Black Box LR1530A-EU-R3, LR1530A-R3 manual Firewall WAN Remote Site Filter direction Location Main

Page 59

Applications

also wishes to allow all of the TCP traffic from the branch office network to have access to the head office. Anyone in the corporation may have unrestricted access to the Internet.

The following steps must be performed on the router to set up the firewall support as desired.

First the firewall on the ISP connection (remote site 1) of the WAN is set up. The firewall option is set to “inbound” to have this WAN firewall filter traffic from the ISP to the router while allowing unrestricted access out to the Internet.

7Firewall WAN Remote Site Filter direction Location: Main

ÄConfiguration

ÄApplications Set up

ÄFirewall Set up

ÄWAN Firewall Set up

Äenter ID# 1 for ISP remote site

ÄFirewall

Äinbound

The firewall on the Internet connection is set up to protect the entire corporate network, including the branch office, from unauthorized traffic.

Then the entries are made in the “Designated Servers” menu to allow Internet access to the FTP and Web servers on the corporate network.

7FTP & WWW Designated Servers Location: Main

ÄConfiguration

ÄApplications Set up

ÄFirewall Set up

ÄWAN Firewall Set up

ÄID# 1 for ISP remote site

ÄDesignated Servers

ÄFTP Server

— 195.100.1.12

Ä WWW (HTTP) Server

— 195.100.1.20

When defining a designated server you will be prompted for the IP address of that device. Adding an entry to the

53

Image 59

Contents Frame Relay/Leased Line Bridge/Router Specifications Normas Oficiales Mexicanas Electrical Safety Statement Page Page Page Contents Introduction to Filtering Appendix D Software Upgrades Page Select a Site Unpack the unitRear View of the CSU-DSU router Identify the ConnectorsMake the WAN Link Connection Connect to the ConsoleMake the LAN Connections Installation Login and Enter the Required Configuration Power Up the routerMandatory Configuration Mandatory ConfigurationLink Interface Type Setting the Link Interface TypeSet Link Interface Type Location Main Framed/unframed/SF/ESF Setting the T1/E1ParametersService parameters Location Main T1/E1 Selection Location MainFirst channel Number number of channels As specifedSet Link Interface Type Location Main Green Identify the Status LEDsFront View of the router Typical Applications & HOW to Configure Them Managing the router Using Menus Option Name Configuration Option Name Location MainConventions Frame Relay configuration Basic Frame Relay ConfigurationLink Speed Frame Relay enable Location MainLink Speed Location Main Auto Learning the Frame Relay Configuration LMI Type Manual Configuration LMI TypeAuto-Learning Location Main IP Address / Subnet mask size Quick Start Frame RelayIP Address PPP Encapsulation Location Main Quick Start PPP Leased Line Connections Basic Leased Line ConfigurationFrame Relay disable Location Main DisabledLocal IP Address Location Main Basic PPP Leased Line ConfigurationBridge Connection Should You Bridge or Route? Bridged Local Area Networks Configure as an Ethernet BridgeIP Address Applications IP Routed Local Area Networks Configure as an Ethernet IP routerIP Address Default Gateway Define an IP Default GatewayDefault Gateway Location Main Remote Site Next Hop Cost Add Define an IP Static RouteEdit Static Route Location Main Define an IP Subnet Mask IP Address / mask size IP Address & Subnet Size Location MainApplications Novell Servers in Both Locations Configure as an Ethernet IPX routerApplications IPX Routed Local Area Networks Servers on one side Novell Servers in One Location OnlyIPX Frame Types Location Main Numbered Links PPP Link Configuration OverviewUnnumbered Links IP Address Pool Location Main Configure Dynamic Host Configuration ProtocolDhcp Services Location Main ServerDNS Set-Up Location Main Local + External DNS Server ConfigurationNAT Exports Configure Network Address Translation NATNAT Enabled Location Main EnabledTranslation type Location Main Security Level Configure PPP SecuritySecurity Level Location Main Security Database Entry Location Main Incoming PAP Password Incoming Chap SecretOutgoing PAP Password Outgoing Chap Secret 10 Sample Firewall Application Configure FirewallFTP & WWW Designated Servers Location Main Firewall WAN Remote Site Filter direction Location MainFirewall Table Entry Location Main Firewall LAN Filter Direction Location MainFirewall Location Main Applications Introduction to Filtering MAC Address FilteringPattern Filtering Not Introduction to Filtering IP & Related Traffic NetBIOS &NetBEUI Microsoft WindowsPopular Filters BridgeOther interesting TCP Ports NetBIOS over TCPBanyan IP RouterAppendix a Menu Trees Menu Tree From previous Page Appendix B Octet Locations on Ethernet Frames Octet Locations on Ethernet Frames ARP Ethernet Type CodesOctet Locations on Ethernet Frames Octet Locations on a Bridged XNS Frame Octet Locations on Ethernet Frames Appendix C Servicing Information Opening the caseCPU Identifying the Internal ComponentsJ11 Force Zmodem Software Load Sanity TimerTo Clear a Lost Password Figure C-3 Rear View of the Console and LAN Connectors Connecting to the Console ConnectorCSU/DSU Module WAN Interface ConnectionPinout Information ModuleT1/E1 T1/E1 ModuleUniversal WAN Module Link Pinouts Connecting cable must be a shielded cableServicing Information DCE RS232C / V.24 Link PinoutsFigure C-8 RS530 / RS422 Link Pinouts RS530 / RS422 Link PinoutsFigure C-9 V.11 / X.21 Link Pinouts 11 / X.21 Link PinoutsFigure C-10 V.11 / X.21 DB25 to DB15 Connector Cable 11 / X.21 DB25 to DB15 Connector CableFigure C 11 V.35 Null-Modem Cable Null-Modem Cable ConfigurationFigure C-12 RS232 / V.24 Null-Modem Cable RS232 / V.24 Null-Modem CableRS530 / RS422 Null-Modem Cable Signal Ground DTE Ready aServicing Information Appendix D Software Upgrades Considerations Servicing Information Page PC used for Tftp transfers Link