9. USING A SECOND IPRC TO "STRADDLE" THE FIREWALL (NAT)
9.1
Because the Axxess system supports multiple IPRCs, one option for supporting IP end-
points from the Internet is to add an IPRC and connect its Ethernet port outside the firewall
(NAT) to a DMZ or the Internet itself. See the following diagram.
9.2
There are some considerations when using an additional IPRC:
•
The recommended connection for the external IPRC is in a DMZ so that it is protected
from security and denial-of-service (DOS) attacks from the Internet.
•
All IPRCs used for IP networking must be on the same subnet.
•
Although it may appear that this configuration introduces a security vulnerability by
bypassing the firewall, there is no mechanism for Internet data to traverse the Axxess
backplane.
•
A "mobile" IP endpoint, such as the Model 8602 (sometimes inside and sometimes out-
side), may not work well with this topology.
Using a Second IPRC to "Straddle" the Firewall (NAT)
®
®
INTER-TEL
AXXESS
MANUAL VERSION 11.0 – May 2008
Appendix F – Network Topology
Page F-13