Manualshelf

Operation Manual

ManualsBrandsAVM ManualscomputerISDN MultiProtocol Router for Windows 2000 ADSL
51525354555657585960
Special NT/MPRI Settings
53 NT/MPRI – 4 Special NT/MPRI Settings
4 Special NT/MPRI Settings
This chapter contains information on NT/MPRI settings which are not
necessary for smooth operation or which apply only to certain types of
applications.
First the variety of filters that can help you protect your network against
unauthorized access is discussed. Later in this section you will find in-
structions for using the NT/MPRI with leased lines.
4.1 Filters
Filters are used both to prevent unauthorized intrusion into the net-
work—from the Internet, for example—and to select which data and
services are available for access from outside the LAN. This selective
access also helps to minimize connection costs. The NT/MPRI offers
extensive filtering options in the “Security” menu.
The various filter options for IP and IPX are explained in more detail in
the following section.
IP Filters (Firewall)
The NT/MPRI offers the following packet filtering instances for your IP
network: global input and output filters, destination-specific input and
output filters, and the forwarding filter. In each of these instances rules
can be set to define how the NT/MPRI handles incoming and outgoing
packets and packets to be forwarded to other networks. The possible
actions in each case are “Deny”, “Reject” or “Accept”. Thus communi-
cation can be limited to certain specified stations. The use of certain
services, likeWWW for access to the World Wide Web, can also be
limited to specified stations in the network.
Because filters definitions are constructed of multiple instances, they
provide extremely flexible and far-reaching protection. The kind of
packet filtering in the NT/MPRI is one approach to constructing what is
known as a firewall, a protective screen around your network.
The filter instances of the NT/MPRI have the following duties:
l Destination Input Filter: checks packets arriving at the NT/MPRI
from a certain call destination over ISDN.
l Destination Output Filter: checks packets about to be sent from
the NT/MPRI to a certain call destination.
ntmpri-e.book Seite 53 Donnerstag, 28. Februar 2002 11:26 11