2013 / 2014

Router Catalog

Our Commitment to Excellence

Known for
reliability
Chosen for
quality
Recognized for
innovation

Allied Telesis is a world-class leader in delivering IP/Ethernet network solutions to the

global marketplace. We create innovative, standards-based IP networks that seamlessly
connect users with their voice, video, and data services.
Publicly traded in Japan and with major corporate divisions in Europe, Asia, and the
Americas, Allied Telesis is a truly international company ready to service, support, and
supply a globally connected customer base of diverse enterprises, organizations and
governments. Our partners include the worlds largest distributors, integrators, solution
providers and resellers to ensure you receive immediate local service and support.
Our solutions are used in a wide variety of complex networking applications, and
optimized for very demanding and highly specialized markets such as healthcare, IP
surveillance, hospitality, the military and public utilities, to name but a few. Because
we provide world-class quality and performance at prices suited to budgets facing a
challenging world economy, Allied Telesis has become the default standard for many of
todays critical network operations.
Our worldwide research and development centers work to bring you innovative
products that help your company succeed. We also operate state-of-the-art
production facilities, compliant with the worlds most-stringent environmental policies,
manufacturing more than 600 different products every month, and shipping globally.
As a major industry manufacturer, Allied Telesis is committed to providing you with
solutions comprised of products designed and built to the highest-possible standards
and quality. Our manufacturing conforms to ISO 9000 standards, and all of our facilities
adhere to the strict ISO 14001 standard to ensure a healthier world environment.
Allied Telesis has been designing, manufacturing and selling networking products
for more than a quarter of a century. Our solution-based philosophy of producing
products of the highest quality, at affordable prices, with extensive service and support,
has resulted in Allied Telesis products being deployed in networks of all types and sizes
around the world. Our proven track record of solid technology, excellent support and
full-featured software and hardware has enabled Allied Telesis to become a worldwide
de-facto standard in many areas of network technology. With a portfolio of products
providing end-to-end networking for service provider, enterprise and SMB customers,
Allied Telesis is the natural choice for many world-class organizations.
As a leading provider of networking infrastructure, Allied Telesis today enables efficient
and reliable delivery of voice, video, and data services. We are committed to innovating
the way in which services and applications are delivered and managed, resulting in
increased value and lower operating costs.

Allied Telesis Routers

alliedtelesis.com/routers

Secure Remote Access Solutions 2

Desktop from Anywhere....................................................................................... 3
Secure Mobile Networking................................................................................... 4
Secure Medical Networks..................................................................................... 5
Secure Teleworker............................................................................................... 6
Dynamic DNS Service...........................................................................................7
Access to Third Party Clients................................................................................ 8
Small Branch Office............................................................................................. 9
Large Branch Office........................................................................................... 10
Corporate Headquarters......................................................................................11
Managed VoIP Service Application 12
Bridged Tagged VLANs...................................................................................... 13
PPPoE Access Concentrator............................................................................... 14

Standard Features 15
Advanced Features 17
Allied Telesis Routers 19
AR400 Series....................................................................................................20
AT-AR415S........................................................................................................20
AT-AR440S/AR441S..........................................................................................20
AT-AR442S........................................................................................................20
AT-AR700 Series................................................................................................21
AT-AR750S.........................................................................................................21
AT-AR750S-DP...................................................................................................21
AT-AR770S.........................................................................................................21

Specifications 22

Allied Telesis Routers | 1

Secure Remote Access Solutions

Allied Telesis WAN and Internet Multiservice Access Routers
include solutions for T1/E1, ISDN, xDSL, and leased-line
connections. This comprehensive, high-performance line
features hardware and software functions such as advanced
routing, Quality of Service (QoS), IPv6, support for traditional
protocols (IPX, frame relay), and advanced security including
stateful inspection firewall. Allied Telesis routers deliver the
breadth of functionality that small- and medium-sized businesses
require at a price point they can afford. This, combined with
industry-leading reliability, makes Allied Telesis your most
trusted networking partner.
Secure remote access from mobile devices
Allied Telesis routers have been used for many years as access
concentrators for secure connections from employees on
the road or in the office. With the rapid expansion of the
smartphone and tablet market, the demand for secure remote
access into office LANs has grown enormously. The Allied
Telesis routers flexible IPSec implementation and robust L2TPin-IPSec support makes it ideally suited for this application.
Proven interoperability with popular mobile operating systems,
and reliable optimized IPSec performance, results in an ideal
remote access solution.
Allied Telesis routers provide a simple and secure mobile
connectivity solution for smartphones and tabletsto access
documents, check updates, find contact information, and more
anytime, anywhere.

