Section 31.3.6 – Westermo RedFox Series User Manual
Page 740
Westermo OS Management Guide
Version 4.17.0-0
NAT rule. Rules are created for both the forward and reverse direc-
tion (see
). Do not set this option if you want to
manage forwarding rules yourself.
– ”noarp”. Specify to disable ARP proxying for this rule. (see
for details).
– ”passive”. Specify that this rule is created as inactive. It will be
shown in config but not used. To enable use ”passive” command,
see
– ”log”. Enables logging for traffic that matches this NAT rule. Noth-
ing will however be logged if logging is enabled here but disabled
under the common settings. See
❼ Delete a NAT rule
Use the command ”no nat <POS>” to delete a specific NAT rule on
the position POS as shown with the command ”show” or ”show nat”.
Delete all NAT rules with ”no nat”.
Use ”show nat” to show configured NAT rules.
Default values Addresses without subnet lengths will be considered to be of
length /32 i.e. as a single IP address.
31.3.6
Configure Port Forwarding Rule
Syntax [no] port-forward in <IFNAME>:<PORTRANGE> [src <IPADDRESS/LEN>]
dst <IPADDRESS>[:PORTRANGE] [proto <tcp|udp>] [passive] [log]
Context
context
Usage Add/delete a Port Forwarding rule. This is commonly used when the
switch is acting as NAT gateway, see
. E.g., ”port-forward
in vlan1:80 dst 10.0.0.2 proto tcp” to forward all web traffic coming
in on interface vlan1 to the Web server at IP address 10.0.0.2 (port 80).
❼ The argument ”<IFNAME>:<PORTRANGE>” specifies incoming interface,
and what port or port range to match.
❼ Use the ”[src <IPADDRESS[/LEN]>]” to match a single source IP ad-
dress or whole subnet.
❼ Use the ”dst <IPADDRESS>[:PORTRANGE]” to specify where the pack-
ets should be forwarded. If the ”PORTRANGE” parameter is omitted, the
740
➞ 2015 Westermo Teleindustri AB