ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

Table 33. Outbound rules overview (continued)

Setting

Description

Outbound Rules

 

 

 

Log

The setting that determines whether packets covered by this rule

All rules

 

are logged. The options are:

 

 

Always. Always log traffic that matches this rule. This is useful

 

 

when you are debugging your rules.

 

 

Never. Never log traffic that matches this rule.

 

 

 

 

NAT IP

The setting that specifies whether the source address of the

IPv4 LAN WAN rules

 

outgoing packets on the WAN should be assigned the address of

IPv4 DMZ WAN rules

 

the WAN interface or the address of a different interface. You can

 

 

specify these settings only for outbound traffic of the WAN

 

 

interface. The options are:

 

 

WAN Interface Address. All the outgoing packets on the WAN

 

 

are assigned to the address of the specified WAN interface.

 

 

Single Address. All the outgoing packets on the WAN are

 

 

assigned to the specified IP address, for example, a secondary

 

 

WAN address that you have configured.

 

 

Note: The NAT IP drop-down list is available only when the WAN

 

 

mode is NAT. If you select Single Address, the IP address

 

 

specified should fall under the WAN subnet.

 

Inbound Rules (Port Forwarding)

If you have enabled Network Address Translation (NAT), your network presents one IP address only to the Internet, and outside users cannot directly access any of your local computers (LAN users). (For information about configuring NAT, see Network Address Translation on page 27.) However, by defining an inbound rule you can make a local server (for example, a web server or game server) visible and available to the Internet. The rule informs the firewall to direct inbound traffic for a particular service to one local server based on the destination port number. This process is also known as port forwarding.

WARNING:

Allowing inbound services opens security holes in your network. Enable only those ports that are necessary for your network.

Whether or not DHCP is enabled, how the computer accesses the server’s LAN address impacts the inbound rules. For example:

If your external IP address is assigned dynamically by your ISP (DHCP enabled), the IP address might change periodically as the DHCP lease expires. Consider using Dynamic DNS so that external users can always find your network (see Configure Dynamic DNS on page 35).

If the IP address of the local server computer is assigned by DHCP, it might change when the computer is rebooted. To avoid this, use the Reserved (DHCP Client) feature in the

Firewall Protection

133

Page 133
Image 133
NETGEAR FVS318N manual Inbound Rules Port Forwarding, 133, Nat Ip