Page 1
LANCOM 7100+ VPN
High-performance central site VPN gateway for connecting up to 200 sites
1
VPN site connectivity for medium-size network infrastructures with multiple external sites
1
Incl. 100 VPN channels, upgradable to 200 per device
1
High availability due to VRRP and Load Balancing
1
Advanced Routing & Forwarding with 256 VLAN/IP contexts
1
Optionally upgradable as Public Spot Gateway and with Content Filter
1
4 x Gigabit Ethernet
Page 2
The LANCOM 7100+ VPN is a central site VPN gateway for connecting 100 sites by default, with the LANCOM VPN Option up to 200. Due to an improved hardware
platform with more powerful CPU and the integrated VPN hardware accelerator an encryption performance of more than 450 Mbps is possible. The Quality of Service
functionality with dynamic broadband management as well as four Gigabit Ethernet ports cater for a correct prioritization and forwarding of data packets in the network.
A practical display permanently illustrates all relevant device information, such as temperature, CPU load, and active VPN tunnels.
More Performance.
The LANCOM 7100+ VPN offers a high-performance hardware platform, meeting high demands for network virtualization, security, and VPN connectivity. Remote sites
can thus be connected with a VPN encryption performance of more than 450 Mbps. At the same time memory capacity and high-speed interfaces guarantee high performance
of networks even at times of high load.
More Security.
The support of VPN based on IPSec standard with highly secure 3DES or AES encryption, the integrated hardware accelerator, and the support of digital certificates cater
for optimal security for connecting up to 200 external sites. The LANCOM 7100+ VPN offers maximum failure safety due to comprehensive backup, high availability, and
redundancy functionalities via ISDN and VRRP. On top of that, an object-oriented stateful-inspection firewall protects the network with intrusion prevention and
Denial-of-Service protection.
More Management.
LCMS, the LANCOM Management System, is a free software package for the LANCOM 7100+ VPN. It caters for the configuration of the device, remote maintenance and
network monitoring. The central component of LCMS, LANconfig, is used to configure the LANCOM 7100+ VPN and other LANCOM devices on the network. The extensive
range of features and the configuration wizards make the router quick to set up. LANmonitor offers detailed, real-time monitoring of parameters, it provides access to log
files and statistics, and it can carry out a detailed trace-protocol analysis. Other functions in LCMS include the GUI for firewall setup, automatic backup of configurations
and scripts, and the intuitive folder structure with convenient search function.
More Virtualization.
The LANCOM 7100+ VPN helps you to use your IT resources more efficiently and to save costs. The device simultaneously supports multiple independent networks. This
is made possible by the powerful technology Advanced Routing and Forwarding (ARF). The ARF function on the LANCOM 7100+ VPN provides up to sixteen virtual networks,
each with its own settings for DHCP, DNS, routing and firewall. ARF allows multiple separate networks for different groups and applications to be operated on a single
physical infrastructure.
More Reliability for the Future.
LANCOM products are designed for a product life of several years and are equipped with hardware dimensioned for the future. Even reaching back to older product
generations, updates to the LANCOM Operating System – LCOS – are available several times a year, free of charge and offering major features. LANCOM offers unbeatable
safeguarding of your investment.
Page 3
LANCOM 7100+ VPN
Firewall
Stateful inspection firewall
Packet filter
Quality of Service
Bandwidth reservation
Layer 2/Layer 3 tagging
Security
High availability / redundancy
VRRP
VPN redundancy
VPN
IPSec over HTTPS
Number of VPN tunnels
Incoming/Outgoing Traffic inspection based on connection information. Trigger for firewall rules depending on backup status, e.g. simplified rule
sets for low-bandwidth backup lines. Limitation of the number of sessions per remote site (ID)
Check based on the header information of an IP packet (IP or MAC source/destination addresses; source/destination ports, DiffServ attribute);
remote-site dependant, direction dependant, bandwidth dependant
Network Address Translation (NAT) based on protocol and WAN address, i.e. to make internal webservers accessible from WANExtended port forwarding
N:N IP address mapping for translation of IP addresses or entire networksN:N IP address mapping
The firewall marks packets with routing tags, e.g. for policy-based routingTagging
Forward, drop, reject, block sender address, close destination port, disconnectActions
Via e-mail, SYSLOG or SNMP trapNotification
Dynamic bandwidth management with IP traffic shapingTraffic shaping
Dynamic reservation of minimum and maximum bandwidths, totally or connection based, separate settings for send and receive directions. Setting
relative bandwidth limits for QoS in percent
Priority queuing of packets based on DiffServ/TOS fieldsDiffServ/TOS
Automatic packet-size control by fragmentation or Path Maximum Transmission Unit (PMTU) adjustmentPacket-size control
Automatic or fixed translation of layer-2 priority information (IEEE 802.11p-marked Ethernet frames) to layer-3 DiffServ attributes in routing mode.
