Page 1
LANCOM 800+
LANCOM DSL/I- 10+
LANCOM DSL/I- 1611 Office
Page 2
© 2004 LANCOM Systems GmbH, Wuerselen (Germany). All rights reserved.
0268
While the information in this manual has been compiled with great care, it may not be deemed an assurance of product
characteristics. LANCOM Systems shall be liable only to the degree specified in the terms of sale and delivery.
The reproduction and distribution of the documentation and software included with this product is subject to written permission by LANCOM Systems. We reserve the right to make any alterations that arise as the result of technical development.
Trademarks
Windows
®
, Windows XP® and Microsoft® are registered trademarks of Microsoft, Corp.
The LANCOM Systems logo and the name LANCOM are registered trademarks of LANCOM Systems GmbH. All other names
mentioned may be trademarks or registered trademarks of their respective owners.
Subject to change without notice. No liability for technical errors or omissions.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http://www.openssl.org/
LANCOM Systems GmbH
Adenauerstr. 20/B2
52146 Wuerselen
Germany
www.lancom.de
Wuerselen, November 2004
.
/1104
11
Page 3
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Preface
Preface
Model
restrictions
Thank you for placing your trust in this
LANCOM
product.
With the LANCOM router, you have chosen a powerful router that lets you
easily and conveniently provide individual computers or an entire local network with high-speed Internet access. Dial-in connections and LAN to LAN
couplings can be realized depending on the LANCOM model via ISDN or VPN.
Model variants
This user manual applies to the following models of the LANCOM router which
are different in hard and software equipment:
LANCOM 800+
LANCOM DSL/I-10+
LANCOM DSL/I-1611 Office
The sections of the documentation that refer only to a range of models are
marked either in the corresponding text itself or with appropriate comments
placed beside the text.
In the other parts of the documentation, all described models have been classified under the general term LANCOM router.
EN
Security settings
For a carefree use of your device, we recommend to carry out all security settings (e.g. Firewall, encryption, access protection, charge lock), which are not
already activated at the time of purchase of your device. The LANconfig wizard
’Check Security Settings’ will support you accomplishing this. Further information regarding this topic can be found in chapter ’Security settings’
→page 66.
We ask you additionally to inform you about technical developments and
actual hints to your product on our Web page www.lancom.de
, and to down-
load new software versions if necessary.
User manual and reference manual
The documentation of your device consists of two parts: the user manual and
the reference manual.
You are now reading the user manual. It contains all information you need to
start your LANCOM router. It also contains the most important technical specification for the device.
3
Page 4
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Preface
The reference manual can be found on the CD as an Acrobat (PDF) document.
It is designed as a supplement to the user manual and goes into detail on topics that apply to a variety of devices. These include for example:
Systems design of the LCOS operating system
Configuration
Management
Diagnosis
EN
Security
Routing and WAN functions
Firewall
Quality of Service (QoS)
Virtual Private Networks (VPN)
Virtual Local Networks (VLAN)
Wireless networks (WLAN)
LANCAPI
Further server services (DHCP, DNS, charge management)
This documentation was compiled …
...by several members of our staff from a variety of departments in order to
ensure you the best possible support when using your LANCOM product.
In case you encounter any errors, or just want to issue critics or enhancements, please do not hesitate to send an email directly to:
info@lancom.de
Our online services ( www.lancom.de) are available to you around the
clock should you have any queries regarding the topics discussed in
this manual or require any further support. In addition support from
LANCOM Systems is also available to you. Telephone numbers and
4
Page 5
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
contact information for LANCOM Systems support can be found on a
separate insert, or at the LANCOM Systems website.
Notes symbols
Very important instructions. If not followed, damage may result.
Preface
Important instruction that should be followed.
Additional instructions which can be helpful, but are not
required.
EN
5
Page 6
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Contents
Contents
1 Introduction 9
1.1 How does DSL work? 9
1.2 Which use does VPN offer? 11
1.3 Firewall 14
EN
1.4 What does a router do? 15
1.4.1 Bridgehead to the WAN 16
1.4.2 Areas of deployment for routers 16
1.5 What can your LANCOM router do? 17
2 Installation 20
2.1 Package contents 20
2.2 System preconditions 20
2.3 Introducing the LANCOM router 21
2.3.1 Status displays 21
2.3.2 The connections of the unit 26
2.4 Hardware installation 28
2.5 Software installation 29
2.5.1 Starting LANCOM setup 30
2.5.2 Which software should you install? 30
3 Basic configuration 32
3.1 Which information is necessary? 32
3.2 Instructions for LANconfig 35
3.3 Instructions for WEBconfig 37
3.4 TCP/IP settings to workstation PCs 41
6
3.1.1 TCP/IP settings 32
3.1.2 Configuration protection 34
3.1.3 Settings for the DSL connection 34
3.1.4 Settings for the ISDN connection 34
3.1.5 Connect charge protection 35
Page 7
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Contents
4 Setting up Internet access 43
4.1 Instructions for LANconfig 45
4.2 Instructions for WEBconfig 45
5 Linking two networks 46
5.1 What information is necessary? 47
5.1.1 General information 47
5.1.2 Settings for the TCP/IP router 49
5.1.3 Settings for the IPX router 50
5.1.4 Settings for NetBIOS routing 51
5.2 Instructions for LANconfig 52
5.3 Instructions for WEBconfig 52
6 Providing dial-in access 54
EN
6.1 Which information is required? 54
6.1.1 General information 55
6.1.2 Settings for TCP/IP 56
6.1.3 Settings for IPX 56
6.1.4 Settings for NetBIOS routing 57
6.2 Settings for the dial-in computer 58
6.2.1 Dial-up via VPN 58
6.2.2 Dial-up via ISDN 58
6.3 Instructions for LANconfig 59
6.4 Instructions for WEBconfig 59
7 Sending faxes with LANCAPI 61
7.1 Installation of the LANCOM CAPI fax modem 62
7.2 Installation of the MS Windows fax service 63
7.3 Sending a fax 64
7.3.1 Send a fax with any given office application 64
7.3.2 Send a fax with the MS Windows fax service 64
7
Page 8
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Contents
8 Security settings 66
8.1 The security settings wizard 66
8.1.1 Wizard for LANconfig 66
8.1.2 Wizard for WEBconfig 67
8.2 The firewall wizard 67
8.2.1 Wizard for LANconfig 67
8.2.2 Configuration under WEBconfig 68
EN
8.3 The security checklist 68
9 Troubleshooting 71
9.1 No WAN connection is established 71
9.2 DSL data transfer is slow 72
9.3 Unwanted connections under Windows XP 72
10 Appendix 73
10.1 Performance data and specifications 73
10.2 Contact assignment 74
10.2.1 Ethernet WAN interface 74
10.2.2 ISDN-S
interface 75
0
10.2.3 Ethernet interfaces 10/100Base-T 75
10.2.4 Configuration interface (Outband) 76
10.3 CE declaration of conformity 76
11 Index 77
8
Page 9
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
1Introduction
The models LANCOM 800+, LANCOM DSL/I-10+ and LANCOM DSL/I-1611
Office are fully-featured routers that therefore also can be used in combination with the integrated firewall for providing secure Internet access to a complete local network (LAN).
The VPN option, which is either integrated already or can be activated subsequently, enables the LANCOM DSL/I-1611 Office to act as powerful dynamic
VPN gateway for external offices or mobile users.
The LANCOM router models offer each an ISDN connector and partially an DSL
connector (LANCOM DSL/I-10+ and LANCOM DSL/I-1611 Office). The ISDN
line can be used as back-up for the DSL connection (LANCOM DSL/I-10+ and
LANCOM DSL/I-1611 Office), for remote management of the router, as basis
for the office communication via LANCAPI or for establishing dynamic VPN
connections to remote sites with dynamic IP addresses (LANCOM DSL/I-1611
Office only).
EN
1.1 How does DSL work?
Since the late 1980s, scientists have been working on the idea of using conventional telephone lines for video and multimedia applications.
High speed via standard telephone lines
Their approach was based on the use of telephone lines only for the distance
between the subscriber and the next local exchange. From the switching
center, the data is then transferred via high-speed connections to the desired
destination or target network (i.e. the Internet). This minimization of the telephone line distance used permits considerably higher transfer rates than
would be possible when relying solely on the telephone network.
LAN
LANCOM router
ADSL connection via
telephone line
Internet
Local exchange (central office)
9
Page 10
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
All DSL technologies, of which ADSL is the most common, are based on this
concept. Thanks to their high transfer speeds, DSL connections are well-suited
for Internet access.
Ideal for Internet surfers
The ADSL version of DSL was designed for applications in which the user
receives high volumes of data but only transmits relatively small volumes. A
typical example for this would be access to the world wide web (www). Only
EN
a few commands (mouse clicks) are required to initiate the download of very
large volumes of data such as graphics, texts, audio or video files. The user
typically only sends very small amounts of data across the Internet connection.
With an ADSL connection, a user can download at up to 8 Mbps (“downstream”) and upload at up to 800 Kbps (“upstream”). These maximum rates
can be reduced as required by the ADSL provider. A typical access plan might
specify, for example, between 1000 and 3000 Kbps download and 128 up to
384 Kbps upload speed.
All services via a single cable—thanks to the splitter
With ADSL, all traditional telephony applications (telephone, fax, answering
machine, PBX) can still be used without restrictions. So-called splitters make
this possible. Splitters are devices that separate the telephone line's “voice
frequencies” from the “data frequencies” and ensure that the signals are forwarded to the appropriate networks. Voice signals are passed on to the existing telephone network, while data signals are forwarded to their destinations
(i.e. Internet providers) via high-bandwidth network connections.
A splitter is also used at the subscriber end to permit ADSL modems/routers
and conventional telephone equipment to be used at the same time.
10
Page 11
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
In some models the ADSL modem is integrated directly in the router.LANCOM
800+, LANCOM DSL/I-1611 Office or LANCOM DSL/I-10+ are connected to
the splitter using a separate ADSL modem.
Telephone
network
Internet
Switching node
Splitter
DSL access
multiplexer
ADSL provider
LANCOM 800+, LANCOM DSL/I-1611 Office or LANCOM DSL/I-10+
can also utilize other broadband connections (e.g. cable modem) that
offer a 10/100Base-Tx- Ethernet connector over PPPoE, PPTP or plain
Ethernet (with or without DHCP).
1.2 Which use does VPN offer?
Splitter
ADSL
modem
Tele phone
EN
Router
Subscriber
For LANCOM DSL/I1611 Office only
A VPN (Virtual Private Network) can be used to set up cost-effective, public
IP networks, for example via the ultimate network: the Internet.
The model LANCOM DSL/I-1611 Office from LCOS-Version 3.32
upwards is equipped with 5 channels by default. The additional
LANCOM VPN Option can extend VPN support to 25 active tunnels.
While this may sound unspectacular at first, in practice it has profound effects.
To illustrate this, let's first look at a typical corporate network without VPN
technology. In the second step, we will see how this network can be optimized
by the deployment of VPN.
11
Page 12
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
Conventional network infrastructure
First, let's have a look at a typical network structure that can be found in this
form or similar forms in many companies:
EN
Head Office
LAN
LAN
Subsidiary
ISDN ISDN
Workstation in
remote access,
e.g. homework
Internet
The corporate network is based on the internal network (LAN) in the headquarters. This LAN is connected to the outside world in three ways:
A subsidiary is connected to the LAN, typically using a leased line.
PCs dial into the central network via modem or ISDN connections (Remote
Access Service – RAS).
The central LAN has a connection to the Internet so that its users can
access the Web, and send and receive e-mail.
All connections to the outside world are based on dedicated lines, i.e.
switched or leased lines. Dedicated lines are very reliable and secure. On the
other hand, they involve high costs. In general, the costs for dedicated lines
are dependent on the distance. Especially in the case of long-distance connections, keeping an eye out of cost-effective alternatives can be worthwhile.
The appropriate hardware must be available in the headquarters for every
type of required connection (analog dial-up, ISDN, leased lines). In addition
12
Page 13
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
to the original investment costs, ongoing costs are also incurred for the
administration and maintenance of this equipment.
Networking via the Internet
The following structure results when using the Internet instead of direct connections :
LAN
Head Office
LAN
Subsidiary
Internet
Workstation in remote
access
All participants have fixed or dial-up connections to the Internet. Expensive
dedicated lines are no longer needed.
All that is required is the Internet connection of the LAN in the headquar-
ters. Special switching devices or routers for dedicated lines to individual
participants are superfluous.
EN
The subsidiary also has its own connection to the Internet.
The RAS PCs connect to the headquarters LAN via the Internet.
The Internet is available virtually everywhere and typically has low access
costs. Significant savings can thus be achieved in relation to switched or dedicated connections, especially over long distances.
The physical connection no longer exists directly between two participants;
instead, the participants rely on their connection to the Internet. The access
technology used is not relevant in this case: ideally is the use of broadband
13
Page 14
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
technologies such as DSL (Digital Subscriber Line). But also a conventional
ISDN line can be used.
The technologies of the individual participants do not have to be compatible
to one another, as would be the case for conventional direct connections. A
single Internet access can be used to establish multiple simultaneous logical
connections to a variety of remote stations.
The resulting savings and high flexibility makes the Internet (or any other IP
EN
network) an outstanding backbone for a corporate network.
1.3 Firewall
The integrated Stateful Inspection Firewall ensures an effective protection
against undesired intrusion in your network by permitting only incoming data
traffic as reaction to outgoing data traffic. The router’s IP masquerading function hides all workstations of the LAN behind a single public IP address. The
actual identities (IP addresses) of the individual workstations remain concealed. Firewall filters of the router permit specific IP addresses, protocols and
ports to be blocked. With MAC address filters it is also possible to specifically
monitor the access of workstations in the LAN to the IP routing function of the
device.
LAN
Internet
Firewall
LANCOM
Further important features of the Firewall are
Intrusion Detection
Break-in attempts into the local network or on the central Firewall are recognized, repelled and logged by the Intrusion Detection system (IDS) of
the LANCOM router. Thereby it can be selected between logging within
the device, email notification, SNMP trap or SYSLOG alarms.
14
Page 15
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
Denial-of-Service Protection
Attacks from the Internet can be break- in attempts as well as attacks with
the aim of blocking the accessibility and functionality of individual
services. Therefore a LANCOM router is equipped with appropriate protective mechanisms, which recognize well-known hacker attacks and which
guarantee the functionality.
Quality-of-Service / Traffic management
The generic term Quality-of-Service (brief: QoS) summarizes the functions
of the LANCOM which guarantee certain service qualities. The advantage
is that the QoS functions can take place by means of the existing powerful
classification methods of the Firewall (e.g. limitation of subnetworks,
single workstations or certain services).
Guaranteed minimum bandwidths give priority to enterprise critical applications, VoIP PBX installations or certain user groups.
EN
More details about the function of the Stateful Inspection Firewall of
your LANCOM router can be found in the reference manual on the
LANCOM CD.
1.4 What does a router do?
The following sections describe the functionality of routers in general.
The functions supported by your device are listed in the table ’What
can your LANCOM router do?’ →page 17.
Routers connect LANs at different locations and individual PCs to form a Wide
Area Network (WAN). With the appropriate rights, any computer in this WAN
can access other computers and services of the complete WAN (as with 'PC 1'
accessing 'Server A' in the remote LAN in the diagram).
PC 1
server A
LAN 1
router
WAN connection
router
LAN 2
15
Page 16
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
Connecting a LAN to the Internet does not technically differ from coupling two
LANs. The only difference is that it is not just a handful of computers behind
the Internet provider's router. Instead, it is the net of the networks - the public
Internet.
1.4.1 Bridgehead to the WAN
All routers have at least two connections:
EN
at least one for the LAN
at least one for WAN connections
In addition to LAN connectivity (10/100 Mbps Ethernet), several models also
offer an integrated switch. For the connecting to the WAN, the routers use
ISDN, xDSL/cable or ADSL connectors. Several devices contain additionally a
wireless network card and can thus integrate also stations of WLANs (Wireless
LANs) into the routing.
The router's task is to transfer data from the local network to the target network via a suitable WAN connection. Data is also transferred from the WAN
to the desired recipients in the LAN.
1.4.2 Areas of deployment for routers
Routers are mainly used for the following applications:
Internet access for a LAN (e.g. via DSL or ISDN)
The Internet consists of countless large and small networks that are interconnected into the world's largest WAN via routers. The router links all the
workstation computers on your local area network to the global Internet.
Security functions such as IP masquerading protect your LAN against
unauthorized access from outside.
LAN to LAN coupling (via VPN or ISDN)
LAN to LAN coupling links individual LANs to form one large network,
even if this means crossing continents. A typical example: A branch office
is to be connected to the LAN of the headquarters. In principle, you can
connect LANs in two ways:
Not possible with
all LANCOM
devices.
High-speed coupling via VPN
16
The fastest and most economical LAN to LAN links are possible with
VPN (Virtual Private Network) technology, as VPN uses the Internet as
the basis for its communications. The fast xDSL connection of the
router comes into its own here. The precondition: a VPN gateway with
Page 17
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
access to the Internet is required on either side of the network interconnection.
VPN tunnel via the
Internet
VPN gateways
Conventional via ISDN
Without VPN, a LAN to LAN interconnection can alternatively be realized via ISDN. In this case, an intelligent line management and
sophisticated filter mechanisms keeps connection costs low.
EN
1.5 What can your LANCOM router do?
Applications
Remote access to the company network (via VPN or ISDN)
The work of many office workers in modern organizations is less and less
dependent on any definite location—the most important factor here is
unimpaired access to shared and freely available information.
Remote Access Service (RAS) is the magic word here. Employees working
from home or field staff can dial into the company network via VPN or
ISDN. When working with remote access via ISDN, the router protects the
company network: the call back function only grants access to known and
registered users.
The following table contains a direct comparison of the properties and functions of your devices with other models:
800+
LANCOM
LANCOM
DSL/I-10+
LANCOM DSL/
I-1611 Office
Internet access
LAN to LAN coupling via VPN
17
Page 18
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 1: Introduction
LAN to LAN coupling via ISDN
RAS server (via VPN)
EN
RAS server (via ISDN)
IP router
IPX router (via ISDN), e.g. for coupling of Novell networks or dialling into
Novell networks
NetBIOS proxy for coupling of Microsoft peer-to-peer networks via ISDN
DHCP and DNS server (for LAN and WAN)
800+
LANCOM
LANCOM
DSL/I-10+
I-1611 Office
LANCOM DSL/
N:N mapping for routing networks using the same IP address ranges via
VPN
Bridge function for coupling networks via ISDN connection
LANCAPI server for the operating with office applications as fax or
answering machine via ISDN interface
WAN connection
Connection for DSL or cable modem
ISDN S0 bus in multi device-mode or in point-to-point mode with automatic D-channel protocol identification. Supports static and dynamic
channel bundling per MLPPP and BACP as well as Stac data compression
(Hi/fn) and can be used for establishing dynamic VPN connections to
remote sites with dynamic IP addresses (LANCOM DSL/I-1611 Office
only).
LAN connection
Integrated 3-port auto- mode-switch (10/100 Mbps) with private mode,
whereby the ports are concealed from one another.
Fast Ethernet LAN port
Security functions
IPSec encryption in external software (VPN client)
IP masquerading (NAT, PAT) to hide all workstations of the LAN behind
one common public IP address.
Stateful Inspection Firewall
Firewall filters for a selective locking of IP addresses, protocols and ports
18
Page 19
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
MAC address filter control e.g. the access of LAN workstations to IP routing functions
Configuration protection to block “brute force attacks“
Configuration
Configuration with LANconfig or with web browser, additionally terminal
mode for Telnet or other terminal programs, SNMP interface and TFTP
server function.
Remote configuration via ISDN (with ISDN-PPP connections e.g. via Windows network and dial-up connections)
Serial configuration interface
Chapter 1: Introduction
800+
LANCOM
LANCOM
DSL/I-10+
I-1611 Office
LANCOM DSL/
EN
Callback function with PPP authentication mechanisms for restriction to
fixed ISDN telephone numbers
FirmSafe with firmware versions for absolutely secure software upgrades
Optional software extensions
ISDN leased line option
LANCOM VPN Option with 25 active tunnels for protection of network
couplings
LANCOM Service Option with 25 active tunnels for protection of network
couplings
19
Page 20
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
2 Installation
This chapter will assist you to quickly install hardware and software. First,
check the package contents and system requirements. The device can be
installed and configured quickly and easily if all prerequisites are fulfilled.
2.1 Package contents
EN
Please check the package contents for completeness before starting the
installation. In addition to the device itself, the package should contain the
following accessories:
800+
LANCOM
Power adapter
LAN connector cable (green plugs)
WAN connector cable (dark blue plugs)
ISDN connector cable (light blue plugs)
Connector cable for the configuration interface
LANCOM CD
Printed documentation
LANCOM
DSL/I-10+
I-1611 Office
LANCOM DSL/
If anything is missing, please contact your retailer or the address stated on the
delivery slip of the unit.
2.2 System preconditions
Computers that connect to a LANCOM router must meet the following minimum requirements:
Operating system that supports TCP/IP, e.g. Windows XP, Windows Mil-
lennium Edition (Me), Windows 2000, Windows 98, Windows 95, Windows NT, Linux, BSD Unix, Apple Mac OS, OS/2, BeOS.
Access to the LAN via the TCP/IP protocol.
20
Page 21
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
The LANtools and the LANCAPI functions also require a Windows
operating system. A web browser is required for access to WEBconfig.
2.3 Introducing the LANCOM router
This section introduces your device. We will give you an overview of all status
displays, connections and switches.
While the information in this section is useful for the installation of the
device, it is not absolutely essential. You may therefore skip this section for the time being and go straight forward to ’Hardware installation’ →page 28.
Chapter 2: Installation
EN
2.3.1 Status displays
The front and the rear panels (LANCOM DSL/I-10+) of the unit feature a series
The various LANCOM router models have different numbers of indicators on
the front panel depending on their functionality.
Meanings of the LEDs
In the following sections we will use different terms to describe the behaviour
of the LEDs:
Blinking means, that the LED is switched on or off at regular intervals in
the respective indicated colour.
Flashing means, that the LED lights up very briefly in the respective col-
our and stay then clearly longer (approximately 10x longer) switched off.
Inverse flashing means the opposite. The LED lights permanently in the
respective colour and is only briefly interrupted.
Flickering means, that the LED is switched on and off in irregular inter-
vals.
