Protocol and Address Redirection
By clicking on
Enter IP redirections
button on the Security Profile Settings page you may enter IP address or protocol redirections.
You can use them to enter 1:1 NATs, NATing of special protocols, etc.
Example 1:
To forward all data coming to your 50.11.69.17 global IP address to PC 192.168.0.10 on your LAN (1:1 NAT). Enter the following:
Protocol
|
|
Outs IP addr
|
50.11.69.17
|
Ins IP addr
|
192.168.0.10
|
Note!
|
(To be able to use 1:1 NAT address redirection, you need to have received multiple global IP addresses from your operator)
|
Example 2:
To allow protocol nr 77 through the firewall, enter the following:
Protocol
|
77
|
Outs IP addr
|
50.11.69.17
|
Ins IP addr
|
192.168.0.10
|
Example 3:
To allow ipv6 tunnelled through ipv4 through:
Protocol
|
ipv6
|
Outs IP addr
|
50.11.69.17
|
Ins IP addr
|
192.168.0.10
|
Note!
|
Common protocols such as icmp, ipv6, etc can be entered by name, others by protocol number.
|
|
The order that the rules are entered matters.
|
|
The data redirected this way is not stateful inspected, all ports allowed through and all data from LAN are allowed through to WAN. We therefore recommend that protocol and address redirections are done to PCs on a DMZ.
|
|