancing Load Balancing Groups Fig. 83: -> -> -> The menu Networking->Load Balancing->Load Balancing Groups->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Group Description Enter the desired description of the interface group.
Page 221 14 Networking Teldat GmbH Field Description • : Only the data rate in the send direction is con- sidered. By default, the options are disabled. Distribution Mode Select the state the interfaces in the group may have if they are to be included in load balancing.
Page 222 14 Networking Teldat GmbH Field Description Distribution Policy Displays the type of data traffic selected. Fields in the Interface Selection for Distribution menu. Field Description Interface Select the interfaces that are to belong to the group from the available interfaces.
Page 223: Special Session Handling
14 Networking Teldat GmbH Field Description You can choose between all routes and all extended routes. Tracking IP Address You can use the Tracking IP Address parameter to have a particular route monitored. The load balancing status of the interface and the status of the routes connected to the interface can be influenced using this parameter.
Page 224 14 Networking Teldat GmbH less detail. The first data packet which the properties configured here match specifies the route for particular subsequent data packets. Which data packets are subsequently routed via this route is configured in the Networking- >Load Balancing->Special Session Handling->New->Advanced Settings menu.
Page 225 14 Networking Teldat GmbH The Networking->Load Balancing->Special Session Handling->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Admin Status Select whether the Special Session Handling should be activ- ated. The function is activated by selecting The function is enabled by default.
Page 226 14 Networking Teldat GmbH Field Description Destination Port/Range Enter, if required, a destination port number or a range of des- tination port numbers. Possible values: • (default value): The destination port is not specified. • : Enter a destination port.
Page 227: Qos
14 Networking Teldat GmbH Field Description the subsequent data packets must be routed via the same Des- tination Port to the same Destination Address. The two parameters Destination Address and Destination Port are enabled by default. If you leave the default setting...
Page 228 14 Networking Teldat GmbH Networking QoS Filter Fig. 86: -> -> -> The Networking->QoS->QoS Filter->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the filter. Service Select one of the preconfigured services. The extensive range of services configured ex works includes the following: •...
Page 229 14 Networking Teldat GmbH Field Description Select the type. Possible values: See RFC 792. The default value is Connection State With Protocol = , you can define a filter that takes the status of the TCP connections into account. Possible values: •...
Page 230: Qos Classification
14 Networking Teldat GmbH Field Description DSCP/TOS Filter Select the Type of Service (TOS). (Layer 3) Possible values: • (default value): The type of service is ignored. • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format, 6 bit).
Page 231 14 Networking Teldat GmbH Networking QoS Classification Fig. 87: -> -> -> The Networking->QoS->QoS Classification->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Class map Choose the class plan you want to create or edit.
Page 232 14 Networking Teldat GmbH Field Description To select a filter, at least one filter must be configured in the Networking->QoS->QoS Filter menu. Direction Select the direction of the data packets to be classified. Possible values: • : Incoming data packets are assigned to the class (Class ID) that is then to be defined.
Page 233: Qos Interfaces/Policies
14 Networking Teldat GmbH Field Description • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format). • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in hexadecimal format).
Page 234 14 Networking Teldat GmbH Depending on the respective interface, a queue is created automatically for each class, but only for data traffic classified as outgoing and for data traffic classified in both directions. A priority is assigned to these automatic queues. The value of the priority is equal to the value of the class ID.
Page 235 14 Networking Teldat GmbH Field Description ets are always handled with priority. • : QoS is activated on the inter- face. The available bandwidth is distributed as “fairly” as pos- sible among the (automatically detected) traffic flows in a queue. Exception: High-priority packets are always handled with priority.
Page 236 14 Networking Teldat GmbH Field Description • Can only be selected for IPSec interfaces: • • • • Encryption Method Only if an IPSec Peers is selected as Interface, Traffic shap- ing is and Protocol Header Size below Layer 3 is not Select the encryption method used for the IPSec connection.
Page 237 14 Networking Teldat GmbH Field Description • : All RTP streams are optimised. The function activates the RTP stream detection mechanism for the automatic detection of RTP streams. In this mode, the Real Time Jitter Control is activated as soon as an RTP stream has been detected.
Page 238 14 Networking Teldat GmbH Field Description • : Queue for data that has not been classified or data of a class for which no queue has been configured. Class ID Only for Prioritisation queue = Select the QoS packet class to which this queue is to apply.
Page 239 14 Networking Teldat GmbH Field Description The function is disabled by default. Maximum Upload Only for Traffic Shaping = enabled. Speed Enter a maximum data rate for the queue in kbits. Possible values are The default value is . Overbooking allowed Only for Traffic Shaping = enabled.
Page 240: Access Rules
14 Networking Teldat GmbH Field Description • (default value): The newest packet received is dropped. • : The oldest packet in the queue is dropped. • : A randomly selected packet is dropped from the queue. Congestion Avoidance Enable or disable preventative deletion of data packets.
Page 241 • source and/or destination port (port ranges are supported) Access lists are an effective means if, for example, sites with LANs interconnected over a Teldat gateway wish to deny all incoming FTP requests or only allow Telnet sessions between certain hosts.
Page 242: Access Filter
14 Networking Teldat GmbH Caution Make sure you don’t lock yourself out when configuring filters: If possible, access your gateway for filter configuration over the serial console interface or ISDN Login. 14.5.1 Access Filter This menu is for configuration of access filter Each filter describes a certain part of the IP traffic and defines, for example, the IP addresses, the protocol, the source port or the des- tination port.
Page 243 14 Networking Teldat GmbH Networking Access Rules Access Filter Fig. 90: -> -> -> The Networking->Access Rules->Access Filter->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a description for the filter. Service Select one of the preconfigured services. The extensive range of services configured ex works includes the following: •...
Page 244 14 Networking Teldat GmbH Field Description Possible values: • • • • • • • • • The default value is See RFC 792. Connection State Only if Protocol = You can define a filter that takes the status of the TCP connec- tions into account.
Page 245 14 Networking Teldat GmbH Field Description Possible values: • (default value): The filter is valid for all port numbers • : Enables the entry of a port number. • : Enables the entry of a range of port numbers. Source IP Address/ Enter the source IP address and netmask of the data packets.
Page 246: Rule Chains
14 Networking Teldat GmbH Field Description COS Filter Enter the service class of the IP packets (Class of Service, (802.1p/Layer 2) CoS). Possible values are whole numbers between and . The default value is 14.5.2 Rule Chains Rules for IP filters are configured in the Rule Chains menu. These can be created separ- ately or incorporated in rule chains.
Page 247: Interface Assignment
14 Networking Teldat GmbH Fields in the Basic Parameters menu. Field Description Rule Chain Select whether to create a new rule chain or to edit an existing one. Possible values: • (default value): You can create a new rule chain with this setting.
Page 248 14 Networking Teldat GmbH A list of all configured interface assignments is displayed in the Networking->Access Rules->Interface Assignment menu. Networking Access Rules Interface Assignment Fig. 93: -> -> 14.5.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure additional assignments.
Page 249: Drop In
14 Networking Teldat GmbH Field Description • : The sender receives an ICMP message. Reporting Method Define whether a syslog message is to be generated if a packet is denied. Possible values: • : No syslog message. • (default value): A syslog message is generated with the protocol number, source IP address and source port number.
Page 250 14 Networking Teldat GmbH Networking Drop In Drop In Groups Fig. 95: -> -> -> The Networking->Drop In->Drop In Groups->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Group Description Enter a unique name for the Drop In group.
Page 251 14 Networking Teldat GmbH Field Description • Network Address Only for Network Configuration = Enter the network address of the Drop In network. Netmask Only for Network Configuration = Enter the corresponding netmask. Local IP Address Only for Network Configuration = Enter the local IP address.
Page 252 14 Networking Teldat GmbH Field Description The function is disabled by default. Interface Selection Select all the ports which are to be included in the Drop In group (in the network). Add new entries with Add. bintec Rxxx2/RTxxx2...
Page 253: Chapter 15 Routing Protocols
15 Routing Protocols Teldat GmbH Chapter 15 Routing Protocols 15.1 RIP The entries in the routing table can be defined statically or the routing table can be updated constantly by dynamic exchange of routing information between several devices. This ex- change is controlled by a Routing Protocol, e.g.
Page 254 15 Routing Protocols Teldat GmbH Routing Protocols RIP Interfaces Fig. 97: -> -> -> The menu Networking->RIP->RIP Interfaces-> consists of the following fields: Fields in the RIP Parameters for menu. Field Description Send Version Decide whether routes are to be propagated via RIP and if so, select the RIP version for sending RIP packets over the inter- face in send direction.
Page 255: Rip Filter
15 Routing Protocols Teldat GmbH Field Description • (default value): RIP is not enabled. • : Enables sending and receiving of version 1 RIP packets. • : Enables sending and receiving of version 2 RIP packets. • :Enables sending and receiving RIP packets of both version 1 and 2.
Page 256 15 Routing Protocols Teldat GmbH tion. You configure a filter for a default route with the following values: • IP Address / Netmask = no entry for IP address (this corresponds to IP address 0.0.0.0), for netmask = 255.255.255.255 A list of all RIP filters is displayed in the Routing Protocols->RIP->RIP Filter menu.
Page 257 15 Routing Protocols Teldat GmbH Field Description Interface Select the interface to which the rule to be configured applies. IP Address / Netmask Enter the IP address and netmask to which the rule is to be ap- plied. This address can be in the LAN or WAN.
Page 258: Rip Options
15 Routing Protocols Teldat GmbH 15.1.3 RIP Options Routing Protocols RIP Options Fig. 100: -> -> The menu Routing Protocols->RIP->RIP Options consists of the following fields: Fields in the Global RIP Parameters menu. Field Description RIP UDP Port The setting option UDP Port, which is used for sending and re- ceiving RIP updates, is only for test purposes.
Page 259 15 Routing Protocols Teldat GmbH Field Description (=“Network is not reachable“). The function is enabled with The function is disabled by default. RFC 2453 Variable For the timers described in RFC 2453, select whether the same Timer values that you can configure in the Timer for RIP V2 (RFC 2453) menu should be used.
Page 260: Ospf
15 Routing Protocols Teldat GmbH Field Description Garbage Collection Only for RFC 2453 Variable Timer = Timer The Garbage Collection Timer is started as soon as the route timeout has expired. After this timeout, the invalid route is deleted from the IPROUTETABLE if no update is carried out for the route.
Page 261 15 Routing Protocols Teldat GmbH • Connection costs: OSPF differs from RIP in that the connection costs are not calculated from the number of next hops, but from the bandwidth of the respective transport medi- • No limitation of the number of hops: The limitation of the maximum number of 16 hops for RIP does not exist for OSPF.
Page 262: Areas
15 Routing Protocols Teldat GmbH Certain areas can be defined as stub areas in OSPF. This prevents external networks, e.g. those propagated from other protocols by redistribution in OSPF, being propagated into the stub area. Externally routing of such areas is propagated with a default route. The configur- ation of a stub area reduces the database size in the area and reduces the amount of stor- age space needed on the gateways incorporated in the area.
Page 263 15 Routing Protocols Teldat GmbH Field Description Area ID Enter the ID to identify the OSPF aea. The backbone area is Import external routes Specifies whether the gateway routing information generated from external autonomous systems (not areas) is to be impor- ted.
Page 264: Interfaces
15 Routing Protocols Teldat GmbH 15.2.2 Interfaces In the Routing Protocols->OSPF->Interfaces menu, a list of all interfaces is displayed. Routing Protocols OSPF Interfaces Fig. 103: -> -> Caution If your interfaces are not only to be assigned to Backbone Area 0.0.0.0, you must first define OSPF areas in the Routing Protocols+OSPF+Areas menu.
Page 265 15 Routing Protocols Teldat GmbH Field Description Possible values: • : OSPF is activated for this interface, i.e. routes are propagated or OSPF protocol packets sent over this interface. • : OSPF is not activated for this interface, i.e. no routes are propagated or OSPF protocol packets sent over this interface.
Page 266: Global Settings
15 Routing Protocols Teldat GmbH Field Description hash, which is sent with each packet Authentication Key Enter a text string to be used in combination with the defined Authentication Type. Export indirect static If this value is set to (default), only direct routes (i.e. routes...
Page 267 15 Routing Protocols Teldat GmbH Field Description Generate default route If this option is activated, the gateway propagates a default for the AS route over all active OSPF interfaces. The function is disabled by default. Propagate routes The logical interfaces REFUSE and IGNORE have the following...
Page 268: Chapter 16 Multicast
16 Multicast Teldat GmbH Chapter 16 Multicast What is multicasting? Many new communication technologies are based on communication from one sender to several recipients. Therefore, modern telecommunication systems such as voice over IP or video and audio streaming (e.g. IPTV or Webradio) focus on reducing data traffic, e.g. by offering TriplePlay (voice, video, data).
Page 269: General
