Download Print this page

Funkwerk Bintec R41000 Reference

Bintec r1xxx/r3xxx/r4xxx gateways reference manual

Table Of Contents

page of 518

/ 518
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Quick Links

Download this manual

Manual

Funkwerk Enterprise Communications GmbH

Manual

R1xxx/R3xxx/R4xxx

Reference

Copyright© Version 10.0, 2011 Funkwerk Enterprise Communications GmbH

R1xxx/R3xxx/R4xxx

1

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the Bintec R41000 and is the answer not in the manual?

Questions and answers

Summary of Contents for Funkwerk Bintec R41000

Page 1 Manual Funkwerk Enterprise Communications GmbH Manual R1xxx/R3xxx/R4xxx Reference Copyright© Version 10.0, 2011 Funkwerk Enterprise Communications GmbH R1xxx/R3xxx/R4xxx...
Page 2: Legal Notice
Legal Notice Aim and purpose This document is part of the user manual for the installation and configuration of funkwerk devices. For the latest information and notes on the current software release, please also read our release notes, particularly if you are updating your software to a higher release version. You will find the latest release notes under www.funkwerk-ec.com...
Page 3: Table Of Contents
Table of Contents Funkwerk Enterprise Communications GmbH Table of Contents Chapter 1 Introduction ......1 Chapter 2 About this guide.
Page 4 Table of Contents Funkwerk Enterprise Communications GmbH Chapter 5 Reset ......22 Chapter 6 Technical data .
Page 5 Configuration options ..... . . 8.3.1 Funkwerk Configuration Interface ....8.3.2 SNMP shell .
Page 6 Table of Contents Funkwerk Enterprise Communications GmbH Chapter 11 Physical Interfaces ..... 11.1 AUX ......145 11.1.1...
Page 7 Table of Contents Funkwerk Enterprise Communications GmbH 13.1.1 Radio Settings ......185 13.1.2 Virtual Service Sets ......198 13.1.3...
Page 8 Table of Contents Funkwerk Enterprise Communications GmbH 15.2 OSPF ......255 15.2.1 Areas .
Page 9 Table of Contents Funkwerk Enterprise Communications GmbH 17.3 Leased Line ......319 17.3.1 Interfaces ......319 17.4...
Page 10 Table of Contents Funkwerk Enterprise Communications GmbH 19.2 Interfaces ......386 19.2.1 Groups ......386 19.3...
Page 11 Options ......455 21.10 Funkwerk Discovery ..... . . 457 21.10.1 Device Discovery .
Page 12 Table of Contents Funkwerk Enterprise Communications GmbH 21.13.1 Virtual Routers ......473 21.13.2 VR Synchronisation .
Page 13 Table of Contents Funkwerk Enterprise Communications GmbH Chapter 24 Monitoring ......24.1 Internal Log ......504 24.1.1...
Page 14 Table of Contents Funkwerk Enterprise Communications GmbH 24.10.3 Interface-Specific States ..... 532 Glossary......
Page 15: Chapter 1 Introduction
1 Introduction Funkwerk Enterprise Communications GmbH Chapter 1 Introduction The powerful devices bintec R1xxx/R3xxx/R4xxx have been specially developed for high- speed Internet access and for VPN connections in SMEs and branch offices. Safety notices The safety precautions, which are supplied with your device, tell you what you need to take into consideration when using your bintec gateway.
Page 16 The devices are also designed for use with Dime Manager. The Dime Manager manage- ment tool can locate your Funkwerk devices within the network quickly and easily. The .NET-based application, which is designed for up to 50 devices, offers easy to use func- tions and a comprehensive overview of devices, their parameters and files.
Page 17: Chapter 2 About This Guide
2 About this guide Funkwerk Enterprise Communications GmbH Chapter 2 About this guide This document is valid for bintec devices with system software as of software version 7.10.1. The Reference, which you have in front of you, contains the following chapters:...
Page 18 2 About this guide Funkwerk Enterprise Communications GmbH Chapter Description Firewall VoIP Local Services Maintenance External Reporting Monitoring Glossary The glossary contains a reference to the most important tech- nical terms used in network technology. The index lists all the key terms for operating the device and all...
Page 19 2 About this guide Funkwerk Enterprise Communications GmbH Typographical element Use • Indicates lists. Menu->Submenu Indicates menus and sub-menus in the Funkwerk Configura- tion Interface and Windows interface. File->Open Non-proportional Indicates commands that you must enter as written. (Courier), e.g.
Page 20: Chapter 3 Installation
3 Installation Funkwerk Enterprise Communications GmbH Chapter 3 Installation Caution Please read the safety notices carefully before installing and starting up your device. These are supplied with the device. 3.1 Setting up and connecting Note All you need for this are the cables and antennas supplied with the equipment.
Page 21 3 Installation Funkwerk Enterprise Communications GmbH R3000w Fig. 2: Connection options using the example of R1xxx/R3xxx/R4xxx...
Page 22 3 Installation Funkwerk Enterprise Communications GmbH R43000 Fig. 3: Connection options using the example of R1xxx/R3xxx/R4xxx...
Page 23 3 Installation Funkwerk Enterprise Communications GmbH R41000 Fig. 4: Connection options using the example of When setting up and connecting, carry out the steps in the following sequence (refer to the connection diagrams for the individual devices in chapter Technical data...
Page 24 The right X.21 interface can also be enabled if licensed. • UMTS (only R1200wu) Insert the UMTS card into the CardBus / UMTS slot. The device is now prepared for configuration using the Funkwerk Configuration Interface. R1xxx/R3xxx/R4xxx...
Page 25: Cleaning
3 Installation Funkwerk Enterprise Communications GmbH 3.2 Cleaning You can clean your device easily. Use a damp cloth or antistatic cloth. Do not use solvents. Never use a dry cloth; the electrostatic charge could cause electronic faults. Make sure that no moisture can enter the device and cause damage.
Page 26: Chapter 4 Basic Configuration
Funkwerk Enterprise Communications GmbH Chapter 4 Basic configuration You configure your device using the Funkwerk Configuration Interface . The way to obtain the basic configuration is explained below step-by-step. Detailed know- ledge of networks is not necessary. A detailed online help system gives you extra support.
Page 27: System Requirements
This installation is optional and not essential for the configuration or operation of the device. 4.3.1 Gathering data You can gather the main data for configuration with the Funkwerk Configuration Inter- face quickly, because you do not need any information that requires in-depth knowledge of networks.
Page 28 4 Basic configuration Funkwerk Enterprise Communications GmbH The following table shows examples of possible values for the necessary access data. You can enter your personal data in the "Your values" column, so that you can refer to these values later when needed.
Page 29 4 Basic configuration Funkwerk Enterprise Communications GmbH Access data Example value Your values User account (12 digits) T-Online number (usually 12 digits) Joint user account Note To configure T-Online Internet access, in the User Name field, enter the following suc-...
Page 30: Configuring A Pc
Security setting 4.3.2 Configuring a PC In order to reach your device via the Funkwerk Configuration Interface and to be able to carry out configuration, the PC used for the configuration has to satisfy some prerequisites. • Make sure that the TCP/IP protocol is installed on the PC.
Page 31: Modify System Password
The computer now has an IPSec configuration. Note You can now launch Funkwerk Configuration Interface for configuration by entering the IP address of your device (192.168.0.254) in a supported browser (Internet Ex- plorer 6 or later, Mozilla Firefox 1.2 or later) and entering the pre-configured login in-...
Page 32: Setting Up An Internet Connection
Internet connection. To make it easier to configure an ADSL internet connection, the Funkwerk Configuration Interface has a wizard to guide you through the connection set- up process simply and quickly. A selection of preconfigured connections from leading pro- viders (T-Home, Arcor) makes configuration even easier.
Page 33: Other Internet Connections
(e.g. a cable modem) or an external gateway. The corresponding wizard in Funkwerk Configura- tion Interface provides support for configurations of this type. You can find the Internet wizards and other wizards for easy configuration of various applications at the top of the menu tree under Assistants.
Page 34: Software Update
The range of functions of bintec devices is continuously being extended. These extensions are made available to you by Funkwerk Enterprise Communications GmbH free of charge. Checking for new software versions and the installation of updates can be carried out eas- ily with the Funkwerk Configuration Interface .
Page 35 4 Basic configuration Funkwerk Enterprise Communications GmbH The device will now connect to the Funkwerk Enterprise Communications GmbH download server and check whether an updated version of the system software is available. If so, your device will be updated automatically. When installation of the new software is com- plete, you will be invited to restart the device.
Page 36: Chapter 5 Reset
5 Reset Funkwerk Enterprise Communications GmbH Chapter 5 Reset If the configuration is incorrect or if your device cannot be accessed, you can reset the device to the ex works standard settings using a special reset procedure. Practically al existing configuration data will then be ignored, only the current user pass- words are retained.
Page 37 Note If you delete the boot configuration using the Funkwerk Configuration Interface (menu Maintenance->Software & Configuration ), all passwords will also be reset and the current boot configuration deleted. The next time, the device will boot with the standard ex works settings.
Page 38: Chapter 6 Technical Data
6 Technical data Funkwerk Enterprise Communications GmbH Chapter 6 Technical data This chapter summarises all the hardware properties of the R1200, R1200w, R1200wu, R3000, R3000w, R3400, R3800, R4100 and R4300 devices. 6.1 Scope of supply Your device is supplied with the following parts:...
Page 39 6 Technical data Funkwerk Enterprise Communications GmbH Cable sets/mains unit/ Software Documentation other R3000w Ethernet cable Companion DVD Quick Install Guide (printed) ISDN cable User's Guide (on DVD) Serial connecting cable Release Notes, if required Mains unit Safety notices 2 DSL cables (for Annex A...
Page 40: General Product Features
6 Technical data Funkwerk Enterprise Communications GmbH Cable sets/mains unit/ Software Documentation other X.21 DCE (optional) V.35 DTE (optional) 6.2 General Product Features The general product features cover performance features and the technical prerequisites for installation and operation of your device.
Page 41 6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R1200 bintec R1200w bintec R1200wu Relative atmospheric 10 % to 90 % non- 10 % to 90 % non- 10 % to 90 % non- humidity condensing in operation, condensing in operation,...
Page 42 6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R1200 bintec R1200w bintec R1200wu PPPoE, PPPoA, Call- PPPoE, PPPoA, Call- PPPoE, PPPoA, Call- back, Access Control back, Access Control back, Access Control Lists, CLID, NAT, SIF, Lists, CLID, NAT, SIF,...
Page 43 6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R3000 bintec R3000w Environmental require- ments: Storage temperature -20 # to +70 # -20 # to +70 # Operating temperature 0° to 40 # 0° to 40 # Relative atmospheric...
Page 44 6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R3000 bintec R3000w SAFERNET TM Se- Community passwords, PAP, CHAP, Community passwords, PAP, CHAP, curity Technology MS-CHAP, MS-CHAP v.2, PPTP, MS-CHAP, MS-CHAP v.2, PPTP, PPPoE, PPPoA, Callback, Access PPPoE, PPPoA, Callback, Access...
Page 45 6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R3400 bintec R3800 ments: Storage temperature -20 # to +70 # -20 # to +70 # Operating temperature 0° to 40 # 0° to 40 # Relative atmospheric 10 % to 90 % non-condensing in op-...
Page 46 6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R3400 bintec R3800 SAFERNET TM Se- Community passwords, PAP, CHAP, Community passwords, PAP, CHAP, curity Technology MS-CHAP, MS-CHAP v.2, PPTP, MS-CHAP, MS-CHAP v.2, PPTP, PPPoE, PPPoA, Callback, Access PPPoE, PPPoA, Callback, Access...
Page 47 6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R4100 bintec R4300 ments: Storage temperature -20 # to +70 # -20 # to +70 # Operating temperature 0° to 40 # 0° to 40 # Relative atmospheric 10 % to 90 % non-condensing in op-...
Page 48: Leds
6 Technical data Funkwerk Enterprise Communications GmbH Product name bintec R4100 bintec R4300 with PPTP or IPSec with PPTP or IPSec Dime Manager on DVD Dime Manager on DVD Software supplied Printed documentation Quick Install Guide Quick Install Guide supplied...
Page 49 6 Technical data Funkwerk Enterprise Communications GmbH Status Information Status Permanently on or Error. flashing The device is active. ETH 1 to 5 The device is connected to the Ethernet. Top row flashing Data traffic via the Ethernet interface. ETH 1 to 5 Data traffic with 100 mbps.
Page 50 6 Technical data Funkwerk Enterprise Communications GmbH The LEDs on bintec R1200w are arranged as follows: bintec R1200w Fig. 6: LEDs on In operation mode, the LEDs on bintec R1200w display the following status information for your device: LED status display...
Page 51 6 Technical data Funkwerk Enterprise Communications GmbH Status Information ISDN-1 B/D ISDN D-channel is active. Top row ISDN-1 B/D One ISDN B channel is active. Bottom row flashing Both ISDN B channels are active. MA / HA flashing BRRP packets are received.
Page 52 6 Technical data Funkwerk Enterprise Communications GmbH Status Information Status Permanently on or Error. flashing The device is active. ETH 1 to 5 The device is connected to the Ethernet. Top row flashing Data traffic via the Ethernet interface. ETH 1 to 5 Data traffic with 100 mbps.
Page 53 6 Technical data Funkwerk Enterprise Communications GmbH Status Information WLAN flashing Data traffic via the WLAN interface. Top row WLAN slow flashing The WLAN module is active. Bottom row At least one WLAN client is connected. The LEDs on bintec R3000 are arranged as follows: bintec R3000 Fig.
Page 54 6 Technical data Funkwerk Enterprise Communications GmbH Status Information ISDN-0 B/D ISDN D-channel is active. Top row ISDN-0 B/D One ISDN B channel is active. Bottom row flashing Both ISDN B channels are active. ISDN-1 B/D ISDN D-channel is active.
Page 55 6 Technical data Funkwerk Enterprise Communications GmbH bintec R3000w Fig. 9: LEDs on In operation mode, the LEDs on bintec R3000w display the following status information for your device: LED status display Status Information Power The power supply is connected.
Page 56 6 Technical data Funkwerk Enterprise Communications GmbH Status Information ISDN-1 B/D One ISDN B channel is active. Bottom row flashing Both ISDN B channels are active. ADSL flashing The device synchronises with the DSLAM of the ADSL provider. Top row The device has successfully synchronised with the DSLAM of the ADSL provider.
Page 57 6 Technical data Funkwerk Enterprise Communications GmbH your device: LED status display Status Information Power The power supply is connected. Status Permanently on or Error. flashing The device is active. ETH 1 to 5 The device is connected to the Ethernet.
Page 58 6 Technical data Funkwerk Enterprise Communications GmbH Status Information flashing Data traffic over the SHDSL wire pair 4-5. SHDSL-2/1 The wire pair 7-8 on the SHDSL line has suc- cessfully synchronized with the DSLAM of the Top row SHDSL provider.
Page 59 6 Technical data Funkwerk Enterprise Communications GmbH Status Information ISDN-0 B/D ISDN D-channel is active. Top row ISDN-0 B/D One ISDN B channel is active. Bottom row flashing Both ISDN B channels are active. MA / HA flashing BRRP packets are received.
Page 60 6 Technical data Funkwerk Enterprise Communications GmbH bintec R4100 Fig. 12: LEDs on In operation mode, the LEDs on bintec R4100 display the following status information for your device: LED status display Status Information Power The power supply is connected.
Page 61 6 Technical data Funkwerk Enterprise Communications GmbH Status Information ISDN-3/2 ISDN-2: ISDN D-channel is active. Top row flashing ISDN-2: At least one ISDN B channel is active. ISDN-3/2 ISDN-3: ISDN D-channel is active. Bottom row flashing ISDN-3: At least one ISDN B channel is active.
Page 62 6 Technical data Funkwerk Enterprise Communications GmbH LED status display Status Information Power The power supply is connected. Status Permanently on or Error. flashing The device is active. ETH 1 to 5 The device is connected to the Ethernet. Top row flashing Data traffic via the Ethernet interface.
Page 63: Connectors
6 Technical data Funkwerk Enterprise Communications GmbH Status Information flashing X.21 1: Data traffic. X.21 2/1 X.21 2: Connection is set up. Bottom row flashing X.21 2: Data traffic. MA / HA flashing BRRP packets are received. Top row MA / HA A user is logged in to the system (e.g.
Page 64 6 Technical data Funkwerk Enterprise Communications GmbH ETH1 / Console Ethernet interface with serial interface function ISDN-0 - ISDN-1 ISDN interface bintec R1200w has a 4-port Ethernet switch including a port with serial interface function, a DMZ/ETH5 interface and two ISDN interfaces.
Page 65 6 Technical data Funkwerk Enterprise Communications GmbH bintec R1200wu Fig. 16: Back of Back of bintec R1200wu Mains switch Socket for plug-in power pack DMZ/ETH5 Ethernet interface Main and AUX RSMA connection ETH2 - ETH4 Ethernet interface ETH1 / Console...
Page 66 6 Technical data Funkwerk Enterprise Communications GmbH ETH1 / Console Ethernet interface with serial interface function ISDN-0 - ISDN-1 ISDN interface ADSL ADSL interface bintec R3000w has a 4-port Ethernet switch including a port with serial interface function, a DMZ/ETH5 interface, two ISDN interfaces and an ADSL interface.
Page 67 6 Technical data Funkwerk Enterprise Communications GmbH bintec R3400 Fig. 19: Back of Back of bintec R3400 Mains switch Socket for plug-in power pack DMZ/ETH5 Ethernet interface ETH2 - ETH4 Ethernet interface ETH1 / Console Ethernet interface with serial interface function...
Page 68 6 Technical data Funkwerk Enterprise Communications GmbH ISDN ISDN interface SHDSL SHDSL interface bintec R4100 has a 4-port Ethernet switch including a port with serial interface function, a DMZ/ETH5 interface, four ISDN interfaces and two ISDN-PRI interfaces. The connections are arranged as follows: bintec R4100 Fig.
Page 69: Pin Assignments
6 Technical data Funkwerk Enterprise Communications GmbH Back of bintec R4300 Mains switch Socket for plug-in power pack DMZ/ETH5 Ethernet interface ETH2 - ETH4 Ethernet interface ETH1 / Console Ethernet interface with serial interface function ISDN-0 - ISDN-1 ISDN interface X.21 / V.35...
Page 70: Isdn S0 Port
6 Technical data Funkwerk Enterprise Communications GmbH Function Not used RD - Not used Not used The Ethernet 10/100 BASE-T interface does not have an Auto-MDI-X function. The pin assignment for the Ethernet 10/100 Base-T interface (RJ45 socket) is as follows:...
Page 71: Isdn-Pri Interface
6 Technical data Funkwerk Enterprise Communications GmbH RJ45 socket for ISDN connection Function Not used Not used Transmit (+) Receive (+) Receive (-) Transmit (-) Not used Not used 6.5.3 ISDN-PRI interface Both of the ISDN PRI interfaces on bintec R4100 are connected via an RJ45 plug. The cable supplied connects the RJ45 plug needed for the device to an RJ45 plug needed for the PRI connection.
Page 72: Cardbus Interface (Pcmcia)
6 Technical data Funkwerk Enterprise Communications GmbH Function Not used Note for NTs in Germany Note In Germany, "Transmit" (NT-->TE) is often designated "S2Mab" (a and b) on the plug and "Receive" (TE-->NT) "S2Man" (a and b). 6.5.4 CardBus interface (PCMCIA) The CardBus interface on bintec R1200wu allows a UMTS CardBus modem to be added to the system.
