Forwarding rules, How forwarding rules works, Example – Polycom V2IU 4350 User Manual

User Manual V

2

IU 4350 Converged Network Appliance

3 - 40

Forwarding Rules

Forwarding Rules allows a system administrator to forward data traffic for a
subnet from one interface to another, overriding the Firewall’s default drop
rules.
Allowing a subnet to be forwarded is commonly used when servers with
public addresses are placed behind the system. Configuring the network in
this way allows the system to manage and prioritize bandwidth, sharing it
between the VoIP services and the servers.

How Forwarding Rules Works

When forwarding, one address from the forwarded range of addresses must
be assigned to the rule's output interface. The Polycom V

2

IU 4350 uses this

address to act as a gateway router for the subnet. The address may be
assigned using the Subinterfaces page.
Note:

The subnet and forwarded addresses are not protected by the firewall.

A similar method for forwarding traffic is provided by Proxy ARP. Proxy ARP
is used to “bridge” addresses within a single subnet range from one interface
to another. Often this is used to bridge and forward a public address to the
protected side of the system without having to subnet the public address
range. Proxy ARP does not require an additional gateway address on the sys-
tem for the subnet, but does not allow port and protocol filtering for for-
warded data.

Example

In this example:

•

The ISP has supplied two separate subnets to the customer:

— A small one (2 hosts) for the WAN link

— A large one (254 hosts) for a bank of servers

•

67.40.41.2 is the WAN IP address for the Polycom V

2

IU 4350

•

NAT is a private IP range of 192.168.1.xxx using the WAN address for PCs
and Phones

•

On the LAN side of the Polycom V

2

IU 4350 are the following:

— Private IP subnet (192.168.1.xxx)
— Public IP subnet (67.40.40.xxx)

This is shown below.