Port mapping / Virtual Servers
The Port mapping / Virtual Servers configuration section is where you can configure virtual servers like Web servers on the DMZ or similar. It’s also possible to regulate how bandwidth management, traffic shaping, is applied to traffic flowing through the WAN interface of the firewall. It is also possible to use Intrusion Detection / Prevention and Traffic shaping on Port mapped services, these are done in the same way as on policies, so see that chapter for more information.
Mappings are read from top to bottom, and the first matching mapping is carried out.
Add a new mapping
Follow these steps to add a new mapping on the WAN interface.
Step 1. Choose the WAN policy list from the available policy lists.
Step 2. Click on the Add new link.
Step 3. Fill in the following values:
Name: Specifies a symbolic name for the rule. This name is used mainly as a rule reference in log data and for easy reference in the policy list.
Source Nets: Specify the source networks, leave blank for everyone (0.0.0.0/0).
Source Users/Groups: Specifies if an authenticated username is needed for this mapping to match. Either make a list of usernames, separated by , or write Any for any authenticated user. If it’s left blank there is no need for authentication for the policy.
Destination Nets: Leave empty for the interfaces own IP or enter a new IP if using Virtual IP.
Service: Either choose a predefined service from the dropdown menu or make a custom.
Pass To: The IP of the server that the traffic should be passed to.
Schedule: Choose what schedule should be used for this mapping to match, choose Always for no scheduling.
Step 4. If using Traffic shaping fill in that information, if not skip this step.
Click the Apply button below to apply the change or click Cancel to discard changes
34