Example Of A Common Nat Configuration; Ip Firewall Filters - Nortel Enterprise Edge 2.0 Programming Manual

Example of a common NAT configuration

An Enterprise Edge has two LANs and a WAN. The WAN connects to the outside
and has one public IP address. The LANs are part of a private network. The system
allows outgoing traffic but only HTTP traffic is allowed in. LAN1 subnet is
10.10.10.0, LAN2 is 10.10.11.0. The WAN address is 48.123.35.41. The web
server address is 10.10.10.4.
The rules would be as follows:
Rule1
Direction: Out
Protocol: TCP/UDP
Private IP Address: 10.10.0.0
Private IP Type: Fixed
Private IP Mask: 255.255.0.0
Private Port Range: All
Public IP Address: 48.123.35.41
Public IP type: Fixed
Public IP mask: 255.255.255.255
Public Port Range: ALL
a. Mapping 8080 to the HTTP port on 10.10.10.4.

IP Firewall Filters

The Enterprise Edge IP Firewall Filters feature is one of the security features
Enterprise Edge offers to protect your network against intruders. The security and
firewall features are also used for controlling what outside resources your users will
be able to access. The following features are part of the Enterprise Edge firewall:
• Basic (stateless) Packet Filter
• Stateful Packet Filters
The DNS proxy also carries security features because it keeps all of the internal IP
addresses from external web servers. For information on DNS proxy, see
page 199.
Note: For information on using filters for IPX routing, see
208.
Packet filtering
A packet filter is a firewall facility that can monitor the state of active connections
and use this information to determine which network packets to allow through the
firewall.
P0911588 Issue 01
Configuring Enterprise Edge Services 235
Rule 2
Direction: In
Protocol: TCP
Private IP Address: 10.10.10.4
Private IP Type: Fixed
Private IP Mask: 255.255.255.255
Private Port Range: HTTP
Public IP Address: 48.123.35.41
Public IP type: Fixed
Public IP mask: 255.255.255.255
a
Public Port Range: 8080
Enterprise Edge 2.0 Programming Operations Guide
DNS on
IPX Routing on page