beautypg.com

The basic rule: performing 1:1 translations – Siemens E-110-I User Manual

Page 57

background image

Chapter 4: Advanced Configuration

7. If the publicly accessible LAN computer uses a non-standard port number for the type of traffic it

receives, type the non-standard port number in the Local Port field.

8. Complete as described for general procedure (steps 6 to 10).

The basic rule: Performing 1:1 translations

The basic flavor translates the private (LAN-side) IP address to a public (WAN-side) address, like napt rules.

However, unlike napt rules, basic rules do not also translate the port numbers in the packet header; they

are passed through untranslated. Therefore, the basic rule does not provide the same level of security as

the napt rule.
1. On

the

NAT Rule - Add

page, select BASIC from the Rule Flavor drop-down list.

2. Define the rule ID and select the interface.
3. From

the

Protocol drop-down list, select a protocol to which this rule applies, or choose ANY if the

rule applies to all data.

4. In

the

Local Address From/To fields, type the starting and ending IP addresses that identify the range

of private address you want to be translated. Or, type the same address in both fields.
If you specify a range, each address will be translated in sequence to a corresponding address in a

range of global addresses (which you specify in step 5).

5. In

the

Global Address From/To fields, type the starting and ending address that identify the pool of

public IP addresses to which to translate your private addresses. Or, type the same address in both

fields (if you also specified a single address in step 4).

6. Complete as described for general procedure (steps 6 to 10).

The filter rule: Configuring a basic rule with additional criteria

Like the basic flavor, the filter flavor translates public and private IP addresses on a one-to-one basis. The

filter flavor extends the capability of the basic rule.
You can use the filter rule if you want an address translation to occur only when your LAN computers

initiate access to specific destinations. The destinations can be identified by their IP addresses, server type

(such as FTP or Web server), or both.

Rev:01_040220

51

This manual is related to the following products: