Table of Contents
Advertisement
®
Configuring the SLC
ConnectReach
Using the Configuration Commands
Configuring the Default Firewall
Introduction
™
System
The SLC ConnectReach system incorporates IP filtering firewall technology. For
most installations, configuring the firewall is extremely simple. The SLC
ConnectReach system allows two standard firewall configurations. However, if an
installation has special requirements, the firewall configuration can be customized
(see Appendix C, Custom Firewall Configurations).
NOTE:
For all IP filtering used in conjunction with NAT, you must use the NATed IP
addresses in filters, not the original IP addresses.
IP Filtering
When IP filters are configured, the SLC ConnectReach system examines every
LAN or WAN packet and either permits or denies the packet based on filter
settings.
The SLC ConnectReach system's IP packet filtering consists of four groups of IP
filters (sometimes called access lists): any group can be either an inbound filter
group or an outbound filter group. Each IP filter group combines up to sixteen IP
filters (access lists) and a default (generic) action. Group 1 contains filter 1
through filter 16, group two contains filter 17 through filter 32, group 3 contains
filter 33 through filter 48, and group 4 contains filter 49 through 64.
An IP filter defines a set of conditions and the action to be taken (permit or deny) if
all the filter conditions are met. The default action (permitAll or denyAll) handles
the case of an IP packet that does not meet the conditions in this IP filter group. If
an IP packet is for the SLC ConnectReach system (for example, HTTP or Telnet
sessions), then the default action for this packet is always "pass." In other words,
if none of the filters inside the inbound filter group match, then the SLC
ConnectReach system will process this IP packet.
When no filters are defined for any inbound or outbound IP filter groups and the
default action is permitAll, then the SLC ConnectReach system does not examine
packets.
NOTE:
Changing the default action for any of the four filter groups will change the
default action for the other three filter groups as well.
The order by which filters are applied is important. In any given filter group, all
filters are examined in consecutive order, with filter 1 having the highest priority
and filter 16 having the lowest priority.
(Continued on next page)
Issue 4
June 2002
4-127
363-208-050
Advertisement
Chapters
Table of Contents
Related Manuals for Lucent Technologies SLC ConnectReach
Related Products for Lucent Technologies SLC ConnectReach
- Lucent Technologies FrameSaver SLV 9126
- Lucent Technologies FrameSaver SLV 9128
- Lucent Technologies SLC-2000 Access System Central Office Terminal
- Lucent Technologies SLC 5 Series
- Lucent Technologies Merlin Legend SP34D
- Lucent Technologies Stinger STGR-LIM-AP-48
- Lucent Technologies Stinger STGRCR-LIM-AP-48
- Lucent Technologies Stinger FS
- Lucent Technologies Stinger STGR-LIM-AP-72
- Lucent Technologies Stinger STGR-LIM-A2P-72
- Lucent Technologies Stinger STGR-LIM-A2P-72-HB
- Lucent Technologies STM-4 L4.2
- Lucent Technologies Stinger STGR-LIM-AC-48
- Lucent Technologies Stinger MRT
- Lucent Technologies Stinger STGR-LIM-48
- Lucent Technologies SI-L4.2/1