Nexland ISB SOHO: Advanced Features
14
What’s so Special about Special Applications???
The ISB SOHO performs the job of a protecting your computers with its firewall
feature. This involves blocking outside transmissions from reaching your local
computers (LAN). This process can interfere with the operation of some software that
uses the Internet for communication. Software like Internet voice or video
conferencing, messaging, games, etc. will not always be compatible with a firewall.
In these cases, you’ll have to make accommodations for the application so it can have
2-way communication through the firewall. This involves opening ports in the ISB’s
firewall to allow the information to get through. The
Special Applications
interface
screen is where you make these settings (in some cases you have to use the
Custom
Virtual Servers
screen as well). In order to make the settings that will work with
your application, you’ll need to consult the application’s support. There should be
some information on how to use it with a firewall (what ports to open).
The ISB SOHO comes pre-configured with some popular titles but they are disabled
by default. You must enable them in
Special Applications
to open the ports. See the
Interface section of this manual for a description of the
Special Applications
screen.
A Word About Virtual Private Networking
Most large (and some small) companies are instituting a corporate VPN policy. This
allows workers outside the office to connect remotely while using a completely secure
means of communication. The ISB SOHO supports the use of VPN connections. This
allows you to use a VPN client on your computer, establish a connection with an
external VPN server, and transfer data. IPsec is the most secure form of VPN
encryption currently in use.
The VPN capability of the ISB SOHO is automatic. It will recognize an IPsec session,
for example, and pass it through the firewall. The ISB SOHO should work with most
VPNs and has been tested to work with all of the major types (Symantec/Axent Power
VPN, Checkpoint, Nortel, Cisco (not Concentrator), among others).
To use your VPN client, your VPN must be using standard
ESP mode IPsec
, PPTP, or
L2TP. The client must authenticate using standard
IKE/ISAKMP
protocol. Some
VPNs (notably, Checkpoint) do not use these as their default settings and must be
configured to these standards. Contact your VPN administrator if you have questions
about your VPN’s configuration.
If you require multiple-session IPsec, Nexland’s ISB Pro series supports unlimited
tunnels passing through NAPT (firewall). It also supports the use of IPsec servers
behind NAPT.
Nexland ISB SOHO: Interface Screens
15
Interface Screens
What follows is a quick reference to all the interface screens available to you on the
ISB SOHO.
Note: These screens are subject to being changed by different firmware versions.
To access the Web-based interface, first you must be on a computer that is in some
way connected to the LAN ports on the ISB (either directly or through a hub). Then
just enter the IP address of the ISB (default is 192.168.0.1) into the address bar of your
browser and hit enter on your keyboard…
This brings up the Main Screen with the Interface Navigation bar on the left…
To access the various screens, click its title on the left side.
All of the interface screens have
Online Help.
To access the help screen, just
click the question mark in the top right corner…
What follows is an explanation of the interface screens in the order they appear on the
navigation bar. This information is duplicated for the most part in the interface’s
Online Help
.
