iPlex Installation and Hardware Specification Guide
93
If access to the iPlex from the Internet is desired, it is a simple matter of configur-
ing the NAT Firewall to forward the appropriate ports:
•
TCP port 80 for Web
•
TCP port 443 for HTTPS
•
TCP port 23 for telnet
•
TCP port 22 for SSH, and/or
•
UDP port 161 for SNMP
This arrangement is relatively safe, but it will not deter a determined third party, if
this third-party knows the allowed IP addresses. In that case, a possible DoS attack
would be to generate packets with spoofed IP addresses and flood the iPlex. The
firewall in this case has no way of distinguishing such packets from valid packets.
Option 3: DMZ
Port of a Firewall
with Public
Addressing
This option is depicted in the diagram below. The iPlex has a public IP address,
but it is connected to the DMZ port of a firewall, which must be configured only
to allow access to the published ports of the iPlex.
WARNING!
It is important to stress that the firewall MUST be configured with an
access list of allowed IP addresses. It MUST NOT allow general
access.
To Next Page
Loading...
