Filter
Top Products
CONNECT2AIR™ WLAN AP-600RP-USB Page 49 / 62
Example of a firewall configuration
General network configuration
FTP Server
192.168.1.12
Port: 21
LOCAL
WEB Server
192.168.1.13
Port: 80
LOCAL
Laptop 1
192.168.1.100
LOCAL
Laptop 2
192.168.1.101
LOCAL
Desktop PC
192.168.1.103
LOCAL
LAN LAN
WAN
AP-600RP-USB
LAN IP: 192.168.1.254
WAN IP: 212.35.65.205
WEBcam
LAN IP: 192.168.1.90
Desktop PC 2
212.35.35.10
PUBLIC
Desktop PC 3
any IP
PUBLIC
Requirements
• PCs in the local network have Internet access and can communicate freely with
each other
• Desktop PC 2 should be able to configure the AP-600RP-USB (AP WAN IP must be
accessible per PING), all other PCs in the Internet (e.g., Desktop PC 3) are blocked
for the function.
In order to be able to configure an AccessPoint over the Internet (WAN port), the firewall
must be activated. Initially, the firewall is fully open – i.e., it does not block any data traffic
to and from the public domain (Internet -> non-trusted). This means that rules must first be
defined for correct operation (see overleaf for the configuration).
GENERAL
The firewall blocks all data from and to the non-trusted network: Initial set-
tings: Incoming: Discard and Outgoing: Discard. However, data over the
router's interface (firewall) should remain active (Forward: Accept).
RULE 1
PCs in the local network (192.168.1.X) with destination AP-600RP
(192.168.1.254) are allowed to exchange data "through" the AP Æ Incoming
data at the AP
RULE 2
Data originating from the AP-600RP (or Internet) (192.168.1.254) is forwarded
to the appropriate PC in the local network (192.168.1.X) Æ Outgoing data at
the AP