
DSA-5100
Technical Specifications
Administration
-
-SSL protected administration/user authentication interface
-IP monitoring
-Customizable user login/logout web interface
-Targeted URL redirect after successful login
-Console administration interface
-
-SSH remote administration interface
-SNMP v.2 management standard
-External SYSLOG server
-User bandwidth control
-Remote firmware update
-Configuration data backup/restore
Software Specifications
Networking
WAN Fail Condition Handling
-WAN fail condition detection using ICMP echo mechanism to ping default gateway and DNS periodically
-2 configurable options prior to WAN failure: Display error message and block all access Allow free access without control
Policy Routing Profiles
-6 sets of policy routing rules
-10 rules for each policy routing set
NAT/Router Dual Mode Operation
Each VLAN/LAN port separately configurable to different modes of operation
Destination IP/Port Redirection
Maximum 40 definable IP/port redirection rules to force data packets to be redirected from one destination to another destination
Non-Authentication Private LAN Port
(For connection to desktops and servers)
Hosts on Private LAN still under control of firewall rules
Bridge Mode
-
-Limitations in bridge mode:
All device interfaces are bridged; VLANs are disabled Available only when WAN port is set to static IP address
First WAN Port Connection Methods
-Static IP address
-DHCP client
-PPPoE client
Second WAN Port Connection Methods
-Static IP address
-DHCP client
Built-In DHCP Server
-Each LAN port independently configurable/enabled
-Configurable functions: IP pool, leasing time, WINS, DHCP relay, DNS (per port, primary, secondary)
-Default IP of Public LAN: 192.168.1.40
-Default IP of Private LAN: 192.168.0.40
NAT Application Protocol Pass-Through
When client is under NAT segment, following protocols can be passed through: IPSEC (ESP), PPTP/L2TP, H.323
HTTP Proxy
Maximum 10 sets of external proxy servers
Inter-Segment Roaming
Authenticated users can roam between VLAN segments without changing their network settings or
Static Route Mapping
-Maximum 6 sets of policy routing rules
-Maximum 10 rules per policy routing set
AirSpot Gateway
Virtual Server Mapping
Maximum 40 configurable mapping rules
DMZ Server Mapping
Maximum 40 configurable DMZ server mapping rules
IP Plug-and-Play Support
Clients can use their existing
*This function (1) not supported in bridge mode, (2) does not allow any L3 switch between clients and
User Management
Access Control to LAN Port
Users must login first to gain network access
Group
-Maximum 6 user groups (1 guest group, 5 definable user groups)
-Each group configurable to have own name, filter rules, routing, bandwidth control and schedule control
MAC Address Control
Maximum 40 sets of MAC addresses
External User Database Failure Condition Handling
Displays error message with administrator's contact information
Logout Method
-Manual logout (password & ID
-By closing logout window (once
Login Method
-Automatic login through user's cached login information
-Customizable maximum remembrance of user ID
Multiple User Databases
Simultaneous support of multiple internal/external user databases for authentication
Guest User Configuration
Maximum 10 predefined guest accounts configurable as active or inactive
Local User Accounts
-Maximum 2000 user accounts
-User accounts configurable to associate with individual MAC addresses
-
RADIUS Authentication
-Primary/secondary RADIUS servers support for
-RADIUS authentication protocols supported: PAP, CHAP
-RADIUS attributes supported: Session Timeout, Idle Timeout
LDAP User Database
-Microsoft Active Directory support
-Configurable fields: LDAP server IP, port number, Base DN
POP3 Authentication
Primary/secondary POP3 mail server support