Chapter 3: System planning Data network planningPage 3-29In the Cambium system, NAT supports many protocols, including HTTP, ICMP (Internet ControlMessage Protocols), and FTP (File Transfer Protocol). For virtual private network (VPN)implementation, L2TP over IPSec (Level 2 Tunneling Protocol over IP Security) and PPTP (Point toPoint Tunneling Protocol) are supported.DHCPDHCP enables a device to be assigned a new IP address and TCP/IP parameters, including a defaultgateway, whenever the device reboots. Thus DHCP reduces configuration time, conserves IPaddresses, and allows modules to be moved to a different network within the Cambium system.In conjunction with the NAT features, each SM provides: A DHCP server that assigns IP addresses to computers connected to the SM by Ethernetprotocol. A DHCP client that receives an IP address for the SM from a network DHCP server.DMZIn conjunction with the NAT features, a DMZ (demilitarized zone) allows the assignment of one IPaddress behind the SM for a device to logically exist outside the firewall and receive networktraffic. The first three octets of this IP address must be identical to the first three octets of the NATprivate IP address.Developing an IP addressing schemeNetwork elements are accessed through IP Version 4 (IPv4) addressing.A proper IP addressing method is critical to the operation and security of a network.Each module requires an IP address on the network. This IP address is for only managementpurposes. For security, you must either: Assign a non-routable IP address. Assign a routable IP address only if a firewall is present to protect the module.You assign an IP addresses to computers and network components by either static or dynamic IPaddressing. You will also assign the appropriate subnet mask and network gateway to eachmodule.Address Resolution ProtocolAs previously stated, the MAC address identifies a module in: Communications between modules. The data that modules store about each other.