2 | Allied Telesis Routers

Allied Telesis routers are well suited for remote

access applications as they are interoperable with
popular mobile operating systemssuch as iOS,
Android, and Windows, and Mac OS Xin a wide
range of configurations.
Allied Telesis routers support:
L2TP in IPSecseparately authenticated
connections, configurable per-user address
allocation, and filtering/routing options.
NAT-TVPN tunnels allowed to pass through
NAT so that tunnels originating from hosts on
private LANs can connect successfully.
DYNDNSaccess to servers on a site with
dynamically allocated IP addresses.
Quality of Serviceprioritized real-time data
and bandwidth fairly allocated to different
connections.
Tunneling multicast datamulticast-based
server applications and remote video cameras.
Certificate-based IPSec authenticationfull
integration into PKI infrastructure to receive
certificate revocation lists, etc.
TunnelingIPv4 in IPv6 and IPv6 in IPv4
tunneling.

alliedtelesis.com

Desktop from Anywhere

Remote Access to Windows Desktop
In this solution, remote smartphone/tablet devices connect to a PC in the office
using Windows Remote Desktop via a secure VPN to an Allied Telesis router.
The remote devices can access any application on the office PC without extra
configuration.
All data remains safe in the office
Remote mobile devices have read only access

Router

Router

Branch office

Headquarters
Internet
Default VPN
client

Remote
devices

Inter-site VPN
Mobile access VPN

Allied Telesis Routers | 3

Secure Mobile Networking

Mobile Networking for Mobile Workers
Here, the Allied Telesis mobile access solution with smartphone/tablet helps
perform out of office business activities for users such as:
Insurers

Local government

Bankers

Tradesmen

Realtors

By removing the need to store confidential information on devices, users can

view and update data via a mobile device. The data is not stored on the mobile
device; so, if the device is lost or stolen, no information is lost with it.

Headquarters

Data is securely
stored here

Router

Internet
Default VPN
client

Remote
device

4 | Allied Telesis Routers

Data is viewed
not stored

Internet access
Mobile access VPN

alliedtelesis.com

Secure Medical Networks

Secure, Reliable Medical Networks
Using a simple, lightweight smartphone or tablet, medical personnel can
remotely access records held on hospital database servers when visiting patients
at home. The device is unobtrusive during the consultation, and does not rely
on Internet connectivity at the patients home.
Medical practitioners can connect securely to national or regional medical
data systems. Allied Telesis routers have proven their reliability and security in
medical applications.

National/Regional
medical databases

Hospital
Router
Internet

iPhone / iPad

Router

Medical
consulting rooms

Patients home

Allied Telesis Routers | 5

Secure Teleworker
VPN Access From a Hotel or Home

This scenario illustrates secure VPN access for two different types of
teleworkersthe home and the professional.
Home teleworker
A home-based data-only teleworker uses an Allied Telesis ADSL router to
connect to corporate headquarters over a broadband Internet connection.
The teleworkers business PC is running software VPN, which is terminated by
an Allied Telesis secure modular VPN router.
The teleworker may also share the broadband Internet connection with other
family PCs linked via wired or wireless LAN connections. Because the VPN
is software-based and only enabled on the business PC, any other network
users are prohibited from accessing the corporate VPN.
Professional teleworker
The professional teleworker requires both data and a low-cost digital voice
connection or Voice over IP (VoIP). The Allied Telesis router is acting as a
secure VoIP gateway. QoS capabilities within the router prioritize the delivery
of high-quality digital voice.

What is
NAT-Traversal?
For many routers, address
translation interferes with
the VPN connection. NATTraversal in Allied Telesis
routers encapsulates the VPN
packets in User Datagram
Protocol (UDP). The address
translation is applied to the
outer UDP layer, so the VPN
packets inside are transmitted
unaltered.

Office
IPsec VPN connection

Router

Internet
Wi-Fi
Default VPN
client

Default VPN
client
NAT
Traversal

Home or Hotel

6 | Allied Telesis Routers

Mobile network

3G

alliedtelesis.com

Dynamic DNS Service

Built-in Dynamic DNS

Allied Telesis routers support Dynamic DNS, which reduces the running cost
for Internet access lines. If a user hosts an online service in their small/medium
business, they will need this service to be constantly accessible. In addition, they
will need the service to be addressed by a human-readable domain name.
ISPs often charge a premium for a connection that has a fixed IP address
associated with a domain name. However, Dynamic DNS allows the use of a
normal ISP connection with a changing IP addressallowing a hosted service to
be constantly accessible via a domain name.
Allied Telesis routers feature built-in capability to interoperate with low-cost or
free Dynamic DNS services, saving the user significant ISP costs.

Office

Can use
dynamic IP
access line
service

Se

Router

3
Default VPN client

r
rve

Dynamic
DNS server

Internet

2
Customer
premises
equipment

DNS server

Home

1: Allied Telesis router registers for Dynamic DNS server

2: Mobile device sends query to DNS server
3: Mobile device accesses Allied Telesis router by VPN

Allied Telesis Routers | 7

Access to Third-Party Clients

Secure Access

Allied Telesis routers create authenticated tunnels from different remote

addresses, allowing business clients to transfer data to and from their server.
Businesses such as print shops, magazine publishers and video production
houses require file uploads and downloads for their clients. These file transfers
require secure connections from the clients private LANs to the operations
private LAN. Clients will often be using dynamically addressed internet
connections.
The clients connections must be authenticated as well as encrypted. Once a
client has connected, the router must associate the clients tunnel with a route
to the clients private LAN.

