Cisco Support Community
Community Member

Base Station Security

The 340 Base Station documents indicate use of NAT

when connected to DSL/Cable. I assume it is using

PAT (as opposed to NAT) as I did not see any

documentation implementing static/conduit/ACL

similar to a PIX.

The concern is: Does this unit have any capability

that refuses inbound requests? What is the danger

of installing one of these units without having

a firewall on the Internet side?

Community Member

Re: Base Station Security

The Base Station does not have anywhere near the security capabilities of the PIX. It also doesn't cost anywhere near what the PIX does. Where it gets the security it does have (in Base Station mode) is from PAT and its lack of support for static translations. As well, Telnets and HTTP access from the ethernet side (in Base Station mode) are disabled, so those out on the Internet pointing browsers and telnet clients at random addresses are not going to get access. That's why fresh from the box or a reset, administration has to be done from the radio side.

CreatePlease to create content