Lancom Systems 7111 VPN, 8011 VPN manual Settings for the TCP/IP router

Page 45

LANCOM 7111 VPN – LANCOM 8011 VPN

Chapter 5: Linking two networks

The password for the ISDN connection is an alternative to the use of the ISDN caller ID. It is always used to authenticate callers that do not send an ISDN caller ID. The exact same password must be entered on both sides. It is used for calls in both directions.

The Shared Secret is the central password for security within the VPN. The exact same password has to be entered on both sides

Data compression increases the transfer speed of the connection at no additional cost. This is completely unlike the bundling of two ISDN- chan- nels with MLPPP (Multi Link PPP): The transfer rate will be doubled but there will also be additional telephone costs for two connections.

5.1.2Settings for the TCP/IP router

In TCP/IP networks, addressing has a special significance. Please note that two interconnected networks are logically separate from one another. Each must therefore have its own network number (in our example, '10.0.1.x' and '10.0.2.x'). These network numbers may not be identical.

EN

10.0.1.2

10.0.1.100

(0123) 123456

'server.head.company'

'pc1.branch.comany

10.0.2.10

VPN or ISDN

connection

10.0.2.100

(0789) 654321

LAN of head office.

LAN of branch office.

IP: 10.0.1.0,

IP: 10.0.2.0,

Netmask: 255.255.255.0

Netmask: 255.255.255.0

Domain: 'head.company'

Domain: 'branch.company'

Unlike when accessing the Internet, all of the IP addresses in the involved net- works are visible on the remote side when coupling networks, not just those of the router. The computer with the IP address 10.0.2.10 in the branch office LAN sees the server 10.0.1.2 in the headquarters and can access it (assuming it has the appropriate rights), and vice versa.

45

Page 44 Page 46
Image 45
Page 44 Page 46
Contents Lancom 7111 VPN Lancom 8011 VPN Lancom Systems GmbH, Wuerselen Germany. All rights reserved Preface Security settingsModel variants Info@lancom.de This documentation was compiled …Contents Providing dial-up access Linking two networksSending faxes with Lancapi Appendix TroubleshootingWhich use does VPN offer? IntroductionIsdn Conventional network infrastructureNetworking via the Internet Firewall Denial-of-Service Protection Quality-of-Service / Traffic managementWhat does a router do? Bridgehead to the WAN Internet access for a LAN e.g. via DSL or IsdnAreas of deployment for routers LAN to LAN coupling via VPN or IsdnRemote access to the company network via VPN or Isdn What can your Lancom router do?Conventional via Isdn Lancom Quality of Service Installation Package contentsSystem preconditions Introducing Lancom router Access to the LAN via the TCP/IP protocolStatus displays Front sideOnline LED indicates the overall status of all WAN ports LED remains lit greenLancom Flashing Power LED but no connection?Connection status of the WAN connection Data traffic via the WAN connectionConnection status of Isdn S0 connection Connection status of the serial configuration port 7111 VPN, for both Isdn B channels with Lancom 8011 VPNLCD display Back of the unit Hardware installationInstallation Starting Lancom setup Software installationWhich software should you install? Basic configuration 1 TCP/IP settingsWhich information is necessary? Configure manually nevertheless? New LAN-fully automatic configuration possibleInformation required for manual TCP/IP configuration IP address and netmask for the Lancom routerSettings for the DSL connection Configuration protectionSettings for the Isdn connection Enable Dhcp server?Start up LANconfig by clicking Start Programs Lancom Instructions for LANconfigLANconfig Connect charge protectionComplete the configuration with Finish Network without Dhcp server Instructions for WEBconfigStarting the wizards in WEBconfig Network with Dhcp serverOr with a name as discribed above WEBconfig main menu will be displayed Entering the password in the web browser IP address assignment via the Lancom router default TCP/IP settings to workstation PCsManual IP address assignment IP address assignment via a separate Dhcp serverDoes the setup wizard know your Internet provider? Setting up Internet accessUser name and password Additional information for unknown Internet providersIsdn dial-in number User name and password Additional connection optionsDynamic channel bundling Isdn only Complete the configuration with Apply LANconfig Quick access to the setup wizardsAlways configure both sides Linking two networksSecurity aspects General information What information is necessary?Name of the remote station is needed for its identification Settings for the TCP/IP router Settings for the IPX router DNS access to the remote LANExtranet VPN Settings for NetBIOS routing Perform the configuration on both routers, one at a time Ping quick testing for TCP/IP connections Which information is required? Providing dial-up accessCoupling Entry Isdn calling line identity CLISettings for IPX Settings for TCP/IPWAN Settings for the dial-in computer Dial-up via VPNDial-up via Isdn Instructions for LANconfig Providing dial- up access Sending faxes with Lancapi Installation of the Lancom Capi fax modem Select the option Printers and Faxes from the control panel Installation of the MS Windows fax serviceSend a fax with the MS Windows fax service Sending a faxSend a fax with any given office application Sending faxes with Lancapi Security settings Security settings wizardWizard for LANconfig Firewall wizard Wizard for WEBconfigSecurity checklist Configuration under WEBconfigRules Have you permitted remote configuration? Have you assigned a password for the configuration?Have you activated the Firewall? Do you make use of a ’Deny All’ Firewall strategy?Have you closed critical ports with filters? Problems with the cabling? TroubleshootingNo WAN connection is established DSL data transfer is slowUnwanted connections under Windows XP Cable testingIncreasing the TCP/IP window size under Windows LAN statisticsTroubleshooting Appendix Performance data and specificationsRights for up to 16 administrators DSL interface Contact assignmentISDN-S0interface Pin RJ45 socketCE declaration of conformity Configuration interface OutbandEthernet interfaces 10/100Base-T Pin mini-DIN socketNumerics IPX conventions IPX router Settings InstallationConnector cable Channel Data compression Dial-innumber Connector cable LAN to LAN coupling 14, 15, 30Package contents Packet size adaption Password NetBIOS NetBIOS proxy Netmask Network segmentNetBIOS Security aspects Server Setup Specify MSNSettings 28 , 32 Temperature Time WEBconfigCheck connection
Top Page Image Contents