Manual Teldat GmbH Manual bintec Rxxx2/RTxxx2 Reference Copyright© Version 7.
Manual Teldat GmbH Legal Notice Aim and purpose This document is part of the user manual for the installation and configuration of Teldat devices. For the latest information and notes on the current software release, please also read our release notes, particularly if you are updating your software to a higher release version. You will find the latest release notes under www.teldat.de . Liability This manual has been put together with the greatest possible care.
Table of Contents Teldat GmbH Table of Contents bintec Rxxx2/RTxxx2 Chapter 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Chapter 2 About this guide. . . . . . . . . . . . . . . . . . . . . . . . . 3 Chapter 3 Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 3.1 Setting up and connecting . . . . . . . . . . . . . . . . . . . . . . 6 3.2 Cleaning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.3 Support information . . . . . . . .
Table of Contents ii Teldat GmbH Chapter 6 Variable switching of S0 interfaces . . . . . . . . . . . . . 37 6.1 Switching the S0 interfaces from external to internal Chapter 7 Basic configuration . . . . . . . . . . . . . . . . . . . . . . 41 7.1 Presettings . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 7.1.1 Preconfigured data . . . . . . . . . . . . . . . . . . . . . . . . 41 7.1.2 Software update . . . . . . . . . . . . . . . . . . . . . . . . . 41 7.2 System requirements .
Table of Contents Teldat GmbH bintec Rxxx2/RTxxx2 8.3.1 GUI (Graphical User Interface) . . . . . . . . . . . . . . . . . . . 57 8.3.2 SNMP shell . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 8.4 BOOTmonitor . . . . . . . . . . . . . . . . . . . . . . . . . . 66 Chapter 9 Assistants . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Chapter 10 System Management . . . . . . . . . . . . . . . . . . . . . 70 10.1 Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents iv Teldat GmbH 11.1 AUX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 11.1.1 AUX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 11.2 Ethernet Ports . . . . . . . . . . . . . . . . . . . . . . . . . . 122 11.2.1 Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . 123 11.3 ISDN Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 11.3.1 ISDN Configuration . . . . . . . . . . . . . . . . . . . . . . . . 125 11.3.
Table of Contents Teldat GmbH bintec Rxxx2/RTxxx2 13.3.1 Slave Access Points . . . . . . . . . . . . . . . . . . . . . . . 163 13.3.2 Radio Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . 167 13.3.3 Wireless Networks (VSS) . . . . . . . . . . . . . . . . . . . . . 174 13.4 Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 13.4.1 Active Clients . . . . . . . . . . . . . . . . . . . . . . . . . . 181 13.4.2 Wireless Networks (VSS) . . . . . . . . . . . . . . . .
Table of Contents vi Teldat GmbH 14.5.2 Rule Chains . . . . . . . . . . . . . . . . . . . . . . . . . . . 232 14.5.3 Interface Assignment . . . . . . . . . . . . . . . . . . . . . . . 233 14.6 Drop In . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235 14.6.1 Drop In Groups . . . . . . . . . . . . . . . . . . . . . . . . . . 235 Chapter 15 Routing Protocols . . . . . . . . . . . . . . . . . . . . . . 15.1 RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 15.1.
Table of Contents Teldat GmbH bintec Rxxx2/RTxxx2 17.1 Internet + Dialup . . . . . . . . . . . . . . . . . . . . . . . . . 269 17.1.1 PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271 17.1.2 PPTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 17.1.3 PPPoA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282 17.1.4 ISDN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 17.1.5 AUX . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents viii Teldat GmbH 18.3.2 Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 18.3.3 IP Pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 18.4 GRE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380 18.4.1 GRE Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . 381 Chapter 19 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . 19.1 Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384 19.1.
Table of Contents Teldat GmbH bintec Rxxx2/RTxxx2 20.2.7 Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424 20.3 RTSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427 20.3.1 RTSP Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . 428 Chapter 21 Local Services . . . . . . . . . . . . . . . . . . . . . . . 21.1 DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429 21.1.1 Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents x Teldat GmbH 21.7 Scheduling. . . . . . . . . . . . . . . . . . . . . . . . . . . . 460 21.7.1 Trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 21.7.2 Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 21.7.3 Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477 21.8 Surveillance . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 21.8.1 Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 21.8.
Table of Contents Teldat GmbH bintec Rxxx2/RTxxx2 22.3 Reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514 22.3.1 System Reboot . . . . . . . . . . . . . . . . . . . . . . . . . . 514 Chapter 23 External Reporting . . . . . . . . . . . . . . . . . . . . . 23.1 Syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515 23.1.1 Syslog Servers . . . . . . . . . . . . . . . . . . . . . . . . . . 515 23.2 IP Accounting . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents xii Teldat GmbH 24.5 Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539 24.5.1 br . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539 24.6 HotSpot Gateway . . . . . . . . . . . . . . . . . . . . . . . . 539 24.6.1 HotSpot Gateway . . . . . . . . . . . . . . . . . . . . . . . . 539 24.7 QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540 24.7.1 QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540 24.8 OSPF .
1 Introduction Teldat GmbH Chapter 1 Introduction The powerful gateways R1202 / R3002 / R3502 / R3802 / R4402 / RT1202 / RT3002 / RT3502 / RT4202 have been specially developed for high-speed Internet access and for VPN connections in SMEs and branch offices. Safety notices The safety precautions brochure, which is supplied with your device, tells you what you need to take into consideration when using your Teldat gateway.
1 Introduction Teldat GmbH Workshops Step-by-step instructions for the most important configuration tasks can be found in the separate Application Workshop guide for each application, which can be downloaded from the www.teldat.de website under Solutions. Dime Manager The devices are also designed for use with Dime Manager. The Dime Manager management tool can locate your Teldat devices within the network quickly and easily. The .
2 About this guide Teldat GmbH Chapter 2 About this guide This document is valid for Teldat devices with system software as of software version 9.1.2. The Reference, which you have in front of you, contains the following chapters: User's Guide - Reference Chapter Description Introduction You see an overview of the device: About this guide We explain the various components of this manual and how to use it. Installation This contains instructions for how to set up and connect your device.
2 About this guide Teldat GmbH Chapter Description WAN VPN Firewall VoIP Local Services Maintenance External Reporting Monitoring Glossary Index The glossary contains a reference to the most important technical terms used in network technology. The index lists all the key terms for operating the device and all the configuration options and gives page numbers so they can be found easily.
2 About this guide Teldat GmbH Symbol Use Indicates a warning of risk level Warning (points out possible dangers that may cause physical injury or even death if not observed). The following typographical elements are used to help you find and interpret the information in this user's guide: Typographical elements Typographical element Use • Indicates lists. Menu->Submenu Indicates menus and submenus in the GUI and in the Windows interface.
3 Installation Teldat GmbH Chapter 3 Installation Caution Please read the safety notices carefully before installing and starting up your device. These are supplied with the device. 3.1 Setting up and connecting Note All you need for this is the cable supplied with the equipment. Caution Incorrect cabling of the ISDN and ETH interfaces may also damage your device.
3 Installation Teldat GmbH Fig. 2: Connection options using the example of bintec RT4202 When setting up and connecting, carry out the steps in the following sequence (refer to the connection diagrams for the individual devices in chapter Technical data on page 11): (1) Affix the rubber feet supplied to the marked areas on the underside of the device. (2) Place your device on a fixed, even surface or install your device in a 19 inch cabinet using the supplied bracket.
3 Installation Teldat GmbH • ISDN-BRI (see Variable switching of S0 interfaces on page 37) Connect the ISDN BRI interface (BRI1, BRI2 or BRI3, BRI4) of the device to your ISDN socket using the ISDN BRI cable provided. • ISDN-PRI (only bintec R4402) Connect the ISDN PRI interface (PRI-1 or PRI-2) of the device to your PRI connection using the ISDN PRI cable provided.
3 Installation Teldat GmbH 3.3 Support information If you have any questions about your new product or are looking for additional information, the Teldat GmbH Support Centre can be reached Monday to Friday between the hours of 8 am and 5 pm. They can be contacted as follows: Email hotline@teldat.de International Support Coordination Telephone: +49 911 9673 1550 End-customer Hotline 0900 1 38 65 93 (€1.
4 Reset Teldat GmbH Chapter 4 Reset Resetting the device enables you to return your device to a predefined initial state. This may be necessary if you have made incorrect configuration settings or the device is to be reprogrammed. Manually resetting the device You can reset the device to the ex works state with the RESET button. Depending on how long it is pressed for, the RESET button performs two different functions: • After pressing briefly once, the device reboots.
5 Technical data Teldat GmbH Chapter 5 Technical data This chapter summarises all the hardware properties of the R1202, R3002, R3502, R3802, R4402, RT1202, RT3002, RT3502 and RT4202 devices. 5.
5 Technical data Teldat GmbH Product name Cable sets/other Software Documentation VDSK cable Release Notes, if required 19-inch installation kit Installation poster (printed) 4x rubber feet - selfadhesive R3802 Ethernet cable Companion DVD ISDN BRI cable Quick Install Guide and safety notices (printed) User's Guide (on DVD) Serial cable Network cable bintec Dime Manager User's Guide (on DVD) SHDSL cable Release Notes, if required 19-inch installation kit Installation poster (printed) 4
5 Technical data Teldat GmbH Product name Cable sets/other Software Documentation ISDN BRI cable User's Guide (on DVD) Serial cable bintec Dime Manager User's Guide (on DVD) Network cable Release Notes, if required 2 ADSL cables (for Annex A and for Annex B) Installation poster (printed) 19-inch installation kit 4x rubber feet - selfadhesive RT3502 Ethernet cable Companion DVD ISDN BRI cable Quick Install Guide and safety notices (printed) User's Guide (on DVD) Serial cable Network cable
5 Technical data Teldat GmbH Property bintec R1202 bintec RT1202 Equipment dimensions without cable (B x H x D): 19" housing (482.6 mm x 220 mm x 45 mm) 19" housing (482.6 mm x 220 mm x 45 mm) Weight approx. 2.0 kg approx. 2.0 kg Transport weight (incl. documentation, cables, packaging) approx. 2.6 kg approx. 2.
5 Technical data Teldat GmbH Property bintec R1202 bintec RT1202 ETH5 Permanently installed (twisted pair only), 10/100/1000 mbps, autosensing, MDIX Permanently installed (twisted pair only), 10/100/1000 mbps, autosensing, MDIX ISDN-BRI (S0) Euro-ISDN (point-to-multipoint/point-to-point connection) Euro-ISDN (point-to-multipoint/point-to-point connection) Only TE mode TE or NT mode Baudrates: 1200 - 115200 Baud Baudrates: 1200 - 115200 Baud Serial interface V.
5 Technical data Teldat GmbH Property bintec R3002 bintec R3502 bintec R3802 Equipment dimensions without cable (B x H x D): 19" housing (482.6 mm x 220 mm x 45 mm) 19" housing (482.6 mm x 220 mm x 45 mm) 19" housing (482.6 mm x 220 mm x 45 mm) Weight approx. 2.0 kg approx. 2.0 kg approx. 2.0 kg Transport weight (incl. docu- approx. 2.6 kg mentation, cables, packaging) approx. 2.6 kg approx. 2.
5 Technical data Teldat GmbH Property bintec R3002 ADSL2+ interface Internal ADSL2+ modem for Annex A and Annex B VDSL2 interface - bintec R3502 bintec R3802 - - In accordance with ITU G.993.2; supports Baud plan ISDN 998. - Autodetection of VDSL profile. SHDSL interface - Supports SHDSL.bis. Internal SHDSL 8 wire modem. Bonding technology with 2-wire/4-wire/6-wire/8wire as an inverse multiplexer - performed over IMA in accordance with the ATM forum. Ethernet IEEE 802.
5 Technical data Teldat GmbH Property bintec R3002 bintec R3502 bintec R3802 Ethernet interfaces RJ45 socket RJ45 socket RJ45 socket ISDN BRI interface RJ45 socket RJ45 socket RJ45 socket - RJ45 socket ADSL interface VDSL2 interface RJ45 socket - - - R&TTE Directive 1999/5/EC R&TTE Directive 1999/5/EC R&TTE Directive 1999/5/EC CE symbol for all EU states CE symbol for all EU states CE symbol for all EU states SAFERNET TM Security Technology Community passwords, PAP, CHAP, MS-CHAP,
5 Technical data Teldat GmbH Property bintec RT3002 bintec RT3502 Equipment dimensions without cable (B x H x D): 19" housing (482.6 mm x 220 mm x 45 mm) 19" housing (482.6 mm x 220 mm x 45 mm) Weight approx. 2.0 kg approx. 2.0 kg Transport weight (incl. documentation, cables, packaging) approx. 2.6 kg approx. 2.
5 Technical data Teldat GmbH Property bintec RT3002 bintec RT3502 supports Baud plan ISDN 998. Autodetection of VDSL profile. Ethernet IEEE 802.
5 Technical data Teldat GmbH Property bintec RT3002 bintec RT3502 bintec Dime Manager User's Guide bintec Dime Manager User's Guide on DVD on DVD Online documentation Installation poster Installation poster User's Guide User's Guide Workshops Workshops Release Notes, if required Release Notes, if required General product features bintec R4402, bintec RT4202 Property bintec R4402 bintec RT4202 Equipment dimensions without cable (B x H x D): 19" housing (482.
5 Technical data Teldat GmbH Property bintec R4402 bintec RT4202 Relative atmospheric humidity 10 % to 90 % non-condensing in operation, 10 % to 90 % non-condensing in operation, 5 % to 95 % non-condensing when 5 % to 95 % non-condensing when stored stored Room classification Only use in dry rooms. Only use in dry rooms. Ethernet IEEE 802.
5 Technical data Teldat GmbH Property bintec R4402 bintec RT4202 SAFERNET TM Security Technology Community passwords, PAP, CHAP, MS-CHAP, MS-CHAP v.2, PPTP, PPPoE, PPPoA, Callback, Access Control Lists, CLID, NAT, SIF, MPPE Encryption, PPTP Encryption, VPN with PPTP or IPSec Community passwords, PAP, CHAP, MS-CHAP, MS-CHAP v.
5 Technical data Teldat GmbH LED Colour Status Information router. STATUS green flashing The device is being initialised. In operation mode, the LEDs display the following status information for your device: LED status display LED Colour Status Information POWER green on The power supply is connected. off No power supply. green on After switching on: The device has started. During operation: An error has occurred. green flashing The device is active.
5 Technical data Teldat GmbH 5.4 Connectors The network connection and the on/off switch are located on the back of the device. Fig. 4: Mains connection All other connections are located on the front of the device. bintec R1202 has a 4-port Ethernet switch, a serial interface, an ETH5 interface and an ISDN BRI interface. The connections are arranged as follows: Fig.
5 Technical data Teldat GmbH Fig. 6: Front of bintec RT1202 Front of bintec RT1202 1 CONSOLE Serial interface 2 POWER / STATUS LED display for power and status 3 RESET Reset button 4 ETH5 Ethernet interface 5 ETH1 - ETH4 10/100/1000 Base-T Ethernet interface 6 BRI1 - BRI2 ISDN BRI interface 9 LED LED display bintec R3002, bintec R3502 and bintec 3802 have a 4-port Ethernet switch, a serial interface, an ETH5 interface and an ISDN BRI interface as well as a DSL interface.
5 Technical data Teldat GmbH 5 ETH1 - ETH4 10/100/1000 Base-T Ethernet interface 6 BRI1 ISDN BRI interface 8 DSL DSL interface (ADSL2+ interface for bintec R3002, VDSL2 interface for bintec R3502, SHDSL interface for bintec R3802) 9 LED LED display bintec RT3002 and bintec RT3502 have a 4-port Ethernet switch, a serial interface, an ETH5 interface, four ISDN BRI interfaces as well as a DSL interface. The connections are arranged as follows: Fig.
5 Technical data Teldat GmbH Fig. 9: Front of bintec R4402 Front of bintec R4402 1 CONSOLE Serial interface 2 POWER / STATUS LED display for power and status 3 RESET Reset button 4 ETH5 Ethernet interface 5 ETH1 - ETH4 10/100/1000 Base-T Ethernet interface 6 BRI1 - BRI2 ISDN BRI interface 7 PRI1 - PRI2 ISDN-PRI interface 9 LED LED display bintec RT4202 has a 4-port Ethernet switch, a serial interface, an ETH5 interface, four ISDN BRI interfaces and four FXS interfaces.
5 Technical data Teldat GmbH 5 ETH1 - ETH4 10/100/1000 Base-T Ethernet interface 6 BRI1 - BRI4 ISDN BRI interface 9 LED LED display 10 FXS1 - FXS4 FXS interfaces 5.5 Pin Assignments 5.5.1 Serial interface Your device has a serial interface for connection to a console. This supports Baud rates from 1200 to 115200 Bps. The interface is designed as a 5-pole mini USB socket. Fig.
5 Technical data Teldat GmbH Fig. 12: Ethernet-10/100/1000 Base-T interface (RJ45 connector) The pin assignment for the Ethernet 10/100/1000 Base-T interface (RJ45 connector) is as follows: RJ45 socket for Ethernet connection Pin Position 1 Pair 0 + 2 Pair 0 - 3 Pair 1 + 4 Pair 2 + 5 Pair 2 - 6 Pair 1 - 7 Pair 3 + 8 Pair 3 - The Ethernet 10/100/1000 BASE-T interface does not have an Auto-MDI-X function. 5.5.
5 Technical data Teldat GmbH RJ45 socket for ADSL connection bintec R3002 and RT3002 Pin Position 1 Not used 2 Not used 3 Not used 4 Line 1a 5 Line 1b 6 Not used 7 Not used 8 Not used 5.5.4 SHDSL interface The SHDSL interface on bintec R3802 is connected via an RJ45 connector. The cable supplied connects the RJ45 connector needed for the device to an RJ45 connector needed for the SHDSL connection. The following pins are used for the SHDSL connection: Fig.
5 Technical data Teldat GmbH Pin Position 8 Line b2 5.5.5 VDSL2 interface The VDSL2 interface on bintec R3502 and RT3502 is connected via an RJ45 plug. The following pins are used for the VDSL connection: Fig.
5 Technical data Teldat GmbH Fig. 16: ISDN PRI interface (RJ45 socket) The pin assignment for the ISDN PRI interface (RJ45 socket) is as follows: RJ45 socket for ISDN PRI connection Pin Position 1 T+ 2 T- 3 Not used 4 R+ 5 R- 6 Not used 7 Not used 8 Not used Note for NTs in Germany Note In Germany, "Transmit" (NT-->TE) is often designated "S2Mab" (a and b) on the plug and "Receive" (TE-->NT) "S2Man" (a and b). 5.5.
5 Technical data Teldat GmbH Fig.
5 Technical data Teldat GmbH Fig.
5 Technical data Teldat GmbH 5.
6 Variable switching of S0 interfaces Teldat GmbH Chapter 6 Variable switching of S0 interfaces 6.1 Switching the S0 interfaces from external to internal The devices bintec R4402, bintec RT1202, bintec RT3002, bintec RT3502 and bintec RT4202 have two or four BRI connections. All BRI connections can be operated as internal or as external S0 connections. The external S0 connections are used for connection to the network operator's ISDN network.
6 Variable switching of S0 interfaces Teldat GmbH To carry out the switch proceed as follows: Unscrew the two screws on the back of the device and slide the cover upwards. The link plugs for the BRI-1 and BRI-2 interfaces can be found on all devices on the main PCB behind the terminal block.
6 Variable switching of S0 interfaces Teldat GmbH You can also switch the interfaces BRI-3 and BRI-4. The link plugs are on the side of the ISDN-L module. Insert the link plugs for interfaces BRI-3 and BRI-4 as shown in the following figure: * "on" is only permitted, if J3M BRI-3 is set to internal mode and J4M BRI-4 is set to external mode.
6 Variable switching of S0 interfaces 40 Teldat GmbH Use Interface Link plug area Position Position Internal/external switching BRI-4 J3M Internal external Power supply for internal connection BRI-3 J2P Off On Power supply for internal connection BRI-4 J3P Off On 100 Ohm terminator BRI-3 J2T Off On 100 Ohm terminator BRI-4 J3T Off On Connection of BRI-3 and BRI-4 - J2-3 Off On bintec Rxxx2/RTxxx2
7 Basic configuration Teldat GmbH Chapter 7 Basic configuration You configure your device using the GUI (Graphical User Interface). The way to obtain the basic configuration is explained below step-by-step. Detailed knowledge of networks is not necessary. A detailed online help system gives you extra support. The Companion DVD also supplied includes all the tools that you need for the configuration and management of your device. 7.1 Presettings 7.1.
7 Basic configuration Teldat GmbH 7.2 System requirements Your Teldat gateway contains extensive features for encrypted data transfer and Internet access for both individual users and companies. For configuration of the device, your PC must meet the following system requirements: • Microsoft Windows operating system Windows 2000 or higher • Internet Explorer 6 or 7, Mozilla Firefox Version 1.
7 Basic configuration Teldat GmbH values later when needed. If you configure a new network, you can use the given example values for IP addresses and netmasks. In cases of doubt, ask your system administrator.
7 Basic configuration Teldat GmbH Access data Example value T-Online number (usually 12 digits) Joint user account Your values $ + Note To configure T-Online Internet access, enter the following succession of numbers without intervening spaces in the User Name field: User account (12 digits) + T-Online number (usually 12 digits) + co-user number (for the main user, always 0001).
7 Basic configuration Teldat GmbH If you cannot find the Internet Protocol (TCP/IP) entry, install the TCP/IP protocol as follows: (1) First click Properties, then Install in the status window of the LAN Connection. (2) Select the Protocol entry. (3) Click Add. (4) Select Internet Protocol (TCP/IP) and click on OK. (5) Follow the on-screen instructions and restart your PC when you have finished.
7 Basic configuration Teldat GmbH Proceed as follows: (a) Go to the System Management->Global Settings->Passwords menu. (b) Enter a new password for System Admin Password . (c) Enter the new password again under Confirm Admin Password . (d) Click OK. (e) Store the configuration using the Save configuration button above the menu navigation. Note the following rules on password use: • The password must not be easy to guess. Names, car registration numbers, dates of birth, etc.
7 Basic configuration Teldat GmbH 7.5.2 Other internet connections In addition to an ADSL connection over the internal ADSL2+ modem, you can connect your device over other connection types with the internet or over an external modem (e.g. a cable modem) or an external gateway. The corresponding wizard in GUI provides support for configurations of this type. You can find the Internet wizards and other wizards for easy configuration of various applications at the top of the menu tree under Assistants. 7.5.
7 Basic configuration Teldat GmbH The device will now connect to the Teldat GmbH download server and check whether an updated version of the system software is available. If so, your device will be updated automatically. When installation of the new software is complete, you will be invited to restart the device. Caution Once you have clicked on GO , the update cannot be cancelled/interrupted. If an error occurs during the update, do not re-start the device and contact support.
8 Access and configuration Teldat GmbH Chapter 8 Access and configuration This chapter describes all the access and configuration options. 8.1 Access Options The various access options are presented below. Select the procedure to suit your needs. There are various ways you can access your device to configure it: • Via your LAN • Via the serial interface • Via an ISDN connection 8.1.
8 Access and configuration Teldat GmbH 8.1.1.2 Telnet Apart from configuration using a web browser, with a Telnet connection you can also access the SNMP shell and use other configuration options. You do not need any additional software on your PC to set up a Telnet connection to your device: Telnet is available on all operating systems. Proceed as follows: Windows (1) Click Run… in the Windows Start menu. (2) Enter (3) Click OK. A window with the login prompt appears.
8 Access and configuration Teldat GmbH see Login on page 54). (2) Enter " for the input prompt. You are now in the Flash Management shell. (3) Call up a list of all the files saved on the device: ! . If you see a display like the one below, the keys needed are already there and you can connect to the device via SSH: & !' (' % ! & ! ) ! * ' + , ) - .$ / 0 0 1 1 2 2 . - 3! $ ) 4 5 1 1 0 2 2 !!' 3' ! 3 ! 36 ".
8 Access and configuration Teldat GmbH Proceed as follows to log in on your device via SSH: If you have made sure that all the keys needed are available on the device, you have to check whether an SSH client is installed on your PC. Most UNIX and Linux distributions install a SSH client by default. Additional software, e.g. PuTTY, usually has to be installed on a Windows PC. Proceed as follows to log in on your device via SSH: UNIX (1) Enter !!' !! ' # $ % in a terminal.
8 Access and configuration Teldat GmbH Proceed as follows to access your device via the serial interface: (1) In the Windows Start menu, click Programs -> Accessories -> Communication -> HyperTerminal -> Device on COM1 (or Device on COM2, if you use the COM2 port of your PC) to start HyperTerminal. (2) Press Return (at least once) after the HyperTerminal window opens. A window with the login prompt appears. You are now in the SNMP shell of your device.
8 Access and configuration Teldat GmbH 8.1.3 Access over ISDN All devices that have an ISDN interface can be accessed and configured from another device via an ISDN call. Access over ISDN with ISDN Login is especially recommended if your device is to be remotely configured or maintained. This is also possible even if your device is still in the ex works state. Access is then obtained with the aid of a device that is already configured or a PC with an ISDN card in the remote LAN.
8 Access and configuration Teldat GmbH 8.2.1 User names and passwords in ex works state In its ex works state, your device is provided with the following user names and passwords: User names and passwords in ex works state Login name Password Authorisations Read and change system variables, save configurations; use GUI. 4 ". $ Read and write system variables (except passwords) (changes are lost when you switch off your device). ".
8 Access and configuration Teldat GmbH Log in via the HTML surface as follows: (1) Enter your user name in the User field of the input window. (2) Enter your password in the Password field of the input window and confirm with Return or click the Login button. The status page of the GUI opens in the browser. SNMP shell Log into the SNMP shell as follows: (1) Enter your user name e.g. , and confirm with Return. (2) Enter your user password, e.g. , and confirm with Return.
8 Access and configuration Teldat GmbH The following chapters describe the configuration based on GUI. Note To change the device configuration, you must log in with the user name . If you do not know the password, you cannot make any configuration settings. This applies to all types of configuration. 8.3.1 GUI (Graphical User Interface) The GUI is a web-based graphic user surface that you can use from any PC with an upto-date Web browser via an HTTP or HTTPS connection.
8 Access and configuration Teldat GmbH Fig. 20: GUI Home page 8.3.1.1 Call up the GUI . (1) Check whether the device is connected and switched on and that all the necessary cables are correctly connected (see Setting up and connecting on page 6). (2) Check the settings of the PC from which you want to configure your device (see Configuring a PC on page 44). (3) Open a web browser. (4) Enter )455 (5) Enter in the User field and enter in the Password field and click LOGIN.
8 Access and configuration Teldat GmbH • The header • The navigation bar • The main configuration window Fig. 21: Areas of the GUI Header Fig. 22: GUI Header GUI Header Menu Position Language: In the dropdown menu, choose the language in which you want to display the GUI. Here you can choose the language in which you perform the configuration. German and English are available. View: Select the desired view from the dropdown menu. Standard and SNMP browsers can be selected.
8 Access and configuration Teldat GmbH Menu Position Logout: If you want to end the configuration, click this button to log out of your device. A window is opened offering you the following options: • Save configuration, save previous boot configuration, then exit. • Save configuration, then exit. • Exit without saving. Navigation bar Fig. 23: Save Configuration button Fig.
8 Access and configuration Teldat GmbH The Save configuration button is found in the navigation bar. If you save a current configuration, you can save this as the boot configuration or you can also archive the previous boot configuration as a backup. If you click the Save configuration button in the GUI, you will be asked "Do you really want to save the current configuration as a boot configuration?" You have the following two options: • * " ! 3 , i.e.
8 Access and configuration Teldat GmbH Button Position If you do not want to save a newly configured list entry, cancel this and any settings made by pressing Cancel. Confirms the settings of a new entry and the parameter changes in a list. Immediately starts the configured action. Calls the sub-menu to create a new entry. Inserts an entry in an internal list.
8 Access and configuration Teldat GmbH Symbol Position Indicates "Dormant" status for an interface or connection. Indicates "Up" status for an interface or connection. Indicates "Down" status for an interface or connection. Indicates "Blocked" status for an interface or connection. Indicates "Going up" status for an interface or connection. Indicates that data traffic is encrypted. Triggers a WLAN bandscan. Displays the next page in a list. Displays the previous page in a list.
8 Access and configuration Teldat GmbH Menu Position ing list entry directly in the list. Fig. 25: Configuration of the update interval Fig. 26: Filter list Structure of the GUI configuration menu The menus of the GUI contain the following basic structures: GUI menu structure Menu Position Basic configuration menu/list When you select a menu from the navigation bar, the menu of basic parameters is displayed first.
