Application Note. Connecting Networks



Similar documents
Application Note. SIP Domain Management

Application Note Startup Tool - Getting Started Guide

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Enabling NAT and Routing in DGW v2.0 June 6, 2012

Skype Connect Getting Started Guide

Configuring a LAN SIParator. Lisa Hallingström Paul Donald Bogdan Musat Adnan Khalid Per Johnsson Rickard Nilsson

Configuration Aid To Ingate Firewall/SIParator - How To Move Configurations Between Ingate Units

Howto: Changing Password for an Ingate Firewall 1450/1500/1550/1600/1650/1900 or Ingate SIParator 45/50/55/60/65/90

Appendix IP CAMERA Network Connections

Configuration Aid To Ingate Firewall/SIParator - Using Your Own SIP Domain. Lisa Hallingström Paul Donald

Supporting Multiple Firewalled Subnets on SonicOS Enhanced

Application Note Multiple SIParator Distribution

Document No. FO1004 Issue Date: Draft: Work Group: FibreOP Technical Team July 23, 2013 Final: Single Static IP Customer Owned LAN Router Support

ThinkTel. IN Date : May 2013 Product: ShoreTel Ingate ThinkTel System version: ShoreTel 13.x

Installation of the On Site Server (OSS)

How to access peers with different VPN through IPSec. Tunnel

ShoreTel, Ingate & XO for SIP Trunking

SIP Trunking Configuration. Lisa Hallingström Paul Donald Bogdan Musat Adnan Khalid Per Johnsson Rickard Nilsson

Custom Integration Solutions

ShoreTel, Ingate & Broadvox for SIP Trunking

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

TelePacific I n n o v a t i o n

Configuring a VPN for Dynamic IP Address Connections

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

Using IPsec VPN to provide communication between offices

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

EXINDA NETWORKS. Deployment Topologies

Setting up D-Link VPN Client to VPN Routers

Networking Basics for Automation Engineers

enable: no, log: by-profile enable: no, log: by-profile enable: no, log: by-profile

Session Title: Exploring Packet Tracer v5.3 IP Telephony & CME. Scenario

Changing Password for Ingate Firewalls/SIParators Rickard Nilsson

Configuration Guide For Use with tipicall s SIP Trunking Service

Vega 100G and Vega 200G Gamma Config Guide

Routing concepts in Cyberoam

ASA/PIX: Load balancing between two ISP - options

Setting up VPN connection: DI-824VUP+ with Windows PPTP client

Virtual Server in SP883

Application Notes for the Ingate SIParator with Avaya Converged Communication Server (CCS) - Issue 1.0

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

How to Set Up an IPsec Connection Between Two Ingate Firewalls/SIParators (including SIP)

How to set up Inbound Load Balance under Drop-in Mode

Configuring a customer owned router to function as a switch with Ultra TV

Sample Configuration Using the ip nat outside source list C

Port forwarding and viewing your IP camera from the internet

Digi Connect WAN Application Guide Using the Digi Connect WAN and Digi Connect VPN with a Wireless Router/Access Point

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

How to Set Up an IPsec Connection with RADIUS Authentication (with SIP)

Sample Configuration Using the ip nat outside source static

VPN PPTP Application. Installation Guide

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

LAB Configuring NAT. Objective. Background/Preparation

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

IP-6600 Router Configuration Quickstart Backing Up a Broadband Connection with Dialup

P-791R v2. Quick Start Guide. G.SHDSL.bis Router DEFAULT LOGIN. Administrator Password User Password. Version /2007 Edition 1

How to Set Up an IPsec Connection To a Road Warrior (with SIP) Lisa Hallingström Paul Donald Bogdan Musat Adnan Khalid Per Johnsson Rickard Nilsson

How do I configure multi-wan in Routing Table mode?

Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall

IP Filter/Firewall Setup

EarthLink Business SIP Trunking. Shoretel IP PBX Customer Configuration Guide

VPN L2TP Application. Installation Guide

How To Guide. SIP Trunking Configuration Using the SIP Trunk Page

TPP Date: May, 2012 Product: ShoreTel Ingate VoIP Unlimited System version: ShoreTel 11.2

Technology Spotlight on Cellular Data Networking for SCADA system networks. Presented by Teamwork Solutions, Inc.

