Manualshelf

Installation guide

ManualsBrandsTeldat ManualsNetworkingbintec RXL12100
12345678910
bintec RXL12100
04.12.2013
Subject to technical alterations
Page 3 / 11
Teldat GmbH - Suedwestpark 94 - 90449 Nuremberg - Germany
Phone: +49 - 911 9673-0 - Telefax: +49 - 911 688 07 25
E-Mail: info@teldat.de - www.teldat.org
automates IP configuration on client PCs.
Comprehensive IPSec implementation
The RXL12100's IPSec implementation goes beyond preshared keys. We've also given you the
ability to use certificates, as Germany's Federal Office for Information Security recommends. This
lets you build a public key infrastructure for maximum security. Administrators can manage
certificates conveniently and easily with a RADIUS server. Teldat even provides special
functionality that makes it possible to implement a RADIUS dial-out solution.
Using the IKE Config Mode and Bintec IPSec Multi-User features, administrators can implement
and administer IPSec dial-in solutions for a large number of clients with minimal effort.
IKE-X-Auth (extended authentication) lets you secure connections using a one-time password to
achieve the highest level of security possible. The bintec IPSec implementation also assists you
in establishing VPN connections with dynamic IP addresses, extending connectivity to small
branch locations that may not be online all the time. Even if both VPN participants have dynamic
IP addresses, they can still take advantage of secure communications. A dynamic DNS provider
or a direct ISDN connection can facilitate the exchange of IP addresses. The dynamic IP address
is sent either over the ISDN D-channel at no cost or, if this is not possible, over the B-channel
(carrier charges may apply).
Load balancing / Redundancy
With the bintec RXL12100, you can configure multiple interfaces for WAN access. This not only
provides more bandwidth, but also makes it possible to distribute data across individual WAN
connections according to loads or data types. You can for instance use one internet connection
on a 100 Mbps Ethernet port to establish VPNs for numerous branch locations and external staff
members. A second WAN port can then provide cost-effective VDSL internet access for the rest
of the company.
Our bintec Router Redundancy Protocol allows two routers to function on the LAN as if they were
a single device. In addition to each unit having its own unique IP and MAC addresses for every
interface, the two units are also assigned a shared virtual IP and MAC address. This virtual
address is then entered as the standard gateway on all the computers on the LAN. The two
linked gateways communicate with each other using the bintec protocol. If one of the units goes
down, the other one automatically takes over and handles all the traffic.
Simple configuration and maintenance
Administrators can configure the gateway using the configuration assistants that are integrated
into the Configuration Interface (FCI). The FCI is a web-based graphical user interface that can be
accessed via HTTP or the encrypted HTTPS protocol from any PC with a current Web browser.
Administrators can configure the RXL12x00 locally or remotely using telnet, SSH, or an ISDN
login.
The gateway's numerous monitoring options represent one of its main security features. You can
query all the configuration parameters and status information via SNMP. You can also have this
information sent from the Gateway to an SNMP manager via SNMP traps or create log files of
syslog messages. Administrators can also choose to receive e-mail notifications of specific
events.