Chapter 4: Firewall, Failover & OOB Access
98
Console servers are configured so that they will not route traffic between networks. To use the console
server as an Internet or external network gateway, forwarding must be enabled so that traffic can be
routed from the internal network to the Internet/external network:
1. Navigate to the System > Firewall page, and click on the Forwarding & Masquerading tab
2. Find the Source Network to be routed, and tick the relevant Destination Network to enable
Forwarding
IP Masquerading is required if the console server is routing to the Internet or if the external network being
routed to does not have routing information about the internal network behind the console server.
IP Masquerading performs Source Network Address Translation (SNAT) on outgoing packets, to make
them appear like they've come from the console server (rather than devices on the internal network).
When response packets come back devices on the external network, the console server translates the
packet address back to the internal IP, so that it is routed correctly. This allows the console server to
provide full outgoing connectivity for internal devices using a single IP Address on the external network.
By default, IP Masquerading is disabled for all networks. To enable masquerading:
1. Select Forwarding & Masquerading panel on the System > Firewall menu.
2. Check Enable IP Masquerading (SNAT) on the network interfaces where masquerading is
enabled.
This masquerading would be applied to any interface that is connecting with a public network such as the
Internet.
To Next Page
Loading...
Need help?
General
Weight and Dimensions