For extra services running behind your router. What to do after IP change

1 PC to WX64 direction connection with crossover cable or hub/switch

VPN Tracker for Mac OS X

Application Description

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

NAS 224 Remote Access Manual Configuration

Application Note Configuring the UGate 3000 for use with ClipMail Pro and ClipExpress

Document No. FO1001 Issue Date: Draft: Work Group: FibreOP Technical Team October 1, 2013 Final:

Configuring Static IP for your Pace Devices

Chapter 5 Customizing Your Network Settings

Quick Note 20. Configuring a GRE tunnel over an IPSec tunnel and using BGP to propagate routing information. (GRE over IPSec with BGP)

How Subnets Work in Practice. Fred Marshall Coastal Computers & Networks

P Quick Start Guide. VoIP Analog Telephone Adaptor DEFAULT LOGIN. IP Address Password Version /2007 Edition 1

How To Block On A Network With A Group Control On A Router On A Linux Box On A Pc Or Ip Access Group On A Pnet 2 On A 2G Router On An Ip Access-Group On A Ip Ip-Control On A Net

Chapter 4 Customizing Your Network Settings

How to establish a Leased Line Connection

< Introduction > This technical note explains how to connect New SVR Series to DSL Modem or DSL Router. Samsung Techwin Co., Ltd.

nexvortex Setup Template

LAN TCP/IP and DHCP Setup

Fireware How To Network Configuration

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

Knowledgebase Solution

Configuration Example

Packet Filtering using the ADTRAN OS firewall has two fundamental parts:

Chapter 3: IP Addressing and VLSM

Successful IP Video Conferencing White Paper

Transitioning to BGP. ISP Workshops. Last updated 24 April 2013

co Sample Configurations for Cisco 7200 Broadband Aggreg

SUBNETTING SCENARIO S

In this section you will find information on the following services:

SSVP SIP School VoIP Professional Certification

configure WAN load balancing

Chapter 3 Security and Firewall Protection

How to configure DNAT in order to publish internal services via Internet

Transcription:

Application Note Connecting Networks 29 April 2008

Table of Contents 1 WHAT IS A DIRECTLY CONNECTED NETWORK?... 1 2 WHAT IS A ROUTED NETWORK?... 2 3 COMMON EXAMPLES... 3 3.1 ONE DIRECTLY CONNECTED NETWORK... 3 3.1.1 Network & Computers... 3 3.1.2 Inside (Eth0) Interface... 4 3.1.3 Outside (Eth1) Interface... 5 3.2 TWO DIRECTLY CONNECTED LAN NETWORK SAME INTERFACE... 6 3.2.1 Network & Computers... 7 3.2.2 Inside (Eth0) Interface... 8 3.2.3 Outside (Eth1) Interface... 9 3.3 ROUTED LAN NETWORK... 10 3.3.1 Network & Computers... 10 3.3.2 Inside (Eth0) Interface... 11 3.3.3 Outside (Eth1) Interface... 12 3.4 ROUTED WAN NETWORK... 13 3.4.1 Network & Computers... 13 3.4.2 Inside (Eth0) Interface... 14 3.4.3 Outside (Eth1) Interface... 15 3.5 ROUTED WAN NETWORK WITH 2 INTERFACES... 16 3.5.1 Network & Computers... 16 3.5.2 Inside (Eth0) Interface... 17 3.5.3 Outside (Eth1) Interface... 18 3.5.4 Second Outside (Eth2) Interface... 19 3.6 DIRECTLY CONNECTED LAN NETWORK WITH 2 INTERFACES... 20 3.6.1 Network & Computers... 20 3.6.2 Inside (Eth0) Interface... 21 3.6.3 Outside (Eth1) Interface... 22 3.6.4 Second Inside (Eth2) Interface... 23 4 APPENDIX WAN NETWORK DEFINITION... 24 Tested versions: Ingate Firewall/SIParator/MEDIAtor version 4.6.2 Revision History: Revision Date Author Comments 1 2008-04-29 Scott Beer 1 st Release

1 What is a Directly Connected Network? A Directly Connected Network is a network physically connected to an interface on the Ingate Firewall/SIParator and which IP address(es) the Firewall/SIParator should have on that network. For example, the network address of 10.75.5.0/24 on the inside (or LAN) Ethernet Interface means there is a network containing an IP address range from 10.75.5.0 to 10.75.5.255. The Ingate inside (or LAN) interface must have an IP address within this range. The Ingate Firewall/SIParator can have more than one directly connected network, and thus the Firewall/SIParator must have an IP address on every network to which it is directly connected. This applies to all networks on the same physical network to which this interface is connected. For detailed programming instructions, please refer to the Ingate Firewall & SIParator Reference Manuals - Chapter 6: Network. Here is an example of one Directly Connected Network on both the LAN and WAN side of the Ingate Firewall/SIParator. Page 1 of 24

