Table of Contents
Advertisement
Inciming Policy
Database
Transit
traffic
policies
For firewall to kick in, the IP interfaces need to be registered with security
(maps/ virtual firewall). It is necessary that at least one interface be registered
for untrusted side(internet) and one for trusted side. Then, any interface in the
router which can be a source/destination for traffic to/from the untrusted
interface MUST be registered with security.
Typical Firewall Configuration (Three Legged Firewall
Network)
A small firm has divided its corporate network into two security zones.
1.
corp(private network of the firm)
2.
dmz(web and mail servers exposed to internet)
© SAMSUNG Electronics Co., Ltd.
Corp
Firewall
Outing Policy
Database
Self
Transit
Self
Transit
traffic
traffic
traffic
traffic
policies
policies
policies
policies
Figure 23.1 Virtual Firewall
Ubigate iBG3026 Configuration Guide/Ed.00
Firewal
dmz
Firewall
Inciming Policy
Outing Policy
Database
Database
Self
Transit
Self
traffic
traffic
traffic
policies
policies
policies
internet
Firewall
Inciming Policy
Outing Policy
Database
Database
Transit
Self
Transit
traffic
traffic
traffic
traffic
policies
policies
policies
policies
Self
233
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