What is RADIUS?
Remote Authentication Dial-In
User Service is a networking
protocol that provides
centralized authentication,
authorization, and accounting
management for computers
to connect and use a network
service.

Allied Telesis routers offer a flexible, scalable solution, based on authenticated

L2TP tunnels within IPSec, with RADIUS-served dynamic route allocation.

te
va
Prirver
e
S

Office

S
DIU
RA rver
Se

Router
Internet

Client

te
va
Prirver
e
S

te
va
Prirver
e
S
te
va
Prirver
e
S

8 | Allied Telesis Routers

Client

Client
Private-to-Private connections,
tunneled through IP Sec VPN

alliedtelesis.com

Small Branch Office

Resilient VPN Connections

In this example, Allied Telesis routers connect multiple users in two small branch
offices to the corporate headquarters, via a secure VPN connection. VPN
encryption is provided in hardware by the routers.
The Internet connection is provided by a resilient pair of ADSL or fiber
connections via different ISPs. Internet data is shared across the connections
using WAN load balancing. If either connection fails, all data will be carried
by the remaining connection. This provides a resilient connection with higher
bandwidth, at a reasonable cost.

IPS1

Branch Office

S
AD

Internet
SBx908

SL

AD

IPS2

Leased line
Frame Relay

AR

5S

L
S

41

AR

L
S

Corporate Headquarters

5S

SL

AD

S
AD

S
750

41

AR

x510-PoE

SL

AD

SL

AD

Branch Office

1 Gigabit link
10/100 link
Link aggregation

Allied Telesis Routers | 9

Large Branch Office

Faster Data Transmission

Many large branch offices send large volumes of data to their corporate
headquarters. As ADSL does not provide adequate upstream bandwidth,
Allied Telesis routers offer an SHDSL option, which provides high-speed
bandwidth both upstream and downstream. This symmetrical service allows
branch VoIP phones to connect to a soft switch at their corporate headquarters,
thus reducing the need for additional VoIP services in the local office.
In this solution, resiliency could be provided by a backup connection via another
service, such as Primary Rate ISDN.
To eliminate the risk of initial encryption keysknown as pre-shared keys
being leaked, the routers can use digital certificates for authentication. The
VPN network can be fully integrated with a certificate server system to receive
certificate revocation lists.

x510-PoE

Cert.
Server

x210-PoE
x610-PoE

SBx908

Certificate
Authority

10 | Allied Telesis Routers

Leased
Line
Frame
Relay

5S

Corporate Headquarters

41
AR

PRI
ISDN

0S

5
AR7

SHDSL

Branch Office

Internet

10 Gigabit link
1 Gigabit link
10/100 link
Link aggregation

alliedtelesis.com

Corporate Headquarters
Triple Play, Multi-Site Network Application
In this scenario, an Allied Telesis router in the headquarters office can provide a
high-availability, data-symmetrical connection to the Internet over a leased line
or Ethernet connection. The connection ensures sufficient bandwidth for all
traffic, with the router providing enough concurrent VPN tunnel terminations to
handle all remote users connecting to corporate headquarters.
The corporate VPN network can be used for voice, video, and data services.
Allied Telesis routers act as secure VoIP gateways, and can tunnel multicast or
unicast video.
The Quality of Service (QoS) capability of the Allied Telesis router manages the
prioritization and bandwidth allocation for different types of traffic. Real time
applications like VoIP and video can operate effectively on the same connection
that is carrying bulk data: file transfers, email, web browsing, and the like. QoS
protects voice and video streams from surges in the bulk data load, providing a
smooth user experience.

A wide range of
connectivity options are
available in Allied Telesis
routers: ADSL, SHDSL, E1,
T1, X.21, V.35, Frame Relay,
X.25, PPP, PPPoE, PPPoA,
and 10/100/1000 Ethernet.
A highly distributed
organization can utilize
the best connectivity
options that are available at
different locations.

London Sales Office

Mobile Teleworker

New York Headquarters Office

Video
Conference
Video
Conference

x510-PoE

x610-PoE

4
AR

Web
Server

15

SIP

Cert.
Server

50S

AR7

Wide Area
Service / Internet

Inventory &
Shipping
Database

Video
Conference

AR
5S

41

Certificate
Authority

Singapore Manufacturing Plant

Allied Telesis Routers | 11

Managed VoIP Service Application

VoIP Service
In this scenario, separate providers supply data and voice services to a set
of Multi-Tenant Units (MTUs). Allied Telesis AT-AR750S routers operate as
gateways from the MTUs to the voice service providers public network.
A VoIP service provider hosts their SIP server on a location with a public
IP address. The client phones in tenants individual premises are on private
networks. The gateways from the private networks to the public address space
are Allied Telesis routers operating as NATing firewalls to enable multiple
phones on the private networks to share a single public NAT address. The
routers also perform a Session Initiation Protocol Application Layer Gateway
(SIP ALG) function. The SIP ALG functionality adjusts addresses within the VoIP
packets to enable seamless translation from the private address space to the
shared public address of the firewall.
The SIP ALG of the Allied Telesis AT-AR750S router is robust and scalable. It
has been well proven in a number of different environments, interoperating
with a variety of SIP servers and VoIP phones.

