Chapter 1. Introduction to 3Com VCX IP Telecommuting Module

For a DMZ or DMZ/LAN type which uses a private IP address on the interface connected to the DMZ of the firewall, its corresponding public IP address must be entered on the Interoperability page.

DMZ Configuration

Using this configuration, the Telecommuting Module is located on the DMZ of your firewall, and connected to it with only one interface. The SIP traffic finds its way to the Telecommut- ing Module using DNS or by setting the Telecommuting Module as an outbound proxy on the clients.

This is the most secure configuration, since all traffic goes through both your firewall and your Telecommuting Module. It is also the most flexible, since all networks connected to any of your firewall’s interfaces can be SIP-enabled.

The drawback is that the SIP traffic will pass the firewall twice, which can decrease perfor- mance.

Fig 1. Telecommuting Module in DMZ configuration.

DMZ/LAN Configuration

Using this configuration, the Telecommuting Module is located on the DMZ of your firewall, and connected to it with one of the interfaces. The other interfaces are connected to your internal networks. The Telecommuting Module can handle several networks on the internal interface even if they are hidden behind routers.

This configuration is used to enhance the data throughput, since the traffic only needs to pass your firewall once.

Fig 2. Telecommuting Module in DMZ/LAN configuration.

2

Page 10
Image 10
HP VCX Software manual DMZ Configuration, DMZ/LAN Configuration