Lancom Systems 821, 1711, 1621 User Manual

LANCOM 821 ADSL/ISDN –

LANCOM 1621 ADSL/ISDN –

LANCOM 1711 VPN

0321/010

While the information in this manual has been compiled with great care, it may not be deemed an assurance of product characteristics. LANCOM Systems shall be liable only to the degree specified in the terms of sale and delivery.

The reproduction and distribution of the documentation and software included with this product is subject to written permission by LANCOM Systems. We reserve the right to make any alterations that arise as the result of technical development.

Trad ema rks

Windows

, Windows XP® and Microsoft® are registered trademarks of Microsoft, Corp.

The LANCOM Systems logo and the name LANCOM are registered trademarks of LANCOM Systems GmbH. All other names mentioned may be trademarks or registered trademarks of their respective owners.

Subject to change without notice. No liability for technical errors or omissions.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http://www.openssl.org/

LANCOM Systems GmbH

Adenauerstr. 20/B2

52146 Wuerselen

Germany

www.lancom.de

Wuerselen, January 2005

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Preface

Preface

Thank you for placing your trust in this

With the LANCOM you have chosen a powerful router that possesses integrated DSL respectively ADSL and ISDN interfaces by default as well as an integrated 4-port switch. With this router you can simply and comfortably connect individual PCs or whole local networks to the high-speed Internet.

Security settings

For a carefree use of your device, we recommend to carry out all security settings (e.g. Firewall, encryption, access protection, charge lock), which are not already activated at the time of purchase of your device. The LANconfig wizard ’Check Security Settings’ will support you accomplishing this. Further information regarding this topic can be found in chapter “Security settings” on page 66.

We ask you additionally to inform you about technical developments and actual hints to your product on our Web page www.lancom.de load new software versions if necessary.

User manual and reference manual

The documentation of your device consists of two parts: the user manual and the reference manual.

You are now reading the user manual. It contains all information you need to start your LANCOM. It also contains the most important technical specification for the device.

The reference manual can be found on the CD as an Acrobat (PDF) document. It is designed as a supplement to the user manual and goes into detail on topics that apply to a variety of devices. These include for example:

 Systems design of the LCOS operating system  Configuration  Management  Diagnosis  Security  Routing and WAN functions  Firewall  Quality of Service (QoS)  Virtual Private Networks (VPN)

LANCOM

product.

, and to down-

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Preface

 Virtual Local Networks (VLAN)  Wireless networks (WLAN)  LANCAPI  Further server services (DHCP, DNS, charge management)

Model variants

This user manual applies to the following models of the LANCOM series:

 LANCOM 821 ADSL/ISDN  LANCOM 1621 ADSL/ISDN  LANCOM 1711 VPN

Model restriction

The sections of the documentation that refer only to a range of models are marked either in the corresponding text itself or with appropriate comments placed beside the text.

In the other parts of the documentation, all described models have been classified under the general term LANCOM.

This documentation was compiled …

...by several members of our staff from a variety of departments in order to ensure you the best possible support when using your LANCOM product.

In case you encounter any errors, or just want to issue critics or enhancements, please do not hesitate to send an email directly to:

info@lancom.de

Our online services ( www.lancom.de) are available to you around the clock should you have any queries regarding the topics discussed in this manual or require any further support. In addition support from LANCOM Systems is also available to you. Telephone numbers and

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Preface

contact information for LANCOM Systems support can be found on a separate insert, or at the LANCOM Systems website.

Notes symbols

Very important instructions. If not followed, damage may result.

Important instruction that should be followed.

Additional instructions which can be helpful, but are not required.

