Manualshelf

Specifications

ManualsBrandsMDS ManualsComputer equipmentOrbit MCR-4G
41424344454647484950
MDS 05-6628A01, Rev. A MDS Orbit MCR-4G Technical Manual 41
Firewall and NAT
Understanding
The MCR incorporates a firewall service that provides the following functionality:
1. Packet filtering to permit or deny incoming or outgoing traffic on an interface.
2. Network Address Translation (NAT)
Source NAT - Masquerading
Destination NAT – Port Forwarding
Packet Flow
This section provides a simplified view of packet flow for various categories of traffic flows going in and
out of the MCR unit. Figure 16 shows the flow of packets terminating at MCR. For example, device man-
agement traffic using SSH or NETCONF protocol terminating at local device management process within
the MCR unit.
Invisible place holder
Figure 16. Packets Terminating at MCR
Figure 17 shows flow of packets originating from the MCR unit. For example, DNS queries and/or VPN
connection setup traffic originating from local VPN service within the MCR unit.
Invisible place holder
Figure 17. Packets Originating from MCR
Figure 18 shows the flow of packets being forwarded (routed) through the MCR unit. For example, IP
packets arriving inside IPsec VPN tunnel, being routed from cellular WAN to the local Ethernet interface.
Invisible place holder
Figure 18. Packets Being Forwarded Through MCR