Home

Manual Workshops (Excerpt)

1. Fig 33 Routing gt QoS gt QoS Classification 4 4 3 Enabling QoS on the WAN interface In the last QoS configuration step prioritisation is enabled on the WAN interface For this go to the following menu 1 Goto Routing gt QoS gt QoS Interfaces Policies gt New Basic Parameters Interface ADSL ls Priorisation algorithm Priority Oueueing E Traffic shaping Enabled Protocol Header Size below Layer 3 PPP over Ethernet Queues Policies 4 OK JC Cancel gt Fig 34 Routing gt QoS gt QoS Interfaces Policies gt New Proceed as follows to enable prioritisation on the WAN interface Workshops Excerpt Select the Interface for which the QoS is to be configured the example here being ADSL N For Prioritisation algorithm select Priority Queueing a wo Under the option Protocol Header Size below Layer 3 select PPP over Ethernet E The QoS queues that are used high priority and default are automatically created al Press OK to confirm your entries 4 4 4 QoS Monitoring For high priority traffic and non prioritised traffic queues are created for each prioritisation The status of these queues are displayed in the Monitoring gt QoS menu As soon as the bandwidth of the Internet connection for scheduled VPN data and other Internet data be comes
2. 2 Press OK to confirm your entries At the same time the address 10 10 11 2 along with the netmask 255 255 255 252 is configured on the ETH5 port of the second gateway Results 1 Goto LAN gt IP Configuration gt Interfaces Interface IP Address Netmask Address Mode Status Action ent 0 10 10 10 2 255 255 255 0 Static o 13 a 1 4 ent 4 10 10 11 2 255 255 255 252 Static o 13 al Fig 40 LAN gt IP Configuration gt Interfaces gt Both gateways exchange status messages via this interface whereby the BRRP status master slave is set 5 2 2 Configuration of the virtual router For access to the local network LAN as well as for access to the Internet WAN a re spective virtual router is created In order to create the virtual router of the master gateway go to the following menu 1 Go to Routing gt BRRP gt Virtual Router gt New Workshops Excerpt BRRP Advertisement Interface i Ethernet Interface o IP Address BRRP Monitored Interface Virtual Router Interface New Virtual Interface based on en1 0 5 O ema Virtual Router IP Address fi 92 168 0 254 Add Virtual Router 1D Ga Virtual Router Priority o o 254 w Advanced Settings oK C cancel ir Fig 41 Routing gt BRRP gt Virtual Router gt New Proceed as fol
3. The GUI Assistant makes it easy to configure the Internet access for the bintec RS120 as well For the bintec RS120 the Internet access is done via an ADSL modem For this go to the following menu 1 Goto Assistants gt Internet Access gt Internet Connections gt New 2 Under Connector Type select e g External xDSL Modem 3 Click on Next to configure a new Internet connection Enter the required data for the connection ISP Data for External xDSL Description ADSL Modem Select the physical Ethernet port the external modem is connected to For Internet access you must set up a Physical Ethernet Port ETH5 2 connection to your Internet Service Provider Na cw ves SP Select your internet Service Provider ISP from the list Follow your provider s instructions Internet Service Provider Germany T Home Description Enter a description for the Internet connection f Enter the authentication data for your Internet account z User Name 111111111222222 0001 t online de Please check that the xDSL modem is correctly connected to one of the available Ethernet interfaces Password bess L esse _ Physical Ethernet Port _Select the connection mode Select the port to which the xDSL modem is Always active Enabled connected You can select one of the predefined ISPs or define a custom Internet connection Different settings are r
4. In this state both gateways use the default IP ad dress 192 168 0 254 1 Goto Dime Manager gt IP Settings Workshops Excerpt Address Mode Static 1P address Gateway 0 0 0 0 eS Hostname IP Address 192 168 0 254 Subnet Mask 255 255 255 0 El Misc E Company Name Unknown IP Settings Device Name rt1202 Fileboss bin V 7 9 Rev 5 Beta 4 File text_ger ez V 7 9 Rev 1 Beta 2 Device Name 111202 Filewebpages ez V 7 9 Rev 5 Beta 4 c Pp i neers Firmware V 7 9 Rev 5 Beta 4 Location Unknown Now Faseword MAC Address 00 A0 F9 0B CF 71 Show passwords in clear text E Monitoring Yes 5 Ping Device Yes coria Product RT1202 IP Address 10 10 10 1 Serial Number HA1020004300000 Static IP address h El States z 2552552550 CS S Ambiguous IPAddress Yes wooo Discovered 12 04 26 PM Gateway nmam IPconfiguration possible MULTICAST Login Failed A Save configuration permanently A Password Unsecure Password Address Mode Fig 37 Dime Manager gt IP Settings The Advertisement and Management IP address of both gateways can be changed via the shortcut menu of the Dime Manager In this workshop the address 10 10 10 1 24 shall be assigned to one network and the address 10 10 10 2 24 shall be assigned to the other net work Following successful configuration these interfaces are used for the configuration ac cess and for th
5. DHCP Relay Settings Relevant fields in the DHCP Relay Settings menu Field Meaning Primary DHCP Server Enter the IP address of the first server Secondary DHCP Serv Enter the IP address of the second server if one exists er Proceed as follows to configure the gateway as a DHCP relay agent 1 Enter the server IP address e g 192 168 1 2 for the Primary DHCP Server 2 Confirm with OK Workshops bintec elmeg GmbH 1 Services DHCP 1 3 Overview of configuration steps DHCP Server Field Menu Value Interface Local Services gt DHCP Server gt e g en1 0 DHCP Pool gt New IP Address Range Local Services gt DHCP Server gt e g 192 168 0 2 and DHCP Pool gt New 192 168650 40 Pool Usage Local Services gt DHCP Server gt Local DHCP Pool gt New Gateway Local Services gt DHCP Server gt Use Router as DHCP Pool gt New gt Advanced Gateway Settings Lease Time Local Services gt DHCP Server gt e g 120 DHCP Pool gt New gt Advanced Settings IP Address to use for Local Services gt DNS gt Global e g Own IP address DNS WINS Server As Settings gt Advanced Settings signment As DHCP Server DHCP Client Field Menu Value Address mode LAN gt IP Configuration gt Inter DHCP faces gt lt en1 4 gt gt p DHCP MAC Address LAN gt IP Configuration gt Inter MAC address for a spe optional faces gt lt en1 4 gt ip gt Advanced cific DHCP server Co
6. The complete configuration looks like this Source port range 500 4500 QoS Filter Qos Classification Qos Intertaces Policies QoS Filter Index Description _ Source ee Hl Destination k 2 TOSDSCP ie 1 IKE 0 0 0 0 500 0 0 0 0 500 0 im el 2 ESP 0 0 0 0 0 0 0 0 o a 3 NAT T_1 0 0 0 0 0 0 0 0 4500 0 a 4 NAT T_2 0 0 0 0 4500 1050 0 le new Fig 30 Routing gt QoS gt QoS Filter 4 4 2 Assignment of QoS filter to QoS class or high priority class In the next configuration step the created filters are assigned to the high priority class For this go to the following menu 1 Goto Routing gt QoS gt QoS Classification gt New Workshops Excerpt QoS Interfaces Policies Basic Parameters i Class map News Description PN PSec SSS E Filter KE s uN Direction Outgoing High Priority Class v Interface Interfaces mos eji 1 x OK J lt Cancel Fig 31 Routing gt QoS gt QoS Classification gt New Proceed as follows in order to create a new class map 1 2 3 4 5 6 For Description enter a description for the class map e g VPN IPSec Select Filter from what you have configured in the Routing gt QoS gt QoS Filter menu e g IKE Under Direction select Outgoing Enable the High Priority Class The data packets are t
7. gt BRRP gt Virtual Routers The following messages can be seen in the syslog 19 47 54 NOTICE BRRP started PID 67 compiled Aug 16 2010 17 21 34 19 47 54 INFO BRRP create_vr vr 1 slot 0 19 47 54 NOTICE BRRP vr 1 now in init state 19 47 54 INFO BRRP create _vrivr 2 slot 1 19 47 54 NOTICE BRRP vr 2 now in init state 19 47 54 INFO BRRP Config VR_ID 1 Prio 254 Pre empt mode true 19 47 54 INFO BRRP Advertisements ifc 1000 IP 10 10 10 1 master down 10007 19 47 54 INFO BRRP Virtual Router ifc 1004 1 IP address es assigned 19 47 54 INFO BRRP IP_O 192 168 0 0 19 47 54 NOTICE BRRP vr 1 started on enl 0 1 ip 192 168 0 0 mac 00005e000101 19 47 54 NOTICE BRRP vr 1 now in backup state 19 47 54 INFO BRRP Config VR_ID 2 Prio 254 Pre empt mode true 19 47 54 INFO BRRP Advertisements ifc 1400 IP 10 10 11 1 master down 10007 19 47 54 INFO BRRP Virtual Router ifc 1404 1 IP address es assigned 19 47 54 INFO BRRP IP_O 212 212 212 0 19 47 54 NOTICE BRRP vr 2 started on enl 4 1 ip 212 212 212 0 mac 00005e000102 19 47 54 NOTICE BRRP vr 2 now in backup state 19 47 55 INFO BRRP vr 1 pre empt master state 19 47 55 INFO BRRP vr 1 timeout in state BACKUP 19 47 55 INFO BRRP vr 1 acquire master state 19 47 55 NOTICE BRRP vr 1 now in master state 19 47 55 INFO BRRP vr 1 router ifc enl 0 1 up 19 47 55 INFO BRRP vr 2 pre empt master state 19 47 55 INFO BRRP vr
8. INFO MODEM usbTTYO PLMN Telekom de Home LAC 44B2 CID 00024413 AcT UMTS 10 49 DEBUG MODEM usbTTYO switch state Pl gt RO 10 DEBUG USB usbTTYO serial state notification ring ind 10 49 INFO MODEM usbTTYO Voice call from 4991196731550 activate GSM Fallback 10 49 59 DEBUG PPP T Mobile UMTS event ifddminStatus_down event status initial dormant dormant gt interface down down 10 49 59 DEBUG MODEM usbTTYO Configured Access Mode UMTS Pref 10 INFO MODEM usbTTYO Select PLMN 26201 gt 26201 UMTS gt GSM 10 DEBUG MODEM usbTTYO Actual AcM GPRS Only 10 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 50 INFO MODEM usbTTYO PLMN Telekom de Home LAC 44B2 CID 00024413 AcT UMTS 10 50 00 DEBUG PPP T Mobile UMTS event ifidminStatus_up event status interface down down gt initial f dormant dormant 10 50 01 DEBUG MODEM usbTTY3 Temperature 52 10 50 05 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 INFO MODEM usbTTYO PLMN Telekom de Home LAC 44B2 CID 00024413 AcT UMTS 10 05 DEBUG MODEM usbTTYO Network Registration in progress 10 50 06 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 DEBUG M
