beautypg.com

Ethernet firewall configuration, 3 ethernet firewall configuration – B&B Electronics WLNN-AN(ER,SE,SP.EK)-DP551 - Manual User Manual

Page 46

background image

46

Airborne Enterprise CLI Reference Manual

Command

Description

eth-mode

The Ethernet interface supports the following configurations; this parameter
determines the default mode of the interface.

auto

Auto negotiate

10half

10Mbps, half duplex

10full

10Mbps, full duplex

100half

100Mbps, half duplex

100full

100Mbps, full duplex

It is recommended that auto be used as this will provided the greatest level
of compatibility on the Ethernet interface.

The private network supports the Airborne

™ discovery protocol and will respond

to discovery requests on the private network. Discovery protocol requests are not
forwarded to the public network.

The subnet for the private network IP addresses (Ethernet Client and Gateway) and

public IP address (802.11), obtained by the module via the wireless interface, MUST
NOT be the same.

Failure to observe this requirement will result in unpredictable behavior of the bridge.

When attempting to make an out-bound connection to a device on the public
network, the public network IP address of the device should be used e.g. In
Figure 6 the client with address 192.168.2.100 wants to connect to an FTP
server, with the address of 123.45.67.99, on the public network to perform a
firmware download. The FTP address that would be used in the ftp-server-
address parameter would be 123.45.67.99. Note that this is not within the
subnet of the Ethernet client, however the NAT router will do the necessary
address translations and packet header manipulations to ensure the out-bound
and in-bound connections are maintained.

Any traffic between the Airborne Ethernet Bridge Ethernet interface and Ethernet
client, on the private network, will not be broadcast on to the public network
unless it is directed at the public network.

For most users there will be no modification of the private network settings
needed and if the target Ethernet client uses DHCP to obtain an IP address, no
change in configuration will be required either.

9.3

Ethernet Firewall Configuration

The module has an in-built rule based firewall, designed to provide a simple
solution for limiting access on the network the wireless interface is associated
with to just the resources required for the target application. When configured this
prevents any system using the Ethernet interface for accessing unauthorized
data or resources, protecting the connected network from illegal use by an rogue
Ethernet Client.

See also other documents in the category B&B Electronics Accessories communication: