Ip settings for setups behind a firewall – Compatible Systems IntraPort A00-1869 User Manual
Page 29
Chapter 6 - Basic Configuration Guide
23
Use the IP Connection Dialog Box to set address parameters for Ethernet 1:0, 3:0, 5:0
and 7:0. These Ethernet interfaces do not have any other settings available because they
only handle IPSec traffic and do not do routing.
Use the IPSec Gateway Dialog Box (under Global/IPSec Gateway) to set the IPSec
Gateway address. The IPSec Gateway must be on the same IP network as Ethernet 1:0,
3:0, 5:0 and 7:0.
TB: Use
the
configure command and set the IPAddress, SubnetMask and IPBroadcast
keywords, and either the RIPVersion keyword or the OSPFEnabled keyword, in the
IP Ethernet 0:0, IP Ethernet 2:0, IP Ethernet 4:0 and IP Ethernet 6:0 sections.
Use the configure command and set the IPAddress, SubnetMask and IPBroadcast
keywords in the IP Ethernet 1:0, IP Ethernet 3:0, IP Ethernet 5:0 and
IP Ethernet 7:0 sections. No other keywords should be configured for these sections.
Use the configure command and set the IPSecGateway keyword in the General
section.
IP Settings for Setups Behind a Firewall
If setting up the IntraPort-8 behind a firewall, you need to set some basic IP parameters for
Ethernet 0:0, 2:0, 4:0, and 6:0. Ethernet 1:0, 3:0, 5:0 and 7:0 are not used and should not be
connected to anything.
•
IP address (default = 198.41.12.1)
•
IP subnet mask (default = 255.255.255.0)
•
IP broadcast address (default = 198.41.12.255)
•
RIP 1, RIP 2 or OSPF (Open Shortest Path First) for Ethernet 0:0 only
•
IP gateway for Ethernet 0:0, 2:0, 4:0, and 6:0.
CV:
Use the TCP/IP Routing: Ethernet Dialog Box to set the IP address, subnet mask, broad-
cast address and IP routing protocol for Ethernet 0:0, 2:0, 4:0, and 6:0. OSPF can only
be configured using text-based configuration.
Use the IP Static Routing Dialog Box (under Global/IP Static Routes) to set an IP
gateway.
TB:
Use the configure command and the IPAddress, SubnetMask, and IPBroadcast
keywords in the IP Ethernet 0:0, IP Ethernet 2:0, IP Ethernet 4:0 and
IP Ethernet 6:0 section.
Use the edit config command and set an IP gateway, in the IP Static section.
v Note: The gateway address would typically be an interface on a firewall. It must be on the
same TCP/IP network as Ethernet 0:0, IP Ethernet 2:0, IP Ethernet 4:0 and IP Ethernet 6:0.
With this setup, you must configure the firewall to allow:
• UDP port 500 (ISAKMP)
• Protocol number 50, which is the AH (Authentication Header) protocol packet type
- and/or -
• Protocol number 51, which is the ESP (Encapsulating Security Payload) protocol packet
type