Description:
This document describes the management of user-related rights when operati=
ng the PPPoE server on the LANCOM router, and how to set up the PPPoE clien=
t in Windows 7.
The PPPoE server integrated into the LANCOM router allows multiple PPPoE u=
sers to be created and managed within an existing LAN. With the widespread =
availability of DSL, most operating systems are now equipped with PPPoE cli=
ents. These can be used to "log on to the network" as well as to manage acc=
ess rights to services such as the Internet, e-mail or remote sites.
In most scenarios DHCP is used to assign addresses to LAN users, which mak=
es the configuration of individual firewall rules complicated and laborious=
. This process can be simplified by creating PPPoE users and then using the=
remote sites as the basis for granting access rights. This approach greatl=
y simplifies the configuration and management of individual employees and g=
roups.
In the example described here, the firewall is used to restrict the group =
named Purchasing to using the following services: HTTP, HTTPS, POP3,=
SNMP, and NNTP. All other services are prohibited for this group. This ran=
ge of services can be enlarged or restricted to meet your individual needs.=
Requirements:
- The router must have been given a name under Management-> General=
-> Device name.
- An address pool for dial-in access must be specified in the rout=
er under Configuration -> TCP/IP-> Addresses.
Procedure:
1. Configuring the LANCOM router: <=
br>
1.1) Enable the PPPoE server in the configuration of the LANCOM router (Configuration -> Communication -> General).
1.2) Assign a name to the service, e.g. User_Auth).
Information:
Entering a name for the service is optional. This enables a PPPoE client t=
o select a certain PPPoE server as specified in the client software.
The Session limit specifies how often a client can be logged on sim=
ultaneously with the same MAC address. Once the limit has been reached, the=
server no longer responds to the client queries that are received. The def=
ault is 1 , the maximum value is 99 . A Session limit of 0=
stands for an unlimited number of sessions.
1.3) Click on the button 'Remote sites (PPPoE)' and create a new entry in =
the PPPoE server's name list (LANconfig> Communication> Name list).
The settings for the remote site DEFAULT are applied to all client =
dial-ins.
To make settings for each individual client, you can define remote-site na=
mes for each client here. The name of the remote site must be set in the cl=
ient as the PPP user name.
Information:
If a MAC address is entered, then only connections from this MAC address w=
ill be established. The MAC address of '000000000000' means that the client=
may log on with any MAC address.
1.4) Go to the menu Configuration -> Communications -> Protocols =
-> PPP list and Add a new entry.
Enter the user Purchasing as remote site into the PPP list without =
a user name but with a shared password, which is to be used by all e=
mployees in the department. Set authentication (encrypted) as CHAP. =
IPv4 routing is activated for this PPP user.
<=
br>
1.5) The firewall can be used to control which services are availab=
le for the employees in the Purchasing department. In this example the serv=
ices WEB and MAIL are to be released.
Go to the menu Configuration -> Firewall/QoS -> Rules and =
Add a new rule.
1.6) Enter a name for the new rule.
1.7) Go to the Actions tab and select the object ACCEPT. =
1.8) As the Connection source select the remote site PURCHASING<=
/b>.
1.9) On the Services tab, go to the Target services section =
and add the objects WEB and MAIL.
1.10) Close the dialog with OK and write the configuration back to =
the LANCOM router.
2. Configuring the PPPoE client in Windows=
7:
2.1) Click on Start -> Control Panel -> Network and Sharing Cente=
r and select the option Set up a new connection or network. <=
br>
2.2) As a network connection type, select Connect to the Internet.<=
br>
2.3) In the next dialog, select Broadband (PPPoE).
<=
br>
2.4) Here you enter the PPP remote site and the associated password.
2.5) Give the PPPoE connection a Connection ame.
=
2.6) Click on Connect to close the wizard.
2.7) Enter the Password and click on Connect. This establish=
es the connection to the LANCOM router.
|
|