16 Multicast Teldat GmbH dedicated host, but rather a group, i.e. during the routing of multicast packets, the decisive factor is whether a recipient is in a logged-in subnet. In the local network, all hosts are required to accept all multicast packets. For Ethernet or FDD, this is based on MAC mapping, where the group address is encoded into the destina- tion MAC address.
Page 270: General
16 Multicast Teldat GmbH 16.1.1 General In the Multicast->General->Generalmenu you can disable or enable the multicast func- tion. Multicast General General Fig. 106: -> -> The Multicast->General->Generalmenu consists of the following fields: Fields in the Basic Settings menu. Field Description Multicast Routing Select whether Multicast Routing should be used.
Page 271: Igmp
16 Multicast Teldat GmbH 16.2.1 IGMP In this menu, you configure the interfaces on which IGMP is to be enabled. 16.2.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure IGMP on other interfaces.
Page 272 16 Multicast Teldat GmbH Field Description Time within which hosts must respond. The hosts randomly select a time delay from this interval before sending the response. This spreads the load in networks with several hosts, improving per- formance. Possible values are...
Page 273: Options
16 Multicast Teldat GmbH IGMP Proxy enables you to simulate several locally connected interfaces as a subnet to an adjacent router. Queries coming in to the IGMP Proxy interface are forwarded to the local subnets. Local reports are forwarded on the IPGM Proxy interface.
Page 274 16 Multicast Teldat GmbH Multicast IGMP Options Fig. 109: -> -> The Multicast->IGMP->Options menu consists of the following fields: Fields in the Basic Settings menu. Field Description IGMP Status Select the IGMP status. Possible values: • (default value): Multicast is activated automatically for hosts if the hosts open applications that use multicast.
Page 275: Forwarding
16 Multicast Teldat GmbH Field Description IGMP State Limit Enter the maximum permitted total number of incoming queries and messages per second. The default value is , i.e. the number of IGMP status mes- sages is not limited. 16.3 Forwarding 16.3.1 Forwarding...
Page 276: Pim
16 Multicast Teldat GmbH Field Description The option is deactivated by default. Multicast Group Ad- Only for All Multicast Groups = not active. dress Enter here the address of the multicast group you want to for- ward from a defined Source Interface to a defined Destination Interface.
Page 277 16 Multicast Teldat GmbH 16.4.1.1 Edit or New Choose the icon to edit existing entries. To configure PIM lists, select the New button. Multicast PIM Interfaces Fig. 112: -> -> -> The Multicast->PIM->PIM Interfaces->New menu consists of the following fields: Fields in the PIM Interface Settings menu.
Page 278 16 Multicast Teldat GmbH Field Description are released. Designated Router Pri- Define the value of the designated router priority entered in the ority Designated Router Priority option. The higher the value, the greater the probability that the corres- ponding router will be used as the designated router.
Page 279 16 Multicast Teldat GmbH Field Description Join/Prune Interval Define the frequency at which the PIM Join/Prune messages are sent on the interface. The value means that no periodic PIM Join/Prune messages are sent on this interface. Possible values: seconds. The default value is...
Page 280: Pim Rendezvous Points
16 Multicast Teldat GmbH 16.4.2 PIM Rendezvous Points In menu Multicast->PIM->PIM Rendezvous Points you determine which Rendezvous Point is responsible for which group. A list of all PIM Rendezvous Points is displayed. Multicast PIM Rendezvous Points Fig. 113: -> ->...
Page 281: Pim Options
16 Multicast Teldat GmbH Field Description Here you enter the IP address of the multicast network seg- ment. Multicast Group Prefix Only if Multicast Group Range = Length Here you enter the network mask length of the multicast net- work segment.
Page 282 16 Multicast Teldat GmbH The Multicast->PIM->PIM Options menu consists of the following fields: Fields in the Basic Settings menu. Field Description PIM Status Select whether PIM should be activated. The function is activ- ated by selecting The function is disabled by default.
Page 283: Chapter 17 Wan
17 WAN Teldat GmbH Chapter 17 WAN This menu offers various options for configuring accesses or connections from your LAN to the WAN. You can also optimise voice transmission here for telephone calls over the Inter- net. 17.1 Internet + Dialup In this menu, you can set up Internet access or dialup connections.
Page 284 17 WAN Teldat GmbH Field Description specified number of seconds) administratively set to down (deactivated); connection setup not possible for leased lines: Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available.
Page 285: Pppoe
17 WAN Teldat GmbH enter a common password and two codes. You get this information, for example, from your Internet Service Provider (ISP) or the system administrator at your head office. If the data you entered on your device is the same as the caller's data, the call is accepted. The call is rejected if the data is not the same.
Page 286 17 WAN Teldat GmbH 17.1.1.1 New Choose the New button to set up new PPPoE interfaces. Internet + Dialup PPPoE Fig. 116: -> -> -> The menu WAN->Internet + Dialup->PPPoE->New consists of the following fields: Fields in the Basic Parameters menu.
Page 287 17 WAN Teldat GmbH Field Description up over several interfaces ( ). If you choose , you can connect several DSL connections from a pro- vider over PPP as a static bundle in order to obtain more band- width. Each of these DSL connections should use a separate Ethernet connection for this.
Page 288 17 WAN Teldat GmbH Field Description The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge. Connection Idle Only if Always on is disabled. Timeout Enter the idle time in seconds for static short hold. The static...
Page 289 17 WAN Teldat GmbH Field Description Local IP Address Only if IP Address Mode = Enter the static IP address of the connection partner. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner.
Page 290 17 WAN Teldat GmbH Field Description • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol). • : Primarily run CHAP, on denial then the authentication protocol required by the connection partner.
Page 291: Pptp
17 WAN Teldat GmbH Field Description The default value is . 17.1.2 PPTP A list of all PPTP interfaces is displayed in the WAN->Internet + Dialup->PPTP menu. In this menu, you configure an Internet connection that uses the Point Tunnelling Protocol (PPTP) to set up a connection.
Page 292 17 WAN Teldat GmbH Internet + Dialup PPTP Fig. 117: -> -> -> The menu WAN->Internet + Dialup->PPTP->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the internet connection.
Page 293 17 WAN Teldat GmbH Field Description When using the internal DSL modem, select here the EthoA in- terface configured in Physical Interfaces->ATM->Profiles->New, e.g. User Name Enter the user name. Password Enter the password. Always on Select whether the interface should always be activated.
Page 294 17 WAN Teldat GmbH Field Description defined as the default route. The function is enabled with The function is enabled by default. Create NAT Policy Specify whether Network Address Translation (NAT) is to be ac- tivated. The function is enabled with The function is enabled by default.
Page 295 17 WAN Teldat GmbH Field Description The default value is . Authentication Select the authentication protocol for this Internet connection. Select the authentication specified by your provider. Possible values: • (default value): Only run PAP (PPP Password Authentic- ation Protocol); the password is transferred unencrypted.
Page 296: Pppoa
17 WAN Teldat GmbH Field Description selected Ethernet port. Local PPTP IP Address Assign the PPTP interface an IP address that is used as the source address. The default value is Remote PPTP IP Ad- Enter the IP address of the PPTP partner.
Page 297 17 WAN Teldat GmbH Internet + Dialup PPPoA Fig. 118: -> -> -> The menu WAN->Internet + Dialup->PPPoA->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the connection partner.
Page 298 17 WAN Teldat GmbH Field Description Always on Select whether the interface should always be activated. The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge.
Page 299 17 WAN Teldat GmbH Field Description The function is enabled with The function is enabled by default. Local IP Address Only for IP Address Mode = Enter the static IP address you received from your provider. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner.
Page 300: Isdn
17 WAN Teldat GmbH Field Description • : Only run CHAP (PPP Challenge Handshake Authentic- ation Protocol as per RFC 1994); password is transferred en- crypted. • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol).
Page 301 17 WAN Teldat GmbH • Internet access over ISDN • LAN to LAN connection over ISDN • Remote (Mobile) dial-in • Use of the ISDN Callback function 17.1.4.1 New Choose the Newbutton to set up new ISDN interfaces. bintec Rxxx2/RTxxx2...
Page 302 17 WAN Teldat GmbH Internet + Dialup ISDN Fig. 119: -> -> -> The menu WAN->Internet + Dialup->ISDN->New consists of the following fields: Fields in the Basic Parameters menu. bintec Rxxx2/RTxxx2...
Page 303 17 WAN Teldat GmbH Field Description Description Enter a name for uniquely identifying the connection partner. The first character in this field must not be a number No special characters or umlauts must be used. Connection Type Select which layer 1 protocol your device should use.
Page 304 17 WAN Teldat GmbH Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: • (default value): You enter a static IP address.
Page 305 17 WAN Teldat GmbH Field Description IP Assignment Pool Only if IP Address Mode = Select IP pools configured in the WAN->Internet + Dialup->IP Poolsmenu. If an IP pool has not been configured here yet, the message appears in this field.
Page 306 17 WAN Teldat GmbH Field Description • : Primarily run CHAP, otherwise PAP. • : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol). • : Primarily run CHAP, on denial then the authentication protocol required by the connection partner.
Page 307 17 WAN Teldat GmbH Field Description • : Your device calls back after a period of time suggested by the Microsoft client (NT: 10 seconds, new systems: 12 seconds. It uses the call number (Entries->Call Number) with the Mode entered for the connection partner. If no number is entered, the required number can be reported by the caller in a PPP negotiation.
Page 308 17 WAN Teldat GmbH Field Description • : Static channel bundling. • : Dynamic channel bundling. Fields in the Dial Numbers menu Field Description Entries Add new entries with Add. Fields in menu Dial Number Configuration (appears only for Entries = Add)
Page 309: Aux
You can define various settings for communication between the gateway and modem in this menu. You require a special cable for the console port of your gateway (e.g. AUX Backup cable) to connect an external analogue modem to the AUX port on a Teldat gate- way.
Page 310 17 WAN Teldat GmbH 17.1.5.1 New Choose the Newbutton to set up new AUX interfaces. Internet + Dialup Fig. 120: -> -> -> The WAN->Internet + Dialup->AUX->New menu consists of the following fields: Fields in the Basic Parameters menu. Field...
Page 311 17 WAN Teldat GmbH Field Description User Name Enter the user name. Password Enter the password. Always on Select whether the interface should always be activated. The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge.
Page 312 17 WAN Teldat GmbH Field Description The function is enabled by default. Create NAT Policy Specify whether Network Address Translation (NAT) is to be ac- tivated. The function is enabled with The function is enabled by default. Local IP Address Only if IP Address Mode = Enter the static IP address of the connection partner.
Page 313 17 WAN Teldat GmbH Field Description Possible values are The default value is . Usage Type If necessary, select a special interface use. Possible values: • (default value): No special type is selected. • : The interface is used for incoming dialup con- nections and callbacks initiated externally.
Page 314 17 WAN Teldat GmbH Field Description Prioritize TCP ACK Select whether the TCP download is to be optimised in the Packets event of intensive TCP upload. This function can be specially applied for asymmetrical bandwidths (ADSL). The function is enabled with The function is disabled by default.
Page 315 17 WAN Teldat GmbH Field Description prox. four seconds if your device is requested to do so by the connection partner. Only makes sense for CLID. • : like with the option of termination. This setting should be avoided for security reasons. The Mi-...
Page 316: Ip Pools
17 WAN Teldat GmbH Field Description connection partner. • : Your device only responds to an ARP re- quest if the status of the connection to the connection partner . In the case of , your device only re- sponds to the ARP request; the connection is not set up until someone actually wants to use the route.
Page 317: Atm
17 WAN Teldat GmbH Internet + Dialup IP Pools Fig. 121: -> -> Fields in the menu Basic Parameters Field Description IP Pool Name Enter any description to uniquely identify the IP pool. IP Address Range Enter the first (first field) and last (second field) IP address of the IP address pool.
Page 318: Profiles
17 WAN Teldat GmbH The data is transmitted in so-called cells or slots of constant size. Each cell consists of 48 bytes of usage data and 5 bytes of control information. The control information contains, amongst other things, the ATM address which is similar to the Internet address. The ATM address is made up of the Virtual Path Identifier (VPI) and the Virtual Connection Identifier (VCI);...
Page 319 17 WAN Teldat GmbH Profiles Fig. 122: -> -> -> The menu WAN->ATM->Profiles->New consists of the following fields: Fields in the ATM Profiles Parameter menu. Field Description Provider Select one of the preconfigured ATM profiles for your provider from the list or manually define the profile using...
Page 320 17 WAN Teldat GmbH Field Description • (default value): Ethernet over ATM (EthoA) is used for the ATM connection (Permanent Virtual Circuit, PVC). • : Routed Protocols over ATM (RPoA) is used for the ATM connection (Permanent Vir- tual Circuit, PVC).
Page 321 17 WAN Teldat GmbH Field Description Bridged Ethernet with LLC/SNAP encapsulation with Frame Check Sequence (checksums). • (default value for Routed Protocols over ATM): Is only displayed for Type = Encapsulation with LLC/SNAP header, suitable for IP routing. • : only displayed for Type = Encapsulation with LLC header.
Page 322 17 WAN Teldat GmbH Field Description MAC Address Enter a MAC address for the internal router interface of ATM connection, e.g. . An entry is only re- quired in special cases. For Internet connections, it is sufficient to select the option Use built-in (standard setting).
Page 323: Service Categories
