AVM Access Server englisch Especificações

AVM Access ServerSecure Access for Your Network Internet Access Remote Access Network Access I SDN DSL Firewall VPNSERVERThis manual is print

AVM Access Server Features8 AVM Access Server – 1 Welcome to the AVM Access ServerWide Web, net news, and more. The AVM Access Server also supportsthe

Windows Name Resolution with the AVM Access Server98 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesDynamic Name Resolution

Note on the Microsoft Browsing ServiceAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 99WINS over LAN-to-LAN linksIn order

AVM Access Server for Experts100 AVM Access Server – 6 AVM Access Server for Experts6 AVM Access Server for ExpertsThis chapter is a compact technical

DatabasesAVM Access Server – 6 AVM Access Server for Experts 101The diagram below illustrates the interoperation between the AccessServer Driver and o

User Interface102 AVM Access Server – 6 AVM Access Server for ExpertsUser InterfaceWindows user interface (gui.exe)This is the main user interface to

Installation Alongside AVM KEN! or AVM KEN! DSLAVM Access Server – 6 AVM Access Server for Experts 103Dynamic DNS, to remain accessible from the Inter

Internet Access Through a Third-party Router104 AVM Access Server – 6 AVM Access Server for Expertsservices (such as HTTP, FTP) using the proxy server

IP Address Assignment: Static or Dynamic?AVM Access Server – 6 AVM Access Server for Experts 105IP Address Assignment: Static or Dynamic?The AVM Acces

IP Addresses From a Dedicated Subnetwork106 AVM Access Server – 6 AVM Access Server for ExpertsIP Addresses From a Dedicated SubnetworkExample:In this

Remote Network ConnectionsAVM Access Server – 6 AVM Access Server for Experts 1076.4 Remote Network ConnectionsThe AVM Access Server allows you to con

Virtual Private Networks (VPN)AVM Access Server – 1 Welcome to the AVM Access Server 9Throughput can also be increased by bundling the ISDN B channels

VPN and the IPsec Protocol108 AVM Access Server – 6 AVM Access Server for ExpertsArchitecture of the filter profiles6.7 VPN and the IPsec ProtocolThe

VPN and the IPsec ProtocolAVM Access Server – 6 AVM Access Server for Experts 109The identities (IDs) exchanged in IKE Phase 1 can be:user fully quali

VPN and the IPsec Protocol110 AVM Access Server – 6 AVM Access Server for ExpertsIDs are used in Phase 2 as well. For remote users, the AVM AccessServ

InteroperabilityAVM Access Server – 6 AVM Access Server for Experts 111Hash algorithms:Compression techniques:Perfect forward secrecy:6.8 Interoperabi

Interoperability112 AVM Access Server – 6 AVM Access Server for ExpertsRFC 1662 PPP in HDLC-like FramingRFC 1962 The PPP Compression Control Protocol

InteroperabilityAVM Access Server – 6 AVM Access Server for Experts 113RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP)RFC

Updates, Registration and Support114 AVM Access Server – 7 Updates, Registration and Support7 Updates, Registration and SupportWe’re always here to he

InternetAVM Access Server – 7 Updates, Registration and Support 115InternetAVM also provides you with detailed information and free softwareupdates ov

AVM Data Call Center (ADC)116 AVM Access Server – 7 Updates, Registration and SupportYou can also download software updates from AVM’s FTP server. Cli

Support by E-mailAVM Access Server – 7 Updates, Registration and Support 1173. The Access Server has a built-in function to generate a filecontaining

Connection Charge Reduction and Limitation10 AVM Access Server – 1 Welcome to the AVM Access ServerConnection Charge Reduction and LimitationThanks to

Support by Fax118 AVM Access Server – 7 Updates, Registration and SupportYour fax should contain the following information:An e-mail address or fax nu

AVM Access Server – Glossary 119GlossaryADSL (Asymmetric Digital Subscriber Line)ADSL is a communication technology that permits Internet access with

120 AVM Access Server – GlossaryAuthenticationAuthentication refers to identifying a remote system by verifying its logininformation (name and passwo

AVM Access Server – Glossary 121Charge profileA charge profile contains information about the duration of a connec-tion charge interval for each time

122 AVM Access Server – GlossaryBRI lines and 64 kbit/s for PRI lines. D channel information is used forISDN features such as charge information (AOC

AVM Access Server – Glossary 123Domain controllerIn Windows networks, servers that are to share user account informationcan be grouped together in on

124 AVM Access Server – GlossaryPacket types that are constantly exchanged by certainapplications in networks, and that would otherwise causefrequent

AVM Access Server – Glossary 125otherwise prohibited by IP masquerading. A forwarding profile consistsof a set of forwarding rules. These forwarding

