Manualshelf

Specifications

ManualsBrandsCharles ManualsComputer equipment3641-80
12345678910
Section 364-180-202
7
check data on the LAN and determine if it is to be routed to the remote LAN. This requires the configuring
of routing information protocol (RIP) tables unless static routing tables are used. The LAN general feature
set can be provisioned as desired. An IP address is required for both the LAN side interface and the WAN
side interface. The WAN interface is normally configured for PPPoH with no authentication since the
network is private. For more detailed information on the provisioning of the router, see the Quick Start-up
reference guide and script library.
3.4 Firewall Protection from Internet Service Provider
For applications that will feed directly into the Internet (through a service provider) the router can provide
firewall protection. This is done through filtering, translation and intrusion detection. The router can
translate IP addresses (NAT) and ports (NAPT) to reduce visibility of the LAN and therefore protect the
LAN. The router is normally configured as a router to eliminate transmission of local LAN traffic to the
WAN. The LAN general feature set can be provisioned as desired. An IP address is required for both the
LAN side interface and the WAN side interface. The WAN interface is normally configured for PPPoH with
no authentication to the service provider. If authentication for the PPPoH link is needed, the router
through ICMP using PAP or CHAP provides it. Another option for the WAN is frame relay. The WAN
frame relay interface can be configured for either frame relay bridge or frame relay routed. This would
depend on the type of frame relay service provided by the service provider. For more detailed information
on the provisioning of the router, see the Quick Start-up reference guide and script library.
3.5 Virtual Private Network through an Internet Service Provider
For applications that require virtual private networks (VPNs) through the Internet, connection to the
Internet is shown in figure 5. In this application the T1/E1 timeslots containing the data from the router are
sent to an Internet Service Provider (ISP) and interfaced to the Internet.
360-80
LAN
Ethernet
R
O
U
T
E
R
T1/E1
Internet
Figure 5. Broadband Connection to an ISP Application
The router provides multiple tunneling protocols (PPTP, L2TP) and the ability to encrypt the data using
GRE. Encryption is done using the IP Security feature of the router. With this feature the router provides
certification, keys (IKE) and different methods of encryption to ensure security across the public network.
The VPN feature is normally used in conjunction with the firewall feature to protect the LAN. The router is
normally configured as a router to eliminate transmission of local LAN traffic to the WAN. The LAN
general feature set can be provisioned as desired. An IP address is required for both the LAN side
interface and the WAN side interface. The WAN interface is normally configured for PPPoH with no
authentication to the service provider. If authentication for the PPPoH link is needed, the router through
ICMP using PAP or CHAP provides it. Another option for the WAN is frame relay. The WAN frame relay
interface can be configured for either frame relay bridge or frame relay routed. This would depend on the
type of frame relay service provided by the service provider. For more detailed information on the
provisioning of the router, see the Quick Start-up reference guide and script library.