Zyxel NBG-418N v2 Router Manual PDF (Setup & Configuration Guide)

Page 106 / 237 Scroll up to view Page 101 - 105

Chapter 10 Network Address Translation

NBG-418N v2 User’s Guide

106

The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP.

In addition, you can designate servers, for example, a web server and a telnet server, on your local

network and make them accessible to the outside world. If you do not define any servers, NAT

offers the additional benefit of firewall protection. With no servers defined, your NBG-418N v2

filters out all incoming inquiries, thus preventing intruders from probing your network. For more

information on IP address translation, refer to

RFC 1631

,

The IP Network Address Translator (NAT)

.

How NAT Works

Each packet has two addresses – a source address and a destination address. For outgoing packets,

the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global

Address) is the source address on the WAN. For incoming packets, the ILA is the destination

address on the LAN, and the IGA is the destination address on the WAN. NAT maps private (local)

IP addresses to globally unique ones required for communication with hosts on other networks. It

replaces the original IP source address in each packet and then forwards it to the Internet. The

NBG-418N v2 keeps track of the original addresses and port numbers so incoming reply packets

can have their original values restored. The following figure illustrates this.

Figure 75

How NAT Works

10.3

General NAT Screen

Use this screen to enable NAT and set a default server. Click

Network > NAT

to open the

General

screen.

Figure 76

Network > NAT > General

Page 107 / 237

Chapter 10 Network Address Translation

NBG-418N v2 User’s Guide

107

The following table describes the labels in this screen.

10.4

NAT Application Screen

Use the

Application

screen to forward incoming service requests to the server(s) on your local

network. You may enter a single port number or a range of port numbers to be forwarded, and the

local IP address of the desired server. The port number identifies a service; for example, web

service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one

server can support more than one service (for example both FTP and web service), it might be

better to specify a range of port numbers.

In addition to the servers for specified services, NAT supports a default server. A service request

that does not have a server explicitly designated for it is forwarded to the default server. If the

default is not defined, the service request is simply discarded.

Note: Many residential broadband ISP accounts do not allow you to run any server

processes (such as a Web or FTP server) from your location. Your ISP may

periodically check for servers and may suspend your account if it discovers any

active services at your location. If you are unsure, refer to your ISP.

Port forwarding allows you to define the local servers to which the incoming services will be

forwarded. To change your NBG-418N v2’s port forwarding settings, click

Network > NAT

>

Application

. The screen appears as shown.

Note: If you do not assign a

Default Server

IP address

in the

NAT >

General

screen,

the NBG-418N v2 discards all packets received for ports that are not specified in

this screen or remote management.

Refer to

Appendix E on page 217

for port numbers commonly used for particular services.

Table 48

Network > NAT > General

LABEL

DESCRIPTION

NAT Setup

Network Address

Translation

Network Address Translation (NAT) allows the translation of an Internet protocol address

used within one network (for example a private IP address used in a local network) to a

different IP address known within another network (for example a public IP address used

on the Internet).

This field displays whether the NAT is enabled or disabled.

Default Server Setup

Enable

Click the

Enable

check box to activate the default server.

Server IP

Address

In addition to the servers for specified services, NAT supports a default server. A default

server receives packets from ports that are not specified in the

Application

screen.

If you do not assign a default server IP address, the NBG-418N v2 discards all packets

received for ports that are not specified in the

Application

screen or remote

management.

Apply

Click

Apply

to save your changes back to the NBG-418N v2.

Reset

Click

Reset

to begin configuring this screen afresh.

Page 108 / 237

Chapter 10 Network Address Translation

NBG-418N v2 User’s Guide

108

Figure 77

Network > NAT > Application

The following table describes the labels in this screen.

10.5

Port Triggering Screen

To change your NBG-418N v2’s port trigger settings, click

Network > NAT > Port Triggering

.

The screen appears as shown.

Table 49

Network > NAT > Application

LABEL

DESCRIPTION

Add Application Rule

Application Name

Select an option from the drop-down list to choose a pre-defined service. The pre-defined

service port number(s) and protocol will display in the fields below.

User-Defined

Application Name

Type a name (of up to 31 printable characters) to identify this rule. Otherwise, select a

predefined service in the

Application Name

drop-down list.

Protocol

Select the transport layer protocol used for the service. Choices are

TCP

, and

UDP

.

Public Port Range

Local Port Range

Type a port number(s) to be forwarded.

To specify a range of ports, enter a colon (:) between the first port and the last port, such

as 10:20.

Server IP Address

Type the inside IP address of the server that receives packets from the port(s) specified in

the

Port

field.

