2 system design – Lancom Systems LCOS 3.50 User Manual
Page 13
̈
Chapter 2: System design
LANCOM Reference Manual LCOS 3.50
13
Sy
stem design
2 System design
The LANCOM operating system LCOS is a collection of different software mod-
ules, the LANCOM devices themselves have different interfaces to the WAN
and LAN. Depending on the particular application, data packets flow through
different modules on their way from one interface to another.
The following block diagram illustrates in abstract the general arrangement
of LANCOM interfaces and LCOS modules. In the course of this reference man-
ual the descriptions of the individual functions will refer to this illustration to
show important connections of the particular applications and to deduce the
resulting consequences.
The diagram can thus explain for which data streams the firewall comes into
play, or, in case of address translations (IP masquerading or N:N mapping), at
which place which addresses are valid.
Notes regarding the respective modules and interfaces:
̈
The IP router takes care of routing data on IP connections between the
interfaces from LAN and WAN.
̈
The firewall (with the services “Intrusion Detection”, “Denial of Service”
and “Quality of Service”) encloses the IP router like a shield. All connec-
tions via the IP router automatically flow through the firewall as well.
̈
LANCOM devices provide either a separate LAN interface or an integrated
switch with multiple LAN interfaces as interfaces to the LAN.
Firewall / IDS / DoS / QoS
IP router
LAN b
rid
ge wi
th
“i
sola
te
d mode
”
Vir
tua
l LAN
s (VLAN)
N:N m
appin
g
ISDN
ADSL
DSL
LAN / Switch
WLAN-1
DMZ
DSLoL
Configuration &
management:
WEBconfig, Telnet,
VPN / PPTP
DH
CP cli
en
t / PP
P
IP module: NetBIOS, DNS,
DHCP server, RADIUS, RIP, NTP,
SNMP, SYSLOG, SMTP
IPX router
LAN interfaces
WAN interfaces
IP masq
ue
ra
din
g
VPN services
LANCAPI
connection via LAN/Switch
WLAN-2
Filter
Filter
Filter
IPX over PPTP/VPN
En
cr
ypt
ion
:
802.11i/WP
A
/WEP