Filter
Top Products
Aurorean Network Gateway-1100 User’s Guide 39
Chapter 3
Configuring the ANG-1100 with Aurorean Web Config
NOTE
If you press the Reset button after configuring your ANG-1100, you will
lose your entire configuration. Any settings you have changed from
factory defaults, such as firewall rules, will be removed. We recommend
that you save these settings to a Notepad file which you then can
reference if you are compelled to use the Reset button.
Configuring IP Port Forwarding
ANG-1100’s support of IP Port Forwarding permits you to make servers on
the trusted network of the ANG-1100 available to the rest of the VPN. In
contrast to Network Address Translation (NAT), which allows access to
external-side servers initiated by internal-side hosts, Port Forwarding permits
access to internal-side servers initiated by external-side hosts.
This is accomplished by rewriting the headers of all packets bound for the
ANG-1100 and forwarding them to another host on the trusted-side of the
network, depending on their destination port (port numbers corresponding
to standard, well-known protocols). The IP addresses are re-written so that
incoming IP (TCP and UDP) packets are forwarded to their intended
destinations, and the reply packets are re-written to appear to be coming from
the ANG-1100.
This process requires static, known values for the following:
! The IP address assigned to ANG-1100 by the VPN. This address is in
RiverMaster in the ANG-1100's user account and may not be assigned
dynamically via pools or virtual subnets.
! The IP address of the server on the ANG-1100 trusted network (one
server per protocol). This may not be dynamically assigned by the
ANG-1100 via DHCP.
! The protocol (TCP or UDP) and the protocol port number.
IP Port Forwarding is configured by editing the ipportfw command in the
ipfwrules configuration file in the Config Editor tool of the Web Config. The
ipportfw commands should be entered at the end of the ipfwrules file.