21
Page 22
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
LEDs for LANCOM DSL/I-1611 Office
LANCOM DSL/I-1611
Office
LANCOM DSL I/1611 Office
ISDN WAN LAN Security
EN
Power/Msg
ISDN S0 Status
This LED flashes once when powering-up your device. After the self-test either
an error is indicated by a flashing, or the device starts and the LED lights constantly.
off Device off
red flashing
once
red blinking Constant flashing indicates time or charge limit exceeded.
red Device is ready for use
Indicates the status of the ISDN-S
off not connected or no S0 voltage (many ISDN connections dis-
green blinking initializing (establishing contact with the connection point)
Self-test when powering up
Other flashing types indicate boot errors
connection:
0
able the S
voltage after a certain, inactive time)
0
green ready for use
green Power off LED on, but Power-LED off: device in boot monitoring
ISDN Chan1
Status of the first logical ISDN B channel (in router as well as in CAPI operation):
off no connection established
red blinking incoming call
green blinking outgoing call
22
(S
bus activated, TEI existing and D channel protocol checked)
0
Page 23
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
red physical line enabled, protocol negotiation ongoing
green protocol negotiation (X.75, PPP etc) finished, physical
and logical connection operational
green/red short red flashes indication of received data packets
ISDN Chan2
ISDN-1+2
WAN- Rx/Tx
WAN- Link
WAN- Chan
Status of the second logical ISDN B channel (meaning see ISDN Chan1)
Indicates, whether the actual ISDN connection is a static or a dynamic channel
bundling.
off no bundled connection active
green static or dynamic channel bundling connection active
This yellow LED indicates the data transfer via the WAN connection (via DSL
or cable modem).
This green LED indicates that the Ethernet connection between LANCOM
router and the DSL resp. cable modem is operational.
This LED indicates the status of the WAN connection (via DSL or cable modem)
to the provider. The connection to the provider normally requires a login with
username and password. With time-dependent connecting rates arise
charges during this time. The meanings of the LED in detail:
off no active connection
EN
LAN-Rx/Tx
LAN-Coll
LAN-Link
LAN-Fast
Security-VPN
red establishing connection (login)
green Connection established (login successful)
Data packet from the device to the LAN or from the LAN sent to the device
Sending collision
The connection to the LAN is established and ready for use
The LAN speed is 100 Mbps
In VPN gateway operation, the LED provides the VPN status information:
off no active VPN connection
green VPN connection(s) active
red establishing a VPN tunnel
23
Page 24
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
LEDs for LANCOM 800+ and LANCOM DSL/I-10+
Model example:
LANCOM DSL/I-10+
EN
Power
This LED indicates that the device is operational. After the device has been
switched on, it will flash green for the duration of the self-test. After the selftest, either an error is output by a flashing red light code or the device starts
and the LED remains lit green.
off Device off
green blinking Self-test when powering up
green constantly on Device ready for use
red/
green
red blinking Time or connect-charge reached
blinking alternately Device insecure: configuration password not assigned
The power LED flashes red/green in alternation until a configuration
password has been specified. Without a configuration password, the
configuration data of the LANCOM is insecure. Under normal circumstances, you would assign a configuration password during the basic
configuration (see instructions in the following chapter). For information about a later assignment of the configuration password see the
section ’Security settings’ →page 66.
Online
The Online LED indicates the overall status of all WAN ports:
off No active connection
green flashing Establishing first connection
green inverse flashing Establishing further connection
green constantly on At least one connection established
red constantly on Error establishing the previous connection
24
Page 25
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
Flashing Power LED but no connection?
LANCOM
There's no need to worry if the Power LED blinks red and you can no
Systems
longer connect to the WAN. This simply indicates that a preset time or
connect-charge limit has been reached. There are three methods
available for unlocking:
Reset connect charge protection.
Increase the limit that has been reached.
Signal for reached time
or connect-charge
limit
Completely deactivate the lock that has been triggered (set limit
to '0').
If a time or connect charge limit has been reached, you will be notified in LANmonitor. To
reset the connect charge protection, select Reset Charge and Time Limits in the context
menu (right mouse click). You can configure the connect charge settings in LANconfig under
Management Costs (you will only be able to access this configuration if 'Complete con-
figuration display' is selected under View Options…).
You will find the connect charge protection reset in WEBconfig and all parameters under
Expert Configuration Setup Charges- module.
ISDN status
Status of ISDN S
connection:
0
Power
Power
EN
off Not connected or no S0 voltage (no error message)
green blinking Initializing D-channel (establishing contact with the connec-
tion point)
green constantly on D channel ready for use
red blinking Error (CRC error, framing error, etc.)
red constantly on Activation of D-channel failed
If the ISDN status LED goes out automatically, this does not indicate
an S
bus error. Many ISDN connections and PBXs put the S0 bus into
0
a power-save mode after a certain time. The S
bus is automatically
0
reactivated as required, and the ISDN status LED will once again light
up green.
25
Page 26
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
ISDN Data
EN
WAN Status
(LANCOM DSL/I10+ only)
WAN Data
(LANCOM DSL/I10+ only)
Separate status display for both ISDN B channels:
off No connection established
green blinking Dialling
green flashing Establishing first connection
green flashing Establishing further connection
green constantly on Connection established via B channel
green flickering Data traffic (send or receive)
Connection status of the WAN connection:
off not connected
green blinking Establishing connection
green flashing Protocol negotiation
green constantly on Connection established
Data traffic via the WAN connection:
off No network device connected
LAN
green constantly on Connection to network device operational, no data traffic
green flickering Data traffic (send or receive)
Status of the LAN ports in the integrated switch:
off No network device connected
green constantly on Connection to network device operational, no data traffic
green flickering Data traffic
2.3.2 The connections of the unit
The connections and switches of the router are located on the back panel:
26
Page 27
LANCOM 800+
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
LANCOM DSL/I-1611
Office
LANCOM DSL/I-10+
On/Off AC 12 V Reset 10/100Base-Tx Node/Hub Config (COM)
On/Off AC 12 V Reset 10/100Base-Tx Node/Hub Config (COM) ISDN/S
ISDN/S
0
EN
0
10Base-T WAN
Voltage switch
Connection for the included power adapter
Reset switch
10/100Base Tx LAN port
Node/Hub switch
Serial configuration port
ISDN/S
port
0
WAN port
Switch with four 10/100Base-Tx connections
The reset switch has two different functions depending on the length
of time that it is pressed:
27
Page 28
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
Restarting the device (soft reset) – push the button for less than five
seconds. The device will restart.
Resetting the configuration (hard reset) – push the button for more
than five seconds. All the device's LEDs will light up green and stay
on. As soon as the reset switch is released, the device will restart with
factory default settings.
EN
2.4 Hardware installation
The installation of the LANCOM router takes place in the following steps:
LAN – connect the LANCOM router to your LAN. For that purpose, plug
the included network cable (green plugs) into the LAN connector of the
device (LANCOM DSL/I-10+ and LANCOM DSL/I-1611 Office) or
(LANCOM DSL/I-10+) and the other end into a free network connecting
socket of your local network, e.g. into a free socket of a hub/switch. The
LAN connector identifies automatically the transfer rate (10/100 Mbps) of
the connected network device (autosensing). A parallel connection of
devices with different speeds and types is possible.
Alternatively you can connect an individual PC to the LANCOM router.
Shift the node/hub switch 5 of the LANCOM DSL/I-1611 Office to the 'hub'
position in this case. A LANCOM 800+ or LANCOM DSL/I-10+ identifies
automatically the type of the connected network device (node/hub).
You should never have more than one unconfigured LANCOM router
in a network segment at any given time. All unconfigured LANCOM
router devices use the same IP address (with the final digits '254'),
which would result in an address conflict. To avoid problems, always
configure multiple LANCOM router devices one at a time, immediately
assigning each device a unique IP address (one that does not end with
'254').821/1621 only
Not with LANCOM
800+
DSL – connect the WAN interface to the DSL modem socket using the
supplied DSL connector cable (dark blue plugs).
ISDN – to connect the LANCOM router to the ISDN, plug one end of the
supplied ISDN connector cable (light blue plugs) in the ISDN/S
of the router and the other end into an ISDN/S
point-to-point mode connection.
28
port
0
multi-device mode or
0
Page 29
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
Configuration port – you may optionally connect the router directly to
the serial port (RS-232, V.24) of a PC. Use the cable supplied for this purpose. Connect the configuration port with a free serial port of the PC.
Connect to power – Connect socket of the unit to a power supply
using the included power adapter.
Use the supplied power supply unit only! Using an unsuitable power
supply unit may cause damage or injury.
Operational? – After a short device self-test the Power LED will be per-
manently lit. Green LAN LEDs indicate the LAN sockets that have functioning connections.
PC for configuration with
serial interface
ISDN NT
Example configuration for
LANCOM DSL/I-10+
LAN
EN
2.5 Software installation
This section covers the installation of the included system software LANtools
for Windows.
splitterphone line ADSL modem
You may skip this section if you use your LANCOM router exclusively
with computers running operating systems other than Windows.
29
Page 30
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
2.5.1 Starting LANCOM setup
Place the LANCOM CD in your CD drive. The LANCOM setup program will start
automatically.
If the setup program does not start automatically, run AUTORUN.EXE
in the root folder of the LANCOM CD.
EN
In Setup select Install LANCOM Software. The following selection menus
will appear on the screen:
2.5.2 Which software should you install?
LANconfig is the configuration program for all LANCOM routers and
Wireless LAN access points. WEBconfig can be used alternatively or in
addition via a web browser.
LANmonitor lets you monitor on a Windows PC all LANCOM routers and
Wireless LAN access points.
LANCAPI is a special form of the CAPI-2.0 interface that all workstations
of the LAN need to get access to office communication functions as fax or
EuroFile transfer. With LANCAPI Dial-Up Networking Support, single
workstations can realize dial-up connections to an Internet provider via
LANCAPI. The CAPI fax modem makes you available a first class fax
driver.
30
Page 31
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 2: Installation
The LANCOM VPN Client enables a setting of VPN connections from a
remote workstation via Internet to a router with LANCOM VPN Option.
With LANCOM Online Documentation, you can copy the documenta-
tion files on your PC.
Select the appropriate software options and confirm your choice with Next.
The software is automatically installed.
EN
31
Page 32
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
3 Basic configuration
The basic configuration can be performed on a step-by-step basis using a
convenient setup wizard to guide you through the setup process and prompt
you for the required information.
First, this chapter will inform you which information is required for the basic
configuration. Use this section to assemble the information you will need
EN
before launching the wizard.
Next, enter the data in the setup wizard. Launching the wizard and the process itself are described step by step - with separate sections for LANconfig and
WEBconfig. Thanks to the information that you have collected in advance, the
basic configuration is quick and effortless.
At the end of this chapter we will show you the settings that are needed for
the LAN's workstations to ensure trouble-free access to the router (’TCP/IP
settings to workstation PCs’ →page 41).
3.1 Which information is necessary?
The basic configuration wizard will take care of the basic TCP/IP configuration
of the router, protect the device with a configuration password, and will set
up the ISDN connection if required. The following descriptions of the information required by the wizard are grouped in these three configuration sections:
TCP/IP settings
protection of the configuration
information on DSL connection
information on ISDN connection
configuring connect charge protection
3.1.1 TCP/IP settings
The TCP/IP configuration can be realized in two ways: either as a fully automatic configuration or manually. No user input is required for the fully automatic TCP/IP configuration. All parameters are set automatically by the setup
wizard. During manual TCP/IP configuration, the wizard will prompt you for
the usual TCP/IP parameters: IP address, netmask etc. (more on these topics
later).
Fully automatic TCP/IP configuration is only possible in certain network environments. The setup wizard therefore analyses the connected LAN to determine whether it supports fully automatic configuration.
32
Page 33
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
New LAN—fully automatic configuration possible
If all connected network devices are still unconfigured, the setup wizard will
suggest fully automatic TCP/IP configuration. This may be the case in the following situations:
a single PC is connected to the router
setup of a new network
Fully automatic TCP/IP configuration will not be available when integrating
the LANCOM router in an existing TCP/IP LAN. In this case, continue with the
section ’Information required for manual TCP/IP configuration’ →page 33.
