Ru En
Designer and manufacturer of communication equipment
Russia (GMT +7)

Service gateway ESR-1700

– Scalable solution for different fields of application
– Flexible services configuration
– Interfacing with the equipment of leading manufacturers
– Hardware acceleration of data processing 
Functional area
The family of ESR routers is a universal hardware platform capable of performing a wide range of tasks related to network security. The lineup includes models that can be used in networks of various sizes - from small business networks to carrier networks and data centers. 
The key elements of ESR-1700 are data processing hardware acceleration means that ensure a high level of productivity.  Hardware and software processing is distributed among the units of the device.

Typical tasks performed by service routers:
  • providing of NAT, Firewall services
  • routing
  • organization of secure network tunnels to combine different offices of companies (IPsec VPN)
  • organization of remote access to local resources on enterprise networks L2TP, PPTP, OpenVPN
  • filtering of network data by various criteria  

Documents and files
- 4хCombo 10/100/1000BASE-T/ 1000BASE-X
- 8x10GBASE-R SFP+/1000BASE-X
- 1xConsole (RJ-45)
- 2хUSB 2.0

Plug-in interfaces
– USB 3G/4G/LTE modem

VPN clients

VPN server
– L2TP
– OpenVPN

– L2/L3 GRE
– L2TPv3
– Logical Tunnel (inter VRF-lite routing)

L2 functions
– Packet switching (bridging)
– STP, RSTP, MSTP 802.1d (only ESR-1000)
– LAG/LACP (802.3ad)
– VLAN (802.1Q)
– Port Isolation (only ESR-1000, ESR-1200)
– Private VLAN Edge (PVE) (only ESR-1000, ESR-1200)
– Logical interfaces
– VLAN based MAC

L3 functions (IPv4/IPv6)
– NAT, Static NAT, ALG addresses translation
– Static routes
– Dynamic routing protocols RIPv2, OSPFv2/v3, BGP
– Prefix-List
– VRF Lite
– Policy Based Routing (PBR)
– BFD for BGP, OSPF, static routes

IP addressing management (IPv4/IPv6)
– Static IP addresses
– DHCP client
– DHCP Relay Option 82
– Embedded DHCP server (options: 43, 60, 61, 150)
– DNS resolver

Quality of Service (QoS)
– Up to 8 priority queues per port
– L2 and L3 traffic prioritization (802.1p, DSCP, IP Precedence)
– Queues overload management RED, GRED
– Port prioritizing, VLAN
– Resources of priority remarking
– Policy enforcement (policing)
– Bandwidth management (shaping)
– Hierarchical QоS
– Session marking

Network reliability assurance means
– VRRP v2,v3
– Route tracking based on VRRP state
– WAN interfaces load balancing, data stream redirection, failover in case of evaluation of channel quality
– Firewall sessions backup

– User termination
– White/black URL lists
– Limiting by traffic amount, by session time or by network applications
– HTTP/HTTPS Redirect
– Session accounting via Netflow protocol
– Interaction with ААА, PCRF
– Bandwidth management by offices, SSID and user sessions
– User authentication by MAC or IP address

Network security functions
– Network interfaces zoning
– Zone isolation, Firewall, data filtering rules
– IPSec:

– Policy-based and route-based modes
– DES, 3DES, AES, Blowfish, Camelia encryption algorithms
– IKE MD5, SHA-1, SHA-2 logs authentication

– Support for access control lists on the base of L2/L3 fields
– DoS/DDoS attacks defense
– Logging of attack events, rule triggering events
– Traffic filtering by applications

Monitoring and control
– Standard SNMP MIB, RMONv1 support
– Access level management
– In-built Zabbix agent
– Authentication via local user database by means of RADIUS, TACACS+, LDAP protocols
– Protection from configuration errors, automatic configuration recovery. Ability to reset configuration to default settings
– CLI management interfaces
– Syslog
– System resources usage monitoring
– Ping, traceroute (IPv4/IPv6), displaying information of packets in the console
– Firmware update, upload and download of configuration via TFTP, SCP, FTP, SFTP
– Netflow v5/v9/v10 (URL statistics export for HTTP, host for HTTPS)
– Local control - console RS-232 (RJ-45)
– Remote control (IPv4/IPv6) - Telnet, SSH
– Service/processes information displaying Service quality monitoring functions (SLA)1
– Integration with Wellink wiSLA
– Load testing of channel capacity: up to 150 Mbps
– TWAMP support: up to 100 simultaneous tests
– Reflector: TWAMP, UDP-Echo, L2
– Amount of simultaneously controlled services: minimum 100
– TCP, HTTP, DNS services monitoring: up to 100 simultaneous tests

The feature set is available in 1.4.1 firmware version
1Activated by the license

Operational lifetime of the ELTEX equipment
In development
Mass production
Mass production is over
Sold out
Support is over
Regardless of the operational lifetime stage, Eltex provides a 12 months warranty on all its telecommunication equipment.
During the warranty period the manufacturer ensures technical support and free-of-charge repair at the Enterprise which is situated in Novosibirsk.
As part of the warranty service, technical support is provided on the first-in first-out principle.
The priority support packages of 8/5 and 27/7 types are subjects to additional charges.