73

Configuring Advanced Settings

Setting up the NAT function

The Giga762SX WLAN dsl comes equipped with the NAT (Network Address Translation)

function. With address mapping, several users in the local network can access the Inter-

net via one or more public IP addresses. All the local IP addresses are assigned to the

router's public IP address by default.

One of the characteristics of NAT is that data from the Internet is not allowed into the

local network unless it has been explicitly requested by one of the PCs in the network.

Most Internet applications can run behind the NAT firewall without any problems. For

example, if you request Internet pages or send and receive e-mails, the request for data

from the Internet comes from a PC in the local network, and so the router allows the

data through. The router opens precisely

one

port for the application. A port in this con-

text is an internal PC address, via which the data is exchanged between the Internet and

a client on a PC in the local network. Communicating via a port is subject to the rules of

a particular protocol (TCP or UDP).

If an external application tries to send a call to a PC in the local network, the router will

block it. There is no open port via which the data could enter the local network.

Some applications, such as games on the Internet, require several links, i.e. several ports

so that the players can communicate with each other. In addition, these applications

must also be permitted to send requests from other users on the Internet to users in the

local network. These applications cannot be run if Network Address Translation (NAT)

has been activated.

Using port forwarding (the forwarding of requests to particular ports) the router is

forced to send requests from the Internet for a certain service, for example a game, to

the appropriate port(s) on the PC on which the game is running.

Port triggering is a special variant of port forwarding. Unlike port forwarding, the

Giga762SX WLAN dsl forwards the data from the port block to the PC which has previ-

ously sent data to the Internet via a certain port (trigger port). This means that approval

for the data transfer is not tied to one specific PC in the network, rather to the port num-

bers of the required Internet service.

Where configuration is concerned, this means:

u

You have to define a so-called trigger port for the application and also the protocol

(TCP or UDP) that this port uses. You then assign the public ports that are to be

opened for the application to this trigger port.

u

The router checks all outgoing data for the port number and protocol. If it identifies

a match of port and protocol for a defined trigger port, then it will open the assigned

public ports and notes the IP address of the PC that sent the data. If data comes back

from the Internet via one of these public ports, the router allows

it through and directs it to the appropriate PC. A trigger event

always comes from a PC within the local network. If a trigger port

is addressed from outside, the router simply ignores it.

74

Configuring Advanced Settings

When the Giga762SX WLAN dsl is supplied, the

NAT

function (Network Address Transla-

tion) is activated, i.e. all IP addresses of PCs in the local network are converted to the

router's public IP address when accessing the Internet.

You can use the NAT settings to configure the Giga762SX WLAN dsl to carry out the fol-

lowing tasks:

u

Set up port triggering for special applications (page 75),

u

Set up the Giga762SX WLAN dsl as a virtual server by configuring Port Forwarding

(page 76),

u

Open the firewall for a selected PC (page 78).

By default the NAT function is activated. You should only deactivate the NAT function if

you want to configure you own firewall in you local network.

ì

In the

Advanced Settings

menu, select:

Internet

–

Address Translation (NAT)

Note:

u

An application that is configured for port triggering can only be run by one user in

the local network at a time.

u

As long as the public ports are open, they can be used by unauthorised persons to

gain access to a PC in the local network.

Note:

For the functions described below, the IP addresses of the PCs must remain

unchanged. If the IP addresses of the PCs are assigned via the DHCP server of the

Giga762SX WLAN dsl, you must select

Never expires

(page 83) as the setting in the

Local Network

menu entry for the

Lease time

or assign static IP addresses for the

PCs.

75

Configuring Advanced Settings

ì

Select the required option.

Port Triggering

If you configure port triggering for a certain application, you must identify a trigger port

and the protocol (TCP or UDP) this port uses. You can then assign the public ports that

must be opened for the application and this trigger port.

You can select known Internet services for this purpose or assign ports or blocks of ports

manually.

ì

In the

Advanced Settings

menu, select:

Internet

–

Address Translation (NAT)

–

Port Triggering

76

Configuring Advanced Settings

ì

Select the required application from the

Predefined applications

list.

ì

Click the

Add

button. The data for the required service is entered on the screen.

ì

Select the chekbox in the

Enabled

column.

If the application you require is not in the list, you must enter the relevant data on the

screen manually:

ì

Local protocol

: Select the protocol that is to be monitored for outgoing traffic.

ì

Local port

: Enter the port that is to be monitored for outgoing traffic.

ì

Public protocol

: Select the protocol that is to be allowed for incoming data traffic.

ì

Public port

: Enter the port that is to be opened for incoming traffic.

You can enter a single port number, several individual port numbers separated by

commas, port blocks consisting of two port numbers separated by a dash, or any

combination of these, for example

80,90-140,180

.

ì

Comment

: Enter a description to help you identify different entries.

ì

Select the checkbos in the

Enabled

column.

ì

Click the

Delete

button to delete an entry. Click the

Add

button to add a new entry.

ì

Apply the settings by clicking

OK

.

Port Forwarding

If you configure Port Forwarding, the Giga762SX WLAN dsl outwardly assumes the role

of the server. It receives requests from remote users under its public IP address and auto-

matically redirects them to local PCs. The private IP addresses of the servers on the local

network remain protected.

77

Configuring Advanced Settings

Internet services are addressed via defined port numbers. The Giga762SX WLAN dsl

needs a mapping table of the port numbers to redirect the service requests to the serv-

ers that actually provide the service.

Port Forwarding has been configured for this purpose.

ì

In the

Advanced Settings

menu, select:

Internet

–

Address Translation (NAT)

–

Port Forwarding

ì

Select the required application from the

Predefined applications

list.

ì

Activate

Enabled

by ticking the check box.

ì

Click the

Add

button. The data for the required service is entered on the screen.

ì

Click the

Delete

button to delete an entry.

If the application you require is not in the list, you must manually enter the relevant data

on the screen:

ì

Select the protocol for the service you are providing from the

Protocol

list.

ì

Under

Public port

, enter the port number(s) of the service you are providing.