Page F-32
Appendix F – Network Topology
INTER-TEL
®
AXXESS
®
MANUAL VERSION 11.0 – May 2008
Non-NATed DMZ Configuration
16.8 These commands define the policy for the interface to the private (trusted) network.
Each policy can specify more than one access list. From a security perspective, allow every-
thing from the trusted network. The “NAT” commands define the behavior of outbound NAT.
If the packet is from the Axxess system, translate the source address to the specified public
address. The second NAT command uses PAT on IP 208.13.17.33, the address on the public
interface, for any other internal node.
ip policy-class Private
allow list self self
nat source list OutAXXIPRCMain address 208.13.17.2 overload
nat source list PrivateHosts address 208.13.17.33 overload
!
16.9 The following commands define the policies for the interface to the public (untrusted)
network. In the Public policy-class, you are only translating (and therefore allowing) the ports
required for ITP (endpoint) as defined in the access list
InAXXIPRCMain.
ip policy-class Public
nat destination list InAXXIPRCMain address 192.168.1.2
!
B. NON-NATED DMZ CONFIGURATION
16.10 The following example illustrates the configuration for ITP endpoints and Inter-Tel Pri-
vate Networking (this is the same configuration used in the Cisco example on
page 27).
To Next Page
Loading...
