1. Home
    2. /
  2. Manuals
    3. /
  3. CTC-Union
    4. /
  4. ATU-R130
    5. /
  5. 9
Page 41 / 74 Scroll up to view Page 36 - 40
ATU-R130 ADSL Ethernet Router User’s Guide
33
You can click
in the Action(s) column to view additional details about a NAT translation
session, as shown in Figure .
Figure 24. NAT Translation – Details Page{ XE "NAT Translation – Details page" }{ XE "Pages:NAT
Translations - Details" }
In addition to the information displayed in the NAT Translations table, this table displays the
following for the selected current translation sessions:
Field
Description
Translated
InAddress
The public IP address to which the private IP
address was translated.
In Address
The private IP address that was translated.
Out Address
The IP address of the outside destination (web,
ftp site, etc.)
In/Out Packets
The number of incoming and outgoing IP
packets that have been translated in this
translation session.
In Ports
The actual port number corresponding to the
LAN computer.
Out Ports
The port number associated with the destination
address.
Translated In Ports
The port number to which the LAN computer’s
actual port number was translated.
Adding NAT Rules
This section explains how to create rules for the various NAT flavors.
{
XE "NAT:adding rules"
}
Note
You cannot edit existing NAT rules. To change a rule setup,
delete it and add a new rule with the modified settings.
The napt rule: Translating between private and public IP addresses { XE "NAT:napt
flavor" }{ XE "NAPT (NAT flavor)" }
Follow these instructions to create a rule for translating the private IP addresses on your LAN to
your public IP address. This type of rule uses the NAT flavor napt, which was used in your
Page 42 / 74
ATU-R130 ADSL Ethernet Router User’s Guide
34
default configuration. The napt flavor translates private source IP addresses to a single public IP
address. The napt rule also translates the source port numbers to port numbers that are defined
on the NAT Global Configuration page (see page 29).
Click the NAT tab, then select
NAT Rule Entry
from the NAT Options drop-down list on the
right side of the page.
The NAT Rule entry page displays a row for each currently configured NAT rule.
1.
Click
to display the NAT Rule – Add page.
The NAPT flavor displays by default in the Rule Flavor drop-down list. The NAT Rule – Add
page displays, as shown in Figure .
Figure 25. NAT Rule – Add Page (napt Flavor)
{
XE "NAT Rule—
Add page - napt"
}{
XE "Pages:NAT Rule
Add - napt"
}
2.
Enter a Rule ID.
The Rule ID determines the order in which rules are invoked (the lowest numbered rule is
invoked first, and so on). In some cases, two or more rules may be defined to act on the
same set of IP addresses. Be sure to assign the Rule ID so that the higher priority rules
are invoked before lower-priority rules. It is recommended that you select rule IDs as
multiples of 5 or 10 so that, in the future, you can insert a rule between two existing rules.
Once a data packet matches a rule, the data is acted upon according to that rule and is
not subjected to higher-numbered rules.
3.
From the IFName drop-down list, select the interface on the device to which this rule
applies.
Typically, NAT rules are used for communication between your LAN and the Internet.
Because the device uses the WAN interface (which may be named
ppp-0
or
eoa-0
) to
connect your LAN to your ISP, it is the usual IFName selection.
4.
In the Local Address From field and Local Address To fields, type the starting and
ending IP addresses, respectively, of
the range of private address you want to be
translated. Or, type the same address in both fields to specify a single value.
To specify that data from all LAN addresses should be translated, type 0 (zero) in each
From field and 255 in each To field.
If you have several non-sequential private addresses, you can create an additional napt
rule for each address.
These addresses should correspond to private addresses already in use on your network
(either assigned statically to your PCs, or assigned dynamically using DHCP).
5.
In the Global Address From and Global Address To fields, type the public IP address
assigned to you by your ISP.
If you have multiple WAN interfaces, in both fields type the IP address of the interface to
which this rule applies. This rule will not be enforced for data that arrives on other PPP
interfaces.
Page 43 / 74
ATU-R130 ADSL Ethernet Router User’s Guide
35
If you have multiple WAN interfaces and want the rule to be enforced on a range of them,
type the starting and ending IP addresses of the range.
6.
When you have completed entering all information, click
.
A page displays to confirm the change.
7.
Click
to return to the NAT Configuration page.
The new rule should display in the NAT Rule Configuration table.
8.
Ensure that the Enable radio button is selected, and then click
.
A page displays to confirm your changes.
9.
Click the Admin tab, and then click
Commit and Reboot
in the task bar.
10. Click
to save your changes to permanent memory.
The rdr rule: Allowing external access to a LAN computer
{
XE "RDR (NAT flavor)"
}{
XE "NAT:RDR flavor"
}
You can create an rdr rule to make a
computer on your LAN, such as a Web or FTP server, available to Internet users without
requiring you to obtain a public IP address for that computer. The computer’s private IP address
is translated to your public IP address in all incoming and outgoing data packets.
Note
Without an rdr rule (or bimap rule described on page 39), the
ATU-R130 blocks attempts by external computers to access your
LAN computers.
Figure shows the fields used to establish a rdr rule:
Figure 26. NAT Rule – Add Page (rdr Flavor){ XE "NAT Rule—
Add page - rdr" }{ XE "Pages:NAT
Rule Add - rdr" }
Follow these instructions to add an rdr rule (see steps 1-4 under "The napt rule" on page 33 for
specific instructions corresponding to steps 1 and 2 below):
Page 44 / 74
ATU-R130 ADSL Ethernet Router User’s Guide
36
1.
Display the NAT Rule – Add Page, select
RDR
as the Rule Flavor, and enter a Rule
ID.
2.
