Configure firewall – Perle Systems PERLE P850 User Manual

Applications

51

Configure Firewall

The P850 provides Firewall security for restricting access between any two

networks connected through the router. Firewalls are set up on a per

connection basis for the LAN and remote sites. The direction of filtering is

from the perspective of the P850; incoming traffic is from the network in

question to the P850, outgoing is from the P850 to the network. The

direction of filtering may be set to incoming, outgoing, both or none. Once

the direction of filtering for a connection has been set, holes may be created

in the firewall to allow specified traffic through. Normally, the LAN firewall

is used for restricting intranet traffic (connections within the corporate

network) and remote site firewalls are used to limit access from less trusted

sources, such as the Internet or dial-up links.

Figure 2-10 Sample Firewall Application

The above diagram shows a corporate head office network, which is

connected, to the Internet with an P850. There is also a branch office

at a remote site connected with a Digital Leased link. The

administrator at the corporate head office wishes to set up an IP

firewall to allow everyone on the Internet to have access to the

corporate FTP and Web servers and nothing else. The administrator

Internet

Router with
firewall enabled.

Corporate Head
Office Network
195.100.1.0

Branch Office
Network
195.100.2.0

Any other network
any IP address

Main FTP server: 195.100.1.12
Main Web server: 195.100.1.20