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Contents

Contents

1 Introduction 9

1.1 How does ADSL work? 9

1.2 Which use does VPN offer? 12

1.3 Firewall 15

1.4 What does a router do? 16

1.4.1 Bridgehead to the WAN 17

1.4.2 Areas of deployment for routers 17

1.5 What can your LANCOM do? 18

2 Installation 21

2.1 Package contents 21

2.2 System preconditions 21

2.3 Introducing LANCOM 22

2.3.1 Status displays 22

2.3.2 The back of the unit 27

2.4 Hardware installation 28

2.5 Software installation 30

2.5.1 Starting LANCOM setup 30

2.5.2 Which software should you install? 31

3 Basic configuration 32

3.1 Which information is necessary? 32

3.1.1 TCP/IP settings 32

3.1.2 Configuration protection 34

3.1.3 Settings for the DSL connection 34

3.1.4 Settings for the ISDN connection 34

3.1.5 Connect charge protection 35

3.2 Instructions for LANconfig 35

3.3 Instructions for WEBconfig 37

3.4 TCP/IP settings to workstation PCs 41

4 Setting up Internet access 43

4.1 Instructions for LANconfig 45

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Contents

4.2 Instructions for WEBconfig 45

5 Linking two networks 46

5.1 What information is necessary? 47

5.1.1 General information 47

5.1.2 Settings for the TCP/IP router 49

5.1.3 Settings for the IPX router 50

5.1.4 Settings for NetBIOS routing 51

5.2 Instructions for LANconfig 52

5.3 Instructions for WEBconfig 52

6 Providing dial-up access 54

6.1 Which information is required? 54

6.1.1 General information 55

6.1.2 Settings for TCP/IP 56

6.1.3 Settings for IPX 57

6.1.4 Settings for NetBIOS routing 57

6.2 Settings for the dial-in computer 58

6.2.1 Dial-up via VPN 58

6.2.2 Dial-up via ISDN 58

6.3 Instructions for LANconfig 59

6.4 Instructions for WEBconfig 60

7 Sending faxes with LANCAPI 61

7.1 Installation of the LANCOM CAPI fax modem 62

7.2 Installation of the MS Windows fax service 63

7.3 Sending a fax 64

7.3.1 Send a fax with any given office application 64

7.3.2 Send a fax with the MS Windows fax service 64

8 Security settings 66

8.1 The security settings wizard 66

8.1.1 Wizard for LANconfig 66

8.1.2 Wizard for WEBconfig 67

8.2 The firewall wizard 67

8.2.1 Wizard for LANconfig 67

8.2.2 Configuration under WEBconfig 68

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Contents

8.3 The security checklist 68

9 Troubleshooting 71

9.1 No WAN connection is established 71

9.2 DSL data transfer is slow 71

9.3 Unwanted connections under Windows XP 72

9.4 Cable testing 72

10 Appendix 74

10.1 Performance data and specifications 74

10.2 Contact assignment 76

10.2.1 ADSL interface 76

10.2.2 Ethernet WAN interface (LANCOM 1711 VPN) 77

10.2.3 ISDN-S0 interface 77

10.2.4 Ethernet interfaces 10/100Base- T 78

10.2.5 Configuration interface (Outband) 78

10.3 CE declaration of conformity 78

11 Index 79

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

1Introduction

The models LANCOM 821 ADSL/ISDN, LANCOM 1621 ADSL/ISDN and LANCOM 1711 VPN are fully-featured routers that therefore also can be used in combination with the integrated firewall for providing secure Internet access to a complete local network (LAN).

The VPN option, which is either integrated already or can be activated subsquently, enables the LANCOM 1621 ADSL/ISDN and LANCOM 1711 VPN to act as powerful Dynamic VPN gateways for external offices or mobile users.

The LANCOM models offer each a DSL or ADSL connector and also an ISDN connector. The ISDN line can be used as back-up for the DSL connection, for remote management of the router, as basis for the office communication via LANCAPI or for establishing VPN connections to remote sites with dynamic IP addresses.

1.1 How does ADSL work?

 Chapter 1: Introduction

For LANCOM 821 ADSL/ISDN and LANCOM 1621 ADSL/ISDN only

Since the late 1980s, scientists have been working on the idea of using conventional telephone lines for video and multimedia applications.

High speed via standard telephone lines

Their approach was based on the use of telephone lines only for the distance between the subscriber and the next local exchange. From the switching center, the data is then transferred via high-speed connections to the desired destination or target network (i.e. the Internet). This minimization of the telephone line distance used permits considerably higher transfer rates than would be possible when relying solely on the telephone network.

LAN

ADSL connection via

telephone line

LANCOM

Internet

Local exchange (central office)

All DSL technologies, of which ADSL is the most common, are based on this concept. Thanks to their high transfer speeds, DSL connections are well-suited for Internet access.

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

Ideal for Internet surfers

The ADSL version of DSL was designed for applications in which the user receives high volumes of data but only transmits relatively small volumes. A typical example for this would be access to the world wide web (www). Only a few commands (mouse clicks) are required to initiate the download of very large volumes of data such as graphics, texts, audio or video files. The user typically only sends very small amounts of data across the Internet connec-

tion.

With an ADSL connection, a user can download at up to 8 Mbps (“downstream”) and upload at up to 800 Kbps (“upstream”). These maximum rates can be reduced as required by the ADSL provider. A typical access plan might specify, for example, 768 Kbps download and 128 Kbps upload speed.

All services via a single cable—thanks to the splitter

With ADSL, all traditional telephony applications (telephone, fax, answering machine, PBX) can still be used without restrictions. So-called splitters make this possible. Splitters are devices that separate the telephone line's “voice frequencies” from the “data frequencies” and ensure that the signals are forwarded to the appropriate networks. Voice signals are passed on to the existing telephone network, while data signals are forwarded to their destinations (i.e. Internet providers) via high-bandwidth network connections.

A splitter is also used at the subscriber end to permit ADSL modems/routers and conventional telephone equipment to be used at the same time.

Telephone

network

Internet

Switching node

DSL access multiplexer

ADSL provider

Splitter

Router with integrated

Splitter

ADSL modem

Tel ep hon e

Subscriber

In some models (like in the picture above) the ADSL modem is integrated directly in the router (e.g. LANCOM 821 ADSL/ISDN and LANCOM 1621 ADSL/

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

ISDN). Other models like LANCOM 1711 VPN are connected to the splitter using a separate ADSL modem.

Telephone

network

Internet

Switching node

DSL access multiplexer

ADSL provider

Splitter

ADSL

modem

Tel ep hon e

Router

Subscriber

The model LANCOM 1711 VPN can also utilize other broadband connections (e.g. cable modem) that offer a 10/100Base-Tx- Ethernet connector over PPPoE, PPTP or plain Ethernet (with or without DHCP).

The models LANCOM 821 ADSL/ISDN and LANCOM 1621 ADSL/ISDN can use this option, if the first LAN port is configured as WAN interface.

ADSL-over- ISDN or ADSL-over-POTS?

ADSL can operate over modern ISDN telephone service as well as conventional analog service (POTS – Plain Old Telephone Service).

There are, however, different technical specifications for the two telephone systems. For this reason, devices in the LANCOM series are offered in two different versions: A version for ADSL-over-POTS and a version for ADSL-overISDN.

You can determine which telephone system a device supports by looking at the model description on the bottom of the device. The label containing the device name also contains an additional code which stands for the telephone system the device supports:

Code Supported telephone system

'Annex A' ADSL-over-POTS

'Annex B' ADSL-over- ISDN

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

An 'Annex A' type LANCOM can only be used with ADSL-over-POTS service. Similarly, an 'Annex B' device can only be used with ADSL-over- ISDN service. Retrofitting a device to function with a different telephone system is not possible.

ADSL-over-ISDN connections also exist that do not operate in conjunction with ISDN, but which use a conventional analog telephone connection. A prominent example would be Deutsche Telekom’s T-DSL service.

For LANCOM 1711 VPN and LANCOM 1621 ADSL/ISDN

1.2 Which use does VPN offer?

A VPN (Virtual Private Network) can be used to set up cost- effective, public IP networks, for example via the ultimate network: the Internet.

The models LANCOM 1621 ADSL/ISDN and LANCOM 1711 VPN are equipped with 5 channels by default. The additional LANCOM VPN Option can extend VPN support to 25 active tunnels. The VPN-25 Option also activates the VPN hardware accelerator in the LANCOM 1711 VPN.

While this may sound unspectacular at first, in practice it has profound effects. To illustrate this, let's first look at a typical corporate network without VPN technology. In the second step, we will see how this network can be optimized by the deployment of VPN.

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

Conventional network infrastructure

First, let's have a look at a typical network structure that can be found in this form or similar forms in many companies:

LAN

Head Office



LAN

Subsidiary



Workstation in remote access, e.g. homework



Internet

The corporate network is based on the internal network (LAN) in the headquarters. This LAN is connected to the outside world in three ways:

 A subsidiary is connected to the LAN, typically using a leased line.

 PCs dial into the central network via modem or ISDN connections (Remote

Access Service – RAS).

 The central LAN has a connection to the Internet so that its users can

access the Web, and send and receive e-mail.

All connections to the outside world are based on dedicated lines, i.e. switched or leased lines. Dedicated lines are very reliable and secure. On the other hand, they involve high costs. In general, the costs for dedicated lines are dependent on the distance. Especially in the case of long-distance connections, keeping an eye out of cost-effective alternatives can be worthwhile.

The appropriate hardware must be available in the headquarters for every type of required connection (analog dial-up, ISDN, leased lines). In addition

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

to the original investment costs, ongoing costs are also incurred for the administration and maintenance of this equipment.

Networking via the Internet

The following structure results when using the Internet instead of direct connections :

LAN

Head Office





LAN

Subsidiary

Internet



Workstation in remote

access

All participants have fixed or dial-up connections to the Internet. Expensive dedicated lines are no longer needed.

 All that is required is the Internet connection of the LAN in the headquar-

ters. Special switching devices or routers for dedicated lines to individual participants are superfluous.

 The subsidiary also has its own connection to the Internet.

 The RAS PCs connect to the headquarters LAN via the Internet.

The Internet is available virtually everywhere and typically has low access costs. Significant savings can thus be achieved in relation to switched or dedicated connections, especially over long distances.

The physical connection no longer exists directly between two participants; instead, the participants rely on their connection to the Internet. The access technology used is not relevant in this case: ideally is the use of broadband

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

technologies such as DSL (Digital Subscriber Line). But also a conventional ISDN line can be used.

The technologies of the individual participants do not have to be compatible to one another, as would be the case for conventional direct connections. A single Internet access can be used to establish multiple simultaneous logical connections to a variety of remote stations.

The resulting savings and high flexibility makes the Internet (or any other IP network) an outstanding backbone for a corporate network.

1.3 Firewall

The integrated Stateful Inspection Firewall ensures an effective protection against undesired intrusion in your network by permitting only incoming data traffic as reaction to outgoing data traffic. The router’s IP masquerading function hides all workstations of the LAN behind a single public IP address. The actual identities (IP addresses) of the individual workstations remain concealed. Firewall filters of the router permit specific IP addresses, protocols and ports to be blocked. With MAC address filters it is also possible to specifically monitor the access of workstations in the LAN to the IP routing function of the device.

 Chapter 1: Introduction

LAN

Internet

Firewall

LANCOM

Further important features of the Firewall are

 Intrusion Detection

Break-in attempts into the local network or on the central Firewall are recognized, repelled and logged by the Intrusion Detection system (IDS) of the LANCOM DSL. Thereby it can be selected between logging within the device, email notification, SNMP trap or SYSLOG alarms.

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

 Denial-of-Service Protection

Attacks from the Internet can be break- in attempts as well as attacks with the aim of blocking the accessibility and functionality of individual services. Therefore a LANCOM DSL is equipped with appropriate protective mechanisms, which recognize well-known hacker attacks and which guarantee the functionality.