Data Network
VoIP Network
SIP Server

AR

SIP ALG

SIP ALG

0S
75

0S
75

SIP ALG

AR

50S

AR7

10

10

x6

x6

x61

10

10

x2

x2

x21

10

10

x2

x2

x21

SIP ALG - Session Initiation Protocol Application Layer Gateway

12 | Allied Telesis Routers

alliedtelesis.com

Bridged Tagged VLANs

Tagged VLAN WAN Bridging
Bridging of Ethernet LANs across a wide-area connection is an effective means
of simplifying a multiple-site network environment. The equipment attached to
the networks at both sites can operate as though connected to the same
Layer 2 LAN, with no special configurations required to allow for a Layer 3
network environment.
Using bridging to unify multi-site LANs is particularly valuable when there are
multiple VLANs in use. Each VLAN can extend across multiple sites, and the
access policies and addressing schemes defined for each VLAN apply equally
at each site. Having a Layer 3 hop between the sites completely breaks the
uniformity of the VLANs, and greatly complicates the task of providing an
equivalent connectivity experience throughout a given VLAN, irrespective of
physical location.
Bridging of tagged VLANs is a valuable network service. Some service providers
offer such a capability, but at considerable cost. Businesses can avoid this cost
using the tagged VLAN bridging functionality of the Allied Telesis router,
and extend VLANs across multiple sites while using a standard wide-area
connection.

VL

AN

10

AN

VL

VL

AN

30

VL

AN

30

10

TE

RO

VL

VL

AN

20

0
N2

IPSec tunnel bridging tagged VLANs

Internet

TE

RO
The tagged VLAN bridging connection can be encapsulated within
IPSec and L2TP, just like a standard bridged connection between Allied
Telesis routers. Moreover, the number of bridged VLANs, and the
VLAN IDs of the bridged VLANs, are entirely under your control
there is no need to request that the service provider change the service
configuration.

VL

VL

0
N3

VL

3
AN

0
VL

AN

20

VL

AN

AN

10

VL

AN

10

20

Allied Telesis Routers | 13

PPPoE Access Concentrator

Distributed PPPoE Access Concentration
Allied Telesis routers include PPPoE Access Concentrator functionality.
Depending on the model in use, the router can terminate up to a few hundred
PPPoE connections. It is ideally suited as the PPPoE termination point in a MultiTenant Unit (MTU). Using the gateway router of the MTU as the PPPoE access
concentrator has the following advantages:
It precludes the need to provision an expensive central Broadband Remote

Access Server (BRAS). By using the per-building gateway deviceswhich

must be present anywayas the PPPoE Access Concentrators, the PPPoE
access concentration effectively comes free, rather than at the cost of an
expensive BRAS.
It eliminates a single point of failure. By distributing the PPPoE access
concentrators to the buildings, the failure of a single router will only affect
its local building. In contrast, the failure of a central BRAS is significantly
disruptive.
It allows the service provider more flexibility in their network structure.
Because the PPPoE connections are terminated at the egress points of
the buildings, there is no need to provide Layer 2 connections all the way
to a centrally located BRAS. There is much less restriction on where the
Layer3 hops in the network need to be.

Note that distributing the PPPoE access concentration in this way does
not complicate the user database management. The user credentials
can still be stored centrally in a RADIUS server, which is accessed by the
Allied Telesis routers. There is no need to distribute the user information
to individual routers.

Apartment
Building

Fiber link
Copper link
CPE

Customer Premises Equipment

C
P
P
g

IP in
t
u

o
Er
o
P

DIU

RA

Router operating as
PPPoE Access
Concentrator
14 | Allied Telesis Routers

Service Provider
network
alliedtelesis.com

Standard Features
Extensive VPN capability
Encryption: AES 128, AES 192, AES
256, 3DES
IPSec authentication: SHA1, MD5
PKI
NAT-T
Supports industry-standard VPN
clientsWindows, Mac OS X, iOS,
Android, Linux
Allied Telesis routers provide extensive
IPSec-based VPN capability, allowing
the interconnection of branch offices,
remote teleworkers, and other
users who require secure access to
a corporate network. This capability
provides a cost-effective alternative
to long-distance dialing, leased line or
frame-relay connections. Allied Telesis
routers come complete with integrated
hardware acceleration to maximize
encryption and throughput during
secure communication.
The products are compatible with
industry-standard IPSec VPN clients, and
have proven interoperability with a wide
range of IPSec peers. Two GUI wizards
for site-to-site and remote access VPNs
make VPN configuration simple.

Filtering and authentication

IP access-list filtering
Authentication: RADIUS, TACACS,
PAP, CHAP
Allied Telesis Stateful Inspection
Firewall
Allied Telesis high performance Stateful
Inspection Firewall significantly enhances
the overall security of business-critical
information. Depending on the model,
the routers deliver up to 1 Gbps of
firewall throughput.
The Firewall provides a high level of
security by supplying full application layer
awareness without breaking the client/
server model.
Offers per packet dynamic access

control (Stateful Inspection) for all

traffic reaching the firewall.
Protects against a wide range of
Denial of Service (DOS) attacks,
including Ping of Death, Smurf
attacks, port scans, fragment
attacks and IP Spoofing.
Sends automatic email alerts to
initiate appropriate action.

