Avocent Access Router Cyclades-PR1000 Manuel D’Utilisation
84
Cyclades-PR1000
Chapter 11 - NAT
STEP TWO
The parameters in the Timeout Menu are explained in more detail below. The preset values should be appropriate
for most applications.
The parameters in the Timeout Menu are explained in more detail below. The preset values should be appropriate
for most applications.
Timeout and Options Menu CONFIG =>SECURITY =>NAT =>TIMEOUT AND OPTIONS
Parameter
Description
UDP Timeout
Inactivity time required before a UDP translation is removed from the translation table.
An entry is created in the translation table the first time a UDP packet passes through the
interface. Five minutes is a reasonable time.
An entry is created in the translation table the first time a UDP packet passes through the
interface. Five minutes is a reasonable time.
DNS Timeout
Inactivity time required before a DNS translation is removed from the translation table.
TCP Timeout
Inactivity time required before a TCP translation is removed from the translation table.
This time should be relatively long, because under normal conditions TCP connections
are formally disconnected with FIN (No more data from sender) or RST (Reset
Connection) flags.
This time should be relatively long, because under normal conditions TCP connections
are formally disconnected with FIN (No more data from sender) or RST (Reset
Connection) flags.
TCP Flags Timeout Inactivity time required, after the receipt of a FIN, RST, or SYN (Synchronize sequence
numbers) flag, before a TCP translation is removed from the translation table. This time
can be relatively short, because after the TCP connection has been closed, there is no
further need for its address translation.
can be relatively short, because after the TCP connection has been closed, there is no
further need for its address translation.
STEP THREE
The next step is to define the global address range to which the local addresses will be translated. This is done in the
menu CONFIG =>SECURITY =>NAT =>GLOBAL ADDRESSES =>ADD RANGE. The
The next step is to define the global address range to which the local addresses will be translated. This is done in the
menu CONFIG =>SECURITY =>NAT =>GLOBAL ADDRESSES =>ADD RANGE. The
First IP Address in the
example in Figure 11.1 is 200.240.230.225, while the
Last IP Address is 200.240.230.238.
The local address ranges must also be entered into the router in the menu CONFIG =>SECURITY =>NAT =>LOCAL
ADDRESSES =>ADD RANGE. Here, the Network IP Address (192.168.0.0 in the example) and Network Mask
(255.255.255.0 in the example) are entered. Since this range is to be translated, the parameter
ADDRESSES =>ADD RANGE. Here, the Network IP Address (192.168.0.0 in the example) and Network Mask
(255.255.255.0 in the example) are entered. Since this range is to be translated, the parameter
Should This
Range be Translated should be set to Yes. In the example, the network 200.200.200.0 is not to be translated.
This can be configured by adding a new range and setting the translation parameter to
This can be configured by adding a new range and setting the translation parameter to
No, or by simply not adding
the range.