Translation from layer 3 to layer 2 with automatic recognition of 802.1p-support in the destination device
Monitoring and blocking of login attempts and port scansIntrusion Prevention
Source IP address check on all interfaces: only IP addresses belonging to the defined IP networks are allowedIP spoofing
Filtering of IP or MAC addresses and preset protocols for configuration access and LANCAPIAccess control lists
Protection from fragmentation errors and SYN floodingDenial of Service protection
Detailed settings for handling reassembly, PING, stealth mode and AUTH portGeneral
Filtering of unwanted URLs based on DNS hitlists and wildcard filters. Extended functionality with Content Filter OptionURL blocker
Password-protected configuration access can be set for each interfacePassword protection
Alerts via e-mail, SNMP-Traps and SYSLOGAlerts
PAP, CHAP, MS-CHAP and MS-CHAPv2 as PPP authentication mechanismAuthentication mechanisms
Anti-theft ISDN site verification over B or D channel (self-initiated call back and blocking)Anti-theft
Adjustable reset button for 'ignore', 'boot-only' and 'reset-or-boot'Adjustable reset button
VRRP (Virtual Router Redundancy Protocol) for backup in case of failure of a device or remote station. Enables passive standby groups or reciprocal
backup between multiple active devices including load balancing and user definable backup priorities
For completely safe software upgrades thanks to two stored firmware versions, incl. test mode for firmware updatesFirmSafe
In case of failure of the main connection, a backup connection is established over ISDN. Automatic return to the main connectionISDN backup
Static and dynamic load balancing over up to 3 WAN connections. Channel bundling with Multilink PPP (if supported by network operator)Load balancing
Backup of VPN connections across different hierarchy levels, e.g. in case of failure of a central VPN concentrator and re-routing to multiple distributed
remote sites. Any number of VPN remote sites can be defined (the tunnel limit applies only to active connections). Up to 32 alternative remote
stations, each with its own routing tag, can be defined per VPN connection. Automatic selection may be sequential, or dependant on the last
connection, or random (VPN load balancing)
Line monitoring with LCP echo monitoring, dead-peer detection and up to 4 addresses for end-to-end monitoring with ICMP pollingLine monitoring
Enables IPsec VPN based on TCP (at port 443 like HTTPS) which can go through firewalls in networks where e. g. port 500 for IKE is blocked. Suitable
for client-to-site connections (with LANCOM Advanced VPN Client 2.22 or later) and site-to-site connections (LANCOM VPN gateways or routers
with LCOS 8.0 or later). IPSec over HTTPS is based on the NCP VPN Path Finder technology
Max. number of concurrent active IPSec and PPTP tunnels (MPPE): 100. Unlimited configurable connections. Configuration of all remote sites via
one configuration entry when using the RAS user template or Proadaptive VPN.
Features as of: LCOS 8.80
Page 4
LANCOM 7100+ VPN
VPN
Integrated hardware accelerator for 3DES/AES encryption and decryptionHardware accelerator
One click function in LANconfig to create VPN client connections, incl. automatic profile creation for the LANCOM Advanced VPN Client1-Click-VPN Client assistant
Creation of VPN connections between LANCOM routers via drag and drop in LANconfig1-Click-VPN Site-to-Site
IPSec key exchange with Preshared Key or certificateIKE
Certificates
XAUTH
Proadaptive VPN
Algorithms
IPCOMP
LANCOM Dynamic VPN
Specific DNS forwarding
VPN throughput (max., AES)
Firewall throughput (max.)