Every event seen by the firewall is

comprehensively logged to provide

a complete audit trail.
Highly configurable traffic-matching
rules, to support specialized
requirements.
Integrated Network Address
Translation. The address translation
policies can be directly incorporated
into traffic-matching rules.
Initial configuration of the firewall is
made simple by a GUI application built
into the routers. The firewall can be
further tailored to a networks specific
needs by creating a set of rules, using
intuitive rule-definition command syntax.
The firewalls configurable alerts notify
users if attacks are occurring. Protection
from attacks is even more useful when
the firewall provides visibility of what is
going on.

Allied Telesis Routers | 15

Flexible management options

Web-based GUI, accessible by
HTTP or HTTPs
CLI management, accessible by
console port, Telnet, SSH
SNMPv2 and SNMPv3
Built-in script editor
Event-based triggers
Syslog
DHCP server/client/relay
Allied Telesis routers provide secure
management by SSH, SNMPv3 and
HTTPs. A well-structured command
line enables a logical approach to
configuration of complex features.
When rolling out multiple units with
similar configurations, the config script
developed on one unit can be easily
copied to other units, and appropriately
modified.

16 | Allied Telesis Routers

Routing
RIP, v1, v2, RIPng
OSPF
BGP
Route filtering
Route maps
RIP, OSPF and BGP are all fully
supported with feature-rich
implementations and the ability to learn
thousands of routes. Full support for
redistribution between routing protocols
is provided. The route map and route
filtering capabilities of Allied Telesis
routers is highly configurableoffering
the same set of constructs, matching
options and actions expected in other
high-end route map implementations.

Multicasting
IGMP
MLD Snooping
PIM v4 and PIM v6
DVMRP
Multicast forwarding in IPv4 and IPv6
layer networks is well supported in the
Allied Telesis router family. In addition to
standard Layer 3 multicast forwarding,
the routers can tunnel multicast across
IPSec tunnels to provide a secure, costeffective transport of multicast to/from
remote locations.
WAN connections
PPP
Frame relay
X.25
E1/T1 TDM
PRI/BRI ISDN

alliedtelesis.com

Advanced Features
802.1Q VLAN
Allied Telesis routers are 802.1Q
compliant, enabling the user to configure
up to 64 VLANs with VLAN Identifiers
(VID) between 1 and 4094.
The routers can firewall between
VLANs, providing protection within
the network from internal attacks.
Additionally, the VLANs can be bridged
across WANs, to extend VLANs to
multiple sites.
Quality of Service (QoS)
Allied Telesis QoS implementation
enables the routers to dynamically
identify high priority voice, video and
application traffic, so that appropriate
service levels can be maintained in
congested networks. Advanced QoS
allows voice, video, and data traffic to
have QoS applied within individual IPSec
tunnels, over GRE, as well as IPv6 to
IPv4 tunnels.

The QoS functionality in the routers is

highly configurable, very accurate, and
extremely reliable. Multiple queuing
and shaping options are available, and
very few limitations are placed on the
number of queues and combinations of
queue scheduling methods. The QoS is
not restricted by arbitrary rules on the
number of strict priority queues and
special legacy requirements.
WAN Load Balancer
Allied Telesis routers WAN Load
Balancer (LB) enables them to combine
bandwidth from multiple WAN
connections for increased throughput,
redundancy, and reliable WAN
connectivity. WAN load balancing is the
ability to balance traffic across two or
more WAN links without using complex
routing protocols like OSPF, RIP or BGP.
Simple routers that do not support
WAN LBwith two WAN ports

connected to different ISPswould

route most traffic via the port that
offered the best metric. This provides
alternative connectivity if a link fails, but
under normal operating conditions,
wastes the alternative ports bandwidth.
WAN load balancing overcomes this
limitation.
WAN load balancing provides network
redundancy so that in the event of a
WAN link outage, access to network
resources is still available via the
secondary link(s). Redundancy is a key
requirement with critical applications
like VPNs and VoIP.
There are two load distribution methods
that can be configured: round robin
and weighted lottery. When a new
WAN load balancer session is identified,
one of these methods will be used to
determine which WAN port to use.
The default method is round robin.

Allied Telesis Routers | 17

Tunneling legacy connections

Allied Telesis routers provide unique
support for tunneling of asynchronous
and synchronous connections across
IP networks. This enables legacy
equipment with RS232, V.35, and x.21
interfaces to be controlled at remote
locations. The Allied Telesis family of
routers also supports reverse telnet and
terminal server features.
Network access authentication
Allied Telesis routers can be used
as IEEE 802.1X authenticators for
workstation authentication on a LAN.
The authentication credentials can be
stored on a central RADIUS server, so a
single user database can support access
authentication across a set of branch
offices. Access ports in small branch
offices are just as secure as those in the
head office LAN.
IPv6
Allied Telesis routers provide full
support for IPv4/v6 dual stack, enabling

18 | Allied Telesis Routers

a smooth transition from IPv4 to IPv6.