126 AVM Access Server – GlossaryHDLC (High-level Data Link Control)A communications protocol standardized by ISO for data packets overserial lines. H

AVM Access Server – Glossary 127IP (Internet Protocol)IP is the Network Layer protocol responsible for addressing and routingin the TCP/IP protocol f

Security FunctionsAVM Access Server – 1 Welcome to the AVM Access Server 11Security FunctionsThe AVM Access Server provides security functions on two

128 AVM Access Server – GlossaryEvery IP address contains two components: the network address andthe host address. The sizes of the network address a

AVM Access Server – Glossary 129RFC 1918 (Address Allocation for Private Internets) reserves thefollowing parts of the IP address space for use in pr

130 AVM Access Server – GlossaryLAN (Local-Area Network)A computer network limited to a given location, such as a company siteor a government agency’

AVM Access Server – Glossary 131NAT (Network Address Translation)NAT is a technique in which a router replaces addresses and port num-bers in IP, UDP

132 AVM Access Server – GlossaryPAP (Password Authentication Protocol)One of the two authentication protocols in the PPP suite. A name andpassword fo

AVM Access Server – Glossary 133“Well-known ports” are destination port numbers that are reserved forcommon network services and applications by IANA

134 AVM Access Server – Glossaryrouter becoming unavailable, for example), it forwards this informationto the surrounding routers. Furthermore, a RIP

AVM Access Server – Glossary 135The responses are therefore “spoofed”, or generated at the local endusing the remote client’s source address. If the

136 AVM Access Server – Glossarysubnet mask (255.255.255.0) as a quasi-Class C address. An individualIP host address can also be considered as a netw

AVM Access Server – Glossary 137Subnet masks in the AVM Access ServerTCP (Transmission Control Protocol)TCP is a connection-oriented protocol for use

Simple to Install and Configure12 AVM Access Server – 1 Welcome to the AVM Access ServerSecurity checks performed on remote dial-inData Privacy and In

138 AVM Access Server – GlossaryTCP/IP address: see “IP address” on page 127TunnelingTunneling is a technique in which the packets of a given protoco

AVM Access Server – Index 139IndexAactive IP routes 39ADSL 8AVM Access Serveruses 7AVM Support 114AVM supportsources of information 114support by e-m

140 AVM Access Server – IndexMmenus 31monitoring functions 36events 40ISDN B channels 39packet trace 43routing table 39use statistics 40monitoring vi

Logs and Use StatisticsAVM Access Server – 1 Welcome to the AVM Access Server 13Logs and Use StatisticsComprehensive statistics and logging abilities

Package Contents14 AVM Access Server – 1 Welcome to the AVM Access Server1.3 Package ContentsThe product is available in three variants:AVM Access Ser

Installation and Initial ConfigurationAVM Access Server – 2 Installation and Initial Configuration 152 Installation and Initial ConfigurationThe AVM A

Step by Step: AVM Access Server Installation and Basic Configuration16 AVM Access Server – 2 Installation and Initial ConfigurationStep by Step: AVM A

Step by Step: AVM Access Server Installation and Basic ConfigurationAVM Access Server – 2 Installation and Initial Configuration 17In the example, the

ExampleTechnical Requirements••In the Berlin office and at the London location:– T-DSL lines– unmetered Internet access through the Internet Service P

Step by Step: AVM Access Server Installation and Basic Configuration18 AVM Access Server – 2 Installation and Initial Configuration5. In the dialog th

Step by Step: AVM Access Server Installation and Basic ConfigurationAVM Access Server – 2 Installation and Initial Configuration 19Set up Internet Acc

Step by Step: AVM Access Server Installation and Basic Configuration20 AVM Access Server – 2 Installation and Initial Configuration4. Enter the authen

Step by Step: AVM Access Server Installation and Basic ConfigurationAVM Access Server – 2 Installation and Initial Configuration 213. Select an IP add

Step by Step: AVM Access Server Installation and Basic Configuration22 AVM Access Server – 2 Installation and Initial ConfigurationIn the example, the

Step by Step: AVM Access Server Installation and Basic ConfigurationAVM Access Server – 2 Installation and Initial Configuration 23In the example, the

Step by Step on the User’s Home Computer24 AVM Access Server – 2 Installation and Initial ConfigurationCreate an Export File with the Users’ Configura

Step by Step on the User’s Home ComputerAVM Access Server – 2 Installation and Initial Configuration 254. Select the desired Internet Service Provider

Step by Step on the User’s Home Computer26 AVM Access Server – 2 Installation and Initial Configuration3. On the NetWAYS/ISDN computer, open a command

Step by Step: Configuration of the LAN-to-LAN LinkAVM Access Server – 2 Installation and Initial Configuration 27Step by Step: Configuration of the LA

