Static nat – RuggedCom RuggedRouter RX1100 User Manual
Page 134
14. Configuring The Firewall
Revision 1.14.3
134
RX1000/RX1100™
The Action field specifies the final action to take on incoming requests matching the rule. The and
log to syslog field determines whether logging will take place and at which logging level.
The Source zone field specifies the zone from which the request originates.
The Destination zone or port field specifies the request's destination.
Each of the Source and Destination zones may use one of the defined zone names, or one may select
"Other..." and specify a zone name in the text field to the right. Both Source and Destination may
be further qualified using the Only hosts in zone with addresses fields. Multiple comma-separated
subnet, IP, or MAC addresses may be specified in the following way:
• Subnet: 192.168.1.0/24
• IP: 192.168.1.1
• IP range: 192.168.1.1-192.168.1.25
• MAC: ~00-A0-C9-15-39-78
The Protocol field specifies the protocol (tcp, udp or icmp) to match.
The Source ports and Destination ports fields specify TCP or UDP port numbers to match. These
fields are in the form of a list of comma-separated port numbers or ranges of port numbers of the
form, "first:last".
The Original destination address field matches the request's destination IP address.
Note
If you use are using DNAT to implement port forwarding, enter the original destination address
here and the forwarded address in the Destination zone or port fields Only hosts in zone with
address sub-field.
The Rate limit expression fields specify rate limit control of the form “X/sec” or “X/min” where X is
the number of allowed requests in the time period. A burst limit field “:Y”where Y is the maximum
consecutive number of requests and defaults to five if not configured.
The Rule applies to user set fields allow advanced users to match the rule against specific users
and groups. This matching only takes place when the source of the traffic is the firewall itself.
14.6.7. Static NAT
Figure 14.13. Static NAT