Datasheet | Routers
AT-AR750S
SecureVPN Router
maintained in congested networks. Advanced
QoS allows voice, video, and data traffic to have
QoS applied within individual IPSec tunnels,
over GRE, as well as IPv6 to IPv4 tunnels.
AT-AR750S
Key Features
2 x WAN 10/100BASE-T ports
5 x LAN 10/100BASE-T ports
2 x PICs
Hardware
• 2 x 10/100 WAN interfaces
• 2 x Port Interface Cards (PICs)
• 5 x 10/100BASE-T switched LAN ports
• 1 x Asynchronous port / Modem Port
• DMZ port: configurable on any of theWAN/LAN ports
• RoHS Compliant
1 x Asynchronous console / Modem port
Performance
Secure Modular Routing Solution
The AT-AR750S has been designed with the
needs of small to medium enterprises/businesses
(SME/SMB) or branch office businesses in mind.
The AT-AR750S offers significant advances in
processing performance, Quality of Service (QoS),
routing, remote connectivity and security.
The AT-AR750S provides superior performance
over other secureVPN routers in this market
space.While most secure routers have Stateful
Firewalls with NAT, QoS, and IPsecVPN
termination capability, very few can perform all
three functions and still provide excellent
performance with the mixed packed sizes seen
in real networks. The AT-AR750S has been
designed to meet real network needs.
Security
• IP Filtering
• Stateful Inspection Firewall
• 802.1x
• Authentication: RADIUS,TACACS, MD5, PAP, CHAP
VPN/Encryption
• NAT-T
• AES, DES, 3DES encryption
• 5,000 configured IPsecVPN tunnels (250 active tunnels)
• HW accelerated IPsecVPN >35Mbps@72byte
packets (with AES 256 bit encryption)
• Up to 195 Mbps IPsec throughput with large packets
ExtensiveVPN Cabability
The AT-AR750S provides extensive IPSec-based
VPN capability, allowing the interconnection of
offices, remote tele-workers, and other users
who require secure access to a corporate
network.The integrated hardware acceleration,
standard on the AT-AR750S, maximizes
encryption throughput and removes the need
to purchase a hardware upgrade package.The
AT-AR750S is also compatible with industry
standard IPSecVPN clients.
Stateful Firewall inspection, NAT and QoS:
>50Mbps @ 64 byte packets
Stateful Firewall inspection, NAT, QoS, IPsec
VPN (with AES 256 bit encryption):
>35Mbps @ 72 byte packets
Manageability
• Web based GUI
• CLI management
• SNMPv3
The AT-AR750S can achieve up to 195 Mbps
IPsec throughput with bidirectional traffic.
• IP QoS
This level of performance enables secure site-
to-siteVPNs over multiple WAN interfaces
while still firewalling the local network across
multiple LAN ports.
Extensive routing support, including:
Security
• RIPv1 and v2
• OSPFv1 and v2
• GRE, L2TP
• IPX
• VRRP
• RIPng
In addition to hardware-based encryption, the
AT-AR750S comes with other advanced
security features such as traffic filtering with
event logging.Traffic filtering uses the source
and destination address, port, protocol andTCP
packet type to provide control over traffic that
passes through the AT-AR750S. A Stateful
Inspection Firewall provides an increased level
of security and complements the packet filtering
function. HTTP and SMTP proxies on the
AT-AR750S provide improved control over web
and mail communications.
Comprehensive Management and
Configuration
• IPv6 – optional
• BGP-4 – optional
The AT-AR750S comes with a comprehensive
suite of management features and is also
compatible with SNMP-based management
packages. An extensive command set is available
via the Command Line Interface (CLI), and a
browser-based Graphical User Interface (GUI) is
also provided to simplify the AT-AR750S'
configuration and management.The GUI provides
access to default set-ups in key management
areas and provides access to regional settings.
AlliedTelesis’ SNMP support extends to SNMPv3
to provide secure management.
