ZyXEL Communications 2 Plus Manual Do Utilizador
Chapter 17 Network Address Translation (NAT)
ZyWALL 2 Plus User’s Guide
344
17.7 Port Triggering
Some services use a dedicated range of ports on the client side and a dedicated range of ports
on the server side. With regular port forwarding you set a forwarding port in NAT to forward a
service (coming in from the server on the WAN) to the IP address of a computer on the client
side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP
address. In order to use the same service on a different LAN computer, you have to manually
replace the LAN computer's IP address in the forwarding port with another LAN computer's IP
address.
Trigger port forwarding solves this problem by allowing computers on the LAN to
dynamically take turns using the service. The ZyWALL records the IP address of a LAN
computer that sends traffic to the WAN to request a service with a specific port number and
protocol (a "trigger" port). When the ZyWALL's WAN port receives a response with a specific
port number and protocol ("incoming" port), the ZyWALL forwards the traffic to the LAN IP
address of the computer that sent the request. After that computer’s connection for that service
closes, another computer on the LAN can use the service in the same manner. This way you do
not need to configure a new IP address each time you want a different LAN computer to use
the application.
For example:
on the server side. With regular port forwarding you set a forwarding port in NAT to forward a
service (coming in from the server on the WAN) to the IP address of a computer on the client
side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP
address. In order to use the same service on a different LAN computer, you have to manually
replace the LAN computer's IP address in the forwarding port with another LAN computer's IP
address.
Trigger port forwarding solves this problem by allowing computers on the LAN to
dynamically take turns using the service. The ZyWALL records the IP address of a LAN
computer that sends traffic to the WAN to request a service with a specific port number and
protocol (a "trigger" port). When the ZyWALL's WAN port receives a response with a specific
port number and protocol ("incoming" port), the ZyWALL forwards the traffic to the LAN IP
address of the computer that sent the request. After that computer’s connection for that service
closes, another computer on the LAN can use the service in the same manner. This way you do
not need to configure a new IP address each time you want a different LAN computer to use
the application.
For example:
Figure 224 Trigger Port Forwarding Process: Example
1 Jane (A) requests a file from the Real Audio server (port 7070).
2 Port 7070 is a “trigger” port and causes the ZyWALL to record Jane’s computer IP
2 Port 7070 is a “trigger” port and causes the ZyWALL to record Jane’s computer IP
address. The ZyWALL associates Jane's computer IP address with the "incoming" port
range of 6970-7170.
range of 6970-7170.
3 The Real Audio server responds using a port number ranging between 6970-7170.
4 The ZyWALL forwards the traffic to Jane’s computer IP address.
5 Only Jane can connect to the Real Audio server until the connection is closed or times
4 The ZyWALL forwards the traffic to Jane’s computer IP address.
5 Only Jane can connect to the Real Audio server until the connection is closed or times
out. The ZyWALL times out in three minutes with UDP (User Datagram Protocol) or
two hours with TCP/IP (Transfer Control Protocol/Internet Protocol).
two hours with TCP/IP (Transfer Control Protocol/Internet Protocol).
Click ADVANCED > NAT > Port Triggering to open the following screen. Use this screen
to change your ZyWALL’s trigger port settings.
to change your ZyWALL’s trigger port settings.