User manual ZYXEL PRESTIGE 791R

[. . . ] Prestige 791R G. SHDSL Router User's Guide Version 3. 40 May 2003 Prestige 791R G. SHDSL Router Copyright Copyright © 2003 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. [. . . ] IP Address= Gateway Node= 1 Press ENTER to Confirm or ESC to Cancel: Figure 10-3 Edit Bridge Static Route Table 10-2 Edit Bridge Static Route FIELD Route # Route Name Active Ether Address IP Address Gateway Node DESCRIPTION This is the route index number you typed in Menu 12. 3 ­ Bridge Static Route Setup. Type the MAC address of the destination computer that you want to bridge the packets to. If available, type the IP address of the destination computer that you want to bridge the packets to. Press [SPACE BAR] and then [ENTER] to select the number of the remote node (one to eight) that is the gateway of this static route. Bridging Setup 10-3 Prestige 791R G. SHDSL Router FIELD DESCRIPTION When you have completed this menu, press [ENTER] at the prompt "Press ENTER to confirm or ESC to cancel" to save your configuration or press [ESC] to cancel and go back to the previous screen. 10-4 Bridging Setup Prestige 791R G. SHDSL Router Chapter 11 Network Address Translation (NAT) This chapter discusses how to configure NAT on the Prestige. 11. 1 NAT Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 11. 1. 1 NAT Definitions Inside/outside denotes where a host is located relative to the Prestige, for example, the computers of your subscribers are the inside hosts, while the web servers on the Internet are the outside hosts. Global/local denotes the IP address of a host in a packet as the packet traverses a router, for example, the local address refers to the IP address of a host when the packet is in the local network, while the global address refers to the IP address of the host when the same packet is traveling in the WAN side. Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet when the packet is still in the local network, while an inside global address (IGA) is the IP address of the same inside host when the packet is on the WAN side. Table 11-1 NAT Definitions ITEM Inside Outside Local Global This refers to the host on the LAN. This refers to the packet address (source or destination) as the packet travels on the LAN. This refers to the packet address (source or destination) as the packet travels on the WAN. DESCRIPTION NAT 11-1 Prestige 791R G. SHDSL Router NAT never changes the IP address (either local or global) of an outside host. 11. 1. 2 What NAT Does In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host. Note that the IP address (either local or global) of an outside host is never changed. The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP. In addition, you can designate servers, for example, a web server and a telnet server, on your local network and make them accessible to the outside world. Although you can make designated servers on the LAN accessible to the outside world, it is strongly recommended that you attach those servers to the DMZ port instead. If you do not define any servers (for Many-to-One and Many-to-Many Overload mapping ­ see Table 11-2), NAT offers the additional benefit of firewall protection. With no servers defined, your Prestige filters out all incoming inquiries, thus preventing intruders from probing your network. For more information on IP address translation, refer to RFC 1631, The IP Network Address Translator (NAT). 11. 1. 3 How NAT Works Each packet has two addresses ­ a source address and a destination address. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is the source address on the WAN. For incoming packets, the ILA is the destination address on the LAN, and the IGA is the destination address on the WAN. NAT maps private (local) IP addresses to globally unique ones required for communication with hosts on other networks. [. . . ] 15-7 retry count. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4 retry interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4 RFC-1483 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2, 1-4, 8-2 RFC-2364 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2, 8-2, 8-3 RIP. . . . . . . . . See Routing Information Protocol Routing Information Protocol. . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ]