Accessing the internet from the lan, Configuring nat port range, Configuring nat tcp timeout – Verilink 8100A (34-00237) Product Manual User Manual
Page 295: Configuring nat udp timeout, Accessing lan devices from the internet
A p p l i c a t i o n s N o t e s
D-3
10.0.0.0 through 10.255.255.255, 172.16.0.0 through 172.31.255.255, or
192.168.0.0 through 192.168.255.255.
Accessing the Internet from the LAN
When you want to access the Internet from the LAN, but do not want to
access any local LAN devices from the Internet, enable NAT translation on
the WAN port that is connected to the Internet Service Provider (ISP). If two
ATM PVCs are defined and one of these is connected to a voice gateway, the
PVC connected to the ISP should have NAT enabled.
Configuring NAT Port Range
When you access the internet from the LAN, the request uses the next unused
port number in the configured NAT port range. For most applications, the
default range of 30000 through 65535 will work, as these port numbers are
not commonly used. If any port numbers in this range are used (i.e.,
multiplayer Internet games), the range must be adjusted. The number of
concurrent requests through NAT is limited by the size of the range. For
current port number assignments, please refer to http://www.iana.org/
assignments/port-numbers.
Configuring NAT TCP Timeout
When a TCP connection is made through NAT, a context block is allocated
from the IAD’s memory. This context block is freed when either the TERM
bit is seen in the TCP header, or when the timeout period has been exceeded
with no data. In most applications, the default value of 5 min (300 s) will be
sufficient. If the application features a large number of aborted TCP
connections, this value may need to be lowered. If the application features
connections with longer idle times, this value may need to be increased.
Configuring NAT UDP Timeout
When a non-TCP connection is made through NAT, a context block is
allocated from the IAD’s memory. This context block is freed when the
timeout period has been exceeded with no data. In most applications, the
default value of 2 min (120 s) will be sufficient. If the application features a
large number of very short UDP, AH, or ESP connections, this value may
need to be lowered. If the application features connections with longer idle
times, this value may need to be increased.
Accessing LAN Devices from the Internet
If you want to access a LAN device from the Internet (i.e., Web server, FTP
server, etc.), the device must be configured in NAT to allow access from the
Internet. There are two ways to do this: through a NAT Local Server entry or
through a NAT Alias entry.