Nortel 221 DM1401162 用户手册
产品代码
DM1401162
3
VPN Router 5000
Large
headquarters
(5000 tunnels)
Medium
headquarters
(2000 tunnels)
Small
headquarters
(500 tunnels)
Branch offices
(30 tunnels)
VPN Router 2700
VPN Router 1750
VPN Router 1100
Internet
VPN Router 221
VPN Router 221
VPN Router 251
Home Office
with cable modem access
Cable
modem
Teleworker
with ADSL access
Small Office
with 10/100 Ethernet access
ADSL
IP access
device
Technical specifications — features and capabilities
VPN Router 200 Series
IP routing and
network
addressing
network
addressing
VPN tunneling
Encryption
Authentication
services
services
VPN (Hard)
Client support
Client support
• RIPv1 and v2, ARP, ICMP
• PPPoE (two sessions)
• DHCP client and server: ‘static’ DHCP
• Dynamic DNS and DNS proxy
• NAT – many-to-many, many-to-one, one-to-one,
• PPPoE (two sessions)
• DHCP client and server: ‘static’ DHCP
• Dynamic DNS and DNS proxy
• NAT – many-to-many, many-to-one, one-to-one,
port forwarding
• IPsec, including AH and ESP with main and
aggressive mode IKE
• PPTP
• Nailed-up VPN tunnels with control PING
• Support for branch VPN tunnels with NAT port
• Nailed-up VPN tunnels with control PING
• Support for branch VPN tunnels with NAT port
forwarding
• Up to 5 VPN tunnels
• DES, 3DES
• 3DES uses 3 independent keys; 168-bit key
• 3DES uses 3 independent keys; 168-bit key
length (effective strength of 128 bits)
• 128, 192 or 256-bit AES
• 802.1x (via internal VPN Router 200 database or
external RADIUS server)
• X.509 digital certificates (PKCS #7 and #10; SCEP
and CMP for open SSL Certificate Authorities)
• Support for third-party Extensible Authentication
Protocol (EAP) clients
• Shared secret
• Data authentication via SHA-1 or MD-5
• Data authentication via SHA-1 or MD-5
• On-demand or manual VPN tunnel establishment
• Automatic IP fail-over assignment
• Support for RADIUS authentication
• Exclusive use mode
• Automatic IP fail-over assignment
• Support for RADIUS authentication
• Exclusive use mode
Serving the price-sensitive, small user segment of the site-to-site
IP-VPN market and delivering comprehensive IP security functions, the
VPN Router 200 can provide connectivity to headquarters offices and
other branch locations that have other VPN Router devices.
• Stateful packet inspection of up to 50 rules
• LAN to LAN, LAN to WAN, WAN to WAN
• Denial of Service (DoS) protection
• Attack logging and e-mail alerts
• ALGs for CU-SeeME, FTP, H.323, IPsec, RealAudio,
• LAN to LAN, LAN to WAN, WAN to WAN
• Denial of Service (DoS) protection
• Attack logging and e-mail alerts
• ALGs for CU-SeeME, FTP, H.323, IPsec, RealAudio,
VDoLive
• SIP/H.323 ALGs for firewall and NAT traversal
• Port-restricted Cone NAT for Nortel Unistim VoIP
• Port-restricted Cone NAT for Nortel Unistim VoIP
forwarding
• Class-based queueing and bandwidth management
for latency-sensitive VoIP traffic
• Interoperable with Nortel Multimedia
Communication Server, BCM and Communication
Server VoIP portfolios
Server VoIP portfolios
• VPN Router Multi-Element Manager provides
multi-device configuration for up to 2,500 VPN
Router devices, including the VPN Router 200
series
Router devices, including the VPN Router 200
series
• Web-based browser (HTTP) and/or Command-line
interface (CLI) configuration
• SNMP monitoring/alerts
• Easy Install utility for centralized remote set-up
• SSL/SSH administration
• SFTP for software downloads
• Denial of Service (DoS) attack alert and logging
• Easy Install utility for centralized remote set-up
• SSL/SSH administration
• SFTP for software downloads
• Denial of Service (DoS) attack alert and logging
capability
• FCC Class B
• Underwriters Laboratory
• CSA
• FCC Part 68 (for xDSL devices)
• CE
• Underwriters Laboratory
• CSA
• FCC Part 68 (for xDSL devices)
• CE
Stateful firewall
Voice-friendly
capabilities
capabilities
Management
Environmental
compliance
compliance