Lancom Systems LCOS 3.50 User Manual

LANCOM Reference Manual LCOS 3.50

̈

Chapter 8: Firewall

116

Fi

rew

a

ll

The Firewall only checks routed data packets!

The Firewall only checks data packets routed by the IP router of the LANCOM. In general,
these are the data packets, which are exchanged between one of the WAN interfaces and
the internal networks (LAN, WLAN, DMZ).

For example, the communication between LAN and WLAN is normally not carried out by the
router, as long as the LAN bridge allows a direct exchange. Thus the Firewall rules do not
apply here. The same applies to the so-called “internal services” of the LANCOM like Telnet,
TFTP, SNMP and the web server for the configuration with WEBconfig. The data packets of
these services do not run through the router, and therefore aren’t influenced by the Firewall.

Due to the positioning behind the masquerading module (seen from the WAN), the
Firewall operates with the “real” internal IP addresses of the LAN stations, and not
with the outside known Internet address of the LANCOM.

Firewall / IDS / DoS / QoS

IP router

LAN b

rid

ge w

ith

“i

sola

te

d mode

”

Vir

tua

l LAN

s (VLAN)

N:N ma

ppin

g

ISDN

ADSL

DSL

LAN / Switch

WLAN-1

DMZ

DSLoL

Configuration &
management:
WEBconfig, Telnet,

VPN / PPTP

DHCP cl

ien

t / P

PP

IP module: NetBIOS, DNS,

DHCP server, RADIUS, RIP,

NTP, SNMP, SYSLOG, SMTP

IPX router

LAN interfaces

WAN interfaces

IP ma

squer

adin

g

VPN services

LANCAPI

connection via LAN/Switch

WLAN-2

Filter

Filt

er

Filt

er

IPX over PPTP/

VPN

Enc

ry

pti

on:

802.11i

/WP

A

/WE

P