Apply

Click

Apply

to save your changes to the

Application Rules Summary

table.

Reset

Click

Reset

to not save and return your new changes in the

Service Name

and

Port

fields to the previous one.

Application Rules Summary

Application Name

This field displays a name to identify this rule.

Protocol

This field displays the transport layer protocol supported by this server.

Server IP Address

This field displays the inside IP address of the server.

Local Port Range

Public Port Range

This field displays the port number(s).

State

This field displays whether the rule is enabled or disabled.

Action

Click the

Disable

icon to disable a rule.

Click the

Delete

icon to delete a rule.

Page 109 / 237

Chapter 10 Network Address Translation

NBG-418N v2 User’s Guide

109

Note: Only one LAN computer can use a port trigger (range) at a time.

Figure 78

Network > NAT > Port Triggering

The following table describes the labels in this screen.

Table 50

Network > NAT > Port Triggering

LABEL

DESCRIPTION

Port Triggering Status

Nat Port Trigger

Click

Enable

radio button to enable NAT Port Trigger or

Disable

to inactivate it.

Apply

Click

Apply

button to apply the NAT Port Trigger status you choose above.

Add Application Rule

User-defined

Application Name

Type a unique name (up to 15 characters) for identification purposes. All characters are

permitted - including spaces.

Start Match

Port

Enter the starting port in a range of port numbers that causes (or triggers) the NBG-418N

v2 to record the IP address of the LAN computer that sent the traffic to a server on the

WAN.

End Match

Port

Enter the ending port in a range of port numbers that causes (or triggers) the NBG-418N

v2 to record the IP address of the LAN computer that sent the traffic to a server on the

WAN.

Trigger

Protocol

Specify the protocol (

UDP

,

TCP

or

UDP/TCP

) that causes (or triggers) the NBG-418N v2

to record the IP address of the LAN computer that sent the traffic to a server on the WAN.

Start Related

Port

Enter the starting port in a range of port numbers that a server on the WAN uses when it

sends out a particular service. The NBG-418N v2 forwards the traffic with this starting

port to the client computer on the LAN that requested the service.

End Related

Port

Enter the ending port in a range of port numbers that a server on the WAN uses when it

sends out a particular service. The NBG-418N v2 forwards the traffic with this ending port

to the client computer on the LAN that requested the service.

Page 110 / 237

Chapter 10 Network Address Translation

NBG-418N v2 User’s Guide

110

10.6

Technical Reference

The following section contains additional technical information about the NBG-418N v2 features

described in this chapter.

10.6.1

NAT Port Forwarding: Services and Port Numbers

A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP,

that you can make accessible to the outside world even though NAT makes your whole inside

network appear as a single machine to the outside world.

Use the

Application

screen to forward incoming service requests to the server(s) on your local

network. You may enter a single port number or a range of port numbers to be forwarded, and the

local IP address of the desired server. The port number identifies a service; for example, web

service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one

server can support more than one service (for example both FTP and web service), it might be

better to specify a range of port numbers.

In addition to the servers for specified services, NAT supports a default server. A service request

that does not have a server explicitly designated for it is forwarded to the default server. If the

default is not defined, the service request is simply discarded.

Note: Many residential broadband ISP accounts do not allow you to run any server

processes (such as a Web or FTP server) from your location. Your ISP may

periodically check for servers and may suspend your account if it discovers any

active services at your location. If you are unsure, refer to your ISP.

Open Protocol

Specify the protocol (

UDP

,

TCP

or

UDP/TCP

) that a server on the WAN uses when it

sends out a particular service.

Apply

Click

Apply

to save your changes back to the NBG-418N v2.

Reset

Click

Reset

to begin configuring this screen afresh.

Application Rules Summary

Service Name

This field displays the name of the application rule.

Trigger Protocol

This field displays the protocol that causes (or triggers) the NBG-418N v2 to record the IP

address of the LAN computer that sent the traffic to a server on the WAN.

Direction

This field displays the direction of travel of packets that match this rule.

Match Port

This field displays the port(s) that causes (or triggers) the NBG-418N v2 to record the IP

address of the LAN computer that sent the traffic to a server on the WAN.

Open Protocol

This field displays the protocol a server on the WAN uses when it sends out a particular

service.

Related Port

This field displays the port(s) a server on the WAN uses when it sends out a particular

service. The EMG2926-Q10A forwards the traffic with this port (or range of ports) to the

client computer on the LAN that requested the service.

Action

Click

Delete

to remove the rule.

Table 50

Network > NAT > Port Triggering (continued)

LABEL

DESCRIPTION

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share