This includes support for IPv6 VPNs and
multicast.
Allied Telesis routers can connect to
IPv6 as well as IPv4 wide-area services,
and can provide encrypted tunnel across
an IPv6 WAN. Tunneling includes IPv4in-IPv6 and IPv6-in-IPv4 options.
PPPoE access concentrator
Termination of a few hundred PPPoE
connections is available across the Allied
Telesis router range. This provides a
good-value option for decentralizing the
PPoE access concentration in a service
provider network.
Tagged VLAN bridging
Using the Tagged VLAN Bridging
capability of the Allied Telesis router,
802.1q VLANs can be extended across
multiple sites connected by a VLAN or
across the Internet. Secure, authenticated
bridging using L2TP in IPSec provides a

valuable LAN extension service at a

very reasonable cost.
Extensive Public Key
Infrastructure (PKI) capabilities
VPN authentication via certificates
provides a greater level of protection
than pre-shared keys. To truly utilize the
secure capabilities of certificate-based
authentication, a router must be able to
participate in a public key infrastructure.
It can then create certificates and have
them signed, receive and verify peer
certificates, and receive certificate
revocation notifications. Allied Telesis
routers have the feature set required
to participate in a PKI and interact with
LDAP repositories.
Jumbo frames
The Allied Telesis AT-AR770 router can
support L2 and L3 forwarding of frames
up to 9k bytes, to enable extremely
rapid throughput of large data transfers.

alliedtelesis.com

Allied Telesis Routers

alliedtelesis.com/routers

Allied Telesis WAN and Internet multiservice access routers include solutions for T1/E1, ISDN, xDSL and
leased-line connections.
The comprehensive, high-performance Allied Telesis AR Series features hardware and software functions such as advanced routing,
QoS, IPv6 and advanced security, including Stateful Inspection Firewall and VPN services. AR Series routers are able to deliver the
breadth of functionality that small- and medium-sized businesses require at a price point they can afford, and with a confirmed
reliability that makes Allied Telesis a trusted networking partner.

Allied Telesis Routers | 19

AR400 Series

Modular Enterprise Routers

Allied Telesis AR400 Series broadband routers

are cost-effective, designed with the needs
of the branch office or small to medium
businesses in mind.

AT-AR415S

AT-AR440S/AR441S *
HIGH PERFORMANCE SECURE xDSL
ROUTERS

High Performance Secure shdsl

ROUTER

The Allied Telesis AT-AR415S is a

secure modular router, offering
performance, flexibility, and security
for small to medium-sized business.
Packaged in a compact, one-rack unit
chassis, this versatile router provides
five 10/100 Fast Ethernet interfaces
and supports a variety of Port
Interface Cards (PICs).

The Allied Telesis AT-AR440S/

AR441S are competitively priced,
business-class, secure ADSL routers.
These desktop, broadband routers
allow businesses to take advantage
of cost effective DSL connections
without compromising on bandwidth,
throughput, features, or security.

The Allied Telesis AT-AR442S secure

SHDSL router provides business
class quality and extensive software
features at a highly competitive price.
Designed with the needs of the branch
office or small
to medium-sized business in mind, the
AT-AR442S is a desktop, broadband
router that comes with dying gasp and
the WAN back-up features that
businesses expect.

High Performance Secure Modular

VPN ROUTER

WAN: 10/100TX x 1 port

LAN: 10/100TX x 4 ports
Async x 1 port RS232
Port Interface Card (PIC) x 1 slot
Integrated security engine

The AT-AR440S/AR441S have been

designed with the needs of the
branch office or small to mediumsized business in mind, and offer dying
gasp and the WAN back-up features
businesses expect.

32MB SDRAM
16MB flash memory enabling

storage of two software releases

AT-AR442S *

LAN: 10/100BASE-T x 5 ports

SHDSL (2 Wire & 4 Wire) x 1 port
Port Interface Card (PIC) x 1 slot
Async x 1 port

LAN: 10/100TX x 5 ports/DMZ

ADSL x 1 port (AR440S Annex A,

AR441S Annex B)
Async console/modem x 1 port
Port Interface Card (PIC) x 1 slot

Dimensions

Weight

AT-AR415S

Model

30.5 x 19 x 4.5 cm / 12 x 7.48 x 1.77 in

1.75 kg / 3.85 lbs

AT-AR440S/AR441S

33.5 x 18 x 4.5 cm / 13.8 x 7 x 1.77 in

1.96 kg / 4.32 lbs

AT-AR442S

33.5 x 18 x 4.5 cm / 13.8 x 7 x 1.77 in

1.96 kg / 4.32 lbs

* Contact your Allied Telesis sales representative to discuss availability in your region.

20 | Allied Telesis Routers

alliedtelesis.com

AR700 Series

Modular Enterprise Routers

Allied Telesis AR700 Series multiservice

routers are cost-effective, designed for midsized businesses to medium-sized enterprises
that demand flexibility, manageability, and
upgradeability in access edge routers.

