Page 46 / 88 Scroll up to view Page 41 - 45
SonicWALL Installation Guide Page 45
Network Hardware Components
Computers
- IBM- compatible, MAC, notebooks, and PDAs
Resources
- printers, fax machines, tape backup units, and file storage devices
Cables
- crossover, ethernet
Connectors
- bridges, routers
Network Interface Card (NIC) -
a card installed inside a computer that physically con-
nects a computer to a network and controls the flow of data from the network to the com-
puter. The NIC has a port where the network cable is connected.
Network Types
LAN
stands for
Local Area Network
. Local area refers to a network in one location, Local
Area Networks connect computers and devices close to each other such as on one floor of
a building, one building, or a campus. LANs can connect as few as two computers or as
many as 100 computers.
WAN
(
Wide Area Network
) connects LANs together. The networks that make up a WAN
can be located throughout a country or even around the world. If a single company owns
a WAN, it is often referred to as an enterprise network. The Internet is currently the largest
WAN.
Firewalls
A firewall is a software or hardware system that prevents unauthorized outside access, theft,
deletion, or modification of information stored on a local network. Typically, unauthorized
access would be via an organization’s Internet connection.
Gateways
A gateway can be a computer that acts as a connector between a private internal network and
another network such as the Internet. A gateway used as a firewall can transmit information
from an internal network to the Internet. Also, gateways can examine incoming information and
determine if the information is allowed access to the network.
Network Protocols
The method that used to regulate a workstation’s access to a computer network to prevent data
collisions. The SonicWALL uses the TCP/IP protocol.
TCP/IP
- Internet Protocol, or "IP", provides connectionless data transfer over a TCP/IP
network. Since IP alone does not provide end-to-end data reliability as well as some other
services, other protocols such as TCP (Transmission Control Protocol) can be added to
provide these services. In TCP/IP, TCP works with IP to ensure the integrity of the data
traveling over the network. TCP/IP is the protocol of the Internet.
FTP
- File Transfer Protocol (FTP) is used to transfer documents between different types
of computers on a TCP/IP network.
Page 47 / 88
Page 46
HTTP
- HyperText Transfer Protocol (HTTP) is a widely used protocol to transfer
information over the Internet. Typically, it is used to transfer information from Web servers
to Web browsers.
UDP
- User Datagram Protocol (UDP) transfers information using virtual ports between two
applications on a TCP/IP network. Slightly faster than TCP, it is not as reliable.
DNS
- Domain Name System (DNS) is a protocol that matches Internet computer names
to their corresponding IP addresses. By using DNS, a user can type in a computer name,
such as www.sonicwall.com, instead of an IP address, such as 192.168.168.168, to access
a computer.
DHCP
- Dynamic Host Configuration Protocol (DHCP) allows communication between
network devices and a server that administers IP numbers. A DHCP server leases IP
addresses and other TCP/IP information to DHCP client that requests them. Typically, a
DHCP client leases an IP address for a period of time from a DHCP server which allows a
larger number of clients to use a set pool of IP addresses.
WINS
- Windows Internet Naming System (WINS), used on Microsoft
®
TCP/IP Networks,
matches Microsoft
®
network computer names to IP addresses. Using this protocol allows
computers on the Microsoft
®
network to communicate with other networks and computers
that use the TCP/IP suite.
HTTPS
- Secure HyperText Transfer Protocol (HTTPS) is a protocol to transfer information
securely over the Internet. HTTPS encrypts and decrypts information exchanged between
a Web server and a Web browser using Secure Socket Layer (SSL).
SMTP
- Simple Mail Transfer Protocol (SMTP) is used to send and receive e-mail messages.
Typically, SMTP is used only to send e-mail while another protocol, POP3, is used to receive
e-mail messages.
POP3
- Post Office Protocol 3 (POP3) is used to receive e-mail messages and storing
messages on a server, referred to as a POP server.
ICMP
- Internet Control Messages Protocol (ICMP) reports errors and controls messages
on a TCP/IP network. PING uses ICMP protocol to test if a network device is available.
IP Addressing
To become part of an IP network, a network device must have an IP address. An IP address is
a unique number that differentiates one device from another on the network to avoid confusion
during communication. To help illustrate IP addresses, the following sections compare an IP
address to the telephone numbering system, a system that is used every day.
Like a phone number with its long distance “1” and area code, an IP address contains a set of
four numbers. While we separate phone number components with dashes, for example 1-408-
555-1212, IP address number components are separated by decimal points or dots (called
dotted decimal notation), for example 123.45.67.89. Because computers use a binary number
system, each number in the set must be less than 255.
Page 48 / 88
SonicWALL Installation Guide Page 47
There are three components of IP addressing:
IP address
Subnet mask
Default gateway
IP Address
Just as each household or business requires a unique phone number, a networked device (such
as a computer, printer, file server, or router) must have a unique IP address. Unlike phone
numbers, an IP address requires the entire number when communicating with other devices.
There are three classes of IP addresses: A, B, and C. Like a main business phone number that
one can call, and then be transferred through interchange numbers to an individual’s extension
number, the different classes of IP addresses provide for varying levels of
“interchanges” or
subnetworks, and “extensions” or device numbers. The classes are based on estimated network
size:
Class A — used for very large networks with hundreds of subnetworks and thousands
of devices. Class A networks use IP addresses between 0.0.0.0 and 127.0.0.0.
Class B — used for medium to large networks with 10–100 subnetworks and hundreds
of devices. Class B networks use IP addresses between 128.0.0.0 and 191.0.0.0.
Class C — used for small to medium networks, usually with only a few subnetworks
and less than 250 devices. Class C networks use IP addresses between 192.0.0.0 and
223.0.0.0.
Just as one would go to the phone company for a phone number, there are controlling bodies
for IP addresses. The overall controlling body for IP addresses worldwide is InterNIC.
Businesses or individuals can request one or many IP addresses from InterNIC. It’s a good idea
to estimate the network’s future growth when requesting the class and number of IP addresses
requested.
Subnet Mask
The IP addressing system allows subnetworks or “interchanges” to be created and device
numbers or “extensions” to be established within these subnetworks. These numbers are
created using a mathematical device called a subnet mask. A subnet mask, like the IP address,
is a set of four numbers in dotted decimal notation. Subnet masks typically take three forms:
255.0.0.0
255.255.0.0
255.255.255.0
The number 255 “masks” out the corresponding number of the IP address, resulting in IP
address numbers that are valid for the network. For example, an IP address of 123.45.67.89
and a subnet mask of 255.255.255.0 results in a sub network number of 123.45.67.0 and a
device number of 89. The IP address numbers that are actually valid to use are those assigned
by InterNIC. Otherwise, anyone could set up IP addresses that are duplicates of those at
another company.
Page 49 / 88
Page 48
The subnet mask used for the network typically corresponds to the class of IP address assigned.
If the IP address is Class A, it uses a subnet mask of 255.0.0.0. Class B addresses use a subnet
mask of 255.255.0.0, and Class C IP addresses use a subnet mask of 255.255.255.0.
Default Gateway
A default gateway is like a long distance operator. Users can dial the operator to get assistance
connecting to the end party. In complex networks with many subnetworks, gateways keep
traffic from traveling between different subnetworks unless addressed to travel there. While
this helps to keep overall network traffic more manageable, it also introduces another level of
complexity.
To communicate with a device on another network, one must go through a gateway that
connects the two networks. Therefore, users must know the default gateway IP address. If
there is no gateway in the network, use an IP address of 0.0.0.0 in fields that apply to a default
gateway.
Network Address Translation (NAT)
NAT hides internal IP addresses by converting all internal host IP addresses to the IP address
of the firewall as packets are routed through the firewall. The firewall then retransmits the data
payload of the internal host from its own address using a translation table to keep track of
which sockets on the exterior interface equate to which sockets on the interior interface. To the
Internet, all of the traffic on the network appears to come from the same computer.
Nodes
A node is a device, such as a PC or a printer, on a network with an IP address. The feature
chart shows how many node licenses for PCs or printers are included with a SonicWALL Internet
Security appliance. The TELE3 has a non-upgradeable 5-node license, but the SOHO3 is
upgradeable up to have 10, 50, or an unlimited number of node licenses. The PRO 100, PRO
200, and PRO 300 have an unlimited number of node licenses.
The TELE3, SOHO3-10, and SOHO3-50 allow a maximum of 5, 10, or 50 LAN IP addresses,
respectively, to exist on the LAN (Local Area Network). The licenses for the nodes are
counted cumulatively, not simultaneously. When the SonicWALL is turned on and
configured, the SonicWALL begins to count IP addresses against the license, and continues
to count new LAN IP addresses accessing the Internet until the appliance is rebooted.
When a computer or other device connects to the LAN port of the SonicWALL, it is detected
via broadcast and stores the computer or other device IP address in memory. If 5, 10, or
50 IP addresses have been stored in the SonicWALL, the SonicWALL does not permit any
additional machines to access the Internet. Therefore, the SonicWALL restricts the number
of IP addresses on the LAN, not the number of simultaneous connections to the Internet.
If you have fewer than the maximum number of computers or other devices on your LAN,
but it appears that the IP license limit is exceeded, download a
Tech Support
Report
and
review the devices with IP addresses. Rogue devices such as printers are filling up the
SonicWALL IP address limit.
Tech Support Reports
are explained in the
Tools
chapter
of this manual.
Page 50 / 88
SonicWALL Installation Guide Page 49
Additionally, computers with two (2) Network Interface Cards (NIC) can take up two IP
addresses. You must reconfigure your network to avoid these problems by turning off IP
forwarding on Windows
®
NT or Windows2000
®
servers using two NICs.

Rate

4 / 5 based on 2 votes.

Popular SonicWALL Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top