Content Filter (optional)
URL filter database/rating server
Categories/category profiles
Override
Black-/whitelist
Profiles
X.509 digital multi-level certificate support, compatible with Microsoft Server / Enterprise Server and OpenSSL, upload of PKCS#12 files via HTTPS
interface and LANconfig. Simultaneous support of multiple certification authorities with the management of up to nine parallel certificate hierarchies
as containers (VPN-1 to VPN-9). Simplified addressing of individual certificates by the hierarchy's container name (VPN-1 to VPN-9). Wildcards for
certificate checks of parts of the identity in the subject. Secure Key Storage protects a private key (PKCS#12) from theft
Automatic creation, rollout and renewal of certificates via SCEP (Simple Certificate Enrollment Protocol) per certificate hierarchyCertificate rollout
CRL retrieval via HTTP per certificate hierarchyCertificate revocation lists (CRL)
Check X.509 certifications by using OCSP (Online Certificate Status Protocol) in real time as an alternative to CRLsOCSP Client
XAUTH client for registering LANCOM routers and access points at XAUTH servers incl. IKE-config mode. XAUTH server enables clients to register
via XAUTH at LANCOM routers. Connection of the XAUTH server to RADIUS servers provides the central authentication of VPN-access with user
name and password. Authentication of VPN-client access via XAUTH and RADIUS connection additionally by OTP token
Configuration of all VPN client connections in IKE ConfigMode via a single configuration entryRAS user template
Automated configuration and dynamic creation of all necessary VPN and routing entries based on a default entry for site-to-site connections.
Propagation of dynamically learned routes via RIPv2 if required
3DES (168 bit), AES (128, 192 or 256 bit), Blowfish (128 bit), RSA (128 or -448 bit) and CAST (128 bit). OpenSSL implementation with FIPS-140
certified algorithms. MD-5 or SHA-1 hashes
NAT-Traversal (NAT-T) support for VPN over routes without VPN passthroughNAT-Traversal
VPN data compression based on LZS or Deflate compression for higher IPSec throughput on low-bandwidth connections (must be supported by
remote endpoint)
Enables VPN connections from or to dynamic IP addresses. The IP address is communicated via ISDN B- or D-channel or with the ICMP or UDP
protocol in encrypted form. Dynamic dial-in for remote sites via connection template
Enables the registration of IP addresses with a Dynamic DNS provider in the case that fixed IP addresses are not used for the VPN connectionDynamic DNS
DNS forwarding according to DNS domain, e.g. internal names are translated by proprietary DNS servers in the VPN. External names are translated
by Internet DNS servers
450 Mbps1418-byte frame size UDP
930 Mbps1518-byte frame size UDP
Activate the 30-day trial version after free registration under http://www.lancom.eu/routeroptionsDemo version
Worldwide, redundant rating servers from IBM Security Solutions for querying URL classifications. Database with over 100 million entries covering
about 10 billion web pages. Web crawlers automatically search and classify web sites to provide nearly 150,000 updates per day: They use text
classification by optical character recognition, key word searches, classification by word frequency and combinations, web-site comparison of text,
images and page elements, object recognition of special characters, symbols, trademarks and prohibited images, recognition of pornography and
nudity by analyzing the concentration of skin tones in images, by structure and link analysis, by malware detection in binary files and installation
packages
Additional filtering of HTTPS requests with separate firewall entriesHTTPS filter
Filter rules can be defined in each profile by collecting category profiles from 58 categories, for example to restrict Internet access to business
purposes only (limiting private use) or by providing protection from content that is harmful to minors or hazardous content (e.g. malware sites).
Clearly structured selection due to the grouping of similar categories. Content for each category can be allowed, blocked, or released by override
Each category can be given an optional manual override that allows the user to access blocked content on a case-by-case basis. The override
operates for a limited time period by blocking the category or domain, or a combination of both. Optional notification of the administrator in case
of overrides
Lists that are manually configured to explicitly allow (whitelist) or block (blacklist) web sites for each profile, independent of the rating server.
