Nortel 1000 User Guide
LAN configuration
41
summarizes the
recommended access permissions allowed by the firewall. All other paths
not in the table should be denied.
not in the table should be denied.
Table 3
Firewall access permissions
Firewall access permissions
Source
Destination
Protocol
WWW
ICB
HTTP
C-LAN
ICB
HTTP, FTP, TELNET
ICB
WWW
FTP (optional; allows upgrade from
the web)
the web)
ICB
C-LAN
FTP
ICB
Mail Server
SMTP
Notes
Take the following notes into consideration:
•
Technically, a firewall can be configured to enforce these access
restrictions even when the ICB is in the C-LAN. However, a Green and
Red LAN is usually used, because it is safer.
restrictions even when the ICB is in the C-LAN. However, a Green and
Red LAN is usually used, because it is safer.
•
Cards of a dual-ICB set must be in the same LAN segment, with no
restrictions between them.
restrictions between them.
LAN/intranet access only
In this configuration, the ICB is not accessible from anywhere in the World
Wide Web (assuming this policy is enforced by the firewall). There are
two options for this type of configuration: C-LAN connection and E-LAN
connection.
Wide Web (assuming this policy is enforced by the firewall). There are
two options for this type of configuration: C-LAN connection and E-LAN
connection.
shows
an example of the C-LAN connection.
Nortel Communication Server 1000/Communication Server 2100 Solution/Meridian SL-100
Nortel Integrated Conference Bridge: Service Implementation Fundamentals
NN43001-558/555-4001-135
01.02
Standard
ICB Release 4
20 June 2007
Copyright © 2007, Nortel Networks
.