All devices offer the possibility of configuring a "Demilitarised Zone" (DMZ). This is a separ-
ate network located between the internal LAN and the Internet. The DMZ is the place for all
services that have to make direct contact with the Internet. If a web or mail server in the
DMZ is attacked, this has no effect on the security of your internal network.
PBX
TR200aw and TR200bw give you the user-friendly features you are familiar with from con-
ventional PBXs, such as call waiting, phone book or day/night switching. You can also use
functions such as direct call or call through, set up automatic route selection or restrict ac-
cess to certain external telephone numbers.
IP Telephony
The application level gateway allows IP telephones in the LAN to establish a connection
with SIP providers without neglecting the security of the WAN connection. To do this, the
SIP proxy monitors the signalling process between the IP telephone and SIP provider and
makes the necessary NAT and firewall releases dynamically for the duration of the commu-
nication.
Wireless LAN
The wireless interface of TR200aw/bw transfers the data at max. 54 mbps (802.11g) and is
compatible with the 11 mbps variant 802.11b in the same frequency range. Encryption via
the WLAN interface can take place via WPA and WPA2. Virtual WLAN interfaces can be
defined via multi-SSID. This means that different rules of access to the WLAN can be im-
plemented, e.g. to log in internal personnel and external visitors.
IPSec
Both devices have a powerful IPSec implementation and have two active VPN tunnel li-
cences ex works. In addition to encryption via AES or 3DES, the devices offer authentica-
tion via certificates or preshared keys. In order to optimise the encrypted traffic flow, it can
be compressed using IPComp. The Dead Peer Detection function allows the availability of
the tunnel endpoint to be checked and restores it if inactive. NAT Traversal is also suppor-
ted, as is the connection of RADIUS or for authentication.
Configuration and maintenance
A number of options are available for configuring your gateway. Configuration with the
Funkwerk Configuration Interface is operating system-independent. Your device is ready
for operation in just a few minutes.
Remote maintenance
TR200aw and TR200bw can also be configured and maintained remotely. As soon as your
device is connected to the ISDN - even in its ex works state - configuration settings can be
1 Introduction
Funkwerk Enterprise Communications GmbH
4
funkwerk TR200aw/bw