Wildcards can be used when defining groups of pages or for filtering sub pages
Timeframes, blacklists, whitelists and categories are collected into profiles that can be activated separately for content-filter actions. A default
profile with standard settings blocks racist, pornographic, criminal, and extremist content as well as anonymous proxies, weapons/military, drugs,
SPAM and malware
Features as of: LCOS 8.80
Page 5
LANCOM 7100+ VPN
Content Filter (optional)
Time frames
Flexible firewall action
Individual display pages (for blocked, error,
override)
License management
Statistics
Wizard for typical configurations
VoIP
SIP ALG
Routing functions
Advanced Routing and Forwarding
DHCP
Policy-based routing
Dynamic routing
Layer 2 functions
ARP lookup
COM port server
COM port forwarding
USB print server
Timeframes can be flexibly defined for control over filtering depending on the time of day or weekday, e.g. to relax controls during break times for
private surfing
Activation of the content filter by selecting the required firewall profile that contains content-filter actions. Firewall rules enable the flexible use of
your own profiles for different clients, networks or connections to certain servers
Response pages displayed by the content filter in case of blocked sites, errors or overrides can be custom designed. Variables enable the inclusion
of current information such as the category, URL, and rating-server categorization. Response pages can be issued in any language depending on
the language set in the user's web browser
As an alternative to displaying the device's own internal response pages to blockings, errors or overrides, you can redirect to external web serversRedirection to external pages
Automatic notification of license expiry by e-mail, LANmonitor, SYSLOG or SNMP trap. Activation of license renewal at any time before expiry of
the current license (the new licensing period starts immediately after expiry of the current license)
Display of the number of checked and blocked web pages by category in LANmonitor. Logging of all content-filter events in LANmonitor; log file
created daily, weekly or monthly. Hit list of the most frequently called pages and rating results. Analysis of the connection properties; minimum,
maximum and average rating-server response time
Messaging in case of content-filter events optionally by e-mail, SNMP, SYSLOG or LANmonitorNotifications
Wizard sets up the content filters for a range of typical scenarios in a few simple steps, including the creation of the necessary firewall rules with
the corresponding action
Simultaneous checking of HTTP traffic for a maximum of 400 different IP addresses in the LANMax. users
The SIP ALG (Application Layer Gateway) acts as a proxy for SIP communication. For SIP calls the ALG opens the necessary ports on the firewall for
the corresponding media packets. By using automatic address translation for devices inside the LAN, the use of STUN is no longer needed.
IP and NetBIOS/IP multi-protocol routerRouter
Separate processing of 128 contexts due to virtualization of the routers. Mapping to VLANs and complete independent management and configuration
of IP networks in the device, i.e. individual settings for DHCP, DNS, Firewalling, QoS, VLAN, Routing etc. Automatic learning of routing tags for
ARF contexts from the routing table
HTTP and HTTPS server for configuration by web interfaceHTTP
DNS client, DNS server, DNS relay, DNS proxy and dynamic DNS clientDNS
DHCP client, DHCP relay and DHCP server with autodetection. Cluster of several LANCOM DHCP servers per context (ARF network) enables caching
of all DNS assignments at each router. DHCP forwarding to multiple (redundant) DHCP servers
NetBIOS/IP proxyNetBIOS
NTP client and SNTP server, automatic adjustment for daylight-saving timeNTP
Policy-based routing based on routing tags. Based on firewall rules, certain data types are marked for specific routing, e.g. to particular remote
sites or lines
Dynamic routing with RIPv2. Learning and propagating routes; separate settings for LAN and WAN. Extended RIPv2 including HopCount, Poisoned
Reverse, Triggered Update for LAN (acc. to RFC 2453) and WAN (acc. to RFC 2091) as well as filter options for propagation of routes. Definition
of RIP sources with wildcards
IPv6 routerIPv6 router
DHCPv6 client, DHCPv6 server, DHCPv6 relay, stateless- and stateful mode, IPv6 address (IA_NA), prefix delegation (IA_PD)DHCPv6
