Network Router - Wireless Network Device User Manual
Table Of Contents
- Introduction
- Getting Started
- Configuring the V2IU 4350
- Configuration Guide For IP Centrex Applications
- Configuration Guide For Station Side IP PBX Applications
- Configuration Guide For Trunk Side IP PBX Applications
- Configuration Guide For Hosted Video Applications
- Configuration Guide For Enterprise Video Applications
- System Configuration
- Read-only User
- Subinterfaces
- ToS Byte Setting
- H.323 Configuration
- Forwarding Rules
- Peering Proxy
- Clients List Lock
- H.323 Activity Monitor
- VoIP Configuration
- Data Networking Configuration
- Traffic Management Configuration
- System Diagnostics
- Saving and Restoring the V2IU 4350 Configuration
- Upgrading the V2IU 4350
- Appendix
- Regulatory Notices
User Manual V
2
IU 4350 Converged Network Appliance
3 - 66
The 4350 uses a Stateful Packet Inspection (SPI) firewall to protect data devices
installed behind the LAN interface. Voice devices are protected by the 4350
Application Layer Gateway (ALG) as described in VoIP Configuration.
The firewall is enabled by default. The default behavior of the firewall is to:
• deny all traffic originating from the WAN
• allow all traffic originating from the LAN
• allow only return traffic for connections that originated from the LAN
• deny all traffic originating from the WAN to the 4350 itself
• allow all traffic originating from the LAN to the 4350
The default behavior can be modified using the basic and advanced settings
fields on the firewall configuration page. We recommend that you use the 4350
firewall, however it can be disabled if the 4350 is installed behind an existing
legacy firewall.
Enable or disable the firewall
1. Select Firewall.
2. Use the Enable Firewall checkbox to either enable or disable the firewall.
3. Select Submit.
Configure Basic settings
To allow or deny HTTP, Telnet and SSH traffic originating from the WAN to
the 4350 simply use the checkboxes provided in the basic settings area of the
firewall configuration page. By default, access from the WAN into the 4350 is
disabled.
1. Select Firewall.
2. Use the three Allow access from WAN side checkboxes to enable or
disable HTTP, Telnet, and/or SSH access from IP devices on the WAN
side of the 4350.
3. Select Submit.
Configure Advanced Settings
A comprehensive security policy can be created using the advanced settings of
the 4350 firewall. The policy actions that can be taken on any packet processed
by the 4350 are summarized in the following table:
Warning
Denying HTTP, Telnet or SSH traffic from the WAN may result in losing
management connectivity to the 4350 if you are configuring the system remotely
using the WAN link.