8 Access and configuration Teldat GmbH Menu Position Enter the data. Radio buttons e.g. Select the corresponding option. Checkboxes e.g. activation by selecting checkbox Selection of several possible options Dropdown menus e.g. Click the arrow to open the list. Select the required option using the mouse. Internal lists e.g. Click . A new list entry is created. Enter the correspond- ing data. If list input fields remain empty, these are not saved when you confirm with OK.
8 Access and configuration Teldat GmbH Symbol Meaning This symbol appears in messages referring you to settings that were made with the Setup Tool. This symbol appears in messages referring you to the fact that values were entered or selected incorrectly. Pay particular attention to the following message: "Warning: Changes not supported by the Setup Tool!" If you change them with the GUI, this can cause inconsistencies or malfunctions.
8 Access and configuration Teldat GmbH (2) Software Update via TFTP: The devices performs a software update via a TFTP server. (3) Software Update via XMODEM: The device performs a software update via a serial interface with XMODEM. (4) Delete configuration: The device is reset to the ex works state. All configuration files are deleted and the BOOTmonitor settings are set to the default values.
8 Access and configuration Teldat GmbH Note If you change the baudrate (the preset value is 9600 baud), make sure the terminal program used also uses this baudrate. If this is not the case, you will not be able to establish a serial connection to the device.
9 Assistants Teldat GmbH Chapter 9 Assistants The Assistants menu offers step-by-step instructions for the following basic configuration tasks: • First steps • Internet Access • VPN • SWYX (only with active optional DSP module) • VoIP PBX in LAN Choose the corresponding task from the navigation bar and follow the instructions and explanations on the separate pages of the Wizard.
10 System Management Teldat GmbH Chapter 10 System Management The System Management menu contains general system information and settings. You see a system status overview. Global system parameters such as the system name, date/time, passwords and licences are managed and the access and authentication methods are configured. 10.1 Status If you log into the GUI, your device's status page is displayed, which shows the most important system information.
10 System Management Teldat GmbH Fig. 28: System Management ->Status The menu System Management->Status consists of the following fields: Fields in the System Information menu. Field Value Uptime Displays the time past since the device was rebooted. System Date Displays the current system date and system time. Serial Number Displays the device serial number. BOSS Version Displays the currently loaded version of the system software.
10 System Management Teldat GmbH Field Value CPU Usage Displays the CPU usage as a percentage. Memory Usage Displays the usage of the working memory in MByte in relation to the available total working memory in MByte. The usage is also displayed in brackets as a percentage. Memory Card Shows the status of any optional external memory card that has been inserted, and the size of the memory in GBytes or MBytes.
10 System Management Teldat GmbH Field Value Interface specifics for LTE connection: • Current quality of the UMTS/LTE connection Fields in the WAN Interfaces menu. Field Value Description - Connection Information - Link All the WAN interfaces are listed here and their most important settings are shown. The system also displays whether the interface is active. 10.2 Global Settings The basic system parameters are managed in the Global Settings menu. 10.2.
10 System Management Teldat GmbH Field Value System Name Enter the system name of your device. This is also used as the PPP host name. A character string with a maximum of 255 characters is possible. The device type is entered as the default value. Location Enter the location of your device. Contact Enter the relevant contact person. Here you can enter the email address of the system administrator, for example. A character string with a maximum of 255 characters is possible.
10 System Management Teldat GmbH Field Value • 8 : Messages with emergency, alert, critical, error and warning priority are recorded. • ' " : Messages with emergency, alert, critical, error, warning and notice priority are recorded. • ! (default value): Messages with emergency, alert, critical, error, warning, notice and information priority are recorded. • . 3 : All messages are recorded.
10 System Management Teldat GmbH Fig. 30: System Management ->Global Settings ->Passwords Note All Teldat devices are delivered with the same username and password. As long as the password remains unchanged, they are not protected against unauthorised use.
10 System Management Teldat GmbH Field Value munity Fields in the Global Password Options menu Field Value Show passwords and keys in clear text Define whether the passwords are to be displayed in clear text (plain text). The function is enabled with * 1 The function is disabled by default. If you activate the function, all passwords and keys in all menus are displayed and can be edited in plain text. One exception is IPSec keys. They can only be entered in plain text.
10 System Management Teldat GmbH Fig. 31: System Management ->Global Settings ->Date and Time You have the following options for determining the system time (local time): ISDN/Manual The system time is updated via ISDN, i.e. the date and time are taken from the ISDN when the first outgoing call is made, or is set manually on the device. If the correct location of the device (country/city) is set for the Time Zone, switching from summer time to winter time (and back) is automatic.
10 System Management Teldat GmbH that the device uses the desired current time, you should configure one or more time servers. Switching from summer time to winter time (and back) must be carried out manually if the time is derived using this method by changing the value in the Time Zone field with an option UTC+ or UTC-. Note If a method for automatically deriving the time is defined on the device, the values obtained in this way automatically have higher priority.
10 System Management Teldat GmbH Fields in the Automatic Time Settings (Time Protocol) menu. Field Description ISDN Timeserver Only for devices with ISDN interface. Determine whether the system time is to be updated via ISDN. If a time server is configured, the time is only determined over ISDN until a successful update is received from this time server. Updating over ISDN is deactivated for the period in which the time is determined by means of a time server. The function is activated with , .
10 System Management Teldat GmbH Field Description • ' : This time server is not currently used for the time request. Third Timeserver Enter the third time server, by using either a domain name or an IP address. In addition, select the protocol for the time server request. Possible values: • *'( (default value): This server uses the simple network time protocol via UDP port 123. • ( * " 5 0. : This server uses the Time service with UDP port 37.
10 System Management Teldat GmbH Field Description Internal Time Server Select whether the internal timeserver is to be used. The function is activated by selecting , . Time requests from a client will be answered with the current system time. This is given as GMT, without offset. The function is disabled by default. Time requests from a client are not answered. 10.2.4 System Licences This chapter describes how to activate the functions of the software licences you have purchased.
10 System Management Teldat GmbH Licence Meaning OK Subsystem is activated. Not OK Subsystem is not activated. Not supported You have entered a licence for a subsystem your device does not support. In addition, above the list is shown the System Licence ID required for online licensing. Note To restore the standard licences for a device, click the Default Licences button (standard licences). 10.2.4.1 Edit or New Choose the icon to edit existing entries.
10 System Management Teldat GmbH Note If ' :> is displayed as the status: • Enter the licence data again. • Check your hardware serial number. If ' *3)) is displayed as the status, you have entered a license for a subsystem that your device does not support. This means you cannot use the functions of this licence. Deactivating a licence Proceed as follows to deactivate a licence: (1) Go to System Management->Global Settings->System Licences->New. (2) Press the (3) Confirm with OK.
10 System Management Teldat GmbH (a) WLAN (b) Number of the physical port (1 or 2) Example: 8/-' The name of the Ethernet port is made up of the following parts: (a) ETH (b) Number of the port Example: (? The name of the interface connected to an Ethernet port is made up of the following parts: (a) Abbreviation for interface type, whereby stands for internet.
10 System Management Teldat GmbH Example: # (first client link on the first wireless module) The name of the virtual interface connected to an Ethernet port is made up of the following parts: (a) Abbreviation for interface type (b) Number of the Ethernet port (c) Number of the interface connected to the Ethernet port (d) Number of the virtual interface Example: (first virtual interface based on the first interface on the first Ethernet port) 10.3.
10 System Management Teldat GmbH Field Description When selecting ' 1 = 3), a new bridge group is automatically created after you click the OK button. Configuration Interface Select the interface via which the configuration is to be carried out. Possible values: • * , " (default value): Ex works setting The right configuration interface must be selected from the other options. • : No interface is defined as configuration interface.
10 System Management Teldat GmbH Fig. 35: System Management ->Interface Mode / Bridge Groups ->Interfaces->Add You can realise bridging for devices behind access clients with the MAC Bridge function. In wildcard mode you cannot define how Unicast non-IP frames or non-ARP frames are processed. To use the MAC bridge function, you must carry out configuration steps in several menus. (1) Select GUI menu Wireless LAN->WLAN->Radio Settings and click the icon to modify an entry.
10 System Management Teldat GmbH Field Value on any of the Ethernet interfaces, is used as the wildcard MAC address. This wildcard MAC address can only be reset by rebooting the device or by selecting another wildcard mode. • , # : If you choose this setting, the internal WLAN MAC address is used to establish a connection to the access point.
10 System Management Teldat GmbH Fig. 36: System Management ->Administrative Access ->Access For an Ethernet interface you can select the access parameters ( , , **?, ?(( , ?( ( *, , *'% and for the ISDN interfaces *.' / . Only for hybird devices: You can also authorise your device for maintenance work from Teldat's Customer Service department.
10 System Management Teldat GmbH The System Management->Administrative Access->Access->Add menu consists of the following fields: Fields in the menu Access Field Description Interface Select the interface for which administrative access is to be configured. 10.4.2 SSH Your devices offers encrypted access to the shell. You can enable or disable this access in the System Management->Administrative Access->SSH Enabled menu (standard value). You can also access the options for configuring the SSH login.
10 System Management Teldat GmbH To be able to reach the shell of your device via an SSH client, make sure the settings for the SSH Daemon and SSH client are the same. Note If configuration of an SSH connection is not possible, restart the device to initialise the SSH Daemon correctly.
10 System Management Teldat GmbH Field Value By default $. *, =, 1! # and - * Hashing Algorithms are enabled. Select the algorithms that are to be available for message authentication of the SSH connection. Possible options: • %. • *?- • @ ) %. By default %. , *?- and @ ) %. are enabled. Fields in the menu Key Status Field Value RSA Key Status Shows the status of the RSA key.
10 System Management Teldat GmbH Field Value possible, for example because there is not enough space in the FlashROM. The menu Advanced Settings consists of the following fields: Fields in the menu Advanced Settings Field Login Grace Time Value Enter the time (in seconds) that is available for establishing the connection. If a client cannot be successfully authenticated during this time, the connection is terminated. The default value is seconds.
10 System Management Teldat GmbH 10.4.3 SNMP SNMP (Simple Network Management Protocol) is a network protocol used to monitor and control network elements (e.g. routers, servers, switches, printers, computers etc.) from a central station. SNMP controls communication between the monitored devices and monitoring station. The protocol describes the structure of the data packets that can be transmitted, as well as the communication process.
10 System Management Teldat GmbH Field Value By default, , " and $ are enabled. If no option is selected, the function is deactivated. SNMP Listen UDP Port Shows the UDP port ( ) at which the device receives SNMP requests. The value cannot be changed. Tip If your SNMP Manager supports SNMPv3, you should, if possible, use this version as older versions transfer all data unencrypted. 10.5 Remote Authentication This menu contains the settings for user authentication. 10.5.
10 System Management Teldat GmbH RADIUS packets The following types of packets are sent between the RADIUS server and your device (client): Packet types Field Value ACCESS_REQUEST Client -> Server If an access request is received by your device, a request is sent to the RADIUS server if no corresponding connection partner has been found on your device.
10 System Management Teldat GmbH 10.5.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to add RADIUS serv- ers. Fig. 40: System Management ->Remote Authentication ->RADIUS->New The System Management->Remote Authentication->RADIUS->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Value Authentication Type Select what the RADIUS server is to be used for.
10 System Management Teldat GmbH Field Value • -"" 3 (for PPP connections only): The RADIUS server is used for recording statistical call data. • / -3 " : The RADIUS server is used for controlling access to the SNMP shell of your device. • * " -3 " : The RADIUS server is used for sending configuration data for IPSec peers to your device. • 8/-' < : The RADIUS server is used for controlling access to a wireless network.
10 System Management Teldat GmbH Field Value be used. The function is activated by selecting , . The function is enabled by default. Group Description Define a new RADIUS group description or assign the new RADIUS entry to a predefined group. The configured RADIUS servers for a group are queried according to Priority and the Policy . Possible values: • ' 1 (default value): Enter a new group description in the text field. • .
10 System Management Teldat GmbH Field Value Server Timeout Enter the maximum wait time between ACCESS_REQUEST and response in milliseconds. After timeout, the request is repeated according to Retries or the next configured RADIUS server is requested. Possible values are whole numbers between and . The default value is (1 second). Alive Check Here you can activate a check of the accessibility of a RADIUS server in Status . 1 .
10 System Management Teldat GmbH Field Value The function is disabled by default. If the function is active, you can enter the following options: • @ , ,: Enter the time period in seconds between update intervals. The default entry here is i.e. an automatic reload is not carried out. 10.5.2 TACACS+ TACACS+ permits access control for your device, network access servers (NAS) and other network components via one or more central servers.
10 System Management Teldat GmbH Fig. 41: System Management ->Remote Authentication ->TACACS+ ->New The System Management->Remote Authentication->TACACS+ ->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Authentication Type Displays which TACACS+ function is to be used. The value cannot be changed. Possible values: • / -3 " : Here, you can define whether the current TACACS+ server is to be used for login authentication to your device.
10 System Management Teldat GmbH Field Description authentication. If no response is given or access is denied (only if Policy = ' 3 ), the entry with the nexthighest priority is used. The available values are to , the default value is . Entry active Select whether this server is to be used for login authentication. The function is activated by selecting , . The function is enabled by default.
10 System Management Teldat GmbH Field Description Block Time Enter the time in seconds for which the status of the current server shall remain blocked. When the block has ended, the server is set to the status specified in the Entry active field. The possible values are to $ , the default value is . The value means that the server is never set to =, "7 status and thus no other servers are queried.
10 System Management Teldat GmbH Fields in the Global RADIUS Options menu. Field Description Authentication for PPP By default, the following authentication sequence is used for inDialin coming calls with RADIUS: First CLID, then PPP and then PPP with RADIUS. Options: • : Only inband RADIUS requests (PAP,CHAP, MSCHAP V1 & V2) (i.e. PPP requests without CLID) are sent to the RADIUS server defined in Server IP Address. • :3 2/ . : Only outband RADIUS requests (i.e.
10 System Management Teldat GmbH Certificates are issued for a specific period, usually one year, i.e. they have a limited validity period. Your device is designed to use certificates for VPN connections and for voice connections over Voice over IP. 10.6.1 Certificate List A list of all existing certificates is displayed in the System Management->Certificates->Certificate List menu. 10.6.1.
10 System Management Teldat GmbH Fig. 43: System Management ->Certificates->Certificate List-> The certificates and keys themselves cannot be changed, but a few external attributes can be changed, depending on the type of the selected entry. The System Management->Certificates->Certificate List-> menu consists of the fol- lowing fields: Fields in the Edit parameters menu. 108 Field Description Description Shows the name of the certificate, key, or request.
10 System Management Teldat GmbH Field Description Certificates issued by this CA are accepted during authentication. The function is enabled with ( 3 . The function is disabled by default. Certificate Revocation List (CRL) Checking Only for Certificate is CA Certificate = ( 3 Define the extent to which certificate revocation lists (CRLs) are to be included in the validation of certificates issued by the owner of this certificate. Possible settings: • . # , : No CRLs check.
10 System Management Teldat GmbH 10.6.1.2 Certificate Request Registration authority certificates in SCEP If SCEP (Simple Certificate Enrollment Protocol) is used, your device also supports separate registration authority certificates. Registration authority certificates are used by some Certificate Authorities (CAs) to handle certain tasks (signature and encryption) during SCEP communication with separate keys, and to delegate the operation to separate registration authorities, if applicable.
10 System Management Teldat GmbH Fig. 44: System Management ->Certificates->Certificate List->Certificate Request The menu System Management->Certificates->Certificate List->Certificate Request consists of the following fields: Fields in the Certificate Request menu. Field Description Certificate Request De- Enter a unique description for the certificate. scription Mode Select the way in which you want to request the certificate.
10 System Management Teldat GmbH Field Description field. This file must be provided to the CA and the received certificate must then be imported manually to your device. • *2 : The key is requested from a CA using the Simple Certificate Enrolment Protocol. Generate Private Key Only for Mode = % 3 , Select an algorithm for key creation. @*- (default value) and .*- are available. Also select the length of the key to be created. Possible values: , + , , $ , , .
10 System Management Teldat GmbH Field Description not configured on the device, the validity of certificates from this CA is not checked. • : If all the necessary certificates are already available in the system, you select these manually. RA Sign Certificate Only for Mode = *2 Only for CA Certificate not = . 1 , Select a certificate for signing SCEP communication. The default value is 0# CA certificate is used.
10 System Management Teldat GmbH Field Description If the field is not selected, enter the name components in Common Name, E-mail, Organizational Unit, Organization, Locality, State/Province and Country. The function is disabled by default. Summary Only for Custom = enabled. Enter a subject name with attributes not offered in the list. Example: "CN=VPNServer, DC=mydomain, DC=com, c=DE". Common Name Only for Custom = disabled. Enter the name according to CA. E-mail Only for Custom = disabled.
10 System Management Teldat GmbH Field Description #1, #2, #3 For each entry, define the type of name and enter additional subject names. Possible values: • ' (default value): No additional name is entered. • : An IP address is entered. • .'*: A DNS name is entered. • ,: An e-mail address is entered. • 0@ : A uniform resource identifier is entered. • .': A distinguished name (DN) name is entered. • @ .: A registered identity (RID) is entered.
10 System Management Teldat GmbH Fig. 45: System Management ->Certificates->Certificate List->Import The menu System Management->Certificates->Certificate List->Import consists of the following fields: Fields in the Import menu. Field Description External Filename Enter the file path and name of the certificate to be imported, or use Browse... to select it from the file browser. Local Certificate Description Enter a unique description for the certificate.
10 System Management Teldat GmbH If a key is no longer to be used, e.g. because it has fallen into the wrong hands or has been lost, the corresponding certificate is declared invalid. The certification authority revokes the certificate and publishes it on a certificate blacklist, so-called CRL. Certificate users should always check against these lists to ensure that the certificate used is currently valid. This check can be automated via a browser.
10 System Management Teldat GmbH Field Description type of encoding. • = # • = & Password Enter the password required for the import. 10.6.3 Certificate Servers A list of certificate servers is displayed in the System Management->Certificates->Certificate Servers menu. A certification authority (certification service provider, Certificate Authority, CA) issues your certificates to clients applying for a certificate via a certificate server.
11 Physical Interfaces Teldat GmbH Chapter 11 Physical Interfaces In this menu, you configure the physical interfaces that you have used when connecting your gateway. The configuration interface only shows the interfaces that are available on your device. In the System Management->Status menu, you can see a list of all physical interfaces and information on whether the interfaces are connected or active and whether they have already been configured. 11.
11 Physical Interfaces Teldat GmbH Fig. 49: Physical Interfaces ->AUX ->AUX The Physical Interfaces->AUX->AUXmenu consists of the following fields: Fields in the Basic Settings menu. Field Description AUX Port Status Select whether the AUX port should be enabled or disabled. The port is enabled by choosing , . The port is disabled by default. Line Speed Only for AUX Port Status = enabled Here you select the speed at which the gateway addresses the modem (in bps). Possible values: • .
11 Physical Interfaces Teldat GmbH Field Description logue modem. Incoming Service Type Only for AUX Port Status = enabled Here you select the gateway subsystem to which an incoming call over the modem is to be assigned. Possible values: • . # , : No call is accepted. • *.' / tem. : The call is assigned to the ISDN Login subsys- • . , (default value): The call is assigned to the PPP subsystem.
11 Physical Interfaces Teldat GmbH Field Description vider must be entered, e.g. internet.eplus.de for eplus and so on. A maximum of 40 characters can be entered. If no APN or an incorrect APN is entered, a configured GPRS connection will not function. 11.2 Ethernet Ports An Ethernet interface is a physical interface for connection to the local network or external networks. The Ethernet ports ETH1 to ETH4 are assigned to a single logical Ethernet interface in ex works state.
11 Physical Interfaces Teldat GmbH VLANs for Routing Interfaces Configure VLANs to separate individual network segments from each other, for example (e.g. individual departments of a company) or to reserve bandwidth for individual VLANs when managed switches are used with the QoS function. 11.2.1 Port Configuration Port Separation Your device makes it possible to run the switch ports as one interface or to logically separate these from each other and to configure them as independent Ethernet interfaces.
11 Physical Interfaces Teldat GmbH Field Description to the numbering of the Ethernet ports on the back of the device. Ethernet Interface Selection Assign a logical Ethernet interface to the switch port. Configured Speed / Mode Select the mode in which the interface is to run. You can select from five interfaces, to .
11 Physical Interfaces Teldat GmbH Field Description Flow Control Select whether a flow control should be conducted on the corresponding interface. Possible values: • . # , (default value): No flow control is performed. • , : Flow control is performed. • -3 : Automatic flow control is performed. 11.3 ISDN Ports In this menu, you configure the ISDN interfaces of your device. Here you enter data such as the type of ISDN connection to which your gateway is connected.
11 Physical Interfaces Teldat GmbH You can use the ISDN BRI interface of your gateway for both dialup connections and leased lines over ISDN. Fig. 51: Physical Interfaces ->ISDN Ports->ISDN Configuration -> The Physical Interfaces->ISDN Ports->ISDN Configuration-> menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Port Name Shows the name of the ISDN port.
11 Physical Interfaces Teldat GmbH Field Description uration Type. • @3 : Detection is still running. Port Usage Only if Autoconfiguration on Bootup is disabled. Select the protocol that you want to use for the ISDN port. Possible values: • ' 3# : The ISDN connection is not used. • . ,3) 3 *.' • / # / • D * ISDN Configuration Type Only if Autoconfiguration on Bootup is disabled and for Port Usage = . ,3) 3 *.' or D * Select the ISDN connection type.
11 Physical Interfaces Teldat GmbH Field Description • / # / kbps) Call Number = *: Leased line over B channel 2 (64 This parameter is exclusively used by Media Gateway. Only for Port Usage . ,3) 3 figuration Type *.' and ISDN Con- Only for the devices RTxxx2 Enter the basic number of the Point-to-Point.
11 Physical Interfaces Teldat GmbH Field Description • 2- • 2- . ! 3, • "7 *1 " (default value) 2- and 2- . ! 3, are only for the use of X.31 TEI for CAPI applications. For 2- , the TEI value set in the CAPI application is used. For 2- . ! 3, , the value of the CAPI application is ignored and the default value set here is always used. "7 *1 " is set if you want to use X.31 TEI for the X.25 device.
11 Physical Interfaces Teldat GmbH Fig. 52: Physical Interfaces ->ISDN Ports->ISDN Configuration -> The Physical Interfaces->ISDN Ports->ISDN Configuration-> menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Port Name Shows the name of the ISDN port. Port Usage Select whether the ISDN switch type (D channel detection for switched line) is to be automatically identified. Possible values: • ' (default value): ISDN connection is not used. • 0@: *.
11 Physical Interfaces Teldat GmbH Field Description ectly coupled. • / # / : You can select a leased line. • D * * % ( : Q-SIG S2M User Profile • D * * % '( : Q-SIG S2M Network Profile ISDN Line Framing Only if Port Usage is selected. Select the framing type for layer 1. Possible values: • 2@2 * (default value) • ' 2@2 The default value can be left in the majority of scenarios. You can use the ' 2@2 option if required (e.g.
11 Physical Interfaces Teldat GmbH Field Description • ' " , ! " : The device sends no IE (Information Element) for channel identification. The exchange selects the channel to be used. • *3 ) ! " , : The device selects the channel to be used and signals this to the exchange. You can normally use the default value. It is only necessary to change the setting in a few special cases.
11 Physical Interfaces Teldat GmbH Field Description er as so-called hyper channels. You can also group together channels as PPP multilink channel bundles. Timeslots divide the available 2 Mbps bandwidth of an S2M connection into logical channels. No distinction is made below between timeslots and channels, as the difference is immaterial for configuration purposes. A list of the channel bundles already configured is shown. Click Add to configure new channel bundles.
11 Physical Interfaces Teldat GmbH Field Timeslot Matrix X.75 Layer 2 Mode Description Only if Timeslot Selection = ( #, % < shows a list of all channels in detail. If you do not wish to use all the channels between a certain start and end channel for a channel bundle, you can make a selective assignment here. Here you define how the interface created by this channel bundle is to behave during connection setup. You only need to configure these parameters if you used X.75 in layer 2.
11 Physical Interfaces Teldat GmbH • X.25 PAD: X.25 PAD is used to provide a protocol converter, which converts nonpacket-oriented protocols to packet-oriented communication protocols and vice versa. Data terminal equipment sending or receiving data on a non-data-packet-oriented basis can this be adapted in line with Datex-P (public data packet network based on the principle of a packet switching exchange).
11 Physical Interfaces Teldat GmbH Field Description ISDN Port Select the ISDN port for which the MSN is to be configured. Service Select the service to which a call is to be assigned on the MSN below. Possible values: • *.' / (default value): Enables login with *.' / • @ 3 : Default setting for PPP routing. Contains automatic detection of the PPP connections stated below except .:6=. • * ": Enables a number to be defined for IPSec callback.
11 Physical Interfaces Teldat GmbH 11.4 DSL Modem The ADSL modem on the bintec R3002 and bintec RT3002 is compatible with ANNEX A and ANNEX B standards and so can be used universally in several countries. It is particularly suitable for high-speed Internet access and remote access use in SMEs or remote offices. The bintec R3502 features an integrated VDSL2 modem which supports automatic switching to ADSL2+. If required, VDSL connection is available at any time.
11 Physical Interfaces Teldat GmbH Fig. 55: VDSL modem: Physical Interfaces ->DSL Modem->DSL Configuration The menu Physical Interfaces->DSL Modem->DSL Configuration consists of the following fields: Fields in the DSL Port Status menu. Field Description DSL Chipset Shows the key of the installed chipset. Physical Connection Shows the current DSL operation mode. The value cannot be changed. Possible values: • 0 7 1 : The ADSL link is not active. • -'* ( $: ANSI T1.413 • -.*/ : ADSL classic, G.
11 Physical Interfaces Teldat GmbH Field Description • -.*/ ; (0 ( - < % • 6.*/ (0 ( $ • 6.*/ (0 ( $ Fields in the Current Line Speed menu Field Description Downstream Displays the data rate in the receive direction (direction from CO/DSLAM to CPE/router) in bits per second. The value cannot be changed. Upstream Displays the data rate in the send direction (direction from CPE/ router to CO/DSLAM) in bits per second. The value cannot be changed.
11 Physical Interfaces Teldat GmbH Field Description for the remote terminal. • -.*/ : ADSL2 / G.992.3 is used. • -.*/ ,3#: ADSL2 Plus / G.992.5 is used. • 6.*/ (default value): VDSL is used. • 6.*/5-.*/ %3, : VDSL/ADSL multi mode is used. DSL SyncType Only for devices with an ADSL modem Select the ADSL synchronization type. Possible values: • -.*/ -3 (default value): The ADSL mode is automatically adapted for the remote terminal. • -.*/ :ADSL1 / G.DMT is used. • -.*/ : ADSL2 / G.992.
11 Physical Interfaces Teldat GmbH Field Description in Maximum Upstream Bandwidth. Maximum Upstream Bandwidth Only for Transmit Shaping = 0# ! Enter the maximum data rate in the send direction in bits per second. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description ADSL Line Profile Only for devices with a VDSL modem Select the line profile for your internet service provider.
11 Physical Interfaces Teldat GmbH Choose the button to edit the predefined SHDSL interfaces. In the ex works state, the logical SHDSL interfaces * #, to * #, $ are each preset with one pair of wires. Fig. 56: Physical Interfaces +SHDSL->SHDSL Configuration -> Fields in the SHDSL Parameters menu. Field Description ATM Interface Displays the name of the ATM interface. Device Mode Define the role within the connection.
11 Physical Interfaces Teldat GmbH Field Description • - < = (default value): For applications in Europe (provider-dependent) for example. Clock Rate Define whether the clock rate should be negotiated. Possible values: • 9 < : The clock rate is predefined. • - ) (default value): The clock rate is negotiated depending on the line quality. Note that a fixed value must be set to use the IMA mode (see 8 % ) on at least one side (CO or CPE).
11 Physical Interfaces Teldat GmbH Field Description For Wire Mode = 1 , 1 # or 1 %- the second pair of wires is defined here. For Wire Mode = 1 or 1 pair of wires is defined here. %- the second and third Wire pairs already used in defined connections are not available for selection. If these continue to be used for this SHDSL connection, the existing connection must first be terminated.
12 LAN Teldat GmbH Chapter 12 LAN In this menu, you configure the addresses in your LAN and can structure your local network using VLANs. 12.1 IP Configuration In this menu, you can edit the IP configuration of the LAN and Ethernet interfaces of your device. 12.1.1 Interfaces The existing IP interfaces are listed in the LAN->IP Configuration->Interfaces menu. You can edit the IP configuration of the interfaces or create virtual interfaces for special applications.
12 LAN Teldat GmbH Example of subnets If your device is connected to a LAN that consists of two subnets, you should enter a second IP Address / Netmask. The first subnet has two hosts with the IP addresses 192.168.42.1 and 192.168.42.2, for example, and the second subnet has two hosts with the IP addresses 192.168.46.1 and 192.168.46.2. To be able to exchange data packets with the first subnet, your device uses the IP address 192.168.42.3, for example, and 192.168.46.3 for the second subnet.
12 LAN Teldat GmbH Field Description Select the Ethernet interface for which the virtual interface is to be configured. Address Mode Select how an IP address is assigned to the interface. Possible values: • * " (default value): The interface is assigned a static IP address in IP Address / Netmask. • .?2 : An IP address is assigned to the interface dynamically via DHCP.
12 LAN Teldat GmbH Field Description This option only applies for routing interfaces. Assign the interface to a VLAN by entering the VLAN ID of the relevant VLAN. Possible values are (default value) to . The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description DHCP MAC Address Only for Address Mode = .?2 If Use built-in is activated (default setting), the hardware MAC address of the Ethernet interface is used.
12 LAN Teldat GmbH Field Description The function is disabled by default. TCP-MSS Clamping Select whether your device is to apply MSS Clamping. To prevent IP packets fragmenting, the MSS (Maximum Segment Size) is automatically decreased by the device to the value set here. The function is activated by selecting , . The function is disabled by default. Once enabled, the default value $ is entered in the input field. 12.2 VLAN By implementing VLAN segmentation in accordance with 802.
12 LAN Teldat GmbH Fig. 58: VLAN segmenting VLAN for Bridging and VLAN for Routing In the LAN->VLAN menu, VLANs (virtual LANs) are configured with interfaces that operate in Bridging mode. Using the VLAN menu, you can make all the settings needed for this and query their status. Caution For interfaces that operate in Routing mode, you only assign a VLAN ID to the interface. You define this via the parameters Interface Mode = ( 6/-' and field VLAN ID in menu LAN->IP Configuration->Interfaces->New.
12 LAN Teldat GmbH 12.2.1 VLANs In this menu, you can display all the VLANs already configured, edit your settings and create new VLANs. By default, the % VLAN is available, to which all interfaces are assigned. 12.2.1.1 Edit or New Choose the icon to edit existing entries. Select the New button in order to create new VLANs. Fig. 59: LAN->VLAN->VLANs->New The LAN->VLAN->VLANs->New menu consists of the following fields: Fields in the Configure VLAN menu.
12 LAN Teldat GmbH 12.2.2 Port Configuration In this menu, you can define and view the rules for receiving frames at the VLAN ports. Fig. 60: LAN->VLANs->Port Configuration The LAN->VLANs->Port Configurationmenu consists of the following fields: Fields in the Port Configuration menu. Field Description Interface Shows the port for which you define the PVID and processing rules. PVID Assign the selected port the required PVID (Port VLAN Identifier).
12 LAN Teldat GmbH Fig. 61: LAN->VLANs->Administration The LAN->VLANs->Administrationmenu consists of the following fields: Fields in the Bridge Group br VLAN Options menu Field Description Enable VLAN Enable or disable the specified bridge group for VLAN. The function is enabled with , . The function is not activated by default. Management VID bintec Rxxx2/RTxxx2 Select the VLAN ID of the VLAN in which your device is to operate.
13 Wireless LAN Controller Teldat GmbH Chapter 13 Wireless LAN Controller By using the wireless LAN controller, you can set up and manage a WLAN infrastructure with multiple access points (APs). The WLAN controller has a Wizard which assists you in the configuration of your access points. The system uses the CAPWAP protocol (Control and Provisioning of Wireless Access Points Protocol) for any communication between masters and slaves.
13 Wireless LAN Controller Teldat GmbH 13.1.1 Basic Settings Here you can configure all of the various settings that you require for the actual wireless LAN controller. The wireless LAN controller uses the following settings: Region Select the country in which the wireless controller is to be operated. Please note: The range of channels that can be used varies depending on the country setting. Interface Select the interface to be used for the wireless controller.
13 Wireless LAN Controller Teldat GmbH 13.1.2 Radio Profile Select which frequency band your WLAN controller shall use. If the ?G @ If the ?G @ ! , ! , is set then the 2.4 GHz frequency band is used. is set then the 5 GHz frequency band is used. If the corresponding device contains two wireless modules, you can Use two independent radio profiles. This assigns ?G @ ! , to module 1 and ?G @ ! , to module 2. The function is activated by selecting , .
13 Wireless LAN Controller Teldat GmbH Enter an ASCII string with a maximum of 32 characters. Also select whether the Network Name (SSID) 6 # , is to be transmitted. Security Mode Select the security mode (encryption and authentication) for the wireless network. Please note: 8 - ) # means 802.11x. WPA Mode Select for Security Mode = 8 - *> or 8 - ) # , whether you wish to use WPA oder WPA 2 or both. Preshared Key Enter the WPA password for Security Mode = 8 - *>.
13 Wireless LAN Controller Teldat GmbH Note Before you continue, please ensure that all access points that the WLAN controller shall manage are correctly wired and switched on. 13.1.4 Start automatic installation You will see a list of all detected access points. If you wish to change the settings of a detected AP, click on in the corresponding entry. You will see the settings for all selected access points. You can change these settings.
13 Wireless LAN Controller Teldat GmbH The number of channels you can select depends on the country setting. Please consult the data sheet for your device. Note Configuring the network name (SSID) in Access Point mode means that wireless networks can be logically separated from each other, but they can still physically interfere with each other if they are operating on the same or closely adjacent wireless channels.
13 Wireless LAN Controller Teldat GmbH Under Configure the Alert Service for WLAN surveillance, click Start to monitor your managed APs. You are taken to the External Reporting->Alert Service->Alert Recipient menu with the default setting Event = % - !!, . You can specify that you wish to be notified by e-mail if the % - !!, event occurs. Click under New Neighborscan on Start, to rescan adjacent AP's.
13 Wireless LAN Controller Teldat GmbH Field Description The range of channels that can be used varies depending on the country setting. The default value is &. Interface Select the interface to be used for the wireless controller. DHCP Server Select whether an external DHCP server shall assign IP addresses to the APs or if you wish to assign fixed IP addresses yourself. Alternatively, you can use your device as a DHCP server.
13 Wireless LAN Controller Teldat GmbH Field Description Slave AP location Select whether the APs that the wireless LAN controller is to manage are located in the LAN or the WAN. Possible values: • / " , /-' (default value) • @ 8-' The @ 8-' setting is useful if, for example, there is a wireless LAN controller installed at head office and its APs are distributed to different branches. If the APs are linked via VPN, it may be that a connection is terminated.
13 Wireless LAN Controller Teldat GmbH 13.3.1 Slave Access Points Fig. 63: Wireless LAN Controller ->Slave AP configuration ->Slave Access Points In the Wireless LAN Controller->Slave AP configuration->Slave Access Points menu a list of all APs found with the wizard is displayed. You will see an entry with a parameter set for each access point ( Location, Name, IP Address, LAN MAC Address, Channel, Search Channel, Status, Action).
13 Wireless LAN Controller Teldat GmbH 13.3.1.1 Edit Choose the icon to edit existing entries. You can also delete entries using the icon. If you have deleted APs, these will be loc- ated again but shall not be configured. Fig.
13 Wireless LAN Controller Teldat GmbH Field Description Name Displays the name of the AP. You can change the name. Description Enter a unique description for the AP. CAPWAP Encryption Select whether communication between the master and slaves is to be encrypted. The function is activated by selecting , . The function is enabled by default. You can override the encryption in order to view the communication for debugging purposes.
13 Wireless LAN Controller Teldat GmbH Field Description different channels. Each of these should be spaced at least four channels apart, as a network also partially occupies the adjacent channels. In the case of manual channel selection, please make sure first that the APs actually support these channels. Possible values (according to the selected wireless module profile): • For Operation Band = ?G 5:3 Possible values are to $ and -3 (default value).
13 Wireless LAN Controller Teldat GmbH 13.3.2 Radio Profiles Fig. 65: Wireless LAN Controller ->Slave AP configuration ->Radio Profiles An overview of all created wireless module profiles is displayed in the Wireless LAN Controller->Slave AP configuration->Radio Profiles menu. A profile with 2.4 GHz and a profile with 5 GHz are created by default; the 2.4 GHz profile cannot be deleted.
13 Wireless LAN Controller Teldat GmbH Fig. 66: Wireless LAN Controller ->Slave AP configuration ->Radio Profiles -> The Wireless LAN Controller->Slave AP configuration->Radio Profiles-> / New / New menu consists of the following fields: Fields in the menu Radio Profile Definition Field Description Operation Mode Description Enter the desired description of the wireless module profile. Define the mode in which the wireless module profile is to be operated.
13 Wireless LAN Controller Teldat GmbH Field Description your network. Operation Band Select the frequency band of the wireless module profile. Possible values: • ?G 5:3 (default value): Your device is operated at 2.4 GHz (mode 802.11b, mode 802.11g and mode 802.11n), inside or outside buildings. • ?G : Your device is operated at 5 GHz (mode 802.11a/h and mode 802.11n) inside buildings. • ?G :3 : Your device is operated at 5 GHz (mode 802.11a/h and mode 802.
13 Wireless LAN Controller Teldat GmbH Fields in the menu Performance Settings Field Wireless Mode Description Select the wireless technology that the access point is to use. For Operation Band = ?G 5:3 Possible values: • : The device operates only in accordance with 802.11g. 802.11b clients have no access. • : Your device operates only in accordance with 802.11b and forces all clients to adapt to it.
13 Wireless LAN Controller Teldat GmbH Field Description Max. Transmission Rate Select the transmission speed. Possible values: • -3 (default value): The transmission speed is determined automatically. • A6 ,3 B: According to setting for Operation Band, Bandwidth, Number of Spatial Streams and Wireless Mode various fixed values in mbps are available. Burst Mode Activate this function to increase the transmission speed for 802.11g through frame bursting.
13 Wireless LAN Controller Teldat GmbH Field Description lected. This ensures that no channels overlap, i.e. a distance of four channels is maintained between the channels used. This is useful if more access points are used with overlapping radio cells. Possible values: • -,,: All channels can be dialled when a channel is selected. • -3 : Depending on the region, operation band, wireless mode and bandwidth, the channels that have a distance of 4 channels are provided.
13 Wireless LAN Controller Teldat GmbH Field RTS Threshold Short Guard Interval Short Retry Limit Description Here you can specify the data packet length threshold in bytes (1..2346) as of which the RTS/CTS mechanism is to be used. This makes sense if several clients that are not in each other's wireless range are run in one access point. Enable this function to reduce the guard interval (= time between transmission of two data symbols) from 800 ns to 400 ns.
13 Wireless LAN Controller Teldat GmbH Field Description The function is enabled with , . The function is not activated by default. 13.3.3 Wireless Networks (VSS) Fig. 67: Wireless LAN Controller ->Slave AP configuration ->Wireless Networks (VSS) An overview of all created wireless networks is displayed in the Wireless LAN Controller>Slave AP configuration->Wireless Networks (VSS) menu. A wireless network is created by default.
13 Wireless LAN Controller Teldat GmbH Fig. 68: Wireless LAN Controller ->Slave AP configuration ->Wireless Networks (VSS)->New The Wireless LAN Controller->Slave AP configuration->Wireless Networks (VSS)->New menu consists of the following fields: Fields in the menu Service Set Parameters Field Description Network Name (SSID) Enter the name of the wireless network (SSID). Enter an ASCII string with a maximum of 32 characters. Also select whether the Network Name (SSID) is to be transmitted.
13 Wireless LAN Controller Teldat GmbH Field Description The function is activated by selecting , . The function is enabled by default. ARP Processing Select whether the ARP processing function should be enabled. The ARP data traffic is reduced in the network by the fact that ARP broadcasts that have been converted to ARP unicasts are forwarded to IP addresses that are known internally. Unicasts are quicker and clients with an enabled power save function are not addressed.
13 Wireless LAN Controller Teldat GmbH Field Transmit Key Description Only for Security Mode = 8 or 8 Select one of the keys configured in WEP Key as a standard key. The default value is > & WEP Key 1-4 . Only for Security Mode = 8 , 8 Enter the WEP key. Enter a character string with the right number of characters for the selected WEP mode. For 8 you need a character string with 5 characters, for 8 with 13 characters, e. g. ,, for 8 , , 1 ) for 8 .
13 Wireless LAN Controller Teldat GmbH Field Description • - * (default value): AES is used. • (> : TKIP is used. Preshared Key Only for Security Mode = 8 - *> Enter the WPA password. Enter an ASCII string with 8 - 63 characters. Note: Change the default Preshared Key! If the key has not been changed, your device will not be protected against unauthorised access! Radius Server You can control access to a wireless network via a RADIUS server. With Add, you can create new entries.
13 Wireless LAN Controller Teldat GmbH Field Description Possible values are whole numbers between and . The default value is $ . Max. number of clients Not all devices support this function. - soft limit To avoid a radio module being fully utilised, you can set a "soft" restriction on the number of connected clients. If this number is reached, new connection queries are initially rejected.
13 Wireless LAN Controller Teldat GmbH Field Description • ?G ) ! : Preference is given to accepting clients in the 5 GHz band. Fields in the menu MAC-Filter Field Access Control Description Select whether only certain clients are to be permitted for this wireless network. The function is activated by selecting , . The function is disabled by default.
13 Wireless LAN Controller Teldat GmbH Field Description VLAN Select whether the VLAN segmentation is to be used for this wireless network. The function is activated by selecting , . The function is disabled by default. VLAN ID Enter the number that identifies the VLAN. Possible values are to . VLAN ID 1 is not possible as it is already in use. 13.4 Monitoring This menu is used to monitor your WLAN infrastructure. 13.4.1 Active Clients Fig.
13 Wireless LAN Controller Teldat GmbH Status Meaning Authenticated The client is authenticated. 13.4.2 Wireless Networks (VSS) Fig. 70: Wireless LAN Controller ->Monitoring ->Wireless Networks (VSS) In menu Wireless LAN Controller->Monitoring->Wireless Networks (VSS) an overview of the currently used AP is displayed. You see which wireless module is assigned to which wireless network. For each wireless a parameter set is displayed (Location, Name, VSS, MAC Address (VSS), Channel, Clients, Status).
13 Wireless LAN Controller Teldat GmbH 13.4.4 Neighbor APs Fig. 72: Wireless LAN Controller ->Monitoring ->Neighbor APs In the Wireless LAN Controller->Monitoring->Neighbor APs menu, the adjacent AP's found during the scan are displayed. Rogue APs, i.e. APs which are not managed by the WLAN controller but are using an SSID managed by the WLAN controller are highlighted in red. Note Check the rogue APs shown carefully, as an attacker could attempt to spy on data in your network using a rogue AP.
13 Wireless LAN Controller Teldat GmbH 13.4.5 Rogue APs Fig. 73: Wireless LAN Controller ->Monitoring ->Rogue APs APs which are using an SSID from their own network but are not managed by Wireless LAN Controller are displayed in the Wireless LAN Controller->Monitoring->Rogue APs menu. Rogue APs which have been found for the first time are displayed with a red background.
13 Wireless LAN Controller Teldat GmbH 13.4.6 Rogue Clients Fig. 74: Wireless LAN Controller ->Monitoring +Rogue Clients The Wireless LAN Controller->Monitoring+Rogue Clients menu displays the clients which have attempted to gain unauthorised access to the network and which are therefore on the blacklist. The blacklist is configured for each VSS in the Wireless LAN Controller->Slave AP configuration->Wireless Networks (VSS) menu. You can also add a new entry to the static blacklist.
13 Wireless LAN Controller Teldat GmbH Fig. 75: Wireless LAN Controller ->Monitoring +Rogue Clients+New The menu consists of the following fields: Fields in the New Blacklist Entry menu. Field Description Rogue Client MAC Ad- Enter the MAC address of the client you intend to include in the dress static blacklist. Network Name (SSID) Pick the wireless network you want to exclude the rogue client from. 13.5 Maintenance This menu is used for the maintenance of your managed APs. 13.5.
13 Wireless LAN Controller Teldat GmbH all Managed Access Points is displayed. For each managed AP you will see an entry with the following parameter set: Update firmware, Location, Device, IP Address, LAN MAC Address, Firmware Version , Status. Click the Select all button to select all of the entries for a firmware update. Click the Deselect all button to disable all entries and to then select individual entries if required (e.g.
13 Wireless LAN Controller Teldat GmbH Field Description • (9( # : The file is stored respectively on a TFTP server specified in the URL. URL 188 Only for Source Location = ?(( # or (9( # Enter the URL of the update server from which the system software file is loaded or on which the configuration file is saved.
14 Networking Teldat GmbH Chapter 14 Networking 14.1 Routes Default Route With a default route, all data is automatically forwarded to one connection if no other suitable route is available. If you set up access to the Internet, you must configure the route to your Internet Service Provider (ISP) as a default route.
14 Networking Teldat GmbH If the < option is selected for the Route Class, an extra configuration section opens. Fig. 78: Network ->Routes ->IPv4 Routes ->New with Extended = , The Network->Routes->IPv4 Routes->New menu consists of the following fields: Fields in the menu Basic Settings Field Description Interface Select the interface to be used for this route. Route Type Select the type of route. Possible values: • .
14 Networking Teldat GmbH Field Description • ? # @ 3 ! " : Route to an individual host via a specific interface. • ? # @ 3 1 &: Route to an individual host via a specific gateway. • ' 1 7 @ 3 ! " (default value): Route to a network via a specific interface. • ' 1 7 @ 3 1 &: Route to a network via a specific gateway.
14 Networking Teldat GmbH Field Description Route Class Select the type of Route Class. Possible values: • * : Defines a route with the default parameters. • < : Select whether the route is to be defined with extended parameters. If the function is active, a route is created with extended routing parameters such as source interface and source IP address, as well as protocol, source and destination port, type of service (TOS) and the status of the device interface.
14 Networking Teldat GmbH Fields in the menu Extended Route Parameters Field Description Description Enter a description for the IP route. Source Interface Select the interface over which the data packets are to reach the device. The default value is ' . New Source IP Address/Netmask Enter the IP address and netmask of the source host or source network. Layer 4 Protocol Select a protocol. Possible values: 2% , % , (2 , 0. , @ , * , -?, :* 9, %, / ( , - &. The default value is - &.
14 Networking Teldat GmbH Field Description First select the port number range. Possible values: • - & (default value): The route is valid for all port numbers. • * , : Enables the entry of a port number. • @ : Enables the entry of a range of port numbers. • , : Entry of privileged port numbers: 0 ... 1023. • * : Entry of server port numbers: 5000 ... 32767. • 2, # : Entry of client port numbers: 1024 ... 4999. • 2, # : Entry of client port numbers: 32768 ... 65535.
14 Networking Teldat GmbH Field Description 6 ,3 , (:* . " , 6 ,3 and (:* ? < " , 6 ,3 . Mode Select when the interface defined in Route Parameters ->Interface is to be used. Possible values: • . ,3) 1 (default value): The route can be used if the interface is "up". If the interface is "dormant", then dial and wait until the interface is "up". • -3 : The route can always be used. • . ,3) " 3 : The route can be used when the interface is "up".
14 Networking Teldat GmbH Field Description Destination IP Address Displays the IP address of the destination host or destination network. Netmask Displays the netmask of the destination host or destination network. Gateway Displays the gateway IP address. Nothing is displayed here when routes are received by DHCP. Interface Displays the interface used for this route. Metric Displays the route's priority.
14 Networking Teldat GmbH Fields in the Back Route Verify menu. Field Description Mode Select how the interfaces to be activated for Back Route Verify are to be specified. Possible values: • , ! ,, ! " #: Back Route Verify is activated for all interfaces. • , ! #) " ! " ! " # (default value): A list of all interfaces is displayed in which Back Route Verify is only enabled for specific interfaces. • . # , ! ,, ! " #: Back route verify is disabled for all interfaces. No.
14 Networking Teldat GmbH Fig. 81: Networking ->NAT ->NAT Interfaces For every NAT interface, the '-( " , / ## 3 can be selected. ) "7 " , * , . & and ( In addition, ! 1 # displays how many port forwarding rules were configured for this interface. Options in the menu NAT Interfaces Field Description NAT active Select whether NAT is to be activated for the interface. The function is disabled by default.
14 Networking Teldat GmbH Field Description If PPTP Passthrough is enabled, the device itself cannot be configured as a tunnel endpoint. Port Shows the number of portforwarding rules configured in Networking->NAT->NAT Configuration . 14.2.2 NAT Configuration In the Networking->NAT->NAT Configuration menu you can exclude data from NAT simply and conveniently as well as translate addresses and ports. For outgoing data traffic you can configure various NAT methods, i.e.
14 Networking Teldat GmbH Field Description Interface Select the interface for which NAT is to be configured. Possible values: • - & (default value): NAT is configured for all interfaces. • A ! " list. Type of traffic B: Select one of the interfaces from the Select the type of data traffic for which NAT is to be configured. Possible values: • " . # '-( (default value): The data traffic that comes from outside. • • NAT method 3 <",3 NAT.
14 Networking Teldat GmbH Field Description within the existing connection are allowed. In the NAT Configuration ->Specify original traffic menu, you can configure for which data traffic NAT is to be used. Fields in the Specify original traffic menu. Field Description Service Not for Type of traffic = 3 * 3 " '-( and NAT method = !3,, " , # " " or ) # " " . Select one of the preconfigured services.
14 Networking Teldat GmbH Field Description • - & (default value) • -? • 2 # • • * • • @ • ?% • 2% • % • • @ • • • • C • *: • > &) , • / ( • :* 9 • 0 • @. • @*6 • *> • (2 • (/* • 0. • 6@@ • C'* . Source IP Address/ Netmask Only for Type of traffic = " <",3 8 3 '-( .
14 Networking Teldat GmbH Field Description original data packets, as the case arises. Original Destination IP Only for Type of traffic = " . # '-( Address/Netmask Enter the destination IP address and corresponding netmask of the original data packets, as the case arises. Original Destination Port/Range Only for Type of traffic = " . # '-( , Service = 3# ! and Protocol = (2 , 0. , (2 50.
14 Networking Teldat GmbH Field Description Enter the destination port or the destination port range of the original data packets. The default setting -,, means that the port is not specified. In the NAT Configuration ->Replacement Values menu you can define, depending on whether you're dealing with inbound or outbound data traffic, new addresses and ports, to which specific addresses and ports from the NAT Configuration ->Specify original traffic menu can be translated.
14 Networking Teldat GmbH Field Description : , leaves the original source port. If you disable : ,, an input field appears in which you can enter a new source port. : , is active by default. 14.3 Load Balancing The increasing amount of data traffic over the Internet means it is necessary to send data over different interfaces to increase the total bandwidth available. IP load balancing enables the distribution of data traffic within a certain group of interfaces to be controlled. 14.3.
14 Networking Teldat GmbH Fig. 83: Networking ->Load Balancing->Load Balancing Groups->New The menu Networking->Load Balancing->Load Balancing Groups->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Group Description Enter the desired description of the interface group. Distribution Policy Select the way the data traffic is to be distributed to the interfaces configured for the group.
14 Networking Teldat GmbH Field Description • 0), : Only the data rate in the send direction is considered. By default, the . 1 , and 0), options are disabled. Distribution Mode Select the state the interfaces in the group may have if they are to be included in load balancing. Possible values: • -,1 &# (default value): Also includes idle interfaces. • : ,& 3# " state are included.
14 Networking Teldat GmbH Field Description Distribution Policy Displays the type of data traffic selected. Fields in the Interface Selection for Distribution menu. Field Description Interface Select the interfaces that are to belong to the group from the available interfaces. Distribution Ratio Enter the percentage of the data traffic to be assigned to an interface.
14 Networking Teldat GmbH Field Description You can choose between all routes and all extended routes. Tracking IP Address You can use the Tracking IP Address parameter to have a particular route monitored. The load balancing status of the interface and the status of the routes connected to the interface can be influenced using this parameter. This means that routes can be enabled or disabled irrespective of the interface's operation status.
14 Networking Teldat GmbH less detail. The first data packet which the properties configured here match specifies the route for particular subsequent data packets. Which data packets are subsequently routed via this route is configured in the Networking>Load Balancing->Special Session Handling->New->Advanced Settings menu.
14 Networking Teldat GmbH The Networking->Load Balancing->Special Session Handling->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Admin Status Select whether the Special Session Handling should be activated. The function is activated by selecting , . The function is enabled by default. Description Enter a name for the entry. Service Select one of the preconfigured services, if required.
14 Networking Teldat GmbH Field Description Destination Port/Range Enter, if required, a destination port number or a range of destination port numbers. Possible values: • -,, (default value): The destination port is not specified. • *) " !& ) : Enter a destination port. • *) " !& ) : Enter a destination port range. Source Interface If required, select your device's source interface. Source IP Address/ Netmask Enter, if required, the source IP address and netmask of the data packets.
14 Networking Teldat GmbH Field Description the subsequent data packets must be routed via the same Destination Port to the same Destination Address. The two parameters Destination Address and Destination Port are enabled by default. If you leave the default setting , for one or both parameters, the value of the parameter concerned must be the same as in the first data packet with data packets sent subsequently. You can disable one or both parameters if you wish.
14 Networking Teldat GmbH Fig. 86: Networking ->QoS->QoS Filter ->New The Networking->QoS->QoS Filter->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the filter. Service Select one of the preconfigured services. The extensive range of services configured ex works includes the following: • " & • )), F • 3 • " • ", #H • & • ") • #" The default value is 0# ! . Protocol Select a protocol.
14 Networking Teldat GmbH Field Description Select the type. Possible values: - &, " ),&, . # 3 " , , * 3 " F3 " , @ " , " , ( <" , ( # ), ( # ) ),&. See RFC 792. The default value is - &. Connection State With Protocol = (2 , you can define a filter that takes the status of the TCP connections into account. Possible values: • # , # : All TCP packets that would not open any new TCP connection on routing over the gateway match the filter.
14 Networking Teldat GmbH Field Description DSCP/TOS Filter (Layer 3) Select the Type of Service (TOS). Possible values: • (default value): The type of service is ignored. • .*2 = & 6 ,3 : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in binary format, 6 bit). • .*2 . " , 6 ,3 : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format). • .
14 Networking Teldat GmbH Fig. 87: Networking ->QoS->QoS Classification->New The Networking->QoS->QoS Classification->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Class map Choose the class plan you want to create or edit. Possible values: • ' 1 (default value): You can create a new class plan with this setting. • A' ! ", ## ), B: Shows a class plan that has already been created, which you can select and edit. You can add new filters.
14 Networking Teldat GmbH Field Description To select a filter, at least one filter must be configured in the Networking->QoS->QoS Filter menu. Direction Select the direction of the data packets to be classified. Possible values: • " : Incoming data packets are assigned to the class (Class ID) that is then to be defined. • :3 (default value): Outgoing data packets are assigned to the class (Class ID) that is then to be defined.
14 Networking Teldat GmbH Field Description • .*2 . " , 6 ,3 : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in decimal format). • .*2 ? < " , 6 ,3 : Differentiated Services Code Point according to RFC 3260 is used to signal the priority of IP packets (indicated in hexadecimal format). • (:* = & 6 ,3 : The TOS value is specified in binary format, e.g. 00111111. • (:* .
14 Networking Teldat GmbH Depending on the respective interface, a queue is created automatically for each class, but only for data traffic classified as outgoing and for data traffic classified in both directions. A priority is assigned to these automatic queues. The value of the priority is equal to the value of the class ID. You can change the default priority of a queue. If you add new queues, you can also use classes in other class plans via the class ID. 14.4.3.
14 Networking Teldat GmbH Field Description ets are always handled with priority. • 8 9 D3 3 : QoS is activated on the interface. The available bandwidth is distributed as “fairly” as possible among the (automatically detected) traffic flows in a queue. Exception: High-priority packets are always handled with priority. • . # , (default value): QoS is deactivated on the interface. The existing configuration is not deleted, but can be activated again if required.
14 Networking Teldat GmbH Field Description • 6/-' Can only be selected for IPSec interfaces: • * " • * " 6/-' • * " • * " 6/-' Encryption Method Only if an IPSec Peers is selected as Interface, Traffic shaping is -" and Protocol Header Size below Layer 3 is not 0 ! " , ? :!!# I . Select the encryption method used for the IPSec connection.
14 Networking Teldat GmbH Field Description • -,, @( * #: All RTP streams are optimised. The function activates the RTP stream detection mechanism for the automatic detection of RTP streams. In this mode, the Real Time Jitter Control is activated as soon as an RTP stream has been detected. • " : Voice data transmission is not optimised. • 2 ,, @( * # ,&: This mode is used if either the VoIP Application Layer Gateway (ALG) or the VoIP Media Gateway (MGW) is active.
