Black Box LES114BA, LES1332A, LES1408A, LES144BA Configuring network forwarding and IP masquerading

−With Firewall Rules, packet filtering inspects each packet passing through the firewall and accepts or rejects it based on user-defined rules.

−Then Service Access Rules can be set for connecting to the console server/router itself

5.8.1Configuring network forwarding and IP masquerading

To use a console server as an Internet or external network gateway requires establishing an external network connection and then setting up forwarding and masquerading.

Note: Network forwarding allows the network packets on one network interface (i.e. LAN1/ eth0) to be forwarded to another network interface (i.e. LAN2/eth1 or dial-out/cellular). So locally networked devices can IP connect through the console server to devices on remote networks. IP masquerading is used to allow all the devices on your local private network to hide behind and share the one public IP address when connecting to a public network. This type of translation is only used for connections originating within the private network destined for the outside public network, and each outbound connection is maintained by using a different source IP port number.

By default, all console server models are configured so that they will not route traffic between networks. To use the console server as an Internet or external network gateway, forwarding must be enabled so that traffic can be routed from the internal network to the Internet/external network:

Navigate to the System: Firewall page, and then click on the Forwarding &Masquerading tab

Find the Source Network to be routed, and then tick the relevant Destination Network to enable Forwarding

IP Masquerading is generally required if the console server will be routing to the Internet, or if the external network being routed to does not have routing information about the internal network behind the console server.

_____________________________________________________________________