16
Virtual Servers
This chapter describes how to set up, manage, and remove virtual servers. First, it provides an overview of virtual servers, and, then, it introduces the virtual server screens and commands. See Section 5.4.18 on page 121 for related information on these screens.
16.1 Virtual Server Overview
Virtual server is also known as port forwarding or port translation.
"The virtual server changes the destination address of packets. This is also known as Destination NAT (DNAT).
Virtual servers are computers on a private network behind the ZyWALL that you want to make available outside the private network. If the ZyWALL has only one public IP address, you can make the computers in the private network available by using ports to forward packets to the appropriate private IP address.
In the ZyWALL, you set up a virtual server for each forwarding rule. The first part of the virtual server defines the conditions required to forward the packet.
•Original IP - the original destination address; it can be an Ethernet, VLAN, bridge, or PPPoE/PPTP interface; a specific IP address; or a HOST address object. (See Chapter 35 on page 515.)
•Protocol Type - the protocol [TCP, UDP, or both (Any)] used by the service requesting the connection.
•Original Port(s) - the original destination port or range of destination ports. You might use a range of destination ports for unknown services or when one server supports more than one service.
The second part of the virtual server controls where the packet is forwarded if the conditions are satisfied.
•Mapped IP - the translated destination address.
•Mapped Port(s) - the translated destination port or range of destination ports.
The original port range and the mapped port range must be the same size.
| 255 |
ZyWALL USG 1000 User’s Guide | |
|
|