Vigor2820 Series User’s Guide
66
Add
It allows you to add the one you choose from the ARP table or
the IP/MAC address typed in
Add and Edit
to the table of
IP
Bind List
.
Edit
It allows you to edit and modify the selected IP address and MAC
address that you create before.
Remove
You can remove any item listed in
IP Bind List
. Simply click
and select the one, and click
Remove
. The selected item will be
removed from the
IP Bind List
.
Note:
Before you select
Strict Bind
, you have to bind one set of IP/MAC address for one
PC. If not, no one of the PCs can access into Internet. And the web configurator of the router
might not be accessed.
3
3
.
.
3
3
N
N
A
A
T
T
Usually, the router serves as an NAT (Network Address Translation) router. NAT is a
mechanism that one or more private IP addresses can be mapped into a single public one.
Public IP address is usually assigned by your ISP, for which you may get charged. Private IP
addresses are recognized only among internal hosts.
When the outgoing packets destined to some public server on the Internet reach the NAT
router, the router will change its source address into the public IP address of the router, select
the available public port, and then forward it. At the same time, the router shall list an entry
in a table to memorize this address/port-mapping relationship. When the public server
response, the incoming traffic, of course, is destined to the router’s public IP address and the
router will do the inversion based on its table. Therefore, the internal host can communicate
with external host smoothly.
The benefit of the NAT includes:
z
Save cost on applying public IP address and apply efficient usage of IP address.
NAT allows the internal IP addresses of local hosts to be translated into one public IP
address, thus you can have only one IP address on behalf of the entire internal hosts.
z
Enhance security of the internal network by obscuring the IP address.
There are
many attacks aiming victims based on the IP address. Since the attacker cannot be
aware of any private IP addresses, the NAT function can protect the internal network.
On NAT page, you will see the private IP address defined in RFC-1918. Usually we use
the 192.168.1.0/24 subnet for the router. As stated before, the NAT facility can map one
or more IP addresses and/or service ports into different specified services. In other words,
the NAT function can be achieved by using port mapping methods.
Below shows the menu items for NAT.
3
3
.
.
3
3
.
.
1
1
P
P
o
o
r
r
t
t
R
R
e
e
d
d
i
i
r
r
e
e
c
c
t
t
i
i
o
o
n
n
Port Redirection
is
usually set up for server related service inside the local network (LAN),
such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP
address for each server and this public IP address/domain name are recognized by all users.
Since the server is actually located inside the LAN, the network well protected by NAT of
the router, and identified by its private IP address/port, the goal of Port Redirection function
Summary of Contents for VIGOR2820 series
Page 1: ...Vigor2820 Series ADSL2 2 Security Firewall User s Guide Version 2 1 Date 2008 10 13...
Page 8: ......
Page 28: ...Vigor2820 Series User s Guide 20 This page is left blank...
Page 40: ...Vigor2820 Series User s Guide 32 This page is left blank...
Page 232: ...Vigor2820 Series User s Guide 224 This page is left blank...