The result of the fully automatic TCP/IP configuration: the router will be
assigned the IP address '172.23.56.1' (netmask '255.255.255.0'). In addition,
the integrated DHCP server will be enabled so that the LANCOM router can
automatically assign IP addresses to the devices in the LAN.
EN
Configure manually nevertheless?
The fully automatic TCP/IP configuration is optional. You may also select manual configuration instead. Make your selection after the following considerations:
Choose automatic configuration if you are not familiar with networks and
IP addresses.
Select manual TCP/IP configuration if you are familiar with networks and
IP addresses, and one of the following conditions is applicable:
You have not yet used IP addresses in your network but would like to
do so now. You would like to specify the IP address for your router,
selecting it from the address range reserved for private use, e.g.
'10.0.0.1' with the netmask '255.255.255.0'. At the same time you
will set the address range that the DHCP server uses for the other
devices in the network (provided that the DHCP server is switched on).
You have previously used IP addresses for the computers in your LAN.
Information required for manual TCP/IP configuration
During manual TCP/IP configuration, the setup wizard will prompt you for the
following information:
IP address and netmask for the LANCOM router
Assign a free IP address from the address range of your LAN to the
LANCOM router and specify the netmask.
33
Page 34
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
Enable DHCP server?
Disable the DHCP server function in the LANCOM router if you would like
to have a different DHCP server assign the IP addresses in your LAN.
3.1.2 Configuration protection
The password for configuration access to the LANCOM router protects the
configuration against unauthorized access. The configuration of the router
EN
contains a considerable amount of sensitive information such as your Internet
access information. We therefore strongly recommend protecting it with a
password.
The setup wizard for the basic configuration automatically disables remote
configuration access via ISDN, thus protecting your configuration against
tampering. ISDN remote configuration access can be enabled at any time
using the security wizard (see ’Have you permitted remote configuration?’
→page 69).
3.1.3 Settings for the DSL connection
For the WAN connection it may be necessary to enter the transfer protocol
being used. The wizard will e.g. automatically enter the correct settings for
major DSL providers. You only need to enter the protocol used by your access
provider if the wizard does not list your provider.
3.1.4 Settings for the ISDN connection
Set up the basic configuration of your ISDN connection if required. You will
need the following data:
One or more ISDN MSNs on which the router will accept calls. MSNs are
ISDN subscriber numbers that are assigned to you by your telephone provider. They are normally entered without an area code. These numbers are
only relevant for the router functions (LAN to LAN coupling, RAS), not for
remote configuration and LANCOM VPN Option.
A dialing prefix for access to the public telephone network. This is nor-
mally required only when using an ISDN PBX. '0' is the usual prefix. It is
used for all outgoing calls.
Finally, you should know whether your telephone provider transmits an
ISDN connect-charge pulse. This signal can be used by the LANCOM
router for connect-charge budgets and the accounting function.
34
Page 35
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
3.1.5 Connect charge protection
Connect charge protection blocks connections that go beyond a previously set
amount, protecting you from unexpectedly high connection costs.
In a LANCOM router, there are three independent budgets: For DSL access,
you can set a maximum connection time in minutes. In addition to this time
budget, there is also a budget for limiting ISDN connection charges.
In order for the limitations according to connect charge rates to function properly, it is necessary to enter the information for connect
charge rates through ISDN.
Any budget can be deactivated by entering the value '0'.
It is possible to completely turn off connect charge protection
Chapter 3: Basic configuration
EN
3.2 Instructions for LANconfig
Start up LANconfig by clicking Start Programs LANCOM
LANconfig
LANconfig automatically detects the new LANCOM router in the TCP/IP
network. Then the setup wizard starts that will help you make the basic
settings of the device or will even do all the work for you (provided a suitable network environment exists).
If the setup wizard does not start automatically, start a manual search
for new devices on all ports (if the LANCOM router is connected via a
serial port) or in the network (Device Find).
If you cannot access an unconfigured LANCOM router, the problem
may be due to the netmask of the LAN: with less than 254 possible
35
Page 36
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
hosts (netmask > '255.255.255.0'), please ensure that the IP address
'x.x.x.254' is located in your own subnet.
If you have chosen automatic TCP/IP configuration, please continue with
Step .
If you would like to configure the TCP/IP settings manually, assign an
available address from a suitable address range to the LANCOM router.
Confirm your choice with Next.
EN
Specify whether or not the router should act as a DHCP server. Make your
selection and confirm with Next.
In the following window, specify the password for configuration access.
Note that the password is case-sensitive and ensure that it is sufficiently
long (at least 6 characters).
In addition, you may specify whether the device may only be configured
from the local network or whether remote configuration via the WAN (i.e.
a remote network) is also permissible.
Please note that enabling this will also permit remote configuration
via the Internet. You should always make sure that the configuration
access is protected with a password.
In the next window, select your DSL provider from the list that is displayed.
If you select 'My provider is not listed here,' you must enter the transfer
protocol used by your DSL provider manually. Confirm your choice with
Next.
Enter the ISDN subscriber numbers (as MSNs, i.e. without area code) on
which the router will accept calls. Multiple numbers are separated by
semicolons. If you do not specify any MSNs, the router will answer all
incoming calls on the ISDN connection.
In addition, you can enter a trunk code for dialling into ISDN. Finally, you
should specify whether or not the tariff information is to be transmitted at
your ISDN connection. Confirm your choice with Next.
Connect charge protection can limit the cost of DSL and ISDN connections
to a predetermined amount if desired. Confirm your choice with Next.
Complete the configuration with Finish.
36
Page 37
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Section ’TCP/IP settings to workstation PCs’ auf Seite 41 will describe
the settings required for the individual workstations in the LAN.
3.3 Instructions for WEBconfig
To configure the router with WEBconfig you must know how to address it in
the LAN. The reaction of the devices, as well as their accessibility for configuration via web browser is dependent on whether a DHCP server and a DNS
server are already active in the LAN, and whether these two server processes
exchange the assignment of IP addresses to symbolic names within the LAN
between each other.
After powered on, unconfigured LANCOM devices check first, whether a DHCP
server is already active in the LAN. Dependent on the situation, the device is
able to switch on its own DHCP server or, alternatively, to activate its DHCP
client mode. In this second operating mode, the device itself can obtain an IP
address from a DHCP server already existing in the LAN.
Chapter 3: Basic configuration
EN
Network without DHCP server
In a network without DHCP server, unconfigured LANCOM devices activate
their own DHCP server service after starting, and assign appropriate IP
addresses and gateway information to the other workstations within the LAN,
provided that the workstations are set to obtain their IP address automatically
(auto-DHCP). In this constellation, the device can be accessed with any web
browser from each PC with activated auto-DHCP function through the name
LANCOM or by its IP address 172.23.56.254.
If the configuration PC does not obtain its IP address from the LANCOM DHCP
server, figure out the current IP address of this PC (with Start Execute
cmd and command ipconfig at the prompt under Windows 2000 or Windows
XP, with Start Execute cmd and the command winipcfg at the prompt
under Windows Me and Windows 9x, or with the command ifconfig on the
console under Linux). In this case, the LANCOM is reachable under the IP
37
Page 38
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
address x.x.x.254 ( “x” stands for the first three blocks in the IP address of
the configuration PC).
Network with DHCP server
If a DHCP server is active in the LAN to assign IP addresses, an unconfigured
LANCOM device will turn off its own DHCP server. It will change into DHCP
client mode and will obtain an IP address from the DHCP server of the LAN.
This IP address is not known at first. The accessibility of the device depends
EN
on the name resolution:
If there is a DNS server for name resolution in the LAN, which inter-
changes the assignment of IP addresses to names with the DHCP server,
then the device can be accessed by the name “LANCOM <MAC address>”
(e.g. “LANCOM-00a057xxxxxx”).
The MAC address can be found on a label at the bottom of the device.
If there is no DNS server in the LAN, or it is not linked to the DHCP server,
then the device can not be reached by the name. The following options
remain in this case:
Figure out the DHCP-assigned IP address of the LANCOM by suitable
tools and contact the device directly with this IP address.
Use LANconfig.
Connect a PC with a terminal program via the serial configuration
interface to the device.
Starting the wizards in WEBconfig
Start your web browser (e.g. Internet Explorer, Netscape Navigator,
Opera) and call the LANCOM router there:
http://<IP address of the LANCOM>
(or with a name as discribed above)
38
Page 39
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
If you cannot access an unconfigured LANCOM router, the problem
may be due to the netmask of the LAN: with less than 254 possible
hosts (netmask > '255.255.255.0'), please ensure that the IP address
'x.x.x.254' is located in your own subnet.
The WEBconfig main menu will be displayed:
EN
If you have chosen automatic TCP/IP configuration, please continue with
Step .
If you would like to configure the TCP/IP settings manually, assign an
available address from a suitable address range to the LANCOM router.
Also set whether or not it is to operate as a DHCP server. Confirm your
entry with Apply.
The setup wizards are tailored precisely to the functionality of the specific LANCOM router. As a result, your device may offer different wizards than those shown here.
39
Page 40
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
In the following 'Security settings' window, specify a password for config-
uration access. Note that the password is case-sensitive and ensure that
it is sufficiently long (at least 6 characters).
You may specify whether the device may only be configured from the local
network or whether remote configuration via the WAN (i.e. a remote network) is also permissible.
EN
Please note that enabling this will also permit remote configuration
via the Internet. You should always make sure that the configuration
access is suitably protected, e.g. with a password.
Remote configuration via a direct ISDN connection is available independently of the WAN remote configuration: in this case, the configuration PC
establishes a direct dial-up ISDN connection to the LANCOM router, for
example using Windows Dial-Up Networking. ISDN remote configuration
can be enabled by specifying an MSN/terminal device selection digit for
it. In this case, the LANCOM router will accept calls on that MSN/terminal
device selection digit and can be remotely configured via the ISDN connection.
Confirm your selection with Apply.
In the next window, select your DSL provider from the list that is displayed.
Confirm your choice with Apply.
If you select 'My provider is not listed here,' you must enter the transfer
protocol used by your DSL provider manually in the next window. Confirm
your choice with Apply.
Entering the password in the web browser
When you are prompted for a user name and password
by your web browser when accessing the device in the
future, enter your personal values to the corresponding
fields. Please note that the password is case-sensitive.
If you are using the common configuration account,
enter the corresponding password only. Leave the user
name field blank.
Entering the configuration password
40
Page 41
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
Connect charge protection can limit the cost of DSL and ISDN connections
to a predetermined amount if desired. Confirm your choice with Apply.
If your devices does not feature an ISDN port, you may now close the
setup wizard. Otherwise the wizard will prompt you to configure the ISDN
port now. Make your choice and confirm it with Apply.
Enter the ISDN subscriber numbers (as MSNs, i.e. without area code) on
which the router will accept calls. Multiple numbers are separated by
semicolons. If you do not specify any MSNs, the router will answer all
incoming calls on the ISDN connection.
In addition, you can enter a trunk code for dialling into ISDN. Finally, you
should specify whether or not the tariff information is to be transmitted at
your ISDN connection. Confirm your entries with Apply.
The basic setup wizard reports that all the necessary information has been
provided. You can end the wizard with Go on.
EN
3.4 TCP/IP settings to workstation PCs
The correct addressing of all devices within a LAN is extremely important for
TCP/IP networks. In addition, all computers must know the IP addresses of two
central points in the LAN:
Default gateway – receives all packets that are not addressed to comput-
ers within the local network.
DNS server – translates network names (www.lancom.de) or names of
computers (www.lancom.de) to actual IP addresses.
