Lancom Systems 3550 manual Access control via MAC address, Lancom Enhanced Passphrase Security

Page 57

LANCOM 3550 Wireless

Chapter 7: Security settings

7.1.2Access control via MAC address

Each network device has an special identification number. This identification number is the so-called MAC address (Media Access Control), which is world- wide unique per device.

The MAC address is programmed into the hardware and cannot be changed. Wireless LAN devices by LANCOM Systems have got a MAC address label on the casing.

The access to an infrastructure network can be restricted to known MAC addresses for certain Wireless LAN devices solely. To do so, Access Control lists are available within the LANCOM base stations, in which the granted MAC addresses can be deposited.

This method of access control is not available for ad-hoc networks.

7.1.3LANCOM Enhanced Passphrase Security

With LEPS (LANCOM Enhanced Passphrase Security) LANCOM Systems has developed an efficient method which uses the simple configuration of IEEE 802.11i with passphrase and yet which avoids the potential error sources of passphrase sharing. LEPS uses an additional column in the ACL to assign an individual passphrase consisting of any 4 to 64 ASCII characters to each MAC address. The connection to the access point and the subsequent encryption with IEEE 802.11i or WPA is only possible with the right combination of pass- phrase and MAC address.

LEPS can be used locally in the device and can also be centrally managed with the help of a RADIUS server, and it works with all WLAN client adapters cur- rently available on the market without modification. Full compatibility to third-party products is assured as LEPS only involves configuration in the access point.

An additional security aspect: LEPS can also be used to secure single point- to-point connections (P2P) with an individual passphrase. Even if an access point in a P2P installation is stolen and the passphrase and MAC address become known, all other WLAN connections secured by LEPS remain pro- tected, particularly when the ACL is stored on a RADIUS server.

guests. To this end, all users of the internal WLAN network are given individual passphrases. Guests can make use of their own dedicated

SSID and a global passphrase. To avoid abuse, this global passphrase can be changed on a regular basis—every few days, for example.Guest access with LEPS: LEPS can also be set up to allow access to

EN

57

Page 56 Page 58
Image 57
Page 56 Page 58
Contents Lancom 3550 Wireless Lancom Systems GmbH, Wuerselen Germany. All rights reserved Thank you for placing your trust in this Lancom product Security settingsThis documentation was compiled … Further server services DHCP, DNS, charge management Important instruction that should be followed Contents Setting up Internet access Setting up the Umts profilePoint-to-point connections Options and accessories AppendixRadio channel regulations for WLANs Operation modes of Wireless LANs and base stations What is a Wireless LAN?Introduction Which hardware to use?Last mile via UMTS/HSPDA Advantages of the UMTS/HSPDA solutionInternet Mobile conference roomUMTS/HSPDA Backup Internet connection over DSL Applications What can your Lancom Router do?Wireless LAN Lancom Installation Package contentsSystem preconditions Status display Status displays, interfaces an hardware installationMeanings of the LEDs Front sideGreen Red Blinking Time or connect-charge reached LED remains lit greenExpert Configuration Setup Charges-module Flashing Power-LED but no connection?Nal wireless network card is not indicated on this display Wireless link display can assume four different conditionsBack of the unit Hardware installation Software installation Plexity considerably Which software should you install? Starting Lancom setupInstallation Basic configuration 1 TCP/IP settingsWhich information is necessary? New LAN-fully automatic configuration possible Configure manually nevertheless?Information required for manual TCP/IP configuration Settings for the Wireless LAN Configuration protectionSettings for the DSL connection Connect charge protectionSelection of a radio channel LANconfig Start up LANconfig by clicking Start Programs LancomComplete the configuration with Finish Instructions for WEBconfigNetwork with Dhcp server Network without Dhcp serverStarting the wizards in WEBconfig WEBconfig main menu will be displayedOr with a name as discribed above Basic configuration Entering the password in the web browser TCP/IP settings to workstation PCsIP address assignment via the Lancom Router default IP address assignment via a separate Dhcp serverManual IP address assignment Setting up Internet access Instructions for LANconfig Bar, select Tools Setup WizardLANconfig Quick access to the setup wizards Setting up Internet access Internet access Setting up the Umts profileSetting up the Umts profile Setting up the Umts profile VPN site coupling Setting up the Umts profile Choosing the mobile telephone network Other settingsActivate UMTS/GPRS profile UMTS/HSPDA only or automatic UMTS/HSPDA/GPRS selection Set up a time limit Point-to-point connections Configuration with LANconfig Configuration tool Menu/Table Security for point-to-point connections Access points in relay modeEncryption with 802.11i/WPA Connections under the following pathsConfiguration area Wlan Security on the 802.11i/WEP tab Leps for P2P connections Found under WEBconfig or Telnet under the following pathsSecurity settings Security for the Wireless LANClosed network Lancom Enhanced Passphrase Security Access control via MAC addressEncryption of the data transfer 5 802.1x / EAP Standard WEP encryption ensure that you have a secure connection IPSec over Wlan Tips for handling keysSecurity settings wizard Wizard for LANconfigMand bar Extras Setup Wizard Firewall wizard Wizard for WEBconfigSecurity checklist Configuration under WEBconfigRules Have you permitted remote configuration? Have you assigned a password for the configuration?Have you assigned a password to the Snmp configuration? Have you activated the Firewall?Have you closed critical ports with filters? Have you activated the IP masquerading?Security settings Security settings Options and accessories Optional Lancom Wireless Router antennasAntenna Diversity Lancom Public Spot Option Installation of AirLancer Extender antennasRadius PIN Handling TroubleshootingMenü/Tabelle Problems with the cabling? You can monitor and correct the protocol settings underHas the correct transfer protocol been selected? DSL data transfer is slow Unwanted connections under Windows XPIncreasing the TCP/IP window size under Windows Appendix Performance data and specificationsContact assignment LAN interface, 10/100base-TXWAN interface, 10/100base-TX Declaration of conformity Radio channel regulations for WLANs Numerics Node/hub switch Optional antennas Options and accessories Connector cable LAN connectionRelay function Remote configuration Reset LAN Link LAN Rx/Tx Power WAN Link WAN Status Wireless LinkWork Incorrect PIN WAN connector WEBconfig PasswordPIN handling Time limit 15, 59

