Avocent Cyclades-PR2000 Manuale Utente
94
Cyclades-PR2000
Chapter 11 - NAT
STEP TWO
The parameters in the Timeout Menu are explained in more detail below. The preset values should be
appropriate for most applications.
The parameters in the Timeout Menu are explained in more detail below. The preset values should be
appropriate for most applications.
Timeout and Options Menu CONFIG =>SECURITY =>NAT =>TIMEOUT AND OPTIONS
Parameter
Description
UDP Timeout
Inactivity time required before a UDP translation is removed from the translation table.
An entry is created in the translation table the first time a UDP packet passes through the
interface. Five minutes is a reasonable time.
An entry is created in the translation table the first time a UDP packet passes through the
interface. Five minutes is a reasonable time.
DNS Timeout
Inactivity time required before a DNS translation is removed from the translation table.
TCP Timeout
Inactivity time required before a TCP translation is removed from the translation table.
This time should be relatively long, because under normal conditions TCP connections
are formally disconnected with FIN (No more data from sender) or RST (Reset
Connection) flags.
This time should be relatively long, because under normal conditions TCP connections
are formally disconnected with FIN (No more data from sender) or RST (Reset
Connection) flags.
TCP Flags Timeout Inactivity time required, after the receipt of a FIN, RST, or SYN (Synchronize sequence
numbers) flag, before a TCP translation is removed from the translation table. This time
can be relatively short, because after the TCP connection has been closed, there is no
further need for its address translation.
can be relatively short, because after the TCP connection has been closed, there is no
further need for its address translation.
STEP THREE
The next step is to define the global address range to which the local addresses will be translated. This is done
in the menu CONFIG =>SECURITY =>NAT =>GLOBAL ADDRESSES =>ADD RANGE. The
The next step is to define the global address range to which the local addresses will be translated. This is done
in the menu CONFIG =>SECURITY =>NAT =>GLOBAL ADDRESSES =>ADD RANGE. The
First IP Address
in the example in Figure 11.1 is 200.240.230.225, while the
Last IP Address is 200.240.230.238.
The local address ranges must also be entered into the router in the menu CONFIG =>SECURITY =>NAT
=>LOCAL ADDRESSES =>ADD RANGE. Here, the Network IP Address (192.168.0.0 in the example) and
Network Mask (255.255.255.0 in the example) are entered. Since this range is to be translated, the parameter
Should This Range be Translated should be set to Yes. In the example, the network 200.200.200.0 is not to be
translated. This can be configured by adding a new range and setting the translation parameter to
=>LOCAL ADDRESSES =>ADD RANGE. Here, the Network IP Address (192.168.0.0 in the example) and
Network Mask (255.255.255.0 in the example) are entered. Since this range is to be translated, the parameter
Should This Range be Translated should be set to Yes. In the example, the network 200.200.200.0 is not to be
translated. This can be configured by adding a new range and setting the translation parameter to
No, or by
simply not adding the range.