AT-AR750S

AT-AR750S-DP

AT-AR770S

The AT-AR750S provides dual WAN

and two PIC bays for flexible WAN
and back-up options. Utilizing some
of the fastest processors in their
class, performance is exceptional,
providing firewalling at up to 300Mbps
and IPSEC encrypted throughput
up to 192Mbps. The AT-AR750S is
a one-stop solution that combines
VPN, Quality of Service, remote
connectivity, and advanced security
and encryption.

The Allied Telesis AR750S-DP is a

very high performance firewall and
VPN concentrator, offering up to
192Mbps of IPSEC throughput. Dual
Ethernet WAN ports and two Port
Interface Card (PIC) bays create
a very flexible WAN router. The
stateful inspection firewall makes
the AR750S-DP suitable for secure
routing applications. Dual hotswap AC
and DC power supplies offer greater
MTBF for Telco applications.

The Allied Telesis AT-AR770S

Secure VPN Router combines high
performance Gigabit interfaces
and combo port flexibility with the
powerful features included on the
AT-AR750S. The AT-AR770S design
meets the performance requirements
of mid-sized businesses to mediumsized enterprises, with up to 945Mbps
for NAT and firewall throughput,
and more than 500Mbps of IPSec
encrypted throughput.

WAN: 10/100TX x 2 ports

WAN: 10/100TX x 2 ports

WAN: 10/100/1000T or SFP

LAN: 10/100TX x 5 ports

LAN: 10/100TX x 5 ports

Port Interface Card (PIC) x 2 slots

Port Interface Card (PIC) x 2 slots

LAN: 10/100/1000T x 4 ports

Async x 1 port

Async x 1 port

Port Interface Card (PIC) x 2 slots

DMZ port: configurable on any of

Dual hotswap AC and DC power

Async x 1 port

High Performance Secure Modular

VPN ROUTER

the WAN/LAN ports

High Performance Secure Modular

VPN ROUTER

High Performance Secure Modular

VPN ROUTER

combo x 2 ports

supplies

DMZ port: configurable on any of

64MB SDRAM

the WAN/LAN ports

28MB SDRAM
32MB flash

16MB flash

Model

Dimensions

Weight

30.5 x 19 x 4.4 cm / 12 x 7.48 x 1.73 in

1.92 kg / 4.23 lb

AT-AR750S-DP

44 x 35.6 x 4.4 cm / 17.3 x 14 x 1.73 in

5.38 kg / 11.86 lb

AT-AR770S

44 x 23.9 x 4.4 cm / 17.3 x 9.4 x 1.73 in

2.95 kg / 6.5 lb

AT-AR750S

Allied Telesis Routers | 21

Specifications
SUBCATEGORY

PORTSAND
MEDIA SUPPORT

OPTIONAL
PICCARDS
POWER SUPPLY
ENVIRONMENTAL
MANAGEMENT
NETWORK RESILIENCE
QoS

SECURITY

FEATURE
FORM FACTOR
10/100TX
10/100/1000T
SFP

SHDSL
Async port
PIC bays (unpopulated)
T1/E1 WAN
BRI - ISDN (S/T)
2Mbps sync port
4 x async
2 x FXS VoIP
In/outdoor usage
Temperature range
Web
CLI access
SNMP
UPnP
VRRP
IEEE 802.1p priority queues
Queueing mechanisms
Priority mechanisms
IEEE 802.1Q VLANs
RADIUS
SSL
IEEE 802.1x
DoS protection

Encryption (AES/3DES)
DMZ
MAC filter
IP / TCP / UDP filter
URL filter
Peer-to-peer protocols detection
Encryption (DES, 3DES, AES)
VPN concurrent tunnels

ROUTING

SECURE xDSL ROUTER

AT-AR415S
Desktop / Rack mount
1 (WAN) + 4 (LAN)

AT-AR440S / AT-AR441S*
Desktop / Wall mount / Rack mount
5 (LAN)
ADSL2/2+ (Annex A) AT-AR440S

xDSL (WAN)

Firewall

OTHER

SECURE MODULAR VPN ROUTER

RIPv1 and v2
IPv4
IPv6
OSPF
NAT / NAPT
NATVPNpass-through (sessions)
PPPoE / PPTP / L2TP
DHCPclient / server / relay
WAN load balancing
Server load balancing
BGP-4

ADSL2/2+ (Annex B) AT-AR441S

1
1
AT-AR020
AT-AR021S
AT-AR023
AT-AR024
AT-AR027
Fixed internal
Indoor
0 to 40C

1
1
AT-AR020
AT-AR021S
AT-AR023
AT-AR024
AT-AR027
Fixed internal
Indoor
0C to 50C

Async, Telnet
v2 and v3

Async, Telnet
v2 and v3

64

64

4000 sessions (AT-FL18B)