The LANCOM router can perform the functions of both a default gateway and
a DNS server. In addition, as a DHCP server it can also automatically assign
valid IP addresses to all of the computers in the LAN.
The correct TCP/IP configuration of the PCs in the LAN depends on the method
used to assign IP addresses within the LAN:
IP address assignment via the LANCOM router (default)
In this operating mode the LANCOM router not only assigns IP addresses
to the PCs in the LAN, it also uses DHCP to specify its own IP address as
that of the default gateway and DNS server. The PCs must therefore be
configured so that they automatically obtain their own IP address and the
IP addresses of the standard gateway and DNS server (via DHCP).
41
Page 42
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 3: Basic configuration
IP address assignment via a separate DHCP server
The workstation PCs must be configured so that they automatically obtain
their own IP address and the IP addresses of the standard gateway and
DNS server (via DHCP). The IP address of the LANCOM router must be
stored on the DHCP server so that the DHCP server transmits it to the PCs
in the LAN as the standard gateway. In addition, the DHCP server should
also specify the LANCOM router as a DNS server.
EN
Manual IP address assignment
If the IP addresses in the network are assigned static ally, then for each PC
the IP address of the LANCOM router must be set in the TCP/IP configuration as the standard gateway and as a DNS server.
For further information and help on the TCP/IP settings of your
LANCOM router, please see the reference manual. For more information on the network configuration of the workstation computers,
please refer to the documentation of your operating system.
42
Page 43
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 4: Setting up Internet access
4 Setting up Internet access
All computers in the LAN can take advantage of the central Internet access of
the LANCOM router. The connection to the Internet provider can be established via any WAN connection. Internet access via ISDN can be used as a
backup connection for DSL, for example.
DSL or ISDN
connection
EN
Internet
LANCOM router
router in the LAN of
the Internet provider
Does the setup wizard know your Internet provider?
A convenient wizard is available to help you set up Internet access. The wizard
knows the access information of major Internet providers and will offer you a
list of providers to choose from. If you find your Internet service provider on
this list, you normally will not have to enter any further transfer parameters to
configure your Internet access. Only the authentication data that are supplied
by your provider are required.
Additional information for unknown Internet providers
If the setup wizard does not know your Internet provider, it will prompt you
for all of the required information step by step. Your provider will supply this
information.
DSL
Protocol: PPPoE, PPTP or Plain Ethernet
Additionally for Plain Ethernet: own public IP address with netmask
User name and password
(not to be confused with the private LAN IP address), default gateway
and DNS server. These values can be received automatically from providers that support DHCP.
43
Page 44
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 4: Setting up Internet access
ISDN – dial-in number
User name and password
Additional connection options
You may also enable or disable further options in the wizard, depending on
whether or not they are supported by your Internet provider:
Time-based billing or flat rate – select the accounting model used by your
EN
Internet provider.
When using time-based billing, you can set the LANCOM router to
automatically close existing connections if no data has been transferred within a specified time (the so-called idle time).
In addition, you can activate a line monitor that identifies inactive
remote stations faster and therefore can close the connection before
the idle time has elapsed.
Active line monitoring can also be used with flat rate billing to con-
tinuously check the function of the remote station.
You also have the option of keeping flat rate connections alive if
required. Dropped connections are then automatically re-established.
Dynamic channel bundling (ISDN only)
if required, the second ISDN B-channel will automatically be bundled
to the connection. This doubles the available bandwidth; it may also
double your connect charges as well, however. What's more, your
ISDN connection will be busy in this case, with all other incoming and
outgoing calls being rejected.
Data compression
this permits an additional increase in data throughput.
44
Page 45
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
4.1 Instructions for LANconfig
Highlight the LANCOM router in the selection window. From the menu
bar, select Tools Setup Wizard.
From the menu, select the Setup Internet access wizard and click Next.
Chapter 4: Setting up Internet access
EN
In the following window select your country and your Internet provider if
possible, and enter your access information.
Depending on their availability, the wizard will display additional options
for your Internet connection.
The wizard will inform you as soon as the entered information is complete.
Complete the configuration with Finish.
LANconfig:
Quick access to the setup wizards
Under LANconfig, the fastest way to launch the
setup wizards is via the button on the toolbar.
4.2 Instructions for WEBconfig
In the main menu, select Setup Internet access.
In the following window select your country and your Internet provider if
possible, and enter your access information.
Depending on their availability, the wizard will display additional options
for your Internet connection.
The wizard will inform you as soon as the entered information is complete.
Complete the configuration with Apply.
45
Page 46
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 5: Linking two networks
5 Linking two networks
With the network interconnection (also known as LAN to LAN coupling) of the
LANCOM router, two local networks are linked. The LAN to LAN coupling can
be realized in principle in two different ways:
LANCOM DSL/I1611 Office only
EN
VPN: For coupling via VPN, the connection between both LANs is estab-
lished over a specially secured connection through the public Internet. A
router with VPN support is required in both LANs.
ISDN: For coupling via ISDN, a direct connection between both LANs is
established over an ISDN connection. A router with ISDN interface is
required in both LANs.
Always configure both sides
Both routers involved in the network interconnection must be configured.
Care must be taken to ensure that the configuration information provided
matches.
The following instructions will assume that LANCOM router devices
are being used on both sides. A network interconnection may also be
realized with routers from other manufacturers. A mixed setup usually
requires more extensive configuration measures for both devices,
however. Please refer to the reference manual for more information in
this regard.
46
A setup wizard handles the configuration of the connection in the usual convenient manner.
Security aspects
You must, of course, protect your LAN against unauthorized access. A
LANCOM router therefore offers a whole range of security mechanisms that
can provide an outstanding level of protection:
VPN: Network couplings via VPN transmit data by IPSec. The data are
encrypted by AES, 3-DES, Blowfish or CAST encryption algorithms.
ISDN: For network couplings via ISDN, the connection password, the
checking of the ISDN number and the callback function ensure the security of the connection.
Page 47
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 5: Linking two networks
The ISDN call back function cannot be configured using the wizard. It
can only be set up in the expert configuration. For details, please see
the reference manual.
5.1 What information is necessary?
The wizard will prompt you for the necessary information on a step-by-step
basis. If possible, however, you should have it available before launching the
wizard.
To explain the significance of the information requested by the wizard, we will
be using a typical deployment as an example: setting up a link between a
branch office and its headquarters. The routers involved are named
'HEAD_OFFICE' and 'BRANCH'.
EN
Please refer to the following tables for the entries to be made for each of the
routers. Arrows mark the dependencies between the entries.
5.1.1 General information
The following details are required for the installation of LAN to LAN couplings.
The first column indicates, whether the information is required for VPN and/
or ISDN network couplings.
Coupling Entry Gateway 1 Gateway 2
VPN ISDN connection available? yes/no yes/no
VPN Type of the local IP address static/dynamic static/dynamic
VPN Type of the remote IP address static/dynamic static/dynamic
VPN + ISDN Name of the local device 'HEAD' 'BRANCH'
VPN + ISDN Name of the remote station 'BRANCH' 'HEAD'
VPN + ISDN Remote ISDN calling number (0123) 123456 (0789) 654321
VPN + ISDN Remote ISDN caller ID (0789) 654321 (0123) 123456
VPN + ISDN Password for secure transmission of the IP
address
VPN Shared secret for encryption 'Secret' 'Secret'
VPN IP address of remote station '10.0.2.100' '10.0.1.100'
VPN IP network address of the remote network '10.0.2.0' '10.0.1.0'
'Password' 'Password'
47
Page 48
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 5: Linking two networks
Coupling Entry Gateway 1 Gateway 2
VPN Netmask of the remote network 255.255.255.0 255.255.255.0
VPN Domain name of the remote network 'head' 'branch'
VPN Hide local stations for access to remote net-
work (Extranet VPN)?
ISDN TCP/IP routing for access to remote network yes/no yes/no
ISDN IPX routing for access to remote network yes/no yes/no
EN
VPN + ISDN NetBIOS routing for access to remote net-
work?
VPN + ISDN Name of remote workgroup (NetBIOS only) 'workgroup1' 'workgroup2'
ISDN Data compression on/off on/off
ISDN Channel bundling on/off on/off
yes/no yes/no
yes/no yes/no
In case your device has an ISDN connection, the wizard asks whether the
remote site has ISDN as well.
The type of IP address must be stated for both sides for VPN connections
via the Internet. There are two types of IP addresses: static and dynamic.
An explanation of the two IP address types can be found in the reference
manual.
Thanks to Dynamic VPN, connections can be enabled not only
between gateways with fixed, static IP addresses, but even between gateways with dynamic IP addresses. The active initiation of VPN connections towards remote sites with dynamic IP addresses requires ISDN.
If you haven't already named your LANCOM router, the wizard will ask you
for a new, unique device name. With this entry, you will rename your
LANCOM router. Be sure to give the two devices different names.
The name of the remote station is needed for its identification.
Enter the subscriber number of the remote station in the ISDN subscriber
number field. The complete subscriber number including all necessary
area and country codes is required.
The stated ISDN caller ID is used to identify and authenticate callers.
When a LANCOM router receives a call, it compares the ISDN caller ID
entered for the remote station with the actual caller ID transferred via the
D channel. An ISDN caller ID generally consists of an area code and an
MSN.
48
Page 49
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
The password for the ISDN connection is an alternative to the use of
the ISDN caller ID. It is always used to authenticate callers that do not
send an ISDN caller ID. The exact same password must be entered on both
sides. It is used for calls in both directions.
The Shared Secret is the central password for security within the VPN.
The exact same password has to be entered on both sides
Data compression increases the transfer speed of the connection at no
additional cost. This is completely unlike the bundling of two ISDN- channels with MLPPP (Multi Link PPP): The transfer rate will be doubled but
there will also be additional telephone costs for two connections.
5.1.2 Settings for the TCP/IP router
In TCP/IP networks, addressing has a special significance. Please note that
two interconnected networks are logically separate from one another. Each
must therefore have its own network number (in our example, '10.0.1.x' and
'10.0.2.x'). These network numbers may not be identical.
Chapter 5: Linking two networks
EN
'server.head.company'
'pc1.branch.comany
10.0.2.10
10.0.1.2
10.0.1.100
(0123) 123456
LAN of head office.
IP: 10.0.1.0,
Netmask: 255.255.255.0
Domain: 'head.company'
VPN or ISDN
connection
10.0.2.100
(0789) 654321
LAN of branch office.
IP: 10.0.2.0,
Netmask: 255.255.255.0
Domain: 'branch.company'
Unlike when accessing the Internet, all of the IP addresses in the involved networks are visible on the remote side when coupling networks, not just those
of the router. The computer with the IP address 10.0.2.10 in the branch office
LAN sees the server 10.0.1.2 in the headquarters and can access it (assuming
it has the appropriate rights), and vice versa.
49
Page 50
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 5: Linking two networks
DNS access to the remote LAN
Thanks to DNS, it is not only possible to access remote computers in a TCP/IP
network via their IP address, but also by using freely defined names.
For example, the computer with the name 'pc1.branch.company' (IP
10.0.2.10) will not only be able to access the server of the head office via its
IP address, but also via its name, 'server.head.company'. The only precondition: the domain of the remote network in the wizard must be specified.
EN
The domain can only be specified in the LANconfig wizard. In
WEBconfig, enter the appropriate information later in the expert configuration. For more information, see the LANCOM reference manual.
Extranet VPN
Finally, one can decide whether access to local stations is permitted. In this
'Extranet VPN' operating mode, the IP stations do not expose their IP address
to the remote LAN, rather they will be hidden behind the VPN gateway's IP
address instead.
