Cayman advanced features for nat internal servers – Netopia 6.3 User Manual

20

Section 3

General

A similar configuration applies to a DSL WAN interface (3220 family).

Cayman Advanced Features for NAT

Using the NAT facility provides effective LAN security. However, there are
user applications that require methods to selectively by-pass this security
function for certain types of Internet traffic.

Cayman Gateways provide special pinhole configuration rules that enable
users to establish NAT-protected LAN layouts that still provide flexible by-
pass capabilities.

Some of these rules require coordination with the unit’s embedded admin-
istration services: the internal Web (HTTP) Port (TCP 80) and the internal
Telnet Server Port (TCP 23).

Internal Servers

Related to the pinhole configuration rules is an internal port forwarding
facility that enables you to:

•

Direct traffic to specific hosts/computers on the LAN side of the Gate-
way.

•

Eliminate conflicts with embedded administrative ports 80 and 23.

1. The default setting for NAT is ON.

2. Cayman uses Port Address Translation (PAT) to implement the NAT
facility.

3. NAT Pinhole traffic (discussed below) is always initiated from the
WAN side.

WAN

Interface

LAN

Ethernet

Interface

Dual Ethernet Gateway

NAT

Internet

Embedded Admin Services:

HTTP-Web Server and Telnet Server Port

NAT-protected
LAN stations

Cable

Modem

Ethernet