Page 73 6 Technical data Funkwerk Enterprise Communications GmbH Function Description CCBE0# Command/Byte possible 0 CAD9 Mpx address/data 9 CAD11 Mpx address/data 11 CAD12 Mpx address/data 12 CAD14 Mpx address/data 14 CCBE1# Command/Byte possible 1 CPAR CardBus Parity CPERR# CardBus Parity error...
Page 74 6 Technical data Funkwerk Enterprise Communications GmbH Function Description CAD6 Mpx address/data 6 Reserved CAD8 Mpx address/data 8 CAD10 Mpx address/data 10 CVS1 Voltage ID 1 CAD13 Mpx address/data 13 CAD15 Mpx address/data 15 CAD16 Mpx address/data 16 Reserved CBLOCK#...
Page 75: Adsl Interface
6 Technical data Funkwerk Enterprise Communications GmbH 6.5.5 ADSL interface The ADSL interface on bintec R3000 and R3000w is connected via an RJ45 plug. The cable supplied connects the RJ45 plug needed for the device to an RJ45 plug provided for Annex A.
Page 76 R3800 Fig. 29: SHDSL interface (RJ45 connector) The use of wire pairs can be configured in the Funkwerk Configuration Interface . The pin assignment for the SHDSL interface (RJ45 connector) is as follows: RJ45 socket for SHDSL connection bintec R3800...
Page 77: Interface
6 Technical data Funkwerk Enterprise Communications GmbH Function Line a4 Line b4 Line a3 Line a1 Line b1 Line b3 Line a2 Line b2 6.5.7 X.21 interface bintec R4300 has two X.21 interfaces The connection is made via a 26-pole mini Delta ribbon socket: Fig.
Page 78 6 Technical data Funkwerk Enterprise Communications GmbH Signal Pin no. X.21 X.21 V.35 V.35 V.36 V.36 (DB-15) (DB-15) (M34) (M34) (DB-37) (DB-37) CBS (B) A9 (9) CBS (A) A10 (10) RxC (B) A11 (11) RxC (A) A12 (12) Mode A13 (13)
Page 79: Weee Information
6 Technical data Funkwerk Enterprise Communications GmbH 6.6 WEEE information R1xxx/R3xxx/R4xxx...
Page 80: Chapter 7 Variable Switching Of S0 Interfaces
7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH Chapter 7 Variable switching of S0 interfaces 7.1 Switching the S0 interfaces from external to in- ternal The devices bintec R1200, bintec R3000 and bintec R4100 have two or four BRI connec- tions.
Page 81 7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH To carry out the switch proceed as follows: Unscrew the two screws on the back of the device and slide the cover upwards. The link plugs for the BRI-1 and BRI-2 interfaces can be found on all devices on the main PCB behind the terminal block.
Page 82 7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH Interface Link plug Position Position area 100 Ohm terminator BRI-2 You can also switch the interfaces BRI-3 and BRI-4. The link plugs are on the side of the ISDN-L module.
Page 83 7 Variable switching of S0 interfaces Funkwerk Enterprise Communications GmbH * "on" is only permitted, if J3M BRI-3 is set to internal mode and J4M BRI-4 is set to extern- al mode. Interface Link plug Position Position area Internal/external switching...
Page 84: Chapter 8 Access And Configuration
• Via an ISDN connection 8.1.1 Access via LAN Access via one of the Ethernet interfaces of your device allows you to open the Funkwerk Configuration Interface in a web browser for configuration purposes and to access your device via Telnet or SSH.
Page 85 8 Access and configuration Funkwerk Enterprise Communications GmbH 8.1.1.2 Telnet Apart from configuration using a web browser, with a Telnet connection you can also ac- cess the SNMP shell and use other configuration options. You do not need any additional software on your PC to set up a Telnet connection to your device: Telnet is available on all operating systems.
Page 86 (see example at above). If no keys are available, you have to generate these first. Proceed as follows: (1) Leave the Flash Management shell with (2) Call the Funkwerk Configuration Interface and log on to your device (see Calling the Funkwerk Configuration Interface on page 79).
Page 87: Access Via The Serial Interface
8 Access and configuration Funkwerk Enterprise Communications GmbH Login via SSH Proceed as follows to log in on your device via SSH: If you have made sure that all the keys needed are available on the device, you have to check whether an SSH client is installed on your PC.
Page 88 8 Access and configuration Funkwerk Enterprise Communications GmbH dows installation. However, you can also use any other terminal program that can be set to the corresponding parameters (see below). Proceed as follows to access your device via the serial interface: (1) In the Windows Start menu, click Programs ->...
Page 89: Access Over Isdn
8 Access and configuration Funkwerk Enterprise Communications GmbH Example of a command line for using Example of a command line for using 8.1.3 Access over ISDN All devices that have an ISDN interface can be accessed and configured from another device via an ISDN call.
Page 90: User Names And Passwords In Ex Works State
8 Access and configuration Funkwerk Enterprise Communications GmbH A login prompt appears first, regardless of how you access your device. You cannot view any information on the device or change the configuration without authentication. 8.2.1 User names and passwords in ex works state...
Page 91: Configuration Options
(2) Enter your password in the Password field of the input window and confirm with Re- turn or click the Login button. The status page of the Funkwerk Configuration Interface opens in the browser. SNMP shell Log into the SNMP shell as follows: , and confirm with Return.
Page 92: Funkwerk Configuration Interface
8.3.1 Funkwerk Configuration Interface The Funkwerk Configuration Interface is a web-based graphic user surface that you can use from any PC with an up-to-date web browser via an HTTP or HTTPS connection. You can use the Funkwerk Configuration Interface to carry out all configuration tasks easily.
Page 93 (5) Enter in the User field and in the Password field and click LOGIN. You are not in the status menu of your device's Funkwerk Configuration Interface (see Status on page 98). R1xxx/R3xxx/R4xxx...
Page 94 8 Access and configuration Funkwerk Enterprise Communications GmbH 8.3.1.2 Operating elements Funkwerk Configuration Interface window The Funkwerk Configuration Interface window is divided into three areas: • The header • The navigation bar • The main configuration window Funkwerk Configuration Interface Fig.
Page 95 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function • Save configuration, then exit. • Exit without saving. Navigation bar Fig. 35: Save Configuration button Fig. 36: Menus The Save configuration button is found in the navigation bar. R1xxx/R3xxx/R4xxx...
Page 96 You can see at a glance the sub-menu you are in. Status page If you call the Funkwerk Configuration Interface , the status page of your device is dis- played after you log in. The most important data of your device can be seen on this at a glance.
Page 97 Immediately starts the configured action. Calls the sub-menu to create a new entry. Inserts an entry in an internal list. Funkwerk Configuration Interface buttons for special functions Button Function In the Access Point Discovery menu, with this button you start the automatic recognition of all access points available in the network and connected by Ethernet.
Page 98 Triggers a WLAN bandscan. Displays the next page in a list. Displays the previous page in a list. You can select the following operating functions in the list view: Funkwerk Configuration Interface list options Menu Function Update Interval Here you can set the interval in which the view is to be updated.
Page 99 Fig. 37: Configuration of the update interval Fig. 38: Filter list Structure of the Funkwerk Configuration Interface configuration menus The menus of the Funkwerk Configuration Interface contain the following basic struc- tures: Funkwerk Configuration Interface menu structure Menu...
Page 100 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function Text field with hidden input Enter the data. Radio buttons e.g. Select the corresponding option. Checkboxes e.g. activation by selecting checkbox Selection of several possible options Dropdown menus e.g. Click the arrow to open the list. Select the required option using the mouse.
Page 101 Pay particular attention to the following message: "Warning: Changes not supported by the Setup Tool!" If you makes these changes with the Funkwerk Configuration Interface , this can cause inconsistencies or mal- functions. Therefore, it is recommended that the configuration is continued with the Setup Tool.
Page 102 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function Wireless LAN involves the set-up of a network using wireless Wireless LAN technology. VoIP PBX in LAN The assistant is required, e.g. for specific PBX in the LAN, such as Hybird in order to guarantee SIP compatibility. To do this, external communication is carried out over a single IP address and NAT is realised as full-cone NAT.
Page 103 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function Ethernet Ports In this menu, you configure the Ethernet interfaces of your device. To do this, you select the speed and type of interface, for example. ISDN Ports In this menu, you configure the ISDN interface of your device.
Page 104 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function WLAN In this menu, you configure your wireless modules as an access point or as an access client. Administration In this menu, you make the basic WLAN settings. Networking Menu...
Page 105 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function Internet + Dialup In this menu, you define the Internet connections for the various connection protocols or dialup connections. In this menu, you carry out configuration of the ATM profiles that are needed for all the ADSL connections and also connection monitoring (OAM) and ATM QoS.
Page 106 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function Media Gateway In this menu, you configure a network transition between vari- ous telecommunication networks. RTSP In this menu, you configure the use of the RealTime Streaming protocol. Local Services...
Page 107 8 Access and configuration Funkwerk Enterprise Communications GmbH Menu Function Diagnostics In this menu you can test the accessibility of hosts, DNS servers or routing. Software In this menu, you can manage your device's configuration files. &Configuration You can save them either locally on your device or on your computer, for example.
Page 108: Snmp Shell
Base) in the form of MIB tables and MIB variables. You can read and modify these directly via the SNMP browser. Caution This configuration method assumes an in-depth system knowledge of Funkwerk devices! 8.3.2 SNMP shell SNMP (Simple Network Management Protocol) is a protocol that defines how you can ac- cess the configuration settings.
Page 109: Bootmonitor
8 Access and configuration Funkwerk Enterprise Communications GmbH 8.4 BOOTmonitor The BOOTmonitor is only available over a serial connection to the device. The BOOTmonitor provides the following functions, which you select by entering the cor- responding number: (1) Boot System (reboot the system): The device loads the compressed boot file from the flash memory to the working memory.
Page 110 8 Access and configuration Funkwerk Enterprise Communications GmbH After display of the BOOTmonitor prompt, press the space bar within four seconds to use the functions of the BOOTmonitor. If you do not make an entry within four seconds, the device changes back to normal operating mode.
Page 111: Assistants
9 Assistants Funkwerk Enterprise Communications GmbH Chapter 9 Assistants The Assistants menu offers step-by-step instructions for the following basic configuration tasks: • First steps • Internet Access • VPN • Wireless LAN • SWYX (only with active optional DSP module) •...
Page 112: Chapter 10 System Management
10.1 Status If you log into the Funkwerk Configuration Interface , your device's status page is dis- played, which shows the most important system information. You see an overview of the following data: •...
Page 113 10 System Management Funkwerk Enterprise Communications GmbH Field Value Last configuration Displays day, date and time of the last saved configuration (boot stored configuration in flash). Fields in the Resource Information menu Field Value CPU Usage Displays the CPU usage as a percentage.
Page 114: Global Settings
10 System Management Funkwerk Enterprise Communications GmbH Field Value • Downstream/Upstream Line Speed Interface Specifics for WLAN Interfaces: Access Point Mode: • Operation Mode: Access Point or Off • The channel used on this wireless module • Number of connected clients •...
Page 115 10 System Management Funkwerk Enterprise Communications GmbH Field Value System Name Enter the system name of your device. This is also used as the PPP host name. A character string of up to 255 characters is possible. The device type is entered as the default value.
Page 116: Passwords
10 System Management Funkwerk Enterprise Communications GmbH Field Value • : Messages with emergency, alert, critical, error, warning and notice priority are recorded. • (default value): Messages with emergency, alert, critical, error, warning, notice and information priority are recorded. •...
Page 117: Date And Time
10 System Management Funkwerk Enterprise Communications GmbH Fields in the PasswordsSNMP Communities menu Field Value SNMP Read Com- Enter the password for the user name munity SNMP Write Com- Enter the password for the user name munity Field in the PasswordsGlobal Password Options menu...
Page 118 10 System Management Funkwerk Enterprise Communications GmbH If a value other than Universal Time Coordinated (UTC), option , has been chosen for the Time Zone, the switch from summer to winter time must be carried out manually when required. Time server You can obtain the system time automatically, e.g.
Page 119 10 System Management Funkwerk Enterprise Communications GmbH Field Description Set Time Enter a new time. Format: • Hour: hh • Minute: mm Fields in the Date and TimeAutomatic Time Settings (Time Protocol) menu Field Description ISDN Timeserver Define whether the time information received at an incoming ISDN connection is used to update the system time.
Page 120 10 System Management Funkwerk Enterprise Communications GmbH Field Description • (default value): This server uses the simple network time protocol with UDP port 123. • : This server uses the time service with UDP port 37. • : This server uses the time service with TCP port 37.
Page 121: System Licences
10 System Management Funkwerk Enterprise Communications GmbH Field Description seconds. If certificates are used to encrypt data traffic in a VPN, it is ex- tremely important that the correct time is set on the device. To ensure this is the case, for Time Update Policy, select the...
Page 122 10 System Management Funkwerk Enterprise Communications GmbH In the System Management->Global Settings->System Licences->New menu, a list of all registered licences is displayed (Description, Licence Type, Licence Serial Number, Status). Possible values for Status Licence Meaning Subsystem is activated. Not OK Subsystem is not activated.
Page 123: Interface Mode / Bridge Groups
10 System Management Funkwerk Enterprise Communications GmbH • Enter the licence data again. • Check your hardware serial number. is displayed as the status, you have entered a license for a sub- system that your device does not support. This means you cannot use the functions of this licence.
Page 124 10 System Management Funkwerk Enterprise Communications GmbH Example: The name of the Ethernet port is made up of the following parts: (a) ETH, where en stands for Ethernet (b) Number of the port Example: The names of the interfaces connected to an Ethernet port are made up of the following...
Page 125: Interfaces
10 System Management Funkwerk Enterprise Communications GmbH Example: (first client link on the first wireless module) The names of the virtual interfaces connected to an Ethernet port are made up of the fol- lowing parts: (a) Abbreviation for interface type...
Page 126: Administrative Access
10 System Management Funkwerk Enterprise Communications GmbH Field Description • : No interface is defined as configuration interface. • : Select the interface to be used for con- figuration. If this interface is in a bridge group, it is assigned the group's IP address when it is taken out of the group.
Page 127 10 System Management Funkwerk Enterprise Communications GmbH these in the Service/Support section at www.funkwerk-ec.com To be able to reach the shell of your device via an SSH client, make sure the settings for the SSH Daemon and SSH client are the same.
Page 128 10 System Management Funkwerk Enterprise Communications GmbH Field Value corded. • : All messages are recorded. Fields in the SSHAuthentication and Encryption Parameters menu Field Value Encryption Algorithms Select the algorithms that are to be used to encrypt the SSH connection.
Page 129: Snmp
10 System Management Funkwerk Enterprise Communications GmbH Field Value If the status is displayed, generation of a key is not possible, for example because there is not enough space in the FlashROM. DSA Key Status Shows the status of the DSA key.
Page 130: Remote Authentication
10 System Management Funkwerk Enterprise Communications GmbH Fields in the SNMPBasic Settings menu Field Value SNMP Version Select the SNMP version your device is to use to listen for ex- ternal SNMP accesses. Possible values: • : SNMP Version 1 •...
Page 131 10 System Management Funkwerk Enterprise Communications GmbH For an incoming connection, your device sends a request with user name and password to the RADIUS server, which then searches its database. If the user is found and can be au- thenticated, the RADIUS server sends corresponding confirmation to your device. This con- firmation also contains parameters (called RADIUS attributes), which your device uses as WAN connection parameters.
Page 132 10 System Management Funkwerk Enterprise Communications GmbH Field Value ACCOUNTING_STOP Client -> Server If a RADIUS server is used for accounting, your device sends an accounting message to the RADIUS server at the end of each connection. A list of all entered RADIUS servers is displayed in the System Management->Remote Authentication->RADIUS menu.
Page 133 10 System Management Funkwerk Enterprise Communications GmbH Field Value In standard applications, leave the value set to Possible values for hotspot applications: • : For France Telecom hotspot applications. • : For bintec hotspot applications. Server IP Address Enter the IP address of the RADIUS server.
Page 134 10 System Management Funkwerk Enterprise Communications GmbH Field Value • : Select a predefined group from the list. The menu Advanced Settings consists of the following fields Fields in the Advanced Settings menu Field Value Policy Select how your device is to react if a negative response to a re- quest is received.
Page 135 10 System Management Funkwerk Enterprise Communications GmbH Field Value (dialup connection), this can cause additional costs if the server for a long time. The function is activated by selecting The function is enabled by default. Retries Enter the number of retries for cases when there is no response to a request.
Page 136: Tacacs
10 System Management Funkwerk Enterprise Communications GmbH 10.5.2 TACACS+ TACACS+ permits access control for your device, network access servers (NAS) and other network components via one or more central servers. Like RADIUS, TACACS+ is an AAA protocol and offers authentication, authorisation and accounting services (TACACS+ Accounting is currently not supported by bintec devices).
Page 137 10 System Management Funkwerk Enterprise Communications GmbH Field Description Priority Assign a priority to the current TACACS+ server. The server with the lowest value is the one used first for TACACS+ login authentication. If there is no response or access is denied (only...
