Application guide — eipr series – Contemporary Control Systems EIPR Wired/Wireless VPN Router Application Guide User Manual
Page 10

AG-EIPR0000-BC1
Page 10
Application Guide — EIPR Series
Application #6 — Port Forwarding to Access a Private Web Server
The firewall will normally block all WAN-side requests.
Port forwarding allows computers on the WAN side to
access devices on the LAN side by opening up
selected WAN IP ports. The only WAN-side requests
that will be forwarded through the IP router are those
that specify both the router’s WAN address and a
destination IP port number that exists in the router’s IP
port forwarding table. When this match is made, the
message is forwarded to the indicated IP address on the
LAN side.
This is very useful when only one public IP address is
available, but there is a need to access multiple LAN-
side devices. In this example, we want to access a
private web server at 192.168.92.101 which is normally
invisible from the Internet. Using port forwarding, we
allow a WAN-side request made to the router’s public
(WAN) address. For additional security, the port
numbers have been translated.
You can also select Port Range Forwarding to allow an
entire range of addresses through the firewall. Note
that
any WAN-side device can use port forwarding
— but you can greatly enhance security by creating a
whitelist of allowed WAN-side devices. This is
illustrated at the bottom of the page.
Internal IP Address
LAN IP Port
WAN IP Port External IP Address
192.168.92.101/24
80
8080
1.2.3.4
Enhance Security with a Whitelist
Specify which WAN-side devices
can use port forwarding.