Intel 9515 - Manuals - manualsarea.com

Page 2 - Copyright

INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL  PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TOANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT.EXCEPT AS PROVIDED IN INTELS TERMS AND CONDITIONS OF SALE FOR SUCHPRODUCTS, INTEL ASSUMES NO LIABILIT...

Page 3 - DMZ Firewall Solution for the Express Router; Table of Contents

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 2 Table of Contents 1 Introduction ............................................................................................................................3 1.1 About This Document ....................................................

Page 4 - Introduction; About This Document

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 3 1 Introduction 1.1 About This Document This document explains how to configure a secure Internet solution using the second LANinterface of the Intel  Express router as a DMZ. The DMZ setup is explained through the use of two exampl...

Page 5 - IP Filters in the Express Router; General Setup and Considerations; Address

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 4 The purpose of this setup is to prohibit any direct data transmission between the Internet and thesecure network. All data must go through proxy servers on the DMZ. We recommend that you set up the DMZ on the LAN2 (10 Mbps) port and...

Page 6 - Access

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 5 2.2 Routing Setup Do not use RIP on the WAN interface or the DMZ interface. This prevents intruders fromcorrupting the routing table. If there is more than one internal network, the router must not be used as primary gatewaybecause ...

Page 7 - DMZ Single IP Address Solution; must configure NAT entries and filters accordingly.; Static Routing Setup; Configure static routing as follows:

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 6 3 DMZ Single IP Address Solution This solution explains how to set up a DMZ solution when the Internet service provider (ISP) hasassigned a single IP address to your network. Intel Express Router HTTP/FTP (Web) server 10.2.0.1 Mails...

Page 8 - Note; The order of the NAT entries is important.; Entry; External port; IP Filters Setup

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 7 Note The order of the NAT entries is important. NAT entries are defined as follows: Entry Function Settings 1 Directs all incoming HTTPrequests to the Web server. Mapping type: Static Port (Single IP) Internal address: 10.2.0.1 Inte...

Page 10 - Filter

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 9 Filter Function Settings Src. address: 10.2.0.2 Src. port: = 80 2 Allows FTP (only passive connections)from secure LAN to the FTP proxyserver on the DMZ (see note 1). Two filters are required. Action: Pass Protocol: TCP TCP flags: A...

Page 18 - DMZ Multiple IP Address Solution; must configure NAT accordingly.; IP Address Assignment

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 17 4 DMZ Multiple IP Address Solution This solution explains how to set up a DMZ when the ISP supplies you with multiple IPaddresses. In the example, the ISP has assigned the site a range of IP addresses: 193.84.251.0 to193.84.251.7 (...

Page 19 - Static; IP Filters Setup

DMZ Firewall Solution for the Express Router 07-12-99 Version 1.0 18 4.3 Network Address Translation (NAT) Because the secure private networks on LAN1 use public IP addresses (89.20.0.0 and 90.20.0.0),configure NAT to translate these addresses to private IP addresses. For example, NAT willtranslate ...