InternetBerlin officeJane Doe's home-officeAVMAccess ServerPublic IP address (dynamically assignedby your Internet Service Provider)VirtualPrivat

Step by Step: Configuration of the LAN-to-LAN Link28 AVM Access Server – 2 Installation and Initial Configuration6. Enter the network address of the l

Removing the AVM Access ServerAVM Access Server – 2 Installation and Initial Configuration 292.2 Removing the AVM Access Server1. Double-click the “Ad

The AVM Access Server Window30 AVM Access Server – 3 The AVM Access Server Window3 The AVM Access Server WindowThe AVM Access Server window provides a

The AVM Access Server MenusAVM Access Server – 3 The AVM Access Server Window 31The Access Server window contains the following interactive elements:t

The ‘Internet’ Menu32 AVM Access Server – 3 The AVM Access Server WindowThe ‘Internet’ MenuThe ‘Remote Users’ Menu The ‘Remote Networks’ Menu The ‘Vie

The ‘?’ MenuAVM Access Server – 3 The AVM Access Server Window 33The ‘?’ Menu3.2 The ToolbarKey AVM Access Server commands are quickly accessible thro

Configuration View34 AVM Access Server – 3 The AVM Access Server Window3.3 Configuration ViewThe AVM Access Server Configuration View is composed of t

Object PropertiesAVM Access Server – 3 The AVM Access Server Window 35Object PropertiesThe right panel in the Access Server window displays the proper

Monitoring View36 AVM Access Server – 3 The AVM Access Server Window3.4 Monitoring ViewThe Monitoring View provides connection control, monitoring and

AVM Access Server MonitorAVM Access Server – 3 The AVM Access Server Window 37AVM Access Server MonitorSelect “AVM Access Server Monitor” in the objec

2 AVM Access ServerAVM Access ServerThis manual and the software it describes are protected by copyright. The manual andsoftware as presented are the

Connection Control38 AVM Access Server – 3 The AVM Access Server WindowCommandsThree buttons appear above the top left corner of the connection list.W

ISDN B ChannelsAVM Access Server – 3 The AVM Access Server Window 39PropertiesClick a connection in the list with the right mouse button and select“Pr

Events40 AVM Access Server – 3 The AVM Access Server WindowEventsEvents displayed in the Monitoring View include all ISDN, ADSL, andVPN operations, as

Packet TraceAVM Access Server – 3 The AVM Access Server Window 41The following information is supplied for all connections establishedbetween the AVM

Packet Trace42 AVM Access Server – 3 The AVM Access Server WindowThe following instructions describe how to generate a packet tracebased on two typica

DiagnosticsAVM Access Server – 3 The AVM Access Server Window 434. Wait until 20 to 100 packets have been captured, then stop thepacket trace by click

AVM Access Server Use Scenarios44 AVM Access Server – 4 AVM Access Server Use Scenarios4 AVM Access Server Use ScenariosThis chapter describes the use

Technical RequirementsAVM Access Server – 4 AVM Access Server Use Scenarios 45The following illustration shows a diagram of the LAN-to-LAN connec-tion

Task Checklist46 AVM Access Server – 4 AVM Access Server Use ScenariosTask ChecklistThe following steps must be carried out both in the main office in

Step by StepAVM Access Server – 4 AVM Access Server Use Scenarios 474. Enter the following settings at the two locations:The default gateway entry can

AVM Access Server – Contents 3Contents1 Welcome to the AVM Access Server 61.1 The AVM Access Server Connects. . . . . . . . . . . . . . . . . . . . .

Step by Step48 AVM Access Server – 4 AVM Access Server Use Scenarios6. In the “Budget settings” dialog, select the option “Start with nopre-defined bu

Step by StepAVM Access Server – 4 AVM Access Server Use Scenarios 49E Create a Schedule and Activate it in the Remote Network ConfigurationIn order to

AVM Access Server and a Router50 AVM Access Server – 4 AVM Access Server Use Scenarios4.2 AVM Access Server and a RouterA translation agency with ten

Technical RequirementsAVM Access Server – 4 AVM Access Server Use Scenarios 51Technical RequirementsIn the translation agency office– a computer in wo

Step by Step: On the Server in the Translation Agency Office52 AVM Access Server – 4 AVM Access Server Use ScenariosIn the employees’ home offices:Ste

Step by Step: On the Server in the Translation Agency OfficeAVM Access Server – 4 AVM Access Server Use Scenarios 534. In the “IP address” field, ente

Step by Step: On the Server in the Translation Agency Office54 AVM Access Server – 4 AVM Access Server Use ScenariosD Test the Accessibility of the AV

Step by Step: On the Server in the Translation Agency OfficeAVM Access Server – 4 AVM Access Server Use Scenarios 55G Create Export Files with the Use

Step by Step: On the Employees’ Home Computers56 AVM Access Server – 4 AVM Access Server Use ScenariosStep by Step: On the Employees’ Home ComputersSt

Step by Step: On the Employees’ Home ComputersAVM Access Server – 4 AVM Access Server Use Scenarios 57D Test the Internet ConnectionYou can test the I

4 AVM Access Server – Contents6 AVM Access Server for Experts 1006.1 Architecture of the AVM Access Server . . . . . . . . . . . . . . . . . . . . .

