Reference Manual for the ProSafe Dual Band Wireless VPN Firewall FWAG114
Network, Routing, Firewall, and Basics
B-9
This scheme offers the additional benefit of firewall-like protection because the internal LAN
addresses are not available to the Internet through the translated connection. All incoming
inquiries are filtered out by the router. This filtering can prevent intruders from probing your
system. However, using port forwarding, you can allow one PC (for example, a Web server) on
your local network to be accessible to outside users.
MAC Addresses and Address Resolution Protocol
An IP address alone cannot be used to deliver data from one LAN device to another. To send data
between LAN devices, you must convert the IP address of the destination device to its media
access control (MAC) address. Each device on an Ethernet network has a unique MAC address,
which is a 48-bit number assigned to each device by the manufacturer. The technique that
associates the IP address with a MAC address is known as address resolution. Internet Protocol
uses the Address Resolution Protocol (ARP) to resolve MAC addresses.
If a device sends data to another station on the network and the destination MAC address is not yet
recorded, ARP is used. An ARP request is broadcast onto the network. All stations on the network
receive and read the request. The destination IP address for the chosen station is included as part of
the message so that only the station with this IP address responds to the ARP request. All other
stations discard the request.
Related Documents
The station with the correct IP address responds with its own MAC address directly to the sending
device. The receiving station provides the transmitting station with the required destination MAC
address. The IP address data and MAC address data for each station are held in an ARP table. The
next time data is sent, the address can be obtained from the address information in the table.
For more information about address assignment, refer to the IETF documents RFC 1597,
Address
Allocation for Private Internets,
and RFC 1466,
Guidelines for Management of IP Address Space
.
For more information about IP address translation, refer to RFC 1631,
The IP Network Address
Translator (NAT)
.
Summary of Contents for ProSafe FWAG114
Page 4: ...iv ...
Page 20: ...Reference Manual for the ProSafe Dual Band Wireless VPN Firewall FWAG114 2 8 Introduction ...
Page 118: ...Reference Manual for the ProSafe Dual Band Wireless VPN Firewall FWAG114 9 8 Troubleshooting ...
Page 188: ...Reference Manual for the ProSafe Dual Band Wireless VPN Firewall FWAG114 8 Glossary ...