9. Internet access with a fixed WAN IP address The Internet ac cess is used for the VPN IPSec connection of a company branch as well as other Internet services If the entire bandwidth of the Internet connection is used then the company branch should have a higher priority than the rest of the traffic and therefore continue to be usable In this workshop a bintec R3002 head office gateway and a bintec RS120 branch gate way shall be shown as examples for setting up the Internet connection and configuring the VPN IPSec connection Then the prioritisation of the VPN IPSec connection is set for the company head office gateway The GUI Graphical User Interface is used for configuration R3002 RS120 192 168 0 1 24 WAN IP 212 212 212 1 ADSL modem 192 168 1 1 24 Internet LAN Head office Fig 20 Example scenario Requirements e Abintec R3002 gateway head office e A bintec RS120 gateway branch A boot image of version 7 9 5 or later e Both gateways require an independent connection to the Internet Workshops Excerpt s Head office Internet access with static WAN IP address e Dime Managersoftware 4 2 Configuration 4 2 1 Configuration of gateway in head office bintec R3002 For the initial configuration the bintec R3002 gateway can be reached via the Dime Man ager The LAN IP address of the gateway is changed via the shortcut menu After you have changed the IP address the web interface of the bintec R300
10. Under Description enter e g Head Office The Local IPSec ID enter the ID of you branch gateway appropriately to the Remote IPSec ID of the head office gateway e g branchl Under Remote IPSec ID enter the local IPSec ID of the remote gateway e g 212 21D 212 ds For the authentification enter Preshared Key e g supersecretgeheimkey Under Local IP Address enter the IP address of the bintec RS120 e g 192 168 1 1 For the IPSec Peer Address the WAN IP address of the bintec R3002 must be provided e g 212 212 212 1 Under IP Address of Remote Network enter the network address of the branch e g 192 168 1 0and the Netmask 255 255 255 0 Press OK to confirm your entries Due to the dynamic IP address of the bintec RS120 the VPN IPSec tunnel can only be set up in one direction i e branch gt head office The tunnel must always be active so that the connection of both locations can be used For this go to the following menu 1 Go to VPN gt IPSec gt IPSec Peers cg gt Advanced Settings orkshops Excerpt Phase 1 Profiles Phase 2 Profiles XAUTH Profiles IP Pools Options Peer Parameters Administrative Status Sup O Down Description Zentrale Peer Address 212 212 212 1 IPV4 Address E Peer ID 212 212 212 1 Preshared Key oo gt Interface Routes IP Address Assignment
11. Virtual Router gt New Router IP Address Routing gt BRRP gt Virtual Router gt New Virtual router ID Routing gt BRRP gt Virtual Router gt New Virtual router priority Routing gt BRRP gt Virtual Router gt New Ethernet interface Routing gt BRRP gt Virtual Router gt New Router IP Address Routing gt BRRP gt Virtual Router gt New Virtual router ID Routing gt BRRP gt Virtual Router gt New Virtual router priority Routing gt BRRP gt Virtual Router gt New Ethernet interface Routing gt BRRP gt Virtual Router gt New Router IP Address Routing gt BRRP gt Virtual Router gt New Virtual router ID Routing gt BRRP gt Virtual Router gt New Virtual router priority Routing gt BRRP gt Virtual Router gt New Ethernet interface Routing gt BRRP gt Virtual Router gt New Router IP Address Routing gt BRRP gt Virtual Router gt New Virtual router ID Routing gt BRRP gt Virtual Router gt New Virtual router priority Routing gt BRRP gt Virtual Router gt New Enable BRRP configuration Field Enable BRRP Menu Routing gt BRRP gt Options bintec elmeg GmbH Value e g en1 0 e g 192 168 0 254 DD 299 5255 40 e g 1 254 e g en1 4 GG 212 212 212 299 9 LID LIDO ALO e g 2 254 e g en1 0 e g 192 168 0 254 299 293 299 5 0 e g 1 100 e g enl 4 G
12. the BRICKware which you can install from the bintec Companion CD Start fer tele press P the TFTP server by pressing the key combination CTRL T in DIME Tools Fig 1 9 DIME Tools TFTP Server To assign the TFTP server a directory e g for saving files you can enter your chosen path under Configuration gt TFTP Server Workshops Excerpt 3 Services Time controlled Tasks 3 3 Overview of configuration steps Daily reboot Field Menu Description Local Services gt Scheduling gt Time Schedule gt New Select action Local Services gt Scheduling gt Time Schedule gt New Condition Type Local Services gt Scheduling gt Time Schedule gt New Condition Settings Local Services gt Scheduling gt Time Schedule gt New Start Time Local Services gt Scheduling gt Time Schedule gt New Schedule Interval tions Suspending the WLAN interface Field Menu Description Local Services gt Scheduling gt Time Schedule gt New Select action Local Services gt Scheduling gt Time Schedule gt New Select interface Local Services gt Scheduling gt Time Schedule gt New Condition Type Local Services gt Scheduling gt Time Schedule gt New Condition Settings Local Services gt Scheduling gt Time Schedule gt New Start Time Local Services gt Scheduling gt Time Schedule gt New Stop Time Local Services gt Sche
13. which the action is to be executed Stop Time Specify the time at which the action is to be terminated Proceed as follows 1 Under Description enter Wireless LAN 2 Under Select Action select Deactivate WLAN 3 Under Select Interface choose Funkwerk ec vss1 0 for example 4 Select the Condition Type Periods 5 In the Condition Settings field select Saturday Sunday 6 Enter the time under Start Time Hour 00 Minute 00 7 Enter the time under Stop Time as follows Hour 23 Minute 59 8 Confirm with OK 3 2 3 Monthly configuration backup You want to backup your configuration on the first day of every month on a TFTP server Go to the following menu for this 1 Goto Local Services gt Scheduling gt Time Schedule gt New Save configuration Time Schedule Options System Manaoga me th eis a a Basic Parameters Wireless LAN Description Configuration ROO Action PO _ T Select action l Trigger configuration backup Firewall Y TFTP Server 192 168 0 2 a TFTP File Name 1232bw cfg Local Services ut Select time interval aS Condition T Condition Setti DynDHS Client ondion Type nes DHCP Server Oweekd ay Web Filter Time Condition O Periods a CAPI Server Day of Month a Scheduling 1 Surveillance ISDH Theft Protection Start Time Hour 00 Minutej00 Funkwerk Discovery 2 g AAA Stop Time Hour 00 Minutej05 q oK Cancel Fig 18 Lo
14. your network environment DNS WINS Server As from the following options signment 7 e None The gateway issues no DNS server IP addresses with As DHCP Server this setting e Own IP address The gateway assigns its own IP address as DNS e Global DNS Setting The gateway assigns the IP ad dresses as DNS which you have configured or assigned dy namically in the Local Services gt DNS gt Global Settings menu You can normally keep the Own IP Address setting for As DHCP Server 1 2 2 Configuration as DHCP Client The gateway has the possibility of obtaining its own IP address dynamically from a DHCP server at an Ethernet interface Go to the following menu to configure your Ethernet interface to DHCP client mode Workshops Excerpt bintec elmeg GmbH 1 Services DHCP 1 Goto LAN gt IP Configuration gt Interfaces gt lt en1 4 gt gt p Save configuration Interfaces tants 4 Basic Parameters Address Mode Ostatic DHCP IP Configuration IP Address Netmask VLAN IP Address Netmask Wiass LAN ls Networking Interface Mode untagged O Tagged VLAN Routing Protocols y MAC Address 00 00 9 23 93 4c v Use built in Multicast sl WAN Advanced Settings ee e a DHCP MAC Address JUse built in a cerrara v P DHCP Hostname Local Services nA DHCP Broadcast Flag Enabled pS ezel Proxy ARP Enabled External Reporting y TCP MSS Clamping Enabled
15. 2 timeout in state BACKUP 19 47 55 INFO BRRP vr 2 acquire master state 19 47 55 NOTICE BRRP vr 2 now in master state 19 47 55 INFO BRRP vr 2 router ifc enl 4 1 up 5 2 4 Synchronisation of the virtual routers Up until the current configuration stage two virtual routers were created respectively on each of the bintec RT1202 access to the local network and access to the Internet The status of both routers must be synchronised per gateway The following configuration step shall ensure that virtual router 1 always has the same status as virtual router 2 This step must be configured identically on both bintec RT1202 For this go to the following menu 1 Go to Routing gt BRRP gt VR Synchronisation gt New Monitoring VR Interface Monitoring Mode BRADY Virtual Router 1D E a Synchronisation VR Interface j p IN ml Synchronisation Mode Bare Y o Virtual Router ID Ga 4 oK JC Cancel Fig 46 Routing gt BRRP gt VR Synchronisation gt New Proceed as follows in order to synchronise the routers kshops Excerpt bintec elmeg GmbH 5 Automatic Router Backup Redundancy with BRRP for an Internet VPN gateway 1 Under Monitoring VR Interface select the Virtual Router ID 7 2 Under Monitoring VR Interface select the Virtual Router ID 2 3 Confirm with OK Following that synchronise the second router by selecting Rout
16. 2 can be reached Dime Manager DER Maintenance Services Settings About CE devices Interval min 1 results Devices Files a M A Davies 16 0840 1549 4 Product Device Name IP Address R3002 13002 192 168 9 4 IP Settings O MAL Address N0 AN E9 21 EF FF VETTA Action Firmware IP Settings Static IP address 0 0 0 0 192 168 0 1 255 255 255 0 r3002 7 9 Rev 5 Beta 3 6 2 12 Workshops Excerpt Device Name 13002 Current Password seseeeee New Password Show passwords in clear text 6 2 7 7 9 Rev 5 Beta 3 7 9 Rev 5 Beta 3 7 9 Rev 5 Beta 3 IP ess 00 A0 F9 21 EE EE IP configuration gt R3002 IP Address 192 168 0 1 RN2BBA009500027 IP Address Mode Static IP address v j Io Subnet Mask 255 255 255 0 Gateway 0 0 0 0 10 44 38 AM sibl HTTPS amp MULTICAST Success o o Unsecure Password ld Save configuration permanently i Success Al OK v 0K O Verity Cancel Fig 21 Dime Manager 4 2 2 Configuration of Internet access via the GUI Assistant Configuration of an Internet access has to be done GUI via an Assistant The gateway Internet connection can be set up in a few steps via the Assistant For this go to the following menu 1 Goto Assistants gt Internet Access gt Internet Connections gt New 2 Select the Connector Type e g Internal ASDL Mod