(traffic contract). The configuration of ATM QoS requires extensive knowledge of ATM technology and the way the Teldat devices function. An incorrect configuration can cause considerable disruption during operation. If applicable, save the original configuration on your PC. 17.2.2.1 New Choose the New button to create additional categories.
Page 324 17 WAN Teldat GmbH Service Categories Fig. 123: -> -> -> The menu WAN->ATM->Service Categories->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Virtual Channel Con- Select the already configured ATM connection (displayed by the...
Page 325: Oam Controlling
17 WAN Teldat GmbH Field Description applications with burst data traffic. • : A guaranteed data rate is assigned to the connection - Sustained Cell Rate (SCR). This may be exceeded by the volume configured in Maximum Burst Size (MBS). Additional ATM traffic is marked and handled with low priority based on the utilisation of the destination network, i.e.
Page 326 Caution The configuration of OAM requires extensive knowledge of ATM technology and the way the Teldat devices functions. An incorrect configuration can cause considerable disruption during operation. If applicable, save the original configuration on your PC. In the WAN->ATM->OAM Controlling menu, a list of all monitored OAM flow levels is dis- played.
Page 327 17 WAN Teldat GmbH Field Description OAM Flow Level Select the OAM flow level to be monitored. Possible values: • : (virtual channel level) The OAM settings are used for the virtual channel (default value). • : (virtual path level) The OAM settings are used on the vir- tual path.
Page 328 17 WAN Teldat GmbH Field Description Loopback Segment Select whether you want to activate the loopback test for the segment connection (segment = connection of the local end- point to the next connection point) of the VCC or VPC. The function is enabled with The function is disabled by default.
Page 329: Leased Line
17 WAN Teldat GmbH Field Description Also select whether the test cells of the OAM CC are to be sent or received. Possible values: • (default value): CC data is both received and generated. • : CC data is received.
Page 330: Interfaces
17 WAN Teldat GmbH 17.3.1 Interfaces In the WAN->Leased Line->Interfaces menu, a list of all is displayed. Automatic genera- tion requires the corresponding ISDN interface to be configured. Leased Line Interfaces Fig. 125: -> -> bintec Rxxx2/RTxxx2...
Page 331 17 WAN Teldat GmbH 17.3.1.1 Edit Choose the button to edit the configuration of the corresponding leased line for a BRI interface. Leased Line Interfaces Autogenerated from BRI (ISDN-S0) Fig. 126: -> -> -> -> The WAN->Leased Line->Interfaces->Autogenerated from BRI (ISDN-S0)->...
Page 332 17 WAN Teldat GmbH Field Description Local IP Address Enter the IP address you received from your network operator. Route Entries Define other routing entries for this connection class. Add new entries with Add. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
Page 333 17 WAN Teldat GmbH Field Description • (default value): OSPF is not activated for this inter- face, i.e. no OSPF protocol packets sent over this interface. Networks reachable over this interface are, however, included when calculating the routing information and propagated over active interfaces.
Page 334 17 WAN Teldat GmbH Leased Line Interfaces Autogenerated from PRI (ISDN-S2M) Fig. 127: -> -> -> -> The WAN->Leased Line->Interfaces->Autogenerated from PRI (ISDN-S2M)-> menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the desired description for the connection.
Page 335 17 WAN Teldat GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description LCP Alive Check Select whether the reachability of the remote terminal is to be checked. The function is enabled with The function is enabled by default.
Page 336: Real Time Jitter Control
17 WAN Teldat GmbH Field Description protocol packets sent over this interface. • : OSPF is disabled for this interface. Proxy ARP Mode Select whether and how ARP requests are to be responded to for the specified connection partner. Possible values: •...
Page 337 17 WAN Teldat GmbH Real Time Jitter Control Controlled Interfaces Fig. 128: -> -> -> The menu WAN->Real Time Jitter Control->Controlled Interfaces->New consists of the following fields: Fields in the Basic Settings menu. Field Description Interface Define for which interfaces voice transmission is to be optim- ised.
Page 338: Vpn
Encapsulated Security Payload (ESP) protocol and secondly through the use of crypto- graphic key administration mechanisms like the Internet Key Exchange (IKE) protocol. Additional Traffic Filter Teldat gateways support two different methods of setting up IPSec connections: • a method based on policies and • a method based on routing.
Page 339: Ipsec Peers
18 VPN Teldat GmbH The policy-based method uses data traffic filters to negotiate the IPSec phase 2 SAs. This allows for a very "fine-grained" filter to be applied to the IP packet, even at the level of the protocol and the port.
Page 340 18 VPN Teldat GmbH IPSec IPSec Peers Fig. 129: -> -> Peer Monitoring The menu for monitoring a peer is called by selecting the button for the peer in the peer list. See Values in the IPSec Tunnels list on page 532.
Page 341 18 VPN Teldat GmbH IPSec IPSec Peers Fig. 130: -> -> -> The menu VPN->IPSec->IPSec Peers->New consists of the following fields: Fields in the menu Peer Parameters Field Description Administrative Status Select the status to which you wish to set the peer after saving the peer configuration.
Page 342 18 VPN Teldat GmbH Field Description Possible values: • (default value): The peer is available for setting up a tunnel immediately after saving the configuration. • : The peer is initially not available after the configuration has been saved. Description Enter a description of the peer that identifies it.
Page 343 18 VPN Teldat GmbH Field Description Authentication Method Only for Internet Key Exchange = Select the authentication method. Possible values: • (default value): If you do not use certific- ates for the authentication, you can select Preshared Keys. These are configured during peer configuration in the IPSec Peers.
Page 344 18 VPN Teldat GmbH Field Description Preshared Key Enter the password agreed with the peer. The maximum length of the entry is 50 characters. All charac- ters are possible except for at the start of the entry. Fields in the menu Interface Routes...
Page 345 Fields in the menu Additional Traffic Filter Field Description Additional Traffic Filter Only for Internet Key Exchange = Use Add to create a new filter. Additional data traffic filters Teldat Gateways support two different methods for establishing IPSec connections: bintec Rxxx2/RTxxx2...
Page 346 18 VPN Teldat GmbH • a method based on policies and • a method based on routing. The policy-based method can only be configured using the Setup tool. With the GUI, you use the routing-based method. (The latter is also available using the Setup tool.) The policy-based method uses data traffic filters to negotiate the IPSec phase 2 SAs.
Page 347 18 VPN Teldat GmbH IPSec IPSec Peers Fig. 131: -> -> -> -> Fields in the menu Basic Parameters Field Description Description Enter a description for the filter. Protocol Select a protocol. The option (default value) matches any protocol. Source IP Address/...
Page 348 18 VPN Teldat GmbH Field Description (= -1) means that the port is not specified. Destination IP Ad- Enter the destination IP address and corresponding netmask of dress/Netmask the data packets. Destination Port Only for Protocol = Enter the destination port of the data packets. The default set- ting (= -1) means that the port is not specified.
Page 349 18 VPN Teldat GmbH Field Description XAUTH Profile Select a profile created in VPN->IPSec->XAUTH Profiles if you wish to use this IPSec peer XAuth for authentication. If XAuth is used together with IKE Config Mode, the transac- tions for XAuth are carried out before the transactions for IKE Config Mode.
Page 350 IPSec peer. IPSec Callback Teldat devices support the DynDNS service to enable hosts without fixed IP addresses to obtain a secure connection over the Internet. This service enables a peer to be identified using a host name that can be resolved by DNS. You do not need to configure the IP ad- dress of the peer.
Page 351 18 VPN Teldat GmbH to be accepted by your device. The identification of the caller from his or her ISDN number is enough information to initiate setting up a tunnel. To set up this service, you must first configure a call number for IPSec callback on the passive side in the Physical Interfaces->ISDN Ports->MSN Configuration->New menu.
Page 352 18 VPN Teldat GmbH via DynDNS is not correct. This problem is avoided by transferring the IP address over ISDN. This type of transfer of dynamic IP addresses also enables the more secure ID Pro- tect mode (main mode) to be used for tunnel setup.
Page 353 18 VPN Teldat GmbH ducted in the ID Protect mode using preshared keys. Note In some countries (e.g. Switzerland), the call in the D channel can also incur costs. An incorrect configuration at the called side can mean that the called side opens the B channel the calling side incurs costs.
Page 354 18 VPN Teldat GmbH Field Description Transfer own IP ad- Select whether the IP address of your own device is to be trans- dress over ISDN/GSM ferred over ISDN for IPSec callback. The function is enabled with The function is disabled by default.
Page 355: Phase-1 Profiles
18 VPN Teldat GmbH Field Description • : The IP address is transferred in both the "LLC" and "subaddress information elements". 18.1.2 Phase-1 Profiles A list of all configured tunnel profiles is displayed in the VPN->IPSec->Phase-1 Profiles menu. IPSec Phase-1 Profiles Fig.
Page 356 18 VPN Teldat GmbH IPSec Phase-1 Profiles Fig. 133: -> -> -> The menu VPN->IPSec->Phase-1 Profiles->New consists of the following fields: Fields in the Phase-1 (IKE) Parameters menu. Field Description Description Enter a description that uniquely defines the type of rule.
Page 357 18 VPN Teldat GmbH Field Description (Advanced Encryption Standard). It is rated as just as secure as Rijndael (AES), but is slower. • : Blowfish is a very secure and fast algorithm. Twofish can be regarded as the successor to Blowfish.
Page 358 Only for Phase-1 (IKE) Parameters The Diffie-Hellman group defines the parameter set used as the basis for the key calculation during phase 1. "MODP" as sup- ported by Teldat devices stands for "modular exponentiation". Possible values: • : During the Diffie-Hellman key calculation, mod- ular exponentiation at 768 bits is used to create the encryption material.
Page 359 18 VPN Teldat GmbH Field Description Possible values: • (default value): If you do not use certific- ates for the authentication, you can select Preshared Keys. These are configured during peer configuration in the VPN->IPSec->IPSec Peers. The preshared key is the shared password.
Page 360 18 VPN Teldat GmbH Field Description Strict), or the peer can also propose another mode. Local ID Type Only for Phase-1 (IKE) Parameters Select the local ID type. Possible values: • • • • Local ID Value Only for Phase-1 (IKE) Parameters Enter the ID of your device.
Page 361 18 VPN Teldat GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description Alive Check Only for Phase-1 (IKE) Parameters Select the method to be used to check the functionality of the IPSec connection.
Page 362 18 VPN Teldat GmbH Field Description The function is enabled by default. Block Time Define how long a peer is blocked for tunnel setups after a phase 1 tunnel setup has failed. This only affects locally initiated setup attempts. Possible values are (seconds);...
Page 363: Phase-2 Profiles
18 VPN Teldat GmbH Field Description you can select up to three CA certificates that are accepted for this profile. This option can only be configured if certificates are loaded. 18.1.3 Phase-2 Profiles You can define profiles for phase 2 of the tunnel setup just as for phase 1.
Page 364 18 VPN Teldat GmbH IPSec Phase-2 Profiles Fig. 135: -> -> -> The menu VPN->IPSec->Phase-2 Profiles->New consists of the following fields: Fields in the Phase-2 (IPSEC) Parameters menu. Field Description Description Enter a description that uniquely identifies the profile. The maximum length of the entry is 255 characters.
Page 365 18 VPN Teldat GmbH Field Description , a key length of 128 bits is used. • : Rijndael has been nominated as AES due to its fast key setup, low memory requirements, high level of secur- ity against attacks and general speed. Here, it is used with a key length of 128 bits.
Page 366 18 VPN Teldat GmbH Field Description used to protect the keys of a renewed phase 2 SA, even if the keys of the phase 1 SA have become known. The field has the following options: • : During the Diffie-Hellman key calculation, mod- ular exponentiation at 768 bits is used to create the encryption material.
Page 367 SA is discarded as invalid. Possible values: • (default value): Automatic detection of whether the remote terminal is a Teldat device. If it is, (for a remote terminal with Teldat) or (for a remote terminal without Teldat) is set. •...
Page 368: Xauth Profiles
18 VPN Teldat GmbH 18.1.4 XAUTH Profiles In the XAUTH Profiles menu a list of all XAUTH profiles is displayed. Extended Authentication for IPSec (XAuth) is an additional authentication method for IPSec tunnel users. The gateway can take on two different roles when using XAuth as it can act as a server or as a client: •...
Page 369 18 VPN Teldat GmbH The VPN->IPSec->XAUTH Profiles ->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a description for this XAuth profile. Role Select the role of the gateway for XAuth authentication.
Page 370: Ip Pools
18 VPN Teldat GmbH Field Description entering the authentication name of the client (Name)) and the authentication password (Password). Add new members with Add. 18.1.5 IP Pools In the IP Pools menu a list of all IP pools for your configured IPSec connections is dis- played.
Page 371: Options
18 VPN Teldat GmbH Field Description DNS server. 18.1.6 Options IPSec Options Fig. 138: -> -> The menu VPN->IPSec->Options consists of the following fields: Fields in the Global Options menu. Field Description Enable IPSec Select whether you want to activate IPSec.
Page 372 The default val- ues are globally valid and enable your system to work correctly to other Teldat devices, so that you only need to change these values if the remote terminal is a third-party product or you know special settings are necessary.
Page 373 18 VPN Teldat GmbH Field Description The function is enabled with The function is disabled by default. Send Initial Contact Select whether IKE Initial Contact messages are to be sent dur- Message ing IKE (phase 1) if no SAs with a peer exist.
Page 374: L2Tp
Only applies for RSA encryption. Activate this function with to sup- press this behaviour. 18.2 L2TP The layer 2 tunnel protocol (L2TP) enables PPP connections to be tunnelled via a UDP connection. Your Teldat device supports the following two modes: bintec Rxxx2/RTxxx2...
Page 375: Tunnel Profiles
18 VPN Teldat GmbH • L2TP LNS Mode (L2TP Network Server): for incoming connections only • L2TP LAC Mode (L2TP Access Concentrator): for outgoing connections only Note the following when configuring the server and client: An L2TP tunnel profile must be created on each of the two sides (LAC and LNS).
