RUTX10
Feature
802.11b/g/n/ac Wave 2 (Wi-Fi 5) with data transmission rates up to 867 Mbps (Dual Band, MU-MIMO), 802.11r fast transition, Access Point (AP), Station (STA)
WPA2-Enterprise: PEAP, WPA2-PSK, WPA-EAP, WPA-PSK, WPA3-SAE, WPA3-EAP, OWE; AES-CCMP, TKIP, Auto-cipher modes, client separation, EAP-TLS with PKCS#12 certificates, disable auto-reconnect, 802.11w Protected Management Frames (PMF)
SSID stealth mode and access control based on MAC address
Up to 150 simultaneous connections
Wireless mesh (802.11s), fast roaming (802.11r), Relayd, BSS transition management (802.11v), radio resource measurement (802.11k)
Allowlist, blocklist
Once scanned, a user will automatically enter your network without needing to input login information
Forward Wi-Fi hotspot landing page to a subsequent connected device
Bluetooth low energy (LE) for short range communication
1 x WAN port 10/100/1000 Mbps, compliance with IEEE 802.3, IEEE 802.3u, 802.3az standards, supports auto MDI/MDIX crossover
3 x LAN ports, 10/100/1000 Mbps, compliance with IEEE 802.3, IEEE 802.3u, 802.3az standards, supports auto MDI/MDIX crossover
Static routing, Dynamic routing (BGP, OSPF v2, RIP v1/v2, EIGRP, NHRP), Policy based routing
TCP, UDP, IPv4, IPv6, ICMP, NTP, DNS, HTTP, HTTPS, SFTP, FTP, SMTP, SSL/TLS, ARP, VRRP, PPP, PPPoE, UPNP, SSH, DHCP, Telnet, SMPP, SNMP, MQTT, Wake On Lan (WOL), VXLAN
H.323 and SIP-alg protocol NAT helpers, allowing proper routing of VoIP packets
Ping Reboot, Wget Reboot, Periodic Reboot, LCP and ICMP for link inspection
Port forward, traffic rules, custom rules, TTL target customisation
View all your Firewall statistics, rules, and rule counters
View device ports, enable and disable each of them, turn auto-configuration on or off, change their transmission speed, and so on
Visual representation of your network, showing which devices are connected to which other devices
Captive portal (hotspot), internal/external Radius server, Radius MAC authentication, SMS authorisation, SSO authentication, internal/external landing page, walled garden, user scripts, URL parameters, user groups, individual user or group limitations, user management, 9 default customisable themes and optionality to upload and download customised hotspot themes
Static and dynamic IP allocation, DHCP relay, DHCP server configuration, status, static leases: MAC with wildcards
Traffic priority queuing by source/destination, service, protocol or port, WMM, 802.11e
Supported >77 service providers, others can be configured manually
DNS over HTTPS proxy enables secure DNS resolution by routing DNS queries over HTTPS
Wi-Fi WAN, VRRP, Wired options, each of which can be used as an automatic Failover
Balance Internet traffic over multiple WAN connections
Possibility to mount remote file system via SSH protocol
Initial virtual routing and forwarding (VRF) support
Real-time monitoring, wireless signal charts, traffic usage history
Certificate creation tool allows to create CA, server, client, let's encrypt, SCEP certificates
Port-based network access control client
Pre-shared key, digital certificates, X.509 certificates, TACACS+, Internal & External RADIUS users authentication, IP & login attempts block, time-based login blocking, built-in random password generator
Preconfigured firewall rules can be enabled via WebUI, unlimited firewall configuration via CLI, DMZ, NAT, NAT-T, NAT64
DDOS prevention (SYN flood protection, SSH attack prevention, HTTP/HTTPS attack prevention), port scan prevention (SYN-FIN, SYN-RST, X-mas, NULL flags, FIN scan attacks)
Port and tag-based VLAN separation
Block list for blocking out unwanted websites, allow list for specifying allowed sites only
Flexible access control of SSH, Web interface, CLI and Telnet
Identification and authentication module, TPM 2.0 standard
*Feature availability varies by order code
Multiple clients and a server can run simultaneously, 27 encryption methods
DES-CBC 64, RC2-CBC 128, DES-EDE-CBC 128, DES-EDE3-CBC 192, DESX-CBC 192,
BF-CBC 128, RC2-40-CBC 40, CAST5-CBC 128, RC2-64-CBC 64, AES-128-CBC 128, AES-128-CFB 128, AES-128-CFB1 128, AES-128-CFB8 128, AES-128-OFB 128, AES-128-GCM 128, AES-192-CFB 192, AES-192-CFB1 192, AES-192-CFB8 192, AES-192-OFB 192, AES-192-CBC 192, AES-192-GCM 192, AES-256-GCM 256, AES-256-CFB 256, AES-256-CFB1 256, AES-256-CFB8 256, AES-256-OFB 256, AES-256-CBC 256
XFRM, IKEv1, IKEv2, with 14 encryption methods for IPsec (3DES, DES, AES128, AES192, AES256, AES128GCM8, AES192GCM8, AES256GCM8, AES128GCM12, AES192GCM12, AES256GCM12, AES128GCM16, AES192GCM16, AES256GCM16)
GRE tunnel, GRE tunnel over IPsec support
Client/Server instances can run simultaneously, L2TPv3, L2TP over IPsec support
Proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the program’s code
Method of building scalable IPsec VPNs, Phase 2 and Phase 3 and Dual Hub support
SSTP client instance support
ZeroTier VPN client support
WireGuard VPN client and server support
Tinc offers encryption, authentication and compression in it's tunnels. Client and server support.