Lancom Systems 1781VA-4G 62042 Manual De Usuario
Los códigos de productos
62042
Management
The LANCOM Layer 2 Management protocol (LL2M) enables an encrypted access between the command line interfaces of two LANCOM device
directly via a Layer 2 connection
directly via a Layer 2 connection
LANCOM Layer 2 Management (emergency
management)
management)
During rollout devices can be preset with project- or customer-specific settings. Up to two boot- and reset-persistent memory spaces can store
customized configurations for customer-specific standard settings (memory space '1') or as a rollout configuration (memory space '2'). A further
option is the storage of a persistent standard certificate for the authentication of connections during rollouts
customized configurations for customer-specific standard settings (memory space '1') or as a rollout configuration (memory space '2'). A further
option is the storage of a persistent standard certificate for the authentication of connections during rollouts
Alternative boot configuration
Automtatic upload of appropriate firmware and configuration files on insertion of USB memory (FAT filesystem) into USB interfaces of LANCOM
routers with factory settings. The function can be activated to be used during operation of configured devices. The router checks the files’ dates
and versions against the current firmware before upload
routers with factory settings. The function can be activated to be used during operation of configured devices. The router checks the files’ dates
and versions against the current firmware before upload
Automatic update from USB
SYSLOG buffer in the RAM (size depending on device memory) to store events for diagnosis. Default set of rules for the event protocol in SYSLOG.
The rules can be modified by the administrator. Display and saving of internal SYSLOG buffer (events) from LANCOM devices with LANmonitor,
display only with WEBconfig
The rules can be modified by the administrator. Display and saving of internal SYSLOG buffer (events) from LANCOM devices with LANmonitor,
display only with WEBconfig
Device SYSLOG
Send and receive SMS. The management can be comfortably conducted via LANmonitor. Additionally, notifications can be sent by SMS at defined
network events. SMS can be sent via HTTP with URL parameters, too. Therefore, a cellular router can be utilized as an SMS gateway. Suitable for
installations with a maximum throughput of 10 SMS per minute.
network events. SMS can be sent via HTTP with URL parameters, too. Therefore, a cellular router can be utilized as an SMS gateway. Suitable for
installations with a maximum throughput of 10 SMS per minute.
SMS
Individual access and function rights for up to 16 administrators. Alternative access control on a per parameter basis with TACACS+
Access rights
RADIUS user administration for dial-in access (PPTP/L2TP via PPP and ISDN CLIP). Support for RADSEC (Secure RADIUS) for secure communication
with RADIUS servers. RADIUS authentication can be used to log in to a device. In addition, users can be deactivated in the internal RADIUS server
without deleting them
with RADIUS servers. RADIUS authentication can be used to log in to a device. In addition, users can be deactivated in the internal RADIUS server
without deleting them
User administration
Remote configuration with Telnet/SSL, SSH (with password or public key), browser (HTTP/HTTPS), TFTP or SNMP, firmware upload via HTTP/HTTPS
or TFTP
or TFTP
Remote maintenance
Support of TACACS+ protocol for authentication, authorization and accounting (AAA) with reliable connections and encrypted payload. Authentication
and authorization are separated completely. LANCOM access rights are converted to TACACS+ levels. With TACACS+ access can be granted per
parameter, path, command or functionality for LANconfig, WEBconfig or Telnet/SSH. Each access and all changes of configuration are logged.
Access verification and logging of SNMP Get and Set requests. WEBconfig supports the access rights of TACACS+ and choice of TACACS+ server
at login. LANconfig provides a device login with the TACACS+ request conveyed by the addressed device. Authorization to execute scripts and each
command within them by checking the TACACS+ server’s database. CRON, action-table and script processing can be diverted to avoid TACACS+
to relieve TACACS+ servers. Redundancy by setting several alternative TACACS+ servers. Configurable option to fall back to local user accounts in
case of connection drops to the TACACS+ servers. Compatibility mode to support several free TACACS+ implementations
and authorization are separated completely. LANCOM access rights are converted to TACACS+ levels. With TACACS+ access can be granted per
parameter, path, command or functionality for LANconfig, WEBconfig or Telnet/SSH. Each access and all changes of configuration are logged.
Access verification and logging of SNMP Get and Set requests. WEBconfig supports the access rights of TACACS+ and choice of TACACS+ server
at login. LANconfig provides a device login with the TACACS+ request conveyed by the addressed device. Authorization to execute scripts and each
command within them by checking the TACACS+ server’s database. CRON, action-table and script processing can be diverted to avoid TACACS+
to relieve TACACS+ servers. Redundancy by setting several alternative TACACS+ servers. Configurable option to fall back to local user accounts in
case of connection drops to the TACACS+ servers. Compatibility mode to support several free TACACS+ implementations
TACACS+
Support of RADIUS protocol for authentication of configuration access. Administrative privileges can be assigned for each administrator.
RADIUS
A remote configuration for devices behind der LANCOM can be accomplished (after authentication) via tunneling of arbitrary TCP-based protocols,
e.g. for HTTP(S) remote maintenance of VoIP phones or printers of the LAN. Additionally, SSH and Telnet client allow to access other devices from
a LANCOM device with an interface to the target subnet if the LANCOM device can be reached at its command line interface
e.g. for HTTP(S) remote maintenance of VoIP phones or printers of the LAN. Additionally, SSH and Telnet client allow to access other devices from
a LANCOM device with an interface to the target subnet if the LANCOM device can be reached at its command line interface
Remote maintenance of 3rd party devices
Remote maintenance over ISDN dial-in with calling-number check
ISDN remote maintenance
For downloading firmware and configuration files from a TFTP, HTTP or HTTPS server with variable file names (wildcards for name, MAC/IP address,
serial number), e.g. for roll-out management. Commands for live Telnet session, scripts or CRON jobs. HTTPS Client authentication possible by
username and password or by certificate
serial number), e.g. for roll-out management. Commands for live Telnet session, scripts or CRON jobs. HTTPS Client authentication possible by
username and password or by certificate
TFTP & HTTP(S) client
SSH-client function compatible to Open SSH under Linux and Unix operating systems for accessing third-party components from a LANCOM router.
Also usable when working with SSH to login to the LANCOM device. Support for certificate- and password-based authentication. Generates its own
key with sshkeygen. SSH client functions are restricted to administrators with appropriate rights. Telnet client function to login/administer third
party devices or other LANCOM devices from command line interface
Also usable when working with SSH to login to the LANCOM device. Support for certificate- and password-based authentication. Generates its own
key with sshkeygen. SSH client functions are restricted to administrators with appropriate rights. Telnet client function to login/administer third
party devices or other LANCOM devices from command line interface
SSH & Telnet client
HTML pages, images and templates for Public Spot pages, vouchers, information pages of the Content Filter can be stored on a USB memory (FAT
file system) in a specific folder as an alternative for the limited internal memory
file system) in a specific folder as an alternative for the limited internal memory
Basic HTTP(S) file server
Option to choose if an uploaded certificate or the default certificate is used by the HTTPS server
HTTPS Server
Access rights (read/write) over WAN or LAN can be set up separately (Telnet/SSL, SSH, SNMP, HTTPS/HTTP), access control list
Security
Scripting function for batch-programming of all command-line parameters and for transferring (partial) configurations, irrespective of software
versions and device types, incl. test mode for parameter changes. Utilization of timed control (CRON) or connection establishment and termination
to run scripts for automation. Scripts can send e-mails with various command line outputs as attachments
versions and device types, incl. test mode for parameter changes. Utilization of timed control (CRON) or connection establishment and termination
to run scripts for automation. Scripts can send e-mails with various command line outputs as attachments
Scripting
LoadFirmware, LoadConfig and LoadScript can be executed conditionally in case certain requirements are met. For example, the command
LoadFirmware could be executed on a daily basis and check each time if the current firmware is up to date or if a new version is available. In
addition, LoadFile allows the upload of files including certificates and secured PKCS#12 containers
LoadFirmware could be executed on a daily basis and check each time if the current firmware is up to date or if a new version is available. In
addition, LoadFile allows the upload of files including certificates and secured PKCS#12 containers
Load commands
SNMP management via SNMPv2, new unified private MIB for all most current and future LANCOM devices with LCOS. Download link in WEBconfig
SNMP
Scheduled control of parameters and actions with CRON service
Timed control
Extensive LOG and TRACE options, PING and TRACEROUTE for checking connections, LANmonitor status display, internal logging buffer for SYSLOG
and firewall events, monitor mode for Ethernet ports
and firewall events, monitor mode for Ethernet ports
Diagnosis
LANCOM 1781VA-4G
Features as of: LCOS 9.00