VLAN ID definable per interface and routing context (4,094 IDs) IEEE 802.1QVLAN
Packets sent in response to LCOS service requests (e.g. for Telnet, SSH, SNTP, SMTP, HTTP(S), SNMP, etc.) via Ethernet can be routed directly to the
requesting station (default) or to a target determined by ARP lookup
COM-port server for DIN and USB interfaces. For multiple serial devices connected to it, the server also manages its own virtual COM ports via
Telnet (RFC 2217) for remote maintenance (works with popular virtual COM-port drivers compliant with RFC 2217). Switchable newline conversion
and alternative binary mode. TCP keepalive according to RFC 1122 with configurable keepalive interval, retransmission timeout and retries
Host port for connecting USB printers via RAW-IP and LPD; bi-directional data exchange is possiblePrint server (USB 2.0)
Features as of: LCOS 8.80
Page 6
LANCOM 7100+ VPN
LAN protocols
IP
IPv6
WAN protocols
Interfaces
Ethernet ports
Port configuration
USB 2.0 host port
Serial interface
LCMS (LANCOM Management System)
LANconfig
LANmonitor
Firwall GUI
Automatic software update
Management
WEBconfig
Alternative boot configuration
Automatic update from USB
Device Syslog
ARP, proxy ARP, BOOTP, LANCAPI, DHCP, DNS, HTTP, HTTPS, IP, ICMP, NTP/SNTP, NetBIOS, PPPoE (server), RADIUS, RIP-1, RIP-2, RTP, SIP, SNMP,
TCP, TFTP, UDP, VRRP
NDP, stateless address autoconfiguration (SLAAC), stateful address autoconfiguration (with DHCPv6), router advertisements, ICMPv6, DHCPv6,
DNS, HTTP, HTTPS, PPPoE, TCP, UDP
PPPoE, Multi-PPPoE, ML-PPP, PPTP (PAC or PNS) and IPoE (with or without DHCP), RIP-1, RIP-2, VLAN, IPEthernet
1TR6, DSS1 (Euro-ISDN), PPP, X75, HDLC, ML-PPP, V.110/GSM/HSCSDISDN
IPv6 over PPP (IPv6 and IPv4/IPv6 dual stack session), IPoE (autoconfiguration, DHCPv6 or static)IPv6
6to4, 6in4, 6rd (static and via DHCP)Tunneling protocols (IPv4/IPv6)
ADSL1, ADSL2 or ADSL2+ with external ADSL2+ modemxDSL (ext. modem)
ISDN data or voice usage via internal ISDN interfaceISDN
4 individual 10/100/1000 Mbps Ethernet ports; up to 3 ports can be switched as additional WAN ports with load balancing. Ethernet ports can be
electrically disabled within LCOS configuration
Each Ethernet port can be freely configured (LAN, DMZ, WAN, monitor port, off). Additionally, external DSL modems or termination routers can be
operated as a WAN port with load balancing and policy-based routing.
USB 2.0 hi-speed host port for connecting USB printers (USB print server), serial devices (COM port server), USB data storage (FAT file system) or
supported 3G USB modems; bi-directional data exchange is possible*
ISDN BRI port (S0 bus)ISDN
Serial configuration interface / COM port (8 pin Mini-DIN): 9,600 - 115,000 baud, suitable for optional connection of analog/GPRS modems. Supports
internal COM port server and allows for transparent asynchronous transmission of serial data via TCP
Configuration program for Microsoft Windows, incl. convenient Setup Wizards. Optional group configuration, simultaneous remote configuration
and management of multiple devices over ISDN dial-in or IP connection (HTTPS, HTTP, TFTP). A tree view of the setting pages like in WEBconfig
provides quick access to all settings in the configuration window. Password fields which optionally display the password in plain text and can
generate complex passwords. Configuration program properties per project or user. Automatic storage of the current configuration before firmware
updates. Exchange of configuration files between similar devices, e.g. for migrating existing configurations to new LANCOM products. Detection
and display of the LANCOM managed switches. Extensive application help for LANconfig and parameter help for device configuration. LANCOM
QuickFinder as search filter within LANconfig and device configurations that reduces the view to devices with matching properties
Monitoring application for Microsoft Windows for (remote) surveillance and logging of the status of LANCOM devices and connections, incl. PING
diagnosis and TRACE with filters and save to file. Search function within TRACE tasks. Wizards for standard diagnostics. Export of diagnostic files
for support purposes (including bootlog, sysinfo and device configuration without passwords). Graphic display of key values (marked with an icon
in LANmonitor view) over time as well as table for minimum, maximum and average in a separate window, e. g. for Rx, Tx, CPU load, free memory.