Page 138: Options
10 System Management Funkwerk Enterprise Communications GmbH Field Description The possible values are , the default value is . Block Time Enter the time in seconds for which the current server is to re- main in blocked status. At the end of the block time, the server is set to the status spe- cified in the Entry active field.
Page 139: Certificates
10 System Management Funkwerk Enterprise Communications GmbH Field Description • : Only inband RADIUS requests (PAP,CHAP, MS- CHAP V1 & V2) (i.e. PPP requests without CLID) are sent to the RADIUS server defined in Server IP Address. • : Only outband RADIUS requests (i.e. re- quests for calling line identification = CLID) are sent to the RADIUS server.
Page 140: Certificate List
10 System Management Funkwerk Enterprise Communications GmbH 10.6.1 Certificate List A list of all existing certificates is displayed in the System Management->Certificates->Certificate List menu. 10.6.1.1 Edit Click the icon to display the content of the selected object (key, certificate, or request).
Page 141 10 System Management Funkwerk Enterprise Communications GmbH Field Description • : The set- tings of the higher level certificate are used, if one exists. It is does not, the same procedure is used as that described under "Only if a CRL Distribution Point is present".
Page 142 10 System Management Funkwerk Enterprise Communications GmbH Fields in the Certificate ListCertificate Request menu Field Description Certificate Request De- Enter a unique description for the certificate. scription Mode Select the way in which you want to request the certificate. Possible settings: •...
Page 143 10 System Management Funkwerk Enterprise Communications GmbH Field Description • : In CA Name, enter the name of the CA certificate of the certification authority (CA) from which you wish to request your certificate, e.g. . Your CA ad- ministrator can provide you with the necessary data.
Page 144 10 System Management Funkwerk Enterprise Communications GmbH Fields in the Certificate ListSubject Name menu Field Description Custom Select whether you want to enter the name components of the subject name individually as specified by the CA or want to enter a special subject name.
Page 145 10 System Management Funkwerk Enterprise Communications GmbH Field Description Country Only for Custom = disabled. Enter the country according to CA. The menu Advanced Settings consists of the following fields: Fields in the Advanced SettingsSubject Alternative Names menu Field Description...
Page 146: Crls
10 System Management Funkwerk Enterprise Communications GmbH The menu System Management->Certificates->Certificate List->Import consists of the following fields: Fields in the Certificate ListImport menu Field Description External Filename Enter the file path and name of the certificate to be imported, or use Browse...
Page 147: Certificate Servers
10 System Management Funkwerk Enterprise Communications GmbH The System Management->Certificates->CRLs->Import menu includes the following fields: Fields in the CRLsCRL Import menu Field Description External Filename Enter the file path and name of the CRL to be imported, or use Browse... to select it from the file browser.
Page 148 10 System Management Funkwerk Enterprise Communications GmbH Field Description Description Enter a unique description for the certificate server. LDAP URL Path Enter the LDAP URL or the HTTP URL of the server. R1xxx/R3xxx/R4xxx...
Page 149: Chapter 11 Physical Interfaces
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Chapter 11 Physical Interfaces In this menu, you configure the physical interfaces that you have used when connecting your gateway. The configuration interface only shows the interfaces that are available on your device. In the System Management->Status menu, you can see a list of all physical interfaces and information on whether the interfaces are connected or active and whether they have already been configured.
Page 150 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : The Baud rate of the serial terminal connection is retained. (9600 in ex works state) All other values mean that the modem is addressed at the cor- responding speed in bps.
Page 151: Ethernet Ports
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description command ATX3&K3\V1 is the default setting (the modem does not wait for a free signal before dialling). You can add other AT commands by separating them with semicolons. The entry is limited to 50 characters. Make sure you enter the command for activating the XON/XOFF software flow control.
Page 152: Port Configuration
11 Physical Interfaces Funkwerk Enterprise Communications GmbH The interfaces can be used separately. They are logically separated from each other, each port being assigned the desired logical Ethernet interface in the Ethernet Interface Selec- tion field of the Port Configuration menu. For each assigned Ethernet interface, another interface is displayed in the list in the LAN->IP Configuration menu, and a completely in-...
Page 153 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Ethernet Interface Se- Assign a logical Ethernet interface to the switch port. lection You can select from five interfaces, . In the ba- sic setting, switch ports 1-4 are assigned to interface...
Page 154: Isdn Ports
11 Physical Interfaces Funkwerk Enterprise Communications GmbH 11.3 ISDN Ports In this menu, you configure the ISDN interfaces of your device. Here you enter data such as the type of ISDN connection to which your gateway is connected. You can use the ISDN interfaces of your gateway for various types of use.
Page 155 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Autoconfiguration on Select whether the ISDN switch type (D channel detection for Bootup switched line) is to be automatically identified. The function is enabled with The function is enabled by default.
Page 156 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Select the ISDN protocol supplied by your provider. Possible values: • : Leased line over B channel 1 (64 kbps) • : Leased line over both B chan- nels (128 kbps) •...
Page 157 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Select the service for which you want to use X.31 TEI. Possible values: • • • (default value) are only for the use of X.31 TEI for CAPI applications. For , the TEI value set in the CAPI ap- plication is used.
Page 158 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : You can select a leased line. • : EQ-SIG S2M User Profile • : Q-SIG S2M Network Profile ISDN Line Framing Only if Port Usage is selected. Select the framing type for layer 1.
Page 159 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : The device sends no IE (Information Element) for channel identification. The exchange selects the channel to be used. • : The device selects the channel to be used and signals this to the exchange.
Page 160 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description er as so-called hyper channels. You can also group together channels as PPP multilink channel bundles. Timeslots divide the available 2 Mbps bandwidth of an S2M connection into logical channels. No distinction is made below between timeslots and channels, as the difference is immaterial for configuration purposes.
Page 161: Msn Configuration
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Timeslot Matrix Only if Timeslot Selection = Shows a list of all channels in detail. If you do not wish to use all the chan- nels between a certain start and end channel for a channel bundle, you can make a selective assignment here.
Page 162 11 Physical Interfaces Funkwerk Enterprise Communications GmbH • X.25 PAD: X.25 PAD is used to provide a protocol converter, which converts non- packet-oriented protocols to packet-oriented communication protocols and vice versa. Data terminal equipment sending or receiving data on a non-data-packet-oriented basis can this be adapted in line with Datex-P (public data packet network based on the prin- ciple of a packet switching exchange).
Page 163: Adsl Modem
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : Other services can be selected: (Allows 64 kpbs PPP data connections), (Allows 56 kpbs PPP data connections), (Allows PPP connections with V.110 and bitrates of 9,600 bps, 14,400 bps, 19,200 bps, 38,400 bps), (Allows PPP connections with V.120).
Page 164 11 Physical Interfaces Funkwerk Enterprise Communications GmbH celeration. Up to 100 additional IPSec tunnels can also be enabled if licensed. The integ- rated second ISDN S0 interface can also be enabled by licence if required. The menu Physical Interfaces->ADSL Modem->ADSL Configuration consists of the fol-...
Page 165 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Fields in the ADSL ConfigurationDSL Parameter menu Field Description DSL Mode Define which Annex of ITU-T Recommendation G.991.2 is used for the connection. Possible values: • : For applications in North America (provider-dependent) for example.
Page 166: Shdsl
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : The data rate in the send direction is reduced to a maximum of 128,000 bps to 2,048,000 bps in defined steps. • :The data rate is reduced to the value entered in Maximum Upstream Bandwidth.
Page 167 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Fields in the SHDSLSHDSL Parameters menu Field Description ATM Interface Displays the name of the ATM interface. Device Mode Define the role within the connection. Possible values: • (default value): Mode for the user page of the SHDSL connection.
Page 168 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : Two wires are used with m-pair bonding for a clock rate of 192 kbps to 5696 kbps. • : Four wires are used with m-pair bonding for a clock rate of 384 kbps to 11392 kbps.
Page 169: Serial Ports
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Under Minimum select the minimum clock rate, and under Maximum select the maximum clock rate for the connection. 11.6 Serial Ports 11.6.1 Options In the Serial Portsmenu, configure the serial WAN interface of your gateway.
Page 170 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description fields, the interface type is automat- ically detected. The detected value is displayed, e.g. If you select in the Detection Mode fields, you must set the interface type field manually. Possible values: •...
Page 171: Umts/Hsdpa
11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description Layer 2 Mode Define the value of the HDLC address field in the transmitted command frames (Layer 2). Possible values: • (default value): The selection made for connector is applied. You can usually accept this setting, e.g. for access to a public data network such as Datex-P.
Page 172 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Fields in the UMTS/HSDPA/HSUPABasic Parameters menu Field Description UMTS/HSDPA/HSUPA Select whether the chosen UMTS modem should be enabled or Status disabled. The function is enabled with The function is disabled by default. Modem Status Shows the status of the UMTS/HSDPA/HSUPA modem.
Page 173 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description • : GPRS is preferentially used; should GPRS not be available, UMTS is used. • : UMTS is preferentially used; should UMTS not be available, GPRS is used. Note An incoming data call (PPP dialin or ISDN login via V.110) can generally only be set up via GSM.
Page 174 11 Physical Interfaces Funkwerk Enterprise Communications GmbH Field Description can add other AT commands if required by separating them with semicolons. The entry is limited to 80 characters. APN (Access Point Only for UMTS/HSDPA/HSUPA Status = Name) If GPRS/UMTS is to be used, you must enter the so-called Ac- cess Point Name here that you receive from your provider.
Page 175: Chapter 12 Lan
12 LAN Funkwerk Enterprise Communications GmbH Chapter 12 LAN In this menu, you configure the addresses in your LAN and can structure your local network using VLANs. 12.1 IP Configuration In this menu, you can edit the IP configuration of the LAN and Ethernet interfaces of your device.
Page 176 12 LAN Funkwerk Enterprise Communications GmbH 12.1.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create virtual inter- faces. The LAN->IP Configuration->Interfaces-> menu consists of the following fields: Fields in the InterfacesBasic Parameters menu...
Page 177 12 LAN Funkwerk Enterprise Communications GmbH Field Description Address is optional in this module. MAC Address Only with virtual interfaces and only for Interface Mode = Enter the MAC address associated with the interface. For virtual interfaces, you can use the MAC address of the physical inter- face under which the virtual interface was created, but this is not necessary.
Page 178: Vlan
12 LAN Funkwerk Enterprise Communications GmbH Field Description addresses by UNICAST do not respond to DHCP requests with the set BROADCAST bit. In this case, it is necessary to send DHCP requests in which this bit is not set. In this case, disable this option.
Page 179: Vlans
12 LAN Funkwerk Enterprise Communications GmbH Caution For interfaces that operate in Routing mode, you only assign a VLAN ID to the inter- face. You define this via the parameters Interface Mode = and field VLAN ID in menu LAN->IP Configuration->Interfaces->New.
Page 180: Administration
12 LAN Funkwerk Enterprise Communications GmbH Fields in the Port Configuration menu Field Description Interface Shows the port for which you define the PVID and processing rules. PVID Assign the selected port the required PVID (Port VLAN Identifi- er). If a packet without a VLAN tag reaches this port, it is assigned this PVID.
Page 181: Chapter 13 Wireless Lan
13 Wireless LAN Funkwerk Enterprise Communications GmbH Chapter 13 Wireless LAN In the case of wireless LAN (WLAN = Wireless Local Area Network), this relates to the cre- ation of a network using wireless technology. Network functions Like a wired network, a WLAN offers all the main network functions. Access to servers, files, printers, and the e-mail system is just as reliable as company-wide Internet access.
Page 182: Radio Settings
13 Wireless LAN Funkwerk Enterprise Communications GmbH Depending on the model, one or two WLAN modules, WLAN 1 and, where relevant, WLAN 2, are available. 13.1.1 Radio Settings In the Wireless LAN->WLAN->Radio Settings menu, an overview of all the configuration options for the WLAN module is displayed.
Page 183 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Select the Channelto be used. Operation Band Select the operation band and usage area of the wireless mod- ule. For Operation Mode = Possible values: • (default value): Your device is operated at 2.4 GHz (mode 802.11b and mode 802.11g), in-...
Page 184 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description IEEE 802.11d Compli- Only for Operation Mode = ance Select how the country information is determined. Possible values: • (default value): The system attempts to determine the country information of the access point, otherwise the system's own country information is used.
Page 185 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description In Access Client mode, you may only select the proper channel in Client Mode = Possible values: • For Operation Band = Possible values are (default value). • For Operation Band =...
Page 186 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description • Fields in the Radio SettingsPerformance Settings menu Field Description Wireless Mode Only for Operation Band = Select the wireless technology that the access point is to use. Possible values: •...
Page 187 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description ticularly effective in 11b/g mixed operation. The function is enabled with The function is activated by default. If problems occur with older WLAN hardware, this function should be deactivated. Nitro XM...
Page 188 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Beacon Period Only for Operation Mode = with Client Mode Enter the time in milliseconds between the sending of two beacons. This value is transmitted in Beacon and Probe Response Frames.
Page 189 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description The default value is . Long Retry Limit Enter the maximum number of send attempts for a data packet that is longer than the value defined in RTS Threshold After this many failed attempts, the packet is discarded.
Page 190 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Max. Transmit MSDU Enter the time from sending of the first fragment of a data pack- Lifetime et as of which no further send attempts are made. The data packet is discarded.
Page 191 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description work. • : Specify the individual roaming paramet- ers. Scan Threshold Indicates the value in dBm above which the system scans for available wireless networks in the background. The value can only be modified for Roaming Profile = .
Page 192 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description RTS Threshold Select how the RTS/CTS mechanism is to be switched on/off. If you choose , in the input field you can specify the data packet length threshold in bytes (1..2346) as of which the RTS/CTS mechanism is to be used.
Page 193: Virtual Service Sets
), you can edit or create the desired wire- less networks in the menu Wireless LAN->WLAN->Virtual Service Sets-> ->/New. Note The preset wireless network Funkwerk-EC has the following security settings in the ex works state: • Security Mode = • WPA Mode = •...
Page 194 13 Wireless LAN Funkwerk Enterprise Communications GmbH Setting network names In contrast to a LAN set up over Ethernet, a wireless LAN does not have any cables for set- ting up a permanent connection between the server and clients. Access violations or faults may therefore occur with directly adjacent radio networks.
Page 195: Access Control
13 Wireless LAN Funkwerk Enterprise Communications GmbH tication instance in the form of a server (e.g. a RADIUS server) is used in these cases. PSK (preshared keys) are usually used in smaller networks, such as those seen in SoHo (Small office, Home office).
Page 196 13 Wireless LAN Funkwerk Enterprise Communications GmbH A list of all WLAN networks is displayed in the Wireless LAN->WLAN->Virtual Service Sets menu. 13.1.2.1 Edit or New icon to edit existing entries. Choose the Newbutton to configure additional Choose the wireless networks.
Page 197 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Select whether voice or video prioritisation via WMM (Wireless Multimedia) is to be activated for the wireless network so that optimum transmission quality is always achieved for time-critical applications. Data prioritisation is supported in accordance with DSCP (Differentiated Services Code Point) or IEEE802.1d.
Page 198 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Enter the WEP key. Enter a character string with the right number of characters for the selected WEP mode. For you need a character string with 5 characters, for with 13 characters, e. g.
Page 199: Wds Links
13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Enter the WPA password. Enter an ASCII string with 8 - 63 characters. Note: Change the default Preshared Key! If the key has not been changed, your device will not be protected against unau-...
Page 200 13 Wireless LAN Funkwerk Enterprise Communications GmbH Important The WDS link can only be configured in the 2.4 GHz band and in the 5 GHz band in- door if the channel is NOT The number of channels that can be selected depends on the country setting. Please con- sult the data sheet for your device.
Page 201 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Option is active by default. Fields in the WDS Security Settings menu Field Description Privacy Select whether an encryption method is to be used for this WDS link and if so, which one.
Page 202: Client Link
