Chapter 10 Network Address Translation (NAT)

Internet users can have access to host servers on the DMZ but no access to the LAN, unless special filter rules allowing access were configured by the administrator or the user is an authorized remote user.

Use this screen to configure a separate independent network from the LAN in which you can put your servers. Click Advanced Setup > NAT > DMZ to open the following screen.

Figure 35 Advanced Setup > NAT > DMZ

The following table describes the labels in this screen.

Table 22 Advanced Setup > NAT > DMZ

LABEL

DESCRIPTION

DMZ setting for

This field displays the PVC you want to configure.

 

 

DMZ

Use this field to enable or disable DMZ.

 

 

DMZ Host IP

Type the IP address for DMZ in dotted decimal notation.

Address

 

 

Note: Make sure the IP addresses of the LAN, WAN and DMZ are

 

on separate subnets.

 

 

SAVE

Click this to save your settings.

 

 

BACK

Click this to return to the previous screen without saving.

 

 

10.4 The Virtual Server Screen

LAN computers usually have DHCP-assigned private IP address that cannot be accessed directly from the WAN. Use this screen to allow the P-660RU-Tx to forward traffic to the servers on the LAN.

You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service (for example both FTP and web service), it might be better to specify a range of port numbers. You can allocate a server IP address that corresponds to a port or a range of ports.

92

 

P-660RU-Tx User’s Guide