GigaFast Ethernet
Section 6
Virtual Server
Generally, NAT based routers/firewalls filter out all unrecognized packets from the
WAN to protect your Internal LAN computers; therefore, all LAN computers behind
the Wireless Router are invisible to the outside Internet. However, some Internet
servers (like WWW, FTP, E-mail) should be visible and accessible by the outside
Internet. As a result, the Wireless Router provides Virtual Server functions to meet
this demand. In addition, the Wireless Router also protect the servers and all other
computers in the LAN simultaneously.
Since all the Internet servers always handle the fixed TCP/UDP service port number
(like WWW is 80, FTP is 21) any packets from the WAN which have a destination
port number that matches a virtual server’s ports, then these packets will be
forwarded to the pre-defined LAN’s IP. The destination port number is also kept the
same or mapped into another port for LAN. TCP ports are always mapped into TCP
ports.
For example, if you have an FTP server (port21) at 192.168.8.5, a mail server (port
110) at 192.168.8.6, and a VPN server at 192.168.8.7, then you need to specify the
virtual server as:
WAN IP + port 21
192.168.8.5 + port 21
WAN IP + port 110
192.168.8.6 + port 110
WAN IP + port 1723
192.168.8.7 + port 1723
Another example : If there are 2 Web servers in LAN (and installed by 2 different
computers)
WAN IP + port 80
192.168.8.8 + port 80
WAN IP + port 8080
192.168.8.9 + port 80
Please refer to Appendix A for some well-know service ports.