Page 376 18 VPN Teldat GmbH Fields in the Basic Parameters menu. Field Description Description Enter a description for the current profile. The device automatically names the profiles and numbers them, but the value can be changed. Enter the host name for LNS or LAC.
Page 377 18 VPN Teldat GmbH Field Description Remote IP Address Enter the fixed IP address of the LNS used as the destination address for connections based on this profile. The destination must be a device that can behave like an LNS.
Page 378: Users
18 VPN Teldat GmbH Field Description value means that no L2TP HELLO messages are sent. Minimum Time Enter the minimum time (in seconds) that your device waits be- between Retries fore resending a L2TP control packet for which it received no re- sponse.
Page 379 18 VPN Teldat GmbH L2TP Users Fig. 140: -> -> -> The menu VPN->L2TP->Users->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the L2TP partner. The first character in this field must not be a number No special characters or umlauts must be used.
Page 380 18 VPN Teldat GmbH Field Description Connection Type Select whether the L2TP partner is to take on the role of the L2TP network server (LNS) or the functions of a L2TP access concentrator client (LAC client). Possible values: • (default value): If you select this option, the L2TP partner is configured so that it accepts L2TP tunnels and restores the encapsulated PPP traffic flow.
Page 381 18 VPN Teldat GmbH Field Description Possible values: • (default value): You enter a static IP address. • : Only for Connection Type = Your device dynamically assigns an IP address to the remote terminal. • : Only for Connection Type = .
Page 382 18 VPN Teldat GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description Block after connection Enter the wait time in seconds before the device should try failure for again after an attempt to set up a connection has failed.
Page 383 18 VPN Teldat GmbH Field Description Compression If necessary, select the type of encryption that should be used for data traffic to the connection partner. If encryption is set, the remote terminal must also support it, otherwise a connection cannot be set up.
Page 384: Options
18 VPN Teldat GmbH Field Description • : OSPF is disabled for this interface. Proxy ARP Mode Select whether your device is to respond to ARP requests from its own LAN on behalf of the specific L2TP partner. Possible values: •...
Page 385: Pptp
18 VPN Teldat GmbH Field Description UDP Destination Port Enter the port to be monitored by the LNS on incoming L2TP tunnel connections. Available values are all whole numbers from , the default value is , as specified in RFC 2661.
Page 386 18 VPN Teldat GmbH 18.3.1.1 New Click on New to set up further PPTP partners. PPTP PPTP Tunnels Fig. 142: -> -> -> The VPN->PPTP->PPTP Tunnels->New menu consists of the following fields: Fields in the PPTP Partner Parameters menu. bintec Rxxx2/RTxxx2...
Page 387 18 VPN Teldat GmbH Field Description Description Enter a unique name for the tunnel. The first character in this field must not be a number No special characters or umlauts must be used. PPTP Mode Enter the role to be assigned to the PPTP interface.
Page 388 18 VPN Teldat GmbH Fields in the IP Mode and Routes menu. Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: •...
Page 389 18 VPN Teldat GmbH Field Description • : The lower the value, the higher the priority of the route (possible values ). The default value is . IP Assignment Pool Only if PPTP Mode = , IP Address Mode = (IPCP) Select a IP pool configured in the VPN->PPTP->IP Pools...
Page 390 18 VPN Teldat GmbH Field Description Possible values: • : MPP encryption is not used. • (default value): MPP encryption V2 with 128 bit is used to RFC 3078. • : MPP encryption V2 with 128 bit is used as compatible with Microsoft and Cisco.
Page 391 18 VPN Teldat GmbH Field Description propagated or OSPF protocol packets sent over this interface. • : OSPF is disabled for this interface. Proxy ARP Mode Select whether your device is to answer APR requests from your LAN on behalf of the specific PPTP partner.
Page 392: Options
18 VPN Teldat GmbH Field Description cial applications. Incoming ISDN Num- Only if Callback is enabled. Enter the ISDN number from which the remote device calls the local device (calling party number). Outgoing ISDN Num- Only if Callback is enabled.
Page 393: Ip Pools
1 from Microsoft Windows XP. Since, in SP 1, Mi- crosoft has changed the confirmation algorithm in the GRE pro- tocol, the automatic window adaptation for GRE must be turned off for Teldat devices. The function is enabled with The function is enabled by default.
Page 394: Gre
18 VPN Teldat GmbH 18.3.3.1 Edit or New Choose theNew button to set up new IP address pools. Choose the icon to edit existing entries. PPTP IP Pools Fig. 144: -> -> Fields in the menu Basic Parameters Field Description IP Pool Name Enter any description to uniquely identify the IP pool.
Page 395: Gre Tunnels
18 VPN Teldat GmbH over this interface is then encapsulated using GRE and sent to the specified recipient. 18.4.1 GRE Tunnels A list of all configured GRE tunnels is displayed in the VPN->GRE->GRE Tunnels menu. 18.4.1.1 New Choose the New button to set up new GRE tunnels.
Page 396 18 VPN Teldat GmbH Field Description Default Route If you enable the Default Route, all data is automatically routed to one connection. The function is disabled by default. Local IP Address Here, enter the (LAN-side) IP address that is to be used as your device's source address for your own packets through the GRE tunnel.
Page 397: Chapter 19 Firewall
19 Firewall Teldat GmbH Chapter 19 Firewall The Stateful Inspection Firewall (SIF) provided for Teldat gateways is a powerful security feature. The SIF with dynamic packet filtering has a decisive advantage over static packet filtering: The decision whether or not to send a packet cannot be made solely on the basis of source and destination addresses or ports but also using dynamic packet filtering based on the state of the connection to a partner.
Page 398: Policies
19 Firewall Teldat GmbH One of the basic functions of NAT is the translation of the local IP addresses of your LAN into the global IP addresses you are assigned by your ISP and vice versa. All connections initiated externally are first blocked, i.e. every packet your device cannot assign to an exist- ing connection is rejected.
Page 399 19 Firewall Teldat GmbH in succession until a rule matches. If overlapping occurs, i.e. more than one filter rule matches a packet, only the first rule is executed. This means that if the first rule denies a packet, whereas a later rule allows it, the packet is rejected. A deny rule also has no effect if a relevant packet has previously been allowed by another filter rule.
Page 400 19 Firewall Teldat GmbH Field Description Source Select one of the preconfigured aliases for the source of the packet. In the list, all WAN/LAN interfaces, interface groups (see Fire- wall->Interfaces->Groups), addresses (see Firewall->Ad- dresses->Address List) and address groups (see Firewall->Addresses->Groups) are available.
Page 401 19 Firewall Teldat GmbH Field Description Action Select the action to be applied to a filtered packet. Possible values: • (default value): The packets are forwarded on the basis of the entries. • : The packets are rejected. • : The packets are rejected. An error message is is- sued to the sender of the packet.
Page 402: Qos
19 Firewall Teldat GmbH 19.1.2 QoS More and more applications need increasingly larger bandwidths, which are not always available. Quality of Service (QoS) makes it possible to distribute the available bandwidths effectively and intelligently. Certain applications can be given preference and bandwidth re- served for them.
Page 403: Options
19 Firewall Teldat GmbH Field Description Filter Rules This field contains a list of all configured firewall policies for which QoS was activated (Apply QoS = ). The follow- ing options are available for each list entry: • Use: Select whether this entry should be assigned to the QoS interface.
Page 404 19 Firewall Teldat GmbH Field Description Firewall Status Enable or disable the firewall function. The function is enabled with The function is enabled by default. Logged Actions Select the firewall syslog level. The messages are output together with messages from other subsystems.
Page 405: Interfaces
19 Firewall Teldat GmbH Field Description The default value is Other Inactivity Enter the inactivity time after which a session of another type is to be regarded as expired (in seconds). Possible values are The default value is 19.2 Interfaces 19.2.1 Groups...
Page 406: Addresses
19 Firewall Teldat GmbH Field Description Description Enter the desired description of the interface group. Members Select the members of the group from the available interfaces. To do this, activate the field in the Selection column. 19.3 Addresses 19.3.1 Address List A list of all configured addresses is displayed in the Firewall->Addresses->Address List...
Page 407: Groups
19 Firewall Teldat GmbH Field Description • : Enter an IP address range with a start and end address. Address / Subnet Only for Address Type = Enter the IP address of the host or a network address and the related netmask.
Page 408: Services
19 Firewall Teldat GmbH Field Description Selection Select the members of the group from the available Addresses. To do this, activate the Fields in the Selection column. 19.4 Services 19.4.1 Service List In the Firewall->Services->Service List menu, a list of all available services is displayed.
Page 409 19 Firewall Teldat GmbH Field Description specified port number is verified. If a port range is to be checked, enter the upper limit here. Possible values are Source Port Range Only for Protocol = In the first field, enter the source port to be checked, if applic- able.
Page 410: Groups
19 Firewall Teldat GmbH Field Description Code Selection options for the ICMP codes are only available for Type = Possible values: • (default value) • • • • • • • 19.4.2 Groups A list of all configured service groups is displayed in the Firewall->Services->Groups menu.
Page 411 19 Firewall Teldat GmbH Firewall Services Groups Fig. 154: -> -> -> The menu Firewall->Services->Groups->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the desired description of the service group. Members Select the members of the group from the available service ali- ases.
Page 412: Voip
20 VoIP Teldat GmbH Chapter 20 VoIP Voice over IP (VoIP) uses the IP protocol for voice and video transmission. The main difference compared with conventional telephony is that the voice information is not transmitted over a switched connection in a telephone network, but divided into data packets by the Internet protocol and these packets are then passed to the destination over undefined paths in a network.
Page 413 20 VoIP Teldat GmbH 20.1.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create application level gateway entries. VoIP Application Level Gateway SIP Proxies Fig. 155: -> -> -> The VoIP->Application Level Gateway->SIP Proxies->...
Page 414: Sip Endpoints
20 VoIP Teldat GmbH Field Description data packets are sent or received. This value must be greater than the SIP Expire Time of the con- nected SIP client (SIP telephone, terminal adapter etc.) The default value is Low Latency Trans-...
Page 415 20 VoIP Teldat GmbH Note Entries created dynamically for active sessions cannot be edited. These entries can only be removed resulting in the immediate termination of the corresponding SIP con- nection. VoIP Application Level Gateway SIP Endpoints Fig. 156: ->...
Page 416: Media Gateway
(IP networks). With the Teldat Media Gateway, a company equipped with an automatic PBX on a wired telephone network can be connected to a SIP Trunking Service Provider on the Internet in order to use IP telephony.
Page 417: Extensions
20 VoIP Teldat GmbH 20.2.1 Extensions Here you can configure the numbers of the terminal devices (=Extensions) connected to the media gateway, i.e. the numbers of the SIP terminals and the numbers of the ISDN ter- minals, depending on the available interfaces.
Page 418 20 VoIP Teldat GmbH The VoIP->Media Gateway->Extensions-> +New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the extension. Extension / User Name ISDN terminals: Enter the subscriber number the extension.
Page 419 20 VoIP Teldat GmbH Field Description SIP REGISTER. Normally, every SIP client (user) sends its cur- rent position to a REGISTRAR server by means of a RE- GISTER message. This information about the user and his cur- rent address is held by the REGISTRAR server and queried by other proxies to find the user.
Page 420 20 VoIP Teldat GmbH Field Description Only for Interface Type = Password Enter a password here. A maximum of 20 characters can be entered. The password given here must also be entered on the SIP tele- phone. Protocol Select the protocol to be used for data transmission.
Page 421 20 VoIP Teldat GmbH Field Description decs chosen here are proposed in a certain order, depending on the setting in the Codec Proposal Sequence field. Possible values: • : ISDN codec according to US law • : ISDN codec according to EU law •...
Page 422: Sip Accounts
20 VoIP Teldat GmbH Field Description Comfort Noise Genera- Specify whether Comfort Noise Generation should be used. tion (CNG) For digital voice transmission, this function introduces a low level of background noise to avoid the impression that, during pauses at the other end, the connection is lost.
Page 423 20 VoIP Teldat GmbH 20.2.2.1 Edit or New Select the New button to create new SIP accounts. Choose the icon to edit existing entries. In this menu SIP accounts are configured in SIP client mode as well as in SIP serv- er mode.
Page 424 20 VoIP Teldat GmbH Field Description Description Enter the name of the SIP account. Administrative Status Select whether the SIP account should be enabled or disabled. The function is enabled with The function is enabled by default. Trunk Mode Select whether and in which trunk mode the SIP account should be operated.
Page 425 20 VoIP Teldat GmbH Field Description A maximum of 32 characters can be entered. Here you must make an entry only if, for all SIP sessions, the communication is not to be direct but via a further proxy. In SIP client mode: Enter a name or IP address only if this is ex- plicitly specified by the provider.
Page 426 20 VoIP Teldat GmbH Field Description In SIP server mode: Define a PIN or a password. A maximum of 40 characters can be entered. Registration Specify whether the registration mechanism is to be used by SIP REGISTER. Normally, every SIP client (user) sends its cur- rent position to a REGISTRAR server by means of a RE- GISTER message.
Page 427 20 VoIP Teldat GmbH Field Description • : The sender ID is placed in both "Display" and "User" fields of the SIP header. • : The sender ID is placed in the "Display" field of the SIP header. • : The sender ID is sent in the "User" field of the SIP header.
Page 428 20 VoIP Teldat GmbH Field Description Possible values: • : ISDN codec according to US law • : ISDN codec according to EU law • : Compressed from 31 to 8 kbps; good voice quality • : Compressed from 63 to 40 kbps •...
