Firewall
BAT54-Rail/F..
Release
7.54
06/08
8.3
The BAT Firewall
281
A direct data exchange between LAN and DMZ via LAN bridge is not possible
if a dedicated DMZ port is used. The path from LAN to DMZ and vice versa
is therefore only possible through the router, and thus also only through the
Firewall! This shields the LAN against inquiries from the DMZ, similar to the
LAN against inquiries from the Internet.
Note: The shielding of the DMZ against the Internet on one side and the LAN
on the other is solved in many network structures with two separate Fire-
walls. When using a BAT with DMZ port, only one device for this setup is
needed, which e.g. results in a clearly simplified configuration.
8.3.7 Hints for setting the Firewall
The BAT Firewall is an extremely flexible and powerful tool. In order to help
you to creating individual Firewall rules, you'll find in the following some hints
for your specific application
For BAT devices with VoIP functions that were already integrated or added
in with a software option, the ports required for voice connections are acti-
vated automatically.
IP router
LAN bridge with “isolated mode”
Virtual LANs (VLAN)
N:N mapping
ISDN
ADSL
DSL
LAN / Switch
WLAN-1-1
to
WLAN-1-8
DMZ
DSLoL
Configuration &
management:
WEBconfig, Telnet,
TFTP
VPN / PPTP
DHCP client / PPP
IP module: NetBIOS, DNS,
DHCP server, RADIUS,
RIP, NTP, SNMP, SYS-
LOG, SMTP
IPX router
LAN interfaces
WAN interfaces
IP masquerading
VPN services
LANCAPI
connection via LAN/
WLAN-2-1
to
WLAN-2-8
MAC/protocol filter
Filter
Filter
IPX over PPTP/VPN
Encryption:
802.11i/WPA/
IP-Redirect
BAT
user manage-
ment
RADIUS
client / server
To Next Page
Loading...
Need help?
General
