LANCOM Reference Manual LCOS 3.50 ̈ Chapter 8: Firewall
116
Firewall
The Firewall only checks routed data packets!
The Firewall only checks data packets routed by the IP router of the LANCOM. In general,
these are the data packets, which are exchanged between one of the WAN interfaces and
the internal networks (LAN, WLAN, DMZ).
For example, the communication between LAN and WLAN is normally not carried out by the
router, as long as the LAN bridge allows a direct exchange. Thus the Firewall rules do not
apply here. The same applies to the so-called “internal services” of the LANCOM like Telnet,
TFTP, SNMP and the web server for the configuration with WEBconfig. The data packets of
these services do not run through the router, and therefore aren’t influenced by the Firewall.
Due to the positioning behind the masquerading module (seen from the WAN), the
Firewall operates with the “real” internal IP addresses of the LAN stations, and not
with the outside known Internet address of the LANCOM.
Firewall / IDS / DoS / QoS
IP router
LAN bridge with “isolated mode”
Virtual LANs (VLAN)
N:N mapping
ISDN
ADSL
DSL
LAN / Switch
WLAN-1
DMZ
DSLoL
Configuration &
management:
WEBconfig, Telnet,
VPN / PPTP
DHCP client / PPP
IP module: NetBIOS, DNS,
DHCP server, RADIUS, RIP,
NTP, SNMP, SYSLOG, SMTP
IPX router
LAN interfaces
WAN interfaces
IP masquerading
VPN services
LANCAPI
connection via LAN/Switch
WLAN-2
Filter
Filter
Filter
IPX over PPTP/
VPN
Encryption:
802.11i/WPA/WEP