Lancom 1790EF User Manual
Routers & VPN Gateways
LANCOM 1790EF
High-speed Internet via Gigabit Ethernet or fiber optics
This business VPN router connects small and medium-sized companies that demand high levels of security and
performance. Thanks to the SFP port, it is the ideal basis for a professional high-speed VPN site connectivity -
via fiber optics or by connecting external modems over a Gigabit Ethernet WAN port.
a
High-speed Internet via Gigabit Ethernet or fiber optics
a
SD-WAN - automatic VPN and VLAN configuration via the LANCOM Management Cloud
a
5 integrated IPSec VPN channels (25 optional)
a
Network virtualization with up to 16 networks on one device (ARF)
a
Security Made in Germany
a
Maximum future compatibility, reliability, and security
DATASHEET
LANCOM 1790EF
High-speed Internet via Gigabit Ethernet or fiber optics
The LANCOM 1790EF is a powerful VPN router for
connection to external cable modems. The SFP port connects
to a fiber-optic cable (FTTx) to provide high-speed Internet
access for any industry or field of application and forms the
basis for high-performance, reliable networking.
Secure site networking via VPN
The LANCOM 1790EF offers a high level of security. The 5
already integrated IPSec VPN channels guarantee maximum
encryption for the secure connection of mobile employees
and the protection of corporate data. With the LANCOM
VPN Option, the router can be upgraded with up to 25 VPN
channels. So the network is optimally scalable and the
infrastructure grows when needed - without additional
hardware components.
Radical simplification of the configuration with
SD-WAN
In combination with the LANCOM Management Cloud, the
LANCOM 1790EF opens the way for automated
management. The software-defined WAN (SD-WAN) enables
the automatic setup of secure VPN connections between
sites, including network virtualization and backup across the
wide-area network: A few mouse clicks is all it takes to enable
the VPN function and select the required VLANs for each
site. The laborious configuration of individual tunnel
endpoints is no longer required at all.
Stateful Inspection Firewall
Equipped with a stateful inspection firewall, the LANCOM
1790EF protects the whole network. With features such as
intrusion prevention and Denial-of-Service protection, the
business VPN router provides optimal protection and secures
all of the data on the network.
Advanced Routing & Forwarding
The LANCOM 1790EF provides up to 16 securely isolated IP
contexts, each of which has its own separate routing. This
is an elegant way of operating IP applications with one
central router and keeping the different communication
channels securely isolated from one another.
Security Made in Germany
Software development, hardware development and
production take place primarily in Germany, as does the
hosting of the network management. Special attention is
given to providing trusted solutions with outstanding security
features. Another important security characteristic of the
products is that they are free from backdoors, as awarded
by the Germany Federal Ministry of Economy with the quality
seal „IT Security made in Germany“.
Maximum future-proofing
LANCOM products are based on professional expertise, Years
of experience in IT, and high-quality materials. All of ours
devices are equipped with hardware that is dimensioned for
the future and, even reaching back to older product
generations, updates to the LANCOM Operating System
family are available several times a year, free of charge. This
guarantees a long service life while staying technically up to
date, which represents a true protection of your investment.
Furthermore, LANCOM infrastructures are easily scalable.
Maximum compatibility means that networks are easily
extended with additional LANCOM components.