17. DN Login Type UMTS HSDPA HSUPA gt pl Fallback Number Physical Interfaces gt UMTS HSDPA gt e g 4991196731550 UMTS HSDPA HSUPA gt p Workshops Excerpt
18. G 2122122121 299 gt LDS 5 ZOD 5 BLE e g 2 100 Value Enabled Synchronisation of the virtual routers Field Menu Value Routing gt BRRP gt VR Synchronisa 1 Monitoring mode tion gt New Virtual router ID Routing gt BRRP gt VR Synchronisa 2 Synchronisation tion gt New mode Virtual router ID Routing gt BRRP gt VR Synchronisa 2 Monitoring mode tion gt New Virtual router ID Routing gt BRRP gt VR Synchronisa 1 Synchronisation tion gt New mode Virtual router ID Workshops Excerpt Chapter 6 Services Remote Maintenance for a bintec RS232bu UMTS Gateways Using GSM GPRS Dial In 6 1 Introduction This chapter will use the example of a bintec RS232bu gateway to show a remote main tenance option using GSM GPRS dial in The bintec RS232bu gateway establishes an Internet connection using the internal UMTS HSPA modem To enable the dial in for re mote maintenance purposes without using the Internet you need to switch the integrated UMTS HSPA modem from the UMTS service to the GSM GPRS network This UMTS fallback function is initiated by a remote phone call After the integrated UMTS HSPA modem has been logged into the GSM GPRS network a connection to the remote main tenance service from a different bintec ISDN gateway can be established using the ISDN login service Alternatively an ISDN remote access connection PPP dial in can be estab l
19. Monitoring A oK Cancel Fig 8 LAN gt IP Configuration gt Interfaces gt lt en1 4 gt gt pl Relevant fields in the Interfaces menu Field Meaning Address mode Select DHCP to obtain an IP address as client via the interface Additional configuration parameters can be found under Advanced Settings Relevant fields in the menu Advanced Settings Field Meaning DHCP MAC Address If you expect an IP address from a certain DHCP server you can enter its MAC address here Proceed as follows to configure the gateway as a DHCP client 1 Set Address Mode to DHCP 2 Confirm with OK Now you should receive all the important configuration parameters like IP address gate way and DNS from your DHCP server 1 2 3 Configuring a DHCP relay server If the gateway for the local network does not distribute any IP addresses to the clients by DHCP it can still forward the DHCP requests on behalf of the local network to a remote DHCP server The DHCP server then assigns the gateway an IP address from its pool which in turn sends this to the client in the local network The settings for a DHCP relay server can be modified in the following submenu 1 Goto Local Services gt DHCP Server gt DHCP Relay Settings DHCP Pool IP MAC Binding DHCP Relay Settings Basic Parameters Primary DHCP Server 192 168 1 2 Secondary DHCP Server 0 0 0 0 4 OK Cancel Fig 9 Local Services gt DHCP Server gt
20. N gt Next Preshared Key Assistant gt VPN gt Next Local IP Address IP Address of Re mote Network Assistant gt VPN gt Next Assistant gt VPN gt Next Netmask Assistant gt VPN gt Next Configuration of gateway in branch bintec RS120 Field Menu IP address Dime Manager gt IP Settings Configuration of Internet access branch Field Menu Connector Type Assistant gt Internet Access gt New Description Assistant gt Internet Access gt Next bintec elmeg GmbH Value Internal ADSL Mo dem ADSL ClO Gerais alia Home e g 0000111111 0001 t online de eG superseereeges heimkey Enabled Value IPSec LAN to LAN connection branchl GC 212 212 212 4 e g branchl eng supersectetges heimkey 192 108 00 1 192 Loe O DIT BI 5259 510 Value e g 192 168 1 1 Value External xDSL Mo dem ADSL bintec elmeg GmbH 4 Services Prioritisation of a VPN IPSec connection ahead Field Menu Physical Ethernet Assistant gt Internet Access gt Next Port Internet Service Pro Assistant gt Internet Access gt Next vider User Name Assistant gt Internet Access gt Next Password Assistant gt Internet Access gt Next Always Active Assistant gt Internet Access gt Next Configuration of VPN IPSec access branch Field Menu Connector Type Assistant gt VPN gt New Description Assistant gt VPN gt Next Local IPS
21. ODEM usbTTYO Network Registration in progress 10 DEBUG MODEM usbTTYO Network Receive Signal Level 79 dB 10 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 INFO MODEM usbTTYO Registered 26201 Telekom de AcT UMTS 10 INFO MODEM usbTTYO Registered 26201 T Mobile D AcT GSM 10 INFO MODEM usbTTYO PLMN T Mobile D Home LAC 4427 CID OODO1EA AcT GSM 6 4 Dial in by ISDN login from a different bintec ISDN gateway After the UMTS fallback has been done and the bintec RS232bu gateway is registered in the GSM GPRS network incoming data connections can be made To do this an ISDN data connection must be initiated on the caller s side using the V 110 protocol In this chapter an ISDN login connection to bintec RS232bu remote maintenance will be estab lished from a different bintec ISDN router After logging in the familiar console commands such as the Setup tool can be used for remote maintenance r3002 gt isdnlogin 01713315981 v110_9600 Trying Establishing B channel Connected to 01713315981 Connected to R3232bu rs232bu from ISDN telephonnumber 4991196730 Service modem 9600 bps Welcome to RS232bu version V 7 10 Rev 1 IPSec from 2011 08 02 00 00 00 systemname is rs232bu location Login admin Password Password not changed Call setup for quick configuration rs232bu gt setup Debug messages during the incoming ISDN login connection rs232bu gt de
22. S fallback will be initiated To do this go to the following menu 1 Goto Physical Interfaces gt UMTS HSDPA gt UMTS HSDPA HSUPA gt pl Workshops Excerpt Basic Settings UMTS HSDPA HSUPA Status MEnabled Ss Modem Status Active Actual Network UMTS 1 Network Quality m 69 dBm al me ENNE Preferred Network Type Automatic ka Incoming Service Type O Disabled ISDN Login PPP Dialin O 1PSec SIM Card Uses PIN eccccese Fallback Number 499119731414 APN Access Point Name intemettmobile 4 OK J C Cancel 28 Fig 50 Physical Interfaces gt UMTS HSDPA gt UMTS HSDPA HSUPA gt Proceed as follows to configure the UMTS fallback number 1 For Incoming Service Type select ISDN Login Alternatively the PPP Dialinop tion can be used to enable an IP connection 2 For Fallback Number enter the telephone number from which the UMTS fallback call is to be initiated e g 4991196731550 3 Confirm with OK 6 3 Test the UMTS fallback with an incoming voice connection The default behaviour is that the bintec RS232bu gateway establishes an Internet con nection via the UMTS network By means of a voice call fallback number the gateway logs into the GSM GPRS network and enables incoming data connections Debug messages for the UMTS fallback Workshops Excerpt rs232bu gt debug all 10 49 56
23. Static 3 Default Route C Enabled Local IP Address 192 168 1 1 Remote IP Address Netmask Metric Cada Advanced Settings Advanced IPSec Options Phase 1 Profile wzike 1 d Phase 2 Profile Multi Proposal B XAUTH Profile Number of Admitted Connections 6 One User Multiple Users Start Mode On Demand Always up Advanced IP Options Back Route Verify DEnabled Proxy ARP Inactive Oup or Dormant O up only 4 oK JC Cancel Fig 28 VPN gt IPSec gt IPSec Peers gt gt Advanced Settings Proceed as follows to configure the VPN IPSec tunnel 1 Set Start Mode to Always active 2 Leave all other settings unchanged and confirm your entries with OK 4 3 Testing the VPN connection At the current configuration stage the Internet access is set up on both gateways and the VPN tunnel to the location coupling can already be used The VPN tunnel can be tested with the ping test between both gateways Workshops Excerpt 4 4 Prioritisation of the VPN tunnel on the branch gateway ahead of other Internet traffic The bintec R3002 Internet access head office is also used for other Internet services alongside the VPN tunnel The site networking should have a higher priority than other In ternet traffic As a result the required protocols for the VPN connection IKE ESP NAT Traversal are prioritised QoS Quality of Service is configured here 4 4 1 Creation of QoS fi
24. Steps o ao a ee 59 Workshops Excerpt Workshops Excerpt Chapter 1 Services DHCP 1 1 Introduction The configuration of Dynamic Host Configuration Protocol DHCP is described in the fol lowing chapters You can use your device as a DHCP server DHCP client or DHCP relay agent Configuration in this scenario is carried out using the GUI Graphical User Interface Host Dynamic IP Address bintec RS232bw Port1 192 168 0 1 DHCP server 4 Host Dynamic IP Address Fig 2 Example scenario as a DHCP server Workshops Excerpt Host Dynamic IP Address bintec RS232bw Port1 Dynamic ETH IP Address 192 168 1 1 24 Dynamic IP Address DHCP server 4 192 168 1 2 24 Fig 3 Example scenario as a DHCP client Workshops Excerpt Host Dynamic IP Address bintec RS232bw Port 192 168 0 1 DHCP relay server y ETH 192 168 1 1 24 Dynamic IP Address 192 168 1 2 24 Fig 4 Example scenario as a DHCP relay server Requirements The following are required for the configuration Boot image from version 7 10 1 e An optional DHCP server 1 2 Configuration 1 2 1 Configuring as a DHCP server If you wish to assign an IP address to the client computers in the network dynamically through your gateway you must configure it as a DHCP server To activate your device as a DHCP server you must first define IP address pools from whic