Therefore, the stations within the remote LAN cannot access IP stations in the
other LAN directly. For example, if a headquarters. LAN in 'Extranet VPN'
mode is hidden behind its gateway's address '10.10.2.100', and on of its IP
stations (e.g. '10.10.2.13') accesses the IP station '10.10.1.2' of the branch
office, then the branch office.s IP stations deems to be a accessed by
'10.10.2.100'. The true IP address of the accessor ('10.10.2.13') is hidden.
If two LANs shall be coupled in Extranet mode, please ensure to enter the
'outbound' Extranet IP address of the remote site, not its Intranet address.
According to the example, this was '10.10.2.100'. The appropriate netmask
for the Extranet IP address would be '255.255.255.255' then.
5.1.3 Settings for the IPX router
Coupling two typical IPX networks to form a WAN requires three IPX network
numbers:
for the LAN of the head office
50
The coupling of IPX networks via VPN cannot be configured using the
wizard. It can only be set up in the expert configuration. For details,
please see the reference manual.
Page 51
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 5: Linking two networks
for the LAN of the branch office
for the higher-level WAN
The IPX network numbers in the head and branch offices are specified to the
respective remote sides.
IPX internal net:
00020002
WAN
IPX network no.:
00000009
VPN or ISDN
connection
EN
(0123) 123456
LAN of the head office
IPX network no.: 00000001
Binding: Ethernet_II
The three required network numbers are designated as “External Network
Numbers” by the IPX conventions. Like IP network addresses, the apply to an
entire LAN segment. On the other hand, internal IPX numbers are used to
address specific Novell servers in the LAN. All three specified network numbers must be distinct from one another and from all used internal IPX network
numbers.
In addition, it may be necessary to enter the frame type (“binding”).
Specifying the IPX network number and binding used is not necessary if the
remote network also contains a Novell server. It is only necessary to enter the
network number for the WAN manually in this case.
5.1.4 Settings for NetBIOS routing
NetBIOS routing can be set up quickly: All that is required in addition to the
information for the TCP/IP protocol used is the name of a Windows workgroup
from in the router's own LAN.
(0789) 654321
LAN of the branch office
IPX network no.: 00000002
Binding: Ethernet_II
51
Page 52
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 5: Linking two networks
Remote Windows workgroups do not appear in the Windows Network
Neighbourhood, but can only be contacted directly (e.g. via Find
Computers).
5.2 Instructions for LANconfig
Perform the configuration on both routers, one at a time.
EN
Launch the 'Connect two local area networks' wizard. Follow the wizard's
instructions and enter the required information.
52
The wizard will return a message to indicate that it has all the information
it needs. Close the wizard with Finish.
After finishing the configuration of both routers, you can test the network
connection. Try to contact a computer in the remote LAN (e.g. with a
ping
). The LANCOM router should automatically set up a connection to
the remote station and contact the required computer.
5.3 Instructions for WEBconfig
Under WEBconfig, the coupling of networks via VPN cannot be configured using the wizard. It can only be set up in the expert configuration. For details, please see the reference manual.
Perform the configuration on both routers, one at a time.
Page 53
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
From the main menu, launch the 'Connect two local area networks' wiz-
ard. Follow the wizard's instructions and enter the required information.
The wizard will return a message to indicate that it has all the information
it needs. Close the wizard with Terminate.
After finishing the configuration of both routers, you can test the network
connection. Try to contact a computer in the remote LAN (e.g. with a
ping
). The LANCOM router should automatically set up a connection to
the remote station and contact the required computer.
Ping – quick testing for TCP/IP connections
Chapter 5: Linking two networks
EN
To test a TCP/IP connection, simply send a
ping
from your computer to a computer in the
remote network. For more information on the 'ping' command, please see the documentation
of your operating system.
IPX and NetBIOS connection can be
tested by searching for a remote Novel
Server or a computer in the remote Windows workgroup from your computer.
53
Page 54
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 6: Providing dial- in access
6 Providing dial-in access
Your LANCOM router supports dial-in connections to permit individual computers full access to your network. This service is also known as RAS (Remote
Access Service). In principle, the RAS access can be realized in two different
ways:
LANCOM DSL/I1611 Office only
EN
VPN: For a RAS access via VPN, the connection between the LAN and the
dial-in PC is established over a specially secured connection through the
public Internet. The router in the LAN requires VPN support, the dial-in PC
an access to the Internet and the LANCOM VPN Client.
ISDN: For a RAS access via ISDN, a direct connection between the LAN
and the dial-in PC is established over an ISDN dial-up connection. The
router in the LAN requires an ISDN interface, the dial-up PC an ISDN
adapter or an ISDN modem. The data transfer protocol is PPP. Therefore,
the support of all usual devices and operating systems is ensured.
A setup wizard handles the configuration of the dial-in connection in the
usual convenient manner.
Security aspects
You must, of course, protect your LAN against unauthorized access. A
LANCOM router therefore offers a whole range of security mechanisms that
can provide an outstanding level of protection:
VPN: Network couplings via VPN transmit data by IPSec. The data are
encrypted by AES, 3-DES, Blowfish or CAST encryption algorithms.
ISDN: For network couplings via ISDN, the connection password, the
checking of the ISDN number and the callback function ensure the security of the connection.
6.1 Which information is required?
The wizard will set up dial-up access for only one user. Please run the wizard
again for each additional user.
54
The ISDN call back function cannot be configured using the wizard. It
can only be set up in the expert configuration. For details, please see
the reference manual.
Page 55
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
6.1.1 General information
The following entries are required to set up a RAS connection. The first column
indicates whether the information is required for a VPN and/or an ISDN connection. .
Coupling Entry
VPN + ISDN User name
VPN + ISDN Password
VPN Shared secret for encryption
VPN Hide local stations for access to remote network (Extranet VPN)?
ISDN Incoming number of remote station
ISDN TCP/IP routing for access to remote network
Chapter 6: Providing dial- in access
EN
ISDN IPX routing for access to remote network
VPN + ISDN IP addresses for the dial-up PCs: static or dynamic by address range (IP
address pool)
VPN + ISDN NetBIOS routing for access to remote network?
VPN + ISDN Name of remote workgroup (NetBIOS only)
Notes to the individual values:
User name and password: Users authenticate themselves with this
information when dialling in.
Incoming number: The LANCOM router uses the optional ISDN caller ID
as an additional user authentication. This security function should not be
used when users dial in from differing locations.
Please refer to chapter ’Linking two networks’ →page 46 for advice
about the other values required for the installation of a RAS access.
The ISDN calling line identity (CLI)
The ISDN caller ID—also known as CLI (Calling Line Identity)—this is the telephone number
of the caller which is transmitted to the participant receiving the call. As a rule, it consists of
the country and area codes and an MSN.
The CLI is well-suited for authentication purposes for two reasons: it is very difficult to manipulate, and the number is transferred free of charge via the ISDN control channel (D-channel).
55
Page 56
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 6: Providing dial- in access
6.1.2 Settings for TCP/IP
Each active RAS user must be assigned an IP address when using the TCP/IP
protocol.
LAN of the head office.
IP: 10.0.1.0
EN
Remote
workstation
IP:
10.0.1.101
VPN or ISDN
10.0.1.100
(0123) 123456
connection
User: 'SAMPLE'
(0123) 777888
ISDN adapter
This IP address can be permanently assigned when setting up a user. However,
it is simpler to let the LANCOM router automatically assign free IP addresses
to users when they dial in. In this case you only need to specify the IP address
range that the LANCOM router should use for RAS users.
During both manual and automatic IP address assignment, please ensure that
only free addresses from the address range of your local network are used. In
our example, the IP address '10.0.1.101' will be assigned to the PC when connecting.
This IP address makes the computer a fully-fledged member of the LAN: with
the appropriate rights, it can access all of the other devices in the LAN. The
same applies in the other direction as well: computers in the LAN will also be
able to access the remote machine.
6.1.3 Settings for IPX
Two IPX network numbers must be provided for remote access to an IPX network:
the IPX network number of the head office
an additional IPX network number for the higher-level WAN
56
Page 57
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 6: Providing dial- in access
IPX internal net:
00020002
WAN
IPX network no.:
00000009
VPN or ISDN
connection
(0123) 123456
LAN of the head office
IPX network no.: 00000001, Binding: Ethernet_II
User: 'SAMPLE'
(0123) 777888
Remote
workstation
ISDN adapter
The required network numbers are designated as “External Network Numbers”. Like IP network addresses, they apply to an entire LAN segment. On the
other hand, internal IPX numbers are used to address specific Novell servers
in the LAN. All three specified network numbers must be distinct from one
another and from all used internal IPX network numbers.
In addition, it may be necessary to enter the frame type (“binding”).
Specifying the IPX network number and binding used is not necessary if the
remote network also contains a Novell server. A network number for the WAN
must also be entered manually in this case, however.
EN
6.1.4 Settings for NetBIOS routing
All that is required to use NetBIOS is the name of a Windows workgroup from
the router's own LAN.
The connection is not established automatically. The RAS user must
manually establish a connection to the LANCOM router via Dial-Up
Networking first. When connected, they can search for and access
computers in the remote network (via Find Computers, not
through the Network Neighbourhood).
57
Page 58
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 6: Providing dial- in access
6.2 Settings for the dial-in computer
6.2.1 Dial-up via VPN
For dialing into a network via VPN a workstation requires:
an Internet access
a VPN client
EN
LANCOM Systems offers a 30 days trial version of the LANCOM Advanced VPN
Client on the LANCOM CD. A detailed description of the LANCOM Advanced
VPN Client and a description of its installation can also be found on the CD.
For configuring a new profile, select the option 'LANCOM Advanced VPN
Client' in the configuration wizard.
The wizard asks then for the values that have been defined during the installation of the RAS access in the LANCOM router.
6.2.2 Dial-up via ISDN
A number of settings must be configured on the dial-in computer. These are
briefly listed here, based on a Windows computer:
Dial-Up Networking (or another PPP client) must be correctly configured
Network protocol (TCP/IP, IPX) installed and bound to the dial-up adapter
New connection in Dial-Up Networking with the call number of the router
Terminal adapter or ISDN card set to PPPHDLC
PPP selected as the Dial-Up server type, 'Enable software compression'
and 'Require data encryption' unchecked
Select desired network protocols (TCP/IP, IPX)
58
Page 59
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Additional TCP/IP settings:
Assignment of IP address and name server address enabled
'IP header compression' disabled
These settings will permit a PC to dial into a remote LAN via ISDN and access
its resources in the usual manner.
6.3 Instructions for LANconfig
Launch the 'Provide Dial-In access (RAS)' wizard. Follow the wizard's
instructions and enter the required information.
Chapter 6: Providing dial- in access
EN
The wizard will return a message to indicate that it has all the information
it needs. Close the wizard with Finish.
Configure Dial-Up Networking access on the dial-in PC as described.
Next, test the connection (see box ’Ping – quick testing for TCP/IP connections’ →page 53).
6.4 Instructions for WEBconfig
RAS access via VPN cannot be configured using the wizard under
WEBconfig yet. It can only be set up in the expert configuration. For
details, please refer to the reference manual.
From the main menu, launch the 'Connect two local networks' wizard.
Follow the wizard's instructions and enter the required information.
59
Page 60
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 6: Providing dial- in access
Configure Dial-Up Networking access on the dial-in PC as described.
Next, test the connection (see box ’Ping – quick testing for TCP/IP connections’ →page 53).
EN
60
Page 61
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 7: Sending faxes with LANCAPI
7 Sending faxes with LANCAPI
LANCAPI from LANCOM Systems is a special version of the popular CAPI interface. CAPI (Common ISDN Application Programming Interface) establishes the
connection between ISDN adapters and communications programs. For their
part, these programs provide the computers with office communications functions such as a fax machine or answering machine.