DATASHEET
LANCOM 1790EF
Layer 2 features
4.096 IDs based on IEEE 802.1q, dynamic assignment, Q-in-Q taggingVLAN
IGMP-SnoopingMulticast
Protocols
Layer 3 features
Firewall
Security
IPv4 services
IPv6 services
IPv6 protocols
WAN protocols
Security
High availability / redundancy
Ethernet over GRE-Tunnel (EoGRE), L2TPv3, ARP-Lookup, LLDP, DHCP option 82, IPv6-Router-Advertisement-Snooping, DHCPv6-Snooping,
LDRA (Lightweight DHCPv6 Relay Agent), Spanning Tree, Rapid Spanning Tree, ARP, Proxy ARP, BOOTP, DHCP, LACP
Stateful inspection firewall including paket filtering, extended port forwarding, N:N IP address mapping, paket tagging, support for
DNS targets, user-defined rules and notifications
Traffic shaping, bandwidth reservation, DiffServ/TOS, packetsize control, layer-2-in-layer-3 taggingQuality of Service
Intrusion Prevention, IP spoofing, access control lists, Denial of Service protection, detailed settings for handling reassembly,
session-recovery, PING, stealth mode and AUTH port, URL blocker, password protection, programmable reset button
PAP, CHAP, MS-CHAP, and MS-CHAPv2PPP authentication mechanisms
VRRP (Virtual Router Redundancy Protocol), analog/GSM modem backupHigh availability / redundancy
IPv4-, IPv6-, NetBIOS/IP multiprotokoll router, IPv4/IPv6 dual stackRouter
SD-WAN Application Routing in connection with the LANCOM Management CloudSD-WAN Application Routing
ARF (Advanced Routing and Forwarding) up to separate processing of 16 contextsRouter virtualization
HTTP and HTTPS server for configuration by web interface, DNS client, DNS server, DNS relay, DNS proxy, dynamic DNS client, DHCP
client, DHCP relay and DHCP server including autodetection, NetBIOS/IP proxy, NTP client, SNTP server, policy-based routing,
Bonjour-Proxy, RADIUS
HTTP and HTTPS server for configuration by web interface, DHCPv6 client, DHCPv6 server, DHCPv6 relay, DNS client, DNS server,
dynamic DNS client, NTP client, SNTP server, Bonjour-Proxy, RADIUS
RIPv2, BGPv4, OSPFv2, LISP (Locator/ID Separation Protocol)Dynamic routing protocols
DNS, HTTP, HTTPS, ICMP, NTP/SNTP, NetBIOS, PPPoE (server), RADIUS, RADSEC (secure RADIUS), RTP, SNMPv1,v2c,v3, TFTP, TACACS+IPv4 protocols
NDP, stateless address autoconfiguration (SLAAC), stateful address autoconfiguration (DHCPv6), router advertisements, ICMPv6,
DHCPv6, DNS, HTTP, HTTPS, PPPoE, RADIUS, SMTP, NTP, BGP, LISP, Syslog, SNMPv1,v2c,v3
VDSL, ADSL1, ADSL2 or ADSL2+ additional with external DSL modem at an ETH portWAN operating mode
PPPoE, Multi-PPPoE, ML-PPP, GRE, EoGRE, PPTP (PAC or PNS), L2TPv2 (LAC or LNS), L2TPv3 with Ethernet-Pseudowire and IPoE (using
DHCP or no DHCP), RIP-1, RIP-2, VLAN, IPv6 over PPP (IPv6 and IPv4/IPv6 dual stack session), IP(v6)oE (autokonfiguration, DHCPv6
or static)
6to4, 6in4, 6rd (static and over DHCP), Dual Stack Lite (IPv4-in-IPv6-Tunnel)Tunneling protocols (IPv4/IPv6)
Monitoring and blocking of login attempts and port scansIntrusion Prevention
Source IP address check on all interfaces: only IP addresses belonging to the defined IP networks are allowedIP spoofing
Filtering of IP or MAC addresses and preset protocols for configuration accessAccess control lists
Protection from fragmentation errors and SYN floodingDenial of Service protection
Detailed settings for handling reassembly, PING, stealth mode and AUTH portGeneral
Filtering of unwanted URLs based on DNS hitlists and wildcard filters. Extended functionality with Content Filter OptionURL blocker
Password-protected configuration access can be set for each interfacePassword protection
Alerts via e-mail, SNMP traps and SYSLOGAlerts
PAP, CHAP, MS-CHAP and MS-CHAPv2 as PPP authentication mechanismAuthentication mechanisms
Adjustable reset button for 'ignore', 'boot-only' and 'reset-or-boot'Adjustable reset button
VRRP (Virtual Router Redundancy Protocol) for backup in case of failure of a device or remote station.VRRP
For completely safe software upgrades thanks to two stored firmware versions, incl. test mode for firmware updatesFirmSafe
Optional operation of an analog or GSM modem at the serial interfaceAnalog/GSM modem backup
LCOS 10.32