SonicWALL 5.8.1 Microscope & Magnifier User Manual

Open as PDF

of 1490

Network > Interfaces

207

SonicOS 5.8.1 Administrator Guide

Perimeter Security

The following diagram depicts a network where the SonicWALL is added to the perimeter for

the purpose of providing security services (the network may or may not have an existing firewall

between the SonicWALL and the router).

In this scenario, everything below the SonicWALL (the Primary Bridge Interface segment) will

generally be considered as having a lower level of trust than everything to the left of the

SonicWALL (the Secondary Bridge Interface segment). For that reason, it would be appropriate

to use X1 (Primary WAN) as the Primary Bridge Interface.

Traffic from hosts connected to the Secondary Bridge Interface (LAN) would be permitted

outbound through the SonicWALL to their gateways (VLAN interfaces on the L3 switch and then

through the router), while traffic from the Primary Bridge Interface (WAN) would, by default, not

be permitted inbound.

If there were public servers, for example, a mail and Web server, on the Secondary Bridge

Interface (LAN) segment, an Access Rule allowing WAN->LAN traffic for the appropriate IP

addresses and services could be added to allow inbound traffic to those servers.

Workgroup Switch

VLAN 100

X0 (LAN)

IP= Transparent Mode

(Range 192.168.0.100 to 192.168.0.250)

MAC=00:06:B1:10:10:10

SonicWALL Firewall L2 Bridge Mode

WorkStation

IP=10.0.100.200/24

GW=10.0.100.1

MAC=00:11:55:66:77:88

Server

IP=10.0.100.100/24

GW=10.0.100.1

MAC=00:CC:AA:BB:EE:EE

LAN 10.0.100.x/24

WorkStation

IP=10.0.200.200/24

GW=10.0.200.1

MAC=00:11:22:33:44:55

Server

IP=10.0.200.100/24

GW=10.0.200.1

MAC=00:AA:BB:CC:DD:EE

LAN 10.0.200.x/24

Workgroup Switch

VLAN 200

Switch

L3 Switch

X1 (WAN)

IP= 192.168.0.12/24

MAC= 00:06:B1:10:10:11

GW= 192.168.0.1

Interface e0

IP= 10.0.0.1

Interface s0

ISP Assigned

Router

Internet

VALN Interface 100

IP= 10.0.100.1

VLAN Interface 200

IP=10.0.200.1

Gateway 10.0.0.1

(default VLAN)

VLAN Trunk

VID 100

VID 200

Default VLAN

link/spd

pc card lanwanopt 1 2 3 4

5 6

signal

link/act

activity

NSA 240

NSA 2400

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

SonicWALL 5.8.1 Microscope & Magnifier User Manual