Assigning a System Identity
11
Private and Public Interfaces
The Bay Networks Extranet Switch provides secure access between your local
area network (LAN) and Public Data Networks like the Internet. Throughout
this document the term Private refers to the LAN within your corporation,
and the term Public refers to Public Data Networks. This concept is
important because the Public interface accepts only tunneled protocols, while
the Private interface accepts both regular (nontunneled) and tunneled
protocols. You must be careful to correctly configure each interface of the
Switch for proper network security.
The LAN port is configured to be Private by default. Bay Networks
recommends that you connect this interface to your corporate LAN.
Additional interfaces that are inserted into the expansion slots are set to
Public by default.
Private
Indicates that this interface is attached to the internal corporate LAN and
accepts regular networking protocols such as TCP/IP, FTP, HTTP, etc. The
Private interface also accepts tunneled protocols (e.g., IPsec, PPTP, L2TP,
and L2F) that can be used for secure management access to the Switch.
Public
Indicates that this interface is attached to a Public Data Network like the
Internet. The Switch rejects nontunneled protocols and only accepts tunneled
protocols like IPsec, PPTP, L2TP, and L2F. For diagnostic purposes, the
ability to PING the Public interface is also supported.