Multicast routing protocols, including:
• PIM-DM
• PIM-SM
• DVMRP
• IGMPv2
• IGMP Snooping
• IPv6 Multicast – optional
• PIM6
Quality of Service
AlliedTelesis’ QoS implementation enables the
AT-AR750S to dynamically identify high priority
voice, video and application traffic, so that
appropriate service levels can be
• MLD
Support for traditional network protocols,
including:
• X.25
• Frame Relay
Allied Telesis
Download from Www.Somanuals.com. All Manuals Search And Download.
AT-AR750S | SecureVPN Router
Standards and Protocols
RFC 1618 PPP over ISDN
RFC 2402 AH - IP Authentication Header
RFC 2403 IPsec Authentication - MD5
RFC 2404 IPsec Authentication - SHA-1
RFC 2405 IPsec Encryption - DES
RFC 2406 ESP - IPsec encryption
RFC 2407 IPsec DOI
Software Release 2.9.1
RFC 1661 The Point-to-Point Protocol (PPP)
RFC 1701 GRE
BGP-4
RFC 1771 Border Gateway Protocol 4
RFC 1966 BGP Route Reflection
RFC 1997 BGP Communities Attribute
RFC 1998 Multi-home Routing
RFC 2385 Protection of BGP Sessions via the TCP MD5
Signature Option
RFC 2439 BGP Route Flap Damping
RFC 2858 Multiprotocol Extensions for BGP-4
RFC 2918 Route Refresh Capability for BGP-4
RFC 3065 Autonomous System Confederations for BGP
RFC 3392 Capabilities Advertisement with BGP-4
RFC 1702 GRE over IPv4
RFC 1762 The PPP DECnet Phase IV Control Protocol
(DNCP)
RFC 1812 Router Requirements
RFC 2408 ISAKMP
RFC 1877 PPP Internet Protocol Control Protocol
Extensions for Name Server Addresses
RFC 1918 IP Addressing
RFC 2409 IKE
RFC 2410 IPsec encryption - NULL
RFC 2411 IP Security Document Roadmap
RFC 2412 OAKLEY
RFC 1962 The PPP Compression Control Protocol (CCP)
RFC 1968 The PPP Encryption Control Protocol (ECP)
RFC 1974 PPP Stac LZS Compression Protocol
RFC 1978 PPP Predictor Compression Protocol
RFC 1989 PPP Link Quality Monitoring
RFC 1990 The PPP Multilink Protocol (MP)
RFC 1994 PPP Challenge Handshake Authentication
Protocol (CHAP)
RFC 2125 The PPP Bandwidth Allocation Protocol (BAP)
/ The PPP Bandwidth Allocation Control Protocol (BACP)
RFC 2131 DHCP
RFC 2390 Inverse Address Resolution Protocol
RFC 2516 A Method for Transmitting PPP Over Ethernet
(PPPoE)
RFC 2822 Internet Message Format
RFC 2878 PPP Bridging Control Protocol (BCP)
RFC 2661 L2TP
RFC 3046 DHCP Relay Agent Information Option
RFC 3232 Assigned Numbers
RFC 3993 Subscriber-ID Sub-option for DHCP Relay
Agent Option
"IPX Router Specification", v1.2, Novell, Inc., Part
Number 107-000029-001
ISO 10589, ISO 10589 Technical Corrigendums 1, 2, 3,
ISO Intermediate System-to-Intermediate System
"ISO 8473, relevant parts of ISO 8348(X.213), ISO
8343/
Add2, ISO 8648, ISO 8648, ISO TR 9577 Open System
Interconnection"
ISO 9542 End System to Intermediate System Protocol
Encapsulation of IPsec Packets
BootP and DHCP parameters
RFC 3173 IPComp - IPsec compression
IPv6
RFC 1981 Path MTU Discovery for IPv6
RFC 2080 RIPng for IPv6
Encryption
RFC 1321 MD5
RFC 2104 HMAC
RFC 2365 Administratively Scoped IP Multicast
RFC 2375 IPv6 Multicast Address Assignments
RFC 2460 IPv6
RFC 2461 Neighbour Discovery for IPv6
RFC 2462 IPv6 Stateless Address Autoconfiguration
RFC 2463 ICMPv6
RFC 2451 The ESP CBC-Mode Cipher Algorithms
FIPS 180 SHA-1
FIPS 186 RSA
