For example, if you have an FTP server (port 21) at 192.168.123.1, a Web server (port 80) at 192.168.123.2, and a VPN server at 192.168.123.6, you need to specify the following virtual server mapping as shown in the table below:

Service Port

Server IP

Enable

 

 

 

21

192.168.123.1

X

80

192.168.123.2

X

1723

192.168.123.6

X

The “IP Address” section should contain the IP of the server computer in the LAN network that will be providing the virtual services. The “Public Port” is the port number or port range on the WAN side that will be used to access the virtual service. The “Private Port” is the port number of the service used by the server computer. “Data Type” can be User Datagram Protocol (UDP), Transmission Control Protocol (TCP) or both. This depends on the type of service you are running. TCP is connection-oriented protocol and UDP is connectionless. Since most services are connection-oriented, you will most likely need to select TCP. For example, FTP and HTTP are connection-oriented services while DNS and many streaming radio servers are connectionless.

7.7.2 Special Applications

Some applications require multiple connections, such as Internet games, video conferencing, and Internet telephony. These applications cannot work with a pure NAT router because of the firewall function. However, the Special Applications feature allows some of these applications to work with the router. Should the Special Applications feature fail to make an application work, you can try setting your computer as a DMZ host.

Trigger: This is the outbound port number issued by the application.

Incoming Ports: When the trigger packet is detected, the inbound packets sent to specified port numbers are allowed to pass through the firewall.

The router provides some predefined settings. To add a predefined setting to your list, select an application and click “Copy to”.

Note: Only one computer can use the Special Application tunnels at any given time.

Page 29
Image 29
SMC Networks SMCBR18VPN manual Service Port Server IP Enable, Special Applications