A basic pre-requisite for all methods device configuration is for an IP connection to exist between the configuration computer and the device. No matter whether you use LANconfig, WEBconfig or SSH; it is impossible to send any configuration commands to the device without an IP connection. In the event of erroneous configuration of the TCP/IP settings or VLAN parameters, this IP connection may be impossible to establish. The only option in this case is to access the device via the serial configuration interface, which however is not available on all devices, or to reset the device to its factory settings. However, both options require physical access to the device—this may not always be the case for the concealed installation of access points and can represent considerable overhead for larger-scale installations.
The LANCOM Layer 2 Management Protocol (LL2M) is used to also enable configuration access to a device even without an IP connection. All this protocol requires is a connection on layer 2 (i.e. via Ethernet directly or via layer-2 switches) to establish a configuration session. LL2M connections are supported on LAN or WLAN connections, but not via WAN. Connections via LL2M are password protected and are resistant to replay attacks.
LL2M establishes a client-server structure for this purpose: The LL2M client sends requests or commands to the LL2M server, which then responds to the requests or runs the commands. Both the LL2M client and the LL2M server are integrated in the LCOS LX. The LL2M client commands are executed via the command line or WEBconfig.
An encrypted tunnel is set up for every LL2M command to protect the transmitted log-in information. To use the integrated LL2M client, start a terminal session on a device that has local access to the LL2M server via the available physical medium (LAN, WLAN). In this CLI session you can use the following commands to contact the LL2M server: LL2Mdetect and LL2Mexec. See Command-line interface – command summary
Enable LL2M here.
Note: Access points of type LANCOM LW-500 can only be found and configured via LL2M if LL2M packets reach the access point with a VLAN tag which is included in the configuration of the access point (WLAN SSID configuration or management VLAN configuration).
- Shows the status of the current LL2M configuration.
This item is used to specify the interfaces or Ethernet ports where the LL2M server can be reached. The presetting provides accessibility on all Ethernet ports.