Figure 7.6 Using SNA Server with a firewall.
A firewall is a network security device that restricts access to network resources by allowing traffic only through specified port numbers. In many instances, the services of a firewall are provided in conjunction with a network router that bridges two network segments together.
If the SNA Server address is known, the client workstation configures the appropriate port and destination IP of the SNA Server computer in the client software (1477 and 128.124.1.2 in Figure 7.6). Alternatively, the SNA Server computer’s service port numbers can be changed to the port number requested by the client.
If the SNA Server address is not known, the SNA Server IP transport replaces the real destination IP address with the address of a firewall. The firewall then maps the connection request to the actual SNA Server computer. This takes place when the transport opens a connection to an SNA Server-based computer for application sessions or a sponsor connection.
SNA Server supports firewalls primarily on TCP/IP networks. You may also be able to implement firewalls on IPX/SPX or Banyan VINES networks. Consult your network documentation for information on configuring firewall in your specific installation.