Lancom Systems L-54AG Firewall, Quality of Service, Security, High availability / redundancy

Page 3

LANCOM L-54ag Wireless

Scope of features: as of LCOS version 7.5x

 

Firewall

 

 

 

Stateful inspection firewall

Incoming/Outgoing Traffic inspection based on connection information

 

 

 

 

 

 

Packet filter

Check based on the header information of an IP packet (IP or MAC source/destination addresses; source/destination ports,

 

 

 

DiffServ attribute); remote-site dependant, direction dependant, bandwidth dependant

 

 

 

 

 

 

Extended port forwarding

Network Address Translation (NAT) based on protocol and WAN address, i.e. to make internal webservers accessible from WAN

 

 

 

 

 

 

N:N IP address mapping

N:N IP address mapping for translation of IP addresses or entire networks

 

 

 

 

 

 

Tagging

The firewall marks packets with routing tags, e.g. for policy-based routing

 

 

 

 

 

 

Actions

Forward, drop, reject, block sender address, close destination port, disconnect

 

 

 

 

 

 

Notification

Via e-mail, SYSLOG or SNMP trap

 

 

 

 

 

 

Quality of Service

 

 

 

Traffic shaping

Dynamic bandwidth management with IP traffic shaping

 

 

 

 

 

 

Bandwidth reservation

Dynamic reservation of minimum and maximum bandwidths, totally or connection bases, separate settings for send and receive

 

 

 

directions

 

 

 

 

 

 

DiffServ/TOS

Priority queuing of packets based on DiffServ/TOS fields

 

 

 

 

 

 

Packet-size control

Automatic packet-size control by fragmentation or Path Maximum Transmission Unit (PMTU) adjustment.

 

 

 

 

 

 

Layer 2/Layer 3 tagging

Automatic or fixed translation of layer-2 priority information (802.11p-marked Ethernet frames) to layer-3 DiffServ attributes in

 

 

 

routing mode. Translation from layer 3 to layer 2 with automatic recognition of 802.1p-support in the destination device.

 

 

Security

 

 

 

Intrusion Prevention

Monitoring and blocking of login attempts and port scans

 

 

 

 

 

 

IP spoofing

Source IP address check on all interfaces: only IP addresses belonging to the defined IP networks are allowed

 

 

 

 

 

 

Access control lists

Filtering of IP or MAC addresses and preset protocols for configuration access

 

 

 

 

 

 

Denial of Service protection

Protection from fragmentation errors and SYN flooding

 

 

 

 

 

 

General

Detailed settings for handling reassembly, PING, stealth mode and AUTH port

 

 

 

 

 

 

URL blocker

Filtering of unwanted URLs based on DNS hitlists and wildcard filters

 

 

 

 

 

 

Password protection

Password-protected configuration access can be set for each interface

 

 

 

 

 

 

Alerts

Alerts via e-mail, SNMP-Traps and SYSLOG

 

 

 

 

 

 

Authentication mechanisms

EAP-TLS, EAP-TTLS, PEAP, MSCHAP, MXCHAPv2 as EAP authentication mechanisms, PAP, CHAP and MS-CHAP as PPP

 

 

 

authentication mechanisms

 

 

 

 

 

 

WLAN protocol filters

Limitation of the allowed transfer protocols, source and target addresses on the WLAN interface

 

 

 

 

 

 

Adjustable reset button

Adjustable reset button for "ignore", "boot-only" and "reset-or-boot

 

 

 

 

 

 

IP redirect

Fixed redirection of any packet received over the WLAN interface to a dedicated target address

 

 

 

 

 

 

High availability / redundancy

 

 

 

VRRP

VRRP (Virtual Router Redundancy Protocol) for backup in case of failure of a device or remote station. Enables passive standby

 

 

 

groups or reciprocal backup between multiple active devices including load balancing and user definable backup priorities

 

 

 

 

 

 

FirmSafe

For completely safe software upgrades thanks to two stored firmware versions, incl. test mode for firmware updates

 

 

 

 

 

 

Analog/GSM modem backup

Optional operation of an analog or GSM modem at the serial interface

 

 

 

 

 

 

Line monitoring

Line monitoring with LCP echo monitoring, up to 4 addresses for end-to-end monitoring with ICMP polling.

