Specifications
MBG Engineering Guidelines, Release 8.0
Warning: The local networks configuration serves as both application access control and as static
routing configuration.
Note: Local Networks is a feature of MSL. Refer to the MSL documentation for a full description of its
capabilities.
Mitel Border Gateway in a DMZ
The Mitel Border Gateway can also be deployed behind a customer-provided or customer-managed firewall as
shown in Figure 3. This firewall must have 3 network interfaces (ports): WAN, LAN, and DMZ. Two-port firewalls
are not supported. It should also be noted that some “DSL routers” with “DMZ” port forwarding are simply two-
port NAT devices and should be treated as any other two-port firewall. Deployment of the Mitel Border Gateway
behind such devices is not supported.
MBG requires one network interface and two addresses for this configuration. The interface must be configured
with a static address allocated from the DMZ network range. This is typically an RFC 1918 “private” address. The
enterprise firewall must be configured with an address allocated from the public/Internet range. This address
must be:
1. reachable from the public network/Internet
2. reachable from the internal network/LAN
5
Figure 3: MBG deployed in a DMZ