Versionen im Vergleich

Alte Version 2

changes.mady.by.user LANCOM Redaktion

Gespeichert am

verglichen mit

Neue Version Aktuell

changes.mady.by.user LANCOM Redaktion

Gespeichert am

Schlüssel

  • Diese Zeile wurde hinzugefügt.
  • Diese Zeile wurde entfernt.
  • Formatierung wurde geändert.
Seiteneigenschaften



Description:

This document describes how to configure the translation of private addresses in the DMZ into publicly accessible addresses.


Requirements:


Procedure:

1. First, you c onfigure the DMZ IP address.
Image Removed

Image Added

2. For security reasons you should additionally activate the private mode for the corresponding ports. You can make this setting under the following menu item: Configuration -> Interfaces -> LAN -> Ethernet ports.
Image Removed

Image Added

3. You then switch off IP masquerading of the default route.
Image Removed

Image Added

4. In the N:N table you then add the entries which translate the server addresses from the DMZ into public addresses.
Example for a mail server:

  • The mail server with the IP address
192.168.1.2
  • is to be translated to the public address
217.217.217.217
  • .


  • To do this, switch to the following menu item:
Configuration -> IP router -> N:N mapping -> N:N NAT table
  • .


  • Specify here the netmask associated with the IP addresses entered.


  • The netmask applies to both IP address ranges (original and translated), because N:N-address mapping (NAT, network address translation, in this case N:N NAT) requires that the original and the translated IP networks are of equal size.


  • If you only need to translate one single IP address, enter the netmask
255.255.255.255
  • .
Image Removed


Image Added
5. The server can now be contacted from the WAN via its public IP address.