beautypg.com

Westermo MR Series User Manual

Page 86

background image

86

6622-3201

Web Interface and Command Line Reference Guide

www.westermo.com

in a “NAT table” containing the private IP source address, the private IP port number, the public
IP destina tion address and the destination port number. Conversely, when the router receives a
reply packet back from the public host, it checks the source IP, source port number and destina-
tion port number in the NAT table to determine which private host to forward the packet to.
Before it forwards the packet back to the private host, it changes the destination IP address of
the packet from its public IP address to the IP address of the private host.

NAPT

NAPT behaves like NAT but in addition to changing the source IP of the packet from the pri-
vate host it can also change the source port number. This is required if more than one private
host attempts to connect using the same local port number to the same Internet host on the
same remote port number. If such a scenario were to occur with NAT the router would be
unable to determine which private host to route the returning packets to and the connection
would fail.

Note:
NAT or NAPT should be used with great care as in most private IP routing scenarios it is not
required and to enable it incorrectly WILL cause problems.
NAT also uses another technique not detailed here to work with ICMP packets such as pings
and other packet types.

Speed:

This parameter is used to select “10Base-T”, “100Base-T” or “Auto” mode. The currently select-
ed mode will be shown in brackets after the parameter name.

Full duplex:

This parameter is used to turn on Full duplex mode so that data can be transmitted in both
directions at the same time for this Ethernet instance. When set to “Off” the Ethernet instance
will operate in half-duplex mode.

Firewall:

This parameter is used to enable or disable firewall operation for this Ethernet instance.

IGMP:

This parameter is used to enable or disable the Internet Group Management Protocol for this
Ethernet instance.

IPSec:

This parameter is used to enable or disable IPSec security features for this Ethernet instance.

IPSec source IP from interface:

By default, the source IP address for an IPSec Eroute will be the IP address of the interface
on which IPSec was enabled. By setting this parameter to either PPP or Ethernet, the source
address used by IPSec will match that of the Ethernet or PPP interface specified by the IPSec
source IP from interface # parameter below.

IPSec source IP from interface #:

See above.

GRE:

Note:
From firmware version 4955 this web option and corresponding CLI commands have been
removed. GRE tunnels should be configured from Configure > Tunnel (GRE)

This parameter enables Generic Routing Encapsulation (GRE) for this Ethernet instance. GRE
is a simple tunnelling protocol. For further details refer to the GRE mode parameter on the
Configure > IPSec > IPSec Eroutes > Eroute n page, and also RFC2784.

This manual is related to the following products:
See also other documents in the category Westermo Equipment: