Datasheet

ManualsBrandsLancom Systems ManualsNetworkingLS61618

LANCOM WLC-4006

Scope of features: as of LCOS version 7.8x

XAUTH XAUTH client for registering LANCOM routers and access points at XAUTH servers incl. IKE-config mode. XAUTH server enables

clients to register via XAUTH at LANCOM routers. Connection of the XAUTH server to RADIUS servers provides the central

authentication of VPN-access with user name and password. Authentication of VPN-client access via XAUTH and RADIUS

connection additionally by OTP token

Proadaptive VPN Automated configuration and dynamic creation of all necessary VPN and routing entries based on a default entry for site-to-

site connections. Propagation of dynamically learned routes via RIPv2 if required

Algorithms 3DES (168 bit), AES (128, 192 or 256 bit), Blowfish (128 bit), RSA (128 or -448 bit) and CAST (128 bit). OpenSSL implementation

with FIPS-140 certified algorithms. MD-5 or SHA-1 hashes

NAT-Traversal NAT-Traversal (NAT-T) support for VPN over routes without VPN passthrough

IPCOMP VPN data compression based on LZS or Deflate compression for higher IPSec throughput

Dynamic DNS Enables the registration of IP addresses with a Dynamic DNS provider in the case that fixed IP addresses are not used for the

VPN connection

Specific DNS forwarding DNS forwarding according to DNS domain, e.g. internal names are translated by proprietary DNS servers in the VPN. External

names are translated by Internet DNS servers

VPN throughput (max., AES)

1416-byte frame size UDP 75 Mbps

256-byte frame size UDP 14 Mbps

IMIX 24 Mbps

Firewall throughput (max.)

1518-byte frame size UDP 97 Mbps

256-byte frame size UDP 23 Mbps

Routing functions

Router IP and NetBIOS/IP multi-protocol router

ARP lookup Packets sent in response to LCOS service requests (e.g. for Telnet, SSH, SNTP, SMTP, HTTP(S), SNMP, etc.) via Ethernet can be

routed directly to the requesting station (default) or to a target determined by ARP lookup

Advanced Routing and Forwarding Separate processing of 16 contexts due to virtualization of the routers. Mapping to VLANs and complete independent

management and configuration of IP networks in the device, i.e. individual settings for DHCP, DNS, Firewalling, QoS, VLAN,

Routing etc. Automatic learning of routing tags for ARF contexts from the routing table

HTTP HTTP and HTTPS server for configuration by web interface

DNS DNS client, DNS server, DNS relay, DNS proxy and dynamic DNS client

DHCP DHCP client, DHCP relay and DHCP server with autodetection. Cluster of several LANCOM DHCP servers per context (ARF

network) enables caching of all DNS assignments at each router

NetBIOS NetBIOS/IP proxy

NTP NTP client and SNTP server, automatic adjustment for daylight-saving time

Policy-based routing Policy-based routing based on routing tags. Based on firewall rules, certain data types are marked for specific routing, e.g. to

particular remote sites or lines

Dynamic routing Dynamic routing with RIPv2. Learning and propagating routes; separate settings for LAN and WAN. Extended RIPv2 including

HopCount, Poisoned Reverse, Triggered Update for LAN (acc. to RFC 2453) and WAN (acc. to RFC 2091) as well as filter options

for propagation of routes. Definition of RIP sources with wildcards

COM port server

COM port forwarding COM-port server for the DIN interface. For a serial device connected to it, the server manages its own virtual COM port via Telnet

(RFC 2217) for remote maintenance (works with popular virtual COM-port drivers compliant with RFC 2217). Switchable newline

conversion and alternative binary mode. TCP keepalive according to RFC 1122 with configurable keepalive interval,

retransmission timeout and retries

LAN protocols

IP ARP, proxy ARP, BOOTP, DHCP, DNS, HTTP, HTTPS, IP, ICMP, NTP/SNTP, NetBIOS, PPPoE (server), RADIUS, RIP-1, RIP-2, RTP,

SIP, SNMP, TCP, TFTP, UDP, VRRP, VLAN

WAN protocols

Ethernet PPPoE, Multi-PPPoE, ML-PPP, PPTP (PAC or PNS) and plain Ethernet (with or without DHCP), RIP-1, RIP-2, VLAN, IP

Interfaces

WAN: Ethernet 10/100 Mbps Fast Ethernet

Ethernet ports 4 individual 10/100 Mbps Fast Ethernet ports; one can be switched as a WAN port. thernet ports can be electrically disabled

within LCOS configuration

Port configuration Each Ethernet port can be freely configured (LAN, WAN, monitor port, off). LAN ports can be operated as a switch or separately.

Additionally, external DSL modems or termination routers can be operated at the WAN port together with policy-based routing.

Serial interface Serial configuration interface / COM port (8 pin Mini-DIN): 9,600 - 115,000 baud, suitable for optional connection of analog/

GPRS modems

VPN