Chapter 8 Network
8.5 UPnP Port Mapping Screen
Use UPnP (Universal Plug and Play) port mapping to allow access from the WAN to services you select on the NSA. It is recommended that you place the NSA behind an Internet gateway firewall device to protect the NSA from attacks from the Internet (see RAID and Data Protection on page 172 for firewall type suggestions). Many such Internet gateways use UPnP to simplify
Figure 82 UPnP for FTP Access
192.168.1.20
a.b.c.d
TCP: 21 | TCP: 21 |
In the above example, UPnP creates a firewall rule and NAT port forwarding mapping to send FTP traffic (using TCP port number 21) from the public IP address a.b.c.d to the NSA’s private IP address of 192.168.1.20.
Use the NSA’s UPnP Port Mapping screen to configure the UPnP settings your Internet gateway uses to allow access from the WAN (Internet) to services you select on the NSA. You can also set which port Internet users need to use in order to access a specific service on the NSA.
Note: To use UPnP port mapping, your Internet gateway must have UPnP enabled.
If your Internet gateway supports Port Address Translation (PAT is sometimes included with a port forwarding feature), you can have the Internet users use a different TCP port number from the one the NSA uses for the service.
Figure 83 UPnP Port Address Translation for FTP Example
192.168.1.20
a.b.c.d
TCP: 21 | TCP: 2100 |
In the above example, the Internet gateway uses PAT to accept Internet user FTP sessions on port 2100, translate them to port 21, and forward them to the NSA.
178 |
| |
NSA320 User’s Guide |
| |
|
|
|