Select the interface on which this rule will be effective.
3.
Select a protocol to which this rule applies, or choose
ALL
.
This selection specifies which type of Internet communication will be subject to this
translation rule. You can select ALL if the rule applies to all data. Or, select TCP, UDP,
ICMP, or a number from 1-255 that represents the IANA-specified protocol number.
4.
In the Local Address From and Local Address To fields, type the same private IP
address, or the lowest and highest addresses in a range:
?
If you type the same IP address in both fields, incoming traffic that matches the
criteria you specify in steps 5 and 6 will be redirected to that IP address.
?
If you type a range of addresses, incoming traffic will be redirected to any available
computer in that range. This option would typically be used for load balancing,
whereby traffic is distributed among several redundant servers to help ensure
efficient network performance.
These addresses should correspond to private addresses already in use on your network
(either assigned statically to your PCs or assigned dynamically using DHCP).
5.
In the Global Address From and Global Address To fields, type the public IP address
assigned to you by your ISP.
If you have multiple WAN (PPP) interfaces, this rule will not be enforced for data that
arrives on other PPP interfaces. This rule will not be enforced for data that arrives on
WAN interfaces not specified here.
If you have multiple WAN interfaces and want the rule to be enforced on more than
one of them (or all), type the starting and ending IP addresses of the range.
6.
In the Destination Port From and Destination Port To fields, enter the port ID (or a
range) that you expect to see on incoming packets destined for the LAN computer for
which this rule is being created.
Incoming traffic that meets this criteria will be redirected to the Local Port number you
specify in the next field.
For example, if you grant public access to a Web server on your LAN, you would expect
that incoming packets destined for that computer would contain the well-known web
server port number, 80. This setting serves as a filter; data packets not containing this port
number would not be granted access to you local computer.
7.
If the LAN computer that you are making publicly available is configured to use a non-
standard port number
{
XE "Port numbers:using non-standard"
}
for the type of traffic it
receives, type the non-standard port number in the Local Port field.
This option translates the standard port number in packets destined for your LAN computer
to the non-standard number you specify. For example, if your Web server uses (non-
standard) port 2000, but you expect incoming data packets to refer to (standard) port 80,
you would enter 2000 here and 80 in the Destination Port fields. The headers of incoming
packets destined for port 80 will be modified to refer to port 2000. The packet can then be
routed appropriately to the web server.
8.
Follow steps 7-12 under "The napt rule" on page 33 to submit your changes.
The basic rule: Performing 1:1 translations
{
XE "BASIC NAT flavor"
}{
XE "NAT:BASIC flavor"
}
The basic flavor translates the private
(LAN-side) IP address to a public (WAN-side) address, like napt rules. However, unlike napt
rules, basic rules do not also translate the port numbers in the packet header; they are passed
Page 45 / 74
ATU-R130 ADSL Ethernet Router User’s Guide
37
through untranslated. Therefore, the basic rule does not provide the same level of security as
the napt rule. Figure shows the fields used for adding a basic rule.
Figure 27. NAT Rule – Add Page (basic Flavor) { XE "NAT Rule—
Add
page - basic" }{ XE "Pages:NAT Rule Add - basic" }
Follow these instructions to add an basic rule (see steps 1-4 under "The napt rule" on page 33
for specific instructions corresponding to steps 1 and 2 below):
1.
Display the NAT Rule – Add Page, select
BASIC
as the Rule Flavor, and enter a Rule
ID.
2.
Select the interface on which this rule will be effective.
3.
Select a protocol to which this rule applies, or choose
ALL
.
This selection specifies which type of Internet communication will be subject to this
translation rule. You can select ALL if the rule applies to all data. Or, select TCP, UDP,
ICMP, or a number from 1-255 that represents the IANA-specified protocol number.
4.
In the Local Address From and Local Address To fields, type the starting and ending
IP addresses that identify the range of private address you want to be translated. Or,
type the same address in both fields.
If you specify a range, each address will be translated in sequence to a corresponding
address in a range of global addresses (which you specify in step 5).
You can create a basic rule for each specific address translation to occur. The range of
addresses should correspond to private addresses already in use on your network,
whether assigned statically to your PCs, or assigned dynamically using DHCP.
5.
In the Global Address From and Global Address To fields, type the starting and
ending address that identify the pool of public IP addresses that the private addresses
should be translated to. Or, type the same address in both fields (if you also specified
a single address in step 4).
6.
Follow steps 7-12 under "The napt rule" on page 33 to submit your changes.
The filter rule: Configuring a basic rule with additional criteria
{
XE "FILTER NAT flavor"
}{
XE "NAT:FILTER flavor"
}
Like the basic flavor, the filter flavor
translates public and private IP addresses on a one-to-one basis. The filter flavor extends the
capability of the basic rule. Refer to “The basic Rule”on page 36 for a general description.
You can use the filter rule if you want an address translation to occur only when your LAN
computers initiate access to specific destinations. The destinations can be identified by their
IP addresses, server type (such as FTP or Web server), or both. Figure shows the fields
used to establish a filter rule.

Rate

3.5 / 5 based on 2 votes.

Popular CTC-Union Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top