Network Address Translation NAT Pinhole Settings | Motorola 3397GP

Administrator’s Handbook

Network Address Translation (NAT) Pinhole Settings

NAT pinholes let you pass speciﬁc types of network trafﬁc through the NAT interfaces on the Motorola Netopia® Gateway. NAT pinholes allow you to route selected types of network trafﬁc, such as FTP requests or HTTP (Web) connections, to a speciﬁc host behind the Motorola Netopia® Gateway trans- parently.

To set up NAT pinholes, you identify the type(s) of trafﬁc you want to redirect by port number, and you specify the internal host to which each speciﬁed type of trafﬁc should be directed.

The following list identiﬁes protocol type and port number for common TCP/IP protocols:

❑FTP (TCP 21)

❑telnet (TCP 23)

❑SMTP (TCP 25),

❑TFTP (UDP 69)

❑SNMP (TCP 161, UDP 161)

set pinhole name name

Speciﬁes the identiﬁer for the entry in the Gateway's pinhole table. You can name pinhole table entries sequentially (1, 2, 3), by port number (21, 80, 23), by protocol, or by some other naming scheme.

set pinhole name name protocol-select { tcp udp }

Speciﬁes the type of protocol being redirected.

set pinhole name name external-port-start [ 0 - 49151 ]

Speciﬁes the ﬁrst port number in the range being translated.

set pinhole name name external-port-end [ 0 - 49151 ]

Speciﬁes the last port number in the range being translated.

set pinhole name name internal-ip internal-ip

Speciﬁes the IP address of the internal host to which trafﬁc of the speciﬁed type should be transferred.

set pinhole name name internal-port [ 0 - 65535 ]

Speciﬁes the port number your Motorola Netopia® Gateway should use when forwarding trafﬁc of the speciﬁed type. Under most circumstances, you would use the same number for the external and inter- nal port.