25. bintec elmeg Teldat Group Company HEHE an Manual Workshops Excerpt Services Workshops Copyright Version 10 2013 bintec elmeg GmbH Workshops Excerpt Manual bintec elmeg GmbH Legal Notice Aim and purpose This document is part of the user manual for the installation and configuration of bintec elmeg devices For the latest information and notes on the current software release please also read our release notes particularly if you are updating your software to a higher release version You will find the latest release notes under www bintec elmeg com Liability This manual has been put together with the greatest possible care However the information con tained in this manual is not a guarantee of the properties of your product bintec elmeg GmbH is only li able within the terms of its conditions of sale and supply and accepts no liability for technical inac curacies and or omissions The information in this manual can be changed without notice You will find additional information and also release notes for bintec elmeg devices under www bintec elmeg com bintec elmeg devices make WAN connections as a possible function of the system configuration You must monitor the product in order to avoid unwanted charges bintec elmeg GmbH accepts no re sponsibility for data loss unwanted connection costs and damage caused by unintended operation of the product Trademarks bintec elmeg trademarks and the binte
26. bug all 10 50 41 DEBUG USB usbTTYO serial state notification ring ind 10 50 41 DEBUG MODEM usbTTYO switch state P1 gt RO 10 50 41 INFO MODEM usbTTYO Data call from 4991196730 data mode state incoming 10 50 41 DEBUG MODEM usbTTYO Modem incomming call from lt 4991196730 gt 10 50 41 DEBUG PPP dialin from lt 4991196730 gt to local number lt 6001 gt 1 2 10 50 41 INFO ISDN isdnlogind accept call from lt 4991196730 gt 10 50 41 DEBUG MODEM usbTTYO switch state Ri gt 40 10 50 41 DEBUG MODEM usbTTYO attach to channel 1 incoming 10 50 43 INFO MODEM usbTTYO Accept call from 4991196730 gt CONNECT 9600 10 50 43 DEBUG MODEM usbTTYO switch state D1 gt D1 10 50 43 DEBUG USB usbTTYO get DCD on ch 3 10 50 55 INFO ACCT LOGIN as admin from ISDNLOGIN 4991196730 at Mon Aug 1 10 50 55 2011 ops Excerpt 6 5 Overview of Configuration Steps Configure the UMTS Internet connection Field Menu Value Connector Type Assistant gt Internet Access gt New UMTS Description Assistant gt Internet Access gt Next T Mobile UMTS GPRS UMTS Inter Assistant gt Internet Access gt Next Slot 6 Unit 0 UMTS face Internet Service Pro Assistant gt Internet Access gt Next e g T Mobile UMTS vider UMTS PIN Assistant gt Internet Access gt Next e g 0000 Configure the UMTS fallback number Field Menu Value Incoming Service Physical Interfaces gt UMTS HSDPA gt IS
27. c elmeg logo bintec trademarks and the bintec logo elmeg trademarks and the elmeg logo are registered trademarks of bintec elmeg GmbH Company and product names mentioned are usually trademarks of the companies or manufacturers concerned Copyright All rights reserved No part of this manual may be reproduced or further processed in any way without the written consent of bintec elmeg GmbH The documentation may not be processed and in particu lar translated without the consent of bintec elmeg GmbH You will find information on guidelines and standards in the declarations of conformity under www bintec elmeg com How to reach bintec elmeg GmbH bintec elmeg GmbH S dwestpark 94 D 90449 Nuremberg Germany Phone 49 911 9673 0 Fax 49 911 688 07 25 Teldat France S A S 6 8 Avenue de la Grande Lande F 33174 Gradignan France Phone 33 5 57 35 63 00 Fax 33 5 56 89 14 05 Internet www teldat fr Table of Contents Chapter 1 Services DHCP 0 00 eee ee eee 1 1 1 Introduction 2 aoa aoa osa on n a 1 1 2 Configuration gs s Ak e e e GAS ee o oe Be de Es 3 1 2 1 Configuring as a DHCP server 2 2 2 ee 3 1 2 2 Configuration as DHCP Client en 6 1 2 3 Configuring a DHCP relay server 2 2 2 ee en 7 1 3 Overview of configuration steps 2 2 0 00040 9 Chapter 2 Services DynDNS o o o e 10 2 1 Introduction oaoa a a a 10 2 2 Config r tiolk s se osor
28. cal Services gt Scheduling gt Time Schedule gt New Relevant fields in the Time Schedule menu Field Meaning Description Give the entry a name Select action Select the action you want the gateway to execute TFTP Server Enter the IP address of the TFTP server TFTP File Name Enter the name of the configuration on the server Condition Type Select the frequency with which the action is to be executed Condition Settings Select the day on which the action is to be executed Start Time Specify the time at which the action is to be executed Stop Time Specify the time at which the action is to be terminated Proceed as follows 1 Under Description enter Configuration Workshops Excerpt 2 3 4 5 6 7 8 9 a Note Under Select Action select Trigger Configuration Backup Enter the IP address in the TFTP Server field e g 192 168 0 2 Enter a name under TFTP File Name e g r232bw cfg Select the Condition Type Day of Month In the Condition Settings field select 1 Enter the time under Start Time Hour 00 Minute 00 Enter the time under Stop Time Hour 00 Minute 05 Confirm with OK A monthly configuration backup requires an appropriately configured TFTP server Checking the TFTP server The TFTP server is used to transfer files between gateway and computer e g for configur ation management Make sure that the TFTP server is operating properly by opening DIME Tools included in
29. ddress to the client as the DHCP server and not only sends the IP address of the gateway to the client but also the IP address of the DNS server Use the following menu item to determine which IP address the gateway sends to the client as the DNS server address 1 Go to Local Services gt DNS gt Global Settings gt Advanced Settings Workshops Excerpt Save configuration Global Settings Static Hosts Domain Forwarding Cache Statistics CI eee Porameters LAN Domain Name Pp AAA DNS Server Configuration Dynamic O Static Primary 0 0 0 0 ef wins server Multicast A Secondary 0 0 0 0 VEN es Advanced Settings Positive cache enabled o cache cabled Dus Cache Size 100 Entries HTTPS DynDNS Client Maximum TTL for Positive Cache Entries 86400 Seconds DHCP Server Maximum TTL for Negative Cache Entries 86400 Seconds Web Filter CAPI Server Fallback interface to get DNS server Automatic Scheduling Surveillance As DHCP Server Onone own IP Address Global DNS Setting Se ee IP address to use for DNSAWINS server assignment ISON Then Protection As IPCP Server ONone O Own IP Address Global DNS Setting UPnP HotSpot Gateway Maintenance y oK p Cancel Fig 7 Local Services gt DNS gt Global Settings gt Advanced Settings Relevant fields in the Advanced Settings menu Selection Meaning IP Address to use for Select the most suitable method for
30. duling gt Time Schedule gt New Monthly configuration backup Field Menu Description Local Services gt Scheduling gt bintec elmeg GmbH Value e g Reboot Reboot device Periods Daily Hour 00 Minute 00 Local Services gt Scheduling gt Op 5 sec VENTO e g Wireless LAN Deactivate WLAN Funkwerk ec vss1 0 Periods Saturday Sunday Hour 00 Minute 00 Hour 23 Minute 59 VENTO e g Configuration Field Select action TFTP Server TFTP File Name Condition Type Condition Settings Start Time Stop Time Menu Time Schedule gt New Local Services gt Scheduling gt Time Schedule gt New Local Services gt Scheduling gt Time Schedule gt New Local Services gt Scheduling gt Time Schedule gt New Local Services gt Scheduling gt Time Schedule gt New Local Services gt Scheduling gt Time Schedule gt New Local Services gt Scheduling gt Time Schedule gt New Local Services gt Scheduling gt Time Schedule gt New VENTO Trigger configura tion backup e g 192 168 0 2 SA LION Cie Day of Month e g 1 Hour 00 Minute 00 Hour 00 Minute 05 Workshops Excerpt Chapter 4 Services Prioritisation of a VPN IPSec connection ahead of other Internet traffic 4 1 Introduction A bintec R3002 gateway is located in the head office of a company This gateway is con nected to the Internet via an
31. e VPN IPSec tunnel on the branch gateway 30 4 3 Testing the VPN connection 2 2 2 ee 32 4 4 Prioritisation of the VPN tunnel on the branch gateway ahead of other Internet o NA 33 4 4 1 Creation of QoS filters o o a a 0 33 4 4 2 Assignment of QoS filter to QoS class or high priority class 34 4 4 3 Enabling QoS on the WAN interface 2 2 36 4 4 4 QOS Monitoring tuto o A A Ae Oe So 37 4 5 Overview of Configuration Steps o o a ee 37 Chapter 5 Automatic Router Backup Redundancy with BRRP for an In ternet VPN gateway o e 42 5 1 Introductions sia a e al an a 42 5 2 Configuration Ter e o 43 5 2 1 Configuration of the Advertisement and Management IP address 43 5 2 2 Configuration of the virtual router o 46 5 2 3 Enabling of BRRP configuration a a a a a 48 5 2 4 Synchronisation of the virtual routers 50 5 3 Overview of Configuration Steps 51 Workshops Excerpt Chapter 6 Services Remote Maintenance for a bintec RS232bu UMTS Gateways Using GSM GPRS Dial In 54 6 1 Introduction 2 so soso Be de eS et es 54 6 2 Configuration sica a PA a aa ae a vw 55 6 3 Test the UMTS fallback with an incoming voice connection 57 6 4 Dial in by ISDN login from a different bintec ISDN gateway 58 6 5 Overview of Configuration
32. e exchange of BRRP status messages ps Excerpt Address Mode Gateway Hostname IP Address Subnet Mask B Misc Company Name Device Name Firmware Location MACAddress Monitoring Ping Device Product Serial Number El States Ambiguous IP Address Data set via MULTICAST Discovered TP configuration possible Login Static IP address 0 0 0 0 10 10 10 1 255 255 255 0 Unknown rt1202 V 7 9 Rev 5 Beta 4 V 7 9 Rev 1 Beta 2 V 7 9 Rev 5 Beta 4 V 7 9 Rev 5 Beta 4 I 12 28 19 PM HTTPS amp MULTICAST Address Mode Fig 38 Dime Manager Then both gateways can be reached via GUI and the Advertisement IP addresses of the WAN interface Eth5 can be set In the next step the WAN Advertisement IP address is assigned to the gateway along with the netmask 1 Go to LAN gt IP Configuration gt Interfaces gt p Basic Parameters Address Mode Ostatic O DHCP IP Address Netmask IP Address Netmask 10 10 11 1 255 255 255 252 m Interface Mode untagged O Tagged VLAN MAC Address Use buitt in Advanced Settings C OK JC Cancel Fig 39 LAN gt IP Configuration gt Interfaces gt pl Proceed as follows in order to configure the ETH5 interface of the first gateway 1 Under IP Address Netmask enter the WAN Advertisement IP address 10 10 11 1 along with the netmask 255 255 255 252
