Physical Interfaces

  • LAN: 4-port Gigabit (10/100/1000 Base-T)
  • WAN: 2-port Gigabit (10/100/1000 Base-T) Ethernet
  • USB: 2 USB 2.0 Ports (for flash storage and 3G)
    • Note : USB Function due in later firmware
  • WAN Protocols : PPPoE, PPTP, DHCP Ciet, Static IP
  • Load Balancing : Policy based or automatic
  • WAN Failover : Switch to other connection when primary WAN lost

VPN support

  • Protocols : PPTP, IPSec, L2P, L2TP over IPSec
  • Up to 200 simultaneous tunnels (LAN-to-LAN or Teleworker-to-LAN)
  • Dial-in and Dial-out supported
  • VPN Trunking - allows alternative failover route or multiple tunnels to the same destination to increase capacity/throughput
  • LDAP/Active Directory : Teleworker VPNs can be auththenticated by a LDAP/AD server
  • NAT-Traversal (NAT-T): VPN over routes without VPN Passthrough
  • PKI Certificates: Use X.509 Digital Signatures
  • IKE Authentication: Pre-shared key (PSK), Phase 1 agressive/standard, Phase 2 selectable lifetimes
  • Encryption:
    • Hardware-based AES (128, 192, 256 bits)
    • Hardware-based DES/3DES (56 & 168 bits)
    • Hardware-based MD5 & SHA-1
    • MPPE (40 or 128 bits)
  • Radius Client: Authentication for PPTP remote dial-in teleworkers
  • DHCP over IPSec
  • GRE over IPSec
  • Dead-Peer-Detection (DPD))
  • Smart-VPN Softare utility: For teleworkers
  • No extra licencing or additional VPN client costs.
  • Ineroperability : Compatible with other 3rd party VPN devices

Firewall

  • Stateful Packet Inspection (SPI)
  • Content Security Management (CSM)
  • Multi-NAT: Set one-to-one mappings between your private and public IP addresses
  • Port Redirection & Open Ports
  • Policy-based IP Packet Filter. Fully configurable policies based on IP address, MAC address (source or destination), DiffServ attribute, direction, bandwidth, remote site
  • DoS/DDoS Protection
  • IP Address Anti-spoofing
  • Object-Based Firewall
  • Notification: Email alerts and logs to syslog
  • Bind IP to MAC address
  • User-Controlled Rules: Interrogates LDAP server to permit access or enforce policies

System Management

  • Web-Based User Interface: Integrated server for router management (via HTTP or HTTPS)
  • Telnet/SSH : Command line control and configuration
  • Configuration Backup/Restore
  • Built-in diagnostics, dial-out triger, routing table, ARP table, DHCP Table, NAT Sessions Table, data flow monitor, traffic graph, ping diagnostics, traceroute
  • Firmware Upgrade by HTTP, TFTP & FTP
  • Syslog Logging
  • SNMP Management: v1/v2, MIB II
  • Vigor ACS-SI Centralised Management: TR-069 compatible for ACS platform
  • Compatible with Smart Monitor Traffic Analyser : Windows software for up to 100 users

Bandwidth Management

  • Traffic Shaping: Dynamic bandwidth management with IP traffic shaping
  • Bandwidth Reservation: Connection or client based
  • Packet Size Control
  • DiffServ Codepoint Classifying
  • 4 Priority Levels (Inbound/Outbound)
  • Individual IP Bandwidth Session Limits per user/group
  • Bandwidth Borrowing
  • User-defined class-based rules

Web Content Filtering & CSM

  • URL Keyword Blocking: Blacklist or Whitelist
  • Content Type Blocking: Java applet, cookies, Active-X
  • Block P2P Applications (inc. Kazza, WinMX, Bittorrent)
  • Block Instant messaging
  • Block access of web sites by direct IP address (thus URLs only)
  • Block HTTP download of compressed, executable or multimedia files
  • Web Content Filter: GlobalView filtering of 64 web site categories (e.g. adult, gambling sites etc.). subscription required (free trial included)
  • Time Scheduling: Blocking rules can be activated based on time schedules

Routing Functions

  • IPv4 & IPv6 Dual-Stack
  • DNS Cache/Proxy
  • DHCP Client, Server & Relay
  • DHCP Options: 1,3,6,51,53,54,58,59,60,61,66,125
  • IGMP v1/v2 & Proxy/Snooping
  • uPnP: 500 Sessions
  • NAT: 80,000 Sessions
  • NTP Client with DST Adjustments
  • Static routing
  • Policy-based routing
  • Dynamic DNS : Updates DDNS servers with public IP address
  • Port-Based VLAN
  • Tag-Based VLAN: 802.1q
  • Client/Call Scheduling : Real-time clock, with NTP updating schedules access or connectivity
  • Wake-on-LAN : Passed from WAN to preset LAN device

Operating Requirements

  • Rack Mountable (Mount brackets included)
  • Temperature Operating : 0°C ~ 45°C
  • Storage : -10°C ~ 70°C
  • Humidity 10% ~ 90% (non-condensing)
  • Power Consumption: 19W Max
  • Dimensions: L273 * W166 * H44 (mm) (1U Height))
  • Operating Power: 220-240VAC (internal PSU)