186

Image 186

Motorola 3397GP manual Network Address Translation NAT Pinhole Settings

Contents

Administrator’s Handbook Part Number Table of Contents Home Page Expert Mode 127 Index Setting up Your Motorola Netopia Gateway What’s New Important Safety Instructions Power Supply Installation Wichtige Sicherheitshinweise AchtungBewahren Sie diese Anweisungen auf Set up your Gateway Conﬁgure Your PC for Dynamic Addressing Microsoft WindowsPage Select Built-in Ethernet Select Conﬁgure Using Dhcp Motorola Netopia Gateway Quickstart Select your language from the pull-down menu and click Next Click OK PPPoE QuickstartPage Administrator’s Handbook Basic Mode Features Connection Information HomeHome Page Information Router Information Local Network More Buttons Links Bar Firewall Firewall Background Firewall Setting Off Low/Medium High Dhcp Gateway LAN Side Wireless Protected Setup Page Wireless ID Ssid WirelessEnable Wireless Enable Wireless Protected Setup WPS Enable Wireless Scheduler Privacy Operating Mode Advanced Conﬁguration Options optional AutoChannel Setting Enable Wireless Scheduler Enable Wireless Protected Setup WPS Privacy Radius Server authentication WPA-PSK WEP-Manual Examples WEP-Automatic Enable Multiple Wireless IDs Administrator’s Handbook Page WiFi Multimedia Page Wireless MAC Authorization optional Page Once you choose a software service or game, click Enable Gaming List of Supported Games and Software FTP Nntp Deﬁne Custom Service Static NAT Expert Mode Troubleshoot Diagnostics Result Meaning Statistics Downstream and Upstream statistics IP interfaces EthernetGeneral Network Routing Table and Host Routing Table Dhcp Server Status May be On or Off WirelessLogs Devices on LAN Help Administrator’s Handbook Expert Mode Home Page Expert Mode Gateway Information Local Network More Buttons Help LAN/WAN Conﬁgure Connection Administrator’s Handbook LAN/WAN Dhcp Server Page IP Passthrough Restriction NAT List of Supported Games and Software Nntp Deﬁne Custom Service Static NAT Router Password Time Zone Vlan Overview Ethernet Switching/Policy Setup Administrator’s Handbook Vlan Port Conﬁguration screen appears Administrator’s Handbook Page Administrator’s Handbook VoIP SIP Line Entry Call Features Settings Digit Map Administrator’s Handbook Wireless Enable Wireless Scheduler Operating Mode Default Channel AutoChannel Setting Enable Closed System ModeAbout Closed System Mode and Wireless Encryption Block Wireless Bridging Privacy Radius Server authentication WPA-PSK WEP-Manual Examples WEP-Automatic Enable Multiple Wireless IDs 100 101 102 103 104 105 Statistics 106 107 108 Diagnostics 109 Remote Access 110 From your PC Update RouterFrom a Server 111 Reset Router 112 Restart Router 113 Basic Mode 114 Basic Troubleshooting 115 116 Status Indicator LightsPower Ethernet 117 ActionModel 2241N only 118 Ethernet 1, 2, 3 Wireless 119 Power Ethernet 1, 2, 3 Wireless Internet 120Line Phone 1, Phone Wireless Ethernet 1, 2, 3 121 122 DSL 1 & 2 ADSL2+Models only Ethernet 1, 2, 3 123 LED Function Summary Matrix 124 125 2241N 3347-02 Factory Reset SwitchSeries2240N 2246N Command Line Interface 127 Config Commands 128 Overview 129 Command Verbs Status and/or Description 130Keywords Starting and Ending a CLI Session Using the CLI Help FacilitySaving Settings Logging Shell Prompt About Shell CommandsShell Command Shortcuts 132 Shell Commands Common Commands License key Loglevel level134 Netstat -r Reset arpNetstat Quit Reset crash Reset atmReset cdmode Reset dhcp server Reset wepkeys Reset wan-users all ip-addressReset wan Show backup Show dhcp server leases Show daylight-savingsShow dhcp agent Show diffserv Show group-mgmt Show featuresShow etheroam ah Show ip arp Show ip state-insp Show ip lan-discoveryShow ip routes Show ipmap Show summary Show vlan141 142 Show voip Show wireless allShow wireless clients MACaddress Voip rtpstats WAN Commands Navigating the Config Hierarchy About Config CommandsConfig Mode Prompt Show ppp stats lcp ipcp Displaying Current Gateway Settings Entering Commands in Config ModeGuidelines Config Commands Set ip ethernet a ipaddress Step Mode a CLI Conﬁguration Technique Validating Your Conﬁguration147 Config Commands Remote ATA Conﬁguration Commands Set ata proﬁle 0.. ata-proxy-server ipaddr Set ata proﬁle 0.. ata-user-password stringSet ata proﬁle 0.. ata-static-wan-gateway ipaddr Set ata proﬁle 0.. ata-proxy-port port DSL Commands Set atm vccn pppoe-sessions 1 Bridging SettingsSet atm vcc n vci 0 Set bridge sys-bridge on off Set bridge dhcp-ﬁlterset string Set bridge table-timeout 30Set bridge concurrent-bridging-routing on off Set bridge ethernet option on off Dhcp Settings Set dhcp gen-option name name Set dhcp range 2.. start-address ipaddressSet dhcp range 2.. end-address ipaddress Set dhcp gen-option option 1 155 Option Data Format Data Size Can Bytes Conﬁgure Set dhcp gen-option data-type ascii hex dotted-decimal Set dhcp gen-option data data156 Set dhcp ﬁlterset name string rule n dhcp-option 0 Set dhcp ﬁlterset name string rule n match-str matchstring157 Set dhcp assigned-ﬁlterset string Set dhcp ﬁlterset name string rule n match-pool ipaddressSet dhcp ﬁlterset name string rule n absent-pool ipaddress 158 DMT Settings Domain Name System Settings 161 Igmp Settings 162Igmp Version 3 supports Set igmp query-intvl value Set igmp snooping off onSet igmp robustness value Set igmp query-response-intvl value IP Settings Set ip dsl vccn address ipaddress Set ip arp-timeout 60Set ip dsl vccn restrictions admin-disabled none Set ip dsl vccn broadcast broadcastaddress Set ip dsl vccn unnumbered on off Set ip dsl vccn mcast-fwd on offSet ip dsl vccn igmp-null-source-addr on off Set ip dsl vccn dns acquired-dns-priority 0 Set ip ethernet a address ipaddress Set ip ethernet a restrictions none admin-disabledSet ip ethernet a option on off Set ip ethernet a broadcast broadcastaddress Set ip ethernet a subnet n address ipaddress Set ip ethernet a rip-receive off v1 v2 v1-compat v2-MD5Set ip ethernet a