2 What is a Routed Network? If there is a router between the Ingate Firewall/SIParator and a network, you have to tell the SIParator how direct traffic there. If there is at least one router between the Firewall/SIParator and the network, you should enter the router IP address under Static Routes. If there is more than one router, you should enter the router located on the directly connected network for this interface. For detailed programming instructions, please refer to the Ingate Firewall & SIParator Reference Manuals - Chapter 6: Network. Page 2 of 24

3 Common Examples For detailed programming instructions, please refer to the Ingate Firewall & SIParator Reference Manuals - Chapter 6: Network. 3.1 One Directly Connected Network Here is an example of one Directly Connected Network on both the LAN and WAN side of the Ingate Firewall/SIParator. 3.1.1 Network & Computers Here, you group computers and networks. This example shows the Directly Connected Networks defined on each interface. The LAN has a range of IP addresses from 10.51.77.0 to 10.51.77.255 associated with inside (Eth0). The WAN has a range of IP addresses from 0.0.0.0 to 255.255.255.255 associated with outside (Eth1), with the exception of 127.0.0.1. Page 3 of 24

3.1.2 Inside (Eth0) Interface The inside (Eth0) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the LAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. There is no Static Routing required in this example. Page 4 of 24

3.1.3 Outside (Eth1) Interface The outside (Eth1) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the WAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. The Static Routing contains the Default Gateway information to ensure connectivity to the Internet. Page 5 of 24

3.2 Two Directly Connected LAN Network Same Interface Here is an example of two Directly Connected Networks on the LAN side of the Ingate Firewall/SIParator. Page 6 of 24

3.2.1 Network & Computers This example shows the Directly Connected Networks defined on each interface. The LAN has a range of IP addresses from 10.51.77.0 to 10.51.77.255 AND 10.51.10.0 to 10.51.10.255 associated with inside (Eth0). The WAN has a range of IP addresses from 0.0.0.0 to 255.255.255.255 associated with outside (Eth1), with the exception of 127.0.0.1. Page 7 of 24

3.2.2 Inside (Eth0) Interface The inside (Eth0) interface of the Ingate Firewall/SIParator contains TWO IP addresses on the directly connected network located on the LAN. With the Netmask for each address, the Firewall/SIParator knows the range of IP addresses that are connected. There is no Static Routing required in this example. Page 8 of 24

3.2.3 Outside (Eth1) Interface The outside (Eth1) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the WAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. The Static Routing contains the Default Gateway information to ensure connectivity to the Internet. Page 9 of 24

3.3 Routed LAN Network Here is an example of Routed Networks on the LAN side of the Ingate Firewall/SIParator. In this example there is a router located on the LAN to direct traffic to another network. 3.3.1 Network & Computers This example shows the networks defined on each interface. The LAN has a range of IP addresses from 10.51.77.0 to 10.51.77.255 AND 10.51.10.0 to 10.51.10.255 associated with inside (Eth0). The WAN has a range of IP addresses from 0.0.0.0 to 255.255.255.255 associated with outside (Eth1), with the exception of 127.0.0.1. Page 10 of 24

3.3.2 Inside (Eth0) Interface The inside (Eth0) interface of the Ingate Firewall/SIParator contains ONE IP addresses on the directly connected network located on the LAN. With the Netmask for each address, the Firewall/SIParator knows the range of IP addresses that are connected. There is also Static Routing required to direct traffic to 10.51.10.0/24 Network to the router located at 10.51.77.254. Page 11 of 24

3.3.3 Outside (Eth1) Interface The outside (Eth1) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the WAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. The Static Routing contains the Default Gateway information to ensure connectivity to the Internet. Page 12 of 24

3.4 Routed WAN Network Here is an example of Routed Networks on the WAN side of the Ingate Firewall/SIParator. In this example there is a router located on the WAN to direct traffic to another network. 3.4.1 Network & Computers Here, you group computers and networks. This example shows the networks defined on each interface. The LAN has a range of IP addresses from 10.51.77.0 to 10.51.77.255 associated with inside (Eth0). The WAN has a range of IP addresses from 0.0.0.0 to 255.255.255.255 associated with outside (Eth1), with the exception of 127.0.0.1. Page 13 of 24

3.4.2 Inside (Eth0) Interface The inside (Eth0) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the LAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. There is no Static Routing required in this example. Page 14 of 24

