Funkwerk Bintec r1200 User manual

Version 3.0

User's Guide

bintec R1200 / R1200w(u) / R3000 / R3000w / R3400 / R3800(wu)

Wireless LAN

Purpose This document is part of the user’s guide to the installation and configuration of bintec gateways run-

ning software release 7.4.10 or later. For up-to-the-minute information and instructions concerning the

latest software release, you should always read our Release Notes, especially when carrying out a

software update to a later release level. The latest Release Notes can be found at www.funkwerk-

ec.com.

Liability While every effort has been made to ensure the accuracy of all information in this manual, Funkwerk

Enterprise Communications GmbH cannot assume liability to any party for any loss or damage caused

by errors or omissions or by statements of any kind in this document and is only liable within the scope

of its terms of sale and delivery.

The information in this manual is subject to change without notice. Additional information, changes and

Release Notes for bintec gateways can be found at www.funkwerk-ec.com.

As multiprotocol gateways, bintec gateways set up WAN connections in accordance with the system

configuration. To prevent unintentional charges accumulating, the operation of the product should be

carefully monitored. Funkwerk Enterprise Communications GmbH accepts no liability for loss of data,

unintentional connection costs and damages resulting from unsupervised operation of the product.

Trademarks bintec and the bintec logo are registered trademarks of Funkwerk Enterprise Communications GmbH.

Other product names and trademarks mentioned are usually the property of the respective companies

and manufacturers.

any means – graphic, electronic, or mechanical – including photocopying, recording in any medium,

taping, or storage in information retrieval systems, without the prior written permission of Funkwerk En-

terprise Communications GmbH. Adaptation and especially translation of the document is inadmissible

without the prior consent of Funkwerk Enterprise Communications GmbH.

Guidelines and standards bintec gateways comply with the following guidelines and standards:

R&TTE Directive 1999/5/EG

CE marking for all EU countries and Switzerland

You will find detailed information in the Declarations of Conformity at www.funkwerk-ec.com.

How to reach Funkwerk

Enterprise Communications

GmbH

Funkwerk Enterprise Communications GmbH

Suedwestpark 94

D-90449 Nuremberg

Germany

Telephone: +49 180 300 9191 0

Fax: +49 180 300 9193 0

Internet: www.funkwerk-ec.com

Bintec France

6/8 Avenue de la Grande Lande

F-33174 Gradignan

France

Telephone: +33 5 57 35 63 00

Fax: +33 5 56 89 14 05

Internet: www.bintec.fr

Wireless LAN bintec User’s Guide 1

1Wireless LAN Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2Wireless Interfaces Submenu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

2.1 ACL Filter Submenu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.2 IP and Bridging Submenu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

3WDS Link Configuration Submenu . . . . . . . . . . . . . . . . . . . . . . . . 19

4Advanced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Index: Wireless LAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

2 bintec User’s Guide Wireless LAN

Wireless LAN bintec User’s Guide 3

Wireless LAN Menu 1

1 Wireless LAN Menu

The fields of the WIRELESS LAN menu are described below.

The WIRELESS LAN menu contains the general settings for the configuration of

the gateway as an ➤➤ access point (AP).

Wireless LAN (WLAN = Wireless Local Area Network) comprises the setup of a

network by means of radio technology.

Network functions WLAN provides the same required network functions as a cabled network, i.e.

access to servers, files, printers and mail system as well as the company Inter-

net access. No cabling is required, so that with a WLAN no edificial constraints

are to be considered (i.e. location of device is independent of position and num-

ber of connections).

Standard:

IEEE 802.11

802.11 WLANs offer all functions of a cabled network. WLAN transmits indoors

and outdoors at a maximum of 100 mW.

R3000w Setup Tool Funkwerk Enterprise Communications GmbH

[WLAN-8-0]: Configure WLAN Interface MyGateway

Operation Mode Off

Location Germany

Radio Band 2,4 GHz

Channel auto

Wireless Interfaces >

WDS Link Configuration >

Advanced >

SAVE CANCEL

Note

Please note that not all bintec gateways are equipped with radio technology.

Refer to the data sheet on www.funkwerk-ec.com to check whether your gate-

way supports it.

4 bintec User’s Guide Wireless LAN

Wireless LAN Menu

IEEE 802.11g is presently the primarily used standard for radio-based LANs

and offers a maximum data transfer rate of 54 Mbps. This method operates at

a frequency of 2,4 GHz (2400 MHz - 2485 MHz), which guarantees that build-

ings are penetrated with the required transmitting power that, however, does not

affect health.

802.11b is compatible with 802.11g, operating with 2,4 GHz (2400 MHz -

2485 MHz) too and offering a data transfer rate of 11 Mbps. 802.11g and

802.11b WLAN systems are free of charge and need not be registered.

802.11a is available in the 5 GHz range (5150 MHz - 5725 MHz). In Germany,

this frequency range need not be registered, either.

In Europe a transmitting power of 1000 mW (outdoor only) instead of 30 mW is

available with 802.11h as an extension of 802.11a, but has to be applied with

TPC (TX Power Control, methode to control the transmitting power of radio

equipment to reduce interferences) and DFS (Dynamic Frequency Selection).

TPC and DFS are applied to avoid interferences with satellite communication

and radar equipment.

The WIRELESS LAN menu consists of the following fields:

Field Description

Operation Mode Defines, whether the gateway operates as ac-

cess point (Access Point) or not (Off, default va-

lue).

Location The country setting of the AP.

Possible values are all countries preconfigured

on the wireless module of the gateway.

The range of the optional channels differs

according to the country setting selected.

Default value is Germany.

Wireless LAN bintec User’s Guide 5

Wireless LAN Menu 1

Table 1-1: WIRELESS LAN menu fields

The menu provides access to the following submenus:

■WIRELESS INTERFACE

Radio band Frequency range the access point is to operate

in.

Possible values:

■2,4 GHz (default value)

■5 GHz

Usage area Only for RADIO BAND = 5 GHz

Installation location of the access point.

Possible values:

■anywhere (default value): The access point

is to operate indoors and outdoors.

■indoor: The access point is to operate in-

doors.

■outdoor: The access point is to operate out-

doors.

Channel The channel used by the access point.

Possible values:

■auto (default value): the channel is detected

automatically;

option for RADIO BAND = 5 GHz.

■1 ... 13: only for RADIO BAND = 2,4 GHz

(1 ... 11 for LOCATION = United States

■149 ... 165 for RADIO BAND = 5 GHz and for

LOCATION = Austria or United States.

Field Description

6 bintec User’s Guide Wireless LAN

Wireless LAN Menu

■WDS LINK CONFIGURATION

only for RADIO BAND = 2,4 GHz

■ADVANCED

Wireless LAN bintec User’s Guide 7

Wireless Interfaces Submenu 2

2 Wireless Interfaces Submenu

The fields of the WIRELESS INTERACES menu are described below.

The WIRELESS LAN ➜WIRELESS INTERFACES submenu displays a list with already

configured wireless interfaces and contains essential settings such as network

name, status, security mode etc. The '*' in front of the NETWORK NAME

(➤➤ SSID) means that the network name is visible on ➤➤ active probing.

Each wireless interface (with prefix ➤➤ vss) has its own IP settings and can

use all standard interface specific features such as QoS, Stateful Inspection,

Accounting, Access Lists, NAT etc. This opens a wide range of applications for

the WLAN interface.

The bintec WLAN gateway not only offers bridging for wireless connections, but

is also fully integrated into the routing environment.

Securing your WLAN

Security As WLAN uses the air as transmission medium, the transferred data can theo-

retically be intercepted and read by anyone with the respective means. Thus,

safeguarding the radio link is to be paid special attention.

R3000w Setup Tool Funkwerk Enterprise Communications GmbH

[WLAN-8-0][WIRELESS]: Interface List MyGateway

Network Name Status Security ACL-Filter ifc Cl.#

-----------------------------------------------------------------

*Funkwerk-ec enable NONE disable vss8-0 16

ADD DELETE EXIT

8 bintec User’s Guide Wireless LAN

Wireless Interfaces Submenu

WEP 802.11 defines the security standard WEP (Wired Equivalent Privacy = data en-

cryption with 40/64 bit (SECURITY MODE = WEP 40/64) resp. 104/128 bit

(SECURITY MODE = WEP 104/128)). The commonly used WEP, however, turned

out to be vulnerable. For increased security you have to configure hardware-ba-

sed encryption (as e.g. 3DES or AES) additionally. Thus even sensitive data

can be transferred via the WLAN.

IEEE 802.11i The IEEE 802.11i standard for wireless systems comprises security specifica-

tions for radio networks especially concerning encryption. The relatively unse-

cure WEP (Wired Equivalent Privacy) is replaced by WPA (Wi-Fi Protected

Access). In addition, the Advanced Encryption Standard (AES) is defined for

data encryption.

WPA WPA (Wi-Fi Protected Access) offers increased protection by means of dynam-

ic keys, which are based on the Temporal Key Integrity Protocol (TKIP), and of-

fers PSK (Pre-Shared-Keys) or Extensible Authentication Protocol (EAP) via

802.1x (e.g. via RADIUS) for the authentication of users.

The authentication via EAP is normally used in vast Wireless LAN installations,

because it requires an authentication server (e.g. a RADIUS server). In smaller

networks, mostly for SoHo (Small Office, Home Office), PSK (Pre-Shared-

Keys) are normally used. All participants of the Wireless LAN must thus know

the PSK, as the session key is generated by means of it.

WPA2 WPA2 is the successor of WPA. It implements the full 802.11i-standard and

uses the encryption algorithm AES (Advanced Encryption Standard).

Security options To safeguard the data transferred via WLAN, you should make use of the re-

spective options of the WIRELESS LAN ➜WIRELESS INTERFACES menu (Appropri-

ate WLAN settings are to be done on the WLAN Clients):

■Change the default SSID, NETWORK NAME = Funkwerk-ec,of your access

point.

■Set WIRELESS INTERFACES ➜ NAME IS VISIBLE = no. Thus all WLAN clients are

refused who try to connect with the common NETWORK NAME (SSID) Any

and do not know the specified SSIDs.

■Use one of the provided encryption methods by selecting SECURITY MODE =

WEP 40/64, WEP 104/128, WPA PSK or WPA (802.1x) and entering the re-

Wireless LAN bintec User’s Guide 9

Wireless Interfaces Submenu 2

spective key for the access point into KEY 1 - 4 or ENTER PRESHARED KEY or

in RADIUS Server.

■The WEP key should regularly be changed by modifying the DEFAULT KEY.

Chose the longer WEP key with 104/128 bits.

■Highest security provides SECURITY MODE = WPA (802.1x) with WPA/WPA2

MIXED MODE = WPA2 only. These methods comprise hardware based encry-

tion and RADIUS authentication of the client. Additionally, even a combined

operation with IPSec is possible.

■Limit the access to the WLAN for allowed clients by entering the MAC

adresses of the WLAN cards of these clients into the MAC FILTER ➜

ACCEPT list. All other clients are rejected and listed under REJECT.(see

“ACL Filter Submenu” on page 14).

The generation of new wireless interfaces is carried out in WIRELESS LAN ➜

WIRELESS INTERFACES ➜ADD:

The adjustment of already configured wireless interfaces is carried out in

WIRELESS LAN ➜WIRELESS INTERFACES ➜EDIT:

R3000w Setup Tool Funkwerk Enterprise Communications GmbH

[WLAN-8-0][WIRELESS][ADD]: Wireless Interface MyGateway

AdminStatus enable

Network Name

Name is visible yes

Max. Clients 16

Security Mode NONE

SAVE CANCEL

10 bintec User’s Guide Wireless LAN

Wireless Interfaces Submenu

The WIRELESS LAN ➜ WIRELESS INTERFACES menu consists of the following

fields:

R3000w Setup Tool Funkwerk Enterprise Communications GmbH

[WLAN-8-0][WIRELESS][EDIT]: Wireless Interface MyGateway

AdminStatus enable

Network Name Funkwerk-ec

Name is visible yes

Max. Clients 16

Security Mode NONE

ACL Filter >

IP and Bridging >

SAVE CANCEL

Field Description

AdminStatus Defines the administrative status of the wireless

interface.

Possible values:

■enable (default value): enable the interface

■disable: disable the interface

Network Name Name of the wireless interface (SSID).

Enter an ASCII string of max. 32 characters.

Name is visible Enable broadcasting of the network name

(SSID) of the wireless interface.

Possible values:

■yes (default value): network name is visible

for clients within reach.

■no: network name is hidden for the clients.

Wireless LAN bintec User’s Guide 11

Wireless Interfaces Submenu 2

Max. Clients Maximum number of WLAN client connections

allowed for this interface. All in all 64 connec-

tions can be distributed to all wireless inter-

faces.

Security Mode Here you select the security mode (encryption

and authentication) of the wireless interface.

Possible values:

■NONE (default value): no encryption or au-

thentication

■WEP 40/64: WEP 40Bit

■WEP 104/128: WEP 104Bit

■WPA PSK: WPA with Preshared Key au-

thentication

■WPA (802.1x): WPA with EAP (RADIUS-

authentication)

If SECURITY MODE is set to WPA (802.1x) the fol-

lowing note is displayed: A Radius Server

configuration in RADIUS setup is required.

Default Key Only for SECURITY MODE = WEP 40/64, WEP

104/128

Here you select one of the configured keys in

KEY <1 - 4> to be the one used as default key.

Default value is Key 1.

Field Description

12 bintec User’s Guide Wireless LAN

Wireless Interfaces Submenu

Key <1 - 4> Only for SECURITY MODE = WEP 40/64, WEP

104/128

Here you enter the WEP key. WEP keys can be

entered in two different ways:

■Direct Digit Input in hexadecimal format

Enter the key with the exact count of hexa-

decimal digits for the selected WEP mode.

10 digits for WEP40 or 26 digits for

WEP104.

E.g.

WEP40: A0B23574C5,

WEP104:

81DC9BDB52D04DC20036DBD831

■Direct ASCII based input

Enter a phrase with the exact count of digits

for the selected WEP mode. Confirming

with the input key transforms the ASCII

based input into a hexadecimal phrase. For

WEP40 the phrase must have 5 characters,

for WEP104 13 characters.

E.g.

hallo for WEP40

funkwerk-wep1 for WEP104.

Field Description

Wireless LAN bintec User’s Guide 13

Wireless Interfaces Submenu 2

Table 2-1: WIRELESS INTERFACES menu fields

Enter Preshared Key Only for SECURITY MODE = WPA PSK

Here you enter the WPA passphrase.

Enter an ASCII String of 8 - 63 characters.

WPA/WPA2 mixed mode Only for SECURITY MODE = WPA PSK and

WPA (802.1x)

Here you select whether to apply WPA (with

TKIP encryption) or WPA2 (with AES encryp-

tion) or both. Possible values:

■WPA + WPA2 (default value for the initial

provided interface)

■WPA only (default value for all other inter-

faces)

■WPA2 only

WPA2 preauthentication Only for SECURITY MODE = WPA 802.1x with

WPA/WPA2 MIXED MODE = WPA + WPA2 and

WPA2 only

With this option registered clients can be pre

authenticate at other access points in the same

radio cell. Thus these clients can change faster

to the other access point ("roaming"), as the

RADIUS authentication can be omitted during

registration. The preauthentication is only pos-

sible with the client being registered at the

access point with WPA2.

Possible values:

■enabled (default value): The Access Point

allows preauthentication of clients at other

access points.

■disabled: Preauthentication requests of cli-

ents are ignored.

Field Description

14 bintec User’s Guide Wireless LAN

Wireless Interfaces Submenu

2.1 ACL Filter Submenu

The fields of the ACL FILTER submenu are described below.

In the WIRELESS LAN ➜WIRELESS INTERFACES ➜MAC FILTER submenu, hard-

ware specific acces control is configured. Thus it is possible to allow only spe-

cific clients to access the access point. This filter is checked before any other

security mechanism is activated. The entered addresses are MAC based.

MAC Address Lists The ACCEPT list displays all MAC addresses to be accepted for the wireless

interface.

The REJECT list displays all rejected addresses.

Default behaviour: If ADMINSTATUS = disabled, all clients are accepted. As soon

as ADMINSTATUS = enabled is set and no MAC address is listed in the ACCEPT

list, all clients are blocked. Only those clients whos MAC addresses are then en-

tered manually into the ACCEPT list or are moved from the REJECT to the

ACCEPT list are accepted.

Additional buttons The REFRESH button reloads the REJECT list, so that at any time the current

status of rejects can be listed.

R3000w Setup Tool Funkwerk Enterprise Communications GmbH

[WLAN-8-0][WIRELESS][EDIT][ACCESS LIST]: Interface MyGateway

<Funkwerk-ec>

AdminStatus disable

Accept Address ADD

ACCEPT REJECT

---------------------- ----------------------

Press 'a' to move selected Reject Address to Accept List.

SAVE REMOVE EXIT REFRESH

Wireless LAN bintec User’s Guide 15

Wireless Interfaces Submenu 2

With the REMOVE button selected addresses can be deleted from the ACCEPT

list. Removing an address from the ACCEPT list immediately disconnects an es-

tablished link.

The menu consists of the following fields:

Table 2-2: ACL FILTER menu fields

2.2 IP and Bridging Submenu

The fields of the IP AND BRIDGING submenu are described below.

