|
|
Firewalling & routing with Opengear cellular routers and console servers
Opengear console servers with Version 3.3 firmware (and beyond) have routing, NAT (Network Address Translation), packet filtering, masquerading and port forwarding support.
This allows them to be used for providing Internet access, via cellular connections (ACM5004-Gx cellular routers) or via other Ethernet networks on two Ethernet port models (IM42xx-2 and ACM500x-2 console servers).
To use a console server as an Internet or external network gateway:
- establish an external network connection (e.g. for setting up the 3G cellular link with an ACM5004-Gx refer faq382-3G-CDMA&GSM.html)
- set up Network Forwarding. Network Forwarding allows the network packets on one network interface (i.e. LAN1/ eth0) to be forwarded to another network interface (i.e. LAN2/eth1 or dial-out/cellular). So locally networked devices can IP connect through the console server to devices on remote networks. For more details refer faq390
- set up IP Masquerading. IP Masquerading is used to allow all the devices on your local private network to hide behind and share the one public IP address when connecting to a public network. This type of translation is only used for connections originating within the private network destined for the outside public network, and each outbound connection is maintained by using a different source IP port number. For more details refer faq390
- configure Port Forwards. When using IP Masquerading, devices on the external network cannot initiate connections to devices on the internal network. Port Forwards allows external users to connect to a specific port on the external interface of the console server/cellular router and be redirected to a specified internal address for a device on the internal network. For more details refer faq388
- set Port Rules. Packet filtering inspects each packet passing through the firewall and accepts or rejects it based on user-defined rules. For more details refer faq389
- configure Client Devices on the local network with Gateway and DNS settings. This can be done manually, or using DHCP. For more details refer faq391
- set up Service Access Rules for connecting to the console server/router itself.
|
