New

WLC-3200

Mass production

Connection of up to 1000 access points
Access points monitoring
WPA/WPA2/WPA3 Enterprise, WPA/WPA2/WPA3 Personal user authorization

WLC-3200 is a controller for the stand-alone management of wireless networks for small- and medium-sized enterprises. The device allows quick configuring of a Wi-Fi network and adding ELTEX access points of different performance and purpose to it.

The controller provides monitoring of all access points, analyzes traffic statistics and session time, performs individual Wi-Fi settings.

Enterprise user authorisation with traffic encryption is performed by login/password. Depending on the objectives and network layout, this solution allows connecting up to 1000 access points.

Show all

Interfaces

1000BASE-X/10GBASE-R/25GBASE-R (LAN/WAN) - 12
Console (RJ-45) - 1
OOB - 1
USB 2.0 - 1
HDD slot - 1
MicroSD slot - 1

System features

VPN tunnels - 500
Static routes - 11К
Concurrent sessions - 512К
VLAN support - up to 4К active VLANs according to 802.1Q
BGP routes - 5М
OSPF routes - 500К
RIP routes - 10К
MAC table - 16К entries per bridge
FIB base size - 1.7М
VRF Lite - 32

Physical specifications and environmental parameters

Maximum power consumption - 118 W
Power supply:
- 100–240 V AC, 50–60 Hz
- 36–72 V DC
- 2 hot-swappable power modules
Operating temperature - from -10 to +45 °C
Storage temperature from -40 to +70 °C
Operating humidity no more than 80%
Storage humidity from 10 % to 95%
Dimensions (W × H × D) - 430 × 330 × 44mm
Weight - no more than 5 kg

Access point management

Maximum number of access points: 1000
Maximum number of customers: 30000
WPA/WPA2/WPA3 Personal
WPA/WPA2/WPA3 Enterprise
Local collecting of user account information¹
Collecting user account information to an external RADIUS server
Integration with external portals¹
Automatic management of radio environment resources
Access point authorisation by certificate

Interfaces

USB 3G/4G LTE modem
E1 TopGate SFP

Remote Access VPN clients

PPTP/PPPoE/L2TP/OpenVPN/IPsec XAUTH

Remote Access VPN server

L2TP/PPTP/OpenVPN/IPsec XAUTH

Site-to-site VPN

IPsec: policy-based and route-based modes
DMVPN
DES, 3DES, AES, Blowfish, Camellia encryption algorithms
IKE MD5, SHA-1, SHA-2 message authentication

Tunneling

IPoGRE, EoGRE
IPIP
L2TPv3
LT (inter VRF-lite routing)

L2 Functions

Bridging
LAG/LACP (802.3ad) interface aggregation
VLAN (802.1Q) support
Logical interfaces
LLDP, LLDP MED
VLAN based on MAC

L3 functions (IPv4/IPv6)

NAT, Static NAT, ALG address translation
Static routes
RIPv2, OSPFv2/v3, IS-IS, BGP dynamic routing protocols
Route filtering (prefix list)
VRF Lite
Policy Based Routing (PBR)
BFD for BGP, OSPF, static routes

BRAS (IPoE)²

User termination
URL black/white lists
Quoting by traffic volume, session time, network application
HTTP/HTTPS Proxy
HTTP/HTTPS Redirect
Session accounting using Netflow protocol
Interaction with AAA, PCRF servers
Bandwidth management by office and SSID, user sessions
User authentication by MAC or IP addresses

Network security functions

Intrusion Prevention/Detection System (IPS/IDS)¹
Interaction with Eltex Distribution Manager for licensed content; rule sets provided by Kaspersky SafeStream Ii¹
Web filtering by URL, by content (cookies, ActiveX, JavaScript)
Zone-based Firewall
Firewall filtering based on L2/L3/L4 fields and by application
Support for Access Control Lists (ACL) based on L2/L3/L4 fields
DoS/DDoS attack protection and alerting
Attack event and rule triggering logging

IP Address Management (IPv4/IPv6)

Static IP addresses
DHCP client
DHCP Relay Option 82
Built-in DHCP server, support for options 43, 60, 61, 150
DNS resolver
IP unnumbered

Quality of Service (QoS)

Up to 8 priority or weighted queues per port
L2 and L3 prioritization of traffic (802.1p (CoS), DSCP, IP Precedence (ToS))
RED, GRED
Priority relabeling tools
Policy-map
Shaping
Hierarchical QoS
Session marking

Network reliability tools

VRRP v2, v3
Route management based on VRRP state (tracking)
Load balancing on WAN interfaces, redirecting data streams, switching at channel quality assessment
Firewall sessions reservation

Monitoring and management

Support for standard and extended SNMP MIB, RMONv1
Built-in Zabbix agent
User authentication by local database using RADIUS, TACACS+, LDAP protocols
Protection against configuration errors, automatic configuration recovery. Ability to reset the configuration to factory settings
CLI management interfaces
Syslog support
System resource usage monitor
Ping, traceroute (IPv4/IPv6), output of packet information in the console
Software upgrade, upload/download configurations via TFTP, SCP, FTP, SFTP, HTTP(S)
NTP support
Netflow v5/v9/v10 (URL statistics export for HTTP, host for HTTPS)
Local management via RS-232 (RJ-45) console port
Remote management, Telnet, SSH (IPv4/IPv6)
Services/processes information output
Local/remote saving of configurations

SLA control functions

Eltex SLA
Communication channel parameters:
- Delay (one-way/two-way)
- Jitter (one-way/two-way)
- Packet loss (one-way/two-way)
- Packet error rate
- Disturbance of packet delivery sequence
- Wellink SLA (wiSLA)²

MPLS

LDP support
L2VPN VPWS support
L2VPN VPLS Martini Mode support
L2VPN VPLS Kompella Mode support
L3VPN MP-BGP support

The set of functions corresponds to firmware version 1.19.1.
¹The features will be available in future firmware versions.
²Activated by license.

Show all

WEP-1L
WEP-200L
WEP-2L
WEP-3ax
WOP-30L
WOP-20L

Descriptions

Data Sheet

Downloads

Operational lifetime of the ELTEX equipment

Regardless of the operational lifetime stage, Eltex provides a 12 months warranty on all its telecommunication equipment.
During the warranty period the manufacturer ensures technical support and free-of-charge repair at the Enterprise which is situated in Novosibirsk.
As part of the warranty service, technical support is provided on the first-in first-out principle.
The priority support packages of 8/5 and 27/7 types are subjects to additional charges.