Page 21 / 62
Scroll up to view Page 16 - 20
21
4.5 Forwarding Rules
4.5.1 Virtual Server
Page 22 / 62
22
This product
’
s NAT firewall filters out unrecognized packets to protect your Intranet, so all hosts
behind this product are invisible to the outside world. If you wish, you can make some of them
accessible by enabling the Virtual Server Mapping.
A virtual server is defined as a
Service Port
, and all requests to this port will be redirected to the
computer specified by the
Server IP
.
Virtual Server
can work with
Scheduling Rules
, and give
user more flexibility on Access control. For Detail, please refer to
Scheduling Rule
.
For example, if you have an FTP server (port 21) at 192.168.123.1, a Web server (port 80) at
192.168.123.2, and a VPN server at 192.168.123.6, then you need to specify the following virtual
server mapping table:
Service Port
Server IP
Enable
21
192.168.123.1
V
80
192.168.123.2
V
1723
192.168.123.6
V
Page 23 / 62
23
4.5.2 Special AP
Some applications require multiple connections, like Internet games, Video conferencing, Internet
telephony, etc. Because of the firewall function, these applications cannot work with a pure NAT router.
The
Special Applications
feature allows some of these applications to work with this product. If the
mechanism of Special Applications fails to make an application work, try setting your computer as the
DMZ
host instead.
1.
Trigger
: the outbound port number issued by the application..
2.
Incoming Ports
: when the trigger packet is detected, the inbound packets sent to the specified
port numbers are allowed to pass through the firewall.
This product provides some predefined settings Select your application and click
Copy
to
to add the
predefined setting to your list.
Note! At any given time, only one PC can use each Special Application tunnel.
Page 24 / 62
24
4.5.3 Miscellaneous Items
IP Address of DMZ Host
DMZ (DeMilitarized Zone) Host is a host without the protection of firewall. It allows a computer to be
exposed to unrestricted 2-way communication for Internet games, Video conferencing, Internet
telephony and other special applications.
NOTE: This feature should be used only when needed.
Non-standard FTP port
You have to configure this item if you want to access an FTP server whose port number is not 21. This
setting will be lost after rebooting.