33. ec ID Assistant gt VPN gt Next Remote IPSec ID Assistant gt VPN gt Next Preshared Key Assistant gt VPN gt Next Local IP Address Assistant gt VPN gt Next IPSec Peer Address Assistant gt VPN gt Next IP Address of Re Assistant gt VPN gt Next mote Network Netmask Assistant gt VPN gt Next Prioritisation of VPN tunnel Field Menu VPN gt IPSec gt IPSec Peers gt p gt Advanced Settings Start mode Creation of QoS filters Field Menu Description Routing gt QoS gt QoS Filter gt New Protocol Routing gt QoS gt QoS Filter gt New Destination port range Routing gt QoS gt QoS Filter gt New of other Internet traffic Value e g ETH5 e g Germany T Home e g LAAN MAE 222 22200 01 t online de e g supersecretge heimkey Enabled Value IPSec LAN to LAN connection Head Office e g branchl GC 212 212 212 il eng supersectetges heimkey 192 109 Ho dl 212 212 212 1 192 1685050 BIO 5 259 5259 50 Value Always Active Value IKE udp 500 4 Services Prioritisation of a VPN IPSec connection bintec elmeg GmbH ahead of other Internet traffic Field Menu Value Source Port Range Routing gt QoS gt QoS Filter gt New 500 DSCP TOS Routing gt QoS gt QoS Filter gt New Ignore Description Routing gt QoS gt QoS Filter gt New ESP Protocol Routing gt QoS gt QoS Filter gt New esp Desc
34. eed as follows to configure a new Internet connection 1 Under Description enter e g ADSL 2 For the Internet Service Provider select e g Germany T Home 3 Under User Name enter the access data you received from your provider 4 Enter the Password you received from your provider 5 So that the static WAN IP address of the head office VPN gateway can always be reached by the branch gateway the option Always active must be set 6 Press OK to confirm your entries 4 2 3 Configuration of the VPN IPSec access of the first branch via the GUI Assistant The VPN IPSec setup can also be configured with the Assistant in the same manner as when setting up the Internet access For this go to the following menu 1 Goto Assistants gt VPN gt VPN Connections gt New 2 For VPN Scenario select the 1PSec LAN LAN Connection 3 Click on Next to set up a new VPN connection orkshops Excerpt Enter the required data for the connection Selected scenario IPSec Scenario LAN to LAN Connection Connection Details E Description filiale Local IPSec ID 212 212 212 1 Remote IPSec ID filale1 Preshared Key jeoccccccce Local IP Address 192 168 0 1 Define this connection as defaultroute C Enabled Enter IP settings IPSec Peer Address I IP Address of Remote Network Subnet Mask 192 168 1 0 255 255 2 55 0 C OK JC Ca
35. em 3 Click on Next to configure a new Internet connection Enter the required data for the connection Description ADSL Select your Internet Service Provider ISP fromthe ist Internet Service Germany T Horne 5 Provider Enter the authentication data for your Internet account UserName 0000111111 0001 t online de Always active M Enabled p lt cancel gt Password e Select the co nection mode AA define a custom Internet connection Different settings are required depending on the choice al ISP Data for Internal ADSLISHDSL Modem For Internet access you must set up a connection to your Internet Service Provider ISP Follow your provider s instructions _ Description Enter a description for the Internet connection You can select one of the predefined ISPs or you make for the ISP or the user defined connection protocol Internet Service Provider Select your ISP or define a customized provider by choosing User defined via the required connection protocol PPPoE PPP over Ethernet PPPoA PPP over ATM ETHoA Ethernet over ATM or IPoA IP over M When establishing an Internet connection you are normally prompted for authentication by the ISP A user name and a password are normally used for authentication You can 5 Fig 22 Assistants gt Internet Access gt Internet Connections gt Next Proc
36. equired depending on the choice you make for the ISP _ Internet Service Provider Select your ISP or define a customized provider by choosing User defined Some ISPs require a VLAN ID VLAN Y a e oK IC Cancel J Fig 26 Assistants gt Internet Access gt Internet Connections gt Next Proceed as follows to configure a new Internet connection 1 Under Description enter e g ADSL 2 Under Physical Ethernet Port select ETHS 3 For the Internet Service Provider select e g Germany T Home 4 Under User Name enter the access data you received from your provider 5 Enter the Password you received from your provider 6 In the Always active field specify whether or not the Internet connection should al ways be on Only activate this option if you have Internet access with a flatrate 7 Press OK to confirm your entries 4 2 6 Configuration of the VPN IPSec tunnel on the branch gateway The GUI Assistant makes the VPN configuration on the branch gateway easier as well For this go to the following menu 1 Goto Assistants gt VPN gt VPN Connections gt New 2 For VPN Scenario select the 1PSec LAN LAN Connection 3 Click on Next to set up a new VPN connection Enter the required data for the connection orkshops Excerpt ia Selected scenario z IPSec LAN to LAN Connection IPSec Scenario LAN to LAN Connection Enter the requ
37. ervices gt Scheduling gt Options 3 2 2 Suspending the WLAN interface Generate another entry to disable the WLAN interface on Saturday and Sunday Go to the following menu for this 1 Go to Local Services gt Scheduling gt Time Schedule gt New Workshops Excerpt bintec elmeg GmbH 3 Services Time controlled Tasks Save configuration Time Schedule Options lem Man nt i Physical Interfaces nA LAN ans Basic Parameters Wireless LAN uy Description Wireless LAN Routing 7 Action WAN i Select action Deactivate WLAN v VEN ennem Firewall Select interface Funkwerk ec vss1 0 Y op X Select time interval Local Services a Condition Type Condition Settings pro DNS O Weekday pun0tis Client Time Condition eriods DHCP Server O Day of Month Saturday Sunday Web Filter CAPI Server Echeckding Start Time Hour 00 Minute 00 Surveillance ISDH Theft Protection Stop Time Hour 23 Minute 59 Funkwerk Discovery UPnP OK Cancel Fig 17 Local Services gt Scheduling gt Time Schedule gt New Relevant fields in the Time Schedule menu Field Meaning Description Give the entry a name Select action Select the action you want the gateway to execute Select interface Select the interface you wish to enable or suspend Condition Type Select the frequency with which the action is to be executed Condition Settings Select the day on which the action is to be executed Start Time Specify the time at
38. gs Field Meaning Gateway Here you can specify whether the gateway is to be used as a default gateway or can enter a gateway IP address if the gate way is not to be used as a default gateway Lease Time The length of time in minutes that the client can keep the IP ad dress Proceed as follows to configure your gateway as a DHCP server 1 Select your LAN interface for Interface e g en1 0 2 Enter the first and last IP addresses from your LAN under IP Range e g 192 168 0 2and 192 168 0 10 3 In Pool Use select Local 4 Under Gateway select Use gateway as router 5 Leave the Lease Time setto 120 6 Confirm with OK The GUI offers a facility for checking whether or not IP addresses are assigned to clients from the DHCP pool and if so which addresses are involved To check who has received an IP address select the following menu options 1 Goto Local Services gt DHCP Server gt IP MAC Binding DHCP Pool IP g DHCP Relay Settings View feo per page EJE Fiter in None w equal y IP Address Description MAC Address Remaining Lease Time Static Binding ani 192 168 0 3 BigBoss 00 20 19 09 87 61 E Enabled mi Page 1 tems 1 1 j C New OK JC Cancel DynDNS Client Fig 6 Local Services gt DHCP Server gt IP MAC Binding Here you obtain all the important information concerning the issue of IP addresses from the DHCP pool The gateway assigns an IP a
39. h the IP addresses are distributed to the requesting clients For this go to the following menu Workshops Excerpt 1 Services DHCP bintec elmeg GmbH 1 Goto Local Services gt DHCP Server gt DHCP Pool gt New Save configuration DHCP Pool IP MAC Binding DHCP Relay Settings Assistants System Management Physical Interfaces LAN Wireless LAN Networking Rosina Bretocots Mutticast WAN VPN Firewall Basic Parameters IP Pool Name Interface en1 0 Y IP Address Range ha2 168 0 2 192 168 0 10 Pool Usage Local E Advanced Settings Gateway Use router as gateway Y VolP Local Services Option Value DAS DHCP Options HTTPS Add DynDHS Client DHCP Server OK Cancel Web Filter Lease Time 120 Minutes gt Ea me i i A a a pa ES Es ES Fig 5 Local Services gt DHCP Server gt DHCP Pool gt New Relevant fields in menu DHCP Pool Field Meaning Interface Here you select the interface via which the IP addresses are to be distributed by DHCP IP Address Range Enter the first and last IP addresses to be assigned by DHCP Pool Usage Specify whether the IP pool is used for DHCP reguests in the same subnet or for DHCP reguests that have been forwarded to your device from another subnet In this case it is possible to define IP addresses from another network Additional configuration parameters can be found under Advanced Settings Relevant fields in the menu Advanced Settin