14 Networking Teldat GmbH Field Description • . ! 3, : Queue for data that has not been classified or data of a class for which no queue has been configured. Class ID Only for Prioritisation queue = 2, ## = # Select the QoS packet class to which this queue is to apply. To do this, at least one class ID must be given in the Networking->QoS->QoS Classification menu. Priority Only for Prioritisation queue = 2, ## = # Choose the priority of the queue.
14 Networking Teldat GmbH Field Description The function is disabled by default. Maximum Upload Speed Only for Traffic Shaping = enabled. Enter a maximum data rate for the queue in kbits. Possible values are to . The default value is . Overbooking allowed Only for Traffic Shaping = enabled. Enable or disable the function. The function controls the bandwidth limit.
14 Networking Teldat GmbH Field Description • ( , . ) (default value): The newest packet received is dropped. • ? . ): The oldest packet in the queue is dropped. • @ . ): A randomly selected packet is dropped from the queue. Congestion Avoidance Enable or disable preventative deletion of data packets. (RED) Packets which have a data size of between Min. queue size and Max. queue size are preventively dropped to prevent queue overflow (RED=Random Early Detection).
14 Networking Teldat GmbH • source and/or destination IP address • packet protocol • source and/or destination port (port ranges are supported) Access lists are an effective means if, for example, sites with LANs interconnected over a Teldat gateway wish to deny all incoming FTP requests or only allow Telnet sessions between certain hosts. Access filters in the gateway are based on the combination of filters and actions for filter rules (= rules) and the linking of these rules to form rule chains.
14 Networking Teldat GmbH Caution Make sure you don’t lock yourself out when configuring filters: If possible, access your gateway for filter configuration over the serial console interface or ISDN Login. 14.5.1 Access Filter This menu is for configuration of access filter Each filter describes a certain part of the IP traffic and defines, for example, the IP addresses, the protocol, the source port or the destination port.
14 Networking Teldat GmbH Fig. 90: Networking ->Access Rules ->Access Filter ->New The Networking->Access Rules->Access Filter->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a description for the filter. Service Select one of the preconfigured services.
14 Networking Teldat GmbH Field Description Possible values: • - & • " ),& • . # 3 " , • * 3 " F3 " • @ " • " • ( <" • ( # ) • ( # ) ),& The default value is - &. See RFC 792. Connection State Only if Protocol = (2 You can define a filter that takes the status of the TCP connections into account. Possible values: • - & (default value): All TCP packets match the filter.
14 Networking Teldat GmbH Field Description Possible values: • -,, (default value): The filter is valid for all port numbers • *) " !& ) : Enables the entry of a port number. • *) " !& ) numbers. Source IP Address/ Netmask Source Port/Range : Enables the entry of a range of port Enter the source IP address and netmask of the data packets. Only if Protocol = (2 , 0. Enter a source port number or the range of source port numbers.
14 Networking Teldat GmbH Field Description COS Filter (802.1p/Layer 2) Enter the service class of the IP packets (Class of Service, CoS). Possible values are whole numbers between and +. The default value is . 14.5.2 Rule Chains Rules for IP filters are configured in the Rule Chains menu. These can be created separately or incorporated in rule chains. In the Networking->Access Rules+Rule Chains menu, all created filter rules are listed. Fig. 91: Networking ->Access Rules +Rule Chains 14.5.
14 Networking Teldat GmbH Fields in the Basic Parameters menu. Field Rule Chain Description Select whether to create a new rule chain or to edit an existing one. Possible values: • ' 1 (default value): You can create a new rule chain with this setting. • A' ! ", ## ), B: Select an already existing rule chain, and thus add another rule to it. Description Access Filter Enter the name of the rule chain. Select an IP filter.
14 Networking Teldat GmbH A list of all configured interface assignments is displayed in the Networking->Access Rules->Interface Assignment menu. Fig. 93: Networking ->Access Rules ->Interface Assignment 14.5.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure additional assignments. Fig.
14 Networking Teldat GmbH Field Description • . # , : The sender receives an ICMP message. Reporting Method Define whether a syslog message is to be generated if a packet is denied. Possible values: • ' ) : No syslog message. • ! (default value): A syslog message is generated with the protocol number, source IP address and source port number. • .3 ): A syslog message is generated with the contents of the first 64 bytes of the denied packet. 14.
14 Networking Teldat GmbH Fig. 95: Networking ->Drop In->Drop In Groups ->New The Networking->Drop In->Drop In Groups->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Group Description Enter a unique name for the Drop In group. Mode Select which mode is to be used to send the MAC addresses of network components.
14 Networking Teldat GmbH Field Description • .?2 Network Address Only for Network Configuration = * " Enter the network address of the Drop In network. Netmask Only for Network Configuration = * " Enter the corresponding netmask. Local IP Address Only for Network Configuration = * " Enter the local IP address. This IP address must be identical for all the Ethernet ports in a network. DHCP Client on Interface Only for Network Configuration = .
14 Networking Teldat GmbH Field Description The function is disabled by default. Interface Selection Select all the ports which are to be included in the Drop In group (in the network). Add new entries with Add.
15 Routing Protocols Teldat GmbH Chapter 15 Routing Protocols 15.1 RIP The entries in the routing table can be defined statically or the routing table can be updated constantly by dynamic exchange of routing information between several devices. This exchange is controlled by a Routing Protocol, e.g. RIP (Routing Information Protocol).
15 Routing Protocols Teldat GmbH Fig. 97: Routing Protocols ->RIP->RIP Interfaces-> The menu Networking->RIP->RIP Interfaces-> consists of the following fields: Fields in the RIP Parameters for menu. Field Description Send Version Decide whether routes are to be propagated via RIP and if so, select the RIP version for sending RIP packets over the interface in send direction. Possible values: • ' (default value): RIP is not enabled. • @ 6 : Enables sending and receiving of version 1 RIP packets.
15 Routing Protocols Teldat GmbH Field Description • ' (default value): RIP is not enabled. • @ 6 : Enables sending and receiving of version 1 RIP packets. • @ 6 : Enables sending and receiving of version 2 RIP packets. • @ 6 56 :Enables sending and receiving RIP packets of both version 1 and 2. • @ 6 ( : RIP V1 messages are sent, received and processed as per RFC 2091 (triggered RIP). • @ 6 ( : RIP V2 messages are sent, received and processed as per RFC 2091 (triggered RIP).
15 Routing Protocols Teldat GmbH tion. You configure a filter for a default route with the following values: • IP Address / Netmask = no entry for IP address (this corresponds to IP address 0.0.0.0), for netmask = 255.255.255.255 A list of all RIP filters is displayed in the Routing Protocols->RIP->RIP Filter menu. Fig. 98: Routing Protocols ->RIP->RIP Filter You can use the button to insert another filter above the list entry. The configuration menu for creating a new window opens.
15 Routing Protocols Teldat GmbH Field Description Interface Select the interface to which the rule to be configured applies. IP Address / Netmask Enter the IP address and netmask to which the rule is to be applied. This address can be in the LAN or WAN. The rules for incoming and outgoing RIP packets (import or export) for the same IP address must be separately configured. You can enter individual host addresses or network addresses.
15 Routing Protocols Teldat GmbH 15.1.3 RIP Options Fig. 100: Routing Protocols ->RIP->RIP Options The menu Routing Protocols->RIP->RIP Options consists of the following fields: Fields in the Global RIP Parameters menu. Field Description RIP UDP Port The setting option UDP Port, which is used for sending and receiving RIP updates, is only for test purposes. If the setting is changed, this can mean that your device sends and listens at a port that no other devices use.
15 Routing Protocols Teldat GmbH Field Description (=“Network is not reachable“). The function is enabled with , . The function is disabled by default. RFC 2453 Variable Timer For the timers described in RFC 2453, select whether the same values that you can configure in the Timer for RIP V2 (RFC 2453) menu should be used. The function is enabled with , . The function is enabled by default. If you deactivate the function, the times defined in RFC are retained for the timeouts.
15 Routing Protocols Teldat GmbH Field Description Garbage Collection Timer Only for RFC 2453 Variable Timer = , The Garbage Collection Timer is started as soon as the route timeout has expired. After this timeout, the invalid route is deleted from the IPROUTETABLE if no update is carried out for the route. The default value is (seconds). Fields in the Timer for Triggered RIP (RFC 2091) menu.
Teldat GmbH 15 Routing Protocols • Connection costs: OSPF differs from RIP in that the connection costs are not calculated from the number of next hops, but from the bandwidth of the respective transport medium. • No limitation of the number of hops: The limitation of the maximum number of 16 hops for RIP does not exist for OSPF. Although the OSPF protocol is considerably more complex than RIP, the basic concept is the same, i.e. OSPF also determines the best path for forwarding the packets in each case.
15 Routing Protocols Teldat GmbH Certain areas can be defined as stub areas in OSPF. This prevents external networks, e.g. those propagated from other protocols by redistribution in OSPF, being propagated into the stub area. Externally routing of such areas is propagated with a default route. The configuration of a stub area reduces the database size in the area and reduces the amount of storage space needed on the gateways incorporated in the area. 15.2.
15 Routing Protocols Teldat GmbH Field Description Area ID Enter the ID to identify the OSPF aea. The backbone area is . Import external routes Specifies whether the gateway routing information generated from external autonomous systems (not areas) is to be imported. The function is enabled with , . The function is activated by default. Import summary routes Only for Import external routes = .
15 Routing Protocols Teldat GmbH 15.2.2 Interfaces In the Routing Protocols->OSPF->Interfaces menu, a list of all interfaces is displayed. Fig. 103: Routing Protocols ->OSPF->Interfaces Caution If your interfaces are not only to be assigned to Backbone Area 0.0.0.0, you must first define OSPF areas in the Routing Protocols+OSPF+Areas menu. 15.2.2.1 Edit Select the symbol to modify the OSPF settings fot the interfaces. Fig.
15 Routing Protocols Teldat GmbH Field Description Possible values: • -" : OSPF is activated for this interface, i.e. routes are propagated or OSPF protocol packets sent over this interface. • ## : OSPF is not activated for this interface, i.e. no routes are propagated or OSPF protocol packets sent over this interface. Networks reachable over this interface are, however, included when calculating the routing information and propagated over active interfaces.
15 Routing Protocols Teldat GmbH Field Description hash, which is sent with each packet Authentication Key Enter a text string to be used in combination with the defined Authentication Type. Export indirect static routes If this value is set to ' (default), only direct routes (i.e. routes to networks reached directly over this interface) are propagated over active OSPF interfaces (see Admin Status). If the value is set to J #, indirect static routes are also propagated over active interfaces.
15 Routing Protocols Teldat GmbH Field Description Generate default route If this option is activated, the gateway propagates a default for the AS route over all active OSPF interfaces. The function is disabled by default. Propagate routes bound on discard/refuse interface The logical interfaces REFUSE and IGNORE have the following meaning: REFUSE means (if a route exists on this) that packets from this interface are discarded and an ICMP Unreachable Reply is generated.
16 Multicast Teldat GmbH Chapter 16 Multicast What is multicasting? Many new communication technologies are based on communication from one sender to several recipients. Therefore, modern telecommunication systems such as voice over IP or video and audio streaming (e.g. IPTV or Webradio) focus on reducing data traffic, e.g. by offering TriplePlay (voice, video, data).
16 Multicast Teldat GmbH dedicated host, but rather a group, i.e. during the routing of multicast packets, the decisive factor is whether a recipient is in a logged-in subnet. In the local network, all hosts are required to accept all multicast packets. For Ethernet or FDD, this is based on MAC mapping, where the group address is encoded into the destination MAC address. For routing between several networks, the routers first need to make themselves known to all potential recipients in the subnet.
16 Multicast Teldat GmbH 16.1.1 General In the Multicast->General->Generalmenu you can disable or enable the multicast function. Fig. 106: Multicast->General->General The Multicast->General->Generalmenu consists of the following fields: Fields in the Basic Settings menu. Field Description Multicast Routing Select whether Multicast Routing should be used. The function is enabled with , . The function is disabled by default. 16.
16 Multicast Teldat GmbH 16.2.1 IGMP In this menu, you configure the interfaces on which IGMP is to be enabled. 16.2.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure IGMP on other interfaces. Fig. 107: Multicast->IGMP->IGMP->New The Multicast->IGMP->IGMP->New menu consists of the following fields: Fields in the IGMP Settings menu. Field Description Interface Select the interface on which IGMP is to be enabled, i.e.
16 Multicast Teldat GmbH Field Description Time within which hosts must respond. The hosts randomly select a time delay from this interval before sending the response. This spreads the load in networks with several hosts, improving performance. Possible values are E to E . The default value is E . Robustness Select the multiplier for controlling the timer values. A higher value can e.g. compensate for packet loss in a network susceptible to loss.
16 Multicast Teldat GmbH IGMP Proxy enables you to simulate several locally connected interfaces as a subnet to an adjacent router. Queries coming in to the IGMP Proxy interface are forwarded to the local subnets. Local reports are forwarded on the IPGM Proxy interface. Fig. 108: IGMP Proxy The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
16 Multicast Teldat GmbH Fig. 109: Multicast->IGMP->Options The Multicast->IGMP->Options menu consists of the following fields: Fields in the Basic Settings menu. Field Description IGMP Status Select the IGMP status. Possible values: • -3 (default value): Multicast is activated automatically for hosts if the hosts open applications that use multicast. • 0): Multicast is always on. • . 1 : Multicast is always off. Mode Only for IGMP Status = 0) or -3 Select Multicast Mode.
16 Multicast Teldat GmbH Field Description IGMP State Limit Enter the maximum permitted total number of incoming queries and messages per second. The default value is , i.e. the number of IGMP status messages is not limited. 16.3 Forwarding 16.3.1 Forwarding In this menu, you specify which multicast groups are always passed between the interfaces of your device. 16.3.1.1 New Choose the Newbutton to create forwarding rules for new multicast groups. Fig.
16 Multicast Teldat GmbH Field Description The option is deactivated by default. Multicast Group Address Only for All Multicast Groups = not active. Enter here the address of the multicast group you want to forward from a defined Source Interface to a defined Destination Interface. Source Interface Select the interface on your device to which the selected multicast group is sent. Destination Interface Select the interface on your device to which the selected multicast group is to be forwarded. 16.
16 Multicast Teldat GmbH 16.4.1.1 Edit or New Choose the icon to edit existing entries. To configure PIM lists, select the New button. Fig. 112: Multicast->PIM->PIM Interfaces->New The Multicast->PIM->PIM Interfaces->New menu consists of the following fields: Fields in the PIM Interface Settings menu. Field Description Interface Choose the interface used for PIM, i.e. over which multicast routing is operated. PIM Mode Indicates the mode to be used for PIM. Your device uses PIM in sparse mode.
16 Multicast Teldat GmbH Field Description are released. Designated Router PriDefine the value of the designated router priority entered in the ority Designated Router Priority option. The higher the value, the greater the probability that the corresponding router will be used as the designated router. The default value is . The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
16 Multicast Teldat GmbH Field Join/Prune Interval Description Define the frequency at which the PIM Join/Prune messages are sent on the interface. The value means that no periodic PIM Join/Prune messages are sent on this interface. Possible values: to seconds. The default value is . Join/Prune Hold Time Define the value entered in the holdtime field of a PIM Join/ Prune message. This is the time for which a recipient must maintain the Join/ Prune state. Possible values: to $ seconds.
16 Multicast Teldat GmbH 16.4.2 PIM Rendezvous Points In menu Multicast->PIM->PIM Rendezvous Points you determine which Rendezvous Point is responsible for which group. A list of all PIM Rendezvous Points is displayed. Fig. 113: Multicast->PIM->PIM Rendezvous Points 16.4.2.1 Edit or New Choose the icon to edit existing entries. To configure PIM Rendezvous Points, select the New button. Fig.
16 Multicast Teldat GmbH Field Description Here you enter the IP address of the multicast network segment. Multicast Group Prefix Only if Multicast Group Range = *) " ! " @ Length Here you enter the network mask length of the multicast network segment. 224.0.0.0/4 indicates the entire multicast class D segment. Possible values: (default value) to $ . Rendezvous Point IP Address Precedence Enter the IP address or the hostname of the rendezvous points.
16 Multicast Teldat GmbH The Multicast->PIM->PIM Options menu consists of the following fields: Fields in the Basic Settings menu. Field Description PIM Status Select whether PIM should be activated. The function is activated by selecting , . The function is disabled by default. Keepalive Period Enter the interval in seconds within which a KeepAlive message must be sent. Possible values: to $ . The default value is Register Suppression Timer .
17 WAN Teldat GmbH Chapter 17 WAN This menu offers various options for configuring accesses or connections from your LAN to the WAN. You can also optimise voice transmission here for telephone calls over the Internet. 17.1 Internet + Dialup In this menu, you can set up Internet access or dialup connections. In addition, you can create address pools for the dynamic assignment of IP addresses.
17 WAN Teldat GmbH Field Description specified number of seconds) administratively set to down (deactivated); connection setup not possible for leased lines: Default Route With a default route, all data is automatically forwarded to one connection if no other suitable route is available. Access to the Internet should always be set up as the default route to the Internet Service Provider (ISP). Further information on possible route types can be found under Networking->Routes.
17 WAN Teldat GmbH enter a common password and two codes. You get this information, for example, from your Internet Service Provider (ISP) or the system administrator at your head office. If the data you entered on your device is the same as the caller's data, the call is accepted. The call is rejected if the data is not the same.
17 WAN Teldat GmbH 17.1.1.1 New Choose the New button to set up new PPPoE interfaces. Fig. 116: WAN ->Internet + Dialup ->PPPoE ->New The menu WAN->Internet + Dialup->PPPoE->New consists of the following fields: Fields in the Basic Parameters menu. 272 Field Description Description Enter a name to uniquely identify the PPPoE partner. The first character in this field must not be a number No special characters or umlauts must be used.
17 WAN Teldat GmbH Field Description up over several interfaces ( %3, , 7). If you choose %3, , 7, you can connect several DSL connections from a provider over PPP as a static bundle in order to obtain more bandwidth. Each of these DSL connections should use a separate Ethernet connection for this. At the moment, many providers are still in the process of preparing the PPPoE Multilink function.
17 WAN Teldat GmbH Field Description The function is disabled by default. Only activate this option if you have Internet access with a flatrate charge. Connection Idle Timeout Only if Always on is disabled. Enter the idle time in seconds for static short hold. The static short hold setting determines how many seconds should pass between sending the last traffic data packet and clearing the connection. Possible values are to $ (seconds). deactivates the short hold. The default value is $ .
17 WAN Teldat GmbH Field Description Local IP Address Only if IP Address Mode = * " Enter the static IP address of the connection partner. Route Entries Only if IP Address Mode = * " Define other routing entries for this connection partner. Add new entries with Add. • @ - ##: IP address of the destination host or network. • ' #7: Netmask for Remote IP Address If no entry is made, your device uses a default netmask.
17 WAN Teldat GmbH Field Description • - 52?- : Primarily run CHAP, otherwise PAP. • %* 2?- : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol). • - 52?- 5%* 2?- : Primarily run CHAP, on denial then the authentication protocol required by the connection partner. (MSCHAP version 1 or 2 possible.) • %* 2?- : Run MS-CHAP version 2 only. • ' : Some providers use no authentication. In this case, select this option.
17 WAN Teldat GmbH Field Description The default value is . 17.1.2 PPTP A list of all PPTP interfaces is displayed in the WAN->Internet + Dialup->PPTP menu. In this menu, you configure an Internet connection that uses the Point Tunnelling Protocol (PPTP) to set up a connection. This is required in Austria, for example. 17.1.2.1 New Choose the New button to set up new PPTP interfaces.
17 WAN Teldat GmbH Fig. 117: WAN ->Internet + Dialup ->PPTP->New The menu WAN->Internet + Dialup->PPTP->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the internet connection. The first character in this field must not be a number No special characters or umlauts must be used. PPTP Ethernet Interface Select the IP interface over which packets are to be transported to the remote PPTP terminal.
17 WAN Teldat GmbH Field Description When using the internal DSL modem, select here the EthoA interface configured in Physical Interfaces->ATM->Profiles->New, e.g. . User Name Enter the user name. Password Enter the password. Always on Select whether the interface should always be activated. The function is enabled with , . The function is disabled by default. Only activate this option if you have Internet access with a flatrate charge.
17 WAN Teldat GmbH Field Description defined as the default route. The function is enabled with , . The function is enabled by default. Create NAT Policy Specify whether Network Address Translation (NAT) is to be activated. The function is enabled with , . The function is enabled by default. Local IP Address Only for IP Address Mode = * " Assign an IP address from your LAN to the PPT interface, which is to be used as your device's internal source address.
17 WAN Teldat GmbH Field Description The default value is . Authentication Select the authentication protocol for this Internet connection. Select the authentication specified by your provider. Possible values: • - (default value): Only run PAP (PPP Password Authentication Protocol); the password is transferred unencrypted. • 2?- : Only run CHAP (PPP Challenge Handshake Authentication Protocol as per RFC 1994); password is transferred encrypted. • - 52?- : Primarily run CHAP, otherwise PAP.
17 WAN Teldat GmbH Field Description selected Ethernet port. Local PPTP IP Address Assign the PPTP interface an IP address that is used as the source address. The default value is . Remote PPTP IP Address Enter the IP address of the PPTP partner. LCP Alive Check Select whether the availability of the remote terminal is to be checked by sending LCP echo requests or replies. This makes it possible to switch to a backup connection more quickly in the event of line faults.
17 WAN Teldat GmbH Fig. 118: WAN ->Internet + Dialup ->PPPoA ->New The menu WAN->Internet + Dialup->PPPoA->New consists of the following fields: Fields in the Basic Parameters menu. bintec Rxxx2/RTxxx2 Field Description Description Enter a name for uniquely identifying the connection partner. The first character in this field must not be a number No special characters or umlauts must be used.
17 WAN Teldat GmbH Field Description Always on Select whether the interface should always be activated. The function is enabled with , . The function is disabled by default. Only activate this option if you have Internet access with a flatrate charge. Connection Idle Timeout Only if Always on is disabled. Enter the idle time in seconds for static short hold.
17 WAN Teldat GmbH Field Description The function is enabled with , . The function is enabled by default. Local IP Address Only for IP Address Mode = * " Enter the static IP address you received from your provider. Route Entries Only if IP Address Mode = * " Define other routing entries for this connection partner. Add new entries with Add. • @ - ##: IP address of the destination host or network.
17 WAN Teldat GmbH Field Description • 2?- : Only run CHAP (PPP Challenge Handshake Authentication Protocol as per RFC 1994); password is transferred encrypted. • - 52?- : Primarily run CHAP, otherwise PAP. • %* 2?- : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol). • - 52?- 5%* 2?- : Primarily run CHAP, on denial then the authentication protocol required by the connection partner. (MSCHAP version 1 or 2 possible.) • %* 2?- : Run MS-CHAP version 2 only.
17 WAN Teldat GmbH • Internet access over ISDN • LAN to LAN connection over ISDN • Remote (Mobile) dial-in • Use of the ISDN Callback function 17.1.4.1 New Choose the Newbutton to set up new ISDN interfaces.
17 WAN Teldat GmbH Fig. 119: WAN ->Internet + Dialup ->ISDN->New The menu WAN->Internet + Dialup->ISDN->New consists of the following fields: Fields in the Basic Parameters menu.
17 WAN Teldat GmbH Field Description Description Enter a name for uniquely identifying the connection partner. The first character in this field must not be a number No special characters or umlauts must be used. Connection Type Select which layer 1 protocol your device should use. This setting applies for outgoing connections to the connection partner and only for incoming connections from the connection partner if they could be identified on the basis of the calling party number.
17 WAN Teldat GmbH Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: • * " (default value): You enter a static IP address. • - ##: Your device dynamically assigns an IP address to the remote terminal. • - ##: Your device is dynamically assigned an IP address.
17 WAN Teldat GmbH Field IP Assignment Pool Description Only if IP Address Mode = - ## Select IP pools configured in the WAN->Internet + Dialup->IP Poolsmenu. If an IP pool has not been configured here yet, the message ' & ! appears in this field. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
17 WAN Teldat GmbH Field Description • - 52?- : Primarily run CHAP, otherwise PAP. • %* 2?- : Only run MS-CHAP version 1 (PPP Microsoft Challenge Handshake Authentication Protocol). • - 52?- 5%* 2?- : Primarily run CHAP, on denial then the authentication protocol required by the connection partner. (MSCHAP version 1 or 2 possible.) • %* 2?- : Run MS-CHAP version 2 only. • ' : Some providers use no authentication. In this case, select this option.
17 WAN Teldat GmbH Field Description • 8 1# * % : Your device calls back after a period of time suggested by the Microsoft client (NT: 10 seconds, new systems: 12 seconds. It uses the call number (Entries->Call Number) with the Mode :3 or = entered for the connection partner. If no number is entered, the required number can be reported by the caller in a PPP negotiation. This setting should be avoided where possible for security reasons.
17 WAN Teldat GmbH Field Description • * ": Static channel bundling. • .& ": Dynamic channel bundling. Fields in the Dial Numbers menu Field Entries Description Add new entries with Add. Fields in menu Dial Number Configuration (appears only for Entries = Add) Field Description Mode Only if Entries = - Defines whether Call Number should be used for incoming or outgoing calls or for both. Possible values: • = (default value): For incoming and outgoing calls.
17 WAN Teldat GmbH Field Description • " : OSPF is disabled for this interface. Proxy ARP Mode Select whether and how ARP requests from your own LAN are to be responded to for the specified connection partner. Possible values: • " (default value): Deactivates Proxy ARP for this connection partner. • 0) . : Your device only responds to an ARP request if the status of the connection to the connection partner is 0) or . . In the case of .
17 WAN Teldat GmbH 17.1.5.1 New Choose the Newbutton to set up new AUX interfaces. Fig. 120: WAN ->Internet + Dialup ->AUX ->New The WAN->Internet + Dialup->AUX->New menu consists of the following fields: Fields in the Basic Parameters menu. 296 Field Description Description Enter a name for uniquely identifying the WAN partner. The first character in this field must not be a number No special characters or umlauts must be used.
17 WAN Teldat GmbH Field Description User Name Enter the user name. Password Always on Enter the password. Select whether the interface should always be activated. The function is enabled with , . The function is disabled by default. Only activate this option if you have Internet access with a flatrate charge. Connection Idle Timeout Only if Always on is disabled. Enter the idle time in seconds for static short hold.
17 WAN Teldat GmbH Field Description The function is enabled by default. Create NAT Policy Specify whether Network Address Translation (NAT) is to be activated. The function is enabled with , . The function is enabled by default. Local IP Address Only if IP Address Mode = * " Enter the static IP address of the connection partner. Route Entries Only if IP Address Mode = * " Define other routing entries for this connection partner. Add new entries with Add.
17 WAN Teldat GmbH Field Description Possible values are to . The default value is . Usage Type If necessary, select a special interface use. Possible values: • * (default value): No special type is selected. • . , ,&: The interface is used for incoming dialup connections and callbacks initiated externally. • %3, 0# . , ,& : The interface is defined as multi-user connection partner, i.e. several clients dial in with the same user name and password.
17 WAN Teldat GmbH Field Prioritize TCP ACK Packets Description Select whether the TCP download is to be optimised in the event of intensive TCP upload. This function can be specially applied for asymmetrical bandwidths (ADSL). The function is enabled with , . The function is disabled by default. LCP Alive Check Select whether the availability of the remote terminal is to be checked by sending LCP echo requests or replies.
17 WAN Teldat GmbH Field Description prox. four seconds if your device is requested to do so by the connection partner. Only makes sense for CLID. • 8 1# * % E 2 ,, "7 ) ,: like 8 1# * % with the option of termination. This setting should be avoided for security reasons. The Microsoft client also has the option of aborting callback and maintaining the initial connection to your device without callback.
17 WAN Teldat GmbH Field Description connection partner. • 0) . : Your device only responds to an ARP request if the status of the connection to the connection partner is 0) or . . In the case of , , your device only responds to the ARP request; the connection is not set up until someone actually wants to use the route. • 0) ,&: Your device responds to an ARP request only if the status of the connection to the connection partner is 0) , i.e.
17 WAN Teldat GmbH Fig. 121: WAN ->Internet + Dialup +IP Pools ->New Fields in the menu Basic Parameters Field Description IP Pool Name Enter any description to uniquely identify the IP pool. IP Address Range Enter the first (first field) and last (second field) IP address of the IP address pool. DNS Server Primary: Enter the IP address of the DNS server that is to be used, preferably, by clients who draw an address from this pool.
17 WAN Teldat GmbH The data is transmitted in so-called cells or slots of constant size. Each cell consists of 48 bytes of usage data and 5 bytes of control information. The control information contains, amongst other things, the ATM address which is similar to the Internet address. The ATM address is made up of the Virtual Path Identifier (VPI) and the Virtual Connection Identifier (VCI); this identifies the virtual connection. Various types of traffic flows are transported over ATM.