3.4.3 Outside (Eth1) Interface The outside (Eth1) interface of the Ingate Firewall/SIParator contains ONE IP addresses on the directly connected network located on the WAN. Included IP address is a Netmask for the interface, the Firewall/SIParator knows the range of IP addresses that are connected. There is also Static Routing required to direct traffic to 13.13.13.0/24 Network to the router located at 51.51.51.178, as well as the Default Gateway for connectivity to the internet. Page 15 of 24

3.5 Routed WAN Network with 2 Interfaces Here is an example of Routed Networks on the WAN side of the Ingate Firewall/SIParator when using two Ethernet interfaces. It is important to note that the Ingate Firewall/SIParator only supports one Default Gateway. This Default Gateway is only on one interface and will be used for all generic data traffic. Although another network can be connected to a second interface, only Static Routing can be used to route calls to specific networks. 3.5.1 Network & Computers Here, you group computers and networks for each interface. This example shows the networks defined on each interface. The LAN has a range of IP addresses from 10.51.77.0 to 10.51.77.255 associated with inside (Eth0). The WAN has a range of IP addresses from 0.0.0.0 to 255.255.255.255 associated with outside (Eth1), with the exception of 127.0.0.1. In addition, another interface Ethernet 2 (Eth2) has been connected to direct traffic to specific networks. Contained here is the directly connected network of 11.22.33.0 to 11.22.33.255. Plus the other statically routed WAN IP address ranges from 44.55.66.0 to 44.55.66.255, plus 77.88.99.0 to 77.88.99.255 associated with Ethernet 2 (Eth2). Page 16 of 24

3.5.2 Inside (Eth0) Interface The inside (Eth0) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the LAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. There is no Static Routing required in this example. Page 17 of 24

3.5.3 Outside (Eth1) Interface The outside (Eth1) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the WAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. The Static Routing contains the Default Gateway information to ensure connectivity to the Internet. Page 18 of 24

3.5.4 Second Outside (Eth2) Interface The Ethernet 2 (Eth2) interface of the Ingate Firewall/SIParator contains ONE IP addresses on the directly connected network located on the WAN. With the Netmask for each address, the Firewall/SIParator knows the range of IP addresses that are connected. There is also Static Routing required to direct traffic to 44.55.66.0/24 and 77.88.99.0/24 networks to the router located at 11.22.33.1. Page 19 of 24

3.6 Directly Connected LAN Network with 2 Interfaces Here is an example of a two Directly Connected Networks on the LAN side of the Ingate Firewall/SIParator when using two Ethernet interfaces. 3.6.1 Network & Computers Here, you group computers and networks for each interface. This example shows the Directly Connected Networks defined on each interface. The LAN has a range of IP addresses from 10.51.77.0 to 10.51.77.255 associated with inside (Eth0). The WAN has a range of IP addresses from 0.0.0.0 to 255.255.255.255 associated with outside (Eth1), with the exception of 127.0.0.1. In addition, another interface Ethernet 2 (Eth2) has been connected to direct traffic to specific networks. Contained here is the directly connected network of 10.51.77.0 to 10.51.77.255 associated with Ethernet 2 (Eth2). Page 20 of 24

3.6.2 Inside (Eth0) Interface The inside (Eth0) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the LAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. There is no Static Routing required in this example. Page 21 of 24

3.6.3 Outside (Eth1) Interface The outside (Eth1) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the WAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. The Static Routing contains the Default Gateway information to ensure connectivity to the Internet. Page 22 of 24

3.6.4 Second Inside (Eth2) Interface The Ethernet 2 (Eth2) interface of the Ingate Firewall/SIParator contains an IP address on the directly connected network located on the LAN. With the Netmask, the Firewall/SIParator knows the range of IP addresses that are connected. There is no Static Routing required in this example. Page 23 of 24

4 Appendix WAN Network Definition In Networks and Computers, you group computers and networks. This example shows the Directly Connected Networks defined on each interface. The LAN has a range of IP addresses from 10.51.77.0 to 10.51.77.255 associated with inside (Eth0). The WAN has a range of IP addresses from 0.0.0.0 to 255.255.255.255 associated with outside (Eth1), with the exception of 127.0.0.1. Why the exception of the 127.0.0.1 network? The WAN network is used in the Startup Tool to block requests that are not explicitly allowed by the Dial Plan. For this purpose, you basically block requests from all IP addresses. But as a consequence of our implementation of the B2BUA, requests that are looped inside the Ingate are sent from IP address 127.0.0.1 (generally known as the loopback address). If this IP address is included in the WAN network, all looped requests will be blocked while processed inside the Ingate. For this reason, the loopback IP address is excluded from that network. If the network should not be used in the Dial Plan, there is no reason to exclude that IP. Page 24 of 24

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information