Lancom Systems 1631E 61082 Benutzerhandbuch
Produktcode
61082
Management
Syslog buffer in the RAM (size depending on device memory) to store events for diagnosis. Default set of rules for the event protocol in Syslog. The
rules can be modified by the administrator. Display and saving of internal Syslog buffer (events) from LANCOM devices with LANmonitor, display
only with WEBconfig
rules can be modified by the administrator. Display and saving of internal Syslog buffer (events) from LANCOM devices with LANmonitor, display
only with WEBconfig
Device Syslog
Individual access and function rights for up to 16 administrators. Alternative access control on a per parameter basis with TACACS+
Access rights
RADIUS user administration for dial-in access (PPP/PPTP and ISDN CLIP). Support for RADSEC (Secure RADIUS) for secure communication with
RADIUS servers
RADIUS servers
User administration
Remote configuration with Telnet/SSL, SSH (with password or public key), browser (HTTP/HTTPS), TFTP or SNMP, firmware upload via HTTP/HTTPS
or TFTP
or TFTP
Remote maintenance
Support of TACACS+ protocol for authentication, authorization and accounting (AAA) with reliable connections and encrypted payload. Authentication
and authorization are separated completely. LANCOM access rights are converted to TACACS+ levels. With TACACS+ access can be granted per
parameter, path, command or functionality for LANconfig, WEBconfig or Telnet/SSH. Each access and all changes of configuration are logged.
Access verification and logging of SNMP Get and Set requests. WEBconfig supports the access rights of TACACS+ and choice of TACACS+ server
at login. LANconfig provides a device login with the TACACS+ request conveyed by the addressed device. Authorization to execute scripts and each
command within them by checking the TACACS+ server’s database. CRON, action-table and script processing can be diverted to avoid TACACS+
to relieve TACACS+ servers. Redundancy by setting several alternative TACACS+ servers. Configurable option to fall back to local user accounts in
case of connection drops to the TACACS+ servers. Compatibility mode to support several free TACACS+ implementations
and authorization are separated completely. LANCOM access rights are converted to TACACS+ levels. With TACACS+ access can be granted per
parameter, path, command or functionality for LANconfig, WEBconfig or Telnet/SSH. Each access and all changes of configuration are logged.
Access verification and logging of SNMP Get and Set requests. WEBconfig supports the access rights of TACACS+ and choice of TACACS+ server
at login. LANconfig provides a device login with the TACACS+ request conveyed by the addressed device. Authorization to execute scripts and each
command within them by checking the TACACS+ server’s database. CRON, action-table and script processing can be diverted to avoid TACACS+
to relieve TACACS+ servers. Redundancy by setting several alternative TACACS+ servers. Configurable option to fall back to local user accounts in
case of connection drops to the TACACS+ servers. Compatibility mode to support several free TACACS+ implementations
TACACS+
A remote configuration for devices behind der LANCOM can be accomplished (after authentication) via tunneling of arbitrary TCP-based protocols,
e.g. for HTTP(S) remote maintenance of VoIP phones or printers of the LAN. Additionally, SSH and Telnet client allow to access other devices from
a LANCOM device with an interface to the target subnet if the LANCOM device can be reached at its command line interface
e.g. for HTTP(S) remote maintenance of VoIP phones or printers of the LAN. Additionally, SSH and Telnet client allow to access other devices from
a LANCOM device with an interface to the target subnet if the LANCOM device can be reached at its command line interface
Remote maintenance of 3rd party devices
Remote maintenance over ISDN dial-in with calling-number check
ISDN remote maintenance
For downloading firmware and configuration files from a TFTP, HTTP or HTTPS server with variable file names (wildcards for name, MAC/IP address,
serial number), e.g. for roll-out management. Commands for live Telnet session, scripts or CRON jobs. HTTPS Client authentication possible by
username and password or by certificate
serial number), e.g. for roll-out management. Commands for live Telnet session, scripts or CRON jobs. HTTPS Client authentication possible by
username and password or by certificate
TFTP & HTTP(S) client
SSH-client function compatible to Open SSH under Linux and Unix operating systems for accessing third-party components from a LANCOM router.
Also usable when working with SSH to login to the LANCOM device. Support for certificate- and password-based authentication. Generates its own
key with sshkeygen. SSH client functions are restricted to administrators with appropriate rights. Telnet client function to login/administer third
party devices or other LANCOM devices from command line interface
Also usable when working with SSH to login to the LANCOM device. Support for certificate- and password-based authentication. Generates its own
key with sshkeygen. SSH client functions are restricted to administrators with appropriate rights. Telnet client function to login/administer third
party devices or other LANCOM devices from command line interface
SSH & Telnet client
HTML pages, images and templates for Public Spot pages, vouchers, information pages of the Content Filter can be stored on a USB memory (FAT
file system) in a specific folder as an alternative for the limited internal memory
file system) in a specific folder as an alternative for the limited internal memory
Basic HTTP(S) file server
Option to choose if an uploaded certificate or the default certificate is used by the HTTPS server
HTTPS Server
Access rights (read/write) over WAN or LAN can be set up separately (Telnet/SSL, SSH, SNMP, HTTPS/HTTP), access control list
Security
Scripting function for batch-programming of all command-line parameters and for transferring (partial) configurations, irrespective of software
versions and device types, incl. test mode for parameter changes. Utilization of timed control (CRON) or connection establishment and termination
to run scripts for automation. Scripts can send e-mails with various command line outputs as attachments
versions and device types, incl. test mode for parameter changes. Utilization of timed control (CRON) or connection establishment and termination
to run scripts for automation. Scripts can send e-mails with various command line outputs as attachments
Scripting
LoadFirmware, LoadConfig and LoadScript can be executed conditionally in case certain requirements are met. For example, the command
LoadFirmware could be executed on a daily basis and check each time if the current firmware is up to date or if a new version is available. In
addition, LoadFile allows the upload of files including certificates and secured PKCS#12 containers
LoadFirmware could be executed on a daily basis and check each time if the current firmware is up to date or if a new version is available. In
addition, LoadFile allows the upload of files including certificates and secured PKCS#12 containers
Load commands
SNMP management via SNMPv2, new unified private MIB for all most current and future LANCOM devices with LCOS. Download link in WEBconfig
SNMP
Scheduled control of parameters and actions with CRON service
Timed control
Extensive LOG and TRACE options, PING and TRACEROUTE for checking connections, LANmonitor status display, internal logging buffer for SYSLOG
and firewall events, monitor mode for Ethernet ports
and firewall events, monitor mode for Ethernet ports
Diagnosis
Available for all LANCOM routers with integrated ISDN interface. LANCAPI provides CAPI 2.0 features for Microsoft Windows to utilize ISDN channels
over the IP network
over the IP network
LANCAPI
Softmodem for Microsoft Windows that makes use of LANCAPI to send and receive faxes via ISDN
CAPI Faxmodem
Allows the programming of a customized wizard to simplify the rollout in projects. Support for customized templates and logos provide a way to
generate a brand specific look
generate a brand specific look
Programmable Rollout Wizard
Statistics
Extensive Ethernet, IP and DNS statistics; SYSLOG error counter
Statistics
Connection time, online time, transfer volumes per station. Snapshot function for regular read-out of values at the end of a billing period. Timed
(CRON) command to reset all counters at once
(CRON) command to reset all counters at once
Accounting
Accounting information exportable via LANmonitor and SYSLOG
Export
Hardware
12 V DC, external power adapter (230 V) with bayonet cap to protect against accidentally unplugging
Power supply
LANCOM 1631E
Features as of: LCOS 8.60