Professional Documents
Culture Documents
ISA-ALNT-001E Configuring The Firewall For External Communications
ISA-ALNT-001E Configuring The Firewall For External Communications
ISA-ALNT-001/E
Configuring the Firewall for External Communications
I. PURPOSE:
This document provides the following Alinity Firewall configuration instructions:
• Configuring a Static IP address for X1 (WAN)
• Configuring the X2/X3 ports for separated LAS/LIS communication
• Configuring a customer proxy
• Configuring a different Maximum Transmission Unit (MTU)
• Configuring a Network Time Protocol (NTP) server for User Interface Computer (UIC) time synchronization
• Alternate configuration when the customer and Alinity networks overlap
• Configuring static routing for an LIS Network when the LIS Server and Alinity are on different networks
• Configuring a NAT Policy for an LIS Network when the LIS Server cannot utilize port 50020
• Connecting a network printer directly to the firewall
• Disaster Recovery
III. PARTS:
New Inventory Old Inventory Inventory
Part Description Notes
Number Number Disposition
SE20000151-101/A Alinity Firewall Customer Configuration N/A N/A
SE20000151-102/A Alinity Firewall Customer Configuration V2.0 N/A N/A
Note: If the customer is desiring to use MAC address reservation instead of setting a
Static IP, Select the Advanced tab and record the MAC address of the firewall for the
customer, like as shown below, then after they complete the MAC address
reservation and the firewall’s X1 WAN Interface has received an IP address via
DHCP, proceed to the Verification section. The MAC address can also be found on
the label of the firewall, as the Serial Number with the last digit incremented by 1.
6. If completed with all configurations, close the Chromium browser and proceed
to the Verification section.
3. Select the Zone: drop-down box, then select the LAS (if configuring X2) or LIS (if
configuring X3) option.
5. If completed with all configurations, close the Chromium browser and proceed
to the Verification section.
If the customer has a proxy IP address, follow the steps outlined below:
• Select the pencil icon for the object Site Proxy IP configuration.
• Replace the 0.0.0.0 in the IP Address field with the IP address of the
proxy server from the Pre-Site Inspection and press the OK button to
save the configuration change.
• Select the pencil icon for the object Site Proxy Port configuration.
• Replace the 9999 - 9999 in the Port Range field with the Port Range of
the proxy server from the Pre-Site Inspection and press the OK button
to save the configuration change.
4. If completed with all configurations, close the Chromium browser and proceed
to the Verification section.
3. Select the Advanced tab and in the Interface MTU field, enter the value
(provided to you by the site’s IT) into the field, then press the OK button to save
the configuration change.
4. If completed with all configurations, close the Chromium browser and proceed
to the Verification section.
4. Enter a number between 1 and 30 into the field (or leave blank for every day),
then click on the OK button to continue.
2. At the DHCP Server menu, select the pencil icon for the DHCPv4 Server Lease
Scope configuration.
5. At the Interface Settings menu, select the pencil icon for the object SCCLanIP
configuration.
6. Change the IP Address to 172.27.1.101 and press the OK button to save the
configuration change.
7. Select the Network link (on the left-hand side of the screen).
IMPORTANT NOTE: Please note that in the rare case where the alternate network
range described above still conflicts with the customer network, another RFC 1918
network range that is not in conflict could be used. The settings described above
would have to be adjusted accordingly.
IMPORTANT NOTE: If the system is connected to AbbottLink, notify the AbbottLink
Support group and inform them that this system is no longer configured to use the
standard 172.16.1.101 IP address. They will need to know which system it is and
what IP address the system is now configured to use. They will then deploy a
package to the system via AbbottLink that will reconfigure the Firewall Admin
Console application so that the firewall can once again be managed via AbbottLink.
3. Click on the Add button, enter the following details into their respective fields
and press the Add button to save the configuration changes.
Add Address Object
• Name: X3 Gateway
• Zone Assignment: LIS
• Type: Host
• IP Address: 10.88.146.254
2. Click on the Add button, enter the following details into their respective fields
and press the Add button to save the configuration changes.
Add Service
• Name: LIS_Rx_NAT
• Protocol: TCP
• Port Range: LIS Port
4. At the NAT Policies menu, select the pencil icon for either of the Service
Original LIS_Rx NAT Policies (depending on if you are using WAN or X3 for the
LIS communication).
5. Configure the network printer with a Static IP address that is within the same
network that the X3 (or X4) Interface was configured with (e.g. 172.16.4.100).
Make sure to set the printer’s Default Gateway to the IP address configured for
the X3 Interface (e.g. 172.16.4.1).
6. If completed with all configurations, close the Chromium browser and proceed
to the Verification section.
VI. ATTACHMENTS
Title File name Intended Use
Alinity Firewall Customer Configuration SE20000151-101A.zip For Firewall Disaster Recovery of LN 04S56-01
Alinity Firewall Customer Configuration V2.0 SE20000151-102A.zip For Firewall Disaster Recovery of LN 04S56-02