Page 429: Call Routing
20 VoIP Teldat GmbH Field Description level of background noise to avoid the impression that, during pauses at the other end, the connection is lost. The function is enabled with The function is enabled by default. Packet Size Specify how many milliseconds of voice an RTP data packet should contain.
Page 430 20 VoIP Teldat GmbH VoIP Media Gateway Call Routing Fig. 159: -> -> -> The VoIP->Media Gateway->Call Routing-> +New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the entry.
Page 431 20 VoIP Teldat GmbH Field Description terfaces in NT mode, SIP accounts in trunk mode (server mode). • : For calls that are not to be routed (to be blocked). Calling Line You can restrict the application of the entry to the line on which the call comes in.
Page 432 20 VoIP Teldat GmbH Fields in the Routing Rules menu (For Type = Accept Rule only) Field Description Priority Enter a whole number starting with 1 in ascending order to define the order of filter rules. The rules are worked through in the order given in the list.
Page 433: Clid Translation
20 VoIP Teldat GmbH 20.2.4 CLID Translation Here you define the processing of the calling party number for incoming calls. You can, for example, add a prefix to a received call number in order to route corresponding outgoing calls via a particular SIP account.
Page 434 20 VoIP Teldat GmbH Field Description PRI interface. • : Restricts the entry to the selected BRI interface. • : Restricts the entry to the selected SIP ac- count. • : No restriction of the entry. Here you have the option of entering the destination line of the Called Line call.
Page 435: Call Translation
20 VoIP Teldat GmbH Field Description Example 20.2. Example of a rule • Rule: <:+49911>; • number dialled: 96731234 • manipulated number: +4991196731234 20.2.5 Call Translation You can create a list for the translation of subscriber numbers, i.e. this list associates in- ternal and external numbers.
Page 436 20 VoIP Teldat GmbH VoIP Media Gateway Call Translation Fig. 161: -> -> -> The VoIP->Media Gateway->Call Translation-> +New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the call translation.
Page 437: Isdn Trunks
20 VoIP Teldat GmbH Field Description incoming calls, the signalled Called Party Number (corresponds in the menu to the External Address) is translated to Local Address. For outgoing calls, the signalled Calling Party Number (corresponds in the menu to the Local Address field) is trans- lated to External Address.
Page 438: Options
20 VoIP Teldat GmbH VoIP Media Gateway ISDN Trunks Fig. 162: -> -> The VoIP->Media Gateway->ISDN Trunksmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the party line. The maximum number of characters is 40.
Page 439 20 VoIP Teldat GmbH VoIP Media Gateway Options Fig. 163: -> -> The VoIP->Media Gateway->Optionsmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Media Gateway Status Select whether the media gateway function should be enabled.
Page 440 20 VoIP Teldat GmbH Field Description particular provider (SIP account), you must configure a cor- responding call routing entry. Internal calls (from internal ex- tension to internal extension) that are only to be routed intern- ally do not require an additional call routing entry.
Page 441: Rtsp
20 VoIP Teldat GmbH Field Description The default value is . If you terminate the number entered with #, dialling is immedi- ate. Fields in the Advanced Settings menu. Field Description Speed Dialing Define short sequences of numbers that can be dialled instead of the entire number.
Page 442: Rtsp Proxy
20 VoIP Teldat GmbH 20.3.1 RTSP Proxy In the VoIP->RTSP->RTSP Proxy menu, you configure the use of the RealTime Streaming protocol. VoIP RTSP RTSP Proxy Fig. 164: -> -> The VoIP->RTSP->RTSP Proxymenu consists of the following fields: Fields in the Basic Parameters menu.
Page 443: Local Services
21 Local Services Teldat GmbH Chapter 21 Local Services This menu offers services for the following application areas: • Name resolution (DNS) • Configuration via web browser (HTTPS) • Locating of dynamic IP addresses using a DynDNS provider • Configuration of gateway as a DHCP server (assignment of IP addresses) •...
Page 444 21 Local Services Teldat GmbH Under Local Services->DNS->Global Settings->Basic Parameters you enter the IP ad- dresses of name servers that are queried if your device cannot answer requests itself or by forwarding entries. Global name servers and name servers that are attached to an interface can both be entered.
Page 445: Global Settings
21 Local Services Teldat GmbH 21.1.1 Global Settings Local Services Global Settings Fig. 165: -> -> The menu Local Services->DNS->Global Settings consists of the following fields: Fields in the Basic Parameters menu. Field Description Domain Name Enter the standard domain name of your device.
Page 446 21 Local Services Teldat GmbH Field Description i.e. successfully resolved names and IP addresses are to be stored in the cache. The function is activated by selecting The function is enabled by default. Negative Cache Select whether the negative dynamic cache is to be activated, i.e.
Page 447: Dns Servers
21 Local Services Teldat GmbH Fields in the IP address to use for DNS/WINS server assignment menu. Field Description As DHCP Server Select which name server addresses are sent to the DHCP cli- ent if your device is used as DHCP server.
Page 448 21 Local Services Teldat GmbH Local Services DNS Servers Fig. 166: -> -> -> The Local Services->DNS->DNS Servers->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Admin Status Select whether the DNS server should be enabled.
Page 449: Static Hosts
21 Local Services Teldat GmbH Field Description • (default value) Interface Select the interface to which the DNS server pair is to be as- signed. For Interface Mode = A global DNS server is created with the setting For Interface Mode = A DNS server is configured for all interfaces with the setting.
Page 450: Domain Forwarding
DNS request. If a negative response is received to a DNS re- quest, no address is specified. The entry can also start with the wildcard *, e.g. *.teldat.de. If a name is entered without a dot, this is completed with OK "<Name.>...
Page 451 Only for Forwarding = Enter the name of the host to be forwarded. The entry can also start with the wildcard *, e.g. *.teldat.de. If a name is entered without a full stop, you complete with OK " <Default Domain>. " " is added.
Page 452: Cache
21 Local Services Teldat GmbH Field Description Forward to Select the forwarding destination requests to the name defined in Host or Domain. Possible values: • (default value): The request is forwarded to the defined Interface. • : The request is forwarded to the defined DNS Server.
Page 453: Statistics
21 Local Services Teldat GmbH 21.1.6 Statistics Local Services Statistics Fig. 170: -> -> In the Local Services->DNS->Statisticsmenu, the following statistical values are dis- played: Fields in the DNS Statistics menu. Field Description Received DNS Packets Shows the number of received DNS packets addressed direct to your device, including the response packets for forwarded re- quests.
Page 454: Https
21 Local Services Teldat GmbH 21.2 HTTPS You can operate the user interface of your device from any PC with an up-to-date Web browser via an HTTPS connection. HTTPS (HyperText Transfer Protocol Secure) is the procedure used to establish an en- crypted and authenticated connection by SSL between the browser used for configuration and the device.
Page 455: Dyndns Client
21 Local Services Teldat GmbH Field Description • : Under System Management->Cer- tificates->Certificate List select entered certificate. 21.3 DynDNS Client The use of dynamic IP addresses has the disadvantage that a host in the network can no longer be found once its IP address has changed. DynDNS ensures that your device can still be reached after a change to the IP address.
Page 456 21 Local Services Teldat GmbH Local Services DynDNS Client DynDNS Update Fig. 172: -> -> -> The menu Local Services->DynDNS Client->DynDNS Update->New consists of the fol- lowing fields: Fields in the Basic Parameters menu. Field Description Host Name Enter the complete host name as registered with the DynDNS provider.
Page 457: Dyndns Provider
21 Local Services Teldat GmbH Field Description The default value is Enable update Select whether the DynDNS entry configured here is to be activ- ated. The function is activated by selecting The function is disabled by default. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
Page 458 21 Local Services Teldat GmbH Local Services DynDNS Client DynDNS Provider Fig. 173: -> -> -> The menu Local Services->DynDNS Client->DynDNS Provider->New consists of the fol- lowing fields: Fields in the Basic Parameters menu. Field Description Provider Name Enter a name for this entry.
Page 459: Dhcp Server
DHCP server as a network broadcast.* The client then receives its IP address from Teldat (as part of a brief exchange). You therefore do not need to allocate fixed IP addresses to PCs, which reduces the amount of configuration work in your network.
Page 460: Dhcp Configuration
21 Local Services Teldat GmbH 21.4.1.1 Edit or New Choose the New button to set up new IP address pools. Choose the icon to edit exist- ing entries. Local Services DHCP Server IP Pool Configuration Fig. 174: -> Fields in the menu Basic Parameters...
Page 461 21 Local Services Teldat GmbH Note In the ex works state the DHCP pool is preconfigured with the IP addresses 192.168.0.10 to 192.168.0.49 and is used if there is no other DHCP server available in the network. 21.4.2.1 Edit or New Choose the New button to set up new IP address pools.
Page 462 21 Local Services Teldat GmbH Field Description Pool Usage Specify whether the IP pool is used for DHCP requests in the same subnet or for DHCP requests that have been forwarded to your device from another subnet. In this case it is possible to define IP addresses from another network.
Page 463 21 Local Services Teldat GmbH Field Description • : Enter the IP address of the DNS server to be sent to the client. • : Enter the DNS domain to be sent to the client. • : Enter the IP address of the WINS/ NBNS server to be sent to the client.
Page 464: Ip/Mac Binding
21 Local Services Teldat GmbH Field Description shall be transmitted for the DHCP server. Possible values: • (default value) • Provisioning Server Your device does not currently use this parameter. (code 3) Enter which manufacturer value shall be transmitted. For the setting Select vendor = , the default value is displayed.
Page 465: Dhcp Relay Settings
21 Local Services Teldat GmbH Local Services DHCP Server IP/MAC Binding Fig. 176: -> -> -> The menu Local Services->DHCP Server->IP/MAC Binding->New consists of the follow- ing fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the host to which the MAC Address the IP Address is to be bound.
Page 466: Web Filter
21 Local Services Teldat GmbH Local Services DHCP Server DHCP Relay Settings Fig. 177: -> -> The menu Local Services->DHCP Server->DHCP Relay Settings consists of the follow- ing fields: Fields in the Basic Parameters menu. Field Description Primary DHCP Server Enter the IP address of a server to which BootP or DHCP re- quests are to be forwarded.
Page 467: General
21 Local Services Teldat GmbH 21.5.1 General This menu contains the configuration of basic parameters for using the Proventia Web Fil- ter. Local Services Web Filter General Fig. 178: -> -> The Local Services->Web Filter->Generalmenu consists of the following fields: Fields in the Web Filter Options menu.
Page 468 21 Local Services Teldat GmbH Field Description Press the Add button to add more interfaces. The requests from http Internet pages that reach your device via these interfaces are then monitored by web filtering. Maximum Number of Define the number of entries to be saved in the web filtering his- History Entries tory (History menu).
Page 469: Filter List
21 Local Services Teldat GmbH Field Description Licence Status Shows the result of the last validity check of the licence. The validity of the licence is checked every 23 hours. License valid until This shows the expiry date of the licence (relative to the time set on your device) and cannot be edited.
Page 470 21 Local Services Teldat GmbH Field Description Category Select which category of addresses/URLs the filter is to be used The options are first the standard categories of the Proventia Web Filter (default value: ). Actions can also be defined for the following special cases, e.g.: •...
Page 471: Black / White List
21 Local Services Teldat GmbH Field Description • : Callup is allowed and not logged. 21.5.3 Black / White List The Local Services->Web Filter->Black / White List menu contains a list of URLs or IP addresses, as the case applies. The addresses on the White List can also be called if they had been blocked because of filter configuration and classification in the Proventia web filter.
Page 472: History
21 Local Services Teldat GmbH 21.5.4 History In the Local Services->Web Filter->History menu, you can view the recorded history of the web filter. The history logs all requests that are marked for logging by a relevant filter (Action = ), likewise all rejected requests.
Page 473: Options
21 Local Services Teldat GmbH 21.6.1.1 New Choose the New button to set up new CAPI users. Local Services CAPI Server User Fig. 182: -> -> -> The menu Local Services->CAPI Server->User->New consists of the following fields: Fields in the Basic Parameters menu.
Page 474: Scheduling
21 Local Services Teldat GmbH 21.6.2 Options Local Services CAPI Server Options Fig. 183: -> -> The menu Local Services->CAPI Server->Options consists of the following fields: Fields in the Basic Parameters menu. Field Description Enable server Select whether your device is to be enabled as a CAPI server.
Page 475: Trigger
Caution The configuration of actions that are not available as defaults requires extensive know- ledge of the method of operation of Teldat gateways. An incorrect configuration can cause considerable disruption during operation. If applicable, save the original config- uration on your PC.
Page 476 21 Local Services Teldat GmbH Local Services Scheduling Trigger Fig. 184: -> -> -> The menu Local Services->Scheduling->Trigger->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Event List You can create a new event list with (default value).
Page 477 21 Local Services Teldat GmbH Field Description are initiated when the defined MIB variables assumes the as- signed values. • : Operations configured and assigned in Actions are initiated, when the defined interfaces take on a specified status. • : The operations configured and as- signed in Actions are triggered if the data traffic on the spe- cified interfaces falls below or exceed the defined value.
Page 478 21 Local Services Teldat GmbH Field Description Monitored Interface Only for Event Type Select the interface whose defined status shall trigger an opera- tion. Interface Status Only for Event Type Select the status that the interface must have in order to initiate the intended operation.
