Netgear FVS336G Guia De Referência
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
4-14
Firewall Protection and Content Filtering
v1.0, October 2007
LAN WAN Inbound Rule: Setting Up One-to-One NAT Mapping
If you arrange with your ISP to have more than one public IP address for your use, you can use the
additional public IP addresses to map to servers on your LAN. One of these public IP addresses
will be used as the primary IP address of the VPN firewall. This address will be used to provide
Internet access to your LAN PCs through NAT. The other addresses are available to map to your
servers.
additional public IP addresses to map to servers on your LAN. One of these public IP addresses
will be used as the primary IP address of the VPN firewall. This address will be used to provide
Internet access to your LAN PCs through NAT. The other addresses are available to map to your
servers.
In the example shown in
, we have configured multi-NAT to support multiple public IP
addresses on one WAN interface. The inbound rule instructs the VPN firewall to host an
additional public IP address (10.1.0.5) and to associate this address with the Web server on the
LAN (at 192.168.0.2). We also instruct the VPN firewall to translate the incoming HTTP port
number (port 80) to a different port number (port 8080).
additional public IP address (10.1.0.5) and to associate this address with the Web server on the
LAN (at 192.168.0.2). We also instruct the VPN firewall to translate the incoming HTTP port
number (port 80) to a different port number (port 8080).
The following addressing scheme is used in this example:
•
VPN firewall FVS336G
–
WAN1 primary public IP address: 10.1.0.1
–
WAN1 additional public IP address: 10.1.0.5
–
LAN IP address 192.168.1.1
Figure 4-6