17 WAN Teldat GmbH Fig. 122: WAN ->ATM ->Profiles ->New The menu WAN->ATM->Profiles->New consists of the following fields: Fields in the ATM Profiles Parameter menu. Field Description Provider Select one of the preconfigured ATM profiles for your provider from the list or manually define the profile using 0# ! . Description Only for Provider = 0# ! Enter the desired description for the connection. ATM Interface Only if several ATM interfaces are available, e.g.
17 WAN Teldat GmbH Field Description • -(% (default value): Ethernet over ATM (EthoA) is used for the ATM connection (Permanent Virtual Circuit, PVC). • @ 3 " ,# -(%: Routed Protocols over ATM (RPoA) is used for the ATM connection (Permanent Virtual Circuit, PVC). • -(%: PPP over ATM (PPPoA) is used for the ATM connection (Permanent Virtual Circuit, PVC). Virtual Path Identifier (VPI) Only for Provider = 0# ! Enter the VPI value of the ATM connection.
17 WAN Teldat GmbH Field Description Bridged Ethernet with LLC/SNAP encapsulation with Frame Check Sequence (checksums). • ' *: (default value for Routed Protocols over ATM): Is only displayed for Type = @ 3 " ,# -(%. Encapsulation with LLC/SNAP header, suitable for IP routing. • //2: only displayed for Type = -(%. Encapsulation with LLC header.
17 WAN Teldat GmbH Field Description MAC Address Enter a MAC address for the internal router interface of ATM connection, e.g. 4 4! 4 4 !4 $. An entry is only required in special cases. For Internet connections, it is sufficient to select the option Use built-in (standard setting). An address is used which is derived from the MAC address of the . DHCP MAC Address Only for Address Mode = .?2 Enter the MAC address of the internal router interface of ATM connection, e.g. 4 4! 4 4 !4 $.
17 WAN Teldat GmbH Field Description Client Type Select whether the PPPoA connection is to be set up permanently or on demand. Possible values: • : . (default value): The PPPoA is only set up on demand, e.g. for Internet access. You'll find additional information on PPP over ATM under PPPoA on page 282. 17.2.
17 WAN Teldat GmbH Fig. 123: WAN ->ATM ->Service Categories->New The menu WAN->ATM->Service Categories->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Virtual Channel Connection (VCC) Select the already configured ATM connection (displayed by the combination of VPI and VCI) for which the service category is to be defined. ATM Service Category Select how the data traffic of the ATM connection is to be controlled.
17 WAN Teldat GmbH Field Description applications with burst data traffic. • 6 , = @ 6 $ 6=@ $ : A guaranteed data rate is assigned to the connection - Sustained Cell Rate (SCR). This may be exceeded by the volume configured in Maximum Burst Size (MBS). Additional ATM traffic is marked and handled with low priority based on the utilisation of the destination network, i.e. is discarded if necessary. The Peak Cell Rate (PCR) constitutes the maximum possible data rate.
17 WAN Teldat GmbH Note Generally, monitoring is not carried out by the terminal but is initiated by the ISP. Your device then only needs to react correctly to the signals received. This is ensured without a specific OAM configuration for both flow level 4 and flow level 5. Two mechanisms are available for monitoring the ATM connection: Loopback Tests and OAM Continuity Check (OAM CC). These can be configured independently of each other.
17 WAN Teldat GmbH Field Description OAM Flow Level Select the OAM flow level to be monitored. Possible values: • 9 : (virtual channel level) The OAM settings are used for the virtual channel (default value). • 9 : (virtual path level) The OAM settings are used on the virtual path.
17 WAN Teldat GmbH Field Description Loopback Segment Select whether you want to activate the loopback test for the segment connection (segment = connection of the local endpoint to the next connection point) of the VCC or VPC. The function is enabled with , . The function is disabled by default. Segment Send Interval Only if Loopback Segment is enabled. Enter the time in seconds after which a loopback cell is sent. Possible values are to . The default value is .
17 WAN Teldat GmbH Field Description Also select whether the test cells of the OAM CC are to be sent or received. Possible values: • = (default value): CC data is both received and generated. • * 7: CC data is received. • * 3 " : CC data is generated. Continuity Check (CC) Segment Select whether you want to activate the OAM-CC test for the segment connection (segment = connection of the local endpoint to the next connection point) of the VCC or VPC.
17 WAN Teldat GmbH 17.3.1 Interfaces In the WAN->Leased Line->Interfaces menu, a list of all is displayed. Automatic generation requires the corresponding ISDN interface to be configured. Fig.
17 WAN Teldat GmbH 17.3.1.1 Edit Choose the button to edit the configuration of the corresponding leased line for a BRI interface. Fig. 126: WAN ->Leased Line->Interfaces->Autogenerated from BRI (ISDN-S0) -> The WAN->Leased Line->Interfaces->Autogenerated from BRI (ISDN-S0)-> menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the desired description for the connection. Fields in the IP Mode and Routes menu.
17 WAN Teldat GmbH Field Description Local IP Address Enter the IP address you received from your network operator. Route Entries Define other routing entries for this connection class. Add new entries with Add. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field LCP Alive Check Description Select whether the reachability of the remote terminal is to be checked. The function is enabled with , . The function is enabled by default.
17 WAN Teldat GmbH Field Description • ## (default value): OSPF is not activated for this interface, i.e. no OSPF protocol packets sent over this interface. Networks reachable over this interface are, however, included when calculating the routing information and propagated over active interfaces. • -" : OSPF is not activated for this interface, i.e. OSPF protocol packets sent over this interface. • " : OSPF is disabled for this interface.
17 WAN Teldat GmbH Fig. 127: WAN ->Leased Line->Interfaces->Autogenerated from PRI (ISDN-S2M) -> The WAN->Leased Line->Interfaces->Autogenerated from PRI (ISDN-S2M)-> menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the desired description for the connection. Fields in the IP Mode and Routes menu. Field Description Default Route Select whether the route to this connection partner is to be defined as the default route.
17 WAN Teldat GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description LCP Alive Check Select whether the reachability of the remote terminal is to be checked. The function is enabled with , . The function is enabled by default. Prioritize TCP ACK Packets Select whether the TCP download is to be optimised in the event of intensive TCP upload. The function is enabled with , . The function is disabled by default.
17 WAN Teldat GmbH Field Description protocol packets sent over this interface. • " : OSPF is disabled for this interface. Proxy ARP Mode Select whether and how ARP requests are to be responded to for the specified connection partner. Possible values: • " (default value): Deactivates Proxy ARP for this connection partner. • 0) . : Your device only responds to an ARP request if the status of the connection to the connection partner is 0) or . .
17 WAN Teldat GmbH Fig. 128: WAN ->Real Time Jitter Control ->Controlled Interfaces ->New The menu WAN->Real Time Jitter Control->Controlled Interfaces->New consists of the following fields: Fields in the Basic Settings menu. Field Description Interface Define for which interfaces voice transmission is to be optimised. Control Mode Select the mode for the optimisation.
18 VPN Teldat GmbH Chapter 18 VPN A connection that uses the Internet as a "transport medium" but is not publicly accessible is referred to as a VPN (Virtual Private Network). Only authorised users have access to such a VPN, which is seemingly also referred to as a VPN tunnel. Normally the data transported over a VPN is encrypted. A VPN allows field staff or staff working from home offices to access data on the company's network. Subsidiaries can also connect to head office over VPN.
18 VPN Teldat GmbH The policy-based method uses data traffic filters to negotiate the IPSec phase 2 SAs. This allows for a very "fine-grained" filter to be applied to the IP packet, even at the level of the protocol and the port. The routing-based method offers various advantages over the policy-based method, e.g., NAT/PAT within a tunnel, IPSec in combination with routing protocols and the creation of VPN backup scenarios.
18 VPN Teldat GmbH Fig. 129: VPN->IPSec->IPSec Peers Peer Monitoring The menu for monitoring a peer is called by selecting the button for the peer in the peer list. See Values in the IPSec Tunnels list on page 532. 18.1.1.1 New Choose the New button to set up more IPSec peers.
18 VPN Teldat GmbH Fig. 130: VPN->IPSec->IPSec Peers ->New The menu VPN->IPSec->IPSec Peers->New consists of the following fields: Fields in the menu Peer Parameters bintec Rxxx2/RTxxx2 Field Description Administrative Status Select the status to which you wish to set the peer after saving the peer configuration.
18 VPN Teldat GmbH Field Description Possible values: • 0) (default value): The peer is available for setting up a tunnel immediately after saving the configuration. • . 1 : The peer is initially not available after the configuration has been saved. Description Enter a description of the peer that identifies it. The maximum length of the entry is 255 characters. Peer Address Enter the official IP address of the peer or its resolvable host name.
18 VPN Teldat GmbH Field Authentication Method Description Only for Internet Key Exchange = > Select the authentication method. Possible values: • # > &# (default value): If you do not use certificates for the authentication, you can select Preshared Keys. These are configured during peer configuration in the IPSec Peers. The preshared key is the shared password. • @*- * 3 : Phase 1 key calculations are authenticated using the RSA algorithm.
18 VPN Teldat GmbH Field Description Preshared Key Enter the password agreed with the peer. The maximum length of the entry is 50 characters. All characters are possible except for < at the start of the entry. Fields in the menu Interface Routes Field Description IP Address Assignment Select the configuration mode of the interface. Possible values: • * " (default value): Enter a static IP address.
18 VPN Teldat GmbH Field Description the default route. The function is enabled with , . The function is disabled by default. Local IP Address Only for IP Address Assignment = * " or > 2 ! % * Enter the WAN IP address of your IPSec tunnel. This can be the same IP address as the address configured on your router as the LAN IP address. Metric Only for IP Address Assignment = * " or > 2 ! % 2, and Default Route = , Select the priority of the route.
18 VPN Teldat GmbH • a method based on policies and • a method based on routing. The policy-based method can only be configured using the Setup tool. With the GUI, you use the routing-based method. (The latter is also available using the Setup tool.) The policy-based method uses data traffic filters to negotiate the IPSec phase 2 SAs. This enables the filtering of the IP packets to be very "fine grained" down to protocol and port level.
18 VPN Teldat GmbH Fig. 131: VPN->IPSec->IPSec Peers ->New->Add Fields in the menu Basic Parameters Field Description Description Enter a description for the filter. Protocol Select a protocol. The - & option (default value) matches any protocol. Source IP Address/ Netmask Enter, if required, the source IP address and netmask of the data packets. Possible values: • - & • ? # : Enter the IP address of the host. • ' 1 7 (default value): Enter the network address and the related netmask.
18 VPN Teldat GmbH Field Description -,, (= -1) means that the port is not specified. Destination IP Address/Netmask Enter the destination IP address and corresponding netmask of the data packets. Destination Port Only for Protocol = (2 or 0. Enter the destination port of the data packets. The default setting -,, (= -1) means that the port is not specified.
18 VPN Teldat GmbH Field Description XAUTH Profile Select a profile created in VPN->IPSec->XAUTH Profiles if you wish to use this IPSec peer XAuth for authentication. If XAuth is used together with IKE Config Mode, the transactions for XAuth are carried out before the transactions for IKE Config Mode. Number of Admitted Connections Choose how many users can connect using this peer profile.
18 VPN Teldat GmbH Field Description The function is disabled by default. MobIKE Only for peers with IKEv2. MobIKE With changing public IP addresses, enables only these addresses to be updated in the SAs, without having to renegotiate the SAs themselves. The function is enabled by default. Note that MobIKE requires a current IPSec client, e.g. an upto-date Windows 7 or Windows 8 client, or the most recent version of the Teldat IPSec client.
18 VPN Teldat GmbH to be accepted by your device. The identification of the caller from his or her ISDN number is enough information to initiate setting up a tunnel. To set up this service, you must first configure a call number for IPSec callback on the passive side in the Physical Interfaces->ISDN Ports->MSN Configuration->New menu. The value Service is available for this purpose in the * " field. This entry ensures that incoming calls for this number are routed to the IPSec service.
18 VPN Teldat GmbH via DynDNS is not correct. This problem is avoided by transferring the IP address over ISDN. This type of transfer of dynamic IP addresses also enables the more secure ID Protect mode (main mode) to be used for tunnel setup. Method of operation: Various modes are available for transferring your own IP address to the peer: The address can be transferred free in the D channel or in the B channel, but here the call must be accepted by the remote station and therefore incurs costs.
18 VPN Teldat GmbH ducted in the ID Protect mode using preshared keys. Note In some countries (e.g. Switzerland), the call in the D channel can also incur costs. An incorrect configuration at the called side can mean that the called side opens the B channel the calling side incurs costs. The following options are only available on devices with an ISDN connection: Fields in the menu IPSec Callback Field Description Mode Select the Callback Mode.
18 VPN Teldat GmbH Field Description Transfer own IP address over ISDN/GSM Select whether the IP address of your own device is to be transferred over ISDN for IPSec callback. The function is enabled with , . The function is disabled by default. Transfer Mode Only for Transfer own IP address over ISDN/GSM = enabled Select the mode in which your device is to attempt to transfer its IP address to the peer.
18 VPN Teldat GmbH Field Description • //2 *0=-..@: The IP address is transferred in both the "LLC" and "subaddress information elements". 18.1.2 Phase-1 Profiles A list of all configured tunnel profiles is displayed in the VPN->IPSec->Phase-1 Profiles menu. Fig. 132: VPN->IPSec->Phase-1 Profiles In the Default column, you can mark the profile to be used as the default profile. 18.1.2.
18 VPN Teldat GmbH Fig. 133: VPN->IPSec->Phase-1 Profiles ->New The menu VPN->IPSec->Phase-1 Profiles->New consists of the following fields: Fields in the Phase-1 (IKE) Parameters menu. Field Description Description Enter a description that uniquely defines the type of rule. Proposals In this field, you can select any combination of encryption and message hash algorithms for IKE phase 1 on your device.
18 VPN Teldat GmbH Field Description (Advanced Encryption Standard). It is rated as just as secure as Rijndael (AES), but is slower. • =, 1! # : Blowfish is a very secure and fast algorithm. Twofish can be regarded as the successor to Blowfish. • 2-*(: CAST is also a very secure algorithm, marginally slower than Blowfish, but faster than 3DES. • . *: DES is an older encryption algorithm, which is rated as weak due to its small effective length of 56 bits.
18 VPN Teldat GmbH Field Description ation or the hash algorithms is based on the author’s knowledge and opinion at the time of creating this User Guide. In particular, the quality of the algorithms is subject to relative aspects and may change due to mathematical or cryptographic developments. DH Group Only for Phase-1 (IKE) Parameters The Diffie-Hellman group defines the parameter set used as the basis for the key calculation during phase 1.
18 VPN Teldat GmbH Field Description Possible values: • # > &# (default value): If you do not use certificates for the authentication, you can select Preshared Keys. These are configured during peer configuration in the VPN->IPSec->IPSec Peers. The preshared key is the shared password. • .*- * 3 : Phase 1 key calculations are authenticated using the DSA algorithm. • @*- * 3 : Phase 1 key calculations are authenticated using the RSA algorithm.
18 VPN Teldat GmbH Field Description Strict), or the peer can also propose another mode. Local ID Type Only for Phase-1 (IKE) Parameters Select the local ID type. Possible values: • 93,,& D3 , ! . ' 9D.' • , - ## • 6 - ## • -*' .' . # 3 # ' Local ID Value Only for Phase-1 (IKE) Parameters Enter the ID of your device. For Authentication Method = .*- * 3 , @*- * 3 or @*- " &) the Use Subject Name from certificate option is displayed.
18 VPN Teldat GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description Alive Check Only for Phase-1 (IKE) Parameters Select the method to be used to check the functionality of the IPSec connection. In addition to the default method Dead Peer Detection (DPD), the (proprietary) Heartbeat method is implemented. This sends and receives signals every 5 seconds, depending on the configuration.
18 VPN Teldat GmbH Field Description The function is enabled by default. Block Time Define how long a peer is blocked for tunnel setups after a phase 1 tunnel setup has failed. This only affects locally initiated setup attempts. Possible values are to (seconds); means the value in the default profile is used and means that the peer is never blocked. The default value is $ .
18 VPN Teldat GmbH Field Description you can select up to three CA certificates that are accepted for this profile. This option can only be configured if certificates are loaded. 18.1.3 Phase-2 Profiles You can define profiles for phase 2 of the tunnel setup just as for phase 1. In the VPN->IPSec->Phase-2 Profiles menu, a list of all configured IPSec phase 2 profiles is displayed. Fig. 134: VPN->IPSec->Phase-2 Profiles In the Default column, you can mark the profile to be used as the default profile.
18 VPN Teldat GmbH Fig. 135: VPN->IPSec->Phase-2 Profiles ->New The menu VPN->IPSec->Phase-2 Profiles->New consists of the following fields: Fields in the Phase-2 (IPSEC) Parameters menu. Field Description Description Enter a description that uniquely identifies the profile. The maximum length of the entry is 255 characters. Proposals In this field, you can select any combination of encryption and message hash algorithms for IKE phase 2 on your default.
18 VPN Teldat GmbH Field Description - * , a key length of 128 bits is used. • - * : Rijndael has been nominated as AES due to its fast key setup, low memory requirements, high level of security against attacks and general speed. Here, it is used with a key length of 128 bits. • - * : Rijndael has been nominated as AES due to its fast key setup, low memory requirements, high level of security against attacks and general speed. Here, it is used with a key length of 192 bits.
18 VPN Teldat GmbH Field Description used to protect the keys of a renewed phase 2 SA, even if the keys of the phase 1 SA have become known. The field has the following options: • + = : During the Diffie-Hellman key calculation, modular exponentiation at 768 bits is used to create the encryption material. • = (default value): During the Diffie-Hellman key calculation, modular exponentiation at 1024 bits is used to create the encryption material.
18 VPN Teldat GmbH Field Description IP Compression Select whether compression is to be activated before data encryption. If data is compressed effectively, this can result in higher performance and a lower volume of data to be transferred. In the case of fast lines or data that cannot be compressed, you are advised against using this option as the performance can be significantly affected by the increased effort during compression. The function is enabled with , .
18 VPN Teldat GmbH 18.1.4 XAUTH Profiles In the XAUTH Profiles menu a list of all XAUTH profiles is displayed. Extended Authentication for IPSec (XAuth) is an additional authentication method for IPSec tunnel users. The gateway can take on two different roles when using XAuth as it can act as a server or as a client: • As a server the gateway requires a proof of authorisation. • As a client the gateway provides proof of authorisation. In server mode multiple users can obtain authentication via XAuth, e.g.
18 VPN Teldat GmbH The VPN->IPSec->XAUTH Profiles ->New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a description for this XAuth profile. Role Select the role of the gateway for XAuth authentication. Possible values: • * (default value): The gateway requires a proof of authorisation. • 2, : The gateway provides proof of authorisation. Mode Only for Role = * Select how authentication is carried out.
18 VPN Teldat GmbH Field Description entering the authentication name of the client (Name)) and the authentication password (Password). Add new members with Add. 18.1.5 IP Pools In the IP Pools menu a list of all IP pools for your configured IPSec connections is displayed. If for an IPSec peer you have set IP Address Assignment > 2 ! % you must define the IP pools here from which the IP addresses are assigned. * , 18.1.5.1 Edit or New Choose the New button to set up new IP address pools.
18 VPN Teldat GmbH Field Description DNS server. 18.1.6 Options Fig. 138: VPN->IPSec->Options The menu VPN->IPSec->Options consists of the following fields: Fields in the Global Options menu. Field Description Enable IPSec Select whether you want to activate IPSec. The function is enabled with , . The function is active as soon as an IPSec Peer is configured. Delete complete IPSec If you click the configuration of your device.
18 VPN Teldat GmbH Field Description This cancels all settings made during the IPSec configuration. Once the configuration is deleted, you can start with a completely new IPSec configuration. You can only delete the configuration if Enable IPSec = not activated. IPSec Debug Level Select the priority of the syslog messages of the IPSec subsystem to be recorded internally. Possible values: • "& (highest priority) • -, • 2 " , • • 8 • ' " • ! • .
18 VPN Teldat GmbH Field Description The function is enabled with , . The function is disabled by default. Send Initial Contact Message Select whether IKE Initial Contact messages are to be sent during IKE (phase 1) if no SAs with a peer exist. The function is enabled with , . The function is enabled by default. Sync SAs with ISP interface state Select whether all SAs are to be deleted whose data traffic was routed via an interface on which the status has changed from 0) to . 1 , .
18 VPN Teldat GmbH Field Description quest Payloads end during IKE (phase 1) are to be ignored. The function is enabled with , . The function is disabled by default. Send Certificate Request Payloads Select whether certificate requests are to be sent during IKE (phase 1). The function is enabled with , . The function is enabled by default. Send Certificate Chains Select whether complete certificate chains are to be sent during IKE (phase 1). The function is enabled with , .
18 VPN Teldat GmbH • L2TP LNS Mode (L2TP Network Server): for incoming connections only • L2TP LAC Mode (L2TP Access Concentrator): for outgoing connections only Note the following when configuring the server and client: An L2TP tunnel profile must be created on each of the two sides (LAC and LNS). The corresponding L2TP tunnel profile is used on the initiator side (LAC) to set up the connection. The L2TP tunnel profile is needed on the responder side (LNS) to accept the connection. 18.2.
18 VPN Teldat GmbH Fields in the Basic Parameters menu. Field Description Description Enter a description for the current profile. The device automatically names the profiles / ( and numbers them, but the value can be changed. Local Hostname Enter the host name for LNS or LAC. • /-2: The local hostname is used in outgoing tunnel setup messages to identify this device and is associated with the remote hostname of a tunnel profile configured on the LNS.
18 VPN Teldat GmbH Field Description Remote IP Address Enter the fixed IP address of the LNS used as the destination address for connections based on this profile. The destination must be a device that can behave like an LNS. UDP Source Port Enter how the port number to be used as the source port for all outgoing L2TP connections based on this profile is to be determined.
18 VPN Teldat GmbH Field Description value means that no L2TP HELLO messages are sent. Minimum Time between Retries Enter the minimum time (in seconds) that your device waits before resending a L2TP control packet for which it received no response. The wait time is dynamically extended until it reaches the Maximum Time between Retries. The available values are to , the default value is .
18 VPN Teldat GmbH Fig. 140: VPN->L2TP->Users->New The menu VPN->L2TP->Users->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a name for uniquely identifying the L2TP partner. The first character in this field must not be a number No special characters or umlauts must be used. The maximum length of the entry is 25 characters.
18 VPN Teldat GmbH Field Description Connection Type Select whether the L2TP partner is to take on the role of the L2TP network server (LNS) or the functions of a L2TP access concentrator client (LAC client). Possible values: • /'* (default value): If you select this option, the L2TP partner is configured so that it accepts L2TP tunnels and restores the encapsulated PPP traffic flow.
18 VPN Teldat GmbH Field Description Possible values: • * " (default value): You enter a static IP address. • - ##: Only for Connection Type = /'*. Your device dynamically assigns an IP address to the remote terminal. • - ##: Only for Connection Type = /-2. Your device is dynamically assigned an IP address. Default Route Only for IP Address Mode = - ## and * " Select whether the route to this connection partner is to be defined as the default route.
18 VPN Teldat GmbH The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu. Field Description Block after connection Enter the wait time in seconds before the device should try failure for again after an attempt to set up a connection has failed. The default value is $ . Authentication Select the authentication protocol for this L2TP partner.
18 VPN Teldat GmbH Field Description Compression If necessary, select the type of encryption that should be used for data traffic to the connection partner. If encryption is set, the remote terminal must also support it, otherwise a connection cannot be set up. Possible values: • ' (default value): Encryption is not used.
18 VPN Teldat GmbH Field Description • " : OSPF is disabled for this interface. Proxy ARP Mode Select whether your device is to respond to ARP requests from its own LAN on behalf of the specific L2TP partner. Possible values: • " (default value): Deactivates Proxy ARP for this L2TP partner. • 0) . : Your device only responds to an ARP request if the status of the connection to the L2TP partner is 0) (active) or . .
18 VPN Teldat GmbH Field Description UDP Destination Port Enter the port to be monitored by the LNS on incoming L2TP tunnel connections. Available values are all whole numbers from to $ , the default value is + , as specified in RFC 2661. UDP Source Port Selection Select whether the LNS should only use the monitored port (UDP Destination Port) as the local source port for the L2TP connection. The function is enabled with 9 < . The function is disabled by default. 18.
18 VPN Teldat GmbH 18.3.1.1 New Click on New to set up further PPTP partners. Fig. 142: VPN->PPTP->PPTP Tunnels ->New The VPN->PPTP->PPTP Tunnels->New menu consists of the following fields: Fields in the PPTP Partner Parameters menu.
18 VPN Teldat GmbH Field Description Description Enter a unique name for the tunnel. The first character in this field must not be a number No special characters or umlauts must be used. PPTP Mode Enter the role to be assigned to the PPTP interface. Possible values: • '* (default value): this assigns the PPTP interface the role of PPTP server. • 8 1# 2, % : This assigns the PPTP interface the role of PPTP client. User Name Enter the user name. Password Enter the password.
18 VPN Teldat GmbH Fields in the IP Mode and Routes menu. Field Description IP Address Mode Select whether your device is to be assigned a static IP address or whether it should be assigned this dynamically. Possible values: • * " (default value): You enter a static IP address. • - ##: Only for PPTP Mode = '*: Your device dynamically assigns an IP address to the remote terminal.
18 VPN Teldat GmbH Field Description • % ": The lower the value, the higher the priority of the route (possible values ). The default value is . IP Assignment Pool (IPCP) Only if PPTP Mode = '*, IP Address Mode = - ## Select a IP pool configured in the VPN->PPTP->IP Pools menu. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
18 VPN Teldat GmbH Field Description Possible values: • ' : MPP encryption is not used. • , (default value): MPP encryption V2 with 128 bit is used to RFC 3078. • 8 1# " ) , : MPP encryption V2 with 128 bit is used as compatible with Microsoft and Cisco. Compression If necessary, select the type of encryption that should be used for data traffic to the connection partner. If encryption is set, the remote terminal must also support it, otherwise a connection cannot be set up.
18 VPN Teldat GmbH Field Description propagated or OSPF protocol packets sent over this interface. • " : OSPF is disabled for this interface. Proxy ARP Mode Select whether your device is to answer APR requests from your LAN on behalf of the specific PPTP partner. Possible values: • " (default value): Disables Proxy-ARP (Address Resolution Protocol) for this PPTP partner. • 0) .
18 VPN Teldat GmbH Field Description cial applications. Incoming ISDN Number Only if Callback is enabled. Outgoing ISDN Number Only if Callback is enabled. Enter the ISDN number from which the remote device calls the local device (calling party number). Enter the ISDN number with which the local device calls the remote device calls (called party number).
18 VPN Teldat GmbH Field GRE Window Adaption Description Select whether the GRE Window Adaptation is to be enabled. This adaptation only becomes necessary if you have installed service pack 1 from Microsoft Windows XP. Since, in SP 1, Microsoft has changed the confirmation algorithm in the GRE protocol, the automatic window adaptation for GRE must be turned off for Teldat devices. The function is enabled with , . The function is enabled by default.
18 VPN Teldat GmbH 18.3.3.1 Edit or New Choose theNew button to set up new IP address pools. Choose the icon to edit existing entries. Fig. 144: VPN->PPTP+IP Pools ->New Fields in the menu Basic Parameters Field Description IP Pool Name Enter any description to uniquely identify the IP pool. IP Address Range Enter the first (first field) and last (second field) IP address of the IP address pool.
18 VPN Teldat GmbH over this interface is then encapsulated using GRE and sent to the specified recipient. 18.4.1 GRE Tunnels A list of all configured GRE tunnels is displayed in the VPN->GRE->GRE Tunnels menu. 18.4.1.1 New Choose the New button to set up new GRE tunnels. Fig. 145: VPN->GRE->GRE Tunnels ->New The VPN->GRE->GRE Tunnels->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter a description for the GRE tunnel.
18 VPN Teldat GmbH Field Default Route Description If you enable the Default Route, all data is automatically routed to one connection. The function is disabled by default. Local IP Address Route Entries Here, enter the (LAN-side) IP address that is to be used as your device's source address for your own packets through the GRE tunnel. Define other routing entries for this connection partner. Add new entries with Add. • @ - ##: IP address of the destination host or network.
19 Firewall Teldat GmbH Chapter 19 Firewall The Stateful Inspection Firewall (SIF) provided for Teldat gateways is a powerful security feature. The SIF with dynamic packet filtering has a decisive advantage over static packet filtering: The decision whether or not to send a packet cannot be made solely on the basis of source and destination addresses or ports but also using dynamic packet filtering based on the state of the connection to a partner.
