3 - configure firewall – Perle Systems IOLINK-520 User Manual

Applications

2.48 — IOLINK-520 & IOLINK-PRO Installation & Applications Guide

2.4.3.3 - Configure Firewall

The IOLINK-520 & IOLINK-PRO provide Firewall security for restricting access between

any two networks connected through the router. Firewalls are set-up on a per connection

basis for the LAN and remote sites. The direction of filtering is from the perspective of the

IOLINK router; incoming traffic is from the network in question to the IOLINK router,

outgoing is from the IOLINK router to the network. The direction of filtering may be set to

incoming, outgoing, both or none. Once the direction of filtering for a connection has been

set, holes may be created in the firewall to allow specified traffic through. Normally, the

LAN firewall is used for restricting intranet traffic (connections within the corporate network)

and remote site firewalls are used to limit access from less trusted sources, such as the Internet

or dial-up ISDN links.

The following diagram shows a corporate head office network, which is connected, to the

Internet with an IOLINK router. There is also a branch office at a remote site connected

with a leased link. The administrator at the corporate head office wishes to set-up an IP

firewall to allow everyone on the Internet to have access to the corporate FTP and Web

servers and nothing else. The administrator also wishes to allow all of the TCP traffic from

the branch office network to have access to the head office. Anyone in the corporation may

have unrestricted access to the Internet.

Figure 2 -13 Sample Firewall Application

The following steps must be performed on the IOLINK-520 & IOLINK-PRO to set-up

the firewall support as desired.

Internet

Router with

firewall enabled.

Corporate Head

Office Network

195.100.1.0

Branch Office

Network

195.100.2.0

Any other network

any IP address

Main FTP server: 195.100.1.12

Main Web server: 195.100.1.20