Chapter 13 NAT
ZyWALL USG Series User’s Guide
444
Internal IP Select to which translated destination IP address this NAT rule forwards packets.
User Defined - this NAT rule supports a specific IP address, specified in the User Defined field.
HOST address - the drop-down box lists all the HOST address objects in the Zyxel Device. If
you select one of them, this NAT rule supports the IP address specified by the address
object.
User Defined Internal
IP
This field is available if Internal IP is User Defined. Type the translated destination IP address
that this NAT rule supports.
Internal IP Subnet/
Range
This field displays for Many 1:1 NAT. Select to which translated destination IP address subnet
or IP address range this NAT rule forwards packets. The external and Internal IP address
subnets or ranges must have the same number of IP addresses.
Port Mapping Type Use the drop-down list box to select how many external destination ports this NAT rule
supports for the selected destination IP address (External IP). Choices are:
Any - this NAT rule supports all the destination ports.
Port - this NAT rule supports one destination port.
Ports - this NAT rule supports a range of destination ports. You might use a range of
destination ports for unknown services or when one server supports more than one service.
Service - this NAT rule supports a service such as FTP (see Object > Service > Service)
Service-Group - this NAT rule supports a group of services such as all service objects related
to DNS (see Object > Service > Service Group)
Protocol Type This field is available if Mapping Type is Port or Ports. Select the protocol (TCP, UDP, or Any)
used by the service requesting the connection.
External Port This field is available if Mapping Type is Port. Enter the external destination port this NAT rule
supports.
Internal Port This field is available if Mapping Type is Port. Enter the translated destination port if this NAT
rule forwards the packet.
External Start Port This field is available if Mapping Type is Ports. Enter the beginning of the range of external
destination ports this NAT rule supports.
External End Port This field is available if Mapping Type is Ports. Enter the end of the range of external
destination ports this NAT rule supports.
Internal Start Port This field is available if Mapping Type is Ports. Enter the beginning of the range of translated
destination ports if this NAT rule forwards the packet.
Internal End Port This field is available if Mapping Type is Ports. Enter the end of the range of translated
destination ports if this NAT rule forwards the packet. The external port range and the
internal port range must be the same size.
Enable NAT
Loopback
Enable NAT loopback to allow users connected to any interface (instead of just the
specified Incoming Interface) to use the NAT rule’s specified External IP address to access
the Internal IP device. For users connected to the same interface as the Internal IP device,
the Zyxel Device uses that interface’s IP address as the source address for the traffic it
sends from the users to the Internal IP device.
For example, if you configure a NAT rule to forward traffic from the WAN to a LAN server,
enabling NAT loopback allows users connected to other interfaces to also access the
server. For LAN users, the Zyxel Device uses the LAN interface’s IP address as the source
address for the traffic it sends to the LAN server. See NAT Loopback on page 445 for more
details.
If you do not enable NAT loopback, this NAT rule only applies to packets received on the
rule’s specified incoming interface.
Table 155 Configuration > Network > NAT > Add (continued)
LABEL DESCRIPTION
To Next Page
Loading...
