14 Chapter 2 System Overview
NN40020-200NN40020-200
The following features make BCM50a and BCM50e attractive for small sites that want to become
Internet-capable and multi-site enterprises with many small sites. Until now, however, these sites
could not be part of the corporate WAN because of the high cost of traditional WAN connectivity
and managed service.
VPN
• 10 IPSec Branch Office Tunnels (peer-to-peer)
• IPSEC client termination supported
• support for bandwidth management
• support for Dynamically addressed peers – ABOT
• support for Client Tunnel origination (not
termination) to simplify the connection to a larger
VPN Router network
• IKEv1 Main Mode
• IKEv1 Quick Mode
• Diffie-Hellman Group 1,2
• IPSec Tunnel Mode
• ESP
• NAT Traversal
Security Services
• cryptographic services
• DES and 3DES
• data authentication SHA-1
• data authentication MD-5
• authentication services
• pre-shared secrets
• security services
• stateful firewall
• intrusion detection
• AES support
• digital certificates supported
• RADIUS support
NAT
• many-to-one, static, many-to-many
• port forwarding
• IPSec Pass through
• NAT support for tunnel mode IPSec tunnels
• Throughput traffic performance - 23.1 Mbps
Router
• Clear text routing
• Static – through tunnel
• RIP v1 – through tunnel and clear
text
• RIP v2 – through tunnel and clear
text
IP Services
• DHCP client
• DHCP server with support for Nortel Internet
Telephones
• DHCP Relay supported
• DNS Proxy
• DNS with VPN client
• WAN failover supported
• PPPoE
• PPTP (ethernet router only)
• Configurable MAC address
• Clear text traffic:
— WAN to LAN 33.9 Mbps
— LAN to WAN 30.5 Mbps