1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. AMG1302-T10B
    5. /
  5. 32
Page 156 / 320 Scroll up to view Page 151 - 155
Chapter 11 Network Address Translation (NAT)
AMG1302/AMG1202-TSeries User’s Guide
156
11.4
The DMZ Screen
If you need to allow packets from a specific WAN connection to your local network, NAT supports a
default server IP address. A default server receives packets from the specified WAN connection and
the ports that are not specified in the
NAT Port Forwarding Setup
screen.
Figure 70
Network Setting > NAT > DMZ
The following table describes the fields in this screen.
11.5
NAT Technical Reference
This chapter contains more information regarding NAT.
11.5.1
NAT Definitions
Inside/outside denotes where a host is located relative to the AMG1302/AMG1202-TSeries, for
example, the computers of your subscribers are the inside hosts, while the web servers on the
Internet are the outside hosts.
Global/local denotes the IP address of a host in a packet as the packet traverses a router, for
example, the local address refers to the IP address of a host when the packet is in the local
network, while the global address refers to the IP address of the host when the same packet is
traveling in the WAN side.
Note that inside/outside refers to the location of a host, while global/local refers to the IP address
of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in
Table 51
Network Setting > NAT > DMZ
LABEL
DESCRIPTION
WAN Interface
Select a WAN PVC connection (
PVC0
~
PVC7
) from which you want to forward the traffic
to the specified default server.
Default Server
Address
Enter the IP address of the default server which receives packets from ports that are not
specified in the
NAT > Port Forwarding
screen.
Note: If you do not assign a
Default Server Address
, the AMG1302/AMG1202-TSeries
discards all packets received for ports that are not specified in the
NAT Port
Forwarding
screen.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to restore your previously saved settings.
Page 157 / 320
Chapter 11 Network Address Translation (NAT)
AMG1302/AMG1202-TSeries User’s Guide
157
a packet when the packet is still in the local network, while an inside global address (IGA) is the IP
address of the same inside host when the packet is on the WAN side. The following table
summarizes this information.
NAT never changes the IP address (either local or global) of an outside host.
11.5.2
What NAT Does
In the simplest form, NAT changes the source IP address in a packet received from a subscriber
(the inside local address) to another (the inside global address) before forwarding the packet to the
WAN side. When the response comes back, NAT translates the destination address (the inside
global address) back to the inside local address before forwarding it to the original inside host. Note
that the IP address (either local or global) of an outside host is never changed.
The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP.
In addition, you can designate servers, for example, a web server and a telnet server, on your local
network and make them accessible to the outside world. If you do not define any servers (for Many-
to-One and Many-to-Many Overload mapping – see
Table 53 on page 159
), NAT offers the
additional benefit of firewall protection. With no servers defined, your AMG1302/AMG1202-TSeries
filters out all incoming inquiries, thus preventing intruders from probing your network. For more
information on IP address translation, refer to
RFC 1631
,
The IP Network Address Translator (NAT)
.
11.5.3
How NAT Works
Each packet has two addresses – a source address and a destination address. For outgoing packets,
the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global
Address) is the source address on the WAN. For incoming packets, the ILA is the destination
address on the LAN, and the IGA is the destination address on the WAN. NAT maps private (local)
IP addresses to globally unique ones required for communication with hosts on other networks. It
replaces the original IP source address (and TCP or UDP source port numbers for Many-to-One and
Many-to-Many Overload NAT mapping) in each packet and then forwards it to the Internet. The
AMG1302/AMG1202-TSeries keeps track of the original addresses and port numbers so incoming
reply packets can have their original values restored. The following figure illustrates this.
Table 52
NAT Definitions
ITEM
DESCRIPTION
Inside
This refers to the host on the LAN.
Outside
This refers to the host on the WAN.
Local
This refers to the packet address (source or destination) as the packet travels on the LAN.
Global
This refers to the packet address (source or destination) as the packet travels on the WAN.
Page 158 / 320
Chapter 11 Network Address Translation (NAT)
AMG1302/AMG1202-TSeries User’s Guide
158
Figure 71
How NAT Works
11.5.4
NAT Application
The following figure illustrates a possible NAT application, where three inside LANs (logical LANs
using IP alias) behind the AMG1302/AMG1202-TSeries can communicate with three distinct WAN
networks.
Figure 72
NAT Application With IP Alias
11.5.5
NAT Mapping Types
NAT supports five types of IP/port mapping. They are:
192.168.1.13
192.168.1.10
192.168.1.11
192.168.1.12
SA
192.168.1.10
SA
IGA1
Inside Local
IP Address
192.168.1.10
192.168.1.11
192.168.1.12
192.168.1.13
Inside Global
IP Address
IGA 1
IGA 2
IGA 3
IGA 4
NAT Table
WAN
LAN
Inside Local
Address (ILA)
Inside Global
Address (IGA)
Page 159 / 320
Chapter 11 Network Address Translation (NAT)
AMG1302/AMG1202-TSeries User’s Guide
159
One to One
: In One-to-One mode, the AMG1302/AMG1202-TSeries maps one local IP address
to one global IP address.
Many to One
: In Many-to-One mode, the AMG1302/AMG1202-TSeries maps multiple local IP
addresses to one global IP address. This is equivalent to SUA (for instance, PAT, port address
translation), ZyXEL’s Single User Account feature that previous ZyXEL routers supported (the
SUA Only
option in today’s routers).
Many to Many Overload
: In Many-to-Many Overload mode, the AMG1302/AMG1202-TSeries
maps the multiple local IP addresses to shared global IP addresses.
Many-to-Many No Overload
:
In Many-to-Many No Overload mode, the AMG1302/AMG1202-
TSeries maps each local IP address to a unique global IP address.
Server
: This type allows you to specify inside servers of different services behind the NAT to be
accessible to the outside world.
Port numbers do NOT change for
One-to-One
and
Many-to-Many No Overload
NAT mapping
types.
The following table summarizes these types.
Table 53
NAT Mapping Types
TYPE
IP MAPPING
One-to-One
ILA1

IGA1
Many-to-One (SUA/PAT)
ILA1

IGA1
ILA2

IGA1
Many-to-Many Overload
ILA1

IGA1
ILA2

IGA2
ILA3

IGA1
ILA4

IGA2
Many-to-Many No Overload
ILA1

IGA1
ILA2

IGA2
ILA3

IGA3
Server
Server 1 IP

IGA1
Server 2 IP

IGA1
Server 3 IP

IGA1
Page 160 / 320
Chapter 11 Network Address Translation (NAT)
AMG1302/AMG1202-TSeries User’s Guide
160

Rate

3.7 / 5 based on 3 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top