Perle Systems P840 manual Filtering, Security-Forward if Source

Page 45

 

Filtering

 

 

5

From the MAC ADDRESS FILTERS MENU, enter a 1.

 

This will place you at the first EDIT MAC ADDRESS FILTER MENU screen.

 

At the prompt enter the MAC address for which you want to specify the filter.

6

Enter the 12-digit Ethernet address of the host system in the following format: 000001020304 (enter a

 

Return)

The edit screen will fill in the information that the table knows about this address. For this example, let us assume that it knows that the address is “present” and located on the LAN of the partner bridge/router.

7Enter a 4 to Enable the “Forward if Destination” parameter. The edit screen will be updated to show the new information.

At this point, the address is added to the permanent filter table of the local LAN. This entry, therefore, will not be subject to the aging timer, and will remain active until it is removed from the permanent entry table.

When a frame of information is seen on the local LAN that contains the address of the host system in the destination field of the frame, the bridge/router will forward it. All other frames seen on the local LAN that are destined for the remote LAN will be filtered.

Security—“Forward if Source”

Forward if Source is a function that allows you to forward an Ethernet frame if the source address of the frame equals the address that the Forward if Source function has been applied to.

Example:

Assume that a Personal Computer is located on segment 1 on the local bridge/router. This station belongs to the head of Marketing. This station requires access to all the services that exist on the remote LAN but no other station on the local LAN is allowed to access the remote LAN. This can be easily accomplished with a “Forward if Source.”

The Ethernet Address for this Personal Computer is: 01-02-03-04-05-06

Again, this address uniquely identifies this computer station.

To configure the bridge/router to ensure that only this station is able to access facilities on a remote LAN segment, follow the instructions below:

1From the MAIN MENU of the console of the local bridge/router, enter a 1. (Enter an “=“ from any menu to go back to the MAIN MENU.)

This will place you at the CONFIGURATION MENU, where access to the filtering menu is obtained.

2From the CONFIGURATION MENU, enter an 8.

This will place you at the FILTER SET-UP MENU, where access to the individual filtering menus is obtained.

3From the FILTER SET-UP MENU, enter a 1.

This will place you at the MAC ADDRESS FILTERS MENU, where access to the MAC Address filters is obtained.

45

Image 45
Contents Perle P840 P840 Router IntroductionARP-Address Resolution Protocol IP Routing and the P840 RouterProxy ARP Complete IP Connection IP Header Details Unreachable Icmp MessagesRedirect QuenchRIP-Routing Information Protocol Update MechanismPing Time and Mask serverBridging and the P840 Router Initial Bridging ProcessStation Address Learning Aging Timer Filled Address Table Address PurgingAging Exception P840 Router Feature Definitions TelnetLink Compression Typical Compression Ratios by File Type Bandwidth On Demand WAN TopologiesMultilink MultipointTime of Day Connect Application Operating Software UpgradesP840 Isdn Connection Management Wide Area Network Topologies SupportedCall Establishment Methods Auto-Call Time-of-Day Connections Isdn Connection ManagementManual Call Address ConnectCombination Connection ProcessProtocol Awareness Idle TimerSuspension Process Interesting TrafficSuspended Server P840 Session Participation SpoofingTermination Process IP SpecificsIP Address Connect Suspension of TCP/IP SessionsPinout Information Console ConnectorEvent logs Event LogsEvent Logs Event Logs Event Logs Event Logs Event Logs Alarm logs Event Logs Event Logs Event Logs Code Description Code Event Logs Event Logs Event Logs Event Logs Event Logs PPP Security logs Security MAC Address FilteringSecurity-Filter if Destination FilteringSecurity-Filter if Source Security-Forward if Destination Security-Forward if Source FilteringFiltering Pattern Filter Operators Bridge Pattern FilteringProtocol Discrimination Internet Protocol IP Protocol Type FieldFilter all IP Packets IP, and no moreFiltering Filter only TCP/IP Transport Control Protocol / Internet Protocol TCP/IPFilter all IP without TCP traffic Filter all except TCP/IPFilter all DEC Bandwidth ConservationEthernet Broadcasting Ethernet MulticastingGeneral Restrictions Internet AddressesEthernet Station Addresses Mask would be 6-010203040506&12-0800&23-06 Example Mask CombinationsIP Router Pattern Filtering Frame Formats Ethernet Type Codes Octet Locations on an IP Routed TCP/IP Frame Octet Locations on a Bridged XNS Frame

P840 specifications

Perle Systems is renowned for its high-performance networking hardware, and the Perle P840 model exemplifies this reputation with its advanced features and technologies. Designed for small to medium-sized enterprises, the P840 serves as a versatile and reliable solution for connectivity needs.

One of the main features of the Perle P840 is its robust network performance, supporting both Ethernet and serial connectivity. With support for RS-232, RS-422, and RS-485 interfaces, the P840 enables seamless integration of legacy devices into modern network architectures, allowing businesses to leverage existing infrastructure without the need for extensive upgrades.

The P840 also boasts advanced security features to protect sensitive data during transmission. It supports SSL encryption and VPN capabilities, ensuring that data travels securely across the network. Additionally, it implements strong authentication protocols, providing organizations with peace of mind knowing that their communications are safeguarded against potential threats.

Another standout characteristic of the P840 is its flexibility in configuration. It offers multiple port configurations, allowing for customization based on specific user needs. With options for both managed and unmanaged modes, the device can easily adapt to various network environments. This flexibility makes it suitable for diverse applications, including industrial automation, process control, and telecommunications.

The Perle P840 is designed for durability and reliability, featuring a rugged enclosure that can withstand demanding environments. Its solid-state components reduce the risk of failure, contributing to increased uptime and lower maintenance costs. Furthermore, the compact design allows for easy installation in tight spaces, making it a practical choice for various deployment scenarios.

In terms of management and monitoring, the P840 includes an intuitive web-based interface, enabling administrators to configure settings and monitor network performance effortlessly. SNMP support further enhances management capabilities, allowing for integration into larger network management systems.

Overall, the Perle P840 stands out as a powerful solution for enterprises seeking seamless connectivity, robust security, and flexibility in configuration. Its combination of advanced features and durable design makes it an ideal choice for industries requiring reliable serial and network connectivity in challenging environments. With the P840, businesses can build a resilient networking infrastructure that supports their growing demands while safeguarding their critical data.