Field Description

AdminStatus Enable or disable the filter for this wireless

interface.

Possible values: enable, disable (default value)

Accept Address Enter a MAC address to be accepted.

Possible values: 12 digit MAC addresses; the

addresses are entered without any ":".

Press ADD to add the entered MAC address to

the ACCEPT list.

If you highlight an entry from the REJECT list

and press a(must be lowercase) on your key-

board, the respective entry is moved to the

ACCEPT list. Thus you do not have to manually

enter acceptable addresses.

16 bintec User’s Guide Wireless LAN

Wireless Interfaces Submenu

In the WIRELESS LAN ➜WIRELESS INTERFACES ➜EDIT ➜IP AND BRIDGING sub-

menu you enter the interface specific IP configuration and activate the bridging

mode if applicable.

The menu consists of the following fields:

R3000w Setup Tool Funkwerk Enterprise Communications GmbH

[WLAN-8-0][WIRELESS][EDIT][IP CONFIGURATION]: WLAN VSS MyGateway

Interface <Funkwerk-ec>

Local Communication disabled

Local IP Address

Local Netmask

Second Local IP Address

Second Local Netmask

Bridging enable no

Proxy ARP no

SAVE CANCEL

Field Description

Local Communication Allows the communication between the clients,

authenticated at this SSID, to e.g. access com-

mon shares.

Possible values:

■enabled

■disabled (default value).

Local IP Address Here you assign an IP address to the wireless

interface.

Local Netmask Netmask for LOCAL IP NUMBER.

Wireless LAN bintec User’s Guide 17

Wireless Interfaces Submenu 2

Table 2-3: IP AND BRIDGING menu fields

Second Local IP Address Here you assign a second IP address to the

wireless interface.

Second Local Netmask Netmask for SECOND LOCAL IP NUMBER.

Bridging enable Enables activating the Bridging mode.

Possible values:

■no (default value): Bridging is not enabled

on the wireless interface.

■yes: Bridging is enabled on the wireless in-

terface.

Proxy ARP Enables the gateway to answer ARP requests

from its own LAN acting for WLAN Clients.

Possible values:

■no (default value)

■yes.

Field Description

18 bintec User’s Guide Wireless LAN

Wireless Interfaces Submenu

Other manuals for bintec R1200

This manual suits for next models

Table of contents

Other Funkwerk Network Router manuals

Funkwerk

Funkwerk bintec R230a Instruction manual

Funkwerk

Funkwerk elmeg t444 User manual

Funkwerk

Funkwerk bintec R230a User manual

Funkwerk

Funkwerk R3400 User manual

Funkwerk

Funkwerk bintec R1200 User manual

Funkwerk

Funkwerk bintec R230a User manual

Funkwerk

Funkwerk bintec R4100 User manual

Funkwerk

Funkwerk bintec R4100 User manual

Funkwerk

Funkwerk bintec R1200 User manual

Funkwerk

Funkwerk bintec R230a User manual

Funkwerk

Funkwerk bintec R230a User manual

Funkwerk

Funkwerk R3000w User manual

Popular Network Router manuals by other brands

Perle

Perle P1705 User and system administration guide

Billion

Billion BIPAC-7402 user manual

Dimplex

Dimplex WPM 2006 R Installation and start-up instructions

Asus

Asus ZenWiFi Pro ET12 quick start guide

Tellabs

Tellabs 8860 System installation

Westell Technologies

Westell Technologies Webshare 36R566 user guide

Compaq

Compaq StorageWorks Storage Router N1200 installation guide

D-Link

D-Link DFL-260 - NetDefend - Security Appliance quick guide

DELTA GROUP

DELTA GROUP LOYTEC LIP‑3ECTC installation instructions

Huawei

Huawei Mobile WiFi E5878 Quick start guides

Motorola

Motorola PMP 320 Configuration guidelines

DIGITAL YACHT

DIGITAL YACHT 4GConnect Installation and instruction manual

Advantek Networks

Advantek Networks ANS-05P Quick install guide

Comtech EF Data

Comtech EF Data Vipersat CDM-570 user guide

Repotec

Repotec RP-170508K user manual

Atlantis Land

Atlantis Land A02-G8D Specifications

Ruijie

Ruijie Reyee RG-EG210G-E Hardware installation and reference guide

SonicWALL

SonicWALL SuperMassive 9800 Getting started guide