Chapter 1. Introduction to 3Com VCX IP Telecommuting Module
For a DMZ or DMZ/LAN type which uses a private IP address on the interface connected to the DMZ of the firewall, its corresponding public IP address must be entered on the Interoperability page.
DMZ Configuration
Using this configuration, the Telecommuting Module is located on the DMZ of your firewall, and connected to it with only one interface. The SIP traffic finds its way to the Telecommut- ing Module using DNS or by setting the Telecommuting Module as an outbound proxy on the clients.
This is the most secure configuration, since all traffic goes through both your firewall and your Telecommuting Module. It is also the most flexible, since all networks connected to any of your firewall’s interfaces can be
The drawback is that the SIP traffic will pass the firewall twice, which can decrease perfor- mance.
Fig 1. Telecommuting Module in DMZ configuration.
DMZ/LAN Configuration
Using this configuration, the Telecommuting Module is located on the DMZ of your firewall, and connected to it with one of the interfaces. The other interfaces are connected to your internal networks. The Telecommuting Module can handle several networks on the internal interface even if they are hidden behind routers.
This configuration is used to enhance the data throughput, since the traffic only needs to pass your firewall once.
Fig 2. Telecommuting Module in DMZ/LAN configuration.
2