Page 46 / 84 Scroll up to view Page 41 - 45
46
D-Link DSL-500B User Manual
Web Configuration
NAT
Note:
You must enable the NAT service when you configure the WAN connection at first. The NAT item will then
appear in the
Advanced Setup
directory. In the pure bridging mode, there is no NAT service.
Overview - Setting up the NAT Function
The DSL router is equipped with the Network Address Translation (NAT) function. With address mapping, several
users in the local network can access the Internet via one or more public IP addresses. All the local IP addresses
are assigned to the public IP address of the router by default.
One of the characteristics of NAT is that data from the Internet is not allowed into the local network unless it is
explicitly requested by one of the PCs in the network. Most Internet applications can run behind the NAT firewall
without any problems. For example, if you request Internet pages or send and receive e-mails, the request for data
from the Internet comes from a PC in the local network, and so the router allows the data to pass through. The
router opens one specific port for the application. A port in this context is an internal PC address, via which the data
is exchanged between the Internet and a client on a PC in the local network. Communicating via a port is subject to
the rules of a particular protocol (TCP or UDP).
If an external application tries to send a call to a PC in the local network, the router blocks it. There is no open port
via which the data could enter the local network. Some applications, such as games on the Internet, require several
links (that is, several ports), so that players can communicate with each other. In addition, these applications must
also be permitted to send requests from other users on the Internet to users in the local network. These applications
cannot run if NAT is activated.
Page 47 / 84
47
D-Link DSL-500B User Manual
Web Configuration
Using port forwarding (the forwarding of requests to particular ports), the router is forced to send requests from
the Internet for a certain service, for example, a game, to the appropriate port(s) on the PC on which the game is
running. Port triggering is a special variant of port forwarding. Unlike port forwarding, the DSL router forwards the
data from the port block to the PC which has previously sent data to the Internet via a certain port (trigger port). This
means that approval for the data transfer is not tied to one specific PC in the network, but rather to the port numbers
of the required Internet service.
Where configuration is concerned, you must define a so-called trigger port for the application and also the protocol
(TCP or UDP) that this port uses. You then assign the public ports that are to be opened for the application to this
trigger port. The router checks all outgoing data for the port number and protocol. If it identifies a match of port and
protocol for a defined trigger port, then it opens the assigned public ports and notes the IP address of the PC that
sent the data. If data comes back from the Internet via one of these public ports, the router allows it to pass through
and directs it to the appropriate PC. A trigger event always comes from a PC within the local network. If a trigger
port is addressed from outside, the router simply ignores it.
Note:
An application that is configured for port triggering can only be run by one user in the local network at a time.
±
After public ports are opened, they can be used by unauthorized persons to gain access to a PC in the local
±
network.
When the DSL router is supplied, the NAT function is activated. For example, all IP addresses of PCs in the
±
local network are converted to the public IP address of the router when accessing the Internet. You can use
NAT settings to configure the DSL router to carry out the following tasks.
For functions described as follows, IP addresses of the PCs must remain unchanged. If the IP addresses of the
±
PCs are assigned via the DHCP server of the DSL router, you must disable DHCP server as the settings in the
local network menu entry for the lease time or assign static IP addresses for the PCs.
You can enable or disable the NAT function. By default, the NAT function is enabled.
±
Page 48 / 84
48
D-Link DSL-500B User Manual
Web Configuration
NAT - Virtual Server Setup
By default, DSL router blocks all external users from connecting or communicating with your network. Therefore, the
system is safe from hackers who may try to intrude into the network and damage it.
However, you may want to expose your network to the Internet in limited and controlled ways in order to enable
some applications to work from the LAN (for example, game, voice, and chat applications) and to enable Internet
access to servers in the home network. The port forwarding feature supports both functions. This topic is also
referred as Local Servers.
The port forwarding page is used to define applications that require special handling by DSL router. All you need to
do is to select the application protocol and the local IP address of the computer that is using or providing the service.
If required, you may add new protocols in addition to the most common ones provided by DSL router.
For example, if you wanted to use a file transfer protocol (FTP) application on one of your PCs, you would simply
select FTP from the list and enter the local IP address or host name of the designated computer. All FTP-related
data arriving at DSL router from the Internet henceforth is forwarded to the specific computer.
Similarly, you can grant Internet users access to servers inside your home network, by identifying each service and
the PC that provide it. This is useful, for example, if you want to host a Web server inside your home network.
When an Internet user points his/her browser to DSL router external IP address, the gateway forwards the incoming
HTTP request to your Web server. With one external IP address (DSL router main IP address), different applications
can be assigned to your LAN computers, however each type of application is limited to use one computer.
For example, you can define that FTP uses address X to reach computer A and Telnet also uses address X to
reach computer A. But attempting to define FTP to use address X to reach both computer A and B fails. DSL router,
therefore, provides the ability to add additional public IP addresses to port forwarding rules, which you must obtain
from your ISP, and enter into the IP addresses pool. Then, you can define FTP to use address X to reach computer
A and address Y to reach computer B.
Page 49 / 84
49
D-Link DSL-500B User Manual
Web Configuration
Additionally, port forwarding enables you to redirect traffic to a different port instead of the one to which it was desig
-
nated. For example, if you have a Web server running on your PC on port 8080 and you want to grant access to this
server to any one who accesses DSL router via HTTP.
To accomplish this, do as follows:
Step 1
Define a port forwarding rule for the HTTP service, with the PC IP or host name.
Step 2
Specify 8080 in the Forward to Port field.
All incoming HTTP traffic is forwarded to the PC running the Web server on port 8080. When setting a port
forwarding service, ensure that the port is not used by another application, which may stop functioning. A common
example is when using SIP signaling in Voice over IP, the port used by the gateway VoIP application (5060) is the
same port, on which port forwarding is set for LAN SIP agents.
Note:
Some applications, such as FTP, TFTP, PPTP and H323, require the support of special specific application
level gateway (ALG) modules in order to work inside the home network. Data packets associated with these appli-
cations contain information that allows them to be routed correctly. An ALG is needed to handle these packets and
ensure that they reach their intended destinations. DSL router is equipped with a robust list of ALG modules in order
to enable maximum functionality in the home network. The ALG is automatically assigned based on the destination
port.
Virtual servers are configured for this purpose.
Page 50 / 84
50
D-Link DSL-500B User Manual
Web Configuration
Adding Port Forwarding
Step 1
To set up virtual servers for a service, go to
Advanced Setup >
NAT > Virtual Servers
, and then click
Add
.
Step 2
Select a service or enter a custom server.
Step 3
Set the
Server IP Address
.
Step 4
Enter the server IP address of the computer that provides the
service (the server in the local host field). Note that unless an
additional external IP address is added, only one LAN computer
can be assigned to provide a specific service or application.
Step 5
Set
External Port Start
and
External Port End
.
Step 6
Select a
Protocol
from the drop-down box.
Step 7
Set
Internal Port Start
and
Internal Port End
.
Step 8
Enter
Remote IP
.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top