Billion Electric Company BIPAC 8500 User Manual

Page 107

Advertising
background image

Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router

Chapter 4: Configuration

For example, if you set the port number 80 (Web/HTTP) to be mapped to the IP Address
192.168.1.2, then all incoming HTTP requests from outside users will be forwarded to the local
server (PC) with the IP address of 192.168.1.2. If the port is not listed as a predefined
application, you need to add it manually.

In addition to specifying the port number to be used, you will also need to specify the protocol
used. The protocol used is determined by the particular application. Most applications will use
TCP or UDP, however you can specify other protocols using the drop-down Protocol menu.
Setting the protocol to “all” will cause all incoming connection attempts using all protocols on all
port numbers to be forwarded to the specified IP address.

DMZ:

The DMZ Host is a local computer exposed to the Internet. When setting a particular

internal IP address as the DMZ Host, all incoming packets will be checked by the Firewall and
NAT algorithms, then passed to the DMZ host when a packet received does not use a port
number used by any other Virtual Server entries.

Using port forwarding does have security implications, as outside users will
be able to connect to PCs on your network. For this reason you are
advised to use specific Virtual Server entries just for the ports your
application requires instead of simply using DMZ or create a Virtual Server
entry for “All” protocols, as doing so will result in all connection attempts to
your public IP address will access the PC specified.


If you have disabled the NAT option in the WAN-ISP section, the Virtual
Server function will hence be invalid.

Attention

Attention

If the DHCP server option is enabled, you have to be very careful in
assigning the IP addresses of the virtual servers in order to avoid conflicts.
The easiest way of configuring Virtual Servers is to manually assign static
IP address to each virtual server PC, with an address that does not fall into
the range of IP addresses that are to be issued by the DHCP server. You
can configure the virtual server IP address manually, but it must still be in
the same subnet as the router.

103

Advertising
Popular Brands
Popular manuals