Zyxel AMG1302-T10B Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Zyxel

AMG1302-T10B

Page 156 / 320 Scroll up to view Page 151 - 155

Chapter 11 Network Address Translation (NAT)

AMG1302/AMG1202-TSeries User’s Guide

156

11.4

The DMZ Screen

If you need to allow packets from a specific WAN connection to your local network, NAT supports a

default server IP address. A default server receives packets from the specified WAN connection and

the ports that are not specified in the

NAT Port Forwarding Setup

screen.

Figure 70

Network Setting > NAT > DMZ

The following table describes the fields in this screen.

11.5

NAT Technical Reference

This chapter contains more information regarding NAT.

11.5.1

NAT Definitions

Inside/outside denotes where a host is located relative to the AMG1302/AMG1202-TSeries, for

example, the computers of your subscribers are the inside hosts, while the web servers on the

Internet are the outside hosts.

Global/local denotes the IP address of a host in a packet as the packet traverses a router, for

example, the local address refers to the IP address of a host when the packet is in the local

network, while the global address refers to the IP address of the host when the same packet is

traveling in the WAN side.

Note that inside/outside refers to the location of a host, while global/local refers to the IP address

of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in

Table 51

Network Setting > NAT > DMZ

LABEL

DESCRIPTION

WAN Interface

Select a WAN PVC connection (

PVC0

PVC7

) from which you want to forward the traffic

to the specified default server.

Default Server

Address

Enter the IP address of the default server which receives packets from ports that are not

specified in the

NAT > Port Forwarding

screen.

Note: If you do not assign a

Default Server Address

, the AMG1302/AMG1202-TSeries

discards all packets received for ports that are not specified in the

NAT Port

Forwarding

screen.

Apply

Click

Apply

to save your changes.

Cancel

Click

Cancel

to restore your previously saved settings.

Page 157 / 320

Chapter 11 Network Address Translation (NAT)

AMG1302/AMG1202-TSeries User’s Guide

157

a packet when the packet is still in the local network, while an inside global address (IGA) is the IP

address of the same inside host when the packet is on the WAN side. The following table

summarizes this information.

NAT never changes the IP address (either local or global) of an outside host.

11.5.2

What NAT Does

In the simplest form, NAT changes the source IP address in a packet received from a subscriber

(the inside local address) to another (the inside global address) before forwarding the packet to the

WAN side. When the response comes back, NAT translates the destination address (the inside

global address) back to the inside local address before forwarding it to the original inside host. Note

that the IP address (either local or global) of an outside host is never changed.

The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP.

In addition, you can designate servers, for example, a web server and a telnet server, on your local

network and make them accessible to the outside world. If you do not define any servers (for Many-

to-One and Many-to-Many Overload mapping – see

Table 53 on page 159

), NAT offers the

additional benefit of firewall protection. With no servers defined, your AMG1302/AMG1202-TSeries

filters out all incoming inquiries, thus preventing intruders from probing your network. For more

information on IP address translation, refer to

RFC 1631

The IP Network Address Translator (NAT)

11.5.3

How NAT Works

Each packet has two addresses – a source address and a destination address. For outgoing packets,

the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global

Address) is the source address on the WAN. For incoming packets, the ILA is the destination

address on the LAN, and the IGA is the destination address on the WAN. NAT maps private (local)

IP addresses to globally unique ones required for communication with hosts on other networks. It

replaces the original IP source address (and TCP or UDP source port numbers for Many-to-One and

Many-to-Many Overload NAT mapping) in each packet and then forwards it to the Internet. The

AMG1302/AMG1202-TSeries keeps track of the original addresses and port numbers so incoming

reply packets can have their original values restored. The following figure illustrates this.

Table 52

NAT Definitions

ITEM

DESCRIPTION

Inside

This refers to the host on the LAN.

Outside

This refers to the host on the WAN.

Local

This refers to the packet address (source or destination) as the packet travels on the LAN.

Global

This refers to the packet address (source or destination) as the packet travels on the WAN.

Page 158 / 320

Chapter 11 Network Address Translation (NAT)

AMG1302/AMG1202-TSeries User’s Guide

158

Figure 71

How NAT Works

11.5.4

NAT Application

The following figure illustrates a possible NAT application, where three inside LANs (logical LANs

using IP alias) behind the AMG1302/AMG1202-TSeries can communicate with three distinct WAN

networks.

Figure 72

NAT Application With IP Alias

11.5.5

NAT Mapping Types

NAT supports five types of IP/port mapping. They are:

192.168.1.13

192.168.1.10

192.168.1.11

192.168.1.12

192.168.1.10

IGA1

Inside Local

IP Address

192.168.1.10

192.168.1.11

192.168.1.12

192.168.1.13

Inside Global

IP Address

IGA 1

IGA 2

IGA 3

IGA 4

NAT Table

WAN

LAN

Inside Local

Address (ILA)

Inside Global

Address (IGA)

Page 159 / 320

Chapter 11 Network Address Translation (NAT)

AMG1302/AMG1202-TSeries User’s Guide

159

•

One to One

: In One-to-One mode, the AMG1302/AMG1202-TSeries maps one local IP address

to one global IP address.

•

Many to One

: In Many-to-One mode, the AMG1302/AMG1202-TSeries maps multiple local IP

addresses to one global IP address. This is equivalent to SUA (for instance, PAT, port address

translation), ZyXEL’s Single User Account feature that previous ZyXEL routers supported (the

SUA Only

option in today’s routers).

•

Many to Many Overload

: In Many-to-Many Overload mode, the AMG1302/AMG1202-TSeries

maps the multiple local IP addresses to shared global IP addresses.

•

Many-to-Many No Overload

In Many-to-Many No Overload mode, the AMG1302/AMG1202-

TSeries maps each local IP address to a unique global IP address.

•

Server

: This type allows you to specify inside servers of different services behind the NAT to be

accessible to the outside world.

Port numbers do NOT change for

One-to-One

and

Many-to-Many No Overload

NAT mapping

types.

The following table summarizes these types.

Table 53

NAT Mapping Types

TYPE

IP MAPPING

One-to-One

ILA1



IGA1

Many-to-One (SUA/PAT)

ILA1



IGA1

ILA2



IGA1

…

Many-to-Many Overload

ILA1



IGA1

ILA2



IGA2

ILA3



IGA1

ILA4



IGA2

…

Many-to-Many No Overload

ILA1



IGA1

ILA2



IGA2

ILA3



IGA3

…

Server

Server 1 IP



IGA1

Server 2 IP



IGA1

Server 3 IP



IGA1

Page 160 / 320

Chapter 11 Network Address Translation (NAT)

AMG1302/AMG1202-TSeries User’s Guide

160

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share