BS1200 and Network Access Security.
A Basic Network Primer
MCS v4.0 Firmware v2.0
8
ROUTER
PHONE LINKS
PBX OR KTS OR
ANALOG PHONES
EXTERNAL
IP ADDRESS
NNN.NNN.NNN.NNN
(PUBLIC)
LAN
HUB
BS1200
NIC IN
NIC OUT
PROXY
SERVER
fig 5b
SWITCH
A PROXY SERVER EXAMPLE
ADDING A SWITCH BEFORE THE PROXY SERVER
(PUBLIC)
DMZ
INTERNET
INTERNAL
IP ADDRESS
XXX.XXX.XXX.XXX
(PRIVATE)
Third a Network Address Translation (NAT) Router Situation:
As the name implies a NAT Router translates network addresses, like a Proxy server does. A NAT
however lacks the higher end capabilities a SERVER has. You should already be somewhat familiar with
what a NAT Router does from the previous Proxy server solution. Consider a NAT Router the smaller
cousin to a Proxy Server.
To install a BS1200 behind a NAT Router
(See fig 6a)
you must first check with the client on their
policies and procedures regarding the level of security they require. If allowable then disable the NAT
function on the Router, if the Router has only one port.
BS1200
PHONE LINKS
PBX OR KTS OR
ANALOG PHONES
NAT ROUTER
HUB
EXTERNAL
IP ADDRESS
NNN.NNN.NNN.NNN
(PUBLIC)
fig 6a
PORT 0
WITH NAT TURNED OFF
INTERNAL
IP ADDRESS
NNN.NNN.NNN.NNN
(PUBLIC)
A NAT ROUTER EXAMPLE
NAT TURNED OFF
INTERNET
LAN
If the Router has more than one port,
(See fig 6b)
, and if the equipment allows for it, then turn the NAT
function off for that port and then connect the BS1200 to that port.
BS1200
PHONE LINKS
PBX OR KTS OR
ANALOG PHONES
NAT ROUTER
LAN
PORT 0
WITH NAT TURNED ON
PORT 1
WITH NAT TURNED OFF
HUB
EXTERNAL
IP ADDRESS
NNN.NNN.NNN.NNN
(PUBLIC)
fig 6b
INTERNET
(PUBLIC)
A NAT ROUTER EXAMPLE
ADD / USE A SECOND PORT
INTERNAL
IP ADDRESS
XXX.XXX.XXX.XXX
(PRIVATE)