Page 479 21 Local Services Teldat GmbH Field Description Enter an IP address to be used as sender address for the ping test. Possible values: • (default value): The IP address of the interface over which the ping is sent is automatically entered as sender address.
Page 480 21 Local Services Teldat GmbH Field Description Possible values: • : Select a weekday in Condition Settings. • (default value): In Condition Settings, select a par- ticular period. • : Select a specific day of the month in Condi- tion Settings.
Page 481: Actions
21 Local Services Teldat GmbH 21.7.2 Actions In the Local Services->Scheduling->Actions menu is displayed a list of all operations to be initiated by events or event chains configured in Local Services->Scheduling->Trigger. 21.7.2.1 New Choose the New button to configure additional operations.
Page 482 21 Local Services Teldat GmbH Field Description • : Accessibility of an IP address is checked. • : A certificate is to be renewed, deleted or entered. • : A scan of the 5 GHz frequency band is performed. •...
Page 483 21 Local Services Teldat GmbH Field Description Command Mode Only if Command Type = Select how the MIB entry is to be manipulated. Possible settings: • (default value): An existing entry shall be modified. • : A new entry shall be created.
Page 484 Only if Command Type = Select the source for the software update. Possible values: • (default value): The latest software will be downloaded from the Teldat server. • : The latest software will be downloaded from an HTTP server that you define in •...
Page 485 21 Local Services Teldat GmbH Field Description Enter the URL of the server from which the desired software version is to be retrieved. For Command Type = with Action = Enter the URL of the server from which a configuration file is to...
Page 486 21 Local Services Teldat GmbH Field Description if Action = Select the protocol for the data transfer. Possible values: • (default value) • • CSV File Format Only for Command Type = and Action = Select whether the file is to be sent in the CSV format.
Page 487 21 Local Services Teldat GmbH Field Description For Command Type = Action = Select the file to be renamed. For Command Type = Action = Select the file to be deleted. For Command Type = Action = Select the file to be copied.
Page 488 21 Local Services Teldat GmbH Field Description already loaded configuration. If not, the file import is interrupted. The function is disabled by default. Destination IP Address Only if Command Type = Enter the IP address whose accessibility is to be checked.
Page 489 21 Local Services Teldat GmbH Field Description For Command Type = and Ac- tion = Select the certificate to be deleted. Password for protec- Only for Command Type = ted Certificate Action = Select whether to use a secure certificate requiring a password and enter it into the entry field.
Page 490 21 Local Services Teldat GmbH Field Description Enter a subject name with attributes. Example: CA Name Only for Command Type = Action = Enter the name of the CA certificate of the certification authority (CA) from which you wish to request your certificate, e.g.
Page 491: Options
21 Local Services Teldat GmbH Field Description er of this certificate. Possible values: • (default value): In case there is an entry for a CDP, CRL distribution point this should be evaluated in addition to the CRLs globally configured in the device.
Page 492: Surveillance
21 Local Services Teldat GmbH The Local Services->Scheduling->Optionsmenu consists of the following fields: Fields in the Scheduling Options menu. Field Description Schedule Interval Select whether the schedule interval is to be enabled for the in- terface. Enter the period of time in seconds after which the system checks whether configured events have occurred.
Page 493 21 Local Services Teldat GmbH Local Services Surveillance Hosts Fig. 187: -> -> -> The menu Local Services->Surveillance->Hosts->New consists of the following fields: Fields in the Host Parameters menu Field Description Group ID If the availability of a group of hosts or the default gateway is to be monitored by your device, select an ID for the group or the default gateway.
Page 494 21 Local Services Teldat GmbH Field Description monitored. • : Enter the IP address of the host to be monitored manually in the adjacent input field. Source IP Address Select how the IP address is to be determined that your device uses as the source address of the packet sent to the host to be monitored.
Page 495: Interfaces
21 Local Services Teldat GmbH Field Description Action to be performed Select which Action should be run. For most actions, you select an Interface to which the Action relates. All physical and virtual interfaces can be selected. For each interface, select whether it is to be enabled (...
Page 496: Temperature
21 Local Services Teldat GmbH Field Description Trigger Select the state or state transition of Monitored Interface that is to trigger a particular Interface Action. Possible values: • (default value) • Interface Action Select the action that is to follow the state or state transition defined in Trigger.
Page 497 21 Local Services Teldat GmbH 21.8.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure new limits and actions. Local Services Surveillance Temperature Fig. 189: -> -> -> Fields in the Basic Parameters menu.
Page 498: Ping Generator
21 Local Services Teldat GmbH 21.8.4 Ping Generator In the Local Services->Surveillance->Ping Generator menu, a list of all configured, auto- matically generated pings is displayed. 21.8.4.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create additional pings.
Page 499: Isdn Theft Protection
21 Local Services Teldat GmbH Field Description The default value is Trials Enter the number of ping tests to be performed until Destina- tion IP Address as applies. The default value is . 21.9 ISDN Theft Protection With the ISDN theft protection function, you can prevent a thief who has stolen a gateway from gaining access to the gateway owner's LAN.
Page 500 21 Local Services Teldat GmbH Local Services ISDN Theft Protection Options Fig. 191: -> -> The menu Local Services->ISDN Theft Protection->Options consists of the following fields: Fields in the Basic Parameters menu. Field Description ISDN Theft Protection Enable or disable the ISDN theft protection function.
Page 501: Upnp
21 Local Services Teldat GmbH Field Description Use Add to add a new interface. Select from the available interfaces those to which the ISDN theft protection function is to be applied. Fields in the Advanced Settings menu. Field Description Number of Dialling Re-...
Page 502: Interfaces
21 Local Services Teldat GmbH . The ports are released internally to the gateway on demand, i.e. when an audio/video transfer is started in Messenger. When the application is closed, the ports are immediately closed again. The peer-to-peer-communication is initiated via public SIP servers with only the information from the two clients being forwarded.
Page 503: General
21 Local Services Teldat GmbH Field Description Interface is UPnP con- Determine whether the NAT configuration of this interface is trolled controlled by UPnP. The function is enabled with The function is disabled by default. 21.10.2 General In this menu, you make the basic UPnP settings.
Page 504: Hotspot Gateway
Ethernet). The solution is adapted to setup of smaller and larger Hotspot solutions for cafes, hotels, companies, communal residences, campgrounds, etc. The HotSpot Solution consists of a Teldat gateway installed onsite (with its own WLAN access point or additional connected WLAN device or wired LAN) and of the Hotspot serv- er, centrally located at a computing centre.
Page 505: Hotspot Gateway
Also refer to the WLAN Hotspot Workshop that is available to download from www.teldat.de 21.11.1 HotSpot Gateway In the HotSpot Gateway menu, you can configure the Teldat gateway installed onsite for the Hotspot Solution. A list of all configured hotspot networks is displayed in the Local Services->HotSpot...
Page 506 21 Local Services Teldat GmbH Gateway->HotSpot Gateway menu. Local Services HotSpot Gateway HotSpot Gateway Fig. 194: -> -> You can use the Enabled option to enable or disable the corresponding entry. 21.11.1.1 Edit or New You configure the hotspot networks in the Local Services->HotSpot Gateway->HotSpot Gateway->...
Page 507 21 Local Services Teldat GmbH Field Description Interface Choose the interface to which the Hotspot LAN or WLAN is con- nected. When operating over LAN, enter the Ethernet interface here (e. g. en1-0). If operating over WLAN, the WLAN interface to which the access point is connected must be selected.
Page 508 21 Local Services Teldat GmbH Field Description Terms &Conditions Only if Walled Garden is enabled. In the Terms &Conditions input field, enter the address of the general terms and conditions on the intranet server, or public server, e.g., http://www.webserver.de/agb.htm. The page must lie within the address range of the walled garden network.
Page 509: Options
21 Local Services Teldat GmbH Field Description Login Frameset Enable or disable the login window. The login window on the HTML homepage consists of two frames. When the function is enabled, the login form displays on the left- hand side.
Page 510: Brrp
Note You require a licence for devices in the R23x series and RS series. BRRP (Bintec Router Redundancy Protocol) is a Teldat-specific implementation of the VRRP (Virtual Router Redundancy Protocol). A router redundancy procedure is used mainly to safeguard the availability of a physical gateway in a LAN or WAN.
Page 511: Virtual Routers
21 Local Services Teldat GmbH Field Description first address. VRRP advertisements are always sent with the primary IP address as source of the IP packet.” VRRP Advertisement A keepalive that sends the master to the backup gateway to in- dicate his reachability.
Page 512 21 Local Services Teldat GmbH Note This interface is used to transmit the BRRP advertisement data packets and possibly to transmit keepalive monitoring data packets. Another interface must be configured in the next step to transmit the usage data. Configuration of the advertisement interface is performed in the Local Services->BRRP- >Virtual Router->New menu under BRRP Advertisement Interface.
Page 513 21 Local Services Teldat GmbH events, which result in a switching of the operating status of the virtual router. Controlling the operating status of a virtual router implicitly also controls the operating status of the interface to which the virtual router is linked. If an error occurs, all interfaces on a device have to be deactivated.
Page 514 21 Local Services Teldat GmbH Fields in the BRRP Advertisement Interface menu. Field Description Ethernet Interface Choose the interface via which BRRP advertisement packets are sent and expected. If you edit a Virtual Router, the Ethernet interface is displayed and cannot be changed.
Page 515 21 Local Services Teldat GmbH Field Description Virtual Interface Prior- Define the transmitted BRRP priority of the interface for the vir- tual router. Higher priorities determine the master interfaces during the initialization pahse as well as with active Pre- Empt-Mode.Possible values are between .
Page 516 21 Local Services Teldat GmbH Field Description um period depending on the priority. The higher the priority, the shorter the time added. Consequently, a backup router with a higher priority responds more quickly than a router with lower priority). Possible values are whole numbers between...
Page 517: Vr Synchronisation
21 Local Services Teldat GmbH 21.12.2 VR Synchronisation The watchdog daemon is configured in the Local Services->BRRP->VR Synchronisation menu, i.e. you define how state changes are handled. After opening the menu Local Services->BRRP->VR Synchronisation a list of all syn- chronisations is displayed. You can either synchronise virtual interfaces or interfaces. New synchronisations can be added in the New menu.
Page 518: Options
21 Local Services Teldat GmbH Field Description vertisements as per its configuration in the Local Services->BRRP->Virtual Routers->New->Advanced Set- tings menu.) Virtual Router ID Select a virtual router using the Virtual Router ID and define which interface is to be checked. You can choose previously defined IDs (see Virtual Router ID in the Local Services->BRRP->Virtual Router->New menu under BRRP...
Page 519 21 Local Services Teldat GmbH Field Description Enable BRRP Enable or disable the BRRP function. The function is enabled with The function is disabled by default. bintec Rxxx2/RTxxx2...
Page 520: Maintenance
22 Maintenance Teldat GmbH Chapter 22 Maintenance This menu provides you with numerous functions for maintaining your device. It firstly provides a menu for testing availability within the network. You can manage your system configuration files. If more recent system software is available, you can use this menu to in- stall it.
Page 521: Dns Test
22 Maintenance Teldat GmbH 22.1.2 DNS Test Maintenance Diagnostics DNS Test Fig. 201: -> -> The DNS test is used to check whether the domain name of a particular host is correctly re- solved. The Outputfield displays the DSN test messages. The ping test is launched by en- tering the domain name to be tested in DNS Address and clicking the Go button.
Page 522: Software &Configuration
An update of BOOTmonitor and/or Logic is recommended in a few cases. In this case, the release notes refer expressly to this fact. Only update BOOTmonitor or Logic if Teldat GmbH explicitly recommends this. Flash Your device saves its configuration in configuration files in the flash EEPROM (Electrically Erasable Programmable Read Only Memory).
Page 523 22 Maintenance Teldat GmbH stored in the working memory (RAM). The contents of the RAM are lost if the device is switched off. So if you modify your configuration and want to keep these changes for the next time you start your device, you must save the modified configuration in the flash memory before switching off: The Save configuration button over the navigation area of the GUI.
Page 524 22 Maintenance Teldat GmbH The Maintenance->Software &Configuration ->Optionsmenu consists of the following fields: Fields in the Currently Installed Software menu. Field Description BOSS Shows the current software version loaded on your device. Shows the current system logic loaded on your device.
Page 525 22 Maintenance Teldat GmbH Field Description the current configuration was saved as boot configuration and the previ- ous boot configuration was also archived. You can load back the archived boot configuration. • : The file in the Select file field is deleted.
Page 526 22 Maintenance Teldat GmbH Field Description • : The configuration file Current File Name in Flash is transferred to your local host. If you click the Go button, a dialog box is displayed, in which you can select the storage location on your PC and enter the de- sired file name.
Page 527 : The file is stored on a remote server specified in the URL. • : The file is on the official Teldat update server. Only for Source Location = Enter the URL of the update server from which the system soft- ware file is loaded.
Page 528: Reboot
22 Maintenance Teldat GmbH Field Description New File Name Only for Action = Enter the new name of the configuration file. 22.3 Reboot 22.3.1 System Reboot In this menu, you can trigger an immediate reboot of your device. Once your system has restarted, you must call the GUI again and log in.
Page 529: External Reporting
23 External Reporting Teldat GmbH Chapter 23 External Reporting In this system menu, you define what system protocol messages are saved on which com- puters, and whether the system administrator should receive an e-mail for certain events. Information on IP data traffic can also be saved--depending on the individual interfaces. In addition, SNMP traps can be sent to specific hosts in case of error.
Page 530 23 External Reporting Teldat GmbH A list of all configured system log servers displayed in the External Reporting->Syslog->Syslog Servers menu. 23.1.1.1 New Select the New button to set up additional syslog servers. External Reporting Syslog Syslog Servers Fig. 205: ->...
Page 531 23 External Reporting Teldat GmbH Field Description • (lowest priority) Syslog messages are only sent to the host if they have a higher or identical priority to that indicated, i.e. at syslog level all messages generated are forwarded to the host.
Page 532: Ip Accounting
23 External Reporting Teldat GmbH 23.2 IP Accounting In modern networks, information about the type and number of data packets sent and re- ceived over the network connections is often collected for commercial reasons. This inform- ation is extremely important for Internet Service Providers that bill their customers by data volume.
Page 533 23 External Reporting Teldat GmbH External Reporting IP Accounting Options Fig. 207: -> -> In the External Reporting->IP Accounting->Options menu, you can define the Log Format of the IP accounting messages. The messages can contain character strings in any order, sequences separated by a slash, e.g.
Page 534: Alert Service
23 External Reporting Teldat GmbH 23.3 Alert Service It was previously possible to send syslog messages from the router to any syslog host. De- pending on the configuration, e-mail alerts are sent to the administrator as soon as relevant syslog messages appear.
Page 535 23 External Reporting Teldat GmbH Field Description Possible values: • E-mail • SMS Recipient Enter the recipient's e-mail address. The entry is limited to 40 characters. Message Compression Select whether the text in the alert E-mail is to be shortened.
Page 536 23 External Reporting Teldat GmbH Field Description entered therefore usually contains wildcards. To be informed of all syslog messages of the selected level, just enter "*". Severity Select the severity level which the string configured in the Matching String field must reach to trigger an e-mail alert.
Page 537: Alert Settings
23 External Reporting Teldat GmbH 23.3.2 Alert Settings External Reporting Alert Service Alert Settings Fig. 209: -> -> The menu External Reporting->Alert Service->Alert Settings consists of the following fields: Fields in the Basic Parameters menu. Field Description Alert Service Select whether the alert service is to be enabled for the inter- face.
Page 538 23 External Reporting Teldat GmbH Field Description Possible values: • (default value): The server accepts and send emails without further authentication. • : The server only accepts e-mails if the router logs in with the correct user name and password.
Page 539: Snmp
23 External Reporting Teldat GmbH 23.4 SNMP SNMP (Simple Network Management Protocol) is a protocol from the IP protocol family for transporting management information about network components. Every SNMP management system contains an MIB. SNMP can be used to configure, con- trol and administrate various network components from one system.
Page 540: Snmp Trap Hosts
23 External Reporting Teldat GmbH Field Description Your device then sends SNMP traps to the LAN's broadcast ad- dress. The function is activated by selecting The function is disabled by default. SNMP Trap UDP Port Only if SNMP Trap Broadcasting is enabled.
Page 541: Activity Monitor
23 External Reporting Teldat GmbH External Reporting SNMP SNMP Trap Hosts Fig. 211: -> -> -> The menu External Reporting->SNMP->SNMP Trap Hosts->New consists of the follow- ing fields: Fields in the Basic Parameters menu. Field Description IP Address Enter the IP address of the SNMP trap host.
Page 542: Options
23 External Reporting Teldat GmbH • Start and configure the Windows application on your PC (you can download BRICKware for Windows to your PC from the download area at www.teldat.de and from there import it to your device). 23.5.1 Options...
Page 543 23 External Reporting Teldat GmbH Field Description • : The UDP packets are sent to the IP address entered in the adjacent input field. Update Interval Enter the update interval (in seconds). Possible values are The default value is .
Page 544: Monitoring
24 Monitoring Teldat GmbH Chapter 24 Monitoring This menu contains information that enable you to locate problems in your network and monitor activities, e.g. at your device's WAN interface. 24.1 Internal Log 24.1.1 System Messages In the Monitoring->Internal Log->System Messages menu, a list of all internally stored system messages is displayed.
Page 545: Ipsec
24 Monitoring Teldat GmbH Field Description Subsystem Displays which subsystem of the device generated the mes- sage. Message Displays the message text. 24.2 IPSec 24.2.1 IPSec Tunnels A list of all configured IPSec tunnel providers is displayed in the Monitoring->IPSec->IPSec Tunnels menu.
Page 546 24 Monitoring Teldat GmbH Monitoring IPSec IPSec Tunnels Fig. 215: -> -> -> Values in the IPSec Tunnels list Field Description Description Shows the description of the peer. Local IP Address Shows the WAN IP address of your device. Remote IP Address Shows the WAN IP address of the connection partner.
Page 547: Ipsec Statistics
24 Monitoring Teldat GmbH Field Description Role / Algorithm / Life- time remaining / Status IPSec (Phase-2) SAs Shows the parameters of the IPSec (Phase 2) SAs. Role / Algorithm / Life- time remaining / Status Messages The system messages for this IPSec tunnel are displayed here.
Page 548: Isdn/Modem
24 Monitoring Teldat GmbH Field Description Status Displays the number of IPSec tunnels by their current status. • Up: Currently active IPSec tunnels. • Going up: IPSec tunnels currently in the tunnel setup phase. • Blocked: IPSec tunnels that are blocked.
Page 549: Call History
24 Monitoring Teldat GmbH Monitoring ISDN/Modem Current Calls Fig. 217: -> -> Values in the Current Calls list Field Description Service Displays the service to or from which the call is connected: Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls).
Page 550: Interfaces
24 Monitoring Teldat GmbH Monitoring ISDN/Modem Call History Fig. 218: -> -> Values in the Call History list Field Description Service Displays the service to or from which the call was connected: Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls).
Page 551 24 Monitoring Teldat GmbH Monitoring Interfaces Statistics Fig. 219: -> -> Change the status of the interface by clicking the or the button in the Action column. Values in the Statistics list Field Description Shows the serial number of the interface.
Page 552 24 Monitoring Teldat GmbH Monitoring Interfaces Statistics Fig. 220: -> -> -> Values in the Statistics list Field Description Description Displays the name of the interface. MAC Address Displays the interface text. IP Address / Netmask Shows the IP address and the netmask.
Page 553: Bridges
24 Monitoring Teldat GmbH 24.5 Bridges 24.5.1 br<x> In the Monitoring->Bridges-> br<x> menu, the current values of the configured bridges are shown. Monitoring Bridges Fig. 221: -> Values in the br<x> list Field Description MAC Address Shows the MAC addresses of the associated bridge.
Page 554: Qos
24 Monitoring Teldat GmbH Field Description User Name Displays the user's name. IP Address Shows the IP address of the user. Physical Address Shows the physical address of the user. Logon Displays the time of the notification. Interface Shows the interface used.
Page 555: Ospf
24 Monitoring Teldat GmbH 24.8 OSPF In the Monitoring+OSPF menu information on OSPF is monitored . The OSPF monitor is arranged horizontally in three sections and shows information about OSPF interfaces, the detected neighbor and the LinkStateDatabase entries. 24.8.1 Status In the Monitoring->OSPF->Status menu, a list of all interfaces configured for OSPF is dis-...
Page 556 24 Monitoring Teldat GmbH Field Description Designated Router Shows the IP address of the designated router. The designated router generates network links and distributes these to all gateways within the BMA network (BMA = Broad- cast Multi Access Network, e.g. Ethernet, FDDI, Tokenring).
Page 557: Statistics
24 Monitoring Teldat GmbH Field Description lowing values: • : The connection to this OSPF neighbor is inactive. • : The initial phase. A HELLO packet is received from the neighbor. • : Bidirectional communication with the neighbor. The HELLO packets sent are accepted by the neighbor gateway (with correct parameters).
Page 558 24 Monitoring Teldat GmbH Monitoring OSPF Statistics Fig. 225: Values in the Statistics list Field Description Received Hello Mes- Displays the number of Hello packets received. sages Sent Hello Messages Displays the number of Hello packets sent. Received Database De- Displays the number of received databank entries.
Page 559: Pim
24 Monitoring Teldat GmbH Field Description Links Advertisements ceived. Routing table updates Displays the number of incremental routing table updates per- caused by External Ad- formed when new external Advertisements have been received. vertisements 24.9 PIM 24.9.1 Global Status The status of all configured PIM components is displayed in the Monitoring+PIM+Global Status menu.
Page 560: Not Interface-Specific Status
24 Monitoring Teldat GmbH Field Description Interface Displays the name of the PIM interface. IP Address Displays the primary IP address of the PIM interface. Designated Router Displays the primary IP address of the designated router on this PIM interface.
Page 561 24 Monitoring Teldat GmbH Monitoring Not Interface-Specific Status Fig. 227: Values in the Not Interface-Specific Status list Field Description View Select the desired view from the dropdown menu. Are available: Values in the (*,*,RP) States list Field Description Rendevous Point IP...
Page 562 24 Monitoring Teldat GmbH Field Description Upstream Join Timer Join/Prune Timer is used to periodically send Join(*,*,RP) mes- sages, and to correct Prune(*,*,RP) messages from peers on an Upstream LAN interface. Values in the (*,G) States list Field Description Multicast Group Ad- Displays the multicast group address.
Page 563: Interface-Specific States
24 Monitoring Teldat GmbH Field Description entry. This corresponds to the status of the Upstream (S,G) State Machine in the PIM-SM specification. Uptime Indicates the timespan since the entry was generated by the local router. Upstream Join Timer Indicates the remaining time until the local router sends out the next periodic (S,G) Join message on pimSGRPFIfIndex.
Page 564 24 Monitoring Teldat GmbH Monitoring Interface-Specific States Fig. 228: Values in the Interface-Specific States list Field Description View Select the desired view from the dropdown menu. Are available: Values in the (*,G,I) States list Field Description Multicast Group Ad- Displays the multicast group address. InetAddressType is dress defined in the pimStarGAddressType object.
Page 565 24 Monitoring Teldat GmbH Field Description Assert State Displays the (*,G) Assert State for this interface. This corres- ponds to the status of the Per-Interface (*,G) Assert State Ma- chinen in the PIM-SM specification. If pimStarGPimMode is 'bid- ir', this object must 'noInfo' be.
Page 566 24 Monitoring Teldat GmbH Field Description Multicast Group Ad- Displays the multicast IP address. InetAddressType is defined dress through the object pimSGAddressType. Source IP Address Displays the source IP address. InetAddressType is defined through the object pimStarGAddressType. Interface Displays the name of the interface.
Page 567: Glossary
Glossary Teldat GmbH Glossary 10 Base 2 Thin Ethernet connection. Network connection for 10-mbps net- works with BNC connector. T-connectors are used for the connec- tion of equipment with BNC sockets. 100Base-T Twisted pair connection, Fast Ethernet. Network connection for 100-mbps networks.
Page 568 Glossary Teldat GmbH the optional wired Ethernet is connected, the signals between the two physical media, the wireless interface and wired interface, are bridged (bridging). Access protection Filters can be used to prevent external persons from accessing the data on the computers in your LAN. These filters are a basic func- tion of a firewall.
Page 569 Glossary Teldat GmbH having to pick up the receiver. Announcement func- Performance feature of a PBX. On suitable telephones (e.g. system tion telephones), announcements can be made as on an intercom. Answering machine You configure an analogue answering machine under "Terminal Type".
Page 570 Glossary Teldat GmbH Automatic callback You urgently need to contact a business partner or internal sub- on busy (CCBS) scriber. However, when you call, you always hear the engaged tone. If you were to receive notification that the subscriber had ended the call, your chance of reaching them would be very good.
Page 571 Glossary Teldat GmbH Base station Central unit of wireless telephone devices. There are two different types: The simple base station is used to charge the handheld unit. For special-feature telephones, the base station can also be used as a telephone, the handheld unit is charged using separate charging stations.
Page 572 Glossary Teldat GmbH Break-in In a PBX, the option of breaking in to an existing call. This is sig- nalled acoustically by an attention tone. Basic Rate Interface Bridge Network component for connecting homogeneous networks. As op- posed to a gateway, bridges operate at layer 2 of the OSI model, are independent of higher-level protocols and transmit data packets using MAC addresses.
Page 573 Glossary Teldat GmbH signment. For each day of the week, you can select any day/night switching time. A calendar has four switch times, which can be spe- cifically assigned to each individual day of the week. Call allocation In a PBX, calls can be assigned to certain terminals.
Page 574 Glossary Teldat GmbH to several different teams, this is not surprising. You can now form various groups of subscribers in which call pickup is possible. A call can only be picked up by subscribers/terminals in the same pickup group. The assignment of subscribers in pickup groups is not de- pendent on the settings in the Day and Night team call assignment.
Page 575 Glossary Teldat GmbH Block Cipher Modes. Cipher Block Chaining CCITT Consultative Committee for International Telegraphy and Telephony CD (Call Deflection) The forwarding of calls. This performance feature enables you to forward a call without having to take it yourself. If you forward a call to an external subscriber, you bear any connection costs from your connection to the destination of the forwarded call.
