beautypg.com

Lan ip filtersets, Lan ip filtersets -27 – Netopia 4752 User Manual

Page 199

background image

Security 13-27

LAN IP Filtersets

The Netopia 4752 offers LAN-side filtering on the Ethernet hub. This permits multiple IP addresses or subnets
on the Ethernet LAN to be kept separate from one another and operate as vir tual independent networks sharing
a single Internet connection. Small- to medium-sized offices can benefit by using a single router to connect to
the Internet, with multiple businesses within the office using independent subnets on the network. Schools can
benefit by separating the administrative network from the student network.

A LAN-side filter is the reverse of a WAN-side filter. When you use a WAN-side filter you are restricting external
access to your internal network. The most common type of WAN-side filter is the Basic Firewall that is enabled
by default in Netopia routers.

When you create a LAN-side filter you are restricting access from your internal network to the external world, or
to other subnets on your internal network.

The main advantage of filtering from the LAN is to limit users (or a set of users on a subnet) from accessing
ser vices such as telnet to the router to make configuration changes or accessing the Internet via HTTP.

Companies desiring to limit cer tain depar tments from accessing the Internet can use LAN-side filtering, as well
as schools desiring to prevent their student network from downloading files via FTP etc.

The default WAN filtersets Basic Firewall and NetBIOS Filter should never be applied to your internal LAN
because they can cut off access from all of your internal computers to the router itself. Instead, you should
create separate new filtersets to be applied to the router’s Ethernet hub to restrict user and subnet access to
other subnets or to the Internet.

Filtersets are ver y power ful access-restriction tools, and for this reason, the LAN-side filterset binding menu is
placed in the Advanced Security Options screen.

Before attempting to create and use LAN-side filtersets, you should read and understand fully the information
on subnet and filterset creation presented in the on-line documentation on your Netopia CD.

For information on creating multiple subnets, see the User’s Reference Guide chapter on “IP Setup”.

For more information on filters and filter sets, see the User’s Reference Guide chapter on “Security.”

After you have created an appropriate filterset, you apply it to the Ethernet hub inter face as follows:

To attach a filter set to the Ethernet hub inter face, navigate to the Advanced Security Options screen from the
Main Menu.

Main

Menu

System

Configuration

Advanced

Security Options

Security

Security Options