subnet 2 .. option on off Set ip ethernet a subnet n netmask netmask Set ip ip-ppp vccn address ipaddress Set ip ip-ppp vccn restrictions admin-disabled noneSet ip ip-ppp vccn option on off Set ip ip-ppp vccn peer-address ipaddress Set ip ip-ppp vccn igmp-null-source-addr on off Set ip ip-ppp vccn rip-send off v1 v2 v1-compat v2-MD5Set ip ip-ppp vccn rip-receive off v1 v2 v1-compat v2-MD5 Set ip ip-ppp vccn mcast-fwd on off Set ip ipsec-passthrough off on Set ip static-arp ip-addressipaddressSet ip igmp-forwarding off on 171 Set ip prioritize off on Set ip sip-passthrough on offSet ip rtsp-passthrough off on 172 Set diffserv option off on Set diffserv lohi-ratio 60 100 percent173 QoS Setting TOS Bit Value Behavior Qos off assure expedite network-control174 Set diffserv qos dscp-map default custom 175 176 Set diffserv qos dscp-map-23 expedite Queue Conﬁguration 177 178 Set queue name wfq weight-type bps 179 180 Set queue name priorityqueuename default-inputqueuename 181 Rate-limiting weighted fair queue to 100Kbps 182 Set ip static-routes destination-networknetaddress Delete ip static-routes destination-network netaddress183 Set ip-maps name name external-ip ipaddress IPMaps SettingsSet ip-maps name name internal-ip ipaddress 184 Set nat-default dhcp-enable on off Network Address Translation NAT Default SettingsSet nat-default mode off default-server ip-passthrough Set nat-default address ipaddress Network Address Translation NAT Pinhole Settings PPPoE /PPPoA Settings Set ppp module vccn lost-echoes-max integer Set ppp module vccn restart-timer integerSet ppp module vccn port-authentication Set ppp module vccn failures-max integer Option off on pap-only chap-only Set ppp module vccn port-authentication username usernameSet ppp module vccn port-authentication password password 189 Set wan-over-ether pppoe-with-ipoe on off PPPoE with IPoE SettingsSet wan-over-ether pppoe on off Set wan-over-ether ipoe-sessions 1 Set ip ip-ppp vcc1 mcast-fwd on off Ethernet Port SettingsSet atm vcc n encap pppoe-llc Set ip ip-ppp vcc1 igmp-null-source-addr off on 802.3ah Ethernet OAM Settings Set preference more lines Command Line Interface Preference SettingsSet preference verbose on off 193 Set servers telnet-tcp 1 Port Renumbering SettingsSet servers web-http 1 194 Set security ﬁrewall option high medium low off Security SettingsSet security ipsec tunnels name 123 tun-enable on off Set security ipsec option off on off Set security ipsec tunnels name 123 IKE-mode DH-group 1 2 196 Set security ipsec tunnels name 123 nat-enable on off Set security ipsec tunnels name 123 xauth enable off onSet security ipsec tunnels name 123 xauth password password Set security ipsec tunnels name 123 xauth username username Set security ipsec tunnels name 123 local-id idvalue Set security ipsec tunnels name 123 remote-id idvalue198 199 200 Parameter Motorola Netopia Peer Gateway 201 Field Description PFS Enable 202 203 Set security state-insp dos-detect off on Set security state-insp tcp-timeout 30Set security state-insp udp-timeout 30 Set security state-insp xposed-addr exposed-address# n 205 Packet Filtering Settings 206 207 Operator 208 Snmp Settings System Settings Set system name name210 Set system password admin user Set system idle-timeout telnet 1...120 http 1Set system username administrator name user name Set system ftp-server option off on Sleep Contact-email string@domainname location string 212 Set system zerotouch option on off Set system zerotouch redirect-url redirection-URL213 Syslog Default syslog installation procedure 215 Wireless Settings supported models Set wireless scheduler end-time hhmin Set wireless multi-ssid option on off217 Set wireless no-bridging off on Set wireless tx-power full medium fair low minimal218 Set wireless wmm option off on 219 220 Set wireless network-id privacy default-keyid Set wireless network-id wps off onSet wireless network-id privacy pre-shared-key string 221 Set wireless mac-auth option on off 222Example 40bit key 02468ACE02 Set radius alt-radius-name servernamestring Set radius radius-name servernamestringSet radius radius-secret sharedsecret Set radius alt-radius-secret sharedsecret Vlan Settings Set vlan name name ports port port-pbits 0 Set vlan name name ip-interface ipinterface225 226 Assign an IP interface 227 Set vlan name PPPoE11 id 228 Set voip phone 1 2 sip-option off on VoIP settings supported modelsSet voip phone 1 2 sip-registrar-setting sip-expires-time 0 Set voip phone 1 2 sip-proxy-server servername ipaddress Set voip phone 1 2 sip-user-name username Set voip phone 1 2 sip-user-password passwordSet voip phone 1 2 sip-user-display-name name Set voip phone 1 2 auth-id string Set voip phone 1 2 sip-advanced-setting rtp-qos-tos-value 0 Set voip phone 1 2 sip-advanced-setting sip-q-value 0Set voip phone 1 2 sip-advanced-setting sip-qos-tos-value 0 Set voip phone 1 2 codec G72632 priority 1 2 3 4 5 6 7 none 232 233 Set voip phone 1 sip-advanced-setting sip-dtmf-mode rfc2833 234 UPnP settings DSL Forum settings 236 TR-069 Remote Management settings Set backup failure-timeout 1 Backup IP Gateway SettingsSet backup option disabled manual automatic Set backup auto-recovery off on Set ip backup-gateway default ipaddress Set ip backup-gateway option on offSet ip backup-gateway interface ip-address ppp-vccn 239 Vdsl Settings 240 241 242 Vdsl Parameters Accepted Values 243 Parameter 244 Accepted Values 245 246 Technical Specifications and Safety Information Description Agency approvals North AmericaInternational Manufacturer’s Declaration of Conformance 247Declaration for Canadian users Telecommunication installation cautions Important Safety InstructionsAustralian Safety Information 248 CFR Part 68 Information 249 Electrical Safety Advisory Warranty Information250 Limited Warranty 251 Copyright Acknowledgments 252 253 Caring for the Environment by Recycling 254 Reciclagem do seu equipamento Motorola 255Uw Motorola-materiaal recycleren Återvinning av din Motorola-utrustning 256 Index 258 Shell 260