19 Firewall Teldat GmbH One of the basic functions of NAT is the translation of the local IP addresses of your LAN into the global IP addresses you are assigned by your ISP and vice versa. All connections initiated externally are first blocked, i.e. every packet your device cannot assign to an existing connection is rejected. This means that a connection can only be set up from inside to outside. Without explicit permission, NAT rejects every access from the WAN to the LAN.
19 Firewall Teldat GmbH in succession until a rule matches. If overlapping occurs, i.e. more than one filter rule matches a packet, only the first rule is executed. This means that if the first rule denies a packet, whereas a later rule allows it, the packet is rejected. A deny rule also has no effect if a relevant packet has previously been allowed by another filter rule. A list of all configured filter rules is displayed in the Firewall->Policies->Filter Rules menu. Fig.
19 Firewall Teldat GmbH Field Description Source Select one of the preconfigured aliases for the source of the packet. In the list, all WAN/LAN interfaces, interface groups (see Firewall->Interfaces->Groups), addresses (see Firewall->Addresses->Address List) and address groups (see Firewall->Addresses->Groups) are available. The value - & means that neither the source interface nor the source address is checked. Destination Select one of the preconfigured aliases for the destination of the packet.
19 Firewall Teldat GmbH Field Description Action Select the action to be applied to a filtered packet. Possible values: • -"" ## (default value): The packets are forwarded on the basis of the entries. • . &: The packets are rejected. • @ L " : The packets are rejected. An error message is issued to the sender of the packet. Apply QoS Only for Action = -"" ## Select whether you want to enable QoS for this policy with the priority selected in Priority. The function is enabled with , .
19 Firewall Teldat GmbH 19.1.2 QoS More and more applications need increasingly larger bandwidths, which are not always available. Quality of Service (QoS) makes it possible to distribute the available bandwidths effectively and intelligently. Certain applications can be given preference and bandwidth reserved for them. A list of all QoS rules is displayed in the Firewall->Policies->QoS menu. 19.1.2.1 New Choose the New button to set up new QoS rules. Fig.
19 Firewall Teldat GmbH Field Description Filter Rules This field contains a list of all configured firewall policies for which QoS was activated (Apply QoS = , ). The following options are available for each list entry: • Use: Select whether this entry should be assigned to the QoS interface. The option is deactivated by default. • Bandwidth: Enter the maximum available bandwidth in Bit/s for the service specified under Service. is entered by default.
19 Firewall Teldat GmbH Field Description Firewall Status Enable or disable the firewall function. The function is enabled with , The function is enabled by default. Logged Actions Select the firewall syslog level. The messages are output together with messages from other subsystems. Possible values: • -,, (default value): All firewall activities are displayed. • . &: Only reject and deny events are shown, see "Action". • -"" ) : Only accept events are shown.
19 Firewall Teldat GmbH Field Description The default value is . Other Inactivity Enter the inactivity time after which a session of another type is to be regarded as expired (in seconds). Possible values are $ to . The default value is $ . 19.2 Interfaces 19.2.1 Groups A list of all configured interface routes is displayed in the Firewall->Interfaces->Groups menu. You can group together the interfaces of your device. This makes it easier to configure firewall rules. 19.2.1.
19 Firewall Teldat GmbH Field Description Description Enter the desired description of the interface group. Members Select the members of the group from the available interfaces. To do this, activate the field in the Selection column. 19.3 Addresses 19.3.1 Address List A list of all configured addresses is displayed in the Firewall->Addresses->Address List menu. 19.3.1.1 New Choose the New button to create additional addresses. Fig.
19 Firewall Teldat GmbH Field Description • - ## @ end address. Address / Subnet : Enter an IP address range with a start and Only for Address Type = - ## 5 *3 Enter the IP address of the host or a network address and the related netmask. The default value is . Address Range Only for Address Type = - ## @ Enter the start and end IP address of the range. 19.3.2 Groups A list of all configured address groups is displayed in the Firewall->Addresses->Groups menu.
19 Firewall Teldat GmbH Field Description Selection Select the members of the group from the available Addresses. To do this, activate the Fields in the Selection column. 19.4 Services 19.4.1 Service List In the Firewall->Services->Service List menu, a list of all available services is displayed. 19.4.1.1 New Choose the New button to set up additional services. Fig.
19 Firewall Teldat GmbH Field Description specified port number is verified. If a port range is to be checked, enter the upper limit here. Possible values are Source Port Range to $ . Only for Protocol = (2 , 0. 5(2 or 0. In the first field, enter the source port to be checked, if applicable. If a port number range is specified, in the second field enter the last port of the port range. By default the field does not contain an entry.
19 Firewall Teldat GmbH Field Description Code Selection options for the ICMP codes are only available for Type = . # 3 " , Possible values: • - & (default value) • ' 0 " , • ? # 0 " , • " , 0 " , • 0 " , • 9 ' • 2 3 " 1 . # ' 1 7 # - # ,& • 2 3 " 1 . # ? # # - # ,& 19.4.
19 Firewall Teldat GmbH Fig. 154: Firewall ->Services->Groups->New The menu Firewall->Services->Groups->New consists of the following fields: Fields in the Basic Parameters menu. bintec Rxxx2/RTxxx2 Field Description Description Enter the desired description of the service group. Members Select the members of the group from the available service aliases. To do this, activate the Fields in the Selection column.
20 VoIP Teldat GmbH Chapter 20 VoIP Voice over IP (VoIP) uses the IP protocol for voice and video transmission. The main difference compared with conventional telephony is that the voice information is not transmitted over a switched connection in a telephone network, but divided into data packets by the Internet protocol and these packets are then passed to the destination over undefined paths in a network.
20 VoIP Teldat GmbH 20.1.1.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create application level gateway entries. Fig. 155: VoIP ->Application Level Gateway ->SIP Proxies -> The VoIP->Application Level Gateway->SIP Proxies-> +New +New menu consists of the fol- lowing fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the application level gateway.
20 VoIP Teldat GmbH Field Description data packets are sent or received. This value must be greater than the SIP Expire Time of the connected SIP client (SIP telephone, terminal adapter etc.) The default value is . Low Latency Transmission Specify whether a mechanism should be used to minimise the transit time of VoIP data packets between two subscribers. This guarantees good voice quality with high line load.
20 VoIP Teldat GmbH Note Entries created dynamically for active sessions cannot be edited. These entries can only be removed resulting in the immediate termination of the corresponding SIP connection. Fig. 156: VoIP ->Application Level Gateway ->SIP Endpoints-> The VoIP->Application Level Gateway->SIP Endpoints-> +New +New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Type of Endpoint Select the role for the SIP endpoint in the LAN.
20 VoIP Teldat GmbH Field Description Internal IP Address Specify the IP address for the internal SIP endpoint in the LAN. Remote Port Only for Type of Endpoint = 2, Enter the port of the removed SIP terminal (in the WAN). Internal Port Only for Type of Endpoint = * Enter the port for the internal SIP endpoint in the LAN. External Port Specify the port on the WAN site of the gateway that is used for access through the NAPT barriers to a SIP endpoint in the LAN.
20 VoIP Teldat GmbH 20.2.1 Extensions Here you can configure the numbers of the terminal devices (=Extensions) connected to the media gateway, i.e. the numbers of the SIP terminals and the numbers of the ISDN terminals, depending on the available interfaces. A list of all existing subscribers is displayed in the VoIP->Media Gateway->Extensions menu. 20.2.1.1 Edit or New Choose the icon to edit existing entries. Select the New button to create new exten- sions. Fig.
20 VoIP Teldat GmbH The VoIP->Media Gateway->Extensions-> +New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the extension. Extension / User Name ISDN terminals: Enter the subscriber number the extension. SIP terminals: Enter the user name. A maximum of 40 characters can be entered. Interface Type Select the interface type to be used. The selection depends on the interfaces available.
20 VoIP Teldat GmbH Field Description SIP REGISTER. Normally, every SIP client (user) sends its current position to a REGISTRAR server by means of a REGISTER message. This information about the user and his current address is held by the REGISTRAR server and queried by other proxies to find the user. The function is enabled with , . The function is enabled by default.
20 VoIP Teldat GmbH Field Password Description Only for Interface Type = * Enter a password here. A maximum of 20 characters can be entered. The password given here must also be entered on the SIP telephone. Protocol Select the protocol to be used for data transmission. Possible values: 0. (default value), (2 or (/*. If a protocol has been automatically recognised, it should not be changed.
20 VoIP Teldat GmbH Field Description decs chosen here are proposed in a certain order, depending on the setting in the Codec Proposal Sequence field. Possible values: • + 3/ 1: ISDN codec according to US law • + / 1: ISDN codec according to EU law • + : Compressed from 31 to 8 kbps; good voice quality • + : Compressed from 63 to 40 kbps • + $ : Compressed from 55 to 32 kbps • + : Compressed from 47 to 24 kbps • + : Compressed from 39 to 16 kbps • .
20 VoIP Teldat GmbH Field Description Comfort Noise Genera- Specify whether Comfort Noise Generation should be used. tion (CNG) For digital voice transmission, this function introduces a low level of background noise to avoid the impression that, during pauses at the other end, the connection is lost. The function is enabled with , . The function is enabled by default. Packet Size Specify how many milliseconds of voice an RTP data packet should contain. Possible values are to .
20 VoIP Teldat GmbH 20.2.2.1 Edit or New Select the New button to create new SIP accounts. Choose the icon to edit existing entries. In this menu SIP accounts are configured in SIP client mode as well as in SIP server mode. Fig. 158: VoIP ->Media Gateway ->SIP Accounts-> The VoIP->Media Gateway->SIP Accounts-> +New +New menu consists of the following fields: Fields in the Basic Parameters menu.
20 VoIP Teldat GmbH Field Description Description Enter the name of the SIP account. Administrative Status Select whether the SIP account should be enabled or disabled. The function is enabled with , . The function is enabled by default. Trunk Mode Select whether and in which trunk mode the SIP account should be operated. Trunk mode (DDI, Direct Dial In) allows an incoming call to be assigned correctly to a terminal (DDI). For an outgoing call, the caller can be indicated to the called party.
20 VoIP Teldat GmbH Field Description A maximum of 32 characters can be entered. Here you must make an entry only if, for all SIP sessions, the communication is not to be direct but via a further proxy. In SIP client mode: Enter a name or IP address only if this is explicitly specified by the provider. Realm Enter a new domain name or a new IP address for the SIP proxy server. If you do not make an entry, the entry in the Registrar field is used.
20 VoIP Teldat GmbH Field Description In SIP server mode: Define a PIN or a password. A maximum of 40 characters can be entered. Registration Specify whether the registration mechanism is to be used by SIP REGISTER. Normally, every SIP client (user) sends its current position to a REGISTRAR server by means of a REGISTER message. This information about the user and his current address is held by the REGISTRAR server and queried by other proxies to find the user. The function is enabled with , .
20 VoIP Teldat GmbH Field Description • . #), & 0# ' : The sender ID is placed in both "Display" and "User" fields of the SIP header. • . #), & ,&: The sender ID is placed in the "Display" field of the SIP header. • 0# ,&: The sender ID is sent in the "User" field of the SIP header. • ! : The so-called "p-preferred-identity" field is added to the SIP header and contains the sender ID.
20 VoIP Teldat GmbH Field Description Possible values: • + 3/ 1: ISDN codec according to US law • + / 1: ISDN codec according to EU law • + : Compressed from 31 to 8 kbps; good voice quality • + : Compressed from 63 to 40 kbps • + $ : Compressed from 55 to 32 kbps • + : Compressed from 47 to 24 kbps • + : Compressed from 39 to 16 kbps • .(%9 :3 : DTMF Outband. First the system attempts to use RFC 2833.
20 VoIP Teldat GmbH Field Description level of background noise to avoid the impression that, during pauses at the other end, the connection is lost. The function is enabled with , . The function is enabled by default. Packet Size Specify how many milliseconds of voice an RTP data packet should contain. Possible values are to . The default value is . 20.2.3 Call Routing Here you can define the conditions for the routing of calls.
20 VoIP Teldat GmbH Fig. 159: VoIP ->Media Gateway ->Call Routing-> The VoIP->Media Gateway->Call Routing-> +New +New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the entry. Administrative Status Select whether the entry should be activated. The function is enabled with , . The function is enabled by default. Type Specify how calls are to be routed.
20 VoIP Teldat GmbH Field Description terfaces in NT mode, SIP accounts in trunk mode (server mode). • . &: For calls that are not to be routed (to be blocked). Calling Line You can restrict the application of the entry to the line on which the call comes in. The selection depends on the interfaces available and on the SIP accounts that have been created. Possible values: • ) A ! "
20 VoIP Teldat GmbH Fields in the Routing Rules menu (For Type = Accept Rule only) Field Description Priority Enter a whole number starting with 1 in ascending order to define the order of filter rules. The rules are worked through in the order given in the list. If a line or SIP account is not available, the next rule is automatically used. Administrative Status Select whether the rule should be activated. The rule is enabled with , . The rule is active by default.
20 VoIP Teldat GmbH 20.2.4 CLID Translation Here you define the processing of the calling party number for incoming calls. You can, for example, add a prefix to a received call number in order to route corresponding outgoing calls via a particular SIP account. In the VoIP->Media Gateway->CLID Translation menu, a list of all existing entries is shown on which the received number is edited. 20.2.4.1 Edit or New Choose the icon to edit existing entries.
20 VoIP Teldat GmbH Field Description PRI interface. • A ! " BRI interface.
20 VoIP Teldat GmbH Field Description Example 20.2. Example of a rule • Rule: <:+49911>; • number dialled: 96731234 • manipulated number: +4991196731234 20.2.5 Call Translation You can create a list for the translation of subscriber numbers, i.e. this list associates internal and external numbers. Note Which number (called party number or calling party number) is translated depends on the direction (incoming or outgoing) of the call in question.
20 VoIP Teldat GmbH Fig. 161: VoIP ->Media Gateway ->Call Translation -> The VoIP->Media Gateway->Call Translation-> +New +New menu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the call translation. Direction Select the direction for the entry. Possible values: • = (default value): For incoming and outgoing calls (bidirectional). • " : For incoming calls. • :3 Associated Line : For outgoing calls.
20 VoIP Teldat GmbH Field Description incoming calls, the signalled Called Party Number (corresponds in the menu to the External Address) is translated to Local Address. For outgoing calls, the signalled Calling Party Number (corresponds in the menu to the Local Address field) is translated to External Address. Numerical and alphanumerical characters are permissible. M is a placeholder for an arbitrary digit. See Local Address and External Address must contain the same number of wildcards.
20 VoIP Teldat GmbH Fig. 162: VoIP ->Media Gateway ->ISDN Trunks The VoIP->Media Gateway->ISDN Trunksmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the party line. The maximum number of characters is 40. ISDN Mode Select the mode in which the party line is to be operated. Possible values: • < (default value): Point-to-Point TE connection (telecom party line) • ( 3 7Point-to-Point NT connection (for connection of a PABX).
20 VoIP Teldat GmbH Fig. 163: VoIP ->Media Gateway ->Options The VoIP->Media Gateway->Optionsmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Media Gateway Status Select whether the media gateway function should be enabled. The function is enabled with , . The function is disabled by default. Session Border Controller Mode Specify how the media gateway should behave in conjunction with a session border controller mode.
20 VoIP Teldat GmbH Field Description particular provider (SIP account), you must configure a corresponding call routing entry. Internal calls (from internal extension to internal extension) that are only to be routed internally do not require an additional call routing entry. • A* ( 3 7B: Select a SIP trunk account configured under VoIP->Media Gateway->SIP Accounts.
20 VoIP Teldat GmbH Field Description The default value is . If you terminate the number entered with #, dialling is immediate. Fields in the Advanced Settings menu. Field Description Speed Dialing Define short sequences of numbers that can be dialled instead of the entire number. Click Add to configure new speeddial numbers. Enter the desired speeddial number for the user, e.g. Shortcut. $ under Under Replacement enter the subscriber number to be dialled in place of the speed dial number, e.g.
20 VoIP Teldat GmbH 20.3.1 RTSP Proxy In the VoIP->RTSP->RTSP Proxy menu, you configure the use of the RealTime Streaming protocol. Fig. 164: VoIP ->RTSP->RTSP Proxy The VoIP->RTSP->RTSP Proxymenu consists of the following fields: Fields in the Basic Parameters menu. Field Description RTSP Proxy Select whether you want to permit RTSP sessions. The function is activated by selecting , . The function is disabled by default.
21 Local Services Teldat GmbH Chapter 21 Local Services This menu offers services for the following application areas: • Name resolution (DNS) • Configuration via web browser (HTTPS) • Locating of dynamic IP addresses using a DynDNS provider • Configuration of gateway as a DHCP server (assignment of IP addresses) • Access restriction on the Internet (web filter) • Assignment of incoming and outgoing data and voice calls to authorised users (CAPI server) • Automation of tasks according to schedule (schedul
21 Local Services Teldat GmbH Under Local Services->DNS->Global Settings->Basic Parameters you enter the IP addresses of name servers that are queried if your device cannot answer requests itself or by forwarding entries. Global name servers and name servers that are attached to an interface can both be entered. Your device can also receive the global name servers dynamically via PPP or DHCP and transfer them dynamically if necessary.
21 Local Services Teldat GmbH 21.1.1 Global Settings Fig. 165: Local Services->DNS->Global Settings The menu Local Services->DNS->Global Settings consists of the following fields: Fields in the Basic Parameters menu. Field Description Domain Name Enter the standard domain name of your device. WINS Server Enter the IP address of the first and, if necessary, alternative global Windows Internet Name Server (=WINS) or NetBIOS Name Server (=NBNS).
21 Local Services Teldat GmbH Field Description i.e. successfully resolved names and IP addresses are to be stored in the cache. The function is activated by selecting , . The function is enabled by default. Negative Cache Select whether the negative dynamic cache is to be activated, i.e. whether queried names for which a DNS server has sent a negative response are stored as negative entries in the cache. The function is activated by selecting , . The function is enabled by default.
21 Local Services Teldat GmbH Fields in the IP address to use for DNS/WINS server assignment menu. Field Description As DHCP Server Select which name server addresses are sent to the DHCP client if your device is used as DHCP server. Possible values: • ' : No name server address is sent. • :1 - ## (default value): The address of your device is transferred as the name server address. • .'* * : The addresses of the global name servers entered on your device are sent.
21 Local Services Teldat GmbH Fig. 166: Local Services->DNS->DNS Servers->New The Local Services->DNS->DNS Servers->Newmenu consists of the following fields: Fields in the Basic Parameters menu. Field Description Admin Status Select whether the DNS server should be enabled. The function is activated by selecting , . The function is enabled by default. Description Enter a description for DNS server. Priority Assign a priority to the DNS server.
21 Local Services Teldat GmbH Field Description • .& " (default value) Interface Select the interface to which the DNS server pair is to be assigned. For Interface Mode = .& " A global DNS server is created with the setting ' . For Interface Mode = * " A DNS server is configured for all interfaces with the - & setting. Primary DNS Server Only if Interface Mode = % 3 , Enter the IP address of the first name server for Internet address name resolution.
21 Local Services Teldat GmbH The menu Local Services->DNS->Static Hosts->New consists of the following fields: Fields in the Basic Parameters menu. Field Description DNS Hostname Enter the host name to which the IP Address defined in this menu is to be assigned if a positive response is received to a DNS request. If a negative response is received to a DNS request, no address is specified. The entry can also start with the wildcard *, e.g. *.teldat.de.
21 Local Services Teldat GmbH 21.1.4.1 New Choose the New button to set up additional forwardings. Fig. 168: Local Services->DNS->Domain Forwarding ->New The menu Local Services->DNS->Domain Forwarding->New consists of the following fields: Fields in the Forwarding Parameters menu. Field Description Forward Select whether a host or domain is to be forwarded. Possible values: • ? # (default value) • . Host Only for Forwarding = ? # Enter the name of the host to be forwarded.
21 Local Services Teldat GmbH Field Description Forward to Select the forwarding destination requests to the name defined in Host or Domain. Possible values: • ! " (default value): The request is forwarded to the defined Interface. • .'* * : The request is forwarded to the defined DNS Server. Interface Only for Forward to = ! " Select the interface via which the requests for the defined Domain are to be received and forwarded to the DNS server. DNS Server Only for Forward to = .
21 Local Services Teldat GmbH 21.1.6 Statistics Fig. 170: Local Services->DNS->Statistics In the Local Services->DNS->Statisticsmenu, the following statistical values are displayed: Fields in the DNS Statistics menu. Field Description Received DNS Packets Shows the number of received DNS packets addressed direct to your device, including the response packets for forwarded requests.
21 Local Services Teldat GmbH 21.2 HTTPS You can operate the user interface of your device from any PC with an up-to-date Web browser via an HTTPS connection. HTTPS (HyperText Transfer Protocol Secure) is the procedure used to establish an encrypted and authenticated connection by SSL between the browser used for configuration and the device. 21.2.1 HTTPS Server In the Local Services->HTTPS->HTTPS Servermenu, configure the parameters of the backed up configuration connection via HTTPS. Fig.
21 Local Services Teldat GmbH Field Description • A2 ! " B: Under System Management->Certificates->Certificate List select entered certificate. 21.3 DynDNS Client The use of dynamic IP addresses has the disadvantage that a host in the network can no longer be found once its IP address has changed. DynDNS ensures that your device can still be reached after a change to the IP address.
21 Local Services Teldat GmbH Fig. 172: Local Services->DynDNS Client->DynDNS Update->New The menu Local Services->DynDNS Client->DynDNS Update->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Host Name Enter the complete host name as registered with the DynDNS provider. Interface Select the WAN interface whose IP address is to be propagated over the DynDNS service (e.g. the interface of the Internet Service Provider).
21 Local Services Teldat GmbH Field Description The default value is .& .'*. Enable update Select whether the DynDNS entry configured here is to be activated. The function is activated by selecting , . The function is disabled by default. The menu Advanced Settings consists of the following fields: Fields in the Advanced Settings menu.
21 Local Services Teldat GmbH Fig. 173: Local Services->DynDNS Client->DynDNS Provider ->New The menu Local Services->DynDNS Client->DynDNS Provider->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Provider Name Enter a name for this entry. Server Enter the host name or IP address of the server on which the provider’s DynDNS service runs.
21 Local Services Teldat GmbH Field Description • ?' • .J'* • 3. ?(%/ • 3. (2 • 23# .& .'* • . # < Update Interval Enter the minimum time (in seconds) that your device must wait before it is allowed to propagate its current IP address to the DynDNS provider again. The default value is $ seconds. 21.4 DHCP Server You can configure your device as a DHCP (Dynamic Host Configuration Protocol) server. Your device and each PC in your LAN requires its own IP address.
21 Local Services Teldat GmbH 21.4.1.1 Edit or New Choose the New button to set up new IP address pools. Choose the icon to edit exist- ing entries. Fig. 174: Local Services->DHCP Server+IP Pool Configuration +New Fields in the menu Basic Parameters Field Description IP Pool Name Enter any description to uniquely identify the IP pool. IP Address Range Enter the first (first field) and last (second field) IP address of the IP address pool.
21 Local Services Teldat GmbH Note In the ex works state the DHCP pool is preconfigured with the IP addresses 192.168.0.10 to 192.168.0.49 and is used if there is no other DHCP server available in the network. 21.4.2.1 Edit or New Choose the New button to set up new IP address pools. Choose the icon to edit exist- ing entries. Fig.
21 Local Services Teldat GmbH Field Description Pool Usage Specify whether the IP pool is used for DHCP requests in the same subnet or for DHCP requests that have been forwarded to your device from another subnet. In this case it is possible to define IP addresses from another network. Possible values: • / " , (default value): The DHCP pool is only used for DHCP requests in the same subnet. • @ , &: The DHCP pool is only used for DHCP requests forwarded from other subnets.
21 Local Services Teldat GmbH Field Description • .'* * : Enter the IP address of the DNS server to be sent to the client. • .'* . ' : Enter the DNS domain to be sent to the client. • 8 '*5'='* * : Enter the IP address of the WINS/ NBNS server to be sent to the client. • 8 '*5'=( ' (&) : Select the type of the WINS/NBT node to be sent to the client. • (9( * : Enter the IP address of the TFTP server to be sent to the client.
21 Local Services Teldat GmbH Field Description shall be transmitted for the DHCP server. Possible values: • * # (default value) • : Provisioning Server (code 3) Your device does not currently use this parameter. Enter which manufacturer value shall be transmitted. For the setting Select vendor = * #, the default value # ,) is displayed. You can complete the IP address of the desired server. 21.4.
21 Local Services Teldat GmbH Fig. 176: Local Services->DHCP Server->IP/MAC Binding ->New The menu Local Services->DHCP Server->IP/MAC Binding->New consists of the following fields: Fields in the Basic Parameters menu. Field Description Description Enter the name of the host to which the MAC Address the IP Address is to be bound. A character string of up to 256 characters is possible. IP Address Enter the IP address to be assigned to the MAC address specified in MAC Address is to be assigned.
21 Local Services Teldat GmbH Fig. 177: Local Services->DHCP Server->DHCP Relay Settings The menu Local Services->DHCP Server->DHCP Relay Settings consists of the following fields: Fields in the Basic Parameters menu. Field Description Primary DHCP Server Enter the IP address of a server to which BootP or DHCP requests are to be forwarded. Secondary DHCP Serv- Enter the IP address of an alternative BootP or DHCP server. er 21.
21 Local Services Teldat GmbH 21.5.1 General This menu contains the configuration of basic parameters for using the Proventia Web Filter. Fig. 178: Local Services->Web Filter ->General The Local Services->Web Filter->Generalmenu consists of the following fields: Fields in the Web Filter Options menu. Field Description Web Filter Status Activate or deactivate the filter. The function is activated by selecting , . The function is disabled by default.
21 Local Services Teldat GmbH Field Description Press the Add button to add more interfaces. The requests from http Internet pages that reach your device via these interfaces are then monitored by web filtering. Maximum Number of History Entries Define the number of entries to be saved in the web filtering history (History menu). Possible values are to . The default value is . URL Path Depth Select the path length to which a URL is to be checked by the Cobion Orange Filter.
21 Local Services Teldat GmbH Field Description Licence Status Shows the result of the last validity check of the licence. The validity of the licence is checked every 23 hours. License valid until This shows the expiry date of the licence (relative to the time set on your device) and cannot be edited. 21.5.2 Filter List In the Local Services->Web Filter->Filter List menu, you configure how the various categories of Internet pages are to be handled.
21 Local Services Teldat GmbH Field Description Category Select which category of addresses/URLs the filter is to be used on. The options are first the standard categories of the Proventia Web Filter (default value: - & 3# < #). Actions can also be defined for the following special cases, e.g.: • . ! 3, 3 : This category applies to all Internet addresses. • : 2 &: Some addresses are already known to the Proventia Web Filter, but not yet classified.
21 Local Services Teldat GmbH Field Description • -,, 1: Callup is allowed and not logged. 21.5.3 Black / White List The Local Services->Web Filter->Black / White List menu contains a list of URLs or IP addresses, as the case applies. The addresses on the White List can also be called if they had been blocked because of filter configuration and classification in the Proventia web filter.
21 Local Services Teldat GmbH 21.5.4 History In the Local Services->Web Filter->History menu, you can view the recorded history of the web filter. The history logs all requests that are marked for logging by a relevant filter (Action = -,, 1 / ), likewise all rejected requests. Fig. 181: Local Services->Web Filter ->History 21.6 CAPI Server You can use the CAPI Server function to assign user names and passwords to users of the CAPI applications on your device.
21 Local Services Teldat GmbH 21.6.1.1 New Choose the New button to set up new CAPI users. Fig. 182: Local Services->CAPI Server ->User->New The menu Local Services->CAPI Server->User->New consists of the following fields: Fields in the Basic Parameters menu. Field Description User Name Enter the user name for which access to the CAPI service is to be allowed or denied. Password Enter the password which the user User Name shall use for identification to gain access to the CAPI service.
21 Local Services Teldat GmbH 21.6.2 Options Fig. 183: Local Services->CAPI Server ->Options The menu Local Services->CAPI Server->Options consists of the following fields: Fields in the Basic Parameters menu. Field Description Enable server Select whether your device is to be enabled as a CAPI server. The function is activated by selecting , . The function is enabled by default. Faxheader Only for devices the RTxxx2 series.
21 Local Services Teldat GmbH You specify the Actions you want and define the Trigger that control when and under which conditions the Actions are to be carried out. A Trigger may be a single event or a sequence of events which are combined into an Event List. You also create an event list for a single event, but it only contains one event. Actions can be initiated on a time-controlled basis.
21 Local Services Teldat GmbH Fig. 184: Local Services->Scheduling->Trigger ->New The menu Local Services->Scheduling->Trigger->New consists of the following fields: Fields in the Basic Parameters menu. Field Event List Description You can create a new event list with ' 1 (default value). You give this list a name with Description. You use the remaining parameters to create the first event in the list.