 

 

 

 

 

 

WLAN

 

 

 

Frequency band 2.4 GHz or 5 GHz (EU

2400 -2483.5 MHz (ISM) or 5150 -5750 MHz or 5725-5825 MHz (UK only)

 

 

compliance)

 

 

 

Data rates 2.4 GHz

54 Mbps to IEEE 802.11g (fallback to 48, 36 , 24, 18, 12, 9, 6 Mbps, Automatic Rate Selection) compatible to IEEE 802.11b (11,

 

 

 

5.5, 2, 1 Mbps, Automatic Rate Selection), 802.11 b/g compatibility mode or pure g or pure b, Super A/G with Turbo Mode (108

 

 

 

Mbps), bursting, compression

 

 

 

 

 

 

Data rates 5 GHz

54 Mbps to IEEE 802.11a/h (fallback to 48, 36 , 24, 18, 12, 9, 6 Mbps, Automatic Rate Selection), Super A/G with Turbo Mode

 

 

 

(108 Mbps), bursting, compression, fully compatible with TPC (adjustable power output) and DFS (automatic channel selection,

 

 

 

radar detection) according to ETSI regulations.

 

 

 

 

 

 

Range 802.11a/b/g *

Up to 150 m (up to 30 m in buildings) *

 

 

 

 

 

 

Maximum transmission power 2.4 GHz

802.11b: +19 dBm @ 1 and 2 Mbps, +19 dBm @ 5.5 and 11 Mbps

 

 

 

 

 

 

Maximum transmission power 2.4 GHz

802.11g: +19 dBm @ 6 Mbps, +14 dBm @ 54 Mbps

 

 

 

 

 

 

Maximum transmission power 5 GHz

802.11a/h: +18 dBm @ 6 Mbps, +12 dBm @ 54 Mbps with transmission power control (TPC) and manual power settings

 

 

 

 

 

 

Minimum transmission power

Transmission power reduction in software in 1 dB steps to min. 0.5 dBm

 

 

 

 

 

 

Reception sensitivity 2.4 GHz

802.11b: -87 dBm @ 11 Mbps, -94 dBm @ 1 Mbps

 

 

 

 

 

Page 2 Page 4
Image 3
Page 2 Page 4
Contents Lancom L-54ag Wireless More Security High availability / redundancy Quality of ServiceFirewall SecurityWAN protocols Wlan operating modesRouting functions LAN protocolsHardware InterfacesManagement StatisticsOptions Package contentAccessories Support

L-54AG specifications

Lancom Systems L-54AG is a versatile wireless access point designed to cater to the growing demands of modern connectivity in various environments, including offices, schools, and public spaces. This device supports both standalone operation and centralized management, making it a flexible solution for network administrators.

One of the key features of the L-54AG is its dual-band operation, which allows it to operate simultaneously on both the 2.4 GHz and 5 GHz frequency bands. This capability helps in reducing congestion and improving overall network performance, as devices can be distributed across multiple frequencies. The access point also employs the latest Wi-Fi standards, including IEEE 802.11a/b/g/n, ensuring compatibility with a wide range of devices.

The L-54AG is equipped with two internal antennas that are optimized for high data rates and extended coverage. With a data rate of up to 300 Mbps on the 2.4 GHz band and 450 Mbps on the 5 GHz band, users can expect reliable and fast connections. Additionally, the device supports Multi-User MIMO (MU-MIMO) technology, allowing multiple devices to communicate with the access point simultaneously without sacrificing performance.

Security is a top priority for Lancom, and the L-54AG includes robust features to protect users and data. It supports advanced encryption protocols like WPA2, ensuring that wireless communications remain secure. The access point also features a built-in firewall and VLAN support, enabling administrators to create segmented networks for different user groups.

In terms of management, the L-54AG offers comprehensive monitoring and configuration options. Administrators can manage the access point via a web-based interface or through LANconfig, Lancom’s powerful configuration tool. The device can also be integrated into larger network management systems, allowing for scalability in enterprise environments.

Furthermore, the L-54AG is designed for easy installation and maintenance. Its compact form factor and Power over Ethernet (PoE) support mean that it can be deployed in a range of locations without the need for additional power sources.

Overall, the Lancom Systems L-54AG stands out with its combination of advanced features, security protocols, and management capabilities, making it a compelling choice for businesses and organizations looking to enhance their wireless networking infrastructure.
Top Page Image Contents