FIPS 197 AES
RFC 2464 Transmission of IPv6 Packets over Ethernet
Networks
FIPS 46-3 DES
FIPS 46-3 3DES
RFC 2465 Allocation Guidelines for Ipv6 Multicast
RFC 2466 Management Information Base for IP Version
6: ICMPv6 Group
Ethernet
RFC 2472 IPv6 over PPP
RFC 894 Ethernet II Encapsulation
IEEE 802.1D MAC Bridges
IEEE 802.1G Remote MAC Bridging
IEEE 802.1Q Virtual LANs
IEEE 802.2 Logical Link Control
IEEE 802.3ac VLAN TAG
RFC 2526 Reserved IPv6 Subnet Anycast Addresses
RFC 2529 Transmission of IPv6 over IPv4 Domains
without Explicit Tunnels
RFC 2710 Multicast Listener Discovery (MLD) for IPv6
RFC 2711 IPv6 Router Alert Option
RFC 2851 Textual Conventions for Internet Network
Addresses
RFC 2893 Transition Mechanisms for IPv6 Hosts and
Routers
IEEE 802.3u 100BASE-T
IEEE 802.3x Full Duplex Operation
General Routing
RFC 768 UDP
RFC 3056 Connection of IPv6 Domains via IPv4 Clouds
RFC 3307 Allocation Guidelines for IPv6 Multicast
Addresses
RFC 791 IP
RFC 792 ICMP
RFC 3315 DHCPv6
RFC 793 TCP
RFC 3484 Default Address Selection for IPv6
RFC 3513 IPv6 Addressing Architecture
RFC 3587 IPv6 Global Unicast Address Format
RFC 3596 DNS Extensions to support IPv6
RFC 3810 Multicast Listener Discovery Version 2 (MLDv2)
for IPv6
RFC 826 ARP
RFC 903 Reverse ARP
General Routing and Firewall
RFC 3022 Traditional NAT
draft-ietf-ipsec-nat-t-ike-08.txt Negotiation of NAT-
Traversal in the IKE
draft-ietf-ipsec-udp-encaps-08.txt UDP Encapsulation of
IPsec Packets
RFC 925 Multi-LAN ARP
RFC 950 Subnetting, ICMP
RFC 1027 Proxy ARP
RFC 1035 DNS
RFC 1055 SLIP
Addresses Management Information Base for IP Version
6: Textual Conventions and General Group
RFC 1122 Internet Host Requirements
RFC 1142 OSI IS-IS Intra-domain Routing Protocol
RFC 1144 Van Jacobson's Compression
RFC 1256 ICMP Router Discovery Messages
RFC 1288 Finger
RFC 1332 The PPP Internet Protocol Control Protocol
(IPCP)
RFC 1334 PPP Authentication Protocols
RFC 1377 The PPP OSI Network Layer Control Protocol
(OSINLCP)
RFC 1378 The PPP AppleTalk Control Protocol (ATCP)
RFC 1518 CIDR
RFC 1519 CIDR
RFC 1542 BootP
Management
IP Multicasting
RFC 1075 DVMRP
RFC 1112 Host Extensions
RFC 1812 Router Requirements
RFC 2236 IGMPv2
RFC 2362 PIM-SM
RFC 2715 Interoperability Rules for Multicast Routing
Protocols
RFC 3973 PIM-DM
draft-ietf-idmr-dvmrp-v3-9 DVMRP
RFC 1155 MIB
RFC 1157 SNMP
RFC 1212 Concise MIB definitions
RFC 1213 MIB-II
RFC 1493 Bridge MIB
RFC 1643 Ethernet MIB
RFC 1657 Definitions of Managed Objects for BGP-4
using SMIv2
RFC 2011 SNMPv2 MIB for IP using SMIv2
RFC 2012 SNMPv2 MIB for TCP using SMIv2
RFC 2096 IP Forwarding Table MIB
RFC 2576 Coexistence between V1,V2, and V3 of the
Internet-standard Network Management Framework
RFC 2578 Structure of Management Information Version
2 (SMIv2)
IPsec
RFC 1552 The PPP Internetworking Packet Exchange
Control Protocol (IPXCP)
RFC 1570 PPP LCP Extensions
RFC 1582 RIP on Demand Circuits
RFC 1598 PPP in X.25
RFC 1828 IP Authentication using Keyed MD5
RFC 1829 Ipsec algorithm
RFC 2395 Ipsec Compression - LZS
RFC 2401 Security Architecture for IP
RFC 2579 Textual Conventions for SMIv2
Allied Telesis
Download from Www.Somanuals.com. All Manuals Search And Download.
AT-AR750S | SecureVPN Router
RFC 2674 Definitions of Managed Objects for Bridges
with Traffic Classes, Multicast Filtering and Virtual LAN
Extensions (VLAN)
RFC 2510 PKI X.509 Certificate Management Protocols
RFC 2511 X.509 Certificate Request Message Format
RFC 2559 PKI X.509 LDAPv2
ETS 300 102-1:1990 Integrated Services Digital Network
(ISDN);User-network interface layer 3;Specifications for
basic call control
ETS 300 102-2:1990 Integrated Services Digital Network
(ISDN); User-network interface layer 3; Specifications for basic
call control; Specification Description Language (SDL)
diagrams
RFC 2790 Host MIB
RFC 2585 PKI X.509 Operational Protocols
RFC 2587 PKI X.509 LDAPv2 Schema
RFC 2865 RADIUS
RFC 2819 RMON (groups 1,2,3 and 9)
RFC 2856 Textual Conventions for Additional High
Capacity Data Types
RFC 2866 RADIUS Accounting
RFC 2863 The Interfaces Group MIB
RFC 3164 Syslog Protocol
RFC 3289 Management Information Base for the
Differentiated Services Architecture
CDP
RFC 3410 Introduction and Applicability Statements for
Internet-Standard Management Framework
RFC 3411 An Architecture for Describing SNMP
Management Frameworks
RFC 3412 Message Processing and Dispatching for the
SNMP
RFC 3413 SNMP Applications
RFC 3414 User-based Security Model (USM) for SNMPv3
RFC 3415 View-based Access Control Model (VACM) for
the SNMP
RFC 3416 Version 2 of the Protocol Operations for
SNMP
RFC 3417 Transport Mappings for the SNMP
RFC 3418 MIB for SNMP
RFC 3636 Definitions of Managed Objects for IEEE
802.3 MAUs
RFC 3768 VRRP
draft-ietf-bridge-8021x-00.txt Port Access Control MIB
IEEE 802.1AB LLDP
RFC 3280 X.509 Certificate and CRL profile
draft-grant-tacacs-02.txt TACACS+
Draft-IETF-PKIX-CMP-Transport-Protocols-01 Transport
Protocols for CMP
draft-ylonen-ssh-protocol-00.txt SSH Remote Login
Protocol
IEEE 802.1x Port Based Network Access Control
PKCS #10 Certificate Request Syntax Standard
Diffie-Hellman
ETS 300 125:1991 Integrated Services Digital Network
(ISDN); User-network interface data link layer specification;
Application of CCITT Recommendations Q.920/I.440 and
Q.921/I.441
ETS 300 153:1992 Integrated Services Digital Network
(ISDN);Attachment requirements for terminal equipment
to connect to an ISDN using ISDN basic access
(Candidate NET 3 Part 1)
ETS 300 156:1992 Integrated Services Digital Network
(ISDN); Attachment requirements for terminal equipment to
connect to an ISDN using ISDN primary rate access
(Candidate NET 5)
ETS 300 011:1992 Integrated Services Digital Network
(ISDN); Primary rate user-network interface; Layer 1
specification and test principles
G.706 (1988) Frame Alignment and CRC Procedures
Relating to Basic Frame Structures Defined in G.704
G.794 (1988) Characteristics of 24-channel
transmultiplexing equipments
German Monopol (BAPT 221) Type Approval Specification
for Radio Equipment for Tagging and Identification
I.120 (1988) Integrated services digital networks (ISDNs)
I.121 (1988) Broadband aspects of ISDN
I.411 (1988) ISDN user-network interface reference
configurations
I.430 (1988) Basic user-network interface - Layer 1
specification
I.431 (1988) Primary rate user-network interface -
Physical layer specification
Services
RFC 854 Telnet Protocol Specification
RFC 855 Telnet Option Specifications
RFC 856 Telnet Binary Transmission
RFC 857 Telnet Echo Option
RFC 858 Telnet Suppress Go Ahead Option
RFC 932 Subnetwork addressing scheme
