Best Data DSL542 ADSL Ethernet Router User’s Guide
36
3. Select a protocol to which this rule applies, or choose ALL.
This selection specifies which type of Internet communication will be subject to this
translation rule. You can select ALL if the rule applies to all data. Or, select TCP, UDP,
ICMP, or a number from 1-255 that represents the IANA-specified protocol number.
4. In the Local Address From and Local Address To fields, type the same private IP
address, or the lowest and highest addresses in a range:
f If you type the same IP address in both fields, incoming traffic that matches the
criteria you specify in steps 5 and 6 will be redirected to that IP address.
f If you type a range of addresses, incoming traffic will be redirected to any available
computer in that range. This option would typically be used for load balancing,
whereby traffic is distributed among several redundant servers to help ensure
efficient network performance.
These addresses should correspond to private addresses already in use on your network
(either assigned statically to your PCs or assigned dynamically using DHCP).
5. In the Global Address From and Global Address To fields, type the public IP address
assigned to you by your ISP.
If you have multiple WAN (PPP) interfaces, this rule will not be enforced for data that
arrives on other PPP interfaces. This rule will not be enforced for data that arrives on
WAN interfaces not specified here.
If you have multiple WAN interfaces and want the rule to be enforced on more than
one of them (or all), type the starting and ending IP addresses of the range.
6. In the Destination Port From and Destination Port To fields, enter the port ID (or a
range) that you expect to see on incoming packets destined for the LAN comput er for
which this rule is being created.
Incoming traffic that meets this criteria will be redirected to the Local Port number you
specify in the next field.
For example, if you grant public access to a Web server on your LAN, you would expect
that incoming packets destined for that computer would contain the well-known we b
server port number, 80. This setting serves as a filter; data packets not containi ng this port
number would not be granted access to you local computer.
7. If the LAN computer that you are making publicly available is configured to use a non-
standard port number for the type of traffic it receives, type the non-standard port
number in the Local Port field.
This option translates the standard port number in packets destined for your LAN co mputer
to the non-standard number you specify. For example, if your Web server uses (non-
standard) port 2000, but you expect incoming data packets to refer to (standard) port 80,
you would enter 2000 here and 80 in the Destination Port fields. The headers of i ncoming
packets destined for port 80 will be modified to refer to port 2000. The packet can then be
routed appropriately to the web server.
8. Follow steps 7-12 under "The napt rule" on page 33 to submit your changes.
The basic rule: Performing 1:1 translations
The basic flavor translates the private (LAN-side) IP address to a public (WAN-si de) address,
like napt rules. However, unlike napt rules, basic rules do not also translate the port numbers in
the packet header; they are passed through untranslated. Therefore, the basic rule does not
provide the same level of security as the napt rule. Figure shows the fields used for addi ng a
basic rule.