14
Chapter 2 System Overview
BCM50e and BCM50a have three additional Ethernet LAN ports for a total of six LAN ports for
local premises use. All Ethernet ports are 10/100 Mb/s automatic sensing and support automatic
polarity. Therefore, you require no crossover cable to connect data hardware to the unit. An
additional port is provided for WAN access for, either Ethernet or ADSL.
The following features make BCM50a and BCM50e attractive for small sites that want to become
Internet-capable and multisite enterprises with many small sites. Until now, these sites could not
be part of the corporate WAN because of the high cost of traditional WAN connectivity and
managed service.
VPN
•
10 IPSec Branch Office Tunnels (peer-to-peer)
•
IPSEC client termination supported
•
support for bandwidth management
•
support for Dynamically addressed peers – ABOT
•
support for Client Tunnel origination (not
termination) to simplify the connection to a larger
VPN Router network
•
IKEv1 Main Mode
•
IKEv1 Quick Mode
•
Diffie-Hellman Group 1,2
•
IPSec Tunnel Mode
•
ESP
•
NAT Traversal
NAT
•
many-to-one, static, many-to-many
•
port forwarding
•
IPSec pass through
•
NAT support for tunnel mode IPSec tunnels
•
Throughput traffic performance - 23.1 Mb/s
IP Services
•
DHCP client
•
DHCP server with support for Nortel Internet
Telephones
•
DHCP Relay supported
•
DNS Proxy
•
DNS with VPN client
•
WAN failover supported
•
PPPoE
•
PPTP (ethernet router only)
•
Configurable MAC address
•
Clear text traffic:
— WAN to LAN 33.9 Mb/s
— LAN to WAN 30.5 Mb/s
NN40020-200
Security Services
•
cryptographic services
•
DES and 3DES
•
data authentication SHA-1
•
data authentication MD-5
•
authentication services
•
preshared secrets
•
security services
•
stateful firewall
•
intrusion detection
•
AES support
•
digital certificates supported
•
RADIUS support
Router
•
Clear text routing
•
Static: through tunnel
•
RIP v1: through tunnel and clear
text
•
RIP v2: through tunnel and clear
text