Lancom Systems 7111 VPN, 8011 VPN manual Firewall wizard, Wizard for WEBconfig

Page 63

LANCOM 7111 VPN – LANCOM 8011 VPN

Chapter 8: Security settings

In a next step parameters of the configuration lock like number of failed log-in attempts and the duration of the lock can be adjusted.

Now activate Stateful Inspection, ping-blocking and Stealth mode in the the firewall configuration.

The wizard will inform you when entries are complete. Complete the con- figuration with Finish.

8.1.2Wizard for WEBconfig

Under WEBconfig you have the possibility to run the wizard Security settings to control and change the settings. The following values are handled:

password for the device

allowed protocols for the configuration access of local and remote net- works

the MSN for remote configuration via ISDN

parameters of configuration lock (number of failed log-in attempts and duration of the lock)

8.2The firewall wizard

The LANCOM router incorporates an effective protection of your LAN and WLAN when accessing the Internet by its Stateful Inspection firewall and its firewall filters. Basic idea of the Stateful Inspection firewall is that only self- initiated data transfer is considered allowable. All unasked accesses, which were not initiated from the local network, are inadmissible.

The firewall wizard assists you to create new firewall rules quickly and com- fortably.

Please find further information about the firewall of your LANCOM router and about its configuration in the reference manual.

8.2.1Wizard for LANconfig

The firewall wizard assists you to create new firewall rules quickly and com- fortably .

EN

63

Image 63

Contents Lancom 7111 VPN Lancom 8011 VPN Lancom Systems GmbH, Wuerselen Germany. All rights reserved Preface Security settingsModel variants Info@lancom.de This documentation was compiled …Contents Providing dial-up access Linking two networksSending faxes with Lancapi Appendix TroubleshootingWhich use does VPN offer? IntroductionIsdn Conventional network infrastructureNetworking via the Internet Firewall Denial-of-Service Protection Quality-of-Service / Traffic managementWhat does a router do? LAN to LAN coupling via VPN or Isdn Internet access for a LAN e.g. via DSL or IsdnBridgehead to the WAN Areas of deployment for routersRemote access to the company network via VPN or Isdn What can your Lancom router do?Conventional via Isdn Lancom Quality of Service Installation Package contentsSystem preconditions Front side Access to the LAN via the TCP/IP protocolIntroducing Lancom router Status displaysOnline LED indicates the overall status of all WAN ports LED remains lit greenLancom Flashing Power LED but no connection?Connection status of the WAN connection Data traffic via the WAN connectionConnection status of Isdn S0 connection Connection status of the serial configuration port 7111 VPN, for both Isdn B channels with Lancom 8011 VPNLCD display Back of the unit Hardware installationInstallation Starting Lancom setup Software installationWhich software should you install? Basic configuration 1 TCP/IP settingsWhich information is necessary? IP address and netmask for the Lancom router New LAN-fully automatic configuration possibleConfigure manually nevertheless? Information required for manual TCP/IP configurationEnable Dhcp server? Configuration protectionSettings for the DSL connection Settings for the Isdn connectionConnect charge protection Instructions for LANconfigStart up LANconfig by clicking Start Programs Lancom LANconfigComplete the configuration with Finish Network without Dhcp server Instructions for WEBconfigStarting the wizards in WEBconfig Network with Dhcp serverOr with a name as discribed above WEBconfig main menu will be displayed Entering the password in the web browser IP address assignment via the Lancom router default TCP/IP settings to workstation PCsManual IP address assignment IP address assignment via a separate Dhcp serverAdditional information for unknown Internet providers Setting up Internet accessDoes the setup wizard know your Internet provider? User name and passwordIsdn dial-in number User name and password Additional connection optionsDynamic channel bundling Isdn only Complete the configuration with Apply LANconfig Quick access to the setup wizardsAlways configure both sides Linking two networksSecurity aspects General information What information is necessary?Name of the remote station is needed for its identification Settings for the TCP/IP router Settings for the IPX router DNS access to the remote LANExtranet VPN Settings for NetBIOS routing Perform the configuration on both routers, one at a time Ping quick testing for TCP/IP connections Which information is required? Providing dial-up accessCoupling Entry Isdn calling line identity CLISettings for IPX Settings for TCP/IPWAN Settings for the dial-in computer Dial-up via VPNDial-up via Isdn Instructions for LANconfig Providing dial- up access Sending faxes with Lancapi Installation of the Lancom Capi fax modem Select the option Printers and Faxes from the control panel Installation of the MS Windows fax serviceSend a fax with the MS Windows fax service Sending a faxSend a fax with any given office application Sending faxes with Lancapi Security settings Security settings wizardWizard for LANconfig Firewall wizard Wizard for WEBconfigSecurity checklist Configuration under WEBconfigRules Do you make use of a ’Deny All’ Firewall strategy? Have you assigned a password for the configuration?Have you permitted remote configuration? Have you activated the Firewall?Have you closed critical ports with filters? DSL data transfer is slow TroubleshootingProblems with the cabling? No WAN connection is establishedLAN statistics Cable testingUnwanted connections under Windows XP Increasing the TCP/IP window size under WindowsTroubleshooting Appendix Performance data and specificationsRights for up to 16 administrators Pin RJ45 socket Contact assignmentDSL interface ISDN-S0interfacePin mini-DIN socket Configuration interface OutbandCE declaration of conformity Ethernet interfaces 10/100Base-TNumerics Connector cable LAN to LAN coupling 14, 15, 30 InstallationIPX conventions IPX router Settings Connector cable Channel Data compression Dial-innumberSecurity aspects Server Setup Specify MSN NetBIOS NetBIOS proxy Netmask Network segmentPackage contents Packet size adaption Password NetBIOSSettings 28 , 32 Temperature Time WEBconfigCheck connection