Networking
Supports ISDN connection |
Y |
Security
Firewall security |
SIF, NAT/PAT |
Authentication method |
802.1x RADIUS, TACACS+ |
VPN support |
IPSec\nGRE v.0\nPPP/PPTP\nL2TP |
VPN tunnels quantity |
10 |
System event log |
Y |
Firewall |
Y |
Ethernet LAN features
Cabling technology |
10/100/1000Base-T(X) |
Ethernet LAN data rates |
10, 100, 1000 Mbit/s |
Ports & interfaces
WAN connection |
Ethernet (RJ-45) |
Protocols
Routing protocols |
OSPF, RIP-1, RIP-2 |
DMZ support |
Y |
Management protocols |
HTTP, SNMP, SSL, SSH |
DHCP client |
Y |
DHCP server |
Y |
Mobile networking
Data network |
Not supported |
Power
Power over Ethernet (PoE) |
N |
Management features
Quality of Service (QoS) support |
Y |
Reset button |
Y |
Web-based management |
Y |
Design
Form factor |
1U |
Rack mounting |
Y |
Additionally
Ethernet LAN connection |
Y |
Ethernet LAN (RJ-45) ports quantity |
5 |
VPN Gateway w / PRI Interface, 10 IPSec Tunnels, 5 x Gigabit Ethernet RJ-45, UK version
The VPN gateway with PRI interface
The R4402 ISDN VPN gateway is used in companies that require advanced ISDN functionality. Up to 68 ISDN channels are available for various ISDN applications such as ISDN remote access servers, ISDN backup, and ISDN leased lines.
The bintec R4402 is a powerful and, thanks to its comprehensive equipment, flexible VPN gateway. With its 19-inch metal housing and highly efficient internal switched-mode power supply the gateway guarantees long-term reliability in critical corporate applications. This makes the R4402 ideal for use as a VPN gateway in SMEs and company head offices. The device has five Gigabit Ethernet ports, which can be configured for LAN, WAN or DMZ, and comes with a licence for ten hardware-accelerated IPSec tunnels. Up to 100 additional IPSec tunnels can also be enabled if licensed.
The device comes with two ISDN BRI-S0 and two ISDN PRI-S2M interfaces. In total is provides 68 ISDN-B channels for different ISDN applications such as ISDN backup, ISDN remote access server or ISDN leased lines.
Using functions flexibly
Only a few functions are required to forward data between two networks. Bintec gateways have features that go far beyond just routing and allow it to be seamlessly integrated into complex IT infrastructures.
As routing protocols, you can use RIP, OSPF or the Multicast routing protocol PIM-SM for example, and the comprehensive multicast support makes the device ideal for use in multimedia and streaming applications.
Even the basic equipment of the bintec R4402 provides a SIP application level gateway (ALG) for the direct connection of IP telephones in the network or for registering with a VoIP provider. The ALG automatically controls the internal firewall making it easier to configure your VoIP solution.
Thanks to the integrated quality of service, you can prioritise VoIP traffic over normal internet traffic, for example, and thereby always ensure sufficient bandwidth for your IP voice connections. Alternatively you can give normal data traffic priority over e-mail traffic.
The DNS proxy function supports the LAN for address implementation and the automated IP configuration of PCs is carried out over an integrated DHCP server.
Remote CAPI is available for the joint use of various ISDN services.
Comprehensive IPSec implementation
The IPSec implementation integrated in bintec R4402 works not only with preshared keys but also with certificates. This allows a public key infrastructure to be created for maximum security. (The Federal Office for Information Security also recommends the use of certificates.)
Furthermore, the bintec IPSec implementation offers support when creating VPN connections with dynamic IP addresses: Even small branch offices can be reached without having to be permanently online. If both VPN nodes only have dynamic IP addresses, confidential information can continue. The exchange of IP addresses is carried out either over dynamic DNS providers or directly over an ISDN connection. The actual dynamic IP address is transferred either free of charge in the ISDN D-channel or, if this is not possible, in the B-channel (at cost).
By using IKE Config mode and the bintec IPSec multi user this offers the opportunity to create and manage IPSec dial-in solutions for multiple clients with minimal expense and IKE X-Auth (extended authentication) allows a connection to be secured with a one time password and thus with the highest level of security.
Load Balancing/Redundancy
The IPSec implementation integrated in bintec R4402 works not only with preshared keys but also with certificates. This allows a public key infrastructure to be created for maximum security. (The German Federal Office for Information Security also recommends the use of certificates.)
Furthermore, the bintec IPSec implementation offers support when creating VPN connections with dynamic IP addresses: Even small branch offices can be reached without having to be permanently online. If both VPN nodes only have dynamic IP addresses, confidential information can continue. The exchange of IP addresses is carried out either over dynamic DNS providers or directly over an ISDN connection. The actual dynamic IP address is transferred either free of charge in the ISDN D-channel or, if this is not possible, in the B-channel (at cost).
By using IKE Config mode and the bintec IPSec multi user this offers the opportunity to create and manage IPSec dial-in solutions for multiple clients with minimal expense and IKE X-Auth (extended authentication) allows a connection to be secured with a one time password and thus with the highest level of security.
Simple configuration and maintenance
The gateway is configured over the Configuration Interface (FCI), using the integrated configuration wizards for example. The FCI is a web-based graphic user surface that you can use from any PC with an up-to-date Web browser via an HTTP or encrypted HTTPS connection. It also offers the opportunity to manage the devices locally and remotely over other configuration accesses such as Telnet, SSH and ISDN login.
In addition the R4402 offers the option of the Teldat WLAN Controller.
The Teldat WLAN Controller allows the configuration and monitoring of small and medium sized WLANs with up to 72 access points.
Whether it is for frequency management which automatically determines the radio channels, for the support of virtual LANs or for the management of virtual radio networks (Multi SSID)—the WLAN Controller offers easy control over all advanced features. Our software continuously monitors the entire wireless LAN and immediately reports outages and security risks.DIME Manager fromTeldat is a free tool for managing Teldat devices.
DIME Manager is aimed at administrators who manage networks with up to 50 devices. The software simplifies the management and configuration of gateways or access points either individually or in logical groups.
When developing DIME Manager, simple and efficient operation was the primary aim. It allows, for example, software updates to be applied to individual devices or groups of devices simply by drag and drop. DIME Manager recognises and manages new devices in the network using SNMP multicast, in other words independent of their current IP address.