ZyXEL Communications Internet Security Gateway ZyWALL 2 Series User Manual

ZyWALL 2 Series User’s Guide

NAT

28-17

LAN computer, you have to manually replace the LAN computer's IP address in the forwarding port with
another LAN computer's IP address,

Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns
using the service. The ZyWALL records the IP address of a LAN computer that sends traffic to the WAN to
request a service with a specific port number and protocol (a "trigger" port). When the ZyWALL's WAN port
receives a response with a specific port number and protocol ("incoming" port), the ZyWALL forwards the
traffic to the LAN IP address of the computer that sent the request. After that computer’s connection for that
service closes, another computer on the LAN can use the service in the same manner. This way you do not
need to configure a new IP address each time you want a different LAN computer to use the application.

28.5.1 Trigger Port Forwarding Process

The following is an example of trigger port forwarding.

Figure 28-22 Trigger Port Forwarding Process: Example

1. A requests a file from the Real Audio server (port 7070).

2. Port 7070 is a “trigger” port and causes the ZyWALL to record A’s computer IP address. The

ZyWALL associates A's computer IP address with the "incoming" port range of 6970-7170.

3. The Real Audio server responds using a port number ranging between 6970-7170.

4. The ZyWALL forwards the traffic to A’s computer IP address.