13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description • Direct entry of ASCII characters Enter a character string with the right number of characters for the selected WEP mode. For you need a character string with 5 characters, for with 13 characters, e.
Page 203 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description Network Name (SSID) Enter the name of the wireless network (SSID). Enter an ASCII string with a maximum of 32 characters. Fields in the Client LinkSecurity Settings menu Field Description Security Mode Select the security mode (encryption and authentication) for the wireless network.
Page 204 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description • : Only WPA2 is used. Preshared Key Only for Security Mode = Enter the WPA password. Enter an ASCII string with 8 - 63 characters. WPA Cipher Only for Security Mode = and WPA Mode = Select which encryption method should be used.
Page 205: Administration
13 Wireless LAN Funkwerk Enterprise Communications GmbH Fields in the Client LinkScan menu Field Description Client Link Description Displays the name of the client link you configured. Action Start the scan by clicking on Scan. If the antennas are installed correctly on both sides and LOS is free, the client finds available clients and displays them in the following list.
Page 206 13 Wireless LAN Funkwerk Enterprise Communications GmbH Field Description The range of channels available for selection (Channel in the Wireless LAN->WLAN->Radio Settingsmenu) changes de- pending on the country setting. The default value is R1xxx/R3xxx/R4xxx...
Page 207: Chapter 14 Networking
14 Networking Funkwerk Enterprise Communications GmbH Chapter 14 Networking 14.1 Routes Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available. If you set up access to the Internet, you must configure the route to your Internet Service Provider (ISP) as a default route.
Page 208 14 Networking Funkwerk Enterprise Communications GmbH Field Description The function is activated by selecting The function is disabled by default. Fields in the IP RoutesRoute Parameters menu Field Description Route Type Select the type of route. Possible values: • (default value): Route to a network.
Page 209 14 Networking Funkwerk Enterprise Communications GmbH Field Description forward the IP packets. Gateway Only for Network Type = Enter the IP address of the host to which your device is to for- ward the IP packets. Metric Select the priority of the route.
Page 210 14 Networking Funkwerk Enterprise Communications GmbH Field Description • : Entry of server port numbers: 5000 ... 32767. • : Entry of client port numbers: 1024 ... 4999. • : Entry of client port numbers: 32768 ... 65535. • : Entry of unprivileged port numbers: 1024 ...
Page 211: Options
14 Networking Funkwerk Enterprise Communications GmbH Field Description • : The TOS value is specified in binary format, e.g. 00111111. • : The TOS value is specified in decimal format, e.g. 63. Enter the relevant value for Mode Select when the interface defined in Route Parameters ->Inter- face is to be used.
Page 212: Nat
14 Networking Funkwerk Enterprise Communications GmbH Field Description Mode Select how the interfaces to be activated for Back Route Verify are to be specified. Possible values: • : Back Route Verify is activ- ated for all interfaces. • (default value): A list of all interfaces is displayed in which Back Route Verify is only enabled for specific interfaces.
Page 213: Nat Interfaces
14 Networking Funkwerk Enterprise Communications GmbH 14.2.1 NAT Interfaces Network Address Translation (NAT) is a function on your device for defined conversion of source and destination addresses of IP packets. If NAT is activated, IP connections are still only allowed by default in one direction, outgoing (forward) (= protective function). Excep-...
Page 214: Nat Configuration
14 Networking Funkwerk Enterprise Communications GmbH 14.2.2 NAT Configuration In the Networking->NAT->NAT Configuration menu you can exclude data from NAT simply and conveniently as well as translate addresses and ports. For outgoing data traffic you can configure various NAT methods, i.e. you can determine how an external host es- tablishes a connection to an internal host.
Page 215 14 Networking Funkwerk Enterprise Communications GmbH Field Description ternally valid source port. Possible values: • (UDP only): Any given external host may send IP packets via the external address and the external port to the initiating source address and the initial source port.
Page 216 14 Networking Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value) • • • • • • • • • • • • • • • • • • • • • • • • • • •...
Page 217 14 Networking Funkwerk Enterprise Communications GmbH Field Description Only for Type of traffic = , NAT Source Port method = and Service = . Enter the source port of the original data packets. The default setting means that the port remains unspecified.
Page 218: Load Balancing
14 Networking Funkwerk Enterprise Communications GmbH Field Description Enter the source IP address and corresponding netmask to which the original source IP address is to be translated. New Source Port Only for Type of traffic = Leave the source port as it appears or enter a new source port to which the original source port is to be translated.
Page 219 14 Networking Funkwerk Enterprise Communications GmbH The menu Networking->Load Balancing->Load Balancing Groups->New consists of the following fields: Fields in the Load Balancing GroupsBasic Parameters menu Field Description Group Description Enter the desired description of the interface group. Distribution Policy Select the way the data traffic is to be distributed to the inter- faces configured for the group.
Page 220: Qos
14 Networking Funkwerk Enterprise Communications GmbH In the Interface area, you add interfaces that match the current group context and config- ure these. You can also delete interfaces. Use Add to create more entries. Fields in the Load Balancing GroupsInterface Selection for Distribution menu...
Page 221 14 Networking Funkwerk Enterprise Communications GmbH The Networking->QoS->QoS Filter->New menu consists of the following fields: Fields in the QoS FilterBasic Parameters menu Field Description Description Enter the name of the filter. Service Select one of the preconfigured services. The extensive range of services configured ex works includes the following: •...
Page 222 14 Networking Funkwerk Enterprise Communications GmbH Field Description • (default value): All TCP packets match the filter. Destination IP Ad- Enter the destination IP address of the data packets and the dress/Netmask corresponding netmask. Destination Port/Range Only for Protocol = Enter a destination port number or a range of destination port numbers.
Page 223: Qos Classification
14 Networking Funkwerk Enterprise Communications GmbH Field Description priority of IP packets (indicated in decimal format). Additional information on DSCP and TOS in RFC's 3260 and 1349. COS Filter Enter the service class of the IP packets (Class of Service, (802.1p/Layer 2)
Page 224 14 Networking Funkwerk Enterprise Communications GmbH Field Description Filter Select an IP filter. If the class plan is new, select the filter to be set at the first point of the class plan. If the class plan already exists, select the filter to be attached to the class plan.
Page 225: Qos Interfaces/Policies
14 Networking Funkwerk Enterprise Communications GmbH Field Description tagrams remains unchanged. • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format, 6 bit). • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format).
Page 226 14 Networking Funkwerk Enterprise Communications GmbH Depending on the respective interface, a queue is created automatically for each class, but only for data traffic classified as outgoing and for data traffic classified in both directions. A priority is assigned to these automatic queues. The value of the priority is equal to the value of the class ID.
Page 227 14 Networking Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. Maximum Upload Only for Traffic shaping enabled. Speed Enter a maximum data rate for the queue in the send direction in kbits. Possible values are The default value is , i.e. no limits are set, the queue can oc- cupy the maximum bandwidth.
Page 228 14 Networking Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is disabled by default. Control Mode Only for Real Time Jitter Control enabled. Select the mode for optimising voice transmission. Possible values: • : All RTP streams are optimised. The function activates the RTP stream detection mechanism for the automatic detection of RTP streams.
Page 229 14 Networking Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): Queue for data classified as “normal” . • : Queue for data classified as “high priority” . • : Queue for data that has not been classified or data of a class for which no queue has been configured.
Page 230 14 Networking Funkwerk Enterprise Communications GmbH Field Description The data rate limit applies to the selected queue. (This is not the limit that can be defined on the interface.) The function is enabled with The function is disabled by default.
Page 231: Access Rules
14 Networking Funkwerk Enterprise Communications GmbH Field Description Dropping Algorithm Choose the procedure for rejecting packets in the QoS queue, if the maximum size of the queue is exceeded. Possible values: • (default value): The newest packet received is dropped.
Page 232 14 Networking Funkwerk Enterprise Communications GmbH You define filters for IP packets in order to allow or block access from or to the various hosts in connected networks. This enables you to prevent undesired connections being set up via the gateway. Access lists define the type of IP traffic the gateway is to accept or deny.
Page 233: Access Filter
14 Networking Funkwerk Enterprise Communications GmbH A number of separate rule chains can be created. The same filter can also be used in dif- ferent rule chains. You can also assign a rule chain individually to each interface. Caution Make sure you don’t lock yourself out when configuring filters.
Page 234 14 Networking Funkwerk Enterprise Communications GmbH Field Description • • • The default value is Protocol Select a protocol. option (default value) matches any protocol. Type Only if Protocol = Possible values: • • • • • • • •...
Page 235 14 Networking Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value) • : Enter the IP address of the host. • : Enter the network address and the related net- mask. Destination Port/Range Only if Protocol = Enter the destination port number or range of destination port numbers that matches the filter.
Page 236: Rule Chains
14 Networking Funkwerk Enterprise Communications GmbH Field Description packets (indicated in decimal format). • : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in hexadecimal format). • : The TOS value is specified in binary format, e.g.
Page 237: Interface Assignment
14 Networking Funkwerk Enterprise Communications GmbH Field Description • (default value): You can create a new rule chain with this setting. • : Select an already existing rule chain, and thus add another rule to it. Description Enter the name of the rule chain.
Page 238 14 Networking Funkwerk Enterprise Communications GmbH 14.5.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure additional assignments. The Networking->Access Rules->Interface Assignment->New menu consists of the fol- lowing fields: Fields in the Interface AssignmentBasic Parameters menu...
Page 239: Chapter 15 Routing Protocols
15 Routing Protocols Funkwerk Enterprise Communications GmbH Chapter 15 Routing Protocols 15.1 RIP The entries in the routing table can be defined statically or the routing table can be updated constantly by dynamic exchange of routing information between several devices. This ex- change is controlled by a Routing Protocol, e.g.
Page 240 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): RIP is not enabled. • : Enables sending and receiving of version 1 RIP packets. • : Enables sending and receiving of version 2 RIP packets.
Page 241: Rip Filter
15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Possible values: • (not for LAN interfaces, interfaces in Bridge mode and interfaces for leased lines): Routes are propagated if the interface status is up or ready. • (default value): Routes are only propagated if the interface status is up.
Page 242: Rip Options
15 Routing Protocols Funkwerk Enterprise Communications GmbH Fields in the RIP FilterBasic Parameters menu Field Description Interface Select the interface to which the rule to be configured applies. IP Address / Netmask Enter the IP address and netmask to which the rule is to be ap- plied.
Page 243 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description ceiving RIP updates, is only for test purposes. If the setting is changed, this can mean that your device sends and listens at a port that no other devices use. The default value should be retained.
Page 244 15 Routing Protocols Funkwerk Enterprise Communications GmbH Fields in the RIP OptionsTimer for RIP V2 (RFC 2453) menu Field Description Update Timer Only for RFC 2453 Variable Timer = An RIP update is sent on expiry of this period of time.
Page 245: Ospf
15 Routing Protocols Funkwerk Enterprise Communications GmbH 15.2 OSPF OSPF (Open Shortest Path First) is a dynamic routing protocol that is frequently used in larger networks as an alternative to RIP. It was originally developed to avoid a number of limitations of RIP (when used in larger networks).
Page 246: Areas
15 Routing Protocols Funkwerk Enterprise Communications GmbH It is possible to increase security by authenticating the OSPF packets, so that the gateways can participate in Routing Domains using predefined passwords. It is recommended that several areas are defined in larger networks. If more than one area is configured, one of these areas must possess the area ID 0.0.0.0, which defines the...
Page 247 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description ted. The function is enabled with The function is activated by default. Import summary Only for Import external routes = routes Define whether summary LSAs (routing information generated by Area Border Gateway) are to be sent to the stub area.
Page 248: Interfaces
15 Routing Protocols Funkwerk Enterprise Communications GmbH 15.2.2 Interfaces In the Routing Protocols->OSPF->Interfaces menu, a list of all interfaces is displayed. Caution If your interfaces are not only to be assigned to Backbone Area 0.0.0.0, you must first define OSPF areas in the Routing Protocols+OSPF+Areas menu.
Page 249 15 Routing Protocols Funkwerk Enterprise Communications GmbH Field Description Metric Determination Defines how the metric of this interface is calculated. Possible values: • (default value): The metric is automatically set on the basis of the interface speed. : Enter a specific value in Metric (direct routes).
Page 250: Global Settings
15 Routing Protocols Funkwerk Enterprise Communications GmbH 15.2.3 Global Settings The Routing Protocols->OSPF->Global Settings menu contains global OSPF paramet- ers. OSPF is activated on the gateway. The Routing Protocols->OSPF->Global Settings menu includes the following fields: Fields in the Global SettingsGlobal OSPF Settings menu...
Page 251: Chapter 16 Multicast
16 Multicast Funkwerk Enterprise Communications GmbH Chapter 16 Multicast What is multicasting? Many new communication technologies are based on communication from one sender to several recipients. Therefore, modern telecommunication systems such as voice over IP or video and audio streaming (e.g. IPTV or Webradio) focus on reducing data traffic, e.g. by offering TriplePlay (voice, video, data).
Page 252: General
16 Multicast Funkwerk Enterprise Communications GmbH dedicated host, but rather a group, i.e. during the routing of multicast packets, the decisive factor is whether a recipient is in a logged-in subnet. In the local network, all hosts are required to accept all multicast packets. For Ethernet or FDD, this is based on MAC mapping, where the group address is encoded into the destina- tion MAC address.
Page 253: General
16 Multicast Funkwerk Enterprise Communications GmbH 16.1.1 General In the Multicast->General->General menu you can disable or enable the multicast func- tion. The Multicast->General->General menu consists of the following fields: Fields in the GeneralBasic Settings menu Field Description Multicast Routing Select whether Multicast Routing should be used.
Page 254 16 Multicast Funkwerk Enterprise Communications GmbH The Multicast->IGMP->IGMP->New menu consists of the following fields: Fields in the IGMPIGMP Settings menu Field Description Interface Select the interface on which IGMP is to be enabled, i.e. queries are sent and responses are accepted.
Page 255: Options
16 Multicast Funkwerk Enterprise Communications GmbH Field Description IGMP State Limit Limit the number of reports/queries per second for the selected interface. Mode Specify whether the interface defined here only works in host mode or in both host mode and routing mode.
Page 256: Forwarding
16 Multicast Funkwerk Enterprise Communications GmbH Field Description IGMP Status Select the IGMP status. Possible values: • (default value): Multicast is activated automatically for hosts if the hosts open applications that use multicast. • : Multicast is always on. •...
Page 257: Pim
16 Multicast Funkwerk Enterprise Communications GmbH 16.3.1.1 New Choose the New button to create forwarding rules for new multicast groups. The Multicast->Forwarding->Forwarding->New menu consists of the following fields: Fields in the ForwardingBasic Parameters menu Field Description All Multicast Groups Select whether all multicast groups, i.e. the complete multicast address range 224.0.0.0/4, are to be forwarded from the defined...
Page 258: Pim Interfaces
16 Multicast Funkwerk Enterprise Communications GmbH 16.4.1 PIM Interfaces A list of all PIM interfaces is displayed in the Multicast->PIM->PIM Interfaces menu. 16.4.1.1 Edit or New icon to edit existing entries. To configure PIM lists, select the New button. Choose the The Multicast->PIM->PIM Interfaces->New menu consists of the following fields:...
Page 259 16 Multicast Funkwerk Enterprise Communications GmbH Field Description The value means that no PIM Hello messages are sent on this interface. Possible values: seconds. The default value is Triggered Hello Inter- Define the maximum waiting time until a PIM Hello message is sent after a system boot or after a reboot of a neighbour.
Page 260: Pim Rendezvous Points
16 Multicast Funkwerk Enterprise Communications GmbH Field Description The default value is Propagation Delay Define the value entered in the Propagation Delay field. This field is part of the LAN Prune Delay option in the PIM Hello messages, which are sent on this interface.
Page 261: Pim Options
16 Multicast Funkwerk Enterprise Communications GmbH Fields in the PIM Rendezvous PointsPIM Rendezvous Point Settings menu Field Description Multicast Group Range Select the Multicast group for the PIM Rendezvouz point. You can enter (default value), or specify a multicast network segment by selecting...
Page 262 16 Multicast Funkwerk Enterprise Communications GmbH Field Description PIM Status Select whether PIM should be activated. The function is activ- ated by selecting The function is disabled by default. Keepalive Period Enter the interval in seconds within which a KeepAlive message must be sent.
Page 263: Chapter 17 Wan
17 WAN Funkwerk Enterprise Communications GmbH Chapter 17 WAN This menu offers various options for configuring accesses or connections from your LAN to the WAN. You can also optimise voice transmission here for telephone calls over the Inter- net. 17.1 Internet + Dialup In this menu, you can set up Internet access or dialup connections.
