Page 81 / 170 Scroll up to view Page 76 - 80
78
NAT
NAT (Network Address Translation) feature translates a private IP to a public IP, allowing multiple
users to access the Internet through a single IP account, sharing the single IP address. It is a natural
firewall for the private network.
Virtual Servers
In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program
(usually a server) incoming connections should be delivered to. Some ports have numbers that are
pre-assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred
to as “well-known ports”. Servers follow the well-known port assignments so clients can locate them.
If you wish to run a server on your network that can be accessed from the WAN (i.e. from other
machines on the Internet that are outside your local network), or any application that can accept
incoming connections (e.g. Peer-to-peer/P2P software such as instant messaging applications and
P2P file-sharing applications) and are using NAT (Network Address Translation), then you will
usually need to configure your router to forward these incoming connection attempts using specific
ports to the PC on your network running the application. You will also need to use port forwarding if
you want to host an online game server.
The reason for this is that when using NAT, your publicly accessible IP address will be used by and
point to your router, which then needs to deliver all traffic to the private IP addresses used by your
PCs. Please see the
WAN
configuration section of this manual for more information on NAT.
The device can be configured as a virtual server so that remote users accessing services such as
Web or FTP services via the public (WAN) IP address can be automatically redirected to local
servers in the LAN network. Depending on the requested service (TCP/UDP port number), the
device redirects the external service request to the appropriate server within the LAN network.
This part is only available when NAT is enabled.
It is virtual server listing table as you see, Click Add to configure.
Page 82 / 170
79
The following configuration page will appear to let you configure.
Interface:
select from the drop-down menu the interface you want the virtual server(s) applies to.
Server Name:
select the server name from the drop-down menu.
Custom Service:
it is a kind of service to let users customize the service they want. Enter the user-
defined service name here. It is a parameter only available when users select
Custom Service
in
the above parameter.
Server IP Address:
Enter your server IP Address here.
External Port
L
Start:
Enter a port number as the external starting number for the range you want to give
access to internal network.
L
End:
Enter a port number as the external ending number for the range you want to give
access to internal network.
Internal Port
L
Start:
Enter a port number as the internal staring number.
L
End:
Here it will generate automatically according to the End port number of External port
and can’t be modified.
Protocol:
select the protocol this service used: TCP/UDP, TCP, UDP.
Page 83 / 170
80
Set up
1.
Select a Server Name from the drop-down menu, then the port will automatically appear, modify
some as you like, or you can just leave it as default. Remember to enter your server IP Address.
2.
Press
Apply
to conform, and the items will be list in the
Virtual Servers Setup
table.
Page 84 / 170
81
Remove
If you don’t need a specified Server, you can remove it. Check the check box beside the item you
want to remove, then press
Remove
, it will be OK.
ALG
The ALG Controls enable or disable protocols over application layer.
Page 85 / 170
82
DMZ Host
The DMZ Host is a local computer exposed to the Internet. When setting a particular internal IP
address as the DMZ Host, all incoming packets will be checked by the Firewall and NAT algorithms
then passed to the DMZ host, when a packet received does not use a port number used by any
other Virtual Server entries.
DMZ Host IP Address:
Enter the IP Address of a host you want it to be a DMZ host.
Using port mapping does have security implications, since outside users are
able to connect to PCs on your network. For this reason you are advised to use
specific Virtual Server entries just for the ports your application requires instead
of simply using DMZ or creating a Virtual Server entry for “All” protocols, as
doing so results in all connection attempts to your public IP address accessing
the specified PC.
If you have disabled the NAT option in the WAN-ISP section, the Virtual Server
function will hence be invalid.
If the DHCP server option is enabled, you have to be very careful in assigning
the IP addresses of the virtual servers in order to avoid conflicts. The easiest way
of configuring Virtual Servers is to manually assign static IP address to each
virtual server PC, with an address that does not fall into the range of IP
addresses that are to be issued by the DHCP server. You can configure the
virtual server IP address manually, but it must still be in the same subnet as the
router.
Attention

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top