EasyManua.ls Logo

ELTEX ESR-3100 - 5.2 Router connection and configuration

Default Icon
650 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
ESR series service routers.ESR-Series. User manual
92
for ESR-30: GigabitEthernet 1/0/3-4;
for ESR-100: GigabitEthernet 1/0/2-4;
for ESR-200: GigabitEthernet 1/0/2-8;
for ESR-1000: GigabitEthernet 1/0/2-24;
for ESR-1200: GigabitEthernet 1/0/2-16, TengigabitEthernet 1/0/3-8;
for ESR-1500: GigabitEthernet 1/0/2-8, TengigabitEthernet 1/0/3-4;
for ESR-1511: GigabitEthernet 1/0/2-8, TengigabitEthernet 1/0/1-4;
for ESR-1700: GigabitEthernet 1/0/2-4, TengigabitEthernet 1/0/3-12;
for ESR-3100: GigabitEthernet 1/0/2-8, TengigabitEthernet 1/0/3-8;
for ESR-3200:Twentyfivegigabitethernet 1/0/3-12.
Zone interfaces are grouped into a single L2 segment via Bridge 2network bridge.
On the Bridge 2 interface, DHCP client is enabled to obtain dynamic IP address from the provider. On Bridge 1
interface, static IP address 192.168.1.1/24 is configured. Created IP address acts as a gateway for LAN
clients. For LAN clients, DHCP address pool 192.168.1.2-192.168.1.254 is configured with the mask
255.255.255.0. For clients in order to access the Internet, the router should have Source NAT service enabled.
Security zone policies have the following configuration:
Table 57 – Security zone policy description
Traffic origin zone Traffic destination zone Traffic type Action
Trusted Untrusted TCP, UDP, ICMP enabled
Trusted Trusted TCP, UDP, ICMP enabled
Trusted self TCP/22 (SSH),ICMP, UDP/67 (DHCPServer), UDP/123
(NTP)
enabled
Untrusted self UDP/68 (DHCPClient) enabled
5.2 Router connection and configuration
ESR series routers are intended to perform border gateway functions and securing the user network when it is
connected to public data networks.
Basic router configuration should include:
Assigning IP addresses (static or dynamic) to the interfaces that participate in data routing;
Creation of security zones and distribution of interfaces between these zones;
Creation of policies governing data transfer through these zones;
Configuration of services that accompany the data routing (NAT, Firewall, etc.).
To enable device configuration on the first startup, 'admin' user with 'password' password has been
created in the router configuration. The user will be prompted to change administrator password
during the initial configuration of the router.
To enable network access to the router on the first startup, static IP address 192.168.1.1/24 has
been configured on Bridge 1 interface.

Table of Contents

Related product manuals