Page 264 17 WAN Funkwerk Enterprise Communications GmbH Field Description specified number of seconds) administratively set to down (deactivated); connection setup not possible for leased lines: Default Route With a default route, all data is automatically forwarded to one connection if no other suit- able route is available.
Page 265: Pppoe
17 WAN Funkwerk Enterprise Communications GmbH enter a common password and two codes. You get this information, for example, from your Internet Service Provider (ISP) or the system administrator at your head office. If the data you entered on your device is the same as the caller's data, the call is accepted. The call is rejected if the data is not the same.
Page 266 17 WAN Funkwerk Enterprise Communications GmbH 17.1.1.1 New Choose the New button to set up new PPPoE interfaces. The menu WAN->Internet + Dialup->PPPoE->New consists of the following fields: Fields in the PPPoEBasic Parameters menu Field Description Description Enter a name to uniquely identify the PPPoE partner. The first character in this field must not be a number No special charac- ters or umlauts must be used.
Page 267 17 WAN Funkwerk Enterprise Communications GmbH Field Description User Name Enter the user name. Password Enter the password. VLAN Certain Internet service providers require a VLAN-ID. Activate this function to be able to enter a value under VLAN ID. VLAN ID Only if VLAN is enabled.
Page 268 17 WAN Funkwerk Enterprise Communications GmbH Field Description • : You enter a static IP address. Default Route Select whether the route to this connection partner is to be defined as the default route. The function is enabled with The function is enabled by default.
Page 269 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values are The default value is . Authentication Select the authentication protocol for this connection partner. Select the authentication specified by your provider. Possible values: • (default value): Only run PAP (PPP Password Authentic- ation Protocol);...
Page 270: Pptp
17 WAN Funkwerk Enterprise Communications GmbH Field Description it possible to switch to a backup connection more quickly in the event of line faults. The function is enabled with The function is disabled by default. Enter the maximum packet size (Maximum Transfer Unit, MTU) in bytes that is allowed for connection between the partners.
Page 271 17 WAN Funkwerk Enterprise Communications GmbH Field Description port to which the modem is connected. When using the internal DSL modem, select here the EthoA in- terface configured in Physical Interfaces->ATM->Profiles->New for this connection, e.g. User Name Enter the user name.
Page 272 17 WAN Funkwerk Enterprise Communications GmbH Field Description • : You enter a static IP address. Default Route Select whether the route to this connection partner is to be defined as the default route. The function is enabled with The function is enabled by default.
Page 273 17 WAN Funkwerk Enterprise Communications GmbH Field Description Dialup Retries tion before the interface is blocked. Possible values are The default value is . Authentication Select the authentication protocol for this Internet connection. Select the authentication specified by your provider.
Page 274: Pppoa
17 WAN Funkwerk Enterprise Communications GmbH Field Description PPTP Address Mode Displays the address mode. The value cannot be changed. Possible values: • : The IP address of the Ethernet port selected in PPTP Interface is used. Local PPTP IP Address Assign the PPTP interface an IP address that is used as the source address.
Page 275 17 WAN Funkwerk Enterprise Communications GmbH Fields in the PPPoABasic Parameters menu Field Description Description Enter a name for uniquely identifying the connection partner. The first character in this field must not be a number No special characters or umlauts must be used.
Page 276 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): Your device is dynamically assigned an IP address. • : You enter a static IP address. Default Route Select whether the route to this connection partner is to be defined as the default route.
Page 277 17 WAN Funkwerk Enterprise Communications GmbH Field Description fault value is Maximum Number of Enter the number of unsuccessful attempts to setup a connec- Dialup Retries tion before the interface is blocked. Possible values are The default value is .
Page 278: Isdn
17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. LCP Alive Check Check whether the reachability of the remote terminal is to be checked by sending LCP echo requests or replies. This is re- commended for leased lines, PPTP and L2TP connections.
Page 279 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values: • : For 64-kbps ISDN data connections. • : For 56-kbps ISDN data connections. User Name Enter your device code (local PPP user name). Remote User (for Dial- Enter the code of the remote terminal (remote PPP user name).
Page 280 17 WAN Funkwerk Enterprise Communications GmbH Field Description Default Route Only if IP Address Mode = Select whether the route to this connection partner is to be defined as the default route. The function is enabled with The function is disabled by default.
Page 281 17 WAN Funkwerk Enterprise Communications GmbH Fields in the Advanced Settings menu Field Description Block after connection Enter the wait time in seconds before the device should try failure for again after an attempt to set up a connection has failed.
Page 282 17 WAN Funkwerk Enterprise Communications GmbH Field Description lect this option. Encryption Only for Authentication = If necessary, select the type of encryption that should be used for data traffic to the connection partner. This is only possible if STAC or MS-STAC compression is not activated for the con- nection.
Page 283 17 WAN Funkwerk Enterprise Communications GmbH Field Description • : Your device calls back after ap- prox. four seconds if your device is requested to do so by the connection partner. Only makes sense for CLID. • : Like with the option of termination.
Page 284 17 WAN Funkwerk Enterprise Communications GmbH Field Description Mode Only if Entries = Defines whether Call Number should be used for incoming or outgoing calls or for both. Possible values: • (default value): For incoming and outgoing calls. • : For incoming calls, where your connection part- ner dials in to your device.
Page 285: Aux
17 WAN Funkwerk Enterprise Communications GmbH Field Description . In the case of , your device only responds to the ARP request; the connection is not set up un- til someone actually wants to use the route. • : Your device responds to an ARP request only if the status of the connection to the connection partner is , i.e.
Page 286 17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is disabled by default. Only activate this option if you have Internet access with a flat- rate charge. Connection Idle Only if Always on is disabled.
Page 287 17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is enabled by default. Local IP Address Only if IP Address Mode = Enter the static IP address of the connection partner. Route Entries Only if IP Address Mode = Define other routing entries for this connection partner.
Page 288 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): No special type is selected. • : The interface is used for incoming dialup connections and callbacks initiated externally. • : The interface is defined as multi-user connection partner, i.e. several clients dial in with the same user name and password.
Page 289 17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. LCP Alive Check Check whether the reachability of the remote terminal is to be checked by sending LCP echo requests or replies. This makes it possible to switch to a backup connection more quickly in the event of line faults.
Page 290 17 WAN Funkwerk Enterprise Communications GmbH Field Description crosoft client also has the option of aborting callback and maintaining the initial connection to your device without call- back. This only applies if no fixed, outgoing number has been configured for the connection partner. This is done by pressing CANCEL to close the dialog box that appears.
Page 291: Ip Pools
17 WAN Funkwerk Enterprise Communications GmbH Field Description sponds to the ARP request; the connection is not set up until someone actually wants to use the route. • : Your device responds to an ARP request only if the status of the connection to the connection partner is , i.e.
Page 292: Profiles
17 WAN Funkwerk Enterprise Communications GmbH ATM is currently used in high-speed networks. You will need ATM, for example, if you want high-speed access to the Internet via the integrated ADSL or SHDSL modem. In an ATM network, different applications such as speech, video and data, can be transmit- ted side-by-side in the asynchronous time multiplex procedure.
Page 293 17 WAN Funkwerk Enterprise Communications GmbH Note The ATM encapsulations are described in RFCs 1483 and 2684. You will find the RFCs on the relevant pages of the IETF (www.ietf.org/rfc.html 17.2.1.1 New Choose the New button to set up new ATM profiles.
Page 294 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values are The default value is . Virtual Channel Identi- Only for Provider = fier (VCI) Enter the VCI value of the ATM connection. The VCI is the iden- tification number of the virtual channel. A virtual channel is the logical connection for the transport of ATM cells between two or more points.
Page 295 17 WAN Funkwerk Enterprise Communications GmbH over ATM) Field Description Default Ethernet for Only for Type = PPPoE Interfaces Select whether this Ethernet-over-ATM interface is to be used for all PPPoE connections The function is enabled with The function is disabled by default.
Page 296: Service Categories
17 WAN Funkwerk Enterprise Communications GmbH Field Description DHCP Hostname Only for Address Mode = If necessary, enter the host name registered with the provider to be used by your device for DHCP requests. The maximum length of the entry is 45 characters.
Page 297 17 WAN Funkwerk Enterprise Communications GmbH Your device supports QoS (Quality of Service) for ATM interfaces. Caution ATM QoS should only be used if your provider specifies a list of data traffic parameters (traffic contract). The configuration of ATM QoS requires extensive knowledge of ATM technology and the way the bintec devices function.
Page 298 17 WAN Funkwerk Enterprise Communications GmbH Field Description • : (Variable Bit Rate) The connection is assigned a guaranteed data rate (Sus- tained Cell Rate (SCR)). This may be exceeded by the volume configured in Maximum Burst Size (MBS). Any addi- tional ATM traffic is discarded.
Page 299: Oam Controlling
17 WAN Funkwerk Enterprise Communications GmbH 17.2.3 OAM Controlling OAM is a service for monitoring ATM connections. A total of five hierarchies (flow level F1 to F5) are defined for OAM information flow. The most important information flows for an ATM connection are F4 and F5.
Page 300 17 WAN Funkwerk Enterprise Communications GmbH Field Description • : (virtual path level) The OAM settings are used for the vir- tual path. Virtual Channel Con- Only for OAM Flow Level = nection (VCC) Select the already configured ATM connection to be monitored (displayed by the combination of VPI and VCI).
Page 301 17 WAN Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. Segment Send Interval Only if Loopback Segment is enabled. Enter the time in seconds after which a loopback cell is sent. Possible values are The default value is .
Page 302: Leased Line
17 WAN Funkwerk Enterprise Communications GmbH Field Description • (default value): CC data is both received and generated. • : CC data is received. • : CC data is generated. Continuity Check (CC) Select whether you want to activate the OAM-CC test for the...
Page 303: Interfaces
17 WAN Funkwerk Enterprise Communications GmbH 17.3.1 Interfaces In the WAN->Leased Line->Interfaces menu, a list of all is displayed. Automatic genera- tion requires the corresponding ISDN interface to be configured. 17.3.1.1 Edit Choose the button to edit the configuration of the corresponding leased line for a BRI interface.
Page 304 17 WAN Funkwerk Enterprise Communications GmbH Field Description Prioritize TCP ACK Select whether the TCP download is to be optimised in the Packets event of intensive TCP upload. The function is enabled with The function is disabled by default. Compression If necessary, select the type of encryption that should be used for data traffic to the connection partner.
Page 305: Real Time Jitter Control
17 WAN Funkwerk Enterprise Communications GmbH Field Description • : Your device only responds to an ARP re- quest if the status of the connection to the connection partner . In the case of , your device only re- sponds to the ARP request; the connection is not set up until someone actually wants to use the route.
Page 306 17 WAN Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): By means of the data routed via the media gateway, the system detects voice data traffic and optimises the voice transmis- sion. • : All RTP streams are optimised.
Page 307: Chapter 18 Vpn
Public Key Infrastructure (PKI, see Certificates on page 113). The funkwerk IPSec implementation achieves this firstly by using the Authentication Header (AH) protocol and Encapsulated Security Payload (ESP) protocol, and secondly through the use of cryptographic key administration mechanisms like the Internet Key Exchange (IKE) protocol.
Page 308 18 VPN Funkwerk Enterprise Communications GmbH The menu for monitoring a peer is called by selecting the button for the peer in the peer list. See Values in the IPSec Tunnels list on page 420. 18.1.1.1 New Choose the New button to set up more IPSec peers.
Page 309 18 VPN Funkwerk Enterprise Communications GmbH Field Description On the peer device, this ID corresponds to the Local ID Value parameter. Fields in the IPSec PeersInterface Routes menu Field Description IP Address Assign- Select the configuration mode of the interface.
Page 310 18 VPN Funkwerk Enterprise Communications GmbH Field Description Define routing entries for this connection partner. • : IP address of the destination host or LAN. : Netmask for Remote IP Address. • • : The lower the value, the higher the priority of the route (possible values ).
Page 311 18 VPN Funkwerk Enterprise Communications GmbH Field Description wish to use this IPSec peer XAuth for authentication. If XAuth is used together with IKE Config Mode, the transac- tions for XAuth are carried out before the transactions for IKE Config Mode.
Page 312 18 VPN Funkwerk Enterprise Communications GmbH Field Description up until someone actually wants to use the route. • : Your device responds to an ARP request only if the status of the connection to the IPSec peer is (active), i.e. a connection already exists to the IPSec peer.
Page 313 18 VPN Funkwerk Enterprise Communications GmbH Transfer of IP Address over ISDN Transferring the IP address of a device over ISDN (in the D channel and/or B channel) opens up new possibilities for the configuration of IPSec VPNs. This enables restrictions that occur in IPSec configuration with dynamic IP addresses to be avoided.
Page 314 18 VPN Funkwerk Enterprise Communications GmbH The IP address transfer and the start of IKE phase 1 negotiation take place in the following steps: (1) Peer A (the callback initiator) sets up a connection to the Internet in order to be as- signed a dynamic IP address and be reachable for peer B over the Internet.
Page 315 18 VPN Funkwerk Enterprise Communications GmbH Field Description device to cause this to set up an IPSec tunnel. The device does not react to incoming ISDN calls. • : Your device can react to incoming ISDN calls and send ISDN calls to the remote device. The setting up of an IPSec tunnel is executed (after an incoming ISDN call) and initiated (by an outgoing ISDN call).
Page 316: Phase-1 Profiles
18 VPN Funkwerk Enterprise Communications GmbH Field Description : Your device tries to transfer the IP address in the mode set in the Mode field. If this does not succeed, the IP address is transferred in the B channel. (This incurs costs.) •...
Page 317 18 VPN Funkwerk Enterprise Communications GmbH Field Description message hash algorithms for IKE phase 1 on your device. The combination of six encryption algorithms and four message hash algorithms gives 24 possible values in this field. At least one proposal must exist. Therefore the first line of the table can- not be deactivated.
Page 318 18 VPN Funkwerk Enterprise Communications GmbH Field Description developed by the NSA (United States National Security Asso- ciation). It is rated as secure, but is slower than MD5. It is used with a 96 bit digest length for IPSec. •...
Page 319 18 VPN Funkwerk Enterprise Communications GmbH Field Description of data processed in kBytes. The value can be a whole number from 0 to 2147483647. The default value is The standard value as per RFC is used seconds and Kbytes are entered.
Page 320 18 VPN Funkwerk Enterprise Communications GmbH Field Description used for authentication. Also define whether the selected mode is used exclusively (Strict), or the peer can also propose another mode. Local ID Type Select the local ID type. Possible values: •...
Page 321 18 VPN Funkwerk Enterprise Communications GmbH Fields in the Advanced Settings menu Field Description Alive Check Select the method to be used to check the functionality of the IPSec connection. In addition to the default method Dead Peer Detection (DPD), the (proprietary) Heartbeat method is implemented.
Page 322: Phase-2 Profiles
18 VPN Funkwerk Enterprise Communications GmbH Field Description never blocked. The default value is NAT Traversal NAT Traversal (NAT-T) also enables IPSec tunnels to be opened via one or more devices on which network address translation (NAT) is activated. Without NAT-T, incompatibilities may arise between IPSec and NAT (see RFC 3715, section 2).
Page 323 18 VPN Funkwerk Enterprise Communications GmbH Fields in the Phase-2 ProfilesPhase-2 (IPSEC) Parameters menu Field Description Description Enter a description that uniquely identifies the profile. The maximum length of the entry is 255 characters. Proposals In this field, you can select any combination of encryption and message hash algorithms for IKE phase 2 on your default.
Page 324 18 VPN Funkwerk Enterprise Communications GmbH Field Description hash algorithm. It is used with a 96 bit digest length for IPSec. • : All options can be used. • : SHA1 (Secure Hash Algorithm #1) is a hash algorithm developed by the NSA (United States National Security Asso- ciation).
Page 325 18 VPN Funkwerk Enterprise Communications GmbH Field Description Input in : Enter the lifetime for phase 2 keys as amount of data processed in Kbytes. The value can be a whole number from . The default value is . The menu Advanced Settings consists of the following fields:...
Page 326: Xauth Profiles
18 VPN Funkwerk Enterprise Communications GmbH Field Description bintec) is set. Propagate PMTU Select whether the PMTU (Path Maximum Transfer Unit) is to be propagated during phase 2. The function is enabled with The function is enabled by default. 18.1.4 XAUTH Profiles In the XAUTH Profiles menu, a list of all XAUTH profiles is displayed.
Page 327 18 VPN Funkwerk Enterprise Communications GmbH Fields in the XAUTH ProfilesBasic Parameters menu Field Description Description Enter a description for this XAuth profile. Role Select the role of the gateway for XAuth authentication. Possible values: • (default value): The gateway requires a proof of au- thorisation.
Page 328: Ip Pools
18 VPN Funkwerk Enterprise Communications GmbH Field Description Add. 18.1.5 IP Pools In the IP Pools menu, a list of all IP pools for your configured IPSec connections is dis- played. If you have set IP Address Assignment for an IPSec peer, here, you must define the IP pools from which the IP addresses are assigned.