Monitoring of the LANCOM managed switches. Flick easily through different search results by LANCOM QuickFinder
Graphical user interface for configuring the object-oriented firewall in LANconfig: Tabular presentation with symbols for rapid understanding of
objects, choice of symbols for objects, objects for actions/Quality of Service/remote sites/services, default objects for common scenarios, individual
object definition (e.g. for user groups)
Voluntary automatic updates for LCMS. Search online for LCOS updates for devices managed by LANconfig on the myLANCOM download server
(myLANCOM account mandatory). Updates can be applied directly after the download or at a later time
Integrated web server for the configuration of LANCOM devices via Internet browsers with HTTPS or HTTP. Similar to LANconfig with a system
overview, syslog and events display, symbols in the menu tree, quick access with side tabs. WEBconfig also features Wizards for basic configuration,
security, Internet access, LAN-LAN coupling. Online help for parameters in LCOS menu tree
During rollout devices can be preset with project- or customer-specific settings. Up to two boot- and reset-persistent memory spaces can store
customized configurations for customer-specific standard settings (memory space '1') or as a rollout configuration (memory space '2'). A further
option is the storage of a persistent standard certificate for the authentication of connections during rollouts
Automtatic upload of appropriate firmware and configuration files on insertion of USB memory (FAT filesystem) into USB interfaces of LANCOM
routers with factory settings. The function can be activated to be used during operation of configured devices. The router checks the files’ dates
and versions against the current firmware before upload
Syslog buffer in the RAM (size depending on device memory) to store events for diagnosis. Default set of rules for the event protocol in Syslog. The
rules can be modified by the administrator. Display and saving of internal Syslog buffer (events) from LANCOM devices with LANmonitor, display
only with WEBconfig
Individual access and function rights for up to 16 administrators. Alternative access control on a per parameter basis with TACACS+Access rights
Features as of: LCOS 8.80
Page 7
LANCOM 7100+ VPN
Management
User administration
Remote maintenance
TACACS+
Remote maintenance of 3rd party devices
TFTP & HTTP(S) client
SSH & Telnet client
Basic HTTP(S) file server
Scripting
Load commands
Diagnosis
LANCAPI
Statistics
Accounting
Hardware
RADIUS user administration for dial-in access (PPP/PPTP and ISDN CLIP). Support for RADSEC (Secure RADIUS) for secure communication with
RADIUS servers
Remote configuration with Telnet/SSL, SSH (with password or public key), browser (HTTP/HTTPS), TFTP or SNMP, firmware upload via HTTP/HTTPS
or TFTP
Support of TACACS+ protocol for authentication, authorization and accounting (AAA) with reliable connections and encrypted payload. Authentication
and authorization are separated completely. LANCOM access rights are converted to TACACS+ levels. With TACACS+ access can be granted per
parameter, path, command or functionality for LANconfig, WEBconfig or Telnet/SSH. Each access and all changes of configuration are logged.
Access verification and logging of SNMP Get and Set requests. WEBconfig supports the access rights of TACACS+ and choice of TACACS+ server
at login. LANconfig provides a device login with the TACACS+ request conveyed by the addressed device. Authorization to execute scripts and each
command within them by checking the TACACS+ server’s database. CRON, action-table and script processing can be diverted to avoid TACACS+
to relieve TACACS+ servers. Redundancy by setting several alternative TACACS+ servers. Configurable option to fall back to local user accounts in
case of connection drops to the TACACS+ servers. Compatibility mode to support several free TACACS+ implementations
A remote configuration for devices behind der LANCOM can be accomplished (after authentication) via tunneling of arbitrary TCP-based protocols,
e.g. for HTTP(S) remote maintenance of VoIP phones or printers of the LAN. Additionally, SSH and Telnet client allow to access other devices from
a LANCOM device with an interface to the target subnet if the LANCOM device can be reached at its command line interface
Remote maintenance over ISDN dial-in with calling-number checkISDN remote maintenance
For downloading firmware and configuration files from a TFTP, HTTP or HTTPS server with variable file names (wildcards for name, MAC/IP address,
serial number), e.g. for roll-out management. Commands for live Telnet session, scripts or CRON jobs. HTTPS Client authentication possible by
username and password or by certificate
SSH-client function compatible to Open SSH under Linux and Unix operating systems for accessing third-party components from a LANCOM router.
