Eicon Networks 1550 User Manual

Security

57

When you create a NAT static mapping, the Eicon 1550/1551 routes all traffic for the
protocol you specify to the designated computer. This includes traffic normally handled
by the Eicon 1550/1551 itself. This leads to the following restrictions:

• Remote access to the configuration interfaces on the Eicon 1550/1551 via the

external network can be disrupted. For example, if you designate a computer to
receive HTTP traffic, remote access to the web configuration interface will be
disrupted. However, local access via Ethernet will still be possible.

• Only one computer on the internal LAN can be designated to receive the traffic for a

specific protocol. This means, for example, you cannot create multiple web servers;
all web traffic must be sent to one computer on your LAN.

Creating Static NAT Mappings

1.

From the main menu, click on the ‘+’ next to the ‘IP’ link to expand the IP group.
Then click ‘NAT Mapping’.

2.

For each server that you want to define, specify the following parameters:

• ‘Protocol’: The protocol that remote computers will use to access the server.
• ‘Server port’: The port number that the protocol will use on the server.
• ‘Server address’: The IP address of the computer that will act as the server. The

server address must be on the same LAN as the Eicon 1550/1551 (or must be
reachable via the LAN).

3.

Click ‘Save’ then ‘Reset’.

Default NAT Server

When the Eicon 1550/1551 receives incoming datagrams containing protocols it is not
supposed to accept, the datagrams are discarded. For example, if an incoming
datagram contains an FTP request, and no FTP server has been defined using a static
mapping, the datagram is discarded.

In some cases, you may want to forward all datagrams containing unspecified
protocols to a computer on your LAN. The Eicon 1550/1551 calls this computer the
‘default NAT server’.