ADTRAN 2300 User Manual

89.05 Kb

Product Features

IPSec VPN tunneling with DES/3DES encryption

Internet Key Exchange (IKE) for user authentication

Stateful inspection firewall security

DMZ Port for public server access

Hardware Encryption Accelerator

Up to 100 private encryption tunnels

Logging and alerts


10/100 BaseT Ethernet interfaces for flexible connectivity

NetVanta 2300

Mid-RangeVPN Gateway and Firewall

The ADTRAN NetVanta2300 is amid-rangeIPSec compliant gateway providing all the necessary components required to secure an integrated VPN solution.As a branch office or mid-size host security gateway, the NetVanta 2300 provides several key security features such as IPSec VPN tunneling with DES or 3DES encryption, stateful inspection firewall, and IKE for user authentication supporting public/private keys or digital certificates. In addition, it also offers a DMZ port for public server access, a hardware encryption accelerator for faster encryption throughput and up to 100 simultaneous VPN tunnels.

Security: On a public infrastructure like the Internet, security is of the utmost importance.

The NetVanta 2300 protects the corporate network against attacks with a built-infirewall and provides data security through encryption, authentication and key exchange. The NetVanta

2300 employs a stateful inspection firewall that protects an organization’s network from common cyber attacks including TCP synflooding, IP spoofing, ICMP redirect, land attacks, ping-of-death,and IP reassembly problems. The NetVanta 2300 also encrypts the data being sent out onto the network, using either the DES (Data Encryption Standard) or 3DES encryption algorithms. Data integrity is ensured using MD5 or SHA1 as it is transported across the public infrastructure. In addition, Internet

Key Exchange (IKE) can be used for user authentication supporting public/private keys or digital certificates, assuring that the proper VPN tunnel is established and that the tunnel has not been redirected or compromised.

VPN Tunneling: NetVanta 2300 is an IPSec compliant device that supports both ESP and AH protocols and provides secure communication over potentially unsecure network components. As a security gateway, the NetVanta 2300 can support up to 100 private encryption communication tunnels through the Internet from remote locations. The NetVanta 2300 can also hide IP addresses from the external world by performing Network Address Translation (NAT).

Web-basedManagement:Configuring a remote

NetVanta 2300 can easily be managed using a standard web browser. NetVanta 2300 has builtin alert and logging mechanisms for messaging and mail services. This enables the unit to warn administrators about activities that are going on in the network by logging them into a SYSLOG server or sending an email to the administrator.

The NetVanta 2300 offers guaranteed interoperability with ADTRAN’s complete line of NetVanta

2000 Series of VPN/Security gateways: NetVanta

2050 for work-at-hometelecommuters, NetVanta

2100 for small office connectivity, NetVanta 2400 for larger corporate host applications, and the software implemented, NetVanta VPN Client.

Together the NetVanta 2000 Series offers the most robust features and functions to address a wide range of enterprise VPN needs.


Attn: Enterprise Networks

901 Explorer Boulevard

Huntsville, AL 35806

P.O. Box 140000

Huntsville, AL 35814-4000

256 963-8000voice

256 963-8699fax

256 963-8200fax back

General Information


Pre-SalesTechnical Support

800 615-1176toll-free

Where to Buy


Post-SalesTechnical Support


ACES Installation & Maintenance Service


International Inquiries

256 963 8000 voice

256 963-6300fax

For the regional office nearest you, visit:

ADTRAN is a ISO 9001 registered company.


TL 9000 registered company.

Printed in the U.S.A. 61200366L1-8BJuly 2002 ©2002 ADTRAN, Inc. All rights reserved.

NetVanta 2300

Mid-RangeVPN Gateway and Firewall

Product Specifications

Physical Interface

WAN: RJ-4510/100Auto-SensingEthernet interface

LAN: RJ-4510/100Auto-SensingEthernet interface

DMZ: RJ-4510/100Auto-SensingEthernet interface

Serial Port: RS-232foroff-netconfiguration

Virtual Private Network (VPN)

Hash Algorithms

MD5-HMAC128-bitauthentication algorithm

SHA1-HMAC160-bitauthentication algorithm




Diffie Hellman Group Support

Group 1: MODP 768

Group 2: MODP 1024

Authentication Mechanisms

Preshared keys

X.509 Certificate Support:

RSA Signatures, DSS Signatures

Key Management


IPSec Mode


IKE Modes





Stateful inspection firewall

Application content filtering

Cyber assault protection

HTTP Relay


Front Panel Status LEDs

Power – status

VPN – status, transmit, receive

LAN – transmit, receive

WAN – transmit, receive



Static Routes




SYSLOG logging in WELF format

Email alerts (SMTP)

User and group access control policies based on time-of-day

User accounting policy statistics


Server (to manage IP addresses on local network)

Client (to acquire the WAN-sideIP address from service provider)


Client (to acquire the WAN-sideIP address from service provider)

Address Translation

Basic NAT (1:1)

NAPT (Many:1)

Reverse NAT (translation of an inbound session’s destination IP address)


Operating Temperature

0° to 50 °C (32° to 122 °F)

Storage Temperature

-20°to 70 °C(-4°to 158 °F)

Relative Humidity

Up to 95%,non-condensing


Size: 1.25" H, 17.25" W, 7.75" D

Weight: 7 lbs (shipping weight)

Power: 100 - 250 vAC, 50/60 Hz

Agency Approvals

FCC Part 15 (Class B)

UL and Canadian UL (CUL), IEC/EN, CSA

Product Includes

User manual

AC power cord

Rackmount brackets

Ordering Information


Part #

NetVanta 2300


100-250VAC50/60Hz 0.2A






















Specifications subject to change without notice. ADTRAN and NetVanta are trademarks of ADTRAN, Inc. All registered trademarks and trademarks mentioned in this publication are the property of their respective owners.