21 Local Services Teldat GmbH Field Description are initiated when the defined MIB variables assumes the assigned values. • ! " * 3#: Operations configured and assigned in Actions are initiated, when the defined interfaces take on a specified status. • ! " ( !! ": The operations configured and assigned in Actions are triggered if the data traffic on the specified interfaces falls below or exceed the defined value.
21 Local Services Teldat GmbH Field Monitored Interface Description Only for Event Type ! " ( !! " * 3# and ! " Select the interface whose defined status shall trigger an operation. Interface Status Only for Event Type ! " * 3# Select the status that the interface must have in order to initiate the intended operation. Possible values: • 0) (default value): The function is enabled. • . 1 : The interface is disabled.
21 Local Services Teldat GmbH Field Description Enter an IP address to be used as sender address for the ping test. Possible values: • -3 " (default value): The IP address of the interface over which the ping is sent is automatically entered as sender address. • *) " ! ": Enter the desired IP address in the input field. Status Only for Event Type ( # Select whether Destination IP Address @ " , must be (default value) or 0 " , in order to initiate the operation.
21 Local Services Teldat GmbH Field Description Possible values: • 8 7 &: Select a weekday in Condition Settings. • # (default value): In Condition Settings, select a particular period. • . & ! % : Select a specific day of the month in Condition Settings. Possible values for Condition Settings in Condition Type = 8 7 &: % & (default value) ... *3 &. Possible values for Condition Settings in Condition Type = #: • . ,&: The initiator becomes active daily (default value).
21 Local Services Teldat GmbH 21.7.2 Actions In the Local Services->Scheduling->Actions menu is displayed a list of all operations to be initiated by events or event chains configured in Local Services->Scheduling->Trigger. 21.7.2.1 New Choose the New button to configure additional operations. Fig. 185: Local Services->Scheduling->Actions->New The menu Local Services->Scheduling->Actions->New consists of the following fields: Fields in the Basic Parameters menu.
21 Local Services Teldat GmbH Field Description • ( # : Accessibility of an IP address is checked. • 2 ! " % deleted or entered. : A certificate is to be renewed, • ?G 8/-' = #" : A scan of the 5 GHz frequency band is performed. • ?G 8/-' = #" : A scan of the 5.8 GHz frequency range is performed. • 8/24 ' 1 ' *" : Only for devices with Wireless LAN Controller. A Neighbor Scan is initiated in a WLAN network controlled by the WLAN controller.
21 Local Services Teldat GmbH Field Command Mode Description Only if Command Type = % =5*'% Select how the MIB entry is to be manipulated. Possible settings: • 2 < # shall be modified. • 2 Index Variables 1 % = & (default value): An existing entry &: A new entry shall be created. Only if Command Type = % =5*'% Where required, select MIB variables to uniquely identify a specific data set in MIB Table, e.g. 2 ! <.
21 Local Services Teldat GmbH Field Description If the MIB variable is to be modified, depending on whether the initiator is active or inactive (Trigger Status = ), it is described with an active initiator with the value entered in Active Value and with an inactive initiator with the value in Inactive Value. Use Add to create more entries. Interface Only if Command Type = ! " * 3# Select the interface whose status should be changed.
21 Local Services Teldat GmbH Field Description Enter the URL of the server from which the desired software version is to be retrieved. For Command Type = 2 ! 3 % with Action = ) " ! 3 or <) " ! 3 Enter the URL of the server from which a configuration file is to be retrieved, or on which the configuration file is to be backed up. File Name For Command Type = * ! 1 0) Enter the file name of the software version.
21 Local Services Teldat GmbH Field Description 2 ! 3 % 3 if Action = ) " ! Select the protocol for the data transfer. Possible values: • ?(( (default value) • ?(( * • (9( CSV File Format Only for Command Type = 2 ! 3 % and Action = ) " ! 3 or < ) " ! 3 Select whether the file is to be sent in the CSV format. The CSV format can easily be read and modified.
21 Local Services Teldat GmbH Field Description For Command Type = 2 ! 3 % Action = @ " ! 3 and Select the file to be renamed. For Command Type = 2 ! 3 % Action = . , " ! 3 and Select the file to be deleted. For Command Type = 2 ! 3 % Action = 2 )& " ! 3 and Select the file to be copied.
21 Local Services Teldat GmbH Field Description already loaded configuration. If not, the file import is interrupted. The function is disabled by default. Destination IP Address Only if Command Type = ( # Enter the IP address whose accessibility is to be checked. Source IP Address Only if Command Type = ( # Enter an IP address to be used as sender address for the ping test.
21 Local Services Teldat GmbH Field Description For Command Type = 2 ! " tion = . , " ! " % and Ac- Select the certificate to be deleted. Password for protected Certificate Only for Command Type = 2 ! " Action = ) " ! " % and Select whether to use a secure certificate requiring a password and enter it into the entry field. The function is disabled by default.
21 Local Services Teldat GmbH Field Description Enter a subject name with attributes. Example: O2'I6 '* E .2I & E .2I" E "I. O CA Name Only for Command Type = 2 ! " Action = *2 % and Enter the name of the CA certificate of the certification authority (CA) from which you wish to request your certificate, e.g. " 1 1#. Your CA administrator can provide you with the necessary data.
21 Local Services Teldat GmbH Field Description er of this certificate. Possible values: • -3 (default value): In case there is an entry for a CDP, CRL distribution point this should be evaluated in addition to the CRLs globally configured in the device. • J #: CRLs are always checked. • ' : No checking of CRLs. Select radio Only for Command Type = ?G 8/-' = #" and ?G 8/-' = #" Select the WLAN module on which to perform the frequency band scan.
21 Local Services Teldat GmbH The Local Services->Scheduling->Optionsmenu consists of the following fields: Fields in the Scheduling Options menu. Field Description Schedule Interval Select whether the schedule interval is to be enabled for the interface. Enter the period of time in seconds after which the system checks whether configured events have occurred. Possible values are to $ . The value $ is recommended (5 minute accuracy).
21 Local Services Teldat GmbH Fig. 187: Local Services->Surveillance->Hosts->New The menu Local Services->Surveillance->Hosts->New consists of the following fields: Fields in the Host Parameters menu Field Description Group ID If the availability of a group of hosts or the default gateway is to be monitored by your device, select an ID for the group or the default gateway. The group IDs are automatically created from to .
21 Local Services Teldat GmbH Field Description monitored. • *) " ! ": Enter the IP address of the host to be monitored manually in the adjacent input field. Source IP Address Select how the IP address is to be determined that your device uses as the source address of the packet sent to the host to be monitored. Possible values: • -3 " (default value): The IP address is determined automatically. • *) " ! "; Enter the IP address in the adjacent input field.
21 Local Services Teldat GmbH Field Description Action to be performed Select which Action should be run. For most actions, you select an Interface to which the Action relates. All physical and virtual interfaces can be selected. For each interface, select whether it is to be enabled ( , ), disabled ( . # , default value), reset ( @ # ), or the connection restablished ( @ ,). With Action = % you can monitor the IP address that is specified under Monitored IP Address.
21 Local Services Teldat GmbH Field Description Trigger Select the state or state transition of Monitored Interface that is to trigger a particular Interface Action. Possible values: Interface Action • ! " # 3) (default value) • ! " # 1 Select the action that is to follow the state or state transition defined in Trigger. The action is applied to the Interface(s) selected in Interface. Possible values: • , (default value): Activation of interface(s) • .
21 Local Services Teldat GmbH 21.8.3.1 Edit or New Choose the icon to edit existing entries. Choose the New button to configure new limits and actions. Fig. 189: Local Services->Surveillance->Temperature ->New Fields in the Basic Parameters menu. Field Trigger Description Enter here the temperature limit value (min/max). Possible values: Action • ( ) 3 • ( ) 3 , 1 Select the desired action. Possible values: • , (default value) • .
21 Local Services Teldat GmbH 21.8.4 Ping Generator In the Local Services->Surveillance->Ping Generator menu, a list of all configured, automatically generated pings is displayed. 21.8.4.1 Edit or New Choose the icon to edit existing entries. Choose the New button to create additional pings. Fig. 190: Local Services->Surveillance->Ping Generator ->New The menu Local Services->Surveillance->Ping Generator->New consists of the following fields: Fields in the Basic Parameters menu.
21 Local Services Teldat GmbH Field Description The default value is . Trials Enter the number of ping tests to be performed until Destination IP Address as 0 " , applies. The default value is $. 21.9 ISDN Theft Protection With the ISDN theft protection function, you can prevent a thief who has stolen a gateway from gaining access to the gateway owner's LAN. (Without theft protection, he could dial into the LAN by ISDN if under WAN->Internet + Dialup->ISDN-> the field Always on is activated.
21 Local Services Teldat GmbH Fig. 191: Local Services->ISDN Theft Protection ->Options The menu Local Services->ISDN Theft Protection->Options consists of the following fields: Fields in the Basic Parameters menu. Field Description ISDN Theft Protection Service Enable or disable the ISDN theft protection function. The function is enabled with , . The function is disabled by default. Dialling Number Only if ISDN Theft Protection Service is enabled.
21 Local Services Teldat GmbH Field Description Use Add to add a new interface. Select from the available interfaces those to which the ISDN theft protection function is to be applied. Fields in the Advanced Settings menu. Field Description Number of Dialling Re- Enter the number of dial attempts that the gateway is to make to tries call itself by ISDN after a reboot. Possible values are to . The default value is $.
21 Local Services Teldat GmbH to $ . The ports are released internally to the gateway on demand, i.e. when an audio/video transfer is started in Messenger. When the application is closed, the ports are immediately closed again. The peer-to-peer-communication is initiated via public SIP servers with only the information from the two clients being forwarded. The clients then communicate directly with one another. For further information about UPnP, see www.upnp.org . 21.10.
21 Local Services Teldat GmbH Field Description Interface is UPnP con- Determine whether the NAT configuration of this interface is trolled controlled by UPnP. The function is enabled with , . The function is disabled by default. 21.10.2 General In this menu, you make the basic UPnP settings. Fig. 193: Local Services->UPnP->General The Local Services->UPnP->Generalmenu consists of the following fields: Fields in the General menu.
21 Local Services Teldat GmbH 21.11 HotSpot Gateway The HotSpot Solution allows provision of public Internet accesses (using WLAN or wired Ethernet). The solution is adapted to setup of smaller and larger Hotspot solutions for cafes, hotels, companies, communal residences, campgrounds, etc. The HotSpot Solution consists of a Teldat gateway installed onsite (with its own WLAN access point or additional connected WLAN device or wired LAN) and of the Hotspot server, centrally located at a computing centre.
21 Local Services Teldat GmbH Go to www.teldat.de then Service/Support -> Services -> Online Services. - Enter the required data (please note the relevant explanations on the license sheet), and follow the instructions of the online licensing. - You then receive the Hotspot server's login data. Note Activation may require 2-3 business days. Access data for gateway configuration RADIUS Server IP 62.245.165.
21 Local Services Teldat GmbH Gateway->HotSpot Gateway menu. Fig. 194: Local Services->HotSpot Gateway ->HotSpot Gateway You can use the Enabled option to enable or disable the corresponding entry. 21.11.1.1 Edit or New You configure the hotspot networks in the Local Services->HotSpot Gateway->HotSpot Gateway-> menu. Choose the New button to set up additional Hotspot networks. Fig.
21 Local Services Teldat GmbH Field Interface Description Choose the interface to which the Hotspot LAN or WLAN is connected. When operating over LAN, enter the Ethernet interface here (e. g. en1-0). If operating over WLAN, the WLAN interface to which the access point is connected must be selected. Caution For security reasons you cannot configure your device over an interface that is configured for the Hotspot. Therefore take care when selecting the interface you want to use for the Hotspot.
21 Local Services Teldat GmbH Field Terms &Conditions Description Only if Walled Garden is enabled. In the Terms &Conditions input field, enter the address of the general terms and conditions on the intranet server, or public server, e.g., http://www.webserver.de/agb.htm. The page must lie within the address range of the walled garden network. Additional freely accessible Domain Names Only if Walled Garden is enabled.
21 Local Services Teldat GmbH Field Login Frameset Description Enable or disable the login window. The login window on the HTML homepage consists of two frames. When the function is enabled, the login form displays on the lefthand side. When the function is disabled, only the website with information, advertising and/or links to freely accessible websites is displayed. The function is enabled by default.
21 Local Services Teldat GmbH Fields in the Basic Parameters menu. Field Description Host for multiple locations If several locations (branches) are set up on the Hotspot server, enter the value of the NAS identifier (RADIUS server parameter) that has been registered for this location on the Hotspot server. 21.12 BRRP In the BRRPmenu you can configure the redundancy of your gateway. Note You require a licence for devices in the R23x series and RS series.
21 Local Services Teldat GmbH Field Description first address. VRRP advertisements are always sent with the primary IP address as source of the IP packet.” VRRP Advertisement Virtual Router Master Virtual Router Backup A keepalive that sends the master to the backup gateway to indicate his reachability. “The VRRP router that takes over forwarding the packets that have been sent to the IP addresses associated with the “virtual router”.
21 Local Services Teldat GmbH Note This interface is used to transmit the BRRP advertisement data packets and possibly to transmit keepalive monitoring data packets. Another interface must be configured in the next step to transmit the usage data. Configuration of the advertisement interface is performed in the Local Services->BRRP>Virtual Router->New menu under BRRP Advertisement Interface. Only the active router in the router group sends advertisement data packets. The IPv4 multicast address 224.0.0.
21 Local Services Teldat GmbH events, which result in a switching of the operating status of the virtual router. Controlling the operating status of a virtual router implicitly also controls the operating status of the interface to which the virtual router is linked. If an error occurs, all interfaces on a device have to be deactivated. Consequently, the operating status of all interfaces on a device must be synchronised.
21 Local Services Teldat GmbH Fields in the BRRP Advertisement Interface menu. Field Description Ethernet Interface Choose the interface via which BRRP advertisement packets are sent and expected. If you edit a Virtual Router, the Ethernet interface is displayed and cannot be changed. Please note: The Ethernet interface for sending the advertisements is always up and running and cannot therefore be used as the Virtual Router Interface.
21 Local Services Teldat GmbH Field Description Virtual Interface Priority Define the transmitted BRRP priority of the interface for the virtual router. Higher priorities determine the master interfaces during the initialization pahse as well as with active PreEmpt-Mode.Possible values are between and . The higher the value, the higher the priority. The value defines that this virtual router always functions as master as soon as it is active. The default value is .
21 Local Services Teldat GmbH Field Description um period depending on the priority. The higher the priority, the shorter the time added. Consequently, a backup router with a higher priority responds more quickly than a router with lower priority). Possible values are whole numbers between default value is . and and the Pre-empt mode (go Define whether a backup router with higher priority has priority back into master state) over a master router with low priority.
21 Local Services Teldat GmbH 21.12.2 VR Synchronisation The watchdog daemon is configured in the Local Services->BRRP->VR Synchronisation menu, i.e. you define how state changes are handled. After opening the menu Local Services->BRRP->VR Synchronisation a list of all synchronisations is displayed. You can either synchronise virtual interfaces or interfaces. New synchronisations can be added in the New menu. For example, you can synchronise both virtual routers R1 and R2 over BRRP.
21 Local Services Teldat GmbH Field Description vertisements as per its configuration in the Local Services->BRRP->Virtual Routers->New->Advanced Settings menu.) Virtual Router ID Select a virtual router using the Virtual Router ID and define which interface is to be checked. You can choose previously defined IDs (see Virtual Router ID in the Local Services->BRRP->Virtual Router->New menu under BRRP Monitored Interface). The watchdog daemon requests detailed information entered in the Virtual Routers.
21 Local Services Teldat GmbH Field Description Enable BRRP Enable or disable the BRRP function. The function is enabled with , . The function is disabled by default.
22 Maintenance Teldat GmbH Chapter 22 Maintenance This menu provides you with numerous functions for maintaining your device. It firstly provides a menu for testing availability within the network. You can manage your system configuration files. If more recent system software is available, you can use this menu to install it. If you need other languages for the configuration interface, you can import these. You can also trigger a system reboot in this menu. 22.
22 Maintenance Teldat GmbH 22.1.2 DNS Test Fig. 201: Maintenance->Diagnostics->DNS Test The DNS test is used to check whether the domain name of a particular host is correctly resolved. The Outputfield displays the DSN test messages. The ping test is launched by entering the domain name to be tested in DNS Address and clicking the Go button. 22.1.3 Traceroute Test Fig.
22 Maintenance Teldat GmbH You use the traceroute test to display the route to a particular address (IP address or domain name), if this can be reached. The Outputfield displays the traceroute test messages. The ping test is launched by entering the IP address to be tested in Traceroute Address and clicking the Go button. 22.2 Software &Configuration You can use this menu to manage the software version of your device, your configuration files and the language of the GUI. 22.2.
22 Maintenance Teldat GmbH stored in the working memory (RAM). The contents of the RAM are lost if the device is switched off. So if you modify your configuration and want to keep these changes for the next time you start your device, you must save the modified configuration in the flash memory before switching off: The Save configuration button over the navigation area of the GUI. This configuration is then saved in the flash in a file with the name .
22 Maintenance Teldat GmbH The Maintenance->Software &Configuration ->Optionsmenu consists of the following fields: Fields in the Currently Installed Software menu. Field Description BOSS Shows the current software version loaded on your device. System Logic ADSL Logic Shows the current system logic loaded on your device. Shows the current version of the ADSL logic loaded on your device. Fields in the Software and Configuration Options menu.
22 Maintenance Teldat GmbH Field Description "7 3) ) 3# " ! 3 the current configuration was saved as boot configuration and the previous boot configuration was also archived. You can load back the archived boot configuration. • . , # ! 1 5! 1 : The file in the Select file field is deleted. • ) , 3 : You can import additional language versions of the GUI into your device. You can download the files to your PC from the download area at www.teldat.
22 Maintenance Teldat GmbH Field Description • <) " ! 3 : The configuration file Current File Name in Flash is transferred to your local host. If you click the Go button, a dialog box is displayed, in which you can select the storage location on your PC and enter the desired file name. • <) " ! 3 1 # ! : The active configuration from the RAM is transferred to your local host.
22 Maintenance Teldat GmbH Field Description Browse... via the explorer/finder. Source Location Only for Action = 0) #&# # ! 1 Select the source of the update. Possible values: • / " , 9 , (default value): The system software file is stored locally on your PC. • ?(( * : The file is stored on a remote server specified in the URL. • 23 * ! 1 ! ( , * : The file is on the official Teldat update server.
22 Maintenance Teldat GmbH Field New File Name Description Only for Action = @ " ! 3 Enter the new name of the configuration file. 22.3 Reboot 22.3.1 System Reboot In this menu, you can trigger an immediate reboot of your device. Once your system has restarted, you must call the GUI again and log in. Pay attention to the LEDs on your device. For information on the meaning of the LEDs, see the Technical Data chapter of the manual.
23 External Reporting Teldat GmbH Chapter 23 External Reporting In this system menu, you define what system protocol messages are saved on which computers, and whether the system administrator should receive an e-mail for certain events. Information on IP data traffic can also be saved--depending on the individual interfaces. In addition, SNMP traps can be sent to specific hosts in case of error. Moreover, you can prepare your device for monitoring with the activity monitor. 23.
23 External Reporting Teldat GmbH A list of all configured system log servers displayed in the External Reporting->Syslog->Syslog Servers menu. 23.1.1.1 New Select the New button to set up additional syslog servers. Fig. 205: External Reporting ->Syslog ->Syslog Servers ->New The menu External Reporting->Syslog->Syslog Servers->New consists of the following fields: Fields in the Basic Parameters menu. Field Description IP Address Enter the IP address of the host to which syslog messages are passed.
23 External Reporting Teldat GmbH Field Description • . 3 (lowest priority) Syslog messages are only sent to the host if they have a higher or identical priority to that indicated, i.e. at syslog level . 3 all messages generated are forwarded to the host. Facility Enter the syslog facility on the host. This is only required if the Log Host is a Unix computer. Possible values: , " , + . The default value is , " , . Timestamp Select the format of the time stamp in the syslog.
23 External Reporting Teldat GmbH 23.2 IP Accounting In modern networks, information about the type and number of data packets sent and received over the network connections is often collected for commercial reasons. This information is extremely important for Internet Service Providers that bill their customers by data volume. However, there are also non-commercial reasons for detailed network accounting.
23 External Reporting Teldat GmbH Fig. 207: External Reporting ->IP Accounting->Options In the External Reporting->IP Accounting->Options menu, you can define the Log Format of the IP accounting messages. The messages can contain character strings in any order, sequences separated by a slash, e.g. S or S or defined tags. Possible format tags: Format tags for IP Accounting messages Field Description %d Date of the session start in the format DD.MM.
23 External Reporting Teldat GmbH 23.3 Alert Service It was previously possible to send syslog messages from the router to any syslog host. Depending on the configuration, e-mail alerts are sent to the administrator as soon as relevant syslog messages appear. 23.3.1 Alert Recipient A list of Syslog messages is displayed in the Alert Recipient menu. 23.3.1.1 New Select the New to create additional alert recipients. Fig.
23 External Reporting Teldat GmbH Field Description Possible values: • E-mail • SMS Recipient Message Compression Enter the recipient's e-mail address. The entry is limited to 40 characters. Select whether the text in the alert E-mail is to be shortened. The e-mail then contains the syslog message only once plus the number of relevant events. Enable or disable the field. The function is enabled by default. Subject Event You can enter a subject.
23 External Reporting Teldat GmbH Field Description entered therefore usually contains wildcards. To be informed of all syslog messages of the selected level, just enter "*". Severity Select the severity level which the string configured in the Matching String field must reach to trigger an e-mail alert. Possible values: "& (default value), -, , 2 " ,, , 8 , ' " , ! , . 3 Monitored Subsystems Select the subsystems to be monitored. Add new subsystems with Add.
23 External Reporting Teldat GmbH 23.3.2 Alert Settings Fig. 209: External Reporting ->Alert Service->Alert Settings The menu External Reporting->Alert Service->Alert Settings consists of the following fields: Fields in the Basic Parameters menu. Field Alert Service Description Select whether the alert service is to be enabled for the interface. The function is enabled with , . The function is enabled by default. Maximum E-mails per Minute Limit the number of outgoing mails per minute.
23 External Reporting Teldat GmbH Field Description Possible values: • ' (default value): The server accepts and send emails without further authentication. • *%( : The server only accepts e-mails if the router logs in with the correct user name and password. • *%( ! : : The server requires that e-mails are called via POP3 by the sending IP with the correct POP3 user name and password before sending an e-mail.
23 External Reporting Teldat GmbH 23.4 SNMP SNMP (Simple Network Management Protocol) is a protocol from the IP protocol family for transporting management information about network components. Every SNMP management system contains an MIB. SNMP can be used to configure, control and administrate various network components from one system. Such an SNMP tool is included on your device: the Configuration Manager. As SNMP is a standard protocol, you can use any other SNMP managers, e.g. HPOpenView.
23 External Reporting Teldat GmbH Field Description ing Your device then sends SNMP traps to the LAN's broadcast address. The function is activated by selecting , . The function is disabled by default. SNMP Trap UDP Port Only if SNMP Trap Broadcasting is enabled. Enter the number of the UDP port to which your device is to send SNMP traps. Any whole number is possible. The default value is . SNMP Trap Community Only if SNMP Trap Broadcasting is enabled. Enter a new SNMP code.
23 External Reporting Teldat GmbH Fig. 211: External Reporting ->SNMP->SNMP Trap Hosts ->New The menu External Reporting->SNMP->SNMP Trap Hosts->New consists of the following fields: Fields in the Basic Parameters menu. Field Description IP Address Enter the IP address of the SNMP trap host. 23.5 Activity Monitor This menu contains the settings needed to monitor your device with the Windows tool Activity Monitor (part of BRICKware for Windows).
23 External Reporting Teldat GmbH • Start and configure the Windows application on your PC (you can download BRICKware for Windows to your PC from the download area at www.teldat.de and from there import it to your device). 23.5.1 Options Fig. 212: External Reporting ->Activity Monitor ->Options The menu External Reporting->Activity Monitor->Options consists of the following fields: Fields in the Basic Parameters menu.
23 External Reporting Teldat GmbH Field Description • * , ? # : The UDP packets are sent to the IP address entered in the adjacent input field. Update Interval Enter the update interval (in seconds). Possible values are to . The default value is . UDP Destination Port Enter the port number for the Windows application Activity Monitor. The default value is + (registered by IANA - Internet Assigned Numbers Authority). Password bintec Rxxx2/RTxxx2 Enter the password for the Activity Monitor.
24 Monitoring Teldat GmbH Chapter 24 Monitoring This menu contains information that enable you to locate problems in your network and monitor activities, e.g. at your device's WAN interface. 24.1 Internal Log 24.1.1 System Messages In the Monitoring->Internal Log->System Messages menu, a list of all internally stored system messages is displayed. Above the table you will find the configured vales for the Maximum Number of Syslog Entries and Maximum Message Level of Syslog Entries fields.
24 Monitoring Teldat GmbH Field Description Subsystem Displays which subsystem of the device generated the message. Message Displays the message text. 24.2 IPSec 24.2.1 IPSec Tunnels A list of all configured IPSec tunnel providers is displayed in the Monitoring->IPSec->IPSec Tunnels menu. Fig. 214: Monitoring ->IPSec->IPSec Tunnels Values in the IPSec Tunnels list Field Description Description Displays the name of the IPSec tunnel. Remote IP Displays the IP address of the remote IPSec Peers.
24 Monitoring Teldat GmbH Fig. 215: Monitoring ->IPSec->IPSec Tunnels -> Values in the IPSec Tunnels list Field Description Description Shows the description of the peer. Local IP Address Shows the WAN IP address of your device. Remote IP Address Shows the WAN IP address of the connection partner. Local ID Shows the ID of your device for this IPSec tunnel. Remote ID Shows the ID of the peer. Negotiation Type Shows the exchange type. Authentication Method Shows the authentication method.
24 Monitoring Teldat GmbH Field Description Role / Algorithm / Lifetime remaining / Status IPSec (Phase-2) SAs (x) Shows the parameters of the IPSec (Phase 2) SAs. Role / Algorithm / Lifetime remaining / Status Messages The system messages for this IPSec tunnel are displayed here. 24.2.2 IPSec Statistics In the Monitoring->IPSec->IPSec Statistics menu, statistical values for all IPSec connections are displayed. Fig.
24 Monitoring Teldat GmbH Field Description Status Displays the number of IPSec tunnels by their current status. • Up: Currently active IPSec tunnels. • Going up: IPSec tunnels currently in the tunnel setup phase. • Blocked: IPSec tunnels that are blocked. • Dormant: Currently inactive IPSec tunnels. • Configured: Configured IPSec tunnels. Fields in the SAs menu. Field Description IKE (Phase-1) Shows the number of active phase 1 SAs (Established) from the total number of phase 1 SAs (Total).
24 Monitoring Teldat GmbH Fig. 217: Monitoring ->ISDN/Modem->Current Calls Values in the Current Calls list Field Description Service Displays the service to or from which the call is connected: , * ", C , :(*. Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls). Interface Displays additional information for PPP connections.
24 Monitoring Teldat GmbH Fig. 218: Monitoring ->ISDN/Modem->Call History Values in the Call History list Field Description Service Displays the service to or from which the call was connected: , * ", C , :(*. Remote Number Displays the number that was dialled (in the case of outgoing calls) or from which the call was made (in the case of incoming calls). Interface Displays additional information for PPP connections.
24 Monitoring Teldat GmbH Fig. 219: Monitoring ->Interfaces->Statistics Change the status of the interface by clicking the or the button in the Action column. Values in the Statistics list Field Description No. Shows the serial number of the interface. Description Displays the name of the interface. Type Displays the interface text. Tx Packets Shows the total number of packets sent. Tx Bytes Displays the total number of octets sent. Tx Errors Shows the total number of errors sent.
24 Monitoring Teldat GmbH Fig. 220: Monitoring ->Interfaces->Statistics-> Values in the Statistics list Field Description Description Displays the name of the interface. MAC Address Displays the interface text. IP Address / Netmask Shows the IP address and the netmask. NAT Indicates if NAT is activated for this interface. Tx Packets Shows the total number of packets sent. Tx Bytes Displays the total number of octets sent. Rx Packets Shows the total number of packets received.
24 Monitoring Teldat GmbH 24.5 Bridges 24.5.1 br In the Monitoring->Bridges-> br menu, the current values of the configured bridges are shown. Fig. 221: Monitoring ->Bridges Values in the br list Field Description MAC Address Shows the MAC addresses of the associated bridge. Port Shows the port on which the bridge is active. 24.6 HotSpot Gateway 24.6.1 HotSpot Gateway A list of all linked hotspot users is displayed in the Monitoring->HotSpot Gateway->HotSpot Gateway menu. Fig.
