Proxicast

Topics > LAN-Cell 2 > FAQ ID # 92

FAQ ID # 92
Last Update : 2012/02/20
Rating : Not Rated
Send FAQ by E-mail
Add to favorites
Print this FAQ

Social Bookmark this Article :


Question / Issue
Using the Default Server feature of NAT/SUA/Port Forwarding.

Answer / Solution

The Default Server feature of the LAN-Cell's NAT (port forwarding) service is used to control what happens to incoming packets from the WAN or Cellular interface that are destined for IP addresses on the LAN interface.

If the Default Server address is 0.0.0.0 (factory default setting), then the NAT table is used to define which LAN IP address (called the Server IP Address) should receive packets that come into the WAN or Cellular interfaces on specific ports.  For example, you might define port 502 (ModBus TCP) to be forwarded to 192.168.1.7.  In the LAN-Cell 2, you can also redirect the incoming port numbers to different port numbers on the destination LAN IP address.  Any packets sent to ports not specifically defined in the NAT table will be rejected.  This makes the LAN "normally closed" unless you open specific ports that are redirected to specific LAN IP addresses. This is the most common and most secure way to use the NAT/Port Forwarding feature.

If the Default Server is NOT 0.0.0.0, then ALL incoming packets are redirected to the Default Server address EXCEPT those defined in the NAT table.  Only packets defined in the NAT table will be redirected to other LAN IP addresses.  Therefore the Default Server IP address is "normaly open" to all Internet traffic.  If you implement a Default Server IP address, you must create NAT/Port Forwarding rules for each other port and IP address that should be accessible via the WAN or Cellular interfaces.  This includes any of the LAN-Cell's Remote Management ports (HTTP-80, Telnet-23, etc).  If you do not define these rules, you will not be able to access the LAN-Cell for remote management from the Internet.  In our experience, very few users have application requirements that warrant using the Default Server feature.

Several other issues to note:

- You must also define Firewall Rules to permit (or block) the desired traffic from the WAN or Cellular interfaces to the LAN.

- You must define the NAT and Default Server rules for the WAN and Cellular interfaces separately (LAN-Cell 2). Make sure you are editing the rules for the correct interface.

- On the NAT Overview page, be sure that you have NAT enabled on the desired interfaces.




Direct Link to This FAQ
http://www.proxicast.com/AbsoluteFM/?f=92

Tags
NAT SUA PORT FORWARD FORWARDING default server redirect redirection map mapping incoming translation translate
How would you rate this article?

Poor
1
2
3
4
5

Great
Submit

Back to Top