Zyxel P-660HN-T1A Router Manual PDF (Setup & Configuration Guide)

Page 136 / 324 Scroll up to view Page 131 - 135

Chapter 9 Network Address Translation (NAT)

P-660HN-TxA User’s Guide

136

NAT

In the simplest form, NAT changes the source IP address in a packet received from

a subscriber (the inside local address) to another (the inside global address)

before forwarding the packet to the WAN side. When the response comes back,

NAT translates the destination address (the inside global address) back to the

inside local address before forwarding it to the original inside host.

Port Forwarding

A port forwarding set is a list of inside (behind NAT on the LAN) servers, for

example, web or FTP, that you can make visible to the outside world even though

NAT makes your whole inside network appear as a single computer to the outside

world.

SUA (Single User Account) Versus NAT

SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that

supports two types of mapping,

Many-to-One

and

Server

. The ZyXEL Device also

supports

Full Feature

NAT to map multiple global IP addresses to multiple private

LAN IP addresses of clients or servers using mapping types as outlined in

Table 48

on page 149

.

• Choose

SUA Only

if you have just one public WAN IP address for your ZyXEL

Device.

• Choose

Full Feature

if you have multiple public WAN IP addresses for your

ZyXEL Device.

Finding Out More

See

Section 9.6 on page 146

for advanced technical information on NAT.

Page 137 / 324

Chapter 9 Network Address Translation (NAT)

P-660HN-TxA User’s Guide

137

9.2

The NAT General Setup Screen

Use this screen to activate NAT. Click

Network > NAT

to open the following

screen.

Note: You must create a firewall rule in addition to setting up SUA/NAT, to allow traffic

from the WAN to be forwarded through the ZyXEL Device.

Figure 64

Network > NAT > General

The following table describes the labels in this screen.

Table 41

Network > NAT > General

LABEL

DESCRIPTION

Active Network

Address

Translation

Select this check box to enable NAT.

SUA Only

Select this radio button if you have just one public WAN IP address for

your ZyXEL Device.

Full Feature

Select this radio button if you have multiple public WAN IP addresses for

your ZyXEL Device.

Max NAT/

Firewall Session

Per User

When computers use peer to peer applications, such as file sharing

applications, they need to establish NAT sessions. If you do not limit the

number of NAT sessions a single client can establish, this can result in

all of the available NAT sessions being used. In this case, no additional

NAT sessions can be established, and users may not be able to access

the Internet.

Each NAT session establishes a corresponding firewall session. Use this

field to limit the number of NAT/Firewall sessions client computers can

establish through the ZyXEL Device.

If your network has a small number of clients using peer to peer

applications, you can raise this number to ensure that their

performance is not degraded by the number of NAT sessions they can

establish. If your network has a large number of users using peer to

peer applications, you can lower this number to ensure no single client

is exhausting all of the available NAT sessions.

Page 138 / 324

Chapter 9 Network Address Translation (NAT)

P-660HN-TxA User’s Guide

138

9.3

The Port Forwarding Screen

Note: This screen is available only when you select

SUA only

in the

NAT > General

screen.

Use this screen to forward incoming service requests to the server(s) on your local

network.

You may enter a single port number or a range of port numbers to be forwarded,

and the local IP address of the desired server. The port number identifies a

service; for example, web service is on port 80 and FTP on port 21. In some

cases, such as for unknown services or where one server can support more than

one service (for example both FTP and web service), it might be better to specify

a range of port numbers. You can allocate a server IP address that corresponds to

a port or a range of ports.

The most often used port numbers and services are shown in

Appendix E on page

307

. Please refer to RFC 1700 for further information about port numbers.

Note: Many residential broadband ISP accounts do not allow you to run any server

processes (such as a Web or FTP server) from your location. Your ISP may

periodically check for servers and may suspend your account if it discovers any

active services at your location. If you are unsure, refer to your ISP.

Default Server IP Address

In addition to the servers for specified services, NAT supports a default server IP

address. A default server receives packets from ports that are not specified in this

screen.

Note: If you do not assign a

Default Server

IP address, the ZyXEL Device discards

all packets received for ports that are not specified here or in the remote

management setup.

Apply

Click this to save your changes.

Cancel

Click this to restore your previously saved settings.

Table 41

Network > NAT > General (continued)

LABEL

DESCRIPTION

Page 139 / 324

Chapter 9 Network Address Translation (NAT)

P-660HN-TxA User’s Guide

139

Configuring Servers Behind Port Forwarding (Example)

Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (

A

in

the example), port 80 to another (

B

in the example) and assign a default server IP

address of 192.168.1.35 to a third (

C

in the example). You assign the LAN IP

addresses and the ISP assigns the WAN IP address. The NAT network appears as a

single host on the Internet.

Figure 65

Multiple Servers Behind NAT Example

9.3.1

Configuring the Port Forwarding Screen

Click

Network > NAT > Port Forwarding

to open the following screen.

See

Appendix E on page 307

for port numbers commonly used for particular

services.

Figure 66

Network > NAT > Port Forwarding

A=192.168.1.33

D=192.168.1.36

C=192.168.1.35

B=192.168.1.34

WAN

LAN

192.168.1.1

IP Address assigned by ISP

Page 140 / 324

Chapter 9 Network Address Translation (NAT)

P-660HN-TxA User’s Guide

140

The following table describes the fields in this screen.

Table 42

Network > NAT > Port Forwarding

LABEL

DESCRIPTION

Default Server Setup

Default Server

In addition to the servers for specified services, NAT supports a default

server. A default server receives packets from ports that are not

specified in this screen. If you do not assign a

Default Server

IP

address, the ZyXEL Device discards all packets received for ports that

are not specified here or in the remote management setup.

Port Forwarding

Service Name

Select a service from the drop-down list box.

Server IP

Address

Enter the IP address of the server for the specified service.

Add

Click this button to add a rule to the table below.

#

This is the rule index number (read-only).

Active

This field indicates whether the rule is active or not.

Clear the check box to disable the rule. Select the check box to enable

it.

Service Name

This is a service’s name.

Start Port

This is the first port number that identifies a service.

End Port

This is the last port number that identifies a service.

Port Translation

Start/End Port

This is the start/end port number that the device translates.

Server IP

Address

This is the server’s IP address.

Modify

Click the edit icon to go to the screen where you can edit the port

forwarding rule.

Click the delete icon to delete an existing port forwarding rule. Note that

subsequent address mapping rules move up by one when you take this

action.

Apply

Click this to save your changes.

Cancel

Click this to restore your previously saved settings.

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share