The main advantages of using LANCAPI are economic. LANCAPI provides all
Windows workstations integrated in the LAN (local-area network) with unlimited access to office communications functions such as fax machines, answering machines, online banking and eurofile transfer. All functions are supplied
via the network without the necessity of additional hardware at each individual workstation, thus eliminating the costs of equipping the workstations with
ISDN adapters or modems. All you need do is install the office communications software on the individual workstations.
PCs with fax software
fax
ISDN
ISDN adapter
With LANCAPI by LANCOM it is possible to send faxes comfortably from your
workstation PC, without having connected a fax device. To do so, you need to
install several components:
EN
the LANCAPI client. It provides the connection between your worksta-
tion PC and the LANCAPI server.
the CAPI fax modem. This tool simulates a fax device on your worksta-
tion PC.
the MS Windows fax service. This is the interface between the fax appli-
cations and the virtual fax.
The installation of the LANCAPI client is described in the reference manual.
This chapter shows the installation of LANCOM CAPI fax modem and MS
Windows fax service.
61
Page 62
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 7: Sending faxes with LANCAPI
7.1 Installation of the LANCOM CAPI fax modem
Select the entry Install LANCOM software in the setup program of your
LANCOM CD.
Highlight the option CAPI fax modem, click Next and follow the instruc-
tions of the installation routine.
EN
62
Page 63
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 7: Sending faxes with LANCAPI
When the installation was successful, the LANCOM CAPI fax modem is
entered into the Phone and Modem Options of the control panel.
EN
7.2 Installation of the MS Windows fax service
Select the option Printers and Faxes from the control panel.
Select the option Set up faxing from the window ’Printers and Fax’. Fol-
low, if necessary, the instructions of the installation tool. Into the recent
window, an icon will appear for the newly installed fax printer.
63
Page 64
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 7: Sending faxes with LANCAPI
For checking the installation, click with the right mouse button on the fax-icon
and select Properties. The LANCOM CAPI fax modem should now be
entered into register 'devices'.
7.3 Sending a fax
After installing all required components, you have several possibilities to send
a fax from your workstation PC. If you have already an existing data file, you
EN
7.3.1 Send a fax with any given office application
can send it directly from your respective application. If you only want to send
a short message, select the MS Windows fax service. You can use of course
any other fax software alternatively.
Open as usual a document in your office application and select the menu
item File/Print.
Adjust the fax device as printer.
Click on OK. A wizard appears, that will guide you through the remaining
sending process.
7.3.2 Send a fax with the MS Windows fax service
Open the window ’Printers and Faxes’ from the control panel.
Double click with the left mouse button the icon of the fax device.
64
Page 65
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 7: Sending faxes with LANCAPI
The fax client console will open. Select the menu item Send a Fax. A wiz-
ard will assist you through the remaining sending process.
EN
65
Page 66
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 8: Security settings
8 Security settings
Your LANCOM router has numerous security functions. You find in this chapter
all information you need for an optimal protection.
8.1 The security settings wizard
Access to the configuration of a device permits not only to read out critical
EN
information such as WEP key or Internet password. Rather, also the entire settings of the security functions (e.g. firewall) can be altered then. So an unauthorized configuration access endangers not only a single device, but the
entire network.
Your LANCOM router has a password protection for the configuration access.
This protection is already activated during the basic configuration by entering
a password.
The device locks access to its configuration for a specified period of time after
a certain number of failed log-in attempts. Both the number of failed attempts
and the duration of the lock can be set as needed. By default, access is locked
for a period of five minutes after the fifth failed log-in attempt.
8.1.1 Wizard for LANconfig
Mark your LANCOM router in the selection window. Select from the com-
mand bar Extras Setup Wizard.
Select in the selection menu the setup wizard Control Security Settings
and confirm your choice with Next.
Enter your password in the following windows and select the allowed pro-
tocols for the configuration access from local and remote networks. Additionally, enter the MSN for remote configuration via ISDN.
66
Page 67
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 8: Security settings
In a next step parameters of the configuration lock like number of failed
log-in attempts and the duration of the lock can be adjusted.
Now activate Stateful Inspection, ping-blocking and Stealth mode in the
the firewall configuration.
The wizard will inform you when entries are complete. Complete the con-
figuration with Finish.
8.1.2 Wizard for WEBconfig
Under WEBconfig you have the possibility to run the wizard Security settings
to control and change the settings. The following values are handled:
password for the device
allowed protocols for the configuration access of local and remote net-
works
the MSN for remote configuration via ISDN
parameters of configuration lock (number of failed log-in attempts and
duration of the lock)
8.2 The firewall wizard
The LANCOM router incorporates an effective protection of your LAN and
WLAN when accessing the Internet by its Stateful Inspection firewall and its
firewall filters. Basic idea of the Stateful Inspection firewall is that only selfinitiated data transfer is considered allowable. All unasked accesses, which
were not initiated from the local network, are inadmissible.
EN
The firewall wizard assists you to create new firewall rules quickly and comfortably.
Please find further information about the firewall of your LANCOM router and
about its configuration in the reference manual.
8.2.1 Wizard for LANconfig
The firewall wizard assists you to create new firewall rules quickly and comfortably .
67
Page 68
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 8: Security settings
Mark your LANCOM router in the selection window. Select from the com-
mand bar Extras Setup Wizard.
EN
Select in the selection menu the setup wizard Configuring Firewall and
confirm your choice with Next.
In the following windows, select the services/protocols the rule should be
related to. Then you define the source and destination stations for this rule
and what actions will be executed when the rule will apply to a data
packet.
You finally give a name to the new rule, activate it and define, whether
further rules should be observed when the rule will apply to a data packet.
The wizard will inform you as soon as the entries are complete. Complete
the configuration with Finish.
8.2.2 Configuration under WEBconfig
Under WEBconfig it is possible to check and modify all parameters related to
the protection of the Internet access under Configuration Firewall / QoS
Rules Rule Table.
8.3 The security checklist
The following checklist provides a comprehensive overview of all security settings for professionals. Most of the points on this checklist are no subject of
concern in simple configurations, since these generally adequate security settings are already implemented during basic configuration and by the security
wizard.
68
Detailed information on the security settings listed here can be found
in the reference manual.
Page 69
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 8: Security settings
Have you assigned a password for the configuration?
The simplest option for the protection of the configuration is the establishment of a password. As long as a password hasn't been set, anyone
can change the configuration of the device. The field for entering the
password is contained in LANconfig in the 'Management' configuration
area on the 'Security' tab. It is particularly required to assign a password
to the configuration if you want to allow remote configuration.
Have you permitted remote configuration?
If you do not require remote configuration, then deactivate it. If you
require remote configuration, then be sure to assign a password protection for the configuration (see previous section). The field for deactivating
the remote configuration is also contained in LANconfig in the 'Management' configuration area on the 'Security' tab. Select here under 'Access
rights - of remote networks' for all types of configuration the option 'not
allowed'.
Have you provided the SNMP configuration with a password?
Also protect the SNMP configuration with a password. The field for protection of the SNMP configuration with a password is also contained in
LANconfig in the 'Management' configuration area on the 'Security' tab.
Have you activated the Firewall?
The Stateful Inspection Firewall of the LANCOM ensures that your local
network cannot be attacked from the outside . The Firewall can be enabled in LANconfig under ’Firewall/QoS’ on the register card ’General’.
Do you make use of a ’Deny All’ Firewall strategy?
EN
For maximum security and control you prevent at first any data transfer
through the Firewall. Only those connections, which are explicitly desired
have to allowed by the a dedicated Firewall rule then. Thus ’Trojans’ and
certain Email viruses loose their communication way back. The Firewall
rules are summarized in LANconfig under ’Firewall/Qos’ on the register
card ’Rules’.
Have you activated the IP masquerading?
IP masquerading is the hiding place for all local computers for connection
to the Internet. Only the router module of the unit and its IP address are
visible on the Internet. The IP address can be fixed or assigned dynamically by the provider. The computers in the LAN then use the router as a
gateway so that they themselves cannot be detected. The router separates
Internet and intranet, as if by a wall. The use of IP masquerading is set
69
Page 70
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 8: Security settings
individually for each route in the routing table. The routing table can be
found in the LANconfig in the 'IP router' configuration section on the
'Routing' tab.
Have you excluded certain stations from access to the router?
Access to the internal functions of the devices can be restricted using a
special filter list. Internal functions in this case are configuration sessions
via LANconfig, WEBconfig, Telnet or TFTP. This table is empty by default
EN
and so access to the router can therefore be obtained by TCP/IP using Telnet or TFTP from computers with any IP address. The filter is activated
when the first IP address with its associated network mask is entered and
from that point on only those IP addresses contained in this initial entry
will be permitted to use the internal functions. The circle of authorized
users can be expanded by inputting further entries. The filter entries can
describe both individual computers and whole networks. The access list
can be found in LANconfig in the 'TCP/IP' configuration section on the
'General' tab.
Have you closed critical ports with filters?
The firewall filters of the LANCOM router devices offer filter functions for
individual computers or entire networks. Source and target filters can be
set for individual ports or for ranges of ports. In addition, individual protocols or any combinations of protocols (TCP/UDP/ICMP) can be filtered.
It is particularly easy to set up the filters with LANconfig. The 'Rules' tab
under 'Firewall/QoS' can assist you to define and change the filter rules.
Is your saved LANCOM router configuration stored in a safe place?
Protect the saved configurations against unauthorized access in a safe
place. A saved configuration could otherwise be loaded in another device
by an unauthorized person, enabling, for example, the use of your Internet connections at your expense.
70
Page 71
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 9: Troubleshooting
9Troubleshooting
In this chapter, you will find suggestions and assistance for a few common difficulties.
9.1 No WAN connection is established
After start-up the router automatically attempts to connect to the access provider. During this process, the Online LED will blink green. If successful, the
LED will switch over to steady green. If, however, the connection can't be
established, the Online LED will light up red.
For LANCOM 800+ and LANCOM DSL/I-10+only. For LANCOM DSL/I1611 Office please refer to the LED description (’LEDs for LANCOM
DSL/I-1611 Office’ →page 22).
EN
The reason for this is usually one of the following:
Problems with the cabling?
Only the cable provided with your device should be used to connect to the
WAN. This cable must be connected to the Ethernet port of your broadband
access device. The WAN link LED must light green indicating the physical connection.
Has the correct transfer protocol been selected?
The transfer protocol is set along with the basic settings. The basic setup wizard will enter the correct settings for numerous DSL providers automatically.
Only if your DSL provider is not listed, you will have to enter manually the protocol being used. In any case, the protocol that your DSL provider supplies you
with should definitely work.
You can monitor and correct the protocol settings under:
Configuration tool Run command
LANconfig Management Interfaces Interface settings WAN Inter-
face
WEBconfig Expert Configuration Setup Interfaces WAN Interface
71
Page 72
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 9: Troubleshooting
9.2 DSL data transfer is slow
The data transfer rate of an broadband (Internet) DSL connection is dependent
upon numerous factors, most of which are outside of one's own sphere of
influence. Important factors aside from the bandwidth of one's own Internet
connection are the Internet connection and current load of the desired target.
Numerous other factors involving the Internet itself can also influence the
transfer rate.
EN
Increasing the TCP/IP window size under Windows
If the actual transfer rate of a DSL connection is significantly below the fastest
rate listed by the provider, there are only a few possible causes (apart from the
above-mentioned external factors) which may involve one's own equipment.
