Filter
Top Products
Applications
54
Configure Firewall
The router provides Firewall security for restricting access between any two networks
connected through the router. Firewalls are set-up on a per connection basis for the LAN
and remote sites. The direction of filtering is from the perspective of the router; incoming
traffic is from the network in question to the router, outgoing is from the router to the
network. The direction of filtering may be set to incoming, outgoing, both or none. Once
the direction of filtering for a connection has been set, holes may be created in the firewall
to allow specified traffic through. Normally, the LAN firewall is used for restricting intranet
traffic (connections within the corporate network) and remote site firewalls are used to limit
access from less trusted sources, such as the Internet or dial-up ISDN links.
The following diagram shows a corporate head office network, which is connected, to the
Internet with an router. There is also a branch office at a remote site connected with a
leased link. The administrator at the corporate head office wishes to set-up an IP firewall to
allow everyone on the Internet to have access to the corporate FTP and Web servers and
nothing else. The administrator also wishes to allow all of the TCP traffic from the branch
office network to have access to the head office. Anyone in the corporation may have
unrestricted access to the Internet.
Figure 2 -13 Sample Firewall Application
The following steps must be performed on the router to set-up the firewall support as
desired.
Internet
Router with
firewall enabled.
Corporate Head
Office Network
195.100.1.0
Branch Office
Network
195.100.2.0
Any other network
any IP address
Main FTP server: 195.100.1.12
Main Web server: 195.100.1.20