 Quality-of-Service / Traffic management

The generic term Quality-of-Service (brief: QoS) summarizes the functions of the LANCOM which guarantee certain service qualities. The advantage is that the QoS functions can take place by means of the existing powerful classification methods of the Firewall (e.g. limitation of subnetworks, single workstations or certain services). Guaranteed minimum bandwidths give priority to enterprise critical applications, VoIP PBX installations or certain user groups.

More details about the function of the Stateful Inspection Firewall of your LANCOM can be found in the reference manual on the LANCOM CD.

1.4 What does a router do?

The following sections describe the functionality of routers in general. The functions supported by your device are listed in the table “What can your LANCOM do?” on page 18.

Routers connect LANs at different locations and individual PCs to form a Wide Area Network (WAN). With the appropriate rights, any computer in this WAN can access other computers and services of the complete WAN (as with 'PC 1' accessing 'Server A' in the remote LAN in the diagram).

PC 1

WAN connection

router

LAN 1

server A

router

LAN 2

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

Connecting a LAN to the Internet does not technically differ from coupling two LANs. The only difference is that it is not just a handful of computers behind the Internet provider's router. Instead, it is the net of the networks the public Internet.

1.4.1 Bridgehead to the WAN

All routers have at least two connections:

 at least one for the LAN  at least one for WAN connections

In addition to LAN connectivity (10/100 Mbps Ethernet), several models also offer an integrated switch. For the connecting to the WAN, the routers use ISDN, xDSL/cable or ADSL connectors. Several devices contain additionally a wireless network card and can thus integrate also stations of WLANs (Wireless LANs) into the routing.

The router's task is to transfer data from the local network to the target network via a suitable WAN connection. Data is also transferred from the WAN to the desired recipients in the LAN.

1.4.2 Areas of deployment for routers

 Chapter 1: Introduction

Not possible with all LANCOM devices.

Routers are mainly used for the following applications:

 Internet access for a LAN (e.g. via DSL or ISDN)

The Internet consists of countless large and small networks that are interconnected into the world's largest WAN via routers. The router links all the workstation computers on your local area network to the global Internet. Security functions such as IP masquerading protect your LAN against unauthorized access from outside.

 LAN to LAN coupling (via VPN or ISDN)

LAN to LAN coupling links individual LANs to form one large network, even if this means crossing continents. A typical example: A branch office is to be connected to the LAN of the headquarters. In principle, you can connect LANs in two ways:

 High-speed coupling via VPN

The fastest and most economical LAN to LAN links are possible with VPN (Virtual Private Network) technology, as VPN uses the Internet as the basis for its communications. The fast xDSL connection of the router comes into its own here. The precondition: a VPN gateway with

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

access to the Internet is required on either side of the network interconnection.

VPN tunnel via the

Internet

VPN gateways

 Conventional via ISDN

Without VPN, a LAN to LAN interconnection can alternatively be realized via ISDN. In this case, an intelligent line management and sophisticated filter mechanisms keeps connection costs low.

 Remote access to the company network (via VPN or ISDN)

The work of many office workers in modern organizations is less and less dependent on any definite location—the most important factor here is unimpaired access to shared and freely available information.

Remote Access Service (RAS) is the magic word here. Employees working from home or field staff can dial into the company network via VPN or ISDN. When working with remote access via ISDN, the router protects the company network: the call back function only grants access to known and registered users.

1.5 What can your LANCOM do?

The following table contains a direct comparison of the properties and functions of your devices with other models:

Applications

Internet access

LAN to LAN coupling via VPN

ADSL

LANCOM 821

ADSL

LANCOM 1621

DSL

LANCOM 1711

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

ADSL

LANCOM 821

LAN to LAN coupling via ISDN

RAS server (via VPN)

RAS server (via ISDN)

IP router

IPX router (via ISDN), e.g. for coupling of Novell networks or dialling into Novell networks

NetBIOS proxy for coupling of Microsoft peer-to-peer networks via ISDN

DHCP and DNS server (for LAN and WAN)

N:N mapping for coupling networks using the same IP address ranges from LCOS 5.0

LANCAPI server for the operating with office applications as fax or answering machine via ISDN interface