Page 329 18 VPN Funkwerk Enterprise Communications GmbH Field Description You can only delete the configuration with Enable IPSec = Not activated.. IPSec Debug Level Select the priority of the syslog messages of the IPSec subsys- tem to be recorded internally. Possible values: •...
Page 330 18 VPN Funkwerk Enterprise Communications GmbH Field Description Send Initial Contact Select whether IKE Initial Contact messages are to be sent dur- Message ing IKE (phase 1) if no SAs with a peer exist. The function is enabled with The function is enabled by default.
Page 331: L2Tp
18 VPN Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. Send Certificate Re- Select whether certificate requests are to be sent during IKE quest Payloads (phase 1). The function is enabled with The function is enabled by default.
Page 332: Tunnel Profiles
18 VPN Funkwerk Enterprise Communications GmbH created on each of the two sides (LAC and LNS). The corresponding L2TP tunnel profile is used on the initiator side (LAC) to set up the connection. The L2TP tunnel profile is needed on the responder side (LNS) to accept the connection.
Page 333 18 VPN Funkwerk Enterprise Communications GmbH Field Description calls for which no profile with a matching Remote Hostname can be found. Password Enter the password to be used for tunnel authentication. Au- thentication between LAC and LNS takes place in both direc- tions, i.e.
Page 334 18 VPN Funkwerk Enterprise Communications GmbH Fields in the Advanced Settings menu Field Description Local IP Address Enter the IP address to be used as the source address for all L2TP connections based on this profile. If this field is left empty, your device uses the IP address of the interface over which the L2TP tunnel reaches Remote IP Ad- dress.
Page 335: Users
18 VPN Funkwerk Enterprise Communications GmbH 18.2.2 Users A list of all configured L2TP partner is displayed in the VPN->L2TP->Users menu. 18.2.2.1 New Choose the New button to set up new L2TP partners. The menu VPN->L2TP->Users->New consists of the following fields:...
Page 336 18 VPN Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. Connection Idle Only if Always on is disabled. Timeout Enter the idle time in seconds for static short hold. The static short hold setting determines how many seconds should pass between sending the last traffic data packet and clearing the connection.
Page 337 18 VPN Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is disabled by default. IP Assignment Pool Only for IP Address Mode = (IPCP) Select IP pools configured in the WAN->Internet + Dialup->IP Pools menu.
Page 338 18 VPN Funkwerk Enterprise Communications GmbH Field Description • : Run MS-CHAP version 2 only. • : Some providers use no authentication. In this case, se- lect this option. Encryption If necessary, select the type of encryption that should be used for data traffic to the L2TP partner.
Page 339: Options
18 VPN Funkwerk Enterprise Communications GmbH Field Description sent over this interface. Networks reachable over this inter- face are, however, included when calculating the routing in- formation and propagated over active interfaces. • : OSPF is activated for this interface, i.e. routes are propagated or OSPF protocol packets sent over this interface.
Page 340: Pptp
18 VPN Funkwerk Enterprise Communications GmbH Field Description Available values are all whole numbers from , the default value is as specified in RFC 2661. UDP Source Port Se- Select whether the LNS should only use the monitored port lection (UDP Destination Port) as the local source port for the L2TP connection.
Page 341 18 VPN Funkwerk Enterprise Communications GmbH Field Description characters or umlauts must be used. PPTP Mode Enter the role to be assigned to the PPTP interface. Possible values: • (default value): this assigns the PPTP interface the role of PPTP server.
Page 342 18 VPN Funkwerk Enterprise Communications GmbH Field Description Possible values: • (default value): You enter a static IP address. : Only for PPTP Mode = • IYour device dynamically assigns an IP address to the remote ter- minal. • : Only for PPTP Mode = Your device is dynamically assigned an IP ad- dress.
Page 343 18 VPN Funkwerk Enterprise Communications GmbH Field Description Select IP pools configured in the WAN->Internet + Dialup->IP Pools menu. If an IP pool has not been configured here yet, the message appears in this field. The menu Advanced Settings consists of the following fields:...
Page 344 18 VPN Funkwerk Enterprise Communications GmbH Field Description used to RFC 3078. • : MPP encryption V2 with 128 bit is used as compatible with Microsoft and Cisco. Compression Select the type of comprission, if needed. Possible values: • (default value): Encryption is not used.
Page 345 18 VPN Funkwerk Enterprise Communications GmbH Field Description • (default value): Disables Proxy-ARP (Address Resolution Protocol) for this PPTP partner. • : Your device only responds to an ARP re- quest if the status of the connection to the PPTP partner is (active) or .
Page 346: Options
Since, in SP 1, Microsoft has changed the confirma- tion algorithm in the GRE protocol, the automatic window adapt- ation for GRE must be turned off on the funkwerk side. The function is enabled with The function is enabled by default.
Page 347: Ip Pools
18 VPN Funkwerk Enterprise Communications GmbH Field Description Possible values are The default value is . Max. incomming con- Enter the maximum number of control connections. trol connections per remote IP Address 18.3.3 IP Pools In the IP PoolsI menu, a list of all IP pools for PPTP connections is displayed.
Page 348: Gre Tunnels
18 VPN Funkwerk Enterprise Communications GmbH The specification of the GRE protocol is available in two versions: • GRE V.1 for use in PPTP connections (RFC 2637, configuration in the PPTP menu) • GRE V.0 (RFC 2784) for general encapsulation using GRE In this menu you can configure a virtual interface for using GRE V.0.
Page 349 18 VPN Funkwerk Enterprise Communications GmbH Field Description • : IP address of the destination host or network. • : Netmask for Remote IP Address. If no entry is made, your device uses a default netmask. • : The lower the value, the higher the priority of the route (possible values ...
Page 350: Chapter 19 Firewall
19 Firewall Funkwerk Enterprise Communications GmbH Chapter 19 Firewall The Stateful Inspection Firewall (SIF) provided for bintec gateways is a powerful security feature. The SIF with dynamic packet filtering has a decisive advantage over static packet filtering: The decision whether or not to send a packet cannot be made solely on the basis of source and destination addresses or ports but also using dynamic packet filtering based on the state of the connection to a partner.
Page 351: Policies
19 Firewall Funkwerk Enterprise Communications GmbH One of the basic functions of NAT is the translation of the local IP addresses of your LAN into the global IP addresses you are assigned by your ISP and vice versa. All connections initiated externally are first blocked, i.e.
Page 352 19 Firewall Funkwerk Enterprise Communications GmbH in succession until a rule matches. If overlapping occurs, i.e. more than one filter rule matches a packet, only the first rule is executed. This means that if the first rule denies a packet, whereas a later rule allows it, the packet is rejected. A deny rule also has no effect if a relevant packet has previously been allowed by another filter rule.
Page 353 19 Firewall Funkwerk Enterprise Communications GmbH Field Description Service Select one of the preconfigured services to which the packet to be filtered must be assigned. The extensive range of services configured ex works includes the following: • • • •...
Page 354: Qos
19 Firewall Funkwerk Enterprise Communications GmbH Field Description A policy for which QoS has been enabled is also set for the fire- wall. Make sure therefore that data traffic that has not been ex- pressly authorised if blocked by the firewall!
Page 355: Options
19 Firewall Funkwerk Enterprise Communications GmbH Field Description the selected interface. The function is enabled with The function is disabled by default. Specify bandwidth Only for Traffic Shaping = Enter the maximum available bandwidth in kbps for the selected interface.
Page 356 19 Firewall Funkwerk Enterprise Communications GmbH Field Description Logged Actions Select the firewall syslog level. The messages are output together with messages from other subsystems. Possible values: • (default value): All firewall activities are displayed. • : Only reject and deny events are shown, see "Action".
Page 357: Interfaces
19 Firewall Funkwerk Enterprise Communications GmbH Field Description Possible values are The default value is 19.2 Interfaces 19.2.1 Groups A list of all configured interface routes is displayed in the Firewall->Interfaces->Groups menu. You can group together the interfaces of your device. This makes it easier to configure fire- wall rules.
Page 358: Groups
19 Firewall Funkwerk Enterprise Communications GmbH The menu Firewall->Addresses->Address List->New consists of the following fields: Fields in the Address ListBasic Parameters menu Field Description Description Enter the desired description of the address. Address Type Select the type of address you want to specify.
Page 359: Services
19 Firewall Funkwerk Enterprise Communications GmbH Field Description Description Enter the desired description of the address group. Selection Select the members of the group from the available Addresses. To do this, activate the field in the Selection column. 19.4 Services 19.4.1 Service List...
Page 360 19 Firewall Funkwerk Enterprise Communications GmbH Field Description able. If a port number range is specified, in the second field enter the last port of the port range. By default the field does not contain an entry. If a value is displayed, this means that the previously specified port number is verified.
Page 361: Groups
19 Firewall Funkwerk Enterprise Communications GmbH Field Description • • • • • 19.4.2 Groups A list of all configured service groups is displayed in the Firewall->Services->Groups menu. You can group together services. This makes it easier to configure firewall rules.
Page 362: Chapter 20 Voip
20 VoIP Funkwerk Enterprise Communications GmbH Chapter 20 VoIP Voice over IP (VoIP) uses the IP protocol for voice and video transmission. The main difference compared with conventional telephony is that the voice information is not transmitted over a switched connection in a telephone network, but divided into data packets by the Internet protocol and these packets are then passed to the destination over undefined paths in a network.
Page 363: Sip Endpoints
20 VoIP Funkwerk Enterprise Communications GmbH Field Description Description Enter the name of the application level gateway. Administrative Status Select whether the SIP proxy should be enabled or disabled. The function is activated by selecting The function is enabled by default.
Page 364 20 VoIP Funkwerk Enterprise Communications GmbH er) accessible from the WAN (Internet) by NAPT. In addition, internal SIP clients without re- gistration can be made accessible using a static entry. All active SIP sessions that have been initiated from internal SIP terminals are recognised dynamically and listed here.
Page 365: Rtsp
20 VoIP Funkwerk Enterprise Communications GmbH Field Description changed. Internal IP Address Specify the IP address for the internal SIP endpoint in the LAN. Remote Port Only for Type of Endpoint = Enter the port of the removed SIP terminal (in the WAN).
Page 366 20 VoIP Funkwerk Enterprise Communications GmbH Field Description The function is activated by selecting The function is disabled by default. RTSP Port Select the port over which the RTSP messages are to come in and go out. Possible values are...
Page 367: Chapter 21 Local Services
21 Local Services Funkwerk Enterprise Communications GmbH Chapter 21 Local Services This menu offers services for the following application areas: • Name resolution (DNS) • Configuration via web browser (HTTPS) • Locating of dynamic IP addresses using a DynDNS provider •...
Page 368 21 Local Services Funkwerk Enterprise Communications GmbH Global Name Server Under Local Services->DNS->Global Settings->Basic Parameters you enter the IP ad- dresses of global name servers that are asked if your device cannot answer requests itself or by forwarding entries. For local applications, the IP address of your device or the general loopback address (127.0.0.1) can be entered as the global name server.
Page 369: Global Settings
21 Local Services Funkwerk Enterprise Communications GmbH cache of your device. 21.1.1 Global Settings The menu Local Services->DNS->Global Settings consists of the following fields: Fields in the Global SettingsBasic Parameters menu Field Description Domain Name Enter the standard domain name of your device.
Page 370 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Negative Cache Select whether the negative dynamic cache is to be activated, i.e. whether queried names for which a DNS server has sent a negative response are stored as negative entries in the cache.
Page 371: Static Hosts
DNS request. If a negative response is received to a DNS re- quest, no address is specified. The entry can also start with the wildcard *, e.g. *.funkwerk.de. R1xxx/R3xxx/R4xxx...
Page 372: Domain Forwarding
21 Local Services Funkwerk Enterprise Communications GmbH Field Description If a name is entered without a dot, this is completed with OK "<Name.> " after confirmation. Entries with spaces are not allowed. Response In this entry, select the type of response to DNS requests.
Page 373 Only for Forwarding = Enter the name of the host to be forwarded. The entry can also start with the wildcard *, e.g. *.funkwerk.com. If a name is entered without a full stop, you complete with OK " <Default Domain>. " after confirmation.
Page 374: Cache
21 Local Services Funkwerk Enterprise Communications GmbH 21.1.4 Cache In the Local Services->DNS->Cachemenu, a list of all available cache entries is dis- played. You can select individual entries using the checkbox in the corresponding line, or select them all using the Select all button.
Page 375: Https
21 Local Services Funkwerk Enterprise Communications GmbH 21.2 HTTPS You can operate the user interface of your device from any PC with an up-to-date Web browser via an HTTPS connection. HTTPS (HyperText Transfer Protocol Secure) is the procedure used to establish an en- crypted and authenticated connection by SSL between the browser used for configuration and the device.
Page 376: Dyndns Update
21 Local Services Funkwerk Enterprise Communications GmbH The following configuration steps are necessary: • Registration of a host name at a DynDNS provider • Configuration of your device Registration The registration of a host name means that you define an individual user name for the DynDNS service, e.g.
Page 377: Dyndns Provider
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Provider Select the DynDNS provider with which the above data is re- gistered. A choice of DynDNS providers is already available in the uncon- figured state and their protocols are supported.
Page 378 21 Local Services Funkwerk Enterprise Communications GmbH 21.3.2.1 New Choose the New button to set up new DynDNS providers. The menu Local Services->DynDNS Client->DynDNS Provider->New consists of the fol- lowing fields: Fields in the DynDNS ProviderBasic Parameters menu Field Description Provider Name Enter a name for this entry.
Page 379: Dhcp Server
21 Local Services Funkwerk Enterprise Communications GmbH Field Description before it is allowed to propagate its current IP address to the DynDNS provider again. The default value is seconds. 21.4 DHCP Server You can configure your device as a DHCP (Dynamic Host Configuration Protocol) server.
Page 380 21 Local Services Funkwerk Enterprise Communications GmbH Field Description IP Pool Name Enter any designation for uniquely identifying the IP pool. Interface Select the interface over which the addresses defined in IP Ad- dress Range are to be assigned to DHCP clients.
Page 381: Ip/Mac Binding
21 Local Services Funkwerk Enterprise Communications GmbH Field Description After the Lease Time expires, the address can be reassigned by the server. The default value is DHCP Options Specify which additional data is forwarded to the DHCP client. Possible values for Option: •...
Page 382: Dhcp Relay Settings
21 Local Services Funkwerk Enterprise Communications GmbH 21.4.2.1 New Choose the New button to set up new IP/MAC bindings. The menu Local Services->DHCP Server->IP/MAC Binding->New consists of the follow- ing fields: Fields in the IP/MAC BindingBasic Parameters menu Field Description...
Page 383: Web Filter
21 Local Services Funkwerk Enterprise Communications GmbH 21.5 Web Filter In the Local Services->Web Filter menu, you can configure a URL-based Web Filter ser- vice, which accesses the Proventia Web Filter from the company Internet Security Systems (www.iss.net) and checks how a requested Internet page is categorised by the Proventia Web Filter.
Page 384: Filter List
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • (default value): The download is permitted. • :The download of the requested page is blocked. • : The call is permitted, but logged. Action if license not re- Select what is to be done with URL requests if the licence key...
Page 385 21 Local Services Funkwerk Enterprise Communications GmbH be blocked. In this case it is necessary to make an entry at the end of the filter list that al- lows all accesses that do not match a filter. (Setting for this: Category = , Action = •...
Page 386: Black / White List
21 Local Services Funkwerk Enterprise Communications GmbH Field Description time is entered in the form hh:mm. Enter the time at which the Time) filter is to be deactivated in the field after the to. The time is entered in the form hh:mm. The default value is 00:00 to 23:59.
Page 387: History
21 Local Services Funkwerk Enterprise Communications GmbH Field Description not necessary to configure a suitable filter. 21.5.4 History In the Local Services->Web Filter->History menu, you can view the recorded history of the web filter. The history logs all requests that are marked for logging by a relevant filter (Action = )), likewise all rejected requests.
Page 388: Options
21 Local Services Funkwerk Enterprise Communications GmbH The menu Local Services->CAPI Server->User->New consists of the following fields: Fields in the UserBasic Parametersmenu Field Description User Name Enter the user name for which access to the CAPI service is to be allowed or denied.
Page 389: Trigger
21 Local Services Funkwerk Enterprise Communications GmbH Note To run the event scheduler, the date configured on your device must be 1.1.2000 or later. 21.7.1 Trigger A list of all planned tasks is displayed in the Local Services->Scheduling+Trigger menu. 21.7.1.1 New Choose the New button to create additional tasks.
Page 390 21 Local Services Funkwerk Enterprise Communications GmbH Field Description specified status. • : The operations configured and as- signed in Actions are triggered if the data traffic on the spe- cified interfaces falls below or exceeds the defined value. : The operations configured and assigned in Ac- •...
Page 391 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Interface Status Only for Event Type Select the status that the interface must assume in order to trig- ger the intended operation. Possible values: • (default value): The interface is active.
Page 392 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Value yields unique identification of a specific table entry. Monitored Interface Only for Event Type Select the interface whose defined status shall trigger an opera- tion. Interface Status Only for Event Type Select the status that the interface must assume in order to trig- ger the intended operation.
Page 393: Actions
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • (default value): In Condition Settings, select a par- ticular period. • : Select a specific day of the month in Condi- tion Settings. Possible values for Condition Settings in Condition Type = (default value) ...
Page 394 21 Local Services Funkwerk Enterprise Communications GmbH 21.7.2.1 New Choose the New button to configure additional operations. The menu Local Services->Scheduling+Actions->New consists of the following fields: Fields in the ActionsBasic Parameters menu Field Description Description Enter your chosen designation for the action.
Page 395 21 Local Services Funkwerk Enterprise Communications GmbH Field Description • : The operation is triggered if one of the events does not occur. Reboot device after Only if Command Type = Indicate a timespan in seconds that must pass before the device is restarted.
Page 396 21 Local Services Funkwerk Enterprise Communications GmbH Field Description initiator is active. • : The value of the MIB variable is differentially modified as the initiator status evolves. MIB Variables Only if Command Type = Select the MIB variables whose value, dependent on the initiat- or status, is to be modified.
Page 397 21 Local Services Funkwerk Enterprise Communications GmbH Field Description value): The latest software will be downloaded from the Funk- werk server. • : The latest software will be downloaded from an HTTP server that you define in • : The latest software will be downloaded from an HTTP server that you define in •...
Page 398 21 Local Services Funkwerk Enterprise Communications GmbH Field Description • • For Command Type = Select which operation you wish to perform on a certificate file. Possible values: • (default value) • • Protocol Only for Command Type = if Action = Select the protocol for the data transfer.
Page 399 21 Local Services Funkwerk Enterprise Communications GmbH Field Description on which it is to be saved. Local File Name Only for Command Type = and Action = When importing, renaming or copying, assign a name to the configuration file under which it can be saved locally on the device.
Page 400 21 Local Services Funkwerk Enterprise Communications GmbH Field Description The function is disabled by default. Reboot after execution Only if Command Type = Select whether to restart your device after the desired Action. The function is disabled by default. Version Check...
Page 401 21 Local Services Funkwerk Enterprise Communications GmbH Field Description The default value is . Server Address Only for Command Type = Action = Enter the URL of the server from which a certificate file is to be obtained. Local Certificate De-...
Page 402 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Enter a description under which to save the SCEP certificate on your device. URL SCEP Server URL Only for Command Type = Action = Enter the URL of the SCEP server, e.g.
Page 403: Options
21 Local Services Funkwerk Enterprise Communications GmbH Field Description steps of the enrolment internally. This is an advantage if enrol- ment cannot be concluded immediately. If the status has not been saved, the incomplete registration cannot be completed. As soon as the enrolment is completed and the certificate has been downloaded from the CA server, it is automatically saved in the device configuration.
Page 404: Surveillance
21 Local Services Funkwerk Enterprise Communications GmbH The Local Services->Scheduling->Options menu includes the following fields: Fields in the OptionsScheduling Options menu Field Description Schedule Interval Select whether the schedule interval is to be enabled for the in- terface. Enter the interval in seconds during which the system checks whether there are planned tasks.
Page 405 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Group ID Select an ID for the group of hosts whose availability is to be monitored by your device. The group IDs are automatically created from . If an entry has not yet been created, a new group is created using option.
Page 406: Interfaces
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Controlled Interfaces Select the interface(s) for which the action defined in Interface is to be performed. All physical and virtual interfaces can be selected. Select whether each interface is to be enabled (...
Page 407: Ping Generator
21 Local Services Funkwerk Enterprise Communications GmbH Field Description • : Deactivation of interface(s) Interface Select the interface(s) for which the action defined in Interface is to be performed. All physical and virtual interfaces can be selected, along with tions .
Page 408: Isdn Theft Protection
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Trials Enter the number of ping tests to be performed until Destina- tion IP Address is to be considered The default value is . 21.9 ISDN Theft Protection With the ISDN theft protection function, you can prevent a thief who has stolen a gateway from gaining access to the gateway owner's LAN.
Page 409: Funkwerk Discovery
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Dialling Number Only if ISDN Theft Protection Service is enabled. Enter the subscriber number that the gateway dials to call itself. Incoming Number Only if ISDN Theft Protection Service is enabled.
Page 410: Device Discovery
Funkwerk Enterprise Communications GmbH 21.10.1 Device Discovery The funkwerk Discovery protocol is used to identify and configure bintec devices that are in the same wired network as your device. Once a bintec device has been discovered, cer- tain basic parameters (node name, IP address, netmask, and device address) can be con- figured on the access point (provided you know the administrator password).
Page 411 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Shows the interface of your device on which discovery is carried out. MAC Address The value of this field can only be read. Shows the MAC address of the discovered access point.
Page 412: Options
21.10.2 Options In this menu, you can grant permission for your device to be discovered by other bintec devices using the funkwerk Discovery protocol and to be configured by means of this. The Local Services->Funkwerk Discovery ->Optionsmenu consists of the following...
Page 413: Interfaces
21 Local Services Funkwerk Enterprise Communications GmbH . The ports are released internally to the gateway on demand, i.e. when an audio/video transfer is started in Messenger. When the application is closed, the ports are immediately closed again. The peer-to-peer-communication is initiated via public SIP servers with only the information from the two clients being forwarded.
Page 414: Hotspot Gateway
21 Local Services Funkwerk Enterprise Communications GmbH The Local Services->UPnP+Generalmenu consists of the following fields: Fields in the General menu Field Description UPnP Status Decide how the gateway processes UPnP requests from the LAN. The function is enabled with . The gateway proceeds...
Page 415 Activation may require 2-3 business days. Access data for gateway configuration RADIUS Server IP 62.245.165.180 RADIUS Server Password Set by Funkwerk Enterprise Communications GmbH Domain Individually set for customers by customer/dealer Walled Garden Network Individually set for customers by customer/dealer...
Page 416 21 Local Services Funkwerk Enterprise Communications GmbH Access data for configuration of the Hotspot server Admin URL https://hotspot.funkwerk-ec.com/ Username Individually set by FEC Password Individually set by FEC Note Also refer to the WLAN Hotspot Workshop that is available to download from www.funkwerk-ec.com...
Page 417 21 Local Services Funkwerk Enterprise Communications GmbH Field Description Caution For security reasons you cannot configure your device over an interface that is configured for the Hotspot. Therefore take care when selecting the interface you want to use for the Hotspot.
Page 418 21 Local Services Funkwerk Enterprise Communications GmbH Field Description lie within the address range of the walled garden network. Language for login Here you can choose the language for the start/login page. window The following languages are supported: The language can be changed on the start/login page at any time.
Page 419: Brrp
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Host for multiple loca- If several locations (branches) are set up on the Hotspot server, tions enter the value of the NAS identifier (RADIUS server parameter) that has been registered for this location on the Hotspot server.
Page 420: Virtual Routers
21 Local Services Funkwerk Enterprise Communications GmbH Field Description primary IP address as source of the IP packet.” VRRP Advertisement A keepalive that sends the master to the backup gateway to in- dicate his reachability. Virtual Router Master “The VRRP router that takes over forwarding the packets that have been sent to the IP addresses associated with the “virtual...
Page 421 21 Local Services Funkwerk Enterprise Communications GmbH Note This interface is used to transmit the BRRP advertisement data packets and possibly to transmit keepalive monitoring data packets. Another interface must be configured in the next step to transmit the usage data.
Page 422 21 Local Services Funkwerk Enterprise Communications GmbH events, which result in a switching of the operating status of the virtual router. Controlling the operating status of a virtual router implicitly also controls the operating status of the interface to which the virtual router is linked. If an error occurs, all interfaces on a device have to be deactivated.
Page 423 21 Local Services Funkwerk Enterprise Communications GmbH Field Description has already been created is edited. Virtual Router IP Ad- Enter the IP address and the netmask of the virtual router. Here dress enter the IP address that you want to use in the local network as the actual gateway IP address.
Page 424 21 Local Services Funkwerk Enterprise Communications GmbH Field Description sends via multicast BRRP advertisements, which also contain the ID and the priority of the master. Possible values are whole numbers between . The value is indicated in seconds, the default value is 1.
Page 425: Vr Synchronisation
21 Local Services Funkwerk Enterprise Communications GmbH Field Description The function is enabled by default. Note the following exception: If Virtual Router Priority selected, the gateway with this priority certainly takes over the master role, i.e. the setting in Pre-empt mode (go back into master state) is not considered.
Page 426: Options
21 Local Services Funkwerk Enterprise Communications GmbH Field Description Monitoring Mode Shows which mechanism is used for monitoring a virtual router. Possible values: • :The BRRP-specific status advertisements are used for determining the status of the master. (The master sends ad- vertisements as per its configuration in the Local Services->BRRP->Virtual Routers->New->Advanced Set-...
Page 427 21 Local Services Funkwerk Enterprise Communications GmbH Field Description The function is enabled with The function is disabled by default. R1xxx/R3xxx/R4xxx...
Page 428: Chapter 22 Maintenance
22 Maintenance Funkwerk Enterprise Communications GmbH Chapter 22 Maintenance This menu provides you with numerous functions for maintaining your device. It firstly provides a menu for testing availability within the network. You can manage your system configuration files. If more recent system software is available, you can use this menu to in- stall it.
Page 429: Software &Configuration
Save configuration button via the Funkwerk Configuration Interface navigation area. This configuration is then saved in the flash in a file with the...
Page 430 22 Maintenance Funkwerk Enterprise Communications GmbH name . When you start your device, the configuration file is used by default. Operations The files in the flash memory can be copied, moved, erased and newly created. It is also possible to transfer configuration files between your device and a host via HTTP.
Page 431 Note: The files to be imported must be in CSV format! • : You can import additional language ver- sions of the Funkwerk Configuration Interface into your device. You can download the files to your PC from the down- load area at www.funkwerk-ec.com...
Page 432 : The file is stored on a remote server specified in the URL. • : The file is on the official Funkwerk update server. Only for Source Location = Enter the URL of the update server from which the system soft- ware file is loaded.
Page 433: Reboot
In this menu, you can trigger an immediate reboot of your device. Once your system has restarted, you must call the Funkwerk Configuration Interface again and log in. Pay attention to the LEDs on your device. For information on the meaning of the LEDs, see the Technical Data chapter of the manual.
Page 434: Chapter 23 External Reporting
23 External Reporting Funkwerk Enterprise Communications GmbH Chapter 23 External Reporting In this system menu, you define what system protocol messages are saved on which com- puters, and whether the system administrator should receive an e-mail for certain events. Information on IP data traffic can also be saved--depending on the individual interfaces. In addition, SNMP traps can be sent to specific hosts in case of error.
Page 435 23 External Reporting Funkwerk Enterprise Communications GmbH A list of all configured system log servers displayed in the External Reporting->Syslog->Syslog Servers menu. 23.1.1.1 New Select the New button to set up additional syslog servers. The menu External Reporting->Syslog->Syslog Servers->New consists of the following...
Page 436: Ip Accounting
23 External Reporting Funkwerk Enterprise Communications GmbH Field Description Timestamp Select the format of the time stamp in the syslog. Possible values: • (default value): No system time indicated. • : System time without date. • : System time with date.
Page 437: Options
23 External Reporting Funkwerk Enterprise Communications GmbH In the External Reporting->IP Accounting->Interfaces menu, a list of all interfaces con- figured on your device is shown. For each entry, you can activate IP Accounting by setting the checkmark. In the IP Accounting column, you do not need to click each entry individu- ally.
Page 438: E-Mail Alert
23 External Reporting Funkwerk Enterprise Communications GmbH 23.3 E-mail Alert Depending on the configuration, E-mails are sent to the administrator as soon as relevant syslog messages occur. 23.3.1 E-mail Alert Server The menu E-mail Alert Server consists of the following fields: The menu External Reporting->E-mail Alert->E-mail Alert Server consists of the follow-...
Page 439: E-Mail Alert Recipient
23 External Reporting Funkwerk Enterprise Communications GmbH Field Description Enter the user name for the POP3 or SMTP server. Password Only if SMTP Authentication = Enter the password of this user. POP3 Server Only if SMTP Authentication = Enter the address of the server from which the e-mails are to be retrieved.
Page 440: Snmp
23 External Reporting Funkwerk Enterprise Communications GmbH Field Description all syslog messages of the selected level, just enter "*". Severity Select the severity level which the string configured in the Matching String field must reach to trigger an e-mail alert.
Page 441: Snmp Trap Options
23 External Reporting Funkwerk Enterprise Communications GmbH Every SNMP management system contains an MIB. SNMP can be used to configure, con- trol and administrate various network components from one system. Such an SNMP tool is included on your device: the Configuration Manager. As SNMP is a standard protocol, you can use any other SNMP managers, e.g.
Page 442: Snmp Trap Hosts
23 External Reporting Funkwerk Enterprise Communications GmbH Field Description Enter a new SNMP code. This must be sent by the SNMP Man- ager with every SNMP request so that this is accepted by your device. A character string of between characters is possible here.
Page 443: Options
23 External Reporting Funkwerk Enterprise Communications GmbH Method of operation A Status Daemon collects information about your device and transfers it as UDP packets to the broadcast address of the first LAN interface (default setting) or to an explicitly entered IP address.
Page 444 23 External Reporting Funkwerk Enterprise Communications GmbH Field Description dress of the first LAN interface is used. • : The UDP packets are sent to the IP address entered in the adjacent input field. Update Interval Enter the update interval (in seconds).
Page 445: Chapter 24 Monitoring
24 Monitoring Funkwerk Enterprise Communications GmbH Chapter 24 Monitoring This menu contains information that enable you to locate problems in your network and monitor activities, e.g. at your device's WAN interface. 24.1 Internal Log 24.1.1 System Messages In the Monitoring->Internal Log->System Messages menu, a list of all internally stored system messages is displayed.
Page 446 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Remote IP Displays the IP address of the remote IPSec Peers. Remote Networks Displays the currently negotiated subnets of the remote termin- Security Algorithm Displays the encryption algorithm of the IPSec tunnel.
Page 447: Ipsec Statistics
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description IPSec (Phase-2) SAs Shows the parameters of the IPSec (Phase 2) SAs. Role / Algorithm / Life- time remaining / Status Messages The system messages for this IPSec tunnel are displayed here.
Page 448: Isdn/Modem
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Total Shows the number of all processed incoming (In) or outgoing (Out) packets. Passed Shows the number of incoming (In) or outgoing (Out) packets forwarded in plain text. Dropped Shows the number of all rejected incoming (In) or outgoing (Out) packets.
Page 449: Call History
24 Monitoring Funkwerk Enterprise Communications GmbH 24.3.2 Call History In the Monitoring->ISDN/Modem->Call History menu, a list of the last 20 ISDN calls (incoming and outgoing) completed since the last system start is displayed. Values in the Call History list Field...
Page 450: Wlan
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Tx Errors Shows the total number of errors sent. Rx Packets Shows the total number of packets received. Rx Bytes Displays the total number of bytes received. Rx Errors Shows the total number of errors received.
Page 451: Vss
24 Monitoring Funkwerk Enterprise Communications GmbH Description Meaning Multicast MSDUs Displays the number of MSDUs successfully sent to multicast transmitted success- addresses (including the broadcast MAC address). fully Transmitted MPDUs Displays the number of MPDUs received successfully. Multicast MSDUs re-...
Page 452 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Signal dBm (RSSI1, Shows the received signal strength in dBm. RSSI2, RSSI3) Noise dBm Shows the received noise strength in dBm. Data Rate mbps Shows the current transmission rate of data received by this cli- ent in mbps.
Page 453: Wds
If required, the Test link can be used to launch a link test. The test is only available for funkwerk devices and only if the WDS link is active. The link test provides all the data necessary for checking the quality of the WDS link. The link test also helps you to align the antennas.
Page 454: Client Links
24 Monitoring Funkwerk Enterprise Communications GmbH for wireless mode 802.11n are listed separately. Values in the WDS list Field Description WDS Description Shows the name of the WDS link. Remote MAC Shows the MAC address of the WDS link partner.
Page 455: Bridges
24 Monitoring Funkwerk Enterprise Communications GmbH You can use the icon to open an overview of further details of the client links. Values in the Client Links list Field Description AP MAC Address Shows the MAC address of the client link partner.
Page 456: Qos
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description User Name Displays the user's name. IP Address Shows the IP address of the user. Physical Address Shows the physical address of the user. Logon Shows the login time. Interface Shows the interface used.
