Port mapping / Virtual Servers
The Port mapping / Virtual Servers configuration section is where you can configure virtual
servers like Web servers on the DMZ or similar. It’s also possible to regulate how bandwidth
management, traffic shaping, is applied to traffic flowing through the WAN interface of the
firewall. It is also possible to use Intrusion Detection / Prevention and Traffic shaping on Port
mapped services, these are done in the same way as on policies, so see that chapter for
more information.
Mappings are read from top to bottom, and the first matching mapping is carried out.
Add a new mapping
Follow these steps to add a new mapping on the WAN interface.
Step 1.
Choose the
WAN
policy list from the available policy lists.
Step 2.
Click on the
Add new
link.
Step 3.
Fill in the following values:
Name:
Specifies a symbolic name for the rule. This name is used mainly as a rule
reference in log data and for easy reference in the policy list.
Source Nets:
Specify the source networks, leave blank for everyone (0.0.0.0/0).
Source Users/Groups:
Specifies if an authenticated username is needed for this
mapping to match. Either make a list of usernames, separated by
,
or write
Any
for any
authenticated user. If it’s left blank there is no need for authentication for the policy.
Destination Nets:
Leave empty for the interfaces own IP or enter a new IP if using Virtual
IP.
Service:
Either choose a predefined service from the dropdown menu or make a custom.
Pass To:
The IP of the server that the traffic should be passed to.
Schedule:
Choose what schedule should be used for this mapping to match, choose
Always for no scheduling.
Step 4.
If using Traffic shaping fill in that information, if not skip this step.
Click the
Apply
button below to apply the change or click
Cancel
to discard changes