DG-BG4300N User Manual

Fields in this page:

Field

Description

Service Type

Select a service from pull-down menu or User-defined Service Name.

Protocol

There are 2 options available: TCP, UDP.

WAN Setting

There are 2 options available: create rules by interface or by IP address

WAN Interface

Select the WAN interface on which the Virtual Server rule is to be

applied.

WAN Port

The destination port number that is made open for this application on

the WAN-side

Local IP Address

IP address of your local server that will be accessed by Internet.

LAN Open Port

The destination port number that is made open for this application on

the LAN-side.

Function buttons for the setting block:

Apply Changes

Click to save the rule entry to the configuration.

DG-BG4300N User Manual

Function buttons for the Current Table:

Delete Selected

Delete the selected rules from the table. You can click Delete button from the Current virtual serve

forwarding table.

Disable

Without deleting the rule you can make specific virtual server entry in the table as inactive. You can click

Disable to de-activate the entry.

DG-BG4300N User Manual

6.2.3 NAT Forwarding Setup

Entries in this table allow you to automatically redirect common network services to a specific machine

behind the NAT firewall. These settings are only necessary if you wish to host some sort of server like a

web server or mail server on the private local network behind your Gateway's NAT firewall.

DG-BG4300N User Manual

6.2.4 NAT ALG and Pass-Through

An application-level gateway (also known as

ALG

or application layer gateway) consists of a security

component that augments a firewall or NAT employed in a computer network. It allows customized NAT

traversal filters to be plugged into the gateway to support address and port translation for certain

application layer "control/data" protocols such as IPSec, L2TP, PPTP, FTP, SIP, RTSP etc. In order for

these protocols to work through NAT or a firewall, either the application has to know about an

address/port number combination that allows incoming packets, or the NAT has to monitor the control

traffic and open up port mappings (firewall pinhole) dynamically as required. Legitimate application data

can thus be

passed through

the security checks of the firewall or NAT that would have otherwise

restricted the traffic for not meeting its limited filter criteria.

DG-BG4300N User Manual

6.2.5 NAT EXCLUDE IP Setup

The purpose is to exclude certain flows of traffic from translation. Any packets (going from

inside or outside) matching the NAT EXCLUDE IP do not require NAT translation entries to be

permitted by the router.

6.2.6 NAT Port Trigger

Port triggering is a way to automate port forwarding in which outbound traffic on predetermined

ports ('triggering ports') causes inbound traffic to specific incoming ports to be dynamically

forwarded to the initiating host, while the outbound ports are in use. This allows computers

behind a NAT-enabled router on a local network to provide services that would normally

require the computer to have a fixed address on the local network. Port triggering triggers can

open an incoming port when a client on the local network makes an outgoing connection on a

predetermined port or range of ports.