Page 457: Status
24 Monitoring Funkwerk Enterprise Communications GmbH 24.9.1 Status In the Monitoring->OSPF->Status menu, a list of all interfaces configured for OSPF is dis- played. Values in the Status list Field Description View Select the desired view from the dropdown menu. The following are available:...
Page 458 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description • : The gateway is the backup designated router within the BMA network. • : Another gateway is desig- nated router or backup designated router within the BMA net- work. The Neighbor section lists the neighbor gateways that have been identified via the HELLO protocol.
Page 459: Statistics
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description Type Indicates the LSA type. There are five LSA types: Router Link, Network Link, Summary Link, Summary ASBR, and AS Extern- Link State ID The Link State ID of the LSA. The meaning of the Link State ID depends on the type of advertisement.
Page 460: Pim
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description ceived. Routing table updates Displays the number of incremental routing table updates per- caused by External Ad- formed when new external Advertisements have been received. vertisements 24.10 PIM 24.10.1 Global Status The status of all configured PIM components is displayed in the Monitoring+PIM+Global Status menu.
Page 461: Not Interface-Specific Status
24 Monitoring Funkwerk Enterprise Communications GmbH Field Description bor. If the value is displayed, the PIM Neighbor always re- mains entered as neighbor. Values in the Multicast Group / RP Mappings list Field Description Multicast Group Ad- Displays the multicast group address.
Page 462 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description sages, and to correct Prune(*,*,RP) messages from peers on an Upstream LAN interface. Values in the (*,G) States list Field Description Multicast Group Ad- Displays the multicast group address. dress Upstream Neighbor IP...
Page 463 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description State Machine in the PIM-SM specification. Uptime Indicates the timespan since the entry was generated by the local router. Upstream Join Timer Indicates the remaining time until the local router sends out the next periodic (S,G) Join message on pimSGRPFIfIndex.
Page 464 24 Monitoring Funkwerk Enterprise Communications GmbH Values in the (*,G,I) States list Field Description Multicast Group Ad- Displays the multicast group address. InetAddressType is dress defined in the pimStarGAddressType object. Interface Displays the name of the interface. Join/Prune State Indicates the status that results from the (*,G) Join/Prune mes- sages received on this interface.
Page 465 24 Monitoring Funkwerk Enterprise Communications GmbH Field Description timer is named (S,G) Prune-Pending Timer. If the timer is deac- tivated, it has the value . Expiry Timer Displays the remaining time until the (S,G) Join State becomes invalid for this interface. In the PIM-SM specification, this timer is named (S,G) Join Expiry Timer .
Page 466 Glossary Funkwerk Enterprise Communications GmbH Glossary Announcement If you want to call your employees or family members to a meeting or the dinner table, you could call each one of them individually or simply use the announcement function. With just one call, you reach all the announcement-enabled telephones without the subscribers having to pick up the receiver.
Page 467 Glossary Funkwerk Enterprise Communications GmbH Direct Call You are not at home. However, there is someone at home who needs to be able to reach you quickly and easily by telephone if ne- cessary (e.g. children or grandparents). As you can set up the Direct Call function for one or more telephones, the receiver of the tele- phone simply needs to be lifted.
Page 468 Glossary Funkwerk Enterprise Communications GmbH vice. Three-party confer- A three-way telephone call. Performance feature in T-Net, T-ISDN ence and your PBX. 10 Base 2 Thin Ethernet connection. Network connection for 10-mbps net- works with BNC connector. T-connectors are used for the connec- tion of equipment with BNC sockets.
Page 469 Glossary Funkwerk Enterprise Communications GmbH optionally also of wired parts. Several WLAN clients (terminals) can log in to an access point (AP) and communicate via the AP data. If the optional wired Ethernet is connected, the signals between the two physical media, the wireless interface and wired interface, are bridged (bridging).
Page 470 Glossary Funkwerk Enterprise Communications GmbH AOC-D Display during and at end of connection. AOC-D/E Advice of charge-during/end. AOC-E Display only at end of connection. Address Resolution Protocol Assignment An external call can be signalled to internal subscribers. The entries in the "Day" option and "Night" option can be different.
Page 471 Glossary Funkwerk Enterprise Communications GmbH Busy" is deleted after a period specified by the exchange (approx. 45 minutes). Manual deletion before this period has elapsed is also possible. Automatic callback You urgently need to contact a business partner or internal sub- on no reply (CCBS) scriber.
Page 472 Glossary Funkwerk Enterprise Communications GmbH nel) with 16 kbps. The two basic channels can be used independ- ently of each other for each service offered in the T-ISDN. You can therefore telephone and fax at the same time. T-Com offers the Ba- sic Rate Interface as a point-to-multipoint or point-to-point connec- tion.
Page 473 Glossary Funkwerk Enterprise Communications GmbH preted. Broadcast Broadcasts (data packages) are sent to all devices in a network in order to exchange information. Generally, there is a certain address (broadcast address) in the network that allows all devices to inter- pret a message as a broadcast.
Page 474 Glossary Funkwerk Enterprise Communications GmbH Call forwarding in The call forwarding (CF) performance feature of the PBX enables the PBX you to be reached even if you are not in the vicinity of your tele- phone. You achieve this by automatically forwarding your calls to the required internal or external telephone number.
Page 475 Glossary Funkwerk Enterprise Communications GmbH set up automatically. However, Callback must first be activated by the caller on his or her terminal. Callback on no reply You call a subscriber, who does not pick up. With "Callback on no reply", this is not a problem for you, because with this special fea- ture, you can set up the connection without having to redial.
Page 476 Glossary Funkwerk Enterprise Communications GmbH Client A client uses the services provided by a server. Clients are usually workstations. CLIP Abbreviation for Calling Line Identification Presentation. Telephone number display of calling party. CLIR Abbreviation for Calling Line Identification Restriction. Temporary suppression of the transmission of the calling party's telephone number.
Page 477 Glossary Funkwerk Enterprise Communications GmbH or flash key. Connection of ISDN The internal telephone number of the connection, and not the ex- terminals ternal number (multiple subscriber number) must be entered as the MSN in the ISDN terminal connected to the internal ISDN bus. See the user's guide for the ISDN terminals: Enter MSN.
Page 478 Glossary Funkwerk Enterprise Communications GmbH With call assignment Day/Night, therefore, you define which internal terminals are to ring in the event of an external call. Call assignment Day/Night is achieved using a table in which all the incoming calls are assigned to internal subscribers.
Page 479 Glossary Funkwerk Enterprise Communications GmbH coming external connections and all external calls you make are stored. Display of caller's A suitable telephone is a prerequisite for this feature. Transmission number of the telephone number must be permitted by the caller.
Page 480 Glossary Funkwerk Enterprise Communications GmbH DSL/xDSL Digital Subscriber Line DSS1 Digital Subscriber Signalling System DSSS Direct Sequence Spread Spectrum is a wireless technology that was originally developed for the military and offers a high level of protec- tion against faults because the wanted signal is spread over a wide area.
Page 481 Glossary Funkwerk Enterprise Communications GmbH Encryption Refers to the encryption of data, e.g. MPPE. Entry of external In the ex works setting, all external connections made and received connection data via your PBX are recorded and stored in the form of connection data records.
Page 482 Glossary Funkwerk Enterprise Communications GmbH Extension number An extension is an internal number for a terminal or subsystem. In point-to-point ISDN accesses, the extension is usually a number from the extension numbers range assigned by the telephone pro- vider. In point-to-multipoint connections, it can be the MSN or a part of the MSN.
Page 483 Glossary Funkwerk Enterprise Communications GmbH First-level domain Describes the last part of a name on the Internet. For www.t-com.de, the first-level domain is de and in this case stands for Germany. Flash key The flash key on a telephone is the R button. R stands for Rückfrage (inquiry).
Page 484 Glossary Funkwerk Enterprise Communications GmbH Gateway Entrance and exit, transition point Half duplex Bidirectional communication method in which it is only possible to either send or receive at a particular point in time. Also known as Simplex. Handheld unit Mobile component of wireless telephone units. In the event of digital transmission, it is also possible to make telephone calls between the handheld units (DECT).
Page 485 Glossary Funkwerk Enterprise Communications GmbH B channel. With this setting, an external caller put on hold hears the PBX's on-hold music. Hook flash The use of the inquiry, brokerage and three-party conference spe- cial features in T-Net and certain performance features of some PBXs is only possible with the hook flash function (long flash) of the signal key on the telephone.
Page 486 Glossary Funkwerk Enterprise Communications GmbH each other via access points only. There is no direct communication between the individual clients. A network of this kind is also known as a BSS (basic service set), and a network that consists of several BSS is known as an ESS (extended service set).
Page 487 Glossary Funkwerk Enterprise Communications GmbH ISDN Basic Rate In- ISDN subscriber connection. The Basic Rate Interface consists of terface two B channels and one D channel. In addition to the Basic Rate In- terface, there is the Primary Rate Interface. The interface to the sub- scriber is provided by an So bus.
Page 488 Glossary Funkwerk Enterprise Communications GmbH LAPB Link Access Procedure Balanced Last access The last access by T-Service is stored and displayed in the configur- ation. Layer 1 Layer 1 of the ISO OSI Model, the bit transfer layer. Liquid Crystal Display, a screen in which special liquid crystal is used to display information.
Page 489 Glossary Funkwerk Enterprise Communications GmbH Mixed mode The access point accepts WPA and WPA2. MLPPP Multilink PPP Modem Modulator/Demodulator MPDU MAC Protocol Data Unit - every information packet exchanged on the wireless medium includes management frames and fragmented MSDUs. MPPC...
Page 490 Glossary Funkwerk Enterprise Communications GmbH mits the use of the ISDN controller as a WAN card. The NDIS WAN driver enables the use of a DCN network on Windows. NDIS is the abbreviation for Network Device Interface Specification and is a standard for the connection of network cards (hardware) to network protocols (software).
Page 491 Glossary Funkwerk Enterprise Communications GmbH Online Pass Part of the T-Com certification services for the Internet. Digital pass for the Internet. With the Online Pass, an Internet user can be au- thenticated as a customer in a company. Online services Services available around the clock via communication services such as T-Online and the Internet.
Page 492 The PBX has an internal phone book. You can store up to 300 tele- phone numbers and the associated names. You can access the PBX's phone book with the funkwerk devices (for example CS 410). You add entries to the phone book using the configuration interface.
Page 493 Glossary Funkwerk Enterprise Communications GmbH Point-to-point ISDN Point-to-point access Polling Fax machine function that "fetches" documents provided by other fax machines or fax databases. Port Input/output POTS Plain Old Telephone System Point-to-Point Protocol PPP authentication Security mechanism. A method of authentication using passwords in PPP.
Page 494 Glossary Funkwerk Enterprise Communications GmbH Real Time Clock Hardware clock with buffer battery (RTC) Receiver volume Function for controlling the volume in the telephone receiver. Reconnection on the For a point-to-multipoint connection, enables the terminal connec- bus (parking) tion to be reconnected to another ISDN socket during the telephone call.
Page 495 Glossary Funkwerk Enterprise Communications GmbH RJ45 Plug or socket for maximum eight wires. Connection for digital ter- minals. Roaming In a multicell WLAN, clients can move freely and log off from one ac- cess point and log on to another when moving through cells, without the user noticing this.
Page 496 Glossary Funkwerk Enterprise Communications GmbH ServerPass Part of the T-Com certification services for the Internet. Digital pass for a company. With the ServerPass, T-Com confirms that a server on the Internet belongs to a particular company and that this was verified through the presentation of an excerpt from the business re- gister.
Page 497 Glossary Funkwerk Enterprise Communications GmbH Session Initiation Protocol Short Message Service SMS receipt If you have connected an SMS-enabled terminal, you can decide whether SMS receipt is to be permitted for the connection. The ex works setting is no SMS receipt. To receive an SMS with your SMS- enabled terminal, you must register once with the T-Com SMS Ser- vice.
Page 498 Glossary Funkwerk Enterprise Communications GmbH side, the interface is intended for connecting a PBX (point-to-point connection) and for connecting up to eight ISDN terminals (point-to-multipoint connection). SOHO Small Offices and Home Offices The SPD (=Security Policy Database) defines the security services available for IP traffic.
Page 499 Glossary Funkwerk Enterprise Communications GmbH SSID The Service Set Identifier (SSID) or Network Name refers to the wireless network code based on IEEE 802.11. Secure Sockets Layer A technology, now standard, developed by Netscape, which is generally used to secure HTTP traffic between a web browser and a web server.
Page 500 Glossary Funkwerk Enterprise Communications GmbH suppresses the display of the called subscriber's telephone number. If display of the B telephone number is suppressed, your telephone number is not transmitted to the caller when you take a call. Suppress own tele-...
Page 501 Glossary Funkwerk Enterprise Communications GmbH phone call, receive a fax, or surf the Internet when another family member is making a long call on the other line. Three or more tele- phone numbers, which you can assign individually to your devices and distribute differently if needed through simple programming steps.
Page 502 Glossary Funkwerk Enterprise Communications GmbH TAPI configuration You can use the TAPI configuration to modify the TAPI driver in line with the program that uses this driver. You can check which MSN is to be assigned to a terminal, define a line name, and configure the dialling parameters.
Page 503 Glossary Funkwerk Enterprise Communications GmbH 22. If "Transfer Internal Code" is active, ** is placed before the 22 and the callback can be made directly from the caller list. Transmission speed The number of bits per second transmitted in T-Net or T-ISDN from the PC or fax machine.
Page 504 Glossary Funkwerk Enterprise Communications GmbH V.24 CCITT and ITU-T recommendation that defines the interface between a PC or terminal as Data Terminal Equipment (DTE) and a modem as Data Circuit-terminating Equipment (DCE). V.28 ITU-T recommendation for unbalanced dual-current interface line.
Page 505 Glossary Funkwerk Enterprise Communications GmbH wide on the Internet by means of a browser. Wired Equivalent Privacy Western plug (also known as RJ-45 plug) Plug used for ISDN terminals with eight contacts. Developed by the US telephone company Western Bell.
Page 506 Glossary Funkwerk Enterprise Communications GmbH the basis of their name (agreement with the telephone directory). The Internet supports several databases with information on users, such as e-mail addresses, telephone numbers and postal ad- dresses. You can search these databases to obtain information about individuals.
Page 507 Index Funkwerk Enterprise Communications GmbH Index , 309 , 314 Answer to client request Antenna Diversity AP MAC Address 179 , 428 , 429 ISDN Timeserver APN (Access Point Name) Modem Init Sequence APN (Access Point Name) System Admin Password...
Page 508 Index Funkwerk Enterprise Communications GmbH Confirm Admin Password Congestion Avoidance (RED) Connected CA Certificate Connection State 195 , 207 CA Certificates Connection Type 252 , 309 CA Name Connection Idle Timeout 240 , 244 , Cache Hitrate (%) 249 , 252 , 259 , 309 , 314...
Page 509 Index Funkwerk Enterprise Communications GmbH 260 , 277 , 283 , 310 , 315 , 322 258 , 261 , 312 , 318 Default Ethernet for PPPoE Interfaces DNS Server DNS Requests Default Route Distribution DNS Server Default User Password...
Page 510 Index Funkwerk Enterprise Communications GmbH End-to-End Pending Requests Generate default route for the AS End-to-End Send Interval Generation ID Entries 257 , 264 GRE Window Adaption Entry active 106 , 110 GRE Window Size Errors 420 , 421 Group Description...
Page 511 Index Funkwerk Enterprise Communications GmbH 368 , 380 , 384 , 387 , 390 , 422 , ISDN Configuration Type 423 , 429 , 430 , 431 , 432 , 434 , ISDN Line Framing 434 , 438 , 438 , 439...
Page 512 Index Funkwerk Enterprise Communications GmbH Local Certificate Description 120 , Maximum Groups 121 , 368 Maximum Message Level of Syslog Local File Name Entries Local GRE IP Address Maximum Messages per Minute Local ID Maximum Number of Accounting Log Local ID Type...
Page 513 Index Funkwerk Enterprise Communications GmbH Modem Status New Source Port Modem Escape Character New Source IP Address/Netmask Modem Init Sequence , 191 Monitored Certificate Nitro Mode Monitored Interface 363 , 380 Nitro XM Monitored Variable 185 , 419 , 423...
Page 514 Index Funkwerk Enterprise Communications GmbH Password for protected Certificate Propagate PMTU Propagate routes bound on discard/re- Peak Cell Rate (PCR) fuse interface Peer Address Propagation Delay Peer ID Proposals 290 , 297 Phase-1 Profile Protocol 189 , 195 , 207 , 333 , 336 ,...
Page 515 Index Funkwerk Enterprise Communications GmbH Route Timeout Received MPDUs that couldn't be de- Route Type crypted Router ID 432 , 432 Recipient Routing table updates caused by Ex- Region ternal Advertisements Register Suppression Timer Routing table updates caused by Sum-...
Page 516 Index Funkwerk Enterprise Communications GmbH Send CRLs SNMP Send information to SNMP Version Send Initial Contact Message SNMP Listen UDP Port Send Key Hash Payloads SNMP Read Community Sender E-Mail Address SNMP Trap Broadcasting Sent Database Description Packets SNMP Trap Community...
Page 517 Index Funkwerk Enterprise Communications GmbH System Name 427 , 428 , 428 System Date Type 195 , 207 , 267 , 333 , 423 , 432 Type of Endpoint Type of Messages Type of traffic TACACS+ Secret TCP Inactivity TCP Keepalives...
Page 518 Index Funkwerk Enterprise Communications GmbH Use Zero Cookies Wildcard User Name 240 , 244 , 249 , 252 , WINS Server 259 , 309 , 314 , 350 , 362 , 412 , Wire Mode Wireless Mode Users WLC SSID...

This manual is also suitable for:

Bintec r3400 Bintec r3800 Bintec r43000 Bintec r1200wu Bintec r1200w Bintec r3000w