EasyManuals Logo

NETGEAR UTM9S Reference Manual

NETGEAR UTM9S
631 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #126 background imageLoading...
Page #126 background image
Firewall Protection
126
ProSecure Unified Threat Management (UTM) Appliance
Inbound Rules (Port Forwarding)
If you have enabled Network Address Translation (NAT), your network presents only one IP
address to the Internet, and outside users cannot directly access any of your local computers
(LAN users). (For information about configuring NAT, see Configure Network Address
Translation (All Models) on page 77.) However, by defining an inbound rule you can make a
local server (for example, a web server or game server) visible and available to the Internet.
The rule informs the firewall to direct inbound traffic for a particular service to one local server
based on the destination port number. This process is also known as port forwarding.
Whether or not DHCP is enabled, how the PC accesses the server’s LAN address impacts
the inbound rules. For example:
• If your external IP address is assigned dynamically by your ISP (DHCP enabled), the IP
address might change periodically as the DHCP lease expires. Consider using Dyamic
DNS so that external users can always find your network (see Configure Dynamic DNS
on page 87).
• If the IP address of the local server PC is assigned by DHCP, it might change when the
PC is rebooted. To avoid this, use the Reserved (DHCP Client) feature in the LAN Groups
screen to keep the PC’s IP address constant (see Set Up Address Reservation on
page 111).
• Local PCs need to access the local server using the PCs’ local LAN address. Attempts by
local PCs to access the server using the external WAN IP address will fail.
Note: See Configure Port Triggering on page 168 for yet another way to
allow certain types of inbound traffic that would otherwise be blocked
by the firewall.
Log The setting that determines whether packets covered by this rule are logged. The options
are:
• Always. Always log traffic considered by this rule, whether it matches or not. This is
useful when you are debugging your rules.
• Never. Never log traffic considered by this rule, whether it matches or not.
NAT IP The setting that specifies whether the source address of the outgoing packets on the
WAN should be assigned the address of the WAN interface or the address of a different
interface. You can specify these settings only for outbound traffic on the WAN interface.
The options are:
• WAN Interface Address. All the outgoing packets on the WAN are assigned to the
address of the specified WAN interface.
• Single Address. All the outgoing packets on the WAN are assigned to the specified IP
address, for example, a secondary WAN address that you have configured.
Note: The NAT IP option is available only when the WAN mode is NAT. The IP address
specified should fall under the WAN subnet.
Table 27. Outbound rules overview (continued)
Setting Description

Table of Contents

Other manuals for NETGEAR UTM9S

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the NETGEAR UTM9S and is the answer not in the manual?

NETGEAR UTM9S Specifications

General IconGeneral
BrandNETGEAR
ModelUTM9S
CategoryNetwork Hardware
LanguageEnglish

Related product manuals