Also usable when working with SSH to login to the LANCOM device. Support for certificate- and password-based authentication. Generates its own
key with sshkeygen. SSH client functions are restricted to administrators with appropriate rights. Telnet client function to login/administer third
party devices or other LANCOM devices from command line interface
HTML pages, images and templates for Public Spot pages, vouchers, information pages of the Content Filter can be stored on a USB memory (FAT
file system) in a specific folder as an alternative for the limited internal memory
Option to choose if an uploaded certificate or the default certificate is used by the HTTPS serverHTTPS Server
Access rights (read/write) over WAN or LAN can be set up separately (Telnet/SSL, SSH, SNMP, HTTPS/HTTP), access control listSecurity
Scripting function for batch-programming of all command-line parameters and for transferring (partial) configurations, irrespective of software
versions and device types, incl. test mode for parameter changes. Utilization of timed control (CRON) or connection establishment and termination
to run scripts for automation. Scripts can send e-mails with various command line outputs as attachments
LoadFirmware, LoadConfig and LoadScript can be executed conditionally in case certain requirements are met. For example, the command
LoadFirmware could be executed on a daily basis and check each time if the current firmware is up to date or if a new version is available. In
addition, LoadFile allows the upload of files including certificates and secured PKCS#12 containers
SNMP management via SNMPv2, private MIB exportable by WEBconfig, MIB IISNMP
Scheduled control of parameters and actions with CRON serviceTimed control
Extensive LOG and TRACE options, PING and TRACEROUTE for checking connections, LANmonitor status display, internal logging buffer for SYSLOG
and firewall events, monitor mode for Ethernet ports
Available for all LANCOM routers with integrated ISDN interface. LANCAPI provides CAPI 2.0 features for Microsoft Windows to utilize ISDN channels
over the IP network
Softmodem for Microsoft Windows that makes use of LANCAPI to send and receive faxes via ISDNCAPI Faxmodem
Extensive Ethernet, IP and DNS statistics; SYSLOG error counterStatistics
Connection time, online time, transfer volumes per station. Snapshot function for regular read-out of values at the end of a billing period. Timed
(CRON) command to reset all counters at once
Accounting information exportable via LANmonitor and SYSLOGExport
Internal power supply unit (110–230 V, 50-60 Hz)Power supply
Temperature range 5–40° C; humidity 0–95%; non-condensingEnvironment
Robust metal housing, 19' 1 HU, 435 x 45 x 207 mm, with removable mounting brackets, network connectors on the frontHousing
1Fans
30 WattPower consumption (max)
Features as of: LCOS 8.80
Page 8
LANCOM 7100+ VPN
Declarations of conformity
EN 55022, EN 55024, EN 60950CE
FCC Part 15, Class B with FTP cablingFCC*
IPv6 Ready Logo GoldIPv6
There are no ISDN functions available in the US-Version*) Note
Package content
Printed Installation Guide (DE/EN)Manual
Data medium with firmware, management software (LANconfig, LANmonitor, LANCAPI) and documentationCD/DVD
Serial configuration cable, 1.5mCable
2 Ethernet cables, 3mCable
ISDN cable, 3mCable
IEC power cordCable
Support
3 years Support via Hotline and Internet KnowledgeBaseWarranty
Regular free updates (LCOS operating system and LANCOM Management System) via InternetSoftware updates
Options
LANCOM VPN-200 Option (200 channels), item no. 61404VPN
LANCOM Content Filter +10 user, 1 year subscriptionLANCOM Content Filter
LANCOM Content Filter +25 user, 1 year subscriptionLANCOM Content Filter
LANCOM Content Filter +100 user, 1 year subscriptionLANCOM Content Filter
LANCOM Content Filter +10 user, 3 year subscriptionLANCOM Content Filter
LANCOM Content Filter +25 user, 3 year subscriptionLANCOM Content Filter
LANCOM Content Filter +100 user, 3 year subscriptionLANCOM Content Filter
LANCOM Next Business Day Service Extension Central Site, item no. 61413Advance Replacement
LANCOM 2-Year Warranty Extension Central Site, item no. 61416Warranty Extension
Accessories
LANCOM Serial Adapter Kit, item no. 61500Analog modem backup/serial adapter
LANCOM Advanced VPN Client for Windows XP, Windows Vista, Windows 7, single license, item no. 61600VPN Client Software
LANCOM Advanced VPN Client for Windows XP, Windows Vista, Windows 7, 10 licenses, item no. 61601VPN Client Software
LANCOM Advanced VPN Client for Windows XP, Windows Vista, Windows 7, 25 licenses, item no. 61602VPN Client Software
LANCOM Advanced VPN Client for Mac OS X (10.5 Intel only, 10.6 or higher), single license, item no. 61606VPN Client Software
LANCOM Advanced VPN Client for Mac OS X (10.5 Intel only, 10.6 or higher), 10 licenses, item no. 61607VPN Client Software
Item numbers
61071LANCOM 7100+ VPN (EU)
61072LANCOM 7100+ VPN (UK)
Features as of: LCOS 8.80
www.lancom.eu
LANCOM Systems GmbH I Adenauerstr. 20/B2 I 52146 Wuerselen I Germany I E-Mail info@lancom.eu I Internet www.lancom.eu
LANCOM, LANCOM Systems and LCOS are registered trademarks. All other names or descriptions used may be trademarks or registered trademarks of their owners. Subject to change
without notice. No liability for technical errors and/or omissions. 3/2013
Loading...