40. hen allocated to the class with the highest priority Select the Interface via which the prioritised data is to be sent e g ADSL Confirm with OK For each QoS Filter the QoS class assignment High Priority Class must be done separ ately When assigning the remaining QoS filters ESP NAT T_1 and NAT T_2 the class map 1 is set to the newly created VPN IPSec entry For this go to the following menu Go to Routing gt QoS gt QoS Classification gt New Basic Parameters Class map VPN IPSec c Mis Crowes ter ESP gt ca era a CI o A 4 OK J C cancer Fig 32 Routing gt QoS gt QoS Classification gt New Proceed as follows to assign additional QoS filter to the class map Workshops Excerpt 1 2 3 4 5 Select the Class map e g VPN IPSec which the QoS filter should be asigned Select the next Filter e g ESP For Direction select Outgoing Enable the High Priority Class Press OK to confirm your entries Assign all generated QoS filters to the new class map VPN IPSec Results Qos Filter QoS Classification QoS Interfaces Policies QoS Classification Description Assigned Interface Filter Assigned Class ID Direction VPN IPSec ADSL la IKE HP Outgoing m el ESP HP Outgoing m e C NATTA rT DEFER i FO CN Cl outgoing it E Qos C New BRRP
41. ing gt BRRP gt VR Syn chronisation gt New 1 Under Monitoring VR Interface select the Virtual Router ID 2 2 Under Monitoring VR Interface select the Virtual Router ID 7 3 Confirm with OK Results Save configuration Assistants Virtual Routers VR Synchronisation Options E E System Management e CAN es Routing Monitoring VR Monitoring Interface Synchronisation VR Synchronisation Interface Action 1 en1 0 1 2 en1 4 1 Syne m el 2 ent 4 1 1 ent 0 1 Sync m y gt EA a Routes HAT RIP Load Balancing Multicast Qos BRRP Fig 47 Routing gt BRRP gt VR Synchronisation gt New This concludes the configuration To perform a bootable backup of the configuration exit the GUI with Save configuration and confirm with OK 5 3 Overview of Configuration Steps Configuration of the Advertisement and Management IP address Field Menu Value IP address Dime Manager gt IP Settings e g 10 10 10 1 IP address Dime Manager gt IP Settings eg 10 10 10 2 IP configuration Field Menu Value IP Address Netmask LAN gt IP Configuration gt Interfaces e g 10 10 11 1 gt p 255 255 255 252 IP Address Netmask LAN gt IP Configuration gt Interfaces e g 10 10 11 2 gt p 255 255 255 252 5 Automatic Router Backup Redundancy with BRRP for an Internet VPN gateway Configuration of the virtual router Field Menu Ethernet interface Routing gt BRRP gt
42. ing entry click 12 for the respective list item With lll you can delete entries To connect additional locations or VPN remote terminals the Assistant can be run again 4 2 4 Configuration of gateway in head office bintec RS120 The IP configuration of the branch gateway bintec RS120 can be carried out again with the Dime Manager The bintec RS120 is located in the network with the aid of the Dime Manager Then the LAN IP address can be set via the shortcut menu After you have changed the IP address the web interface GUI of the bintec RS120 can be reached ps Excerpt device devices no Deco mn nn Product Device Name IP Address MAC Address Action Firmware 1 Static IP address 192 168 0 254 00 A0 F9 23 9 9 Rev 5 Beta 3 IPSec teway 0 0 0 0 192 168 0 254 255 255 255 0 o IP Settings me si IP Settings 7 9 Rev 5 Beta 3 Device Name 1s120 race 0 0 E 7 9 Rev 5 Beta 3 _ 7 9 Rev 5 Beta 3 _ 7 9 Rev 5 Beta 3 Show passwords in clear text dress 00 A0 F9 23 90 3C IP configuration pad SR1AAA009400007 IP Address 192 168 1 1 IP ddess Mode Static IP address Subnet Mask 255 255 255 0 Gateway 0 0 0 0 New Password Success Unsecure Password a Save configuration permanently o Lo ves conc Fig 25 Dime Manager 4 2 5 Configuration of Internet access via the GUI Assistant
43. insufficient the non prioritised data is deferred and preference is given to VPN data 1 Go to Monitoring gt QoS Save configuration Qos QoS Interface QoS Queue Send Dropped Queued ADSL High Priority 12344 o unpriorized 12611 11506 19 Ll Internal Log IPSec ISDH Modem Interfaces HotSpot Gateway Qos Fig 35 Monitoring gt QoS This concludes the configuration In order to save the configuration in a bootable manner leave GUI via Save configuration and confirm your selection with OK 4 5 Overview of Configuration Steps Configuration of gateway in head office bintec R3002 Field Menu Value IP address Dime Manager gt IP Settings e g 192 168 0 1 Workshops Excerpt 4 Services Prioritisation of a VPN IPSec connection ahead of other Internet traffic Configuration of Internet access head office Field Menu Connector Type Assistant gt Internet Access gt New Description Assistant gt Internet Access gt Next Internet Service Pro Assistant gt Internet Access gt Next vider User Name Assistant gt Internet Access gt Next Password Assistant gt Internet Access gt Next Always Active Assistant gt Internet Access gt Next Configuration of VPN IPSec access head office Field Menu Connector Type Assistant gt VPN gt New Description Assistant gt VPN gt Next Local IPSec ID Assistant gt VPN gt Next Remote IPSec ID Assistant gt VP
44. intec R3002 e g 192 168 0 1 The VPN tunnel is always set up from the branch to the head office As a result no IPSec Peer Address is set on the bintec R3002 Under IP Address of Remote Network enter the network address of the branch e g 192 168 1 0and the Netmask 255 255 255 0 After confirming the entry the VPN connection can be seen in the list Workshops Excerpt Mode IPSec filiale1 LAN to LAN Connection e ere r n E Page 1 Items 1 1 Fig 24 Assistant gt VPN gt VPN Connections VPN Connections This configuration section guides you through all of the settings required to set up LAN LAN or single client connections as a Virtual Private Network VPN Note The TCP IP settings of the PCs must be changed in both networks standard gateway DNS server any static routes that are required etc so that the PCs Server Printer etc in your local network can be addressed from the remote network The list displays all configured VPN connections indicating the Type of the connection IPSec or PPTP a Description the Mode Single Client Dialin or LAN to LAN and the current status You can change the status by clicking Hor To add a VPN connection press New and follow the instructions After completing a connection configuration you are returned to the list so that you can start setting up further connections To edit an exist
45. ired data for the IPSec Connection Details LAN to LAN connection scenario IPSec Scenario Description Zentrale A reminder of the selected scenario Local IPSec ID filiale 1 As you can configure several VPN connections you must define a description to be able to identify the VPN connection easily Remote IPSec ID 212 212 212 1 Deseription Enter a name for the connection Preshared Key The IPSec partners have to mutually identify f and authenticate in order to establish an Local IP Address 192 168 1 1 2 IPSec connection F Tae A f The identity of the IPSec partner is proven by Define this connection as default route C Enabled a unique ID similar to user name To Enter IP settings establish an IPSec connection each IPSec T gateway must be able to identify the ID of the 212 212 212 1 other gateway Therefore both 1Ds must be ieee paor Adarasg configured on both IPSec gateways The ID can be any name In practice it is usually a IP Address of Remote Network 192 168 0 0 name which clearly explains the connecting km t location Subnet Mask 255 255 255 0 Local IPSec ID _ lt _ T N Z NT NEET r Enter the ID of your own IPSec gateway a L E C OK b e Cancel Fig 27 Assistants gt VPN gt VPN Connections gt Next Proceed as follows to configure a new VPN connection 1 2 3 4 5 6 7 8
46. irtual IP and MAC addresses must be configured so that these IP and MAC addresses can be passed to the backup gateway if a failure occurs The first step is to define the physical Ethernet interfaces the BRRP advertisement interfaces and the IP address via which the master and backup gateways can communicate with each other The gateways are configured via this interface IP address Then a virtual interface and virtual route is created for the LAN and WAN sides This virtual interface and its IP address are both used for traffic The GUI Graphical User Interface is used for configuration Virtual router 1 Virtual router 2 RT1202 eth1 10 10 10 1 24 eth5 10 10 11 1 Virtual interface 212 212 212 1 Virtual interface 192 168 0 254 Internet eth1 10 10 10 2 24 eth5 10 10 11 2 RT1202 Fig 36 Example scenario Workshops Excerpt Requirements e Two bintec gateways with BRRP functionality e g bintec RT1202 e An Internet access that is made via Ethernet and a border router gateway e A switch to connect the Ethernet interface Eth1 to both gateways with the local network e A switch to connect the Ethernet interface Eth5 to both gateways with the border router gateway of the ISP 5 2 Configuration 5 2 1 Configuration of the Advertisement and Management IP address After both networks have been connected with the local network via a switch they can be located by using the Dime Manager
47. ished to the bintec RS232bu When the remote maintenance connection is ended the bintec RS232bu gateway can log back into the UMTS network and establish the Internet connection The GUI is Graphical User Interface used to do the configuration ISDN Gateway e g bintec R3002 bintec RS232bu HZ EN Fig 48 Example scenario Requirements e A UMTS gateway in the bintec RS series e g bintec RS232bu e For this gateway a mobile phone tariff that enables voice and data connections needs to be used Workshops Excerpt e For the UMTS gateway in the bintec RS series a 7 10 1 or later firmware version should be used e For the integrated modem of the UMTS gateway in the bintec RS series the current mo dem firmware must be used link to Release Notes e Atelephone mobile phone to remotely initiate the UMTS fallback e A bintec ISDN gateway e g bintec R3002 to start the remote maintenance connection by ISDN login e An ISDN line with V 110 support to start the remote maintenance connection 6 2 Configuration Configure the UMTS Internet connection The GUI has an Assistant to configure the Internet connection With the Assistant the bintec RS232bu s UMTS Internet connection can be set up in just a few steps To do this go to the following menu 1 Go to Assistants gt Internet Access gt Internet Connections gt New 2 For Connection Type select UMTS 3 Click on Next to configure a new In
