106
application program (usually a server) incoming connections should be delivered to.
Some ports have numbers that are pre-assigned to them by the Internet Assigned
Numbers Authority (IANA), and these are referred to as "well-known ports". Servers
follow the well-known port assignments so clients can locate them.
If you wish to run a server on your network that can be accessed from the WAN (i.e.
from other machines on the Internet that are outside your local network), or any
application that can accept incoming connections (e.g. peer-to-peer applications)
and are using NAT (Network Address Translation), then you will usually need to
configure your router to forward these incoming connection attempts using specific
ports to the PC on your network running the application. You will also need to use
port forwarding if you want to host an online game server. The reason for this is that
when using NAT, your publicly accessible IP address will be used by and point to your
router, which then needs to deliver all traffic to the private IP addresses used by
your PCs. Please see the WAN Configuration section of this manual for more
information on NAT.
BiGuard 2/10 can also be configured as a virtual server so that remote users
accessing services such as Web or FTP services via the public (WAN) IP address can
be automatically redirected to local servers in the LAN network. Depending on the
requested service (TCP/UDP port number), the device redirects the external service
request to the appropriate server within the LAN network.
4.4.7.1 DMZ
The DMZ Host is a local computer exposed to the Internet. When setting a particular
internal IP address as the DMZ Host, all incoming packets will be checked by the
Firewall and NAT algorithms then passed to the DMZ host, when a packet received
does not use a port number used by any other Virtual Server entries.
Caution: Such Local computer exposure to the Internet may face a variety of
security risks.