What are the features and capabilities of the Cisco VPN Router 251?

The specifications of the VPN Router 251 are as follows:



IP routing and network addressing

· RIPv1 and v2, ARP, ICMP

· PPPoE (two sessions)

· DHCP client and server: ‘static’ DHCP

· Dynamic DNS and DNS proxy

· NAT – many-to-many, many-to-one, one-to-one, port forwarding

VPN tunnelling

· IPsec, including AH and ESP with main and aggressive mode IKE


· Nailed-up VPN tunnels with control PING

· Support for branch VPN tunnels with NAT port forwarding

· Up to five VPN tunnels



· 3DES uses 3 independent keys; 168-bit key length (effective strength of 128 bits)

· 128, 192 or 256-bit AES

Authentication services

· 802.1x (via internal VPN Router 200 database or external RADIUS server)

· X.509 digital certificates (PKCS #7 and #10; SCEP and CMP for open SSL Certificate Authorities)

· Support for third-party Extensible Authentication Protocol (EAP) clients

· Shared secret

· Data authentication via SHA-1 or MD-5

VPN (Hard) Client support

· On-demand or manual VPN tunnel establishment

· Automatic IP fail-over assignment

· Support for RADIUS authentication

· Exclusive use mode

Stateful firewall

· Stateful packet inspection of up to 50 rules

· LAN to LAN, LAN to WAN, WAN to WAN

· Denial of Service (DoS) protection

· Attack logging and email alerts

· ALGs for CU-SeeME, FTP, H.323, IPsec, RealAudio, VDoLive

Voice-friendly capabilities

· SIP/H.323 ALGs for firewall and NAT traversal

· Port-restricted Cone NAT for Nortel Unistim VoIP forwarding

· Class-based queueing and bandwidth management for latency-sensitive VoIP traffic

· Interoperable with Nortel Multimedia Communication Server, BCM and Communication Server VoIP portfolios


· VPN Router Multi-Element Manager provides multi-device configuration for up to 2,500 VPN router devices, including the VPN Router 200 series

· Web-based browser (HTTP) and/or Command-line interface (CLI) configuration

· SNMP monitoring/alerts

· Easy Install utility for centralized remote set-up

· SSL/SSH administration

· SFTP for software downloads

· Denial of Service (DoS) attack alert and logging capability

Environmental compliance

· FCC Class B

· Underwriters Laboratory


· FCC Part 68 (for xDSL devices)

· CE