User's Manual
Avaya Branch Gateway Manager 10.0 Page 370
15-601011 Issue 29r (Friday, November 02, 2012)B5800 Branch Gateway
5.16 Firewall Profile
The system can act as a firewall, allowing only specific types of data traffic to start a session across the
firewall and controlling in which direction such sessions can be started.
· Static NAT
The system supports Static NAT address translation by a firewall profiles. If the Firewall Profile
contains any Static NAT records, all packets received by the firewall must match one of those static
NAT records to not be blocked.
System firewall profiles can be applied in the following areas of operation:
· System
A firewall profile can be selected to be applied to traffic between LAN1 and LAN2.
· User
Users can be used as the destination of incoming RAS calls. For those users a firewall profile can be selected on
the user's Dial In tab.
· Service
Services are used as the destination for IP routes connection to off-switch data services such as the internet. A
Firewall Profile can be selected for use with a service.
If Network Address Translation (NAT) is used with the firewall (which it typically is), then you must also configure a
Primary Incoming Translation Address (see IP tab of the Service configuration form) if you wish sessions to be
started into your site (typically for SMTP) from the Internet.
374
153
290
290
337
340