1. Manuals
  2. Brands
  3. Lancom Manuals
  4. Network Hardware
  5. 7100 VPN
  6. Manual

Lancom 7100 VPN Manual page 61

Hide thumbs
Table of Contents

Advertisement

LANCOM 7100 VPN – LANCOM 9100 VPN
Chapter 8: Security settings
60
mitted via the IP router. Direct data connections via the bridge are not
protected by the firewall!
Are you using a 'deny all' firewall strategy?
Maximum security and control is initially achieved by denying all data
traffic from passing the firewall. The only connections to be accepted by
the firewall are those that are to be explicitly permitted. This ensures that
Trojan horses and certain types of e-mail virus are denied communication
to the outside. Activate the firewall rules in LANconfig under 'Firewall/
QoS' on the 'Rules' tab. Instructions on this are to be found in the refer-
ence manual.
Have you activated IP masquerading?
IP masquerading refers to the concealment of local computers while they
access the Internet. All that is revealed to the Internet is the IP number of
the router module of the device. The IP address can be fixed or dynami-
cally assigned by the provider. The computers in the LAN then use the
router as a gateway and are not visible themselves. The router separates
the Internet from the intranet like a wall. The application of IP masquer-
ading is set in the routing table for every route individually. The routing
table can be found in the LANconfig in the configuration area 'IP router'
on the 'Routing' tab.
Have you used filters to close critical ports?
The firewall filters in LANCOM devices offer filter functions for individual
computers or entire networks. It is possible to set up source and destina-
tion filters for individual ports or port ranges. Furthermore, filters can be
set for individual protocols or any combination of protocols (TCP/UDP/
ICMP). It is especially convenient to set up the filters with the aid of
LANconfig. Under 'Firewall/QoS', the 'Rules' tab contains the functions for
defining and editing filter rules.
Have you excluded certain stations from accessing the device?
A special filter list can be used to limit access to the device's internal func-
tions via TCP/IP. The phrase "internal functions" refers to configuration
sessions via LANconfig, WEBconfig, Telnet or TFTP. As standard this table
contains no entries, meaning that computers with any IP address can use
TCP/IP and Telnet or TFTP to commence accessing the device. The first time
an IP address is entered with its associated netmask, the filter is activated
and only the IP addresses contained in this entry are entitled to make use
of internal functions. Further entries can be used to extend the circle of

Advertisement

Table of Contents
loading

Related Manuals for Lancom 7100 VPN

Related Products for Lancom 7100 VPN

This manual is also suitable for:

9100 vpn

Table of Contents