Page
42
/
85
5. Forwarding
For LAN
WAN communications, the gateway normally only allows you to originate an IP connection
with a PC on the WAN; it will ignore attempts of the WAN PC to originate a connection onto your PC. This
protects you from malicious attacks from outsiders. However, sometimes you may wish for anyone outside
to be able to originate a connection to a particular PC on your LAN if the destination port (application)
matches one you specify.
This page allows you to specify up to rules. For example, to specify that outsiders should have access to an
FTP server you have running at 192.168.0.5, create a rule with that address and Start Port =20 and End Port
=21 (FTP port ranges) and Protocol = TCP (FTP runs over TCP and the other transport protocol, UDP), and
click Apply. This will cause inbound packets that match to be forwarded to that PC rather than blocked. As
these connections are not tracked, no entry is made for them in the Connection Table. The same IP address
can be entered multiple times with different ports.
Fig.2-22 Gateway\Advanced\Forwarding