3550 specifications

The Lancom Systems 3550 is a robust and versatile router designed to meet the demanding connectivity needs of modern networking environments. It is particularly well-suited for enterprises seeking to enhance their network performance, reliability, and security. This device combines advanced features with cutting-edge technologies to provide a comprehensive networking solution.

One of the standout features of the Lancom Systems 3550 is its support for various WAN technologies. It supports fiber, DSL, and LTE connections, ensuring seamless internet access regardless of the available infrastructure. This versatility allows businesses to choose the optimal connection type for their specific needs and easily adapt to changing circumstances.

In terms of voice and data capabilities, the 3550 is equipped with integrated VoIP functionality. This feature enables companies to implement Voice over IP solutions, reducing telecommunication costs while improving call quality. The router supports multiple concurrent voice channels, making it an ideal choice for businesses with significant communication requirements.

Security is paramount in today’s digital landscape, and the Lancom Systems 3550 does not disappoint. It includes advanced firewall features and supports VPN technologies, enabling secure remote access for employees and partners alike. With support for SSL and IPSec VPNs, businesses can ensure that sensitive data remains protected, regardless of whether employees are working in the office or remotely.

Another significant characteristic of the 3550 is its high-performance capabilities. It is designed to handle a high volume of data traffic without compromising performance. Equipped with advanced traffic management tools, the router can prioritize essential services, ensuring that critical applications receive the bandwidth they need, even during peak usage times.

Additionally, the device offers robust monitoring and management features. Network administrators can utilize SNMP, Syslog, and other management protocols to gain real-time insights into performance metrics and troubleshoot issues proactively. The intuitive user interface simplifies configuration and management, allowing IT staff to focus on other pressing tasks.

Scalability is also a key advantage of the Lancom Systems 3550. It provides options for expansion and can be integrated seamlessly with other devices in the Lancom ecosystem. This flexibility allows organizations to grow their networks without the need for significant overhauls.

In summary, the Lancom Systems 3550 is an ideal solution for organizations looking to enhance their networking capabilities. With its support for multiple WAN technologies, integrated security features, high performance, and robust management tools, it stands out as a reliable choice for modern enterprises. Whether for data communication or voice solutions, the 3550 ensures optimized performance, security, and scalability in one comprehensive package.
Top Page Image Contents