Versionen im Vergleich

Alte Version 2

changes.mady.by.user LANCOM Redaktion

Gespeichert am

verglichen mit

Neue Version Aktuell

changes.mady.by.user LANCOM Redaktion

Gespeichert am

Schlüssel

  • Diese Zeile wurde hinzugefügt.
  • Diese Zeile wurde entfernt.
  • Formatierung wurde geändert.

...

This article describes how to enable access with the web client and SSH, and which IP addresses have to be set in order to enable remote access by LANCOM Systems Support.

...

Hinweis

Where an upstream router is operated, port forwarding to be set up on it to enable access to the Unified Firewall. This is described in step 3 for LANCOM routers.

If access by LANCOM Support is no longer required, LANCOM Systems recommends that you deactivate the remote access.

Info

Necessary IP addresses for remote access:

SSH:

  • 212.117.89.9 /32
  • 217.6.21.90/32  (existing entry LANCOM Customer Support, before LCOS FX 10.4  the entry has to be created manually)
  • 80.246.32.0/24  (existing entry   Rohde & Schwarz Internet Gateway
  • 213.238.47.128/29  (existing entry   Rohde & Schwarz Cybersecurity Customer Support)

Webclient:

  • 212.117.89.9/32
  • 217.6.21.90/32
  • 62.153.130.132/32 (existing entry   LANCOM Customer Support, before LCOS FX 10.4  the entry has to be created manually)
  • 80.246.32.0/24  (existing entry   Rohde & Schwarz Internet Gateway
  • 213.238.47.128/29  (existing entry   Rohde & Schwarz Cybersecurity Customer Support)



Requirements:

  • LANCOM R&S®Unified Firewall with firmware version 10.2 or later
  • Web browser for configuring the Unified Firewall.

    The following browsers are supported:
    • Google Chrome
    • Chromium
    • Mozilla Firefox

...

Two entries are available in the whitelist, which allow the LANCOM Support Team (Rohde & Schwarz ...) to access the device. As this involves another location, it is necessary to enter a further IP address.

Image RemovedImage Added

1.3) Under Source, enter the IP address 217212.6117.2189.90 in 9 in CIDR notation ( Classless Inter-Domain Routing) in order to allow access via SSH (i.e. from 217.6.21.90/32) and enter a meaningful name under Title.

Then click on the “+” icon to save the entry.

...

Info

...

Before LCOS FX 10.

...

the IP address 217.6.21.90 must also be entered in CIDR notation.

Necessary entries:

  • 212.117.89.9 /32
  • 217.6.21.90/32 (only before LCOS FX 10.4)

Image Added Image Removed

1.4) Set check marks for LANCOM Customer SupportRohde & Schwarz Internet Gateway and Rohde & Schwarz Cybersecurity Customer Support and click Save.

Image RemovedImage Added



2) Allow access via HTTPS:

...

Two entries are available in the whitelist, which allow the LANCOM Support Team (Rohde & Schwarz ...) to access the device. As this involves another location, it is necessary to enter a further IP address.

Image RemovedImage Added

2.3) Under Source, enter the IP address addresss 212.117.89.9 and 217.6.21.90 in CIDR notation ( Classless Inter-Domain Routing) in order to allow access via HTTPS (i.e. from 217.6.21.90/32) and enter a meaningful name under Title.

Then click on the “+” icon to save the entry.

...

Info

...

Before LCOS FX 10.

...

the IP address 62.153.130.132  must also be entered in CIDR notation.

Necessary entries:

  • 212.117.89.9 /32
  • 217.6.21.90/32
  • 62.153.130.132/32  (only before LCOS FX 10.4)

Image Added

Image Added Image Removed

2.4) Set check marks for LANCOM Customer SupportRohde & Schwarz Internet Gateway and Rohde & Schwarz Cybersecurity Customer Support and click Save.

Image RemovedImage Added



3) Setting up port forwarding in the LANCOM router (optional)

If a LANCOM router is operated upstream, it needs to be set up with port forwarding to enable access to the Unified Firewall. This is the case when using the layer-3 loop and a “series” connection .

3.1) Open the configuration for the router in LANconfig and switch to the menu item IP-Router → Masq . → Port forwarding table .

Image Modified

3.2) Set up port forwarding for access by SSH:

...