24 Monitoring Teldat GmbH Field Description User Name Displays the user's name. IP Address Shows the IP address of the user. Physical Address Shows the physical address of the user. Logon Displays the time of the notification. Interface Shows the interface used. 24.7 QoS In the Monitoring->QoS menu, statistics are displayed for interfaces on which QoS has been configured. 24.7.1 QoS A list of all interfaces for which QoS was configured is displayed in the Monitoring->QoS->QoS menu. Fig.
24 Monitoring Teldat GmbH 24.8 OSPF In the Monitoring+OSPF menu information on OSPF is monitored . The OSPF monitor is arranged horizontally in three sections and shows information about OSPF interfaces, the detected neighbor and the LinkStateDatabase entries. 24.8.1 Status In the Monitoring->OSPF->Status menu, a list of all interfaces configured for OSPF is displayed. Fig. 224: Monitoring ->OSPF->Status Values in the Status list Field View Description Select the desired view from the dropdown menu.
24 Monitoring Teldat GmbH Field Designated Router Description Shows the IP address of the designated router. The designated router generates network links and distributes these to all gateways within the BMA network (BMA = Broadcast Multi Access Network, e.g. Ethernet, FDDI, Tokenring). A designated router is not shown for non-BMA networks, e.g. X.25, Frame Relay, ATM. Backup Designated Router Shows the IP address of the backup designated router.
24 Monitoring Teldat GmbH Field Description lowing values: • . 1 : The connection to this OSPF neighbor is inactive. • : The initial phase. A HELLO packet is received from the neighbor. • = " ,: Bidirectional communication with the neighbor. The HELLO packets sent are accepted by the neighbor gateway (with correct parameters). • * <" : The exchange of Database Description packets between the gateways has started.
24 Monitoring Teldat GmbH Fig. 225: Monitoring +OSPF+Statistics Values in the Statistics list Field Description Received Hello Messages Displays the number of Hello packets received. Sent Hello Messages Displays the number of Hello packets sent. Received Database De- Displays the number of received databank entries. scription Packets Sent Database Description Packets Displays the number of sent databank entries.
24 Monitoring Teldat GmbH Field Links Advertisements Description ceived. Routing table updates caused by External Ad- Displays the number of incremental routing table updates performed when new external Advertisements have been received. vertisements 24.9 PIM 24.9.1 Global Status The status of all configured PIM components is displayed in the Monitoring+PIM+Global Status menu. Fig.
24 Monitoring Teldat GmbH Field Description Interface Displays the name of the PIM interface. IP Address Displays the primary IP address of the PIM interface. Designated Router Displays the primary IP address of the designated router on this PIM interface. Values in the PIM Neighbors list Field Description Interface Displays the interface via which the PIM Neighbor is reached. Generation ID Displays the ID of the neighbor gateway. IP Address Displays the primary IP address of the PIM Neighbor.
24 Monitoring Teldat GmbH Fig. 227: Monitoring +PIM+Not Interface-Specific Status Values in the Not Interface-Specific Status list Field View Description Select the desired view from the dropdown menu. Are available: -,,, NENE@ * #, NE * #, *E * # and *E E@ ( * # Values in the (*,*,RP) States list bintec Rxxx2/RTxxx2 Field Description Rendevous Point IP Address Displays the IP address of the Rendezvous Point (RP) for the group.
24 Monitoring Teldat GmbH Field Description Upstream Join Timer Join/Prune Timer is used to periodically send Join(*,*,RP) messages, and to correct Prune(*,*,RP) messages from peers on an Upstream LAN interface. Values in the (*,G) States list Field Description Multicast Group Address Displays the multicast group address. Upstream Neighbor IP Address Displays the primary IP address of the Neighbor on pimStarGRPFIfIndex, to which the local router periodically (*,G) sends Join messages.
24 Monitoring Teldat GmbH Field Description entry. This corresponds to the status of the Upstream (S,G) State Machine in the PIM-SM specification. Uptime Indicates the timespan since the entry was generated by the local router. Upstream Join Timer Indicates the remaining time until the local router sends out the next periodic (S,G) Join message on pimSGRPFIfIndex. In the PIM-SM specification, this timer is named (S,G) Upstream Join Timer. If the timer is deactivated, it has the value .
24 Monitoring Teldat GmbH Fig. 228: Monitoring +PIM+Interface-Specific States Values in the Interface-Specific States list Field View Description Select the desired view from the dropdown menu. Are available: -,,, NE E * #, *E E * # and *E E@ ( * # Values in the (*,G,I) States list 550 Field Description Multicast Group Address Displays the multicast group address. InetAddressType is defined in the pimStarGAddressType object. Interface Displays the name of the interface.
24 Monitoring Teldat GmbH Field Description Assert State Displays the (*,G) Assert State for this interface. This corresponds to the status of the Per-Interface (*,G) Assert State Machinen in the PIM-SM specification. If pimStarGPimMode is 'bidir', this object must 'noInfo' be. Assert Winner IP Address Indicates the address of Assert Winner, if pimStarGIAssertState runs 'iAmAssertLoser'. InetAddressType is defined through the object pimStarGIAssertWinnerAddressType.
24 Monitoring 552 Teldat GmbH Field Description Multicast Group Address Displays the multicast IP address. InetAddressType is defined through the object pimSGAddressType. Source IP Address Displays the source IP address. InetAddressType is defined through the object pimStarGAddressType. Interface Displays the name of the interface. Uptime Indicates the timespan since the entry was generated by the local router.
Glossary Teldat GmbH Glossary bintec Rxxx2/RTxxx2 10 Base 2 Thin Ethernet connection. Network connection for 10-mbps networks with BNC connector. T-connectors are used for the connection of equipment with BNC sockets. 100Base-T Twisted pair connection, Fast Ethernet. Network connection for 100-mbps networks. 10Base-T Twisted pair connection. Network connection for 10-mbps networks with RJ45 connector. 1TR6 D channel protocol used in the German ISDN. Today the more common protocol is DSS1.
Glossary Teldat GmbH the optional wired Ethernet is connected, the signals between the two physical media, the wireless interface and wired interface, are bridged (bridging). Access protection Filters can be used to prevent external persons from accessing the data on the computers in your LAN. These filters are a basic function of a firewall. Accounting Recording of connection data, e.g. date, time, connection duration, charging information and number of data packets transferred.
Glossary Teldat GmbH having to pick up the receiver. Announcement func- Performance feature of a PBX. On suitable telephones (e.g. system tion telephones), announcements can be made as on an intercom. Answering machine You configure an analogue answering machine under "Terminal Type". bintec Rxxx2/RTxxx2 AOC-D Display during and at end of connection. AOC-D/E Advice of charge-during/end. AOC-E Display only at end of connection.
Glossary Teldat GmbH Automatic callback on busy (CCBS) You urgently need to contact a business partner or internal subscriber. However, when you call, you always hear the engaged tone. If you were to receive notification that the subscriber had ended the call, your chance of reaching them would be very good. With "Callback on Busy" you can reach the engaged subscriber once they have replaced the receiver at the end of the call. Your telephone rings.
Glossary Teldat GmbH Base station Central unit of wireless telephone devices. There are two different types: The simple base station is used to charge the handheld unit. For special-feature telephones, the base station can also be used as a telephone, the handheld unit is charged using separate charging stations. Basic Rate Interface ISDN connection that includes two basic channels (B channels) each with 64 kbps and one control and signalling channel (D channel) with 16 kbps.
Glossary 558 Teldat GmbH Break-in In a PBX, the option of breaking in to an existing call. This is signalled acoustically by an attention tone. BRI Basic Rate Interface Bridge Network component for connecting homogeneous networks. As opposed to a gateway, bridges operate at layer 2 of the OSI model, are independent of higher-level protocols and transmit data packets using MAC addresses. Data transmission is transparent, which means the information contained in the data packets is not interpreted.
Glossary Teldat GmbH signment. For each day of the week, you can select any day/night switching time. A calendar has four switch times, which can be specifically assigned to each individual day of the week. Call allocation In a PBX, calls can be assigned to certain terminals. Call costs account You can set up a "call costs account" for a subscriber here. The maximum available number of units, in the form of a limit, can be assigned to each subscriber on their personal "call costs account".
Glossary Teldat GmbH to several different teams, this is not surprising. You can now form various groups of subscribers in which call pickup is possible. A call can only be picked up by subscribers/terminals in the same pickup group. The assignment of subscribers in pickup groups is not dependent on the settings in the Day and Night team call assignment.
Glossary Teldat GmbH Block Cipher Modes. CBC Cipher Block Chaining CCITT Consultative Committee for International Telegraphy and Telephony CD (Call Deflection) The forwarding of calls. This performance feature enables you to forward a call without having to take it yourself. If you forward a call to an external subscriber, you bear any connection costs from your connection to the destination of the forwarded call.
Glossary Teldat GmbH Combination device If an analogue terminal connection of the PBX is set up as a "multifunctional port" for combination devices, all calls are received, regardless of the service. In the case of trunk prefixes using codes, the service ID "Analogue Telephony" or "Telefax Group 3" can also be transmitted, regardless of the configuration of the analogue connection. If 0 is dialled, the service ID "Analogue Telephony" is also transmitted.
Glossary Teldat GmbH Data compression A process for reducing the amount of data transmitted. This enables higher throughput to be achieved in the same transmission time. Examples of this technique include STAC, VJHC and MPPC. Data Link Layer (DLL) Data packet A data packet is used for information transfer. Each data packet contains a prescribed number of characters (information and control characters).
Glossary Teldat GmbH tack host in a LAN with fake requests so that it is completely overloaded. This means the system or a certain service can no longer be run. DES Data Encryption Standard Destination number Speeddial memory memory 564 DHCP Dynamic Host Configuration Protocol Dial preparation On some telephones with a display, you can first enter a telephone, check it first, and then dial it. Dial-in parameters Define the dial-in parameters i.e.
Glossary Teldat GmbH matically overwritten when the new configuration is transferred to the PBX. Direct dial-in Performance feature of larger PBXs at the point-to-point connection: The extensions can be called directly from outside. Direct dialling range See Extension numbers range DISA Direct Inward System Access Display and output of connection data In the configuration, it is possible to define storage of data records for specific terminals or all terminals.
Glossary Teldat GmbH the ring button. Your door intercom can have up to 4 ring buttons. The door opener can be pressed during an intercom call. It is not possible activate the door opener if an intercom call is not taking place. Dotted Decimal Notation The syntactic representation of a 32-bit whole number, written in four 8-bit numbers in decimal form and subdivided by a point. It is used to represent IP addresses on the Internet, e.g. 192.67.67.
Glossary Teldat GmbH DTMF Dual Tone Multi Frequency (tone dialling system) Dynamic IP address In contrast to a static IP address, a dynamic IP address is assigned temporarily by DHCP. Network components such as the web server or printer usually have static IP address, while clients such as notebooks or workstations usually have dynamic IP addresses. E1/T1 E1: European variant of the 2.048 mbps ISDN Primary Rate Interface, which is also called the E1 system.
Glossary Teldat GmbH Ethernet connections The 4 connections are led equally through an internal switch. Network clients can be directly connected to the connection sockets. The ports are designed as 100/BaseT full-duplex, autosensing, auto MDIX upwardly compatible to 10/Base T. Up to 4 SIP telephones or IP softclients with SIP standard can be directly connected to PCs with a network card.
Glossary Teldat GmbH via the standard access after a predefined number of attempts, setup is attempted using the second entry then subsequent entries. If the final entry in the list does not enable a connection to be set up successfully, the operation is terminated until a new request is made. When fall back occurs and all other ISPs can only be reached by dialup connections, both B channels may be occupied. If channel bundling is used, you cannot be reached for the duration of this connection.
Glossary 570 Teldat GmbH Fragmentation Process by which an IP datagram is divided into small parts in order to meet the requirements of a physical network. The reverse process is known as reassembly. Frame Unit of information sent via a data connection. Frame relay A packet switching method that contains smaller packets and fewer error checks than traditional packet switching methods such as X.25. Because of its properties, frame relay is used for fast WAN connections with a high density of traffic.
Glossary Teldat GmbH conduct a call without using your hands. As a result, other people in the room can also participate in the call. bintec Rxxx2/RTxxx2 Hashing The process of deriving a number (hash) from a character string. A hash is generally far shorter than the text flow it was derived from. The hashing algorithm is designed so that there is a relatively low probability of generating a hash that is the same as another hash generated from a text sequence with a different meaning.
Glossary Teldat GmbH host computer. HTTP HyperText Transfer Protocol Hub Network component used to connect several network components together to form a local network (star-shaped). IAE ISDN connection unit, ISDN connection socket. ICMP Internet Control Message Protocol ICV Integrity Check Value Identify malicious callers (intercept) You have to request this performance feature from T-Com. The company will provide you with further information on the procedure.
Glossary Teldat GmbH al calls. Internal calls Free-of-charge connection between terminals in a PBX. Internal telephone numbers Your PBX has a fixed internal telephone number plan. Internet The Internet consists of a number of regional, local and university networks. The IP protocol is used for data transmission on the Internet. Internet time sharing Allows several users to surf the Internet simultaneously over an ISDN connection.
Glossary Teldat GmbH the other hand, uses the PC's resources. 574 ISDN Login Function of your gateway. Your gateway can be configured and administrated remotely using ISDN Login. ISDN Login operates on gateways in the ex works state as soon they are connected to an ISDN connection and therefore reachable via an extension number. ISDN number The network address of the ISDN interface, e.g. 4711.
Glossary Teldat GmbH bintec Rxxx2/RTxxx2 LCP Link Control Protocol LDAP Lightweight Directory Access Protocol Lease Time The "Lease Time" is the time a computer keeps the IP address assigned to it without having to "talk" to the DHCP server. Leased Line Leased line LLC Link Layer Control Local exchange Switching node of a public local telephone network that supports the connection of end systems.
Glossary Teldat GmbH MPPC Microsoft Point-to-Point Compression MPPE Microsoft Point-to-Point Encryption MSDU MAC Service Data Unit - a data packet that ignores fragmentation in the WLAN. MSN Multiple subscriber number MSSID See SSID MTU Maximum Transmission Unit Multicast A specific form of broadcast in which a message is simultaneously transmitted to a defined user group.
Glossary Teldat GmbH NetBIOS Network Basic Input Output System Netmask The second part of an address in an IP network, used for identification of a device, e.g. 255.255.255.0. See also IP address. Network Your PBX has a DSL router so that one or more PCs can surf the Internet and download information. Network address A network address designates the address of a complete local network.
Glossary Teldat GmbH OSPF Open Shortest Path First Outgoing extension The "outgoing extension number signal" is intended for internal connumber signal nections on the point-to-point to which an explicit extension number was not assigned. When an external call is made, the extension number entered under Outgoing Extension Number Signal is also transmitted.
Glossary Teldat GmbH replaced by the multifrequency code method (MFC) . PGP Pretty Good Privacy PH Packet handler Phone book The PBX has an internal phone book. You can store up to 300 telephone numbers and the associated names. You can access the PBX's phone book with the Teldat devices (for example CS 410). You add entries to the phone book using the configuration interface.
Glossary Teldat GmbH PPP Point-to-Point Protocol PPP authentication Security mechanism. A method of authentication using passwords in PPP. PPPoA Point to Point Protocol over ATM PPPoE Point to Point Protocol over Ethernet PRI Primary Rate Interface Primary Rate Interface (PRI) ISDN subscriber connection. The PRI consists of one D channel and 30 B channels (in Europe). (In America: 23 B channels and one D channel.) There is also the ISDN Basic Rate Interface.
Glossary Teldat GmbH Recording telephone Performance feature of an answering machine. Enables a conversacalls tion to be recorded during the telephone call. Remote Remote, as opposed to local. Remote access Opposite to local access, see Remote. Remote CAPI bintec's own interface for CAPI. Remote diagnosis/re-Some terminals and PBXs are supported and maintained by Tmote maintenance Service support offices over the telephone line, which often means a service engineer does not have to visit the site.
Glossary Teldat GmbH and the receiver must be lifted or "Hands-free" switched on. If you replace the telephone receiver or turn off "Hands-free", room monitored ends and the performance feature is switched off. 582 Room monitoring from external telephones This function can be used to monitor rooms from an external telephone. Room monitoring from internal telephones You can acoustically monitor a room from an internal telephone in your PBX.
Glossary Teldat GmbH the information providers. The provided information is accessed using the telephone number 0190 which is uniform across Germany plus a 6-digit telephone number. Information offering: Entertainment, weather, finance, sport, health, support and service hotlines. Service 0700 Additional voice service from T-Com. Allows calls to be received via a location-independent telephone number uniform across Germany, starting with the numbers 0700. Free-of-charge routing to national fixed network.
Glossary Teldat GmbH activates the Loudspeaker function so that a conversation can take place immediately. Please see the information on the telephone user's guide on the simplex operation function. 584 SIP Session Initiation Protocol SMS Short Message Service SMS receipt If you have connected an SMS-enabled terminal, you can decide whether SMS receipt is to be permitted for the connection. The ex works setting is no SMS receipt.
Glossary Teldat GmbH bintec Rxxx2/RTxxx2 So connection See ISDN Basic Rate Interface So interface Internationally standardised interface for ISDN systems. This interface is provided on the network side by the NTBA . On the user side, the interface is intended for connecting a PBX (point-to-point connection) and for connecting up to eight ISDN terminals (point-to-multipoint connection).
Glossary Teldat GmbH Spoofing Technique for reducing data traffic (and thus saving costs), especially in WANs. SSID The Service Set Identifier (SSID) or Network Name refers to the wireless network code based on IEEE 802.11. SSL Secure Sockets Layer A technology, now standard, developed by Netscape, which is generally used to secure HTTP traffic between a web browser and a web server. STAC Data compression procedure.
Glossary Teldat GmbH Suppress B telephone number (COLR) COLP/COLR: Connected line identification presentation/connected line identification restriction = Activate/suppress transmission of called party's telephone number to caller. This performance feature suppresses the display of the called subscriber's telephone number. If display of the B telephone number is suppressed, your telephone number is not transmitted to the caller when you take a call.
Glossary Teldat GmbH option, which can be used with the existing telephone cable, costs less than two telephone connections but offers far greater quality and ease of use: Two independent lines, so that you can still make a phone call, receive a fax, or surf the Internet when another family member is making a long call on the other line. Three or more telephone numbers, which you can assign individually to your devices and distribute differently if needed through simple programming steps.
Glossary Teldat GmbH TAPI Telephony Application Program Interface TAPI configuration You can use the TAPI configuration to modify the TAPI driver in line with the program that uses this driver. You can check which MSN is to be assigned to a terminal, define a line name, and configure the dialling parameters. First configure your PBX. You must then configure the TAPI interface. Use the "TAPI Configuration" program.
Glossary Teldat GmbH telephone number is stored in your telephone's caller list. However, because your connection is automatically set to Automatic Outside Line as a result of the ex works settings, you would first have to dial ** for a callback in order to obtain the internal dialling tone, and then 22. If "Transfer Internal Code" is active, ** is placed before the 22 and the callback can be made directly from the caller list.
Glossary Teldat GmbH bintec Rxxx2/RTxxx2 Signalling 1) phones. V.11 ITU-T recommendation for balanced dual-current interface lines (up to 10 mbps). V.24 CCITT and ITU-T recommendation that defines the interface between a PC or terminal as Data Terminal Equipment (DTE) and a modem as Data Circuit-terminating Equipment (DCE). V.28 ITU-T recommendation for unbalanced dual-current interface line. V.35 ITU-T recommendation for data transmission at 48kbps in the range from 60 to 108kHz. V.
Glossary 592 Teldat GmbH Web server Server that provides documents in HTML format for access over the Internet (WWW). Webmail T-Online service with which e-mails can be sent and received worldwide on the Internet by means of a browser. WEP Wired Equivalent Privacy Western plug (also known as RJ-45 plug) Plug used for ISDN terminals with eight contacts. Developed by the US telephone company Western Bell. Western plugs for analogue telephones have four or six contacts.
Glossary Teldat GmbH in ISDN (D channel). bintec Rxxx2/RTxxx2 X.500 ITU-T standards that cover user directory services, see LDAP. Example: The phone book is the directory in which you find people on the basis of their name (agreement with the telephone directory). The Internet supports several databases with information on users, such as e-mail addresses, telephone numbers and postal addresses. You can search these databases to obtain information about individuals. X.
Index Teldat GmbH Index 187 ISDN Timeserver 80 Modem Init Sequence 120 System Admin Password 76 # #1 #2, #3 114 A Access 459 Access Control 180 Access Filter 233 Access Filter 228 Access Rules 226 ACCESS_ACCEPT 97 ACCESS_REJECT 97 ACCESS_REQUEST 97 ACCOUNTING_START 97 ACCOUNTING_STOP 97 Action 187 , 233 , 385 , 455 , 467 , 483 , 510 , 531 , 537 Action if license not registered 453 Action if server not reachable 453 Action to be performed 479 Actions 467 Active Clients 181 Active IPSec Tunnels 71 Active
Index Teldat GmbH ATM Service Category 310 Attacked Access Point 185 Authentication 275 , 280 , 285 , 291 , 298 , 368 , 375 Authentication ID 404 , 409 Authentication Key 250 Authentication Method 327 , 342 Authentication Type 98 , 103 , 250 Authentication Method 532 Authentication for PPP Dialin 106 Autoconfiguration on Bootup 126 Autosave Mode 115 , 467 AUX 119 , 295 AUX Port Status 120 B Back Route Verify 335 Back Route Verify 197 Back-up of configuration on SD card 71 Backup Designated Router 541 Band
Index Teldat GmbH Comfort Noise Generation (CNG) 407 , 414 Command Mode 467 Command Type 467 Common Name 113 Compare Condition 462 Compare Value 462 Compression 94 , 318 , 321 , 368 , 375 Config Mode 330 Configuration Encryption 510 Configuration contains certificates/keys 467 Configuration Interface 86 Configured Speed / Mode 123 Confirm Admin Password 76 Congestion Avoidance (RED) 225 Connection State 214 , 229 Connection Type 288 , 365 Connection Idle Timeout 272 , 278 , 283 , 288 , 296 , 365 , 372 Con
Index Teldat GmbH Destination IP Address/Netmask 192 , 201 , 211 , 214 , 229 , 333 Destination IP Address 195 Destination Port Range 394 Details 531 Device 164 Device Mode 142 DH Group 342 DHCP Hostname 148 , 307 DHCP Options 448 DHCP Server 160 DHCP Configuration 446 DHCP Broadcast Flag 148 DHCP Client on Interface 236 DHCP MAC Address 148 , 307 DHCP Relay Settings 451 DHCP Server 445 Diagnostics 506 Dial Latency 425 Dialling Number 486 Direction 217 , 242 , 422 , 535 , 536 Distribution Mode 206 Distribu
Index Teldat GmbH Ethernet Interface Selection 123 Ethernet Ports 122 Event 520 Event Type 462 Event List 462 , 467 Event List Condition 467 Ex works setting 10 Exclude from NAT (DMZ) 236 Expire Time 404 , 409 Expiry Timer 546 , 550 , 551 , 551 Export indirect static routes 250 Extended Route 195 Extension / User Name 404 Extensions 403 External Address 422 External Filename 116 , 117 External Port 401 External Reporting 515 F Facility 516 Fallback interface to get DNS server 431 Faxheader 460 File Encodi
Index Teldat GmbH I IGMP 256 IGMP Proxy 259 IGMP State Limit 257 IGMP State Limit 260 IGMP Status 260 Ignore Certificate Request Payloads 359 IKE (Phase-1) 534 IKE (Phase-1) SAs 532 Image already exists.
Index Teldat GmbH ISDN Mode 424 ISDN Port 135 ISDN Ports 125 ISDN Switch Type 126 , 130 ISDN Theft Protection Service ISDN Theft Protection 485 ISDN Trunks 423 ISDN Usage External 71 ISDN Usage Internal 71 ISDN/Modem 534 486 J Join/Prune Interval 264 Join/Prune State 550 , 551 , 551 Join/Prune Hold Time 264 K Keepalive Period Key Size 467 Key Value 381 268 L L2TP 360 LAN 145 Language for login window 492 Last configuration stored 71 Last Member Query Interval 257 Last seen 185 Layer 4 Protocol 193 LCP
Index Teldat GmbH Management VID 153 Manual WLAN Controller IP Address 73 Manually resetting the device 10 Master down trials 501 Matching String 520 Max. incoming control connections per remote IP Address 378 Max. number of clients - hard limit 178 Max. number of clients - soft limit 178 Max. queue size 225 Max.
Index Teldat GmbH NAT 197 , 538 NAT method 199 NAT Traversal 347 NAT Detection 532 NAT Configuration 199 NAT active 198 NAT Interfaces 197 Negative Cache 431 Negotiation Type 532 Neighbor 542 Neighbor APs 183 Netmask 195 , 236 , 307 , 308 , 366 Network Address 236 Network Configuration 236 Network Name (SSID) 175 Networking 189 New Destination Port 204 New Destination IP Address/Netmask 204 New File Name 510 New Source Port 204 New Source IP Address/Netmask 193 , 204 No.
Index Teldat GmbH Policies 384 Policy 100 , 104 Pool Usage 447 Pop-Up window for status indication 494 POP3 Server 523 POP3 Timeout 523 Port 198 , 404 , 444 , 539 Port Configuration 152 Port Configuration 123 Port Name 126 , 130 Port Usage 126 , 130 Positive Cache 431 PPPoA 282 PPPoE 271 PPPoE Mode 272 PPPoE Ethernet Interface 272 PPPoE Interfaces for Multilink 272 PPTP 277 , 371 PPTP Inactivity 390 PPTP Passthrough 198 PPTP Tunnels 371 PPTP Address Mode 280 PPTP Ethernet Interface 278 PPTP Mode 372 Pre-e
Index Teldat GmbH 544 Received DNS Packets 439 Received Hello Messages 544 Received Link State Acknowledge Packets 544 Received Link State Request Packets 544 Received Link State Update Packets 544 Recipient 520 Region 160 Register Suppression Timer 268 Registrar 409 Registration 404 , 409 Remaining Validity 462 Remote Hostname 362 Remote Port 401 Remote Address 538 Remote Networks 531 Remote Number 535 , 536 Remote Port 532 , 538 Remote Authentication 96 Remote File Name 467 Remote GRE IP Address 381 Rem
Index Teldat GmbH SCEP URL 111 Schedule Interval 478 Schedule (Start / Stop Time) 455 Scheduling 460 Second Timeserver 80 Secondary DHCP Server 452 Secondary DNS Server 434 Security Mode 176 Security Algorithm 531 Segment Pending Requests 313 Segment Send Interval 313 Select radio 467 Select vendor 449 Select analogue interface 404 Select file 510 Select ISDN interface 404 Selected Ports 378 Selection 393 Send 540 Send Version 240 Send Certificate Chains 359 Send Certificate Request Payloads 359 Send CRLs
Index Teldat GmbH Software &Configuration 508 Sort Order 406 , 413 Source 385 Source Interface 193 , 211 , 261 Source Location 467 Source Port 193 , 201 , 333 Source Port/Range 201 , 211 , 214 , 229 Source Location 187 , 510 Source File Name 510 Source IP Address 462 , 467 , 479 , 484 Source IP Address/Netmask 201 , 211 , 214 , 229 , 333 Source IP Address 548 , 549 , 551 , 551 Source Port Range 394 Special Handling Timer 211 Special Session Handling 209 Specific Ports 378 Specify bandwidth 388 Speed Diali
Index Teldat GmbH Transfer own IP address over ISDN/ GSM 339 Transferred Traffic 462 Transmit Key 176 Transmit Power 165 Transmit Shaping 139 Transparent MAC Address 88 Trials 462 , 484 Trigger 461 , 481 , 483 Trigger Status 467 Triggered Hello Interval 264 Trunk Mode 409 TTL 436 Tunnel Profile 365 Tunnel Profiles 361 Tx Bytes 537 , 538 Tx Errors 537 Tx Packets 537 , 538 Type 214 , 229 , 305 , 394 , 416 , 537 , 543 Type of Endpoint 401 Type of Messages 516 Type of traffic 199 Type of attack 185 U UDP Inac
Index Teldat GmbH VLANs 151 VoIP 398 VPN 324 VR Synchronisation 503 VRRP Advertisement 496 VRRP router 496 W Walled Garden 492 Walled Garden URL 492 Walled Network / Netmask 492 WAN 269 Web Filter 452 Web Filter Status 453 Weight 223 WEP Key 1-4 176 Whitelisted 457 Wildcard 443 Wildcard Mode 88 Wildcard MAC Address 88 WINS Server 431 Wire Mode 142 Wireless Mode 170 Wireless Networks (VSS) 174 , 182 WLC SSID 467 WMM 175 WPA Cipher 176 WPA Mode 176 WPA2 Cipher 176 Write certificate in configuration 467 X X.