Page 576 Glossary Teldat GmbH Combination device If an analogue terminal connection of the PBX is set up as a "multi- functional port" for combination devices, all calls are received, re- gardless of the service. In the case of trunk prefixes using codes, the service ID "Analogue Telephony"...
Page 577 Glossary Teldat GmbH Data compression A process for reducing the amount of data transmitted. This enables higher throughput to be achieved in the same transmission time. Ex- amples of this technique include STAC, VJHC and MPPC. Data Link Layer (DLL) Data packet A data packet is used for information transfer.
Page 578 Glossary Teldat GmbH tack host in a LAN with fake requests so that it is completely overloaded. This means the system or a certain service can no longer be run. Data Encryption Standard Destination number Speeddial memory memory DHCP Dynamic Host Configuration Protocol...
Page 579 Glossary Teldat GmbH matically overwritten when the new configuration is transferred to the PBX. Direct dial-in Performance feature of larger PBXs at the point-to-point connection: The extensions can be called directly from outside. Direct dialling range See Extension numbers range...
Page 580 Glossary Teldat GmbH the ring button. Your door intercom can have up to 4 ring buttons. The door opener can be pressed during an intercom call. It is not possible activate the door opener if an intercom call is not taking place.
Page 581 Glossary Teldat GmbH DTMF Dual Tone Multi Frequency (tone dialling system) Dynamic IP address In contrast to a static IP address, a dynamic IP address is assigned temporarily by DHCP. Network components such as the web server or printer usually have static IP address, while clients such as note- books or workstations usually have dynamic IP addresses.
Page 582 Glossary Teldat GmbH Ethernet connec- The 4 connections are led equally through an internal switch. Net- tions work clients can be directly connected to the connection sockets. The ports are designed as 100/BaseT full-duplex, autosensing, auto MDIX upwardly compatible to 10/Base T. Up to 4 SIP telephones or IP softclients with SIP standard can be directly connected to PCs with a network card.
Page 583 Glossary Teldat GmbH via the standard access after a predefined number of attempts, setup is attempted using the second entry then subsequent entries. If the final entry in the list does not enable a connection to be set up successfully, the operation is terminated until a new request is made.
Page 584 Glossary Teldat GmbH Fragmentation Process by which an IP datagram is divided into small parts in order to meet the requirements of a physical network. The reverse pro- cess is known as reassembly. Frame Unit of information sent via a data connection.
Page 585 Glossary Teldat GmbH conduct a call without using your hands. As a result, other people in the room can also participate in the call. Hashing The process of deriving a number (hash) from a character string. A hash is generally far shorter than the text flow it was derived from.
Page 586 Glossary Teldat GmbH host computer. HTTP HyperText Transfer Protocol Network component used to connect several network components together to form a local network (star-shaped). ISDN connection unit, ISDN connection socket. ICMP Internet Control Message Protocol Integrity Check Value Identify malicious You have to request this performance feature from T-Com.
Page 587 Glossary Teldat GmbH al calls. Internal calls Free-of-charge connection between terminals in a PBX. Internal telephone Your PBX has a fixed internal telephone number plan. numbers Internet The Internet consists of a number of regional, local and university networks. The IP protocol is used for data transmission on the Inter- net.
Page 588 Glossary Teldat GmbH the other hand, uses the PC's resources. ISDN Login Function of your gateway. Your gateway can be configured and ad- ministrated remotely using ISDN Login. ISDN Login operates on gateways in the ex works state as soon they are connected to an ISDN connection and therefore reachable via an extension number.
Page 589 Glossary Teldat GmbH Link Control Protocol LDAP Lightweight Directory Access Protocol Lease Time The "Lease Time" is the time a computer keeps the IP address as- signed to it without having to "talk" to the DHCP server. Leased Line Leased line...
Page 590 Glossary Teldat GmbH MPPC Microsoft Point-to-Point Compression MPPE Microsoft Point-to-Point Encryption MSDU MAC Service Data Unit - a data packet that ignores fragmentation in the WLAN. Multiple subscriber number MSSID See SSID Maximum Transmission Unit Multicast A specific form of broadcast in which a message is simultaneously transmitted to a defined user group.
Page 591 Glossary Teldat GmbH NetBIOS Network Basic Input Output System Netmask The second part of an address in an IP network, used for identifica- tion of a device, e.g. 255.255.255.0. See also IP address. Network Your PBX has a DSL router so that one or more PCs can surf the In- ternet and download information.
Page 592 Glossary Teldat GmbH OSPF Open Shortest Path First Outgoing extension The "outgoing extension number signal" is intended for internal con- number signal nections on the point-to-point to which an explicit extension number was not assigned. When an external call is made, the extension number entered under Outgoing Extension Number Signal is also transmitted.
Page 593 The PBX has an internal phone book. You can store up to 300 tele- phone numbers and the associated names. You can access the PBX's phone book with the Teldat devices (for example CS 410). You add entries to the phone book using the configuration interface.
Page 594 Glossary Teldat GmbH Point-to-Point Protocol PPP authentication Security mechanism. A method of authentication using passwords in PPP. PPPoA Point to Point Protocol over ATM PPPoE Point to Point Protocol over Ethernet Primary Rate Interface Primary Rate Inter- ISDN subscriber connection. The PRI consists of one D channel and face (PRI) 30 B channels (in Europe).
Page 595 Glossary Teldat GmbH Recording telephone Performance feature of an answering machine. Enables a conversa- calls tion to be recorded during the telephone call. Remote Remote, as opposed to local. Remote access Opposite to local access, see Remote. Remote CAPI bintec's own interface for CAPI.
Page 596 Glossary Teldat GmbH and the receiver must be lifted or "Hands-free" switched on. If you replace the telephone receiver or turn off "Hands-free", room mon- itored ends and the performance feature is switched off. Room monitoring This function can be used to monitor rooms from an external tele- from external tele- phone.
Page 597 Glossary Teldat GmbH the information providers. The provided information is accessed us- ing the telephone number 0190 which is uniform across Germany plus a 6-digit telephone number. Information offering: Entertainment, weather, finance, sport, health, support and service hotlines. Service 0700 Additional voice service from T-Com.
Page 598 Glossary Teldat GmbH activates the Loudspeaker function so that a conversation can take place immediately. Please see the information on the telephone user's guide on the simplex operation function. Session Initiation Protocol Short Message Service SMS receipt If you have connected an SMS-enabled terminal, you can decide whether SMS receipt is to be permitted for the connection.
Page 599 Glossary Teldat GmbH So connection See ISDN Basic Rate Interface So interface Internationally standardised interface for ISDN systems. This inter- face is provided on the network side by the NTBA . On the user side, the interface is intended for connecting a PBX (point-to-point connection) and for connecting up to eight ISDN terminals (point-to-multipoint connection).
Page 600 Glossary Teldat GmbH Spoofing Technique for reducing data traffic (and thus saving costs), espe- cially in WANs. SSID The Service Set Identifier (SSID) or Network Name refers to the wireless network code based on IEEE 802.11. Secure Sockets Layer A technology, now standard, developed by Netscape, which is generally used to secure HTTP traffic between a web browser and a web server.
Page 601 Glossary Teldat GmbH Suppress B tele- COLP/COLR: Connected line identification presentation/connected phone number line identification restriction = Activate/suppress transmission of (COLR) called party's telephone number to caller. This performance feature suppresses the display of the called subscriber's telephone number. If display of the B telephone number is suppressed, your telephone number is not transmitted to the caller when you take a call.
Page 602 Glossary Teldat GmbH option, which can be used with the existing telephone cable, costs less than two telephone connections but offers far greater quality and ease of use: Two independent lines, so that you can still make a phone call, receive a fax, or surf the Internet when another family member is making a long call on the other line.
Page 603 Glossary Teldat GmbH TAPI Telephony Application Program Interface TAPI configuration You can use the TAPI configuration to modify the TAPI driver in line with the program that uses this driver. You can check which MSN is to be assigned to a terminal, define a line name, and configure the dialling parameters.
Page 604 Glossary Teldat GmbH telephone number is stored in your telephone's caller list. However, because your connection is automatically set to Automatic Outside Line as a result of the ex works settings, you would first have to dial ** for a callback in order to obtain the internal dialling tone, and then 22.
Page 605 Glossary Teldat GmbH Signalling 1) phones. V.11 ITU-T recommendation for balanced dual-current interface lines (up to 10 mbps). V.24 CCITT and ITU-T recommendation that defines the interface between a PC or terminal as Data Terminal Equipment (DTE) and a modem as Data Circuit-terminating Equipment (DCE).
Page 606 Glossary Teldat GmbH Web server Server that provides documents in HTML format for access over the Internet (WWW). Webmail T-Online service with which e-mails can be sent and received world- wide on the Internet by means of a browser. Wired Equivalent Privacy...
Page 607 Glossary Teldat GmbH in ISDN (D channel). X.500 ITU-T standards that cover user directory services, see LDAP. Ex- ample: The phone book is the directory in which you find people on the basis of their name (agreement with the telephone directory).
Page 608: Index
Index Teldat GmbH Address / Subnet Index Addresses Admin Status 211 , 250 Admin Status Administration Administrative Status 327 , 399 , 409 ISDN Timeserver , 416 , 418 , 434 Modem Init Sequence Administrative Access System Admin Password ADSL Line Profile...
Page 609 Index Teldat GmbH ATM Service Category Cache Attacked Access Point Cache Hitrate (%) Authentication 275 , 280 , 285 , 291 , Cache Hits 298 , 368 , 375 Cache Size Authentication ID 404 , 409 Call Number 294 , 301 , 412...
Page 610 Index Teldat GmbH Comfort Noise Generation (CNG) Custom Time Slots , 414 Cyclic Background Scanning Command Mode Command Type Common Name D Channel Mode Compare Condition Data Packets Sequence Numbers Compare Value Compression 94 , 318 , 321 , 368 ,...
Page 611 Index Teldat GmbH Destination IP Address/Netmask Dropping Algorithm , 201 , 211 , 214 , 229 , 333 DSA Key Status Destination IP Address DSCP / TOS Value Destination Port Range DSCP/TOS Filter (Layer 3) 214 , 229 Details DSL Chipset...
Page 612 Index Teldat GmbH Ethernet Interface Selection Fragmentation Threshold Ethernet Ports Frozen Parameters Event Full Filtering Event Type Event List 462 , 467 Event List Condition Garbage Collection Timer Ex works setting Gateway 195 , 448 Exclude from NAT (DMZ) Gateway IP Address...
Page 613 Index Teldat GmbH Internal Log Internal Time Server Internet + Dialup IGMP Internet Key Exchange IGMP Proxy Interval 462 , 467 , 479 , 484 IGMP State Limit Intra-cell Repeating IGMP State Limit Invalid DNS Packets IGMP Status IP Compression...
Page 614 Index Teldat GmbH ISDN Mode Line Speed ISDN Port Line Speed Interval ISDN Ports Link State ID ISDN Switch Type 126 , 130 Load Balancing ISDN Theft Protection Service Load Balancing ISDN Theft Protection Load Balancing Groups ISDN Trunks Local Address...
Page 615 Index Teldat GmbH Management VID Memory Card Manual WLAN Controller IP Address Message Message Compression Manually resetting the device Message Timeout Master down trials Messages Matching String Metric 192 , 195 , 330 Max. incoming control connections per Metric Determination...
Page 616 Index Teldat GmbH 197 , 538 OSPF Mode 294 , 318 , 321 , 369 , NAT method NAT Traversal Other Inactivity NAT Detection Outbound Interface NAT Configuration Outbound Proxy NAT active Outgoing Number NAT Interfaces Outgoing ISDN Number Negative Cache...
Page 617 Index Teldat GmbH Policies Proposals 342 , 350 Policy 100 , 104 Protocol 201 , 211 , 214 , 229 , 333 , Pool Usage 394 , 399 , 401 , 404 , 409 , 444 , Pop-Up window for status indication...
Page 618 Index Teldat GmbH Reverse-Path-Forwarding (RPF) Received DNS Packets , 549 Received Hello Messages RFC 2091 Variable Timer Received Link State Acknowledge Pack- RFC 2453 Variable Timer Received Link State Request Packets RIP Filter RIP Interfaces Received Link State Update Packets...
Page 619 Index Teldat GmbH SCEP URL Service Categories Schedule Interval Session Timeout Schedule (Start / Stop Time) Session Border Controller Mode Scheduling Set status Second Timeserver Set Time Secondary DHCP Server Set COS value (802.1p/Layer 2) Secondary DNS Server Set Date...
Page 620 Index Teldat GmbH Software &Configuration Surveillance Sort Order 406 , 413 Sustained Cell Rate (SCR) Source Switch Port Source Interface 193 , 211 , 261 Sync SAs with ISP interface state Source Location Synchronisation Mode Source Port 193 , 201 , 333...
Page 621 Index Teldat GmbH Transfer own IP address over ISDN/ Upstream Neighbor IP Address 547 , 548 , 548 Transferred Traffic Upstream Override Timer Transmit Key Uptime 71 , 546 , 547 , 548 , 548 , Transmit Power 549 , 550 , 551 , 551...
Page 622 Index Teldat GmbH VLANs VoIP VR Synchronisation VRRP Advertisement VRRP router Walled Garden Walled Garden URL Walled Network / Netmask Web Filter Web Filter Status Weight WEP Key 1-4 Whitelisted Wildcard Wildcard Mode Wildcard MAC Address WINS Server Wire Mode...

This manual is also suitable for:

Bintec r4402 Bintec rt1202 Bintec rt3002 Bintec rt3502 Bintec rt4202 Bintec r3502 ... Show all

Teldat bintec R3002 Manual

Chapter 1 Introduction

Chapter 2 About this Guide

Chapter 3 Installation

Chapter 4 Reset

Chapter 5 Technical Data

Chapter 6 Variable Switching of S0 Interfaces

Chapter 7 Basic Configuration

Chapter 8 Access and Configuration

Chapter 9 Assistants

Chapter 10 System Management

Chapter 11 Physical Interfaces

Chapter 12 LAN

Chapter 13 Wireless LAN Controller

Chapter 14 Networking

Chapter 15 Routing Protocols

Chapter 16 Multicast

Chapter 17 WAN

Chapter 18 VPN

Chapter 19 Firewall

Chapter 20 Voip

Chapter 21 Local Services

Chapter 22 Maintenance

Chapter 23 External Reporting

Chapter 24 Monitoring

Quick Links

Related Manuals for Teldat bintec R3002

Summary of Contents for Teldat bintec R3002