AVM Access Server Concepts and Functional Principles58 AVM Access Server – 5 AVM Access Server Concepts and Functional Principles5 AVM Access Server C

Filters and RulesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 59Because the filter rules are grouped in several instance

Filters and Rules60 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesRules consist of the following components:A description

Filters and RulesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 61When creating a filter, you should bear these two import

Examples of IP Filter Profiles62 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesThe diagram below illustrates the order in

Examples of IP Filter ProfilesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 63The profiles “Incoming Internet profile (up

Examples of IP Filter Profiles64 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesIncoming Internet Profile (Lower Only)“Inco

Examples of IP Filter ProfilesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 65Inactive NTP packets(Network Time Protocol)

Examples of IP Filter Profiles66 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesActive FTP data connection set-up(File Tran

Examples of IP Filter ProfilesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 67Inactive GRE packets(Generic Routing Encaps

AVM Access Server – Typographical Conventions 5Typographical ConventionsThe following typographic conventions and symbols are used in thismanual to m

Examples of IP Filter Profiles68 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesOutgoing Internet Filter Profile “Outgoing

Examples of IP Filter ProfilesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 69Incoming Filter Profile (Upper, Stateful)“I

Examples of IP Filter Profiles70 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesIncoming Internet Profile (Lower, Stateful)

Examples of IP Filter ProfilesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 71Inactive HTTP connection set-up(Hypertext T

Examples of IP Filter Profiles72 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesInactive Telnet connection set-up Accept Ac

Examples of IP Filter ProfilesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 73VPN Packets Only (Lower)This pre-configured

IP Masquerading and Forwarding Profiles74 AVM Access Server – 5 AVM Access Server Concepts and Functional Principles5.2 IP Masquerading and Forwarding

Forwarding ProfilesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 75communicating with Internet hosts. Because only reques

Forwarding Profiles76 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesThe rules in the forwarding profiles are listed with e

Static and Dynamic RoutingAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 775.3 Static and Dynamic RoutingLike any IP route

Welcome to the AVM Access Server6 AVM Access Server – 1 Welcome to the AVM Access Server1 Welcome to the AVM Access ServerThe AVM Access Server seamle

Reserving B Channels78 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesStatic routingAll information about destination netwo

Restricting Access to Scheduled TimesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 79The system administrator must ensure

Cost Assignment (COSO, Charge One Site Only)80 AVM Access Server – 5 AVM Access Server Concepts and Functional Principles5.6 Cost Assignment (COSO, Ch

Virtual Private Network (VPN)AVM Access Server – 5 AVM Access Server Concepts and Functional Principles 815.7 Virtual Private Network (VPN)The AVM Acc

VPNs in the AVM Access Server82 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesVPNs in the AVM Access ServerThe term VPN re

SecurityAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 83right mouse button and select “Add Group...” in the context menut

The VPN Protocol IPsec84 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesIPsec is a network-layer (ISO OSI Layer 3) protocol

The VPN Protocol IPsecAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 85The IP addresses in the example above are used in d

The VPN Protocol IPsec86 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesIn the encapsulated packets transported over the IP

The IPsec Transport ProtocolsAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 87Remote NetworksIn configuring a VPN connecti

The AVM Access Server ConnectsAVM Access Server – 1 Welcome to the AVM Access Server 7The following diagram illustrates the uses of the AVM Access Ser

The IPsec Transport Protocols88 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesPrevents replay and detects man-in-the-middl

NegotiationAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 89NegotiationMany combinations of encryption and authentication

Negotiation90 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesIKE Phase 1The purpose of IKE Phase 1 is to negotiate an SA to

Authentication Using CertificatesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 91IKE Phase 2The goal of IKE Phase 2 is to

Authentication Using Certificates92 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesAsymmetrical Encryption TechniquesAsymme

Authentication Using CertificatesAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 93When a certificate is issued, a key pair

Compression Techniques (IPComp)94 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesIn this case, the digital signature is con

Dynamic DNSAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 955.8 Dynamic DNSDynamic DNS is an Internet service that allows

Windows Name Resolution with the AVM Access Server96 AVM Access Server – 5 AVM Access Server Concepts and Functional PrinciplesNetBIOS names are easie

Windows Name Resolution with the AVM Access ServerAVM Access Server – 5 AVM Access Server Concepts and Functional Principles 97Name Resolution Methods