3 configuring inbound acl rules, 4 reverse static nat, 5 reverse napt / virtual server – Asus SL1200 User Manual

64

Chapter 9 - Configuring Firewall/NAT Settings

ASUS SL1200

9.2.4 Reverse Static NAT

Reverse static NAT maps a globally valid IP address to an internal host

address for the inbound traffic. All packets coming to that globally valid IP

address are relayed to the Internal address. This is useful when hosting

services in an internal machine. Figure 9.5 shows that four globally valid IP

addresses are mapped to four hosts on the internal network and each can

be used to host some services for inbound traffic such as an FTP server.

9.2.5 Reverse NAPT / Virtual Server

Reverse NAPT is also called inbound mapping, port mapping, or virtual

server. Any packet coming to the router can be relayed to the internal host

based on the protocol, the port number or the IP address specified in the

ACL rule. This is useful when multiple services are hosted on different

internal machines. Figure 9.6 shows that web server (TCP/80) is hosted on

PC A, telnet server (TCP/23) on PC B, DNS server (UDP/53) on PC C and

FTP server (TCP/21) on PC D. This means that the inbound traffic of these

four services will be directed to respective host hosting these services.

9.3 Configuring Inbound ACL Rules

By creating ACL rules in Inbound ACL configuration page as shown in

Figure 9.7, you can control (allow or deny) incoming access to computers

on your LAN.
Options in this configuration page allow you to:

• Add a rule, and set parameters for it
• Modify an existing rule
• Delete an existing rule
• View configured ACL rules