ZyXEL P-336M User Guide - Page 46

Applications

Get ZyXEL P-336M PDF manuals and user guides View all ZyXEL P-336M manuals
Add to My Manuals
Save this manual to your list of manuals

Page 46 highlights

ZyXEL P-336M User's Guide Table 17 Advanced: Virtual Server (continued) LABEL IP Address Protocol Private Port Public Port Inbound Filter Schedule DESCRIPTION This field displays the IP address of the inside server. This field displays the protocol type. This field displays the port number to which you want the P-336M to translate the public port. This field displays the incoming port number. This field displays the name of the filter on the incoming traffic. This field displays the name of the schedule to use. 4.3 Applications You can enable Application Layer Gateway (ALG) to allow certain NAT un-friendly applications (such as SIP) to operate properly through the P-336M. Alternatively, you can configure port triggering to allow computers on the LAN to dynamically take turns using the service 4.3.1 ALG Some applications cannot operate through NAT (are NAT un-friendly) because they embed IP addresses and port numbers in their packets' data payload. The P-336M examines and uses IP address and port number information embedded in the data stream. When a device behind the P-336M uses an application for which the P-336M has ALG service enabled, the P-336M translates the device's private IP address inside the data stream to a public IP address. It also records session port numbers and dynamically creates implicit NAT port forwarding and firewall rules for the application's traffic to come in from the WAN to the LAN. You may have to configure the server setting for an application in the Virtual Server screen (see Chapter 4 on page 43). 4.3.2 Port Triggering Some services use a dedicated range of ports on the client side and a dedicated range of ports on the server side. With regular port forwarding (or virtual server setup) you set a forwarding port in NAT to forward a service (coming in from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP address. In order to use the same service on a different LAN computer, you have to manually replace the LAN computer's IP address in the forwarding port with another LAN computer's IP address. Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service. The P-336M records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol ("trigger" port and protocol). When the P-336M's WAN port receives a response with Chapter 4 Advanced 46

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
ZyXEL P-336M User’s Guide
Chapter 4 Advanced
46
4.3
Applications
You can enable Application Layer Gateway (ALG) to allow certain NAT un-friendly
applications (such as SIP) to operate properly through the P-336M. Alternatively, you can
configure port triggering to allow computers on the LAN to dynamically take turns using the
service
4.3.1
ALG
Some applications cannot operate through NAT (are NAT un-friendly) because they embed IP
addresses and port numbers in their packets’ data payload. The P-336M examines and uses IP
address and port number information embedded in the data stream. When a device behind the
P-336M uses an application for which the P-336M has ALG service enabled, the P-336M
translates the device’s private IP address inside the data stream to a public IP address. It also
records session port numbers and dynamically creates implicit NAT port forwarding and
firewall rules for the application’s traffic to come in from the WAN to the LAN.
You may have to configure the server setting for an application in the Virtual Server screen
(see
Chapter 4 on page 43
).
4.3.2
Port Triggering
Some services use a dedicated range of ports on the client side and a dedicated range of ports
on the server side. With regular port forwarding (or virtual server setup) you set a forwarding
port in NAT to forward a service (coming in from the server on the WAN) to the IP address of
a computer on the client side (LAN). The problem is that port forwarding only forwards a
service to a single LAN IP address. In order to use the same service on a different LAN
computer, you have to manually replace the LAN computer's IP address in the forwarding port
with another LAN computer's IP address.
Trigger port forwarding solves this problem by allowing computers on the LAN to
dynamically take turns using the service. The P-336M records the IP address of a LAN
computer that sends traffic to the WAN to request a service with a specific port number and
protocol ("trigger" port and protocol). When the P-336M's WAN port receives a response with
IP Address
This field displays the IP address of the inside server.
Protocol
This field displays the protocol type.
Private Port
This field displays the port number to which you want the P-336M to translate the
public port.
Public Port
This field displays the incoming port number.
Inbound Filter
This field displays the name of the filter on the incoming traffic.
Schedule
This field displays the name of the schedule to use.
Table 17
Advanced: Virtual Server (continued)
LABEL
DESCRIPTION