48. lows for access to the local network LAN 1 Under Ethernet Interface select en1 0 so that its IP address is created 2 For Router IP Address enter the IP address and the netmask that you wish to use in the local network as the actual gateway IP address e g 192 168 0 254 and LIDAD RO e 3 Under Virtual Router ID select the ID of the first virtual route e g 1 This ID identifies the virtual routerin the LAN and is part of every BRRP advertisement packet that is sent by the current master 4 Under Virtual Router Priority set the priority of the gateway that will take over the master role to 254 5 Press OK to confirm your entries To configure the virtual router to the Internet WAN go to the following menu 1 Go to Routing gt BRRP gt Virtual Router gt New Workshops Excerpt BRRP Advertisement Interface Ethernet Interface IP Address 7 BRRP Monitored Interface Virtual Router Interface Virtual Router IP Address Virtual Router ID 2 Virtual Router Priority 254 v Advanced Settings C OK B Cancel Fig 42 Routing gt BRRP gt Virtual Router gt New Proceed as follows for access to the Internet WAN 1 Under Router IP Address enter the IP address and netmask e g 212 212 212 1 and 255 255 255 248 2 Select the Virtual Router ID e g 2 3 Under Virtual Router Prio
49. lters At the start of the QoS configuration filters are defined that will identify traffic that needs to be prioritised QoS filters must be created for the prioritisation of VPN IPSec connections For this go to the following menu 1 Go to Routing gt QoS gt QoS Filter gt New ter QoS Classification QoS Interfaces Policies Basic Parameters Description IKE a Protocol Cr Destination IP Address Netmask 0 0 0 0 0 0 0 0 Destination PorvRange Specify port ls 500 tofi Multicast A Source IP Address Netmask 0 0 0 0 0 0 0 0 Source PorRange Specify port iS 500 toj 1 DSCP TOS filter Layer 3 Ignore s COS filter 802 1 p Layer 2 o 4 OK cancer Fig 29 Routing gt QoS gt QoS Filter gt New Proceed as follows in order to configure QoS filters 1 For Description enter the description of the filter e g IKE 2 Select the Protocol udp 3 For Destination Port Range select Specify port and enter the destination port number e g 500 4 Under Source Port Range select Specify port and enter the source port number e g 500 5 Leave you DSCP TOS filter Leyer 3 to Ignore 6 Press OK to confirm your entries Workshops Excerpt Following that create additional QoS filters for the ESP and NAT Traversal protocols by us ing the following tables Description Protocol IKE udp ESP esp NAT T_1 udp NAT T_2 udp Destination port range 500 4500
50. n NAT v HAT Specify original traffic Load Balancing Service http 3 Qos Access Rules Source IP Address Netmask Any Y Boutina Rrotosals ca Original Destination IP Address Netmask Any y A Repiecomert voues IS New Destination IP AddressiNetmask Host 0 0 0 0 ne New Destination Port Original 4 a OK cancer Fig 13 Networking gt NAT gt NAT Configuration gt New Relevant fields in the Portforwarding menu Interface This is the connection that the NAT enable should receive Service This is the service you reach from outside the gateway Source IP Address Net Enter the external IP address of the gateway here mask New Destination Port The IP address to which you wish to be forwarded when you reach the gateway Proceed as follows to configure the NAT enable 1 Set the Interface to WAN INTERNET for example Workshops Excerpt 2 Services DynDNS bintec elmeg GmbH 2 Configure the Service to http 3 Under Source IP Address Netmask select Any 4 Leave other settings unchanged and confirm your entries with OK 2 3 Result You have entered the DynDNS provider no IP and your registered a DynDNS name in the gateway The bintec gateway can now also be administrated over the Internet 2 4 Checking the connection Go to the following menu to check that the current IP address is successfully registered with the DynDNS provider 1 Go to Local Services gt DynDNS Client The Status field of thi
51. nDNS Update DynDNS Provider Physicalinterfaces a Basic Parameters PAN Cs Provider Name no IP hs MI Server dynupdate no ip com Rouming Protocols z Pa eee ee Por 80 WANS Protocol DynDNS y pe dy Update Interval 300 Seconds C OK Cancel DUS HTTPS DynDHS Client DHCP Server Fig 11 Local Services gt DynDNS Client gt DynDNS Provider gt New Relevant fields in the DynDNS Provider menu Field Meaning Provider Name Give the provider a name Server Enter the IP address or domain names of the update server Update Path The path to the registration script Port Enter the port via which the client receives the update Protocol The protocol used by the DynDNS provider Proceed as follows 1 Enter a Provider Name e g no IP Workshops Excerpt N Enter dynupdate no ip com for Server a wW Enter nic update under Update Path R Leave the Port set to 80 al Select DynDNS for Protocol Confirm with OK o 2 2 2 Configuring DynDNS Create an entry in the gateway for your registered DynDNS name For this go to the fol lowing menu 1 Goto Local Services gt DynDNS Client gt DynDNS Update gt New Save configuration DynDNS Update DynDNs Provider pS Asten Managemen ead Physical Interfaces Y Basic Parameters LAN ea HostName bintecno p com LL dl Interface Internet _ ee occ Routing Protocole ee M
52. ncel a Fig 23 Assistants gt VPN gt VPN Connections gt Next Proceed as follows to configure a new VPN connection 1 2 3 4 5 6 7 8 Press OK to confirm your entries Under Description enter e g subsidiaryl Enter the ID of your own IPSec gateway a Je IPSec LAN to LAN Connection Enter the required data for the IPSec LAN to LAN connection scenario IPSec Scenario A reminder of the selected scenario As you can configure several VPN connections you must define a description to be able to identify the VPN connection easily Description Enter a name for the connection The IPSec partners have to mutually identify and authenticate in order to establish an IPSec connection The identity of the IPSec partner is proven by a unique ID similar to user name To establish an IPSec connection each IPSec gateway must be able to identify the ID of the other gateway Therefore both IDs must be configured on both IPSec gateways The ID can be any name In practice it is usually a name which clearly explains the connecting location Local IPSec ID lt Under Local IPSec ID enter the static WAN IP address of the head office gateway e g 212 212 212 1 Under Remote IPSec ID enter the local IPSec ID of the branch gateway e g fi For the authentification enter Preshared Key e g supersecretgeheimkey Under Local IP Address enter the IP address of the b
53. nfigurations DHCP Relay Server Field Menu Value Primary DHCP Server Local Services gt DHCP Server gt e g 192 168 1 2 DHCP Relay Settings Secondary DHCP Serv Local Services gt DHCP Server gt if one exists er optional DHCP Relay Settings Chapter 2 Services DynDNS 2 1 Introduction The following chapters describe the configuration of DynDNS You create an entry for the DynDNS provider no ZP and configure your DynDNS name bintec no ip com You then create NAT enables in order to administrate the gateway over the Internet using http Configuration in this scenario is carried out using the GUI Graphical User Interface bintec RS232bw Internet Fig 10 Example scenario DynDNS Requirements The following are required for the configuration e Basic configuration of the gateway e Boot image from version 7 10 1 e Configuration requires a working Internet access e Successful registration with the DynDNS provider www no ip com Workshops Excerpt 2 2 Configuration Only the following menu is used for configuring DynDNS 1 Goto Local Services gt DynDNS Client 2 2 1 New Provider If you would like to use a DynDNS provider not yet included in the list under the menu op tion Local Services gt DynDNS Client gt DynDNS Provider you must add this via the following menu 1 Goto Local Services gt DynDNS Client gt DynDNS Provider gt New Save configuration _ Dy
54. ng gt NAT gt NAT Config e g WAN INTERNET uration gt New Service Networking gt NAT gt NAT Config http uration gt New Source IP Address Net Networking gt NAT gt NAT Config Any mask uration gt New Chapter 3 Services Time controlled Tasks 3 1 Introduction The following chapters describe the configuration of time controlled tasks e You want to reboot your gateway automatically overnight e The WLAN interface is to be suspended at the weekend e In addition the configuration is to be backed up automatically once a month on a TFTP server Configuration in this scenario is carried out using the GUI Graphical User Interface Internet Fig 14 Sample scenario time controlled tasks Requirements The following are required for the configuration e Basic configuration of the gateway s Boot image from version 7 8 2 Workshops Excerpt 3 2 Configuration Only the following menu is used for configuring time controlled tasks 1 Goto Local Services gt Scheduling gt Time Schedule 3 2 1 Daily reboot Go to the following menu to configure the gateway so that the router executes a certain ac tion at a certain time 1 Goto Local Services gt Scheduling gt Time Schedule gt New L save configuration _ Time Schedule Options Sten Management PA Binesical interface sel DAN tt Basic Parameters WirelessLAN Y Description Rebo
55. o e saosa o a yda o 11 2 2 1 New Provider lt soc toa gow torona 6 a a 2 3m k 11 2 2 2 Configuring DynDNS aoaaa a a 12 2 2 3 NAT entries for administration with the GUI 13 2 3 Result ocio He scs A a d a Ge aA E oG GA oia da 14 2 4 Checking the connection a a a a a 14 2 5 Overview of configuration steps 14 Chapter 3 Services Time controlled Tasks 16 3 1 INtTrOduGt N sosis oaa a a aR a 16 3 2 Configuration s os e coso voos soroa oso too ero ura s 17 3 2 1 Daily febOOt 3 as n szt o A AA ni s 17 3 2 2 Suspending the WLAN interface 18 3 2 3 Monthly configuration backup a 20 3 3 Overview of configuration steps 2 a s 21 Workshops Excerpt Chapter 4 Services Prioritisation of a VPN IPSec connection ahead of other Internet traffic o 24 4 1 Introduction o a ic ee a a a 24 4 2 Configuration 2 2 a a o o 25 4 2 1 Configuration of gateway in head office bintec R3002 25 4 2 2 Configuration of Internet access via the GUI Assistant 25 4 2 3 Configuration of the VPN IPSec access of the first branch via the GUI Assistant EA See BOE POR LIL ee DA Ee oe OA a 26 4 2 4 Configuration of gateway in head office bintec RS120 28 4 2 5 Configuration of Internet access via the GUI Assistant 29 4 2 6 Configuration of th
56. ot CI con Se Select action Reboot device Y VON SSS i __v Condition Type Condition Settings A a recai sendoes A Time Gondidon se TETTETETT ay of Month ma DHCP Server ET meeen Start Time Howf00 minutef00 Surveillance C OK Cancel ISDH Theft Protection Funkwerk Discovery UPnP Fig 15 Local Services gt Scheduling gt Time Schedule gt New Relevant fields in the Time Schedule menu Field Meaning Description Give the entry a name Select action Select the action you want the gateway to execute Condition Type Select the frequency with which the action is to be executed Condition Settings Select the day on which the action is to be executed Start Time Specify the time at which the action is to be executed Proceed as follows 1 Under Description enter Reboot Workshops Excerpt 2 Under Select Action select Reboot Device 3 Select the Condition Type Periods 4 In the Condition Settings field select Daily 5 Enter the time under Start Time Hour 00 Minute 00 6 Confirm with OK a Note The gateway checks the configured events only every 300 seconds To reduce the time to every second for example go to the menu Local Services gt Scheduling gt Options and enter a Schedule Interval e g 5 Note that checking every second may overload the gateway Scheduling Options Schedule Interval 5 sec C OK JC Cancel Surveillance Fig 16 Local S
57. ription Routing gt QoS gt QoS Filter gt New NAT T 1 Protocol Routing gt QoS gt QoS Filter gt New udp Destination port Routing gt QoS gt QoS Filter gt New 4500 range Description Routing gt QoS gt QoS Filter gt New NAT T 2 Protocol Routing gt QoS gt QoS Filter gt New udp Source Port Range Routing gt QoS gt QoS Filter gt New 4500 Assignment of QoS filters to QoS classes Field Menu Value Description Routing gt QoS gt QoS Classification VPN IPSec gt New Filter Routing gt QoS gt QoS Classification e g IKE gt New Direction Routing gt QoS gt QoS Classification Outgoing gt New High priority class Routing gt QoS gt QoS Classification Enabled gt New Interface Routing gt QoS gt QoS Classification ADSL gt New Class plan Routing gt QoS gt QoS Classification VPN IPSec gt New Filter Routing gt QoS gt QoS Classification e g ESP gt New Direction Routing gt QoS gt QoS Classification Outgoing gt New High priority class Routing gt QoS gt QoS Classification Enabled gt New Class plan Routing gt QoS gt QoS Classification VPN IPSec gt New Filter Routing gt QoS gt QoS Classification e g NAT T 1 gt New bintec elmeg GmbH 4 Services Prioritisation of a VPN IPSec connection ahead of other Internet traffic Field Menu Value Direction Routing gt QoS gt QoS Classifica
58. rity select 254 By selecting priority 254 this gateway shall take over the master role following the successful configuration 4 Press OK to confirm your entries The configuration steps used to create the virtual router of the backup gateway are identic al to those used for the configuration of the master gateway with the exception of Virtual Router Priority On the second bintec RT1202 backup gateway the value 100 is con figured on both virtual routers 5 2 3 Enabling of BRRP configuration After creating the virtual routers on both bintec RT1202 gateways the BRRP function is then enabled For this go to the following menu 1 Go to Routing gt BRRP gt Options Workshops Excerpt Workshops Excerpt vrs Rowers vR Sienna optan Basic Parameters Enable BRRP RI Enabled C OK JC Cancel Fig 43 Routing gt BRRP gt Options Proceed as follows 1 Enable the Enable BRRP function 2 Confirm with OK The gateway with the higher priority is now in master status and the gateway with the lower priority is now in backup status You will see the configuration of the master gateway in the following menu 1 Go to Routing gt BRRP gt Virtual Routers Virtual Routers 1o o lmam o em 140 10 10 41 mastr HR EA 2 ent 4 1 ent 4 10 10 11 1 master 13 me 7 li Fig 44 Routing
59. s menu must be set to up to date If you wish to administrate the bintec gateway over the Internet enter the following in the Browser on a remote computer e g bintec no ip com You should then receive the login of the GUI for the bintec gateway 2 5 Overview of configuration steps Creating new providers Field Menu Value Provider Name Local Services gt DynDNS Client gt e g no IP DynDNS Providers gt New Server Local Services gt DynDNS Client gt dynup DynDNS Providers gt New date no ip com Update Path Local Services gt DynDNS Client gt nic update DynDNS Providers gt New Port Local Services gt DynDNS Client gt 80 DynDNS Providers gt New Protocol Local Services gt DynDNS Client gt DynDNS DynDNS Providers gt New Configuring DynDNS bintec elmeg GmbH 2 Services DynDNS Field Menu Value Hostname Local Services gt DynDNS Client gt e g DynDNS Update gt New bintec no ip com Interface Local Services gt DynDNS Client gt e g Internet DynDNS Update gt New User Name Local Services gt DynDNS Client gt e g nametemai 1 de DynDNS Update gt New Password Local Services gt DynDNS Client gt e g secret DynDNS Update gt New Provider Local Services gt DynDNS Client gt no IP DynDNS Update gt New Enable update Local Services gt DynDNS Client gt Aktiviert DynDNS Update gt New NAT entries Field Menu Value Interface Networki
60. ternet connection 4 Enter the required data for the connection Workshops Excerpt Description T Mobile UMTS Keine Hilfe verf gbar H No help available OPRSIUMTS Interface Slot 6 Unit 0 UMTS xi HI Select your Internet Service Provider ISP from the list Type Predefined Ka Country Germany LE Internet Service Provider T Mobile UMTS vw Please enter the UMTS Provider data UMTS PIN f L Select the connection mode Always active ClEnabiea L L g OK JC Cancel Fig 49 Assistants gt Internet Access gt Internet Connections gt Next Proceed as follows to configure a new UMTS Internet connection 1 Under Description enter e g T Mobile UMTS 2 For GPRS UMTS Interface select Slot 6 Unit 0 UMTS 3 For Internet Service Provider select T Mobile UMTS 4 Enter the UMTS PIN that your provider has given you e g 0000 5 Press OK to confirm your entries Configure the UMTS fallback number and the service for incom ing data connections ISDN login The bintec RS232bu gateway only accepts incoming connections ISDN login or PPP dial in connections in the GSM GPRS network Using the UMTS fallback function the gateway can be forced to switch from the UMTS network to the GSM GPRS network To do this a number needs to be created from which the UMT
61. tion Outgoing gt New High priority class Routing gt QoS gt QoS Classification Enabled gt New Class plan Routing gt QoS gt QoS Classification VPN IPSec gt New Filter Routing gt QoS gt QoS Classification e g NAT T 2 gt New Direction Routing gt QoS gt QoS Classification Outgoing gt New High priority class Routing gt QoS gt QoS Classification Enabled gt New Enabling QoS on the WAN interface Field Menu Value Interface Routing gt QoS gt QoS Interfaces ADSL Policies gt New Priority algorithm Routing gt QoS gt QoS Interfaces Priority Queueing Policies gt New Size of the protocol Routing gt QoS gt QoS Interfaces PPP over Ethernet header below layer 3 Policies gt New Chapter 5 Automatic Router Backup Redundancy with BRRP for an Internet VPN gateway 5 1 Introduction In this workshop the configuration of BRRP Bintec Router Redundancy Protocol using two bintec RT1202 is described Two Ethernet interfaces a LAN and WAN interface respect ively are used on both gateways If the master gateway or the connection to the backup gateway fails e g due to a hardware fault the backup gateway takes over the functionality of the master gateway The backup gateway remains in hot standby mode as long as the master gateway is active How the gateways behave in the event of a failure can be defined with a configurable set of rules If BRRP is used v
62. ulticast o ov Password eoceceee Provider no IP y Enable update Enabled A Veeman Advanced Settings Local Secos eects OK Cancel g a HTTPS DynDHS Client DHCP Server Fig 12 Local Services gt DynDNS Client gt DynDNS Update gt New Relevant fields in the DynDNS Update menu Field Meaning Hostname Enter the complete host name you have registered Interface Select the internet interface User Name Enter your user name Password Enter your password Provider Select your DynDNS provider Enable update Activate or deactivate the entry Proceed as follows 1 Enter Host Name e g bintec no ip com Workshops Excerpt Select Interface e g Internet a a U ND Enter User Name e g name email de R Under Password enter secret for example al The Provider is no IP a O Activate Enable Update Confirm with OK J 2 2 3 NAT entries for administration with the GUI You should be able to administrate your gateway using HTTP over the Internet Go to the following menu to configure the corresponding NAT enable 1 Go to Networking gt NAT gt NAT Configuration gt New Save configuration___ NAT Interfaces NAT Configuration Piiysicallntetaces Z Basie Parameters A Description Wireless LAN uy Interface WAN_INTERNET Routine Type of traffic incoming Destinatia

Manual Workshops (Excerpt)

Contents

Download Pdf Manuals

Related Search

Related Contents