RFC 951 BootP
RFC 1091 Telnet terminal-type option
RFC 1305 NTPv3
RFC 1350 TFTP
RFC 1510 Network Authentication
RFC 1542 Clarifications and Extensions for the
Bootstrap Protocol
RFC 1985 SMTP Service Extension
RFC 1945 HTTP/1.0
OSPF
RFC 1245 OSPF protocol analysis
RFC 1246 Experience with the OSPF protocol
RFC 1586 OSPF over Frame Relay
RFC 1793 Extending OSPF to Support Demand Circuits
RFC 1587 The OSPF NSSA Option
RFC 2328 OSPFv2
RFC 2049 MIME
RFC 2068 HTTP/1.1
RFC 2156 MIXER
ITU-T G.703 Physical/electrical characteristics of
hierarchical digital interfaces
RFC 2217 Telnet Com Port Control Option
RFC 2821 SMTP
ITU-T G.704 Synchronous frame structures used at 1544,
6312, 2048, 8488 and 44736 kbit/s hierarchical levels
ITU-T G.706 Frame Alignment and CRC Procedures
Relating to Basic Frame Structures Defined in G.704
ITU-T Q.922 ISDN data link layer specification for frame
mode bearer services
ITU-T G.703 (1972) Physical/electrical characteristics of
hierarchical digital interfaces
Japan NTT I.430-a Leased Line Basic Rate User-Network
Interface Layer 1-Specification
New Zealand Telecom TNA 134 Telecom ISDN User-Network
Interface: Layer 3: PART B Basic Call Control Procedures
Q.920 (1988) Digital subscriber Signalling System No.1
(DSS1) - ISDN user-network interface data link layer -
General aspects
Q.921 (1988) ISDN user-network interface - Data link
layer specification
Q.930 (1988) Digital subscriber Signalling System No. 1 (DSS
1) - ISDN user-network interface layer 3 - General aspects
Q.931 (1988) Digital subscriber Signalling System No. 1
(DSS 1) - ISDN user-network interface layer 3
specification for basic call control
Rockwell Bt8370 Fully Intergrated T1/E1 Framer and
Line Interface data sheet
RFC 3101 The OSPF Not-So-Stubby Area (NSSA) Option
SSL
RFC 2246 The TLS Protocol Version 1.0
Draft-freier-ssl-version3-02.txt SSLv3
QoS
RFC 2205 Reservation Protocol
RFC 2211 Controlled-Load
X.25
RFC 2474 DCSP in the IPv4 and IPv6 Headers
RFC 2475 An Architecture for Differentiated Services
RFC 2597 Assured Forwarding PHB Group
RFC 2697 A Single Rate Three Color Marker
RFC 2698 A Two Rate Three Color Marker
RFC 3246 An Expedited Forwarding PHB (Per-Hop
Behavior)
RFC 1356 Multiprotocol Interconnect on X.25 and ISDN
in the Packet Mode
ITU-T Recommendations X.25 (1988), X.121 (1988). X.25
ISDN
ANSI T1.231-1997 Digital Hierarchy - Layer 1 In-Service
Digital Transmission Performance Monitoring Standardization
ANSI T1.403-1995 Telecommunications - Network-to-
Customer Installation - DS1 Metallic Interface
ANSI T1.408-1990 ISDN Primary Rate - Customer
Installation Metallic Interfaces, Layer 1 Specification
AT&T TR 54016-1989 Requirements for Interfacing
Digital Terminal Equipment to Services Employing the
Extended Superframe Format
IEEE 802.1p Priority Tagging
RIP
RFC 1058 RIPv1
RFC 2082 RIP-2 MD5 Authentication
RFC 2453 RIPv2
Security
Austel TS 013.1:1990 General Requirements for Customer
Equipment Connected to ISDN Basic Rate Access - Vol. I:
Customer Equipment Access Interface Specifications
Bellcore SR-3887 1997 National ISDN Primary Rate Interface
ETS 300 012:1992 Integrated Services Digital Network
(ISDN); Basic user-network interface; Layer 1 specification
and test principles
RFC 959 FTP
RFC 1413 IDP
RFC 1492 TACACS
Technical Reference of Frame Relay Interface,Ver. 1,
November 1993, Nippon Telegraph and Telephone
Corporation.