One common problem occurs when large amounts of data are sent and
received simultaneously with a Windows PC using an asynchronous connection. This can cause a severe decrease in download speed. The cause of this
problem is what is known as the TCP/IP receive window size of the Windows
operating system that is set to a value too small for asynchronous connections.
Instructions on how to increase the Windows size can be found in the Knowledge Base of the support section of the LANCOM web site (www.lancom.de
9.3 Unwanted connections under Windows XP
Windows XP computers attempt to compare their clocks with a timeserver on
the Internet at start-up. This is why when a Windows XP in the WLAN is
started, a connection to the Internet is established by the LANCOM.
To resolve this issue, you can turn off the automatic time synchronization on
the Windows XP computers under Right mouse click on the time of day
Properties Internet time.
).
72
Page 73
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
10 Appendix
10.1 Performance data and specifications
Chapter 10: Appendix
LANCOM 800+ LANCOM DSL/I-
Connections Ethernet LAN 4 x RJ-45 Ethernet
IEEE 802.3 (switch),
10/100Base-T autosensing, node/hubautodetection
WAN 10Base-T 10/100Base-TX, auto
Operating
modes
ISDN ISDN S
Outband serial V.24/V.28 port (8 pol. mini DIN)
Power supply 12V over external power adapter
Multiprotocol router IP router, IPX router, NAT/reverse NAT (IP masquerading) DHCP server
incl. auto detection, DHCP client, DHCP relay server, DNS server, PPPoE
client, PPTP client, NetBIOS proxy, DynDNS client
ISDN Gateway RJ-45 ISDN S0 bus, point-to-point and point-to-multipoint configura-
tion, I.430, (autosensing), optional leased-line support; D- channel 1TR6,
DSS1 (Euro-ISDN); B-channel PPP (asynchronous/synchronous), X.75,
HDLC, MLPPP for channel bundling, CAPI 2.0 via LANCAPI, Stac data
compression
0
bus
1611 Office
RJ-45 Ethernet IEEE
802.310/100Base-T,
auto sensing, node/
hub switch
LANCOM DSL/I-
10+
3 x RJ-45 Ethernet
IEEE 802.3 (switch),
10/100Base-T autosensing, node/hubautodetection
sensing
EN
Protocols LAN IP: ARP, Proxy ARP, IP, ICMP, UDP, TCP, TFTP, RIP 1, RIP 2, DHCP, DNS,
SNMP, HTTP, HTTPS, BOOTP, NTP, NetBIOS, LANCAPI
IPX: RIP, SAP, IPX and SPX watchdogs, NetBIOS watchdogs
WAN PPPoE, PPTP and Plain Ethernet
Transfer rates
(maximum)
Security Intrusion detection (IP spoofing, Log-in attempts, portscans), denial-of-
LAN 100 Mbit/s, full- duplex mode
service protection (fragmentation error, SYN flooding, automatic closing
of ports/connections). DNS hitlists as well as wildcard filter (URL blocking). High availability by ISDN dial-backup for Internet access. Alerting
by email, SNMP traps and SYSLOG.
PAP, CHAP and MS-CHAP as PPP authentication mechanisms, passwordprotected configuration access for each interface, access control list (IP,
MAC and protocol filter) for configuration access and
caller ID list. FirmSafe with 2 firmware versions for absolute secure software upgrades.
LANCAPI
, ISDN
73
Page 74
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 10: Appendix
LANCOM 800+ LANCOM DSL/I-
LANCOM DSL/I-
1611 Office
Firewall Stateful packet inspection, IP packet filter with port ranges; masking
(NAT/PAT) of TCP, UDP, ICMP, FTP, PPTP, H.323,Net meeting, IRC and
IPSec; DNS forwarding; inverse masking for IP services out of the
intranet as e.g. web server; support of 2 local networks (LAN plus DMZ);
DMZ with own IP address range without NA ; IP-QoS and bandwidth
management / priorisation, e.g. for VoIP
Management LANtools (professional management software for Windows), WEBconfig
EN
Housing 230 x 38 x 228 mm (W x H x D), metal case, connectors on the rear side
Standards EU (CE certification: EN 55022, EN 55024, EN 60950)
Environment /
temperature
range
Options LANCOM Leased Line Option (No. 00789)
(HTTP / HTTPS), Telnet, TFTP, SNMP V2 (MIB II, 802.11, 802.1D, 802.3,
private MIB), RADIUS, syslog r
emote maintenance via ISDN, DynDNS
outband interface: command line interface
Temperature range 0°C to + 40°C at 80% max. humidity (non condensing)
LANCOM Modem Adapter Kit for connecting modems (analogue or
GSM) to the serial configuration interface (No. 110288)
10+
LANCOM Service Option (4 years warranty, 24h product replacement)
(No. 61401)
10.2 Contact assignment
10.2.1 Ethernet WAN interface
6-pin RJ45 socket
Connector Pin IAE
LANCOM VPN Option
25 channels for VPN in
WAN (No. 60083)
1T+
2T-
3R+
4–
74
5–
6R-
Page 75
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
10.2.2 ISDN-S0 interface
8-pin RJ45 socket, corresponding to ISO 8877, EN 60603-7
Connector Pin Line IAE
Chapter 10: Appendix
1––
2––
10.2.3 Ethernet interfaces 10/100Base-T
8-pin RJ45 socket, corresponding to ISO 8877, EN 60603-7
Connector Pin Line
3T+2a
4R+1a
5R-1b
6T-2b
7––
8––
1T+
2T-
3R+
4–
EN
5–
6R-
7–
8–
75
Page 76
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Chapter 10: Appendix
10.2.4 Configuration interface (Outband)
8-pin mini-DIN socket
Connector Pin Line
1CTS
2RTS
EN
10.3 CE declaration of conformity
The CE declarations of conformity for LANCOM routers are available for download on the LANCOM web site (www.lancom.de
3RxD
4RI
5TxD
6DSR
7DCD
8DTR
UGND
).
76
Page 77
Index
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Index
Numerics
10/100Base-TX
3-DES
46, 54
A
Accounting
ADSL
Transfer rate
Transmission rates
ADSL modem
AES
46, 54
Auth.
73
Autosensing
B
Basic configuration
Blowfish
C
Callback
Callback function
Calling Line Identity (CLI)
CAPI interface
CAST
Channel bundling
charge lock
Common ISDN Application
Programming Interface (CAPI)
Configuration access
Configuration file
Configuration interface
Configuration password
Configuration port
Configuration protection
Connect charge information
Connect charge protection
Connect-charge budget
Connect-charge metering
46, 54
17
46, 54
Connector cable
27
34
73
10
10
28
32
19, 46, 54
55
61
73
25
61
36, 40
70
19
20
69
27
19, 34
41
35, 36, 41
34
34
Contact assignment
Configuration interface
Ethernet interface
Ethernet WAN interface
ISDN-S
LAN interface
Outband
WAN interface
D
Data compression
Data frequencies
Declaration of conformity
Default gateway
Denial-of-Service Protection
DHCP
41
DHCP server
Dialing prefix
Dial-up access
Dial-up adapter
DNS
access to the remote LAN
DNS server
Documentation
Domain
Download
downstream
DSL
data transfer is too slow
provider
transfer protocol
DSL technologies
DSL transfer protocol
E
Encryption
F
Fax
10
interface 75
0
34, 41
50
10
10
36, 40
46, 54
74
76
75
74
75
76
75
73
10
76
41
15
18, 33, 34, 36, 39, 42
54
58
50
18, 41
20
72
40
10
36
EN
77
Page 78
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Index
Filter mechanisms 17
Firewall
Firewall filter
FirmSafe
Flat rate
H
Hardware installation
EN
I
ICMP
Installation
Interconnection
Internet access
Internet provider
Intrusion Detection
IP
IP address
IP address of the LANCOM
IP masquerading
IP router
IPSec
IPX
14, 18, 70
67
19
44
28
70
20
configuration port
DSL
28
ISDN
28
LAN
28
LANtools
power adapter
29
29
29
46
Security aspects
46
16, 17, 43
Authentication data
Default gateway
DNS server
Flat rate
IP address
Netmask
43
44
43
43
43
43
43
14
Filter
70
Lock ports
70
33, 51
28
14, 16, 18, 69
18
46, 54
58
Binding
External Network Number
Frame type
51, 57
51, 57
51
Internal-Net-Number
IPX conventions
IPX router
Settings
ISDN
16
1TR6
Basic configuration
caller ID
Connect charge information
connection
Connector cable
D channel
data compression
Dial-in number
DSS1
dynamic channel bundling
MSN
NTBA
password for connection
S
port 27
0
ISDN connection
Basic settings
ISDN leased line option
ISDN modem
ISDN PBX
ISDN S
L
LAN
LAN to LAN coupling
LANCAPI
LANCOM Service Option
LANCOM setup
LANCOM VPN Option
LANconfig
LANmonitor
LANtools
connection 18, 73
0
Connector cable
Required information
18, 30
run setup wizards
51
18
50
73
48, 55
29
55, 73
73
34, 36, 41
29
34
54
34
30
30, 35
30
57
41
20
44
44
44
49
19
20
16, 17, 18, 34, 46
47
19
19
45
36
78
Page 79
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Index
System preconditions 21
Leased line support
Line management
M
MAC address filter
Minimum bandwidth
MLPPP
MSN
N
NAT – see IP masquerading
NetBIOS
NetBIOS proxy
Netmask
Network segment
P
Package contents
Password
PAT – see IP masquerading
PBX
Phone line
Ping
Plain Ethernet
Plain IP
Power adapter
PPP
PPP client
PPPoE
PPTP
Preshared Key
Q
Quality-of-Service
R
Remote Access Service (RAS)
73
55
51
33
34, 36, 46, 54
10
29
53
43
54, 73
58
43
43
Shared Secret
Configuring the dial-in computer
Enable software compression
Function
73
17
14, 19
15
18
28, 51
20
43
20, 27
49
15
58
17
58
IPX
56
NetBIOS
Searching for Windows workgroups
Security aspects
Server
setup
specify MSN
TCP/IP
User name
Remote configuration
Remote configuration access
Remote configuration via ISDN
Reset connect charge protection.
Reset switch
Resetting the configuration
Restarting the device
Router
Router function
S
Searching for Windows workgroups
Security
Security checklist
Security features
Security settings
Setting up access to the Internet
SNMP
Software installation
Splitter
Stateful Inspection
Stateful Inspection Firewall
Status displays
15
Firewall wizard
Security settings wizard
Protection of the configuration
ISDN status
LAN
Online
Power
WAN data
57
54
18
54
34
56
55
36, 40
34
19
25
27
28
28
9
67
66
68
16
71
43
29
10
14
67
21
25
26
24
24, 25
26
57
EN
52
69
79
Page 80
LANCOM 800+ – LANCOM DSL/I- 10+ – LANCOM DSL/I- 1611 Office
Index
WAN status 26
Switch
System preconditions
T
TCP
TCP/IP
EN
TCP/IP configuration
TCP/IP filter
TCP/IP router
Telephone
Telephone answering device
Transfer protocol
27
70
20, 58
check connection
Settings
Settings to PCs in the LAN
Windows size
Automatic
fully automatic
manual
32, 36, 39
39
32, 33
14, 18, 70
Settings
49
10
71
20
53
41
72
32, 33
10
U
UDP
70
Upload
upstream
V
Virtual Private Network (VPN)
Voice frequencies
Voltage switch
VPN client
W
WAN
WAN connection
WEBconfig
Wide Area Network (WAN)
10
10
16, 17
10
27
58
Connector cable
problems establishing the connection
20
71
37
password
Starting the wizards
System preconditions
40
38
21
15
80
Loading...