LCOS 10.80 Reference Manual

Content
Search
Loading, please wait ...

Loading

Collapse AllExpand All
  • LCOS – the LANCOM Operating System
    • Free operating system
    • Security from our own closed-source operating system
    • Future-proof
    • The LCOS promise
  • Configuration
    • Ways and means of configuration
    • Configuration software
      • LANconfig
      • WEBconfig
        • Accessing the device with WEBconfig
        • Network without a DHCP server
        • Network with DHCP server
        • Logging in to the device
        • Search
        • Dashboard
        • Setup wizards
        • System information
        • Configuration
        • Extras
          • LCOS menu tree
            • Status
            • Setup
            • Firmware
            • Other
          • File management
          • Retrieving the SNMP device MIB
          • Show / search other devices
          • Show key fingerprints
          • Allowed SSH public keys
          • Packet capturing
          • WLAN link test
          • Spectral Scan
          • Create TCP/HTTP tunnel
          • Uploading firmware to a managed access point
          • Activate software option
          • Set date and time
          • Change password
          • Reboot
        • Logout from the device
      • LANCOM Management Cloud (LMC)
        • Basics of the LANCOM Management Cloud
        • Pairing devices with the LANCOM Management Cloud
          • Integration into the LMC by serial number and Cloud PIN
          • Integration into the LMC by LMC Rollout Assistant
          • Integration into the LMC by activation code
            • Pairing existing devices via LANconfig
            • Pairing existing devices via WEBconfig
            • Pairing existing devices via the command line
        • Delivery of the LMC domain by the LCOS DHCP server
        • Manual upfront configuration of your device for management by the LANCOM Management Cloud
      • Terminal program
        • Start terminal session
        • Change the language of the CLI
        • Terminate or cancel terminal session
        • Structure of the command-line interface
        • Commands for the CLI
          • Parameter overview for the ping command
          • Parameter overview for the trace command
          • Overview of CAPWAP parameters with the show command
          • Overview of IPv6-specific show commands
            • IPv6 addresses
            • IPv6 prefixes
            • IPv6-Interfaces
            • IPv6 neighbor cache
            • IPv6 DHCP server
            • IPv6 DHCP client
            • IPv6 route
        • Environment variables
        • Keyboard shortcuts for the command line
          • Tab command when scripting
        • Function keys for the command line
      • SNMP management program
    • LANCOM Layer 2 Management protocol (LL2M)
      • Introduction
      • Configuring the LL2M server
      • Commands for the LL2M client
    • Saving and loading device-configuration and script files
      • Configuration management with WEBconfig and the console
      • Script management with WEBconfig and the console
      • Configuration management with LANconfig
    • Alternative boot config
      • Introduction
      • Using the boot configuration
      • Storing and uploading the boot configurations
      • Deleting the boot configuration
      • Working with certificates
    • FirmSafe
      • Introduction
      • Configuration
      • Toggling the active firmware via console command
      • Asymmetric FirmSafe
        • Switching over to asymmetric FirmSafe
        • Firmware upgrade with asymmetric FirmSafe
    • Uploading firmware to the device via a client
      • Firmware upload via LANconfig
      • Firmware upload via WEBconfig
      • Firmware upload by terminal program
      • Firmware upload via outband with reset of the configuration
    • LANCOM Auto Updater
      • Configuring the Auto Updater
    • Loading files directly from/to the device via TFTP, HTTP(S) or SCP
      • Loading a file via a TFTP client
        • Syntax
        • Example applications
        • Troubleshooting
      • Loading a file via an SCP client
        • Syntax
        • Mount points for SCP file transfer
        • Example applications
      • File download from a TFTP or HTTP(S) server
        • Syntax
        • Parameters
        • Variables
        • Example applications
          • Regularly updating configuration and firmware
          • Update configuration after first updating firmware
    • Automatic upload of firmware or configuration from USB
      • Automatic upload of loader and/or firmware files
      • Automatic upload of configuration and/or script files
      • Configuring automatic uploads via USB
    • Resetting the device
      • Configuring the reset button
    • Managing rights for different administrators
      • Rights for the administrators
        • Access rights
        • Function rights
      • Configuring SNMP read-only access
    • Device-internal SSH/SSL keys
      • Automatic generation of device-specific SSH/SSL keys
      • Manually create custom SSH keys
    • SSH authentication using a public key
      • Certificate check on SSH access
      • Generating an SSH keypair with PuTTY
      • Syntax and modifying public-key users
      • Setting up a device for public-key authentication
      • Public-key authentication with PuTTY
      • Public-key authentication with LANconfig
    • SSH and Telnet client in LCOS
      • Introduction
      • Syntax of SSH clients
      • Syntax of the Telnet client
      • Public keys for authentication
        • List of known SSH servers
        • Manually deleting known SSH server keys
      • Creating SSH keys in LCOS
      • Priorities for SSH authentication
      • Rights for operating the SSH/Telnet client
    • Importing files by copy & paste on the CLI
    • Basic HTTP file server for external storage media
      • Introduction
      • Preparing the USB storage medium
      • Determine the mount point of the USB medium in the LCOS
      • Accessing the files on a USB medium
      • Rules for directory access
      • Supported content type
    • Rollout Wizard
      • Default Rollout Wizard
      • Custom Rollout Wizard
        • Structure of the custom wizard
          • String tables
          • Definition of the wizard
          • Sections
            • Conditions
            • Fields and attributes
            • Variables
            • Using device properties as variables
          • Actions
            • set
            • del
            • cat
            • cut
            • trigger_config_change
            • exec
        • Trace for rollout wizards
        • Using user-defined HTML templates
        • Uploading files for the wizard
        • Deleting wizard files from the device
        • Example of a Rollout Wizard:
      • Activating the Rollout Wizard in WEBconfig
      • Configuration with LANconfig
      • Receiving LSR information via DHCP server (zero-touch rollout)
        • Configuring the zero-touch rollout
    • TCP port tunnel
      • Configuring the TCP/HTTP tunnel
      • Create the TCP/HTTP tunnel
      • Deleting the TCP/HTTP tunnel before it expires
    • The LANCOM High Availability Clustering Option
      • Setting up configuration synchronization
      • 1-Click WLC High Availability Clustering Wizard
    • CPE WAN Management Protocol (CWMP)
      • Setting up CWMP with LANconfig
      • Device configuration via CWMP
    • LANCOM Battery Pack
      • Configuration with LANconfig
    • Setting known loopback addresses
    • Configuration option for IPv4/IPv6 resolution with DNS resolutions
    • Customize the management ports for device access
    • Changing the SIM card PIN
  • LANtools
    • LANconfig – configuring devices
      • Start LANconfig
      • Working with LANconfig
        • User-specific settings for LANconfig
        • Switching the language of the graphical user interface
        • Using directory trees to get organized
        • Better overview in LANconfig with more columns
        • QuickFinder in LANconfig
        • Quick links for managing source tables
        • Choice of Wizard or configuration dialog
        • Multithreading
        • Project management with LANconfig
        • Flexible group configuration with LANconfig
          • Creating a new group configuration file
          • Using an existing group configuration file
          • Updating device configurations with group configurations
          • Updating group configurations by means of a master device
          • Using multiple group configurations
          • Transferring device configurations to similar models
        • Automatic backup of the device configuration
        • Advanced meta data for configuration files
        • Quick Rollback
        • CSV export
        • Importing from a data source (CSV)
          • Content of the CSV file
          • Content of the configuration template file
          • Creating the configuration files
        • LANCOM Software Update for LANtools
          • Manually starting LANCOM Software Update
          • Settings for the automatic search for new updates
          • Selecting and installing the available updates
        • Searching for firmware updates in the archive
        • Exporting key fingerprints when commissioning CC devices
      • LANconfig menu structure
        • File
          • Add device
            • General
            • Backup
          • Delete device
          • Find devices
          • Check devices in this view
          • Check all devices for firmware updates
          • Cancel all actions
          • Devices/configurations from CSV file
          • Export device list
          • New folder
          • Exit
        • Edit
          • New configuration file
          • Edit configuration file
          • Wizard configuration file
          • Print configuration file
          • Select all devices in this view
          • Invert selection
        • Device
          • Configure
          • Setup Wizard
          • Quick Rollback
          • Check
          • Cancel action
          • Configuration management
          • Firmware management
          • WEBconfig / console session
          • Monitor device
          • Monitor device temporarily
          • Monitor WLAN device
          • Create trace output
          • Set date/time
          • Activate software option
          • Check CC compliance
          • Reboot
          • Unlocking the SIM card
          • Properties
            • General
            • Protocols & logins
            • Backup
            • VPN
            • Information
            • Features & options
        • Group
          • New group configuration
          • New folder with group configuration
          • Add group configuration
          • Edit group configuration
          • Refresh all devices
          • Update recommended devices
          • Provide as template
          • Active
          • Delete
          • Properties
        • View
          • Toolbar
          • Status bar
          • Folder tree
          • Log view
          • Flat view mode
          • Large icons
          • Small icons
          • List
          • Details
          • Arrange icons
          • Select columns
          • Display gridlines
          • Display check boxes
          • View log file
          • Up
        • Tools
          • Options
            • General
            • Home
            • Communication
            • Proxy
            • Application
            • Backup
            • Extras
            • Update
          • Start LANmonitor
          • Start WLANmonitor
          • Analyze trace output
          • Start CC Startup Wizard
          • Check for updates
        • Help
          • Help topics
          • Support
          • Info
      • Toolbar icons
      • LANconfig context menu
      • LANconfig keyboard shortcuts
      • LANconfig command line parameters
        • Options
        • Commands
      • LANconfig application concepts
        • Creating a password in LANconfig
        • Different notations for MAC addresses
      • Pairing devices with the LANCOM Management Cloud
        • Basics of the LANCOM Management Cloud
        • Pairing devices with the LANCOM Management Cloud
          • Pairing existing devices via LANconfig
          • Pairing existing devices via WEBconfig
          • Pairing existing devices via the command line
        • Manual upfront configuration of your device for management by the LANCOM Management Cloud
    • LANmonitor – monitoring devices on the LAN
      • Start LANmonitor
      • QuickFinder in LANmonitor
      • Display functions in LANmonitor
      • The menu structure in LANmonitor
        • File
          • Add device
            • General
            • Protocols & logins
            • View
            • Logging
          • Delete device
          • Find devices
          • Refresh all devices
          • Expand devices
          • Collapse devices
          • Exit
        • Device
          • Refresh display
          • View VPN connections
          • View device activities
          • View syslog
          • View IPv6 firewall event log
          • View IPv4 firewall event log
          • View DHCP table
          • Show accounting information
          • View volume budget archive
          • Reset time and charge limit
          • Ping
          • Create trace output
          • Show spectral scan
          • Setting up point-to-point WLAN antennas
          • Configure
          • Start the web browser
          • Show content filter categories
          • Show content filter log
          • Properties
            • Information
            • Advanced
        • View
          • Always on top
          • Show status in systray
          • Minimize LANmonitor to systray
          • Toolbar
          • Show
        • Tools
          • Start LANmonitor (temporary)
          • Start WLANmonitor
          • Start LANconfig
          • Open device logging file
          • Open accounting file
          • Open SYSLOG file
          • Analyze trace output
          • Ping
          • Options
        • Help
          • Help topics
          • Info
      • The toolbar in LANmonitor
      • LANmonitor context menu
      • LANmonitor keyboard shortcuts
      • LANmonitor application concepts
        • Performance monitoring with LANmonitor
        • Check Internet connection
        • Show the current protocol for the ADSL/VDSL interface
        • Display of the GPS time
        • Querying CPU and memory utilization via SNMP
        • Password protection for SNMP read-only access.
    • WLANmonitor – monitoring wireless devices
      • Start WLANmonitor
      • QuickFinder in WLANmonitor
      • Rogue detection
        • The group "Rogue AP detection"
        • The group "Rogue client detection"
      • The menu structure in WLANmonitor
        • File
          • Exit
        • Group
          • Add group
          • Delete group
          • Rename group
        • Access point
          • Add access point
          • Delete access point
          • Find access points
          • Refresh all access points
          • Refresh display
          • Properties
        • WLAN controller
          • Add WLAN controller
          • Delete WLAN controller
          • Find WLAN controller
          • Refresh all WLAN controllers
          • Refresh display
          • Properties
        • View
          • Show status in systray
          • Minimize WLANmonitor to systray
          • Windows adjust vertical
          • Windows adjust horizontal
          • Mark or filter rows
          • Toolbar
          • Status bar
        • Tools
          • Options
            • General
            • E-mail notification
            • Rogue AP detection
            • Rogue client detection
          • Start LANmonitor
          • Start LANconfig
        • Help
          • Help topics
          • Info
      • The toolbar in WLANmonitor
      • WLANmonitor context menu
      • WLANmonitor keyboard shortcuts
      • WLANmonitor application concepts
        • Enabling background scans for access points
    • LANtracer – tracing with LANconfig and LANmonitor
      • Starting LANtracer
      • Working with LANtracer
        • Guided configuration of trace output
        • Expert configuration of trace output
        • Filtering trace output
        • Display of the trace results
        • Cascaded find
        • Backup settings for traces
        • Backing up and restoring the trace data
        • Backing up and restoring the trace configuration
        • Exporting a configuration file for Support
      • The menu structure in LANtracer
        • File
          • Load trace data
          • Save trace data/support configuration
          • Load trace configuration
          • Save trace configuration
          • Import trace data
          • Save support configuration
          • Close
        • Edit
          • Find
          • Delete trace data
        • View
          • Trace results
          • Result twin view
          • Configuration
        • Traces
          • Start tracing
          • Start tracing
        • Extras
          • Miscellaneous settings
            • Trace preferences
            • Support configuration file
      • The toolbar in LANtracer
      • LANtracer context menu
      • LANtracer keyboard commands
  • Diagnosis
    • Trace information—for advanced users
      • How to start a trace
      • Overview of the keys
      • Parameter overview for the trace command
        • Advanced wireless LAN traces
      • Combination commands
      • Trace filterss
      • Examples of traces
      • Recording traces
      • Trace to an attached USB drive
    • Tracing with LANmonitor
    • Recording and analyzing data packets
      • Data capture with packet capturing
      • Data capture with LCOSCAP
      • Data capture with RPCap
        • Activating packet capture with WEBconfig
        • Activating packet capture from the command line
        • Analyzing captured packets with Wireshark
      • Output capture data to a USB drive
    • The SYSLOG module
      • Structure of SYSLOG messages
        • Priority
        • Header
        • Contents
      • Configuring SYSLOG
        • SYSLOG servers
        • SYSLOG facility mapping
        • Filter
        • System event logging
        • Logging DNS requests and responses to external SYSLOG servers
      • Meaning of SYSLOG messages
        • Extended status display of the login to the cellular network
        • Documenting events on the xDSL interface
    • Parameter overview for the ping command
    • Monitoring the switch
    • Cable test
    • Average value of the CPU load display
      • Introduction
      • Configuration
    • Sending attachments with the mailto command
    • Enhanced Sysinfo
      • Output additional ports in SYSINFO at the console
      • Output the configuration date
      • Output the configuration hashes
      • Output the configuration version
    • Bandwidth measurements with iPerf
      • Setting up iPerf with LANconfig
      • Temporary iPerf server and client
      • Analyzing iPerf results with LANmonitor
    • SLA monitoring
      • Configuring SLA monitoring with LANconfig
      • Displaying the SLA monitoring results in LANmonitor
    • Layer-7 application detection
      • IPv4/IPv6 traffic accounting
  • Security
    • Protecting the configuration
      • Password protection
        • Handling passwords properly
        • Entering the password
        • Protecting the SNMP access
      • Further administrators with restricted rights
      • Login barring
      • Restricting access to the configuration
        • Restricting access to the ISDN administrator account
        • Restricting network configuration access
        • Restricting access to the network configuration to specific IP addresses
      • Management protocols
      • Deactivating Ethernet interfaces
    • Securing ISDN dial-in access
      • Identification control
        • Verification of user name and password
        • Number verification
      • Callback
    • Location verification by ISDN or GPS
      • GPS location verification
      • ISDN location verification
      • Configuring location verification
        • Status request, location verification
    • Preventing password form fields in the browser from storing passwords
    • The security checklist
  • Routing and WAN connections
    • General information about WAN connections
      • Bridges for standard protocols
        • Which protocols are used on WAN connections?
        • Close cooperation with the router modules
      • What happens with a request from the LAN?
    • IP routing
      • Routing behavior
        • General rules
        • Specific rules
        • Other examples
      • Routing options
      • Prefix lists
      • The routing table
        • Administrative distance
        • Routing tables for IPv4/IPv6
          • IPv4
          • IPv6
      • Policy-based routing
        • Routing tags for VPN and PPTP connections
      • Dynamic routing with IP RIP
        • What information is propagated via IP RIP?
        • What information does the router extract from received IP RIP packets?
        • What do the entries mean?
        • Interaction of static and dynamic tables
        • Scaling with IP RIP
        • Configuring the IP RIP function
        • RIP filter
        • Setting up RIP for separate networks
        • Timer settings
        • Triggered update in the LAN
        • Triggered update in the WAN
        • Poisoned reverse
        • Static routes for constant propagation
      • SYN/ACK speedup
        • Switch off in case of problems
    • Advanced Routing and Forwarding (ARF)
      • Introduction
      • Defining networks and assigning interfaces
      • Assigning logical interfaces to bridge groups
      • Filtering protocols
      • Interfaces tags for remote sites
        • Assigning interface tags via the tag table
      • Setting the routing tag for local routes
      • Routing tags for DNS forwarding
      • Virtual routers
      • >NetBIOS proxy
    • Configuring remote sites
      • Remote sites
      • Layers list
    • Generic routing encapsulation (GRE)
      • Understanding the generic routing encapsulation (GRE) protocol
        • Configuring a GRE tunnel
      • Ethernet-over-GRE (EoGRE)
        • Configuring an EoGRE tunnel
        • Connecting a local interface to an EoGRE tunnel
    • IP masquerading
      • Simple masquerading
        • How IP masquerading works
        • Which protocols can be transmitted with IP masquerading?
        • Configuring IP Masquerading
      • Port forwarding (inverse masquerading)
    • Demilitarized Zone (DMZ)
      • Assigning network zones to the DMZ
      • Address check with DMZ and intranet interfaces
      • Unmasked Internet access for servers in the DMZ
        • Two local networks – operating servers in the DMZ
        • Separation of intranet and DMZ
    • Multi PPPoE
      • Example application: Home office with private Internet access
      • Configuration
    • Load balancing
      • DSL port mapping
        • Assignment of switch ports to the DSL ports
        • Assigning MAC addresses to the DSL ports
      • DSL channel bundling (MLPPPoE)
      • Dynamic load balancing
        • Connecting
        • Spreading the data load
        • Client binding
        • Load balancing with client binding
        • Load balancer from RADIUS configuration
      • Dynamic load balancing
        • Destination-based channel selection
        • Policy-based routing
      • Indirect bundling for LAN-LAN links via PPTP
      • Configuring load balancing
        • Direct channel bundling via PPPoE
        • Direct channel bundling via PPTP
        • Dynamic load balancing with multiple DSL connections
    • SD‑WAN Dynamic Path Selection
      • Configuring Dynamic Path Selection
        • ICMP-Measurement-Profiles
        • HTTP measurement profiles
        • Policies
        • Policy-Assignments
        • Policy exceptions
        • Switchover-Profiles
      • Show commands
      • Sample configurations
        • Scenario with two VPN tunnels over two different Internet connections from the branch office to the headquarters
    • N:N mapping
      • Example applications
        • Network coupling
        • Remote maintenance and monitoring of networks
      • Configuration
        • Setting up address translation
        • Additional configuration hints
        • Configuration with different tools
    • Select the protocol for the ADSL interface
    • Connection establishment with PPP
      • The protocol
        • What is PPP?
        • What is PPP used for?
        • The phases of PPP negotiation
        • PPP negotiation in the device
      • Everything OK? Checking the line with LCP
      • Assigning IP addresses via PPP
        • Examples
      • Settings in the PPP list
      • The meaning of the DEFAULT remote site
      • RADIUS authentication of PPP connections
        • WAN RADIUS table
      • 32 additional gateways for PPTP connections
        • Introduction
        • Configuration
    • DSL connection establishment using PPTP
      • Configuring PPTP
    • Permanent connection for flat rates – keep-alive
      • Configuring the keep-alive function
    • Data volumes on the WAN interface
      • Configuring data volume budgets
      • Budget analysis
    • Callback functions
      • Callback as per Microsoft CBCP
        • No callback
        • Callback number specified by caller
        • Callback number set in the device
      • Callback, fast procedure
      • Callback as per RFC 1570 (PPP LCP extensions)
        • Configuration
      • Overview of the callback function configuration
    • ISDN channel bundling with MLPPP
      • Two methods of channel bundling
      • How to configure channel bundling
    • Operating a modem over the serial interface
      • Introduction
      • System requirements
      • Installation
      • Set the serial interface to modem operation
      • Configuring the modem parameters
      • Direct entry of AT commands
      • Statistics
      • Trace output
      • Configuring remote sites for V.24 WAN interfaces
      • Configuring a backup connection on the serial interface
      • Contact assignment of the LANCOM modem adapter kit
    • Manual definition of the MTU
      • Configuration
      • Statistics
    • WAN RIP
    • The Rapid Spanning Tree Protocol
      • Classic and rapid spanning tree
      • Improvements from rapid spanning tree
      • Configuring the Spanning Tree Protocol
        • General parameters
        • Port table
      • Status reports via the Spanning Tree Protocol
        • General status information
        • Information in the port table
        • Information in the RSTP port statistics
    • The Action table
      • Introduction
      • Actions for Dynamic DNS
        • Dynamic DNS client on the workstation
        • Dynamic-DNS client in the device via HTTP
        • Dynamic-DNS client in the device via GnuDIP
      • Further example actions
        • Broken connection alert as an SMS to a mobile telephone
        • Example: Suppress messaging in case of re-connects with a DSL connection
      • Configuration
    • Using the serial interface in the LAN
      • Introduction
      • Operating modes
      • Serial interface configuration
      • Configuring the COM port server
        • Operational
        • COM-Port-Settings
        • Network settings
      • WAN device configuration
      • Serial connection status information
        • Network status
        • COM-port settings
        • Byte counters
        • Port errors
        • Connections
        • Delete values
      • COM-port adapters
    • Forwarding data packets from LAN via X.25 (ISDN)
    • IGMP / MLD snooping
      • Introduction
      • IGMP/MLD snooping operation
      • IGMP/MLD snooping through multiple bridges
      • Configuration
      • IGMP/MLD status
        • General statistics
        • Port status
        • Groups
        • Simulated queriers
    • Configuring WWAN access
    • Switching between mobile profiles or SIM cards
    • BGPv4
      • Border Gateway Protocol version 4 (BGPv4)
        • Configuring BGPv4 with LANconfig
          • BGP instance
          • Neighbors
          • Neighbor profiles
          • IPv4 networks
          • IPv6 networks
          • IPv4 address family
          • IPv6 address family
          • BGP policy
            • Filter
            • Matches
            • AS Path (attribute list)
            • Communities (attribute list)
            • Prefix (attribute list)
            • Large Communities (Attributes list)
            • Actions
            • AS Path (override list)
            • Communities (override list)
            • Basic (override list)
            • Large Communities (Overrides list)
      • Best-path selection algorithm
        • Influencing the routing algorithm with attributes
      • Tutorial: Setting up BGPv4 under LANconfig
      • Tutorial: Setting preferences for prefixes
      • Tutorial: Setting the Community attribute
      • Tutorial: Filtering received prefixes
    • OSPF
      • Setting up OSPF with LANconfig
        • OSPF instance
        • OSPF areas
        • OSPF interfaces
        • NBMA neighbors
        • Point-to-multipoint neighbors
        • Virtual links
        • Area address aggregation
        • Route redistribution
        • BGP
        • Connected
        • Static
      • Show commands via CLI
    • Bidirectional Forwarding Detection (BFD)
      • Profiles
      • Key-Chains
      • Show commands via CLI
    • BGP RPKI-RTR
      • Configuring RPKI
        • RPKI caches
      • The CLI show commands
    • Locator / ID Separation Protocol (LISP)
      • Configuration
      • LISP tutorial
    • Route monitor
      • Configuring the route monitor with LANconfig
    • DSLoL for WLAN routers
  • IPv6
    • IPv6 basics
      • Why use IPv6-standard IP addresses?
      • IP address structure according to the IPv6 standard
      • Stages of migration
    • Basic settings
      • LAN interfaces
      • WAN profiles
      • RAS templates
      • IPv6 addresses
      • IPv6 parameters
      • Loopback addresses
      • Setting up IPv6 Internet access
        • IPv6 access using the Setup Wizard in LANconfig
          • Setup Wizard – setting up IPv6 in a new device
          • Setup Wizard – Setting up IPv6 on an existing device
    • Router-Advertisement
      • Interface options
      • Prefix list
      • Prefix pools
      • DNS options
      • Route options
      • PREF64 options
      • Router advertisement snooping
    • DHCPv6
      • DHCPv6 server
        • DHCPv6 networks
        • Address pools
        • Prefix delegation pools
        • Reservations
        • DHCPv6 options
      • DHCPv6 client
        • Client interfaces
        • Further options
      • DHCPv6 Relay Agent
      • Lightweight DHCPv6 Relay Agent (LDRA)
    • IPv6 firewall
      • Feature
      • Configuration
        • Configuring IPv6 firewall rules
          • IPv6 inbound rules
          • IPv6 forwarding rules
          • Action list
          • Action objects
          • Conditions
          • Further measures
          • Service list
          • TCP/UDP service objects
          • ICMP service objects
          • IP protocol objects
          • Station list
          • Station objects
          • NPTv6
            • Examples
            • Show commands via CLI
      • IPv6 firewall log table
        • Analyzing the IPv6 firewall log table with WEBconfig
    • IPv6 tunnel technologies
      • 6to4 tunnel
      • 6in4 tunnel
      • 6rd tunnel
      • Dual-Stack Lite (DS-Lite)
      • 464XLAT
      • Setting up tunnels
        • Setting up a 6to4 tunnel
          • Configuration
        • Configuring a 6in4 tunnel
        • Configuring a 6rd tunnel
        • Setting up a Dual-Stack Lite (DS-Lite) tunnel
        • IPv4 VPN tunnel over IPv6
          • Setup Wizard – setting up an IPv4 VPN connection over IPv6
  • Firewall
    • Threat analysis
      • The dangers
      • The paths of the attackers
      • The methods
      • The victims
    • What is a firewall?
      • The tasks of a firewall
        • Checking data packets
        • Logging and alerting
      • Different types of firewalls
        • Packet filters
        • Stateful packet inspection
        • Application gateway
    • The firewall in the device
      • How the firewall inspects data packets
      • Special protocols
        • UDP connections
        • TCP connections
        • ICMP connections
        • Connections using other protocols
      • General settings of the firewall
        • Firewall / QoS enabled
        • Administrator e-mail
        • Fragments
        • Session recovery
        • Ping blocking
        • TCP stealth mode
        • Mask authentication port
        • Application definitions for layer-7 detection and layer-7 application control
        • SD-WAN application routing / Layer-7 application control
          • Configuration
      • Parameters of the firewall rules
        • Components of a firewall rule
        • Priority
        • Observe further rules
        • Application of the firewall rules
        • Connection
        • Condition
        • Limit (trigger)
        • Packet action
        • Further measures
        • Quality of Service (QoS)
      • Alert functions of the firewall
        • SYSLOG notifications
        • Notification by e-mail
        • Notification by SNMP trap
      • Strategies for configuring the firewall
        • Allow all
        • Deny all
        • Firewall with DMZ
      • Tips for setting the firewall
        • Default firewall settings
        • Security through NAT and stateful inspection
        • Establishing an explicit deny-all strategy
    • Configuring the firewall with LANconfig
      • Definition of firewall objects
        • Action objects
        • QoS objects
        • Station objects
        • Service objects
      • Defining firewall rules
        • Adding a new firewall rule
        • Editing firewall rules
    • Configuring firewall rules from the command line
      • Rules
      • Object table
      • Action table
    • Firewall diagnosis
      • The firewall table
        • Filter list
        • Connection list
        • Port block list
        • Host block list
    • Firewall limitations
    • Protection against break-in attempts: Intrusion detection
      • Examples of attempted break-ins
        • IP spoofing
        • Port scan detection
      • Configuring the IDS
    • Protection against Denial-of-Service attacks
      • Increased DoS threshold value for central devices
      • Examples of Denial-of-Service attacks
        • SYN flooding
        • Smurf
        • LAND
        • Ping of Death
        • Teardrop
        • Bonk / Fragrouter
      • Configuring DoS blocking
      • Configuring ping blocking and stealth mode
    • WAN policy-based NAT
      • Configuring policy-based NAT with firewall rules
  • Quality of Service
    • What is QoS used for?
    • Which data packets to prefer?
      • What is DiffServ?
      • Guaranteed minimum bandwidth
        • Fully dynamic bandwidth management when sending
        • Dynamic bandwidth management also for reception
      • Limited maximum bandwidths
        • Combination possible
    • The queue concept
      • Queues in the send direction
      • Queues in the receiving direction
    • Reducing the packet length
    • QoS parameters for Voice-over-IP applications
    • QoS in send or receive direction
    • QoS configuration
      • Evaluating ToS and DiffServ fields
        • ToS or DiffServ?
        • DiffServ in firewall rules
      • Defining minimum and maximum bandwidths
      • Setting transmission rates for interfaces
      • Sending and receiving direction
      • Reducing the packet length
    • QoS for WLANs according to IEEE 802.11e (WMM/WME)
  • Multicast routing
    • General multicast show commands
    • General settings
      • IPv4 filter lists
      • IPv6 filter lists
    • IGMP (Internet Group Management Protocol)
      • IGMP parameters
      • SSM range
      • IGMP proxy
      • Static IPv4 multicast routing
      • SSM source IP list
      • Tutorial: Setting up an IGMP proxy
    • MLD (Multicast Listener Discovery)
      • MLD parameters
      • SSM range
      • MLD proxy
      • Static IPv6 multicast routing
      • SSM source IP list
    • PIM (Protocol Independent Multicast)
      • Interfaces
      • IPv4 RP list
      • IPv4 SSM list
      • IPv4 SSM mapping
      • IPv6 RP list
      • IPv6 SSM list
      • IPv6 SSM mapping
    • Further Multicast Protocols
      • Bonjour proxy
        • Bonjour basics
        • Configuration with LANconfig
  • Virtual Private Networks – VPN
    • What does VPN offer?
      • Conventional network infrastructure
      • Networking via the Internet
      • Private IP addresses on the Internet?
        • Routing at the IP level with VPN
      • Secure communications via the Internet?
        • VPN – Security through encryption
        • Send your data through the tunnel – for security’s sake
    • The VPN module at a glance
      • VPN example application
      • Functions of the VPN module
    • VPN connections in detail
      • LAN-LAN links
        • Internet access in parallel
      • Dial-in connections (Remote Access Service)
    • What is LANCOM Dynamic VPN?
      • A look at IP addressing
        • Static and dynamic IP addresses
        • Advantages and disadvantages of dynamic IP addresses
      • This is how LANCOM Dynamic VPN works
        • Dynamic – static
        • Static – dynamic
        • Dynamic – dynamic
        • Dynamic IP addresses and DynDNS
    • Configuring VPN connections
      • VPN tunnel: Connections between VPN gateways
      • Set up VPN connections with the Setup Wizard
      • 1-Click-VPN for networks (site-to-site)
      • 1-Click-VPN for the LANCOM Advanced VPN Client
      • Inspecting VPN rules
      • Manually setting up VPN connections
      • IKE config mode
      • Diagnosis of VPN connections
    • myVPN
      • Using the Setup Wizard in LANconfig to set up a VPN profile for the LANCOM myVPN app
      • Retrieve the VPN profile with the LANCOM myVPN app
      • Opening and closing the VPN connection on the iOS device
      • Deleting a VPN profile from the iOS device
      • Configuring the LANCOM myVPN app
    • Working with digital certificates
      • Basics
        • Symmetrical encryption
        • Asymmetric encryption
        • Combination of symmetrical and asymmetrical encryption
        • Public key infrastructure
      • Advantages of certificates
      • Structure of certificates
        • Contents
        • Target application
        • Formats
        • File types
        • Validity
      • Security
      • Certificates for establishing VPN connections
      • Certificates from certificate service providers
      • Establishing a proprietary CA
      • Requesting a certificate with Stand-alone Windows CA
      • Export the certificate to a PKCS#12 file
        • Export via the Windows CLI root
      • Create certificates with OpenSSL
        • Installing OpenSSL
        • Issue a certificate for Root CA
        • Issue certificates for users or devices
      • Uploading certificates to the device
      • Saving and uploading certificates with LANconfig
      • Extended certificate support
        • Multi-level certificate hierarchies
        • Adjustable trace level for the SCEP client
      • Set up VPN connections to support certificates
      • Set up certificate-based VPN connections with the Setup Wizard
        • LAN connectivity
        • RAS connections
      • Setting up the LANCOM Advanced VPN Client for certificate connections
      • Simplified RAS with certificates
      • Simplified network connection with certificates – proadaptive VPN
      • Request certificates using CERTREQ
      • Certificate revocation list – CRL
        • Configuring the CRL function
        • CRL status display in LANmonitor
      • Wildcard matching of certificates
        • Introduction
        • Configuration
      • Diagnosis of VPN certificate connections
      • OCSP client for certificate validation
        • Introduction
    • Multi-level certificates for SSL/TLS
      • Introduction
      • SSL/TLS with multi-level certificates
      • VPN with multi-level certificates
    • Certificate enrollment via SCEP
      • SCEP server and SCEP client
      • Distributing certificates
      • Configuration of SCEP
        • Global SCEP parameters
        • Actions
        • Configuring the CAs
        • Configuring the certificate table
        • SCEP client logging
      • Using smart certificates
        • Creating templates for certificate profiles
        • Creating a profile in LANconfig
        • Certificate creation with WEBconfig
        • Certificate management with WEBconfig
        • Managing certificates in LANmonitor
        • Creating certificates via URL-API
        • OCSP server
          • Configuring the OCSP server
    • NAT Traversal (NAT-T)
    • Extended Authentication Protocol (XAUTH)
      • Introduction
      • XAUTH in the firmware
      • Configuration of XAUTH
      • XAUTH with external RADIUS servers
    • Backup via alternative VPN connection
      • Introduction
      • Backup-capable network infrastructure
        • Basic prerequisites
        • Hierarchy for establishing VPN connections
        • Network definitions
        • Routing information
        • Establishing a backup connection
        • Re-establishing the primary connection
      • Configuring the VPN backup
    • Automatic configuration synchronization (Config Sync) with the LANCOM VPN High Availability Clustering XL option
    • IPSec over HTTPS
      • Introduction
      • Configuring IPsec-over-HTTPS technology
      • Status displays of the IPsec-over-HTTPS technology
    • MPPE for PPTP tunnels
    • Layer-2 tunneling protocol (L2TP)
      • Configuring the L2TP tunnel
      • Authentication via RADIUS
      • Operation as an L2TP access concentrator (LAC)
      • Operation as an L2TP network server (LNS) with authentication via RADIUS
      • Operation as the L2TP network server (LNS) for RAS clients
      • Configuring a WLAN scenario for bridging payload data to the central site
    • Specific examples of connections
      • Static / static
      • Dynamic / static
      • Static / dynamic (with LANCOMDynamic VPN)
      • Dynamic / dynamic (with LANCOMDynamic VPN)
      • VPN connections: High availability with load balancing
        • Multiple VPN gateway addresses
        • Grouping and prioritization of alternative gateways
          • Further remote gateways
            • Example of an alternative gateway
          • Gateway groups
          • Gateway mappings
          • Example of an alternative gateway with prioritized groups
    • How does VPN operate?
      • IPsec – the foundation of VPN
        • Security in an IP environment
      • Alternatives to IPsec
        • Security at the connection level – PPTP, L2F, L2TP
        • Security at higher levels – SSL, S/MIME, PGP
        • Combinations are possible
    • The standards behind IPsec
      • IPsec modules and their tasks
      • Security Associations – numbered tunnels
      • Encryption of the packets – the ESP protocol
        • How ESP works
        • Transport and tunnel mode
        • Encryption algorithms
      • Key management – IKE
        • Establishing an SA with ISAKMP/Oakley
        • The regular exchange of new keys
      • Replay detection
    • IKEv2
      • Configuring IKEv2 with LANconfig
        • Connection list
        • Connection parameters
        • Authentication
        • Digital signature profile
        • Encryption
        • IPv4 addresses
        • IPv6 addresses
        • Split DNS
          • Split DNS domains
          • Split DNS profile
        • Extended settings
          • Authentication
          • Lifetimes
          • IPv4 routing
          • IPv6 routing
          • HSVPN profiles
          • RADIUS authentication
          • RADIUS accounting
          • IKEv2 fragmentation
          • CFG client profile
          • IKEv2 tunnel groups
          • IKEv2-Auto-IP-Profile
        • LANCOM Advanced Mesh VPN (AMVPN)
          • Licensing
          • Configuring Advanced Mesh VPN
          • Tutorial: Setting up Advanced Mesh VPN
        • IKEv2 load balancer
          • Instances
          • Message profiles
      • Two-factor authentication in the VPN
        • Configuration with LANconfig
      • RADIUS support for IKEv2
      • Tutorial: Setting up IKEv2 under LANconfig
      • Tutorial: Setting up a certificate-based IKEv2 VPN connection (RSA)
      • Tutorial: Setting up a certificate-based IKEv2 VPN connection (digital signature)
      • Tutorial – EAP client at an EAP server
    • LANconfig application concepts
      • 1-Click-VPN for networks (site-to-site)
      • 1-Click-VPN for the Advanced VPN Client
  • Virtual LANs (VLAN)
    • What is a virtual LAN?
    • VLAN and how it works
      • Frame tagging
      • Implementation in the LAN interfaces
      • Example applications
        • User and management traffic on a LAN
        • Different organizations on a LAN
    • Configuration of VLANs
      • General settings
        • To activate the VLAN module
        • VLAN tagging mode
        • Q-in-Q VLAN
      • The network table
      • The port table
    • Configurable VLAN IDs
      • Different VLAN IDs per WLAN client
      • VLAN IDs for DSL interfaces
      • Special VLAN IDs for DSLoL interfaces
    • VLAN tags on layer 2/3 in the Ethernet
      • Introduction
      • Configuring VLAN tagging on layer 2 / 3
  • Wireless LAN – WLAN
    • Introduction
    • Application scenarios
      • Infrastructure mode
      • Hotspot or guest access
      • Managed mode
      • WLAN bridge (point-to-point)
      • WLAN bridge in relay mode
      • WLAN bridge to the AP – managed and unmanaged mixed
      • Wireless distribution system (point-to-multipoint)
      • Client mode
      • Client mode with mobile objects in industry
    • WLAN standards
    • WLAN security
      • Basics
        • Authentication
        • Authenticity
        • Integrity
        • Confidentiality
      • WPA3 (Wi-Fi Protected Access 3)
        • WPA3-Personal
        • WPA3-Enterprise
      • IEEE 802.11i / WPA2
        • EAP and IEEE 802.1X
          • Status counters for IEEE 802.1X login attempts
        • WPA with passphrase
          • Status counters for WPA-PSK login attempts
        • TKIP
        • AES
        • Pre-authentication and PMK caching
      • TKIP and WPA
        • Negotiating the encryption method
      • WEP
      • LANCOM Enhanced Passphrase Security (LEPS)
        • LANCOM Enhanced Passphrase Security User (LEPS-U)
          • Configuration
        • LANCOM Enhanced Passphrase Security MAC (LEPS-MAC)
          • Configuration
      • Background WLAN scanning
        • Rogue AP detection
        • Fast roaming in client mode
        • Evaluating the background scan
      • Starting an environment scan at a configurable time
      • Replay-attack recognition
      • WLAN protected management frames (PMF)
    • LANCOM Active Radio Control (ARC)
      • Adaptive RF Optimization
        • Setting up Adaptive RF Optimization with LANconfig
      • Airtime Fairness
        • Setting up Airtime Fairness with LANconfig
      • WLAN band steering
        • Configuring band steering
      • Client Management
        • Configuration of Client Management
      • Adaptive noise immunity for reducing interference on the WLAN
      • Spectral scan
        • Functions of the software module
        • Spectral scan analysis window
    • Dynamic frequency selection (DFS)
      • DFS configuration
    • APSD – Automatic Power Save Delivery
      • Introduction
      • Configuration
      • Statistics
    • WLAN routing (isolated mode)
    • IEEE 802.11e user priority converted into VLAN tags
    • Establishing WLAN bridges
      • Configuring WLAN bridges
      • Setting up WLAN bridges with LANmonitor
      • Geometric dimensioning of outdoor wireless network links
        • Antenna selection with the LANCOM Antenna Distance Calculator
        • Positioning the antennas
        • Antenna power
      • Antenna alignment for P2P operations
      • Surveys for wireless bridges
      • Activating point-to-point operation mode
      • Configuration of P2P connections
      • LEPS-MAC for P2P connections
      • Access points in relay mode
    • Adaptive transmission power
    • Opportunistic key caching (OKC)
      • Encrypted OKC via IAPP
    • Fast roaming
      • Fast roaming with IAPP
    • Bandwidth limitations in the WLAN
      • Operating as an access point
      • Operating as a Client
      • Bandwidth restriction of the LAN interfaces
    • Redundant connections using PRP
      • Basic function
      • Advantages of WLAN PRP
      • Implementation of PRP in the access points
      • Implementing PRP exclusively over WLAN
      • Dual roaming
      • Diagnostic options
      • Tutorial: Setting up a PRP connection over a point-to-point network (P2P)
      • Tutorial: Roaming with a dual-radio client and PRP
    • Automatic adjustment of multicast and broadcast transmission rates
    • LANCOM "Wireless Quality Indicators" (WQI)
    • Configuring the WLAN parameters
      • General WLAN settings
      • The physical WLAN interfaces
        • Operation
        • Radio settings
        • Adaptive RF Optimization
        • Performance
        • Client mode
      • The logical WLAN interfaces
        • Network settings
        • Encryption settings
        • Transmission settings
        • Alarm settings
      • Point-to-point
      • Point-to-point partners
      • Expert WLAN settings
        • The beaconing table
        • Environment scan
        • The roaming table
        • Backup transmission power reduction (Adaptive Transmission Power)
        • RTLS
      • Configurable data rates per WLAN module
        • Configuring the data rates with LANconfig
      • RTLS (real-time location system)
        • Stanley AeroScout RTLS
          • Configuring Stanley AeroScout RTLS
        • AiRISTA Flow Blink Mode
          • Configuring AiRISTA Flow blink mode (formerly Ekahau blink mode)
      • IEEE 802.11k Roaming Targets
      • WLAN data trace
      • Client Management
        • Configuration of Client Management
      • WLAN security
        • General settings
        • Isolated SSID/VLAN IDs
        • Wireless Intrusion Detection System (WIDS)
          • Configuring WIDS on the AP
          • Configuring WIDS profiles on the WLC with LANconfig
      • Selecting approved stations for the WLAN
        • LEPS-U
        • Access-control list (LEPS-MAC)
        • WLAN and RADIUS
      • Encryption settings
        • WEP group keys
        • Group keys per VLAN
          • Managing VLAN group keys
      • IEEE 802.1X / EAP
        • RADIUS accounting
          • Accounting status types "Accounting On" and "Accounting Off"
        • Automatic exchange of WEP keys
          • Specific data rates for EAPOL packets
      • IEEE 802.11u and Hotspot 2.0
        • Hotspot operators and service providers
        • Functional description
          • Login by an 802.11u-enabled client at a Hotspot 2.0
        • Recommended general settings
        • Configuration menu for IEEE 802.11u / Hotspot 2.0
          • Activating interfaces
          • Configuring ANQP data packets
            • Venue information and group
            • ANQP profiles
            • NAI realms
            • Cellular network information list
            • Network authentication types
          • Configuring Hotspot 2.0
            • Hotspot 2.0 profiles
            • OSU providers
            • Operator list
            • Hotspot 2.0 settings
            • Expert settings
      • Static WLAN controller
      • AutoWDS
      • Advanced WLAN parameters
        • Noise offsets
        • UUID info element for LANCOM WLAN access points
        • Rate adaptation algorithm
        • Reduction of sensitivity for received packets
      • Location-based services (LBS)
        • HTTP interface
        • Thrift API
    • Configuring the client mode
      • Enabling client mode with LANconfig
      • Client settings
      • Radio settings
        • Greenfield mode for access points with IEEE 802.11n
      • Setting the SSID of the available network
      • Encryption settings
      • PMK caching in the WLAN client mode
      • Pre-authentication in WLAN-client mode
      • Multiple WLAN profiles in client mode
        • Introduction
        • Configuration
      • Roaming
        • ARF network for IAPP
  • WLAN management
    • Initial situation
    • Technical concepts
      • WLC features in the LANCOM vRouter
      • The CAPWAP standard
      • Smart controller technology
      • Communication between access point and WLAN controller
      • Zero-touch management
      • Split management
      • Protection against unauthorized CAPWAP access from the WAN
    • Basic configuration of the WLAN controller function
      • Setting the time information for the WLAN controller
      • Example: Default configuration
      • Assigning the default configuration to the new access points
      • Configuring the access points
    • Configuration
      • General settings
      • Profiles
        • WLAN profiles
        • General LBS profile and device location profile
        • Device LED profiles
        • ESL- and iBeacon profiles
        • Channel Profile Table
        • Link Aggregation profiles
        • Inheritance of parameters
        • Logical WLAN networks
        • Physical WLAN parameters
      • Access point configuration
        • IP parameter profiles
        • List of access points
        • Stations
        • Options for the WLAN controller
          • Event notification
          • Default parameters
        • Virtualization and guest access via WLAN controller with VLAN
          • Targets
          • Establish
          • Wireless LAN configuration of the WLAN controllers
          • Configuring the switch (LANCOM GS-2326P)
          • Configuring the IP networks in the WLAN controller
          • Configuring Public Spot access accounts
          • Configuring the internal RADIUS server for Public Spot operation
          • Configuring Internet access for the guest network
        • WLAN layer-3 tunneling
          • Introduction
          • Tutorials
            • Overlay network: Separating networks for access points without using VLAN
            • "Layer 3 roaming"
            • WLAN controller with Public Spot
      • IP-dependent auto configuration and tagging of APs
        • Setting up assignment groups for IP-dependent auto configuration
        • Setting up tag groups for the detailed selection of APs
    • Access point administration
      • Accepting new access points into the WLAN infrastructure manually
        • Using LANmonitor to accept access points
        • Accepting access points via WEBconfig with provision of a certificate
        • Accepting access points via WEBconfig with provision of a certificate and configuration
        • Adding new APs with the WEBconfig Setup Wizard
      • Manually removing access points from the WLAN infrastructure
      • Deactivating access points or permanently removing them from the WLAN infrastructure
        • Deactivating an access point
        • Permanently removing an access point from the WLAN infrastructure
    • AutoWDS – wireless integration of APs via P2P connections
      • Notes on operating AutoWDS
      • How it works
        • Deploying the AutoWDS base network
        • Differences between the integration modes
        • Designing the topology
        • Updating the AP configuration and establishing the P2P link
        • Connectivity loss and reconfiguration
        • Configuration timeouts
        • Example: Failure of an AP
      • Setup by means of preconfigured integration
        • Configuring the WLC
        • Configuring the APs
      • Accelerating preconfigured integration by pairing
      • Express integration
        • Configuring the WLC
        • Configuring the APs
      • Switching from express to preconfigured integration
      • Manual topology management
        • Configuring the WLC
      • Redundant paths by means of RSTP
    • Central firmware and script management
      • General settings for firmware management
        • Firmware management table
        • General settings for script management
        • Script management table
        • Internal script storage (script management without HTTP server)
    • RADIUS
      • Checking WLAN clients with RADIUS (MAC filter)
      • External RADIUS server
      • Dynamic VLAN assignment
      • Activating RADIUS accounting for logical WLANs in the WLAN controller
    • Displays and commands in LANmonitor
    • RF optimization
      • Group-related radio field optimization
    • Client steering by WLC
      • Configuration
    • Channel-load display in WLC mode
    • Backing up the certificates
      • Create backups of the certificates
      • Uploading a certificate backup into the device
      • Backing up and restoring further files from the SCEP-CA
      • One-click backup of the SCEP-CA
      • Using LANconfig to backup and restore certificates
    • Backup solutions
      • WLC cluster
        • Enabling/disabling CAPWAP in the WLC
        • WLC tunnel for internal communication
        • Finding the ideal WLC
        • Determining the ideal AP distribution
        • Manually initiate ideal AP distribution
        • Setting up a CA hierarchy
          • Configuring the root-CA
          • Configuring the sub-CA
      • Backup with redundant WLAN controllers
      • Backup with primary and secondary WLAN controllers
      • Primary and secondary controllers
      • Automatic search for alternative WLCs
      • One-click backup of the SCEP-CA
    • Automatic configuration synchronization (Config Sync) with the LANCOM WLC High Availability Clustering XL option
      • Special LANconfig icon for devices in a cluster or using Config Sync
      • Special LANmonitor icon for devices in a cluster or using Config Sync
  • Public Spot
    • Introduction
      • What is a Public Spot?
        • The solution: (W)LAN technology
        • User authorization and authentication
        • Accounting
        • Logging
      • Application scenarios
        • Guest access accounts in hotels
        • Guest access in sport arenas
        • Guest access at camping grounds
        • Guest access in schools and universities
        • Guest access in companies
        • Guest access for providers
        • Guest access in gastronomy
      • Overview of the Public Spot module
        • Open User Authentication (OUA)
          • Typical procedure for an online session with OUA
        • Security in the (W)LAN
          • Security for the operator
          • Security for the user
        • Setup wizard for Public Spots
        • Wizard for creating and managing users
    • Setup and operation
      • Basic configuration
        • Basic installation of a Public Spot for simple scenarios
          • Installation using the setup wizards
          • Manual installation
        • Setting default values for the Public Spot wizard
        • Setting up limited administrator rights for Public Spot managers
        • Setting up and managing Public Spot users for simple scenarios
          • Setup and management using the Setup Wizard (WEBconfig)
            • Adding Public Spot users with a single click and voucher printing
            • Wizard for Public Spot user management
            • Hiding fields in WEBconfig
          • Manual set up and management
      • Security settings
        • Traffic limit option
        • Restricting access to the configuration
      • Extended functions and settings
        • Multiple logins
          • Setting default values
          • Enabling multiple logins in the new user wizard
        • Open access networks (no login)
          • DNS snooping
        • Managing Public Spot users via the web API
          • URL structure
          • Adding a Public Spot user
          • Modifying a Public Spot user
          • Deleting a Public Spot user
        • Creating Public Spot users on a remote Public Spot gateway
        • Bandwidth profile
          • Manage bandwidth profiles
          • Assigning bandwidth profiles
        • Auto cleanup user table
        • Station monitoring
        • WLAN handover of sessions between devices
          • IAPP (inter access point protocol)
        • Authentication via RADIUS
          • Enabling the acceptance of RADIUS CoA requests by the Public Spot
          • Multiple authentication servers
          • Chaining of backup servers
        • Billing without a RADIUS accounting server
        • Billing with a RADIUS accounting server
          • Request types
          • Accounting backup
        • Multi-level certificates for Public Spots
        • Assigning users to individual VLANs
        • Error page in case of WAN connection failure
        • AP-specific login to a central Public Spot
        • Redirect for HTTPS connections
        • Protection against brute force attacks
      • Alternative login methods
        • Overview of authentication modes
        • Independent user authentication (Smart Ticket)
          • Configuring e-mail authentication
          • Configuring SMS authentication
            • Operating devices with the 3G/4G WWAN module as an SMS gateway
          • Customizing text message content
            • Variables and control characters
            • Standard texts for e-mail sender, subject line and body
          • Setting default values for the user templates
        • Automatic re-login
        • Automatic authentication with the MAC address
          • MAC-address check procedure
          • Authentication of the MAC address by RADIUS
          • Configuration by LANconfig
        • Automatic authentication via WISPr
          • Configuring WISPr
        • IEEE 802.11u and Hotspot 2.0
          • Hotspot operators and service providers
          • Functional description
            • Login by an 802.11u-enabled client at a Hotspot 2.0
          • Recommended general settings
          • Configuration menu for IEEE 802.11u / Hotspot 2.0
            • Activating interfaces
            • Configuring ANQP data packets
              • Venue information and group
              • ANQP profiles
              • NAI realms
              • Cellular network information list
              • Network authentication types
            • Configuring Hotspot 2.0
              • Hotspot 2.0 profiles
              • OSU providers
              • Operator list
              • Hotspot 2.0 settings
              • Expert settings
        • Interface for property management systems
          • Functional description
          • Configuring the PMS interface
          • Advanced settings
      • Internal and customized voucher and authentication pages (templates)
        • Possible authentication pages
        • Pre-installed default pages
          • Additional languages for the authentication pages
        • Customizing the standard pages
          • Customized text or login title for the login page
          • Custom header images for variable screen widths
          • Show/hide the vendor logo and header on the voucher
        • Configuration of user-defined pages
          • Login pages depending on the login mode
          • Special template pages for Smart Ticket
        • Setting up a customized template page
          • Embedding graphics in user-created template pages
        • Template caching
        • User-defined pages via HTTP redirect
        • User-defined pages via page templates
          • Auto fallback
          • Passed HTTP attributes
        • URL placeholder (template variables)
        • Tags and syntax of page templates
        • Page template identifiers
        • Graphics in user-defined pages
        • Template preview in WEBconfig
      • Viewing Public Spot clients
      • Displaying advertising to Public Spot users
    • Access to the Public Spot
      • Requirements for logging in
      • Logging in to the Public Spot
      • Session information
      • Logging out of the Public Spot
      • Advice and help
        • The Public Spot login page is not displayed
        • Login not working
        • It is no longer possible to login
        • The session information window is not being displayed
        • The Public Spot requests a new login for no reason (WLAN)
    • Tutorials for setting up and using Public Spots
      • Virtualization and guest access via WLAN controller with VLAN
        • Targets
        • Establish
        • Wireless LAN configuration of the WLAN controllers
        • Configuring the switch (LANCOM GS-2326P)
        • Configuring the IP networks in the WLAN controller
        • Configuring Public Spot access accounts
        • Configuring the internal RADIUS server for Public Spot operation
        • Configuring Internet access for the guest network
      • Virtualization and guest access via WLAN controller without VLAN
        • Overlay network: Separating networks for access points without using VLAN
        • WLAN controller with Public Spot
      • Setting up a secure hotspot with Enhanced Open
      • Setting up an external RADIUS server for user administration
      • Internal and external RADIUS servers combined
        • Realm-tagging for RADIUS forwarding
        • Configuring RADIUS forwarding
      • Checking WLAN clients with RADIUS (MAC filter)
      • Setting up an external SYSLOG server
        • Configuring an external SYSLOG server
    • XML interface
      • Feature
      • Setting up the XML interface
      • Analyzing the XML interface using cURL
      • Commands
        • Login
        • CoA
        • Logout
        • Status
    • Appendix
      • Commonly transmitted RADIUS attributes
        • Messages to and from the authentication server
          • Transferred attributes
          • Processed attributes
        • Messages to/from the accounting server
          • Transferred attributes
          • Processed attributes
      • RADIUS attributes transmitted via WISPr
  •  Voice over IP – VoIP
    • Introduction
    • VoIP implementation in LANCOM VoIP routers
      • Example applications
        • Supplementing existing ISDN PBXs
        • Connecting subsidiaries or home offices to the headquarters
        • VoIP for companies through SIP trunking
        • Integrating local ISDN connections with remote SIP gateway
        • Connecting sites without a SIP PBX
      • The central position of the LANCOM VoIP router
        • Users and lines
    • Call switching: Call routing
      • SIP proxy and SIP gateway
      • User registration at the SIP proxy
        • Registering at the LANCOM VoIP router (local registration)
        • Registration at an upstream SIP PBX (upstream registration)
        • Particular aspects for ISDN users
          • Dynamic ISDN users at point-to-point connections
      • Number translation at network transitions
      • The Call Manager
      • Telephony with LANCOM VoIP routers
        • Automatic outside line access
          • Example of a downstream PBX
          • Example of an upstream PBX
        • Dialing different number ranges
        • Service numbers
        • Dialing via specific lines
      • Hold call, swap call, transfer call
      • Transmission of DTMF tones
        • Configuring DTMF signaling
    • Configuring the VoIP parameters
      • General settings
      • Line configuration
        • SIP lines
        • Dynamic SIP lines
        • SIP mapping
        • SIP PBX lines
        • ISDN lines
        • ISDN mapping
      • Configuration of users
        • SIP users
        • General settings for all ISDN users
        • ISDN interfaces
        • ISDN users
        • General settings for all analog users
          • Analog interfaces
          • Analog users
        • Extended user settings
    • Call Manager Configuration
      • Process of call routing
      • Handling the calling party ID
        • Handling outgoing calls
        • Handling incoming calls
      • Call-routing table parameters
        • Prohibit control characters on SIP lines
        • Group call functions
      • Signaling parallel calls in the ISDN
      • Extended settings
    • Telephony (PBX) functions in LANCOM VoIP routers
      • Transfer and forward call
        • Active and passive forwarding
        • Call forwarding with and without consulting
        • Charges for calls when forwarding to external users
        • How the LANCOM VoIP router handles call forwarding
        • Active forwarding to local users
        • Active forwarding to external SIP users
        • Active forwarding to external ISDN users
        • Passive forwarding between local users
        • Passive forwarding from local to external users
      • Spontaneous call management by the user
        • Functions for spontaneous call management
        • Using spontaneous call management with various telephones
      • Configure permanent call forwarding
        • Triggering call forwarding
        • Configuring user settings with the telephone with character strings
      • Call forwarding (call deflection / partial rerouting) at the SIP trunk (SIP 302)
      • Fax via T.38 – Fax over IP (FoIP)
      • Hunt groups with call distribution
        • Introduction
        • Call distribution
        • Cascading of hunt groups
      • Multiple logins (multi login)
    • VoIP media proxy – Optimized management for SIP connections
    • SIP-ID as switchboard number with trunk lines
    • Switching at the SIP provider
    • SIP Application Layer Gateway (SIP ALG)
      • Properties
      • Configuration
    • Restricting or preventing SIP registration over WAN
    • Certificates for encrypted telephony
    • Handling canonical telephone numbers
    • Processing Destination Domains
      • Registration at upstream exchanges
      • Switching internal calls
    • Configuring the ISDN interfaces
      • Point-to-multipoint and point-to-point connections
      • Bus termination
      • Protocol settings
      • ISDN connection timing
    • Configuration examples
      • VoIP telephony in stand-alone operation
        • Objective
        • Requirements
        • Using the information during configuration
        • Configuring the device
        • Configuring the VoIP terminal equipment
        • Call routing procedure for outgoing calls
        • Call routing procedure for incoming calls
      • Using VoIP telephony to enhance the upstream ISDN PBX
        • Objective
        • Requirements
        • Using the information during configuration
        • Configuring the device
        • Configuring the VoIP terminal equipment
        • Configuring the ISDN PBX
        • Configuring the ISDN terminal equipment
        • Call routing procedure for outgoing calls
        • Call routing procedure for incoming calls
      • Connecting to an upstream SIP PBX
        • Objective
        • Requirements
        • Configuring the device
        • Configuring the VoIP terminal equipment
        • Configuring the SIP PBX
        • Call routing procedure for outgoing calls
      • VoIP connectivity between sites without a SIP PBX
        • Objective
        • Requirements
        • Configuring the device
        • Configuring the VoIP terminal equipment
        • Call routing procedure for outgoing calls
      • SIP trunking
        • Objectives in implementing the LANCOM VoIP router
        • Requirements
        • Configuring the device
        • Process of call routing
      • Block outgoing calls to service numbers
      • Rejecting incoming calls
      • Reject calls without a calling number
      • Forwarding calls without a calling number
    • Diagnosis of VoiP connections
      • SIP traces
      • Connection diagnosis with LANmonitor
    • VoSIP support in the Voice Call Manager
    • Auto provisioning LANCOM DECT 510 IP
      • Configuring DECT base stations and handsets with LANconfig
  • Backup solutions
    • High availability of networks
      • How is a network-connection disturbance detected?
        • PPP LCP echo monitoring
        • ICMP polling for IPv4
        • ICMPv6 polling
        • Dead peer detection (DPD)
      • High-availability of lines – backup connections
        • Configuration of the backup connection
        • Triggering the backup connection
        • Return to the standard connection
      • High-availability of gateways – redundant gateways with VPN load balancing
      • High availability Internet access – Multi-PPPoE
      • Example applications
        • Backing up DSL Internet access with ISDN Internet access
        • Backing up dynamic VPN network connectivity with a direct ISDN dial-in connection
        • Redundant VPN gateways
        • Backing up a VPN gateway with an ISDN gateway and RIP
    • Backup solutions and load balancing with VRRP
      • Introduction
      • Virtual Router Redundancy Protocol
        • Virtual and physical routers
        • Device, connection or remote site backup
        • Router ID defines standby groups
        • The Priority System
        • Backup chains
        • Return to the VRRP group
        • Connection establishment
      • Application scenarios
        • Backup solution with VRRP
        • Load balancing
        • Example application: Secure Internet access via two DSL/ISDN combination routers
      • Interaction with internal services
        • ARP
          • Routing of local services/ARP handling switchable
            • Introduction
            • Configuration
        • ICMP
        • DHCP
        • DNS server
        • NBNS/NetBIOS proxy
        • RIP
        • NTP
        • Other services
      • VRRP in the WAN
        • Same IP and MAC addresses
        • Routing protocols
      • Configuration
      • Status Information
    • Interface bundling with LACP
      • Configuring the LACP interfaces
    • Support for vRouter redundancy in Amazon AWS
      • Configuration
      • Commands
      • Configuring the IAM role in AWS
  • RADIUS
    • How RADIUS works
    • Using RADIUS to login to the LCOS management GUI
    • RADIUS as authenticator or network access server (NAS)
      • General settings
      • Dial-in using PPP and RADIUS
      • Dial-in using WLAN and RADIUS
      • Dial-in using a public spot and RADIUS
      • Dial-in using 802.1X and RADIUS
        • Availability monitoring for external RADIUS servers
      • Additional source ports for access requests
    • RADIUS server
      • RADIUS service
      • RADIUS / RADSEC clients
      • User database
        • Importing and exporting RADIUS user data by CSV file
          • Exporting RADIUS user data by CSV file
          • Importing RADIUS user data by CSV file
        • OTP user accounts
      • Forwarding
      • EAP authentication
      • User-defined attributes
      • Options
    • RADIUS attributes
      • RADIUS attributes configurable
      • RADIUS attribute extensions for IPv6 RAS services
    • Dynamic Peer Discovery
    • Dynamic authorization by RADIUS CoA (Change of Authorization)
      • Configuring dynamic authorization with LANconfig
    • RADSEC
      • Configuring RADSEC for the client
        • Device as a RADIUS client
        • Device as a RADIUS server
      • Certificates for RADSEC
  • IoT – the Internet of Things
    • Wireless ePaper
      • Settings for Wireless ePaper
    • iBeacon
    • BLE scanner and beacon
      • Settings for BLE
      • Monitoring
        • Monitoring on the CLI
        • Monitoring with LANmonitor
  • Other services
    • Automatic IP address administration with DHCP
      • Introduction
        • DHCP server
        • DHCP relay
        • BOOTP
      • Configuring DHCPv4 parameters with LANconfig
        • Port table
        • DHCP networks
        • DHCP options
        • DHCP lease RADIUS accounting
        • Lease time of address assignments
        • Vendor Class and User Class Identifier on the DHCP Client
        • BOOTP: Configuring the assignment of fixed IP addresses to specific clients
        • DHCPv4 client options
      • Configuring DHCP clients
      • DHCP-client option Classless Static Route
      • DHCP relay server
        • DNS resolution of names learned via DHCP
      • Displaying status information from the DHCP server
      • DHCP cluster
      • Alternative DHCP server for forwarding
      • DHCP snooping and DHCP option 82
      • Assigning IP addresses based on DHCP option 82
      • Delivering LANCOM Management Cloud parameters with the DHCP server
        • Configuration
    • Domain Name Service (DNS)
      • What does a DNS server do?
        • How does the DNS server react to a request?
      • DNS forwarding
        • Special DNS forwarding
        • General DNS forwarding
      • Setting up the DNS server
      • Logging DNS queries with SYSLOG
      • URL blocking
      • DNS filter for DNS data tunnels
      • Dynamic DNS
        • How to deposit the current IP address at the Dynamic DNS server?
    • Accounting
      • Operating principles
      • Switching accounting on or off on the fly
      • Data traffic counting
      • Configuring accounting
    • Call charge management
      • Connection limits for DSL and cable modem
      • Charge-based ISDN connection limits
      • Time dependent ISDN connection limit
      • Settings in the charge module
    • Time server for the local net
      • Configuring the time server under LANconfig
      • Configuring the NTP client
        • User-defined daylight-saving time change
      • Obtaining the device time via GPS
    • Scheduled Events
      • Regular Execution of LCOS-Commands
      • CRON jobs with time delay
      • Configuring the scheduler
    • PPPoE Servers
      • Introduction
      • PPPoE can only be used on a network segment.
      • Example application
      • Configuration
      • PPPoE snooping
    • Simple Network Management Protocol (SNMP)
      • SNMPv3 basics
      • Configuring SNMP
        • SNMP settings
          • Traps
    • Netflow / IPFIX
      • Configuring NetFlow / IPFIX
        • Collectors
        • Interfaces
        • Profiles
    • Operating printers at the USB connector of the device
      • Configuring the printer server in the device
        • Access list
        • Printer
      • Printer configuration at the computer
    • LANCOM Content Filter
      • Introduction
      • Requirements for using the LANCOM Content Filter
      • Quick start
      • Standard settings in the LANCOM Content Filter
      • General settings
      • Settings for blocking
        • Block text
        • Error text
      • Override settings
        • Override text
      • Profiles in the LANCOM Content Filter
        • Profiles
        • Blacklist addresses (URL)
        • Whitelist addresses (URL)
        • Category-Profiles
      • Options for the LANCOM Content Filter
      • Additional settings for the LANCOM Content Filter
        • Firewall settings for the content filter
        • Timeframe
    • BPjM module
      • Recommendations for use
      • Menu action to delete the BPjM signature definition
    • TACACS+
      • Introduction
      • Configuring the TACACS+ parameters
      • Configuring the TACACS+ server
      • Login to the TACACS+ server
        • TACACS+ login via LANconfig
        • TACACS+ login via WEBconfig
        • TACACS+ login with telnet or SSH
      • Assigning rights under TACACS+
      • Authorizing functions
        • LANconfig
        • WEBconfig
        • Telnet/SSH
        • SNMP
      • Bypassing TACACS+
        • Introduction
        • Configuration
    • LLDP
      • How it works
      • Structure of LLDP messages
      • Supported operating systems
    • Sending and receiving SMS text messages
      • Receiving SMS text messages
      • Basic configuration of the SMS module
      • Managing SMS text messages with LANmonitor
      • Sending SMS text messages with LANmonitor
      • URL placeholder for sending SMS
      • Character set for sending SMS
      • Execute actions on incoming SMS
    • Deactivating device LEDs – boot-persistent
    • 802.1X authenticator for Ethernet ports
    • xDSL Interface
      • ADSL/VDSL modem operation (bridge mode)
      • Further XDSL settings
    • GPON support
    • ACME-Client
      • ACME client configuration
  • Appendix
    • CRON syntax