8000 sessions (AT-FL18C)
AT-AES

AT-3DES

1 - standard
5 - AT-FL19B, 10 - AT-FL19C

100

25 - AT-FL19D, 50 - AT-FL19E

AT-AR400-ADVL3UPGRD

AT-AR400-A3VLDUPGRD

AT-FL15 (option)
AT-AR400-ADVLDUPGRD
AT-AR400-ADVLDUPGRD
30.5 x 19 x 4.5 cm

AT-FL15 (option)
AT-AR400-ADVLDUPGRD
AT-AR400-ADVLDUPGRD
33.5 x 18 x 4.5 cm

12 x 7.48 x 1.77 in
1.75 kg / 3.85 lb

13.18 x 7 x 1.77 in
1.96 kg / 4.32 lb

IDEAL ENVIRONMENT

Medium business

Branch office

CUSTOMERSNEEDS

Remote access

Head office connectivity

DIMENSIONS

(W x D x H)
Weight

* Contact your Allied Telesis sales representative to discuss availability in your region.

22 | Allied Telesis Routers

alliedtelesis.com

SECURE SHDSL router

SECURE MODULAR VPN ROUTER

SECURE MODULAR VPN ROUTER

AT-AR442S*
Desktop / Wall mount / Rack mount
5 (LAN)

AT-AR750S
Desktop / Rack mount
2 (WAN) +5 (LAN)

AT-AR750S-DP
Desktop / Rack mount
2 (WAN) +5 (LAN)

SECURE GIGABIT
MODULAR VPN ROUTER
AT-AR770S
Desktop / Rack mount
2 (WAN) + 4 (LAN)
2 (combo) 100 or 1000Mbps

1(2/4 wire G.SHDSL)

1
1
AT-AR020
AT-AR021S
AT-AR023
AT-AR024
AT-AR027
Fixed internal
Indoor
0C to 50C

1
2
AT-AR020
AT-AR021S
AT-AR023
AT-AR024

1
2
AT-AR020
AT-AR021S
AT-AR023
AT-AR024

1
2
AT-AR020
AT-AR021S
AT-AR023
AT-AR024

Fixed internal
Indoor
0 to 40C

Dual Hot-Swappable
Indoor
0 to 40C

Fixed internal
Indoor
0 to 40C

Async, Telnet
v2 and v3

Async, Telnet
v2 and v3

Async, Telnet
v2 and v3

Async, Telnet
v2 and v3

64

64

64

64

AT-FL-17 (SIP-ALG)
AT-AES

AT-FL-17 (SIP-ALG)
AT-AES

AT-FL-17 (SIP-ALG)
AT-AES

8000 sessions (AT-FL18C)

AT-3DES

AT-3DES

AT-3DES

100

250

250

1000

AT-AR400-A3VLDUPGRD

AT-AR700-ADVL3UPGRD

AT-AR700-ADVL3UPGRD

AT-AR700-ADVL3UPGRD

AT-FL15 (option)
AT-AR400-ADVLDUPGRD
AT-AR400-ADVLDUPGR
33.5 x 18 x 4.5 cm

Included
AT-AR700-ADVL3UPGRD
AT-AR700-ADVL3UPGRD
30.5 x 19 x 4.4 cm

Included
AT-AR700-ADVL3UPGRD
AT-AR700-ADVL3UPGRD
44 x 35.6 x 4.4 cm

Included
AT-AR700-ADVL3UPGRD
AT-AR700-ADVL3UPGRD
44 x 23.9 x 4.4 cm

13.18 x 7 x 1.77 in
1.96 kg / 4.32 lb
Branch office

12 x 7.48 x 1.73 in
1.92 kg / 4.23 lb

17.3 x 14 x 1.73 in
5.38 kg / 11.86 lb

17.3 x 9.4 x 1.73 in

2.95 kg / 6.5 lb

Medium business

Medium business

Large business

Remote access

Remote access

Remote access

Small to medium business

Remote access

Allied Telesis Routers | 23

About Allied Telesis, Inc.

Founded in Japan in 1987 and with offices worldwide, Allied Telesis is a leading provider
of networking infrastructure and flexible, interoperable network solutions. The
company provides reliable video, voice, and data network solutions to clients in multiple
markets including government, healthcare, defense, education, retail, hospitality, and
network service providers.
Allied Telesis is committed to innovating the way in which services and applications are
delivered and managed, resulting in increased value and lower operating costs.
Visit us online at alliedtelesis.com

Allied Telesis continuously enhances its products. As a result, this catalog

may not correctly represent all products currently available. Products may
also vary by geographic region. Product specifications can change without
notice, and while Allied Telesis makes every effort to ensure the accuracy of
information presented in this catalog, the Company does not accept liability
for errors or changes in the stated specifications.
For current product availability by region, full and complete product
specifications and warranty information, please contact your regional sales
manager or visit alliedtelesis.com.

24 | Allied Telesis Routers

alliedtelesis.com

alliedtelesis.com
alliedtelesis.com

Company Details

North America Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895
Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830
EMEA & CSA Operations | Incheonweg 7 | 1437 EK Rozenburg | The Netherlands | T: +31 20 7950020 | F: +31 20 7950021

alliedtelesis.com
2013 Allied Telesis, Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners.

617-000481 Rev B