WAN connection

Connection for DSL or cable modem

Integrated ADSL modem

ISDN S

bus in multi device-mode or in point-to-point mode with automatic

D-channel protocol identification. Supports static and dynamic channel bundling per MLPPP and BACP as well as Stac data compression (Hi/fn)

Port for external modem, analogue or GSM (requires LANCOM modem adapter kit; from LCOS 5.0)

LAN connection

Integrated 4-port auto- mode-switch (10/100 Mbps) with private mode for

ADSL

LANCOM 1621

DSL

LANCOM 1711

4 individual Fast Ethernet LAN ports, switchable separately, e.g. as LAN switch or separate DMZ ports, auto crossover.

Security functions

IPSec encryption in external software (VPN client)

IPSec encryption in internal software

IPSec encryption in hardware (optional, activation via the VPN-25-Option)

IP masquerading (NAT, PAT) to hide all workstations of the LAN behind one common public IP address.

Stateful Inspection Firewall

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 1: Introduction

Firewall filters for a selective locking of IP addresses, protocols and ports

MAC address filter control e.g. the access of LAN workstations to IP routing functions

Configuration protection to block “brute force attacks“

Configuration

Configuration with LANconfig or with web browser, additionally terminal mode for Telnet or other terminal programs, SNMP interface and TFTP server function.

Remote configuration via ISDN (with ISDN-PPP connections e.g. via Windows network and dial-up connections)

Serial configuration interface

Callback function with PPP authentication mechanisms for restriction to fixed ISDN telephone numbers

FirmSafe with firmware versions for absolutely secure software upgrades

Optional software extensions

ISDN leased line option

LANCOM VPN Option with 25 active tunnels for protection of network couplings

ADSL

LANCOM 821

ADSL

LANCOM 1621

DSL

LANCOM 1711

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

2 Installation

This chapter will assist you to quickly install hardware and software. First, check the package contents and system requirements. The device can be installed and configured quickly and easily if all prerequisites are fulfilled.

2.1 Package contents

 Chapter 2: Installation

Please check the package contents for completeness before starting the installation. In addition to the device itself, the package should contain the following accessories:

Power adapter

LAN connector cable (green plugs)

WAN connector cable (dark blue plugs)

ADSL connector cable (transparent plugs)

ISDN connector cable (light blue plugs)

Connector cable for the configuration interface

LANCOM CD

Printed documentation

If anything is missing, please contact your retailer or the address stated on the delivery slip of the unit.

2.2 System preconditions

DSL

ADSL/ISDN

LANCOM 821

ADSL/ISDN

LANCOM 1621

LANCOM 1711

Computers that connect to a LANCOM must meet the following minimum requirements:

 Operating system that supports TCP/IP, e.g. Windows XP, Windows Mil-

lennium Edition (Me), Windows 2000, Windows 98, Windows 95, Windows NT, Linux, BSD Unix, Apple Mac OS, OS/2, BeOS.

 Access to the LAN via the TCP/IP protocol.

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 2: Installation

The LANtools and the LANCAPI functions also require a Windows operating system. A web browser is required for access to WEBconfig.

2.3 Introducing LANCOM

This section introduces your device. We will give you an overview of all status displays, connections and switches.

While the information in this section is useful for the installation of the device, it is not absolutely essential. You may therefore skip this section for the time being and go straight forward to “Hardware installation” on page 28.

2.3.1 Status displays

The front and the rear panels (LANCOM 821 ADSL/ISDN) of the unit feature a series of light emitting diodes (LEDs) that provide information on the status of the device. On the LANCOM 1621 ADSL/ISDN a two-lined display additionally shows information on the status.

LANCOM 821 ADSL/ ISDN and LANCOM 1621 ADSL/ISDN

LANCOM 1711 VPN

Front side

The various LANCOM models have different numbers of indicators on the front panel depending on their functionality.















not available on LANCOM 821 ADSL/ISDN













1711 VPN

VPN

Only LANCOM 821 ADSL/ISDN

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 2: Installation

Top panel

The two LEDs on the top panel provide a convenient overview of the most important status information, especially when the device is installed vertically.

Power 

Power

Online

Meanings of the LEDs

In the following sections we will use different terms to describe the behaviour of the LEDs:

 Blinking means, that the LED is switched on or off at regular intervals in

the respective indicated colour.

 Flashing means, that the LED lights up very briefly in the respective col-

our and stay then clearly longer (approximately 10x longer) switched off.

 Inverse flashing means the opposite. The LED lights permanently in the

respective colour and is only briefly interrupted.

 Flickering means, that the LED is switched on and off in irregular inter-

vals.

This LED indicates that the device is operational. After the device has been switched on, it will flash green for the duration of the self-test. After the selftest, either an error is output by a flashing red light code or the device starts and the LED remains lit green.

off Device off

green blinking Self-test when powering up

green constantly on Device ready for use

red/ green

red blinking Time or connect-charge reached

blinking alternately Device insecure: configuration password not assigned

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 2: Installation

The power LED flashes red/green in alternation until a configuration password has been specified. Without a configuration password, the configuration data of the LANCOM is insecure. Under normal circumstances, you would assign a configuration password during the basic configuration (see instructions in the following chapter). For information about a later assignment of the configuration password see the section “Security settings” on page 66.

Flashing Power LED but no connection?

There's no need to worry if the Power LED blinks red and you can no

LANCOM

Systems

longer connect to the WAN. This simply indicates that a preset time or connect-charge limit has been reached. There are three methods available for unlocking:

 Reset connect charge protection.  Increase the limit that has been reached.

Signal for reached time

or connect-charge

limit

 Completely deactivate the lock that has been triggered (set limit

to '0').

If a time or connect charge limit has been reached, you will be notified in LANmonitor. To reset the connect charge protection, select Reset Charge and Time Limits in the context menu (right mouse click). You can configure the connect charge settings in LANconfig under Management / Costs (you will only be able to access this configuration if 'Complete con- figuration display' is selected under View / Options…).

You will find the connect charge protection reset in WEBconfig and all parameters under Expert Configuration / Setup / Charges-module.

Online 

The Online LED indicates the overall status of all WAN ports:

off No active connection

green flashing Establishing first connection

green inverse flashing Establishing further connection

green constantly on At least one connection established

red constantly on Error establishing the previous connection

Power

LANCOM 821 ADSL/ISDN – LANCOM 1621 ADSL/ISDN – LANCOM 1711 VPN

 Chapter 2: Installation

ADSL Link (only LANCOM 821 ADSL/ISDN and LANCOM 1621 ADSL/ISDN)

WAN Status (only LANCOM 1711 VPN)

ADSL Data (only LANCOM 821 ADSL/ISDN and LANCOM 1621 ADSL/ISDN)





Connection status of the ADSL link:

off No active connection

green flashing Establishing first connection

green inverse flashing Establishing further connection

green At least one connection established

red Error establishing the previous connection

Connection status of the WAN connection:

off not connected

green blinking Establishing connection

green flashing Protocol negotioation

green constantly on Connection established

Data traffic via the ADSL link:

off No data traffic

green flashing Establishing first connection

green inverse flashing Establishing further connection

green Connection(s) established

green flickering Data traffic (send or receive)

WAN Data (only LANCOM 1711 VPN)



Data traffic via the DSL connection:

off No network device connected

green constantly on Connection to network device operational, no data traffic

green flickering Data traffic (send or receive)

red flickering Collision of packets

+ 57 hidden pages

Lancom Systems 821, 1711, 1621 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

1Introduction

1.1 How does ADSL work?

1.2 Which use does VPN offer?

1.3 Firewall

1.4 What does a router do?

1.4.1 Bridgehead to the WAN

1.4.2 Areas of deployment for routers

1.5 What can your LANCOM do?

2 Installation

2.1 Package contents

2.2 System preconditions

2.3 Introducing LANCOM

2.3.1 Status displays