RFC 1779 X.500 String Representation of Distinguished
Names.
RFC 1858 Fragmentation
RFC 2284 EAP
Allied Telesis
Download from Www.Somanuals.com. All Manuals Search And Download.
AT-AR750S | SecureVPN Router
ACA TS 013.2:1990 General Requirements for Customer
Equipment Connected to ISDN Basic Rate Access,Vol 2:
Conformance Testing Specifications
ACA TS 014.1:1990 General Requirements for Customer
Equipment Connected to ISDN Primary Rate Access,Vol 1:
Customer Access Interface Specifications
ACA TS 014.2:1990 General Requirements for Customer
Equipment Connected to ISDN Primary Rate Access,Vol 2:
Conformance Testing Specifications
About AlliedTelesis
AlliedTelesis is part of the AlliedTelesis Group.
Founded in 1987, the company is a global
provider of secure Ethernet/IP access solutions
and an industry leader in the deployment of IP
Triple Play networks over copper and fiber
access infrastructure. Our POTS-to-10G iMAP
integrated Multiservice Access Platform and iMG
intelligent Multiservice Gateways, in conjunction
with advanced switching, routing and WDM-
based transport solutions, enable public and
private network operators and service providers
of all sizes to deploy scalable, carrier-grade
networks for the cost-effective delivery of
packet-based voice, video and data services.
Frame Relay
RFC 1490, 2427 Multiprotocol Interconnect over Frame
Relay
ANSI T1S1 Frame relay
Ordering Information
AT-AR750S
Order Number: 990-001107-00
Service and Support
Includes power cords for US, UK, Australia & Europe
AlliedTelesis provides value-added support
services for its customers under its Net.Cover
programs. For more information on Net.Cover
support programs available in your area, contact
your AlliedTelesis sales representative or visit
our website.
Port Interface Card Options
AT-AR020
Single configurable E1/T1 interface supporting channelized/
unchannelized Primary Rate ISDN/Frame Relay
Order Number: 990-001304-00
AT-AR021S (V3)1
(AT-AR021S V1 card is not supported on the AT-AR750S)
Single Basic Rate ISDN S/T interface
Order Number: 990-002153-00
AT-AR023
Single Synchronous port up to 2Mbps to an external
CSU/DSU (AT-V.35-DTE-00 or AT-X.21-DTE-00 cable required)
Order Number: 990-001104-00
AT-AR024
Four Asynchronous RS-232 interfaces to 115Kbps
Order Number: 990-001105-00
Software Upgrade Options
AT-AR700 - ADVL3UPGRD
AR700 series advanced Layer 3 upgrade:
• IPv6
• BGP-4
• Server Load Balancing
Order Number: 980-10022-00
1
®
AR021S (V3) requires AlliedWare Operating System
version 2.9.1-13 or later
USA Headquarters | 19800 North Creek Parkway | Suite 200 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895
European Headquarters |Via Motta 24 | 6830 Chiasso | Switzerland | T: +41 91 69769.00 | F: +41 91 69769.11
Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830
© 2007 AlliedTelesis Inc.All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners. 617-006220 Rev. L
Download from Www.Somanuals.com. All Manuals Search And Download.
|