bintec RS353jw
10.04.2015
Subject to technical alterations
Page 9 / 13
bintec elmeg GmbH - Suedwestpark 94 - 90449 Nuremberg - Germany
Phone: +49 - 911 9673-0 - Telefax: +49 - 911 688 07 25
VPN
IPSec IKE XAUTH (Client/Server) Internet Key Exchange protocol Extended Authenticaion client for login to XAUTH server and
XAUTH server for loging of XAUTH clients
IPSec IKE XAUTH (Client/Server) Inclusive the forwarding to a RADIUS-OTP (One Time Password) server (supported OTP solutions
see www.bintec-elmeg.com).
IPSec NAT-T Support of NAT-Traversal (Nat-T) for the application at VPN lines with NAT
IPSec IPComp IPSec IPComp data compression for higher data throughput via LZS
IPSec certificates (PKI) Support of X.509 multi-level certificates compatible to Micrososft and Open SSL CA server; upload
of PKCS#7/8/10/12 files via TFTP, HTTP, HTTP, LDAP, file upload and manual via FCI
IPSec SCEP Certificates management via SCEP (Simple Certificate Enrollment Protocol)
IPSec Certificate Revocation
Lists (CRL)
Support of remote CRLs on a server via LDAP or local CRLs
IPSec Dead Peer Detection
(DPD)
Continuous control of IPSec connection
IPSec dynamic IP via ISDN Transmission of dynamic IP address in ISDN D or B channel; free-of-charge licence necessary
IPSec dynamic DNS Enables the registering of dynamic IP addresses by a dynamic DNS provider for establishing a IPSec
connection.
IPSec RADIUS Authentication of IPSec connections at a RADIUS server. Additionally the IPSec peers, which were
configured on a RADIUS server, can be loaded into the gateway (RADIUS dialout).
IPSec Multi User Enables the Dial-in of several IPSec clients via a single IPSec peer configuration entry
IPSec QoS The possibility to operate Quality of Service (traffic shaping) inside of an IPSec tunnel
IPSec NAT By activating of NAT on an IPSec connection it is possible, to implement several remote locations
with identical local IP addess networks in different IP nets for the VPN connection
Number of IPSec tunnels Inclusive 5 active IPSec tunnels (expandable to 30 tunnels)
Security
Encryption WEP/WPA WEP64 (40 Bit key), WEP128 (104 Bit key), WPA Personal, WPA Enterprise, WPA2 Personal, WPA2
Enterprise
Inter Cell Repeating Inter traffic blocking for public hot spot (PHS) applications for preventing of communication radio
client to radio client in a single radio cell.
IEEE802.11i Authentisierung und
Verschlüsselung
802.1x/EAP-MD5, 802.1x/EAP-TLS, 802.1x/EAP-TTLS, 802.1x/EAP-PEAP, key management, PSK/TKIP
encryption, AES encryption, 802.1x/EAP
Access Control List (ACL) MAC address filter for WLAN clients
VLAN Network segmentation on layer 2 possible, one VLAN ID per SSID. Static VLAN configuration
according to IEEE 802.1q; supports up to 256 VLANs.
NAT/PAT Symmetric Network and Port Address Translation (NAT/PAT) with randomly generated ports
inclusive Multi NAT (1:1 translation of whole networks)
Policy based NAT/PAT Network and Port Address Translation via different criteria like IP protocols, source/destination IP
Address, source/destination port
Policy based NAT/PAT For incoming and outgoing connections and for each interface variable configurable
