Page 176 / 794 Scroll up to view Page 171 - 175
Vigor2860 Series User’s Guide
162
5.
Click
OK
to save the settings.
3.4 NAT
Usually, the router serves as an NAT (Network Address Translation) router. NAT is a
mechanism that one or more private IP addresses can be mapped into a single public one.
Public IP address is usually assigned by your ISP, for which you may get charged. Private IP
addresses are recognized only among internal hosts.
When the outgoing packets destined to some public server on the Internet reach the NAT
router, the router will change its source address into the public IP address of the router, select
the available public port, and then forward it. At the same time, the router shall list an entry in
a table to memorize this address/port-mapping relationship. When the public server response,
the incoming traffic, of course, is destined to the router’s public IP address and the router will
do the inversion based on its table. Therefore, the internal host can communicate with external
host smoothly.
The benefit of the NAT includes:
Save cost on applying public IP address and apply efficient usage of IP address.
NAT allows the internal IP addresses of local hosts to be translated into one public IP
address, thus you can have only one IP address on behalf of the entire internal hosts.
Enhance security of the internal network by obscuring the IP address.
There are
many attacks aiming victims based on the IP address. Since the attacker cannot be aware
of any private IP addresses, the NAT function can protect the internal network.
Note:
On NAT page, you will see the private IP address defined in RFC-1918. Usually we
use the 192.168.1.0/24 subnet for the router. As stated before, the NAT facility can map one
Page 177 / 794
Vigor2860 Series User’s Guide
163
or more IP addresses and/or service ports into different specified services. In other words,
the NAT function can be achieved by using port mapping methods.
Below shows the menu items for NAT.
3.4.1 Port Redirection
Port Redirection
is
usually set up for server related service inside the local network (LAN),
such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP
address for each server and this public IP address/domain name are recognized by all users.
Since the server is actually located inside the LAN, the network well protected by NAT of the
router, and identified by its private IP address/port, the goal of Port Redirection function is to
forward all access request with public IP address from external users to the mapping private IP
address/port of the server.
The port redirection can only apply to incoming traffic.
To use this function, please go to
NAT
page and choose
Port
Redirection
web page. The
Port Redirection Table
provides 40 port-mapping entries for the internal hosts.
Page 178 / 794
Vigor2860 Series User’s Guide
164
Each item is explained as follows:
Item
Description
Index
Display the number of the profile.
Service Name
Display the description of the specific network service.
WAN Interface
Display the WAN IP address used by the profile.
Protocol
Display the transport layer protocol (TCP or UDP).
Public Port
Display the port number which will be redirected to the
specified
Private IP and Port
of the internal host.
Private IP
Display the IP address of the internal host providing the
service.
Status
Display if the profile is enabled (v) or not (x).
Press any number under Index to access into next page for configuring port redirection.
Page 179 / 794
Vigor2860 Series User’s Guide
165
Available settings are explained as follows:
Item
Description
Enable
Check this box to enable such port redirection setting.
Mode
Two options (Single and Range) are provided here for you
to choose. To set a range for the specific service, select
Range
. In Range mode, if the public port (start port and end
port) and the starting IP of private IP had been entered, the
system will calculate and display the ending IP of private IP
automatically.
Service Name
Enter the description of the specific network service.
Protocol
Select the transport layer protocol (TCP or UDP).
WAN IP
Select the WAN IP used for port redirection. There are
eight WAN IP alias that can be selected and used for port
redirection. The default setting is
All
which means all the
incoming data from any port will be redirected to specified
range of IP address and port.
Public Port
Specify which port can be redirected to the specified
Private IP and Port
of the internal host. If you choose
Range
as the port redirection mode, you will see two boxes
on this field. Type the required number on the first box (as
the starting port) and the second box (as the ending port).
Private IP
Specify the private IP address of the internal host providing
the service. If you choose
Range
as the port redirection
mode, you will see two boxes on this field. Type a complete
IP address in the first box (as the starting point). The second
one will be assigned automatically later.
Private Port
Specify the private port number of the service offered by
the internal host.
After finishing all the settings here, please click
OK
to save the configuration.
Note that the router has its own built-in services (servers) such as Telnet, HTTP and FTP etc.
Since the common port numbers of these services (servers) are all the same, you may need to
reset the router in order to avoid confliction.
For example, the built-in web user interface in the router is with default port 80, which may
conflict with the web server in the local network, http://192.168.1.13:80. Therefore, you need
to
change the router’s http port to
any one other than the default port 80
to avoid conflict,
such as 8080. This can be set in the
System Maintenance >>Management Setup
. You then
will access the admin screen of by suffixing the IP address with 8080, e.g.,
http://192.168.1.1:8080 instead of port 80.
Page 180 / 794
Vigor2860 Series User’s Guide
166

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top