1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P-660HN-F1Z
    5. /
  5. 28
Page 136 / 421 Scroll up to view Page 131 - 135
Chapter 7 Wireless LAN
P-660HN-FxZ Series User’s Guide
136
You can easily check to see if this has happened. WPS works between only two devices
simultaneously, so if another device has enrolled your device will be unable to enroll, and
will not have access to the network. If this happens, open the access point’s configuration
interface and look at the list of associated clients (usually displayed by MAC address). It
does not matter if the access point is the WPS registrar, the enrollee, or was not involved
in the WPS handshake; a rogue device must still associate with the access point to gain
access to the network. Check the MAC addresses of your wireless clients (usually printed
on a label on the bottom of the device). If there is an unknown MAC address you can
remove it or reset the AP.
Page 137 / 421
P-660HN-FxZ Series User’s Guide
135
C
HAPTER
8
Network Address Translation
(NAT)
8.1
Overview
This chapter discusses how to configure NAT on the ZyXEL Device. NAT (Network Address
Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for
example, the source address of an outgoing packet, used within one network to a different IP
address known within another network.
8.1.1
What You Can Do in the NAT Screens
Use the
NAT General Setup
screen (
Section 8.2 on page 136
) to configure the NAT setup
settings.
Use the
Port Forwarding
screen (
Section 8.3 on page 137
) to configure forward
incoming service requests to the server(s) on your local network.
Use the
Address Mapping
screen (
Section 8.4 on page 140
) to change your ZyXEL
Device’s address mapping settings.
Use the
SIP
ALG
screen (
Section 8.5 on page 143
) to enable and disable the SIP (VoIP)
ALG in the ZyXEL Device.
8.1.2
What You Need To Know About NAT
Inside/Outside
Inside/outside denotes where a host is located relative to the ZyXEL Device, for example, the
computers of your subscribers are the inside hosts, while the web servers on the Internet are
the outside hosts.
Global/Local
Global/local denotes the IP address of a host in a packet as the packet traverses a router, for
example, the local address refers to the IP address of a host when the packet is in the local
network, while the global address refers to the IP address of the host when the same packet is
traveling in the WAN side.
Page 138 / 421
Chapter 8 Network Address Translation (NAT)
P-660HN-FxZ Series User’s Guide
136
NAT
In the simplest form, NAT changes the source IP address in a packet received from a
subscriber (the inside local address) to another (the inside global address) before forwarding
the packet to the WAN side. When the response comes back, NAT translates the destination
address (the inside global address) back to the inside local address before forwarding it to the
original inside host.
Port Forwarding
A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or
FTP, that you can make visible to the outside world even though NAT makes your whole
inside network appear as a single computer to the outside world.
SUA (Single User Account) Versus NAT
SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that supports two
types of mapping,
Many-to-One
and
Server
. The ZyXEL Device also supports
Full
Feature
NAT to map multiple global IP addresses to multiple private LAN IP addresses of
clients or servers using mapping types as outlined in
Table 51 on page 147
.
• Choose
SUA Only
if you have just one public WAN IP address for your ZyXEL Device.
• Choose
Full Feature
if you have multiple public WAN IP addresses for your ZyXEL
Device.
Finding Out More
See
Section 8.6 on page 143
for advanced technical information on NAT.
8.2
The NAT General Setup Screen
Use this screen to activate NAT. Click
Network > NAT
to open the following screen.
"
You must create a firewall rule in addition to setting up SUA/NAT, to allow
traffic from the WAN to be forwarded through the ZyXEL Device.
Figure 70
Network > NAT > General
Page 139 / 421
Chapter 8 Network Address Translation (NAT)
P-660HN-FxZ Series User’s Guide
137
The following table describes the labels in this screen.
8.3
The Port Forwarding Screen
"
This screen is available only when you select
SUA only
in the
NAT > General
screen.
Use this screen to forward incoming service requests to the server(s) on your local network.
You may enter a single port number or a range of port numbers to be forwarded, and the local
IP address of the desired server. The port number identifies a service; for example, web
service is on port 80 and FTP on port 21. In some cases, such as for unknown services or
where one server can support more than one service (for example both FTP and web service),
it might be better to specify a range of port numbers. You can allocate a server IP address that
corresponds to a port or a range of ports.
The most often used port numbers and services are shown in
Appendix E on page 371
. Please
refer to RFC 1700 for further information about port numbers.
Table 44
Network > NAT > General
LABEL
DESCRIPTION
Active Network
Address
Translation (NAT)
Select this check box to enable NAT.
SUA Only
Select this radio button if you have just one public WAN IP address for your ZyXEL
Device.
Full Feature
Select this radio button if you have multiple public WAN IP addresses for your
ZyXEL Device.
Max NAT/Firewall
Session Per User
When computers use peer to peer applications, such as file sharing applications,
they need to establish NAT sessions. If you do not limit the number of NAT
sessions a single client can establish, this can result in all of the available NAT
sessions being used. In this case, no additional NAT sessions can be established,
and users may not be able to access the Internet.
Each NAT session establishes a corresponding firewall session. Use this field to
limit the number of NAT/Firewall sessions client computers can establish through
the ZyXEL Device.
If your network has a small number of clients using peer to peer applications, you
can raise this number to ensure that their performance is not degraded by the
number of NAT sessions they can establish. If your network has a large number of
users using peer to peer applications, you can lower this number to ensure no
single client is exhausting all of the available NAT sessions.
Apply
Click this to save your changes.
Cancel
Click this to restore your previously saved settings.
Page 140 / 421
Chapter 8 Network Address Translation (NAT)
P-660HN-FxZ Series User’s Guide
138
"
Many residential broadband ISP accounts do not allow you to run any server
processes (such as a Web or FTP server) from your location. Your ISP may
periodically check for servers and may suspend your account if it discovers
any active services at your location. If you are unsure, refer to your ISP.
Default Server IP Address
In addition to the servers for specified services, NAT supports a default server IP address. A
default server receives packets from ports that are not specified in this screen.
"
If you do not assign a
Default Server
IP address, the ZyXEL Device discards
all packets received for ports that are not specified here or in the remote
management setup.
Configuring Servers Behind Port Forwarding (Example)
Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (
A
in the
example), port 80 to another (
B
in the example) and assign a default server IP address of
192.168.1.35 to a third (
C
in the example). You assign the LAN IP addresses and the ISP
assigns the WAN IP address. The NAT network appears as a single host on the Internet.
Figure 71
Multiple Servers Behind NAT Example
8.3.1
Configuring the Port Forwarding Screen
Click
Network > NAT > Port Forwarding
to open the following screen.
See
Appendix E on page 371
for port numbers commonly used for particular services.
A=192.168.1.33
D=192.168.1.36
C=192.168.1.35
B=192.168.1.34
WAN
LAN
192.168.1.1
IP Address assigned by ISP

Rate

4 / 5 based on 1 vote.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top