Allied Telesis AT-iMG634 - R2 User's Guide Page 439
- Page / 998
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
NAT and secondary IP addresses Network address translation - NAT
4-137
iMG/RG Software Reference Manual (IPNetwork Functions)
However, if the firewall is enabled, there is a matter of precedence to consider if reserved mapping has been
created for a particular TCP port but the firewall is not configured to allow in TCP data for that port.
In this case the blocking by the firewall will take precedence.
So, when the firewall has been enabled, care must be taken to ensure that when NAT reserved mapping are cre-
ated, the firewall is also configured to allow in the traffic for which the reserve mapping is defined.
4.4.3.2 NAT and dynamic port opening
The description of Dynamic Port Opening (see Security section) discussed that feature in the context of the
firewall – i.e. the Dynamic Port Opening feature was presented as being required to allow secondary sessions
in through the firewall.
It should be noted that, by default, incoming sessions are not allowed through by NAT either. So, if NAT is ena-
bled, even if the firewall is not enabled, then if you wish to be able to access services that involve incoming sec-
ondary sessions, then you will need to create Dynamic Port Opening definitions for those services.
So, for example, if you have NAT enabled on the router, and wish for users on the LAN to be able to success-
fully access external RealServers, it will be necessary to create a Dynamic Port Opening definition.
4.4.4 NAT and secondary IP addresses
NAT services work also with secondary IP addresses.
In this case it's necessary create a secondary IP address using IP INTERFACE ADD SECONDARYIPADDRESS
command and then create a security interface based on this secondary IP interface.
Then a global pool must be added and a reserved mapping configured. If using PPPoE encapsulation, secondary
IP addresses in the global pool must be on a separate subnet. If the secondary IP addresses are on the same sub-
net as the external IP address, the addresses are not visible to the external network.
4.4.5 NAT command reference
This section describes the commands available on AT-iMG Models to enable, configure and manage NAT mod-
ule.
4.4.5.1 NAT CLI commands
The table below lists the NAT commands provided by the CLI:
- Release 3-7-04 1
- Software Reference Manual 1
- Document Issue 1.4 1
- I Introduction 3
- II Intended audience 3
- V Gateway Types 7
- RX 1550 nm 8
- V.V Modular Gateways 9
- VI Supported Products 10
- RG/iMG Models 11
- VII Functional Groupings 12
- VIII Documentation Structure 13
- “ HPNA LAN Module” page 2 14
- “ CES LAN Module” page 8 14
- IX Reason for Update 15
- TABLE i-6 16
- Table of Contents 17
- List of Tables 29
- List of Figures 31
- 1. System Configuration 33
- 1.1.3 File system 37
- File system System Management 39
- System Commands 45
- TEM CONFIG LIST command 54
- 1.2 Webserver 68
- Web pages Webserver 69
- • Configuration save 70
- • Users password settings 70
- 1.3 Emergency 79
- Emergency command reference 81
- 1.4 Software update 86
- 1.4.1 Windows™ Loader 89
- 1.4.3 SwUpdate module 92
- Bootstrap 94
- Field Allowed Values 95
- Start Time 0 0, 6, 12 x x x 97
- 4, 10, 16 x x x 97
- 1.5 ZTC 106
- 1.5.1 Functional blocks 107
- 1.5.2 ZTC Client 108
- LDAP DatabaseZTC Server 110
- DHCP Server 110
- Residential Gateway 110
- ZTC Client ZTC 111
- Abort TFTP 112
- 1.5.3 ZTC command reference 113
- ZTC command reference ZTC 115
- 1.6 SNMP 116
- SNMP Entity 117
- ASQUERADE 118
- ODIFICATION OF INFORMATION 118
- ESSAGE STREAM MODIFICATION 118
- FIGURE 1-15 hmac expression 119
- • Define a notification 128
- AGENT entity is launched 131
- 1.6.6 Examples 137
- 1.6.10 MIB 142
- OID RFC1213 Implementation 143
- SNMP MIB 144
- OID Max-Access Description 147
- 1.6.10.3.1 Private traps 148
- Specific Trap 149
- Description 149
- 2. Switching 151
- Switch commands (Continued) 160
- SWITCH SHOW PORT command 164
- SWITCH SET PRIORITY command 176
- 2.3 BRIDGE 187
- Port based forwarding XXXX XX 190
- Learning X XXXX X X X X 190
- 2.3.4.1 Bridge commands 191
- Bridge commands 191
- Bridge commands (Continued) 192
- ##:##:##:##:##:## 196
- Egress Interfaces: 217
- Mcast Entry Name:MCAST_1 233
- 2.4 VLAN 234
- • Untagged frames 235
- • Priority-tagged frames 235
- • VLAN-tagged frames 235
- TAG header 236
- Overview VLAN 237
- VLAN tagging X XXX X X X X X 242
- VLAN Translations XX X X X 242
- 2.4.4 VLAN command reference 243
- VLAN command reference VLAN 261
- 3.1 IGMP snooping 263
- • Fast Leave Disabled 271
- • Fast Leave Enabled 273
- • First Scenario: 275
- • Second Scenario: 275
- • Time-out interval expiring 276
- 4. IPNetwork Functions 303
- 4.1.5 Unnumbered interfaces 306
- Unnumbered interfaces IP 307
- 4.1.6 Virtual interfaces 308
- 4.1.7 Secondary IP addresses 309
- 4.1.8.2 IP CLI commands 311
- IP CLI commands 311
- IP TCP/IP command reference 312
- IP CLI commands (Continued) 312
- TCP/IP command reference IP 313
- 4.2 Security 359
- 4.2.3 Security interfaces 360
- Security interfaces Security 361
- Scan Attack Description 365
- Dos Attack Description 367
- 4.2.6 Security logging 370
- 4.3 Firewall 407
- 10 (per second) 434
- 4.4.1 Overview 436
- Internet 437
- 4.4.5 NAT command reference 439
- 4.4.5.1.1 NAT ENABLE 440
- 5. System Administration 461
- 5.1.2 DHCP server 462
- 5.1.3 DHCP client 464
- • IP address 465
- • Subnet mask 465
- • Default route (one only) 465
- 5.1.4 DHCP Relay 468
- DHCP server CLI commands 469
- command 482
- DHCPFORCERENEW message to 510
- (e.g 192.168.102.3) 540
- 5.2 Domain name system - DNS 543
- 5.2.1 DNS Relay 544
- 5.2.2 DNS Client 544
- 5.3 SNTP 553
- 5.3.3 SNTP command reference 554
- SNTP command reference SNTP 555
- SNTP SNTP command reference 558
- 6. Voice Service 565
- 6.1.2 Piggyback 566
- 6.1.3 Wildcard 567
- 6.1.4 Heartbeat 567
- 6.1.5 Call Agent Failover 568
- Variable Description 572
- 6.2 VoIP SIP 580
- • A Soft Phone 581
- SIP IP Phone 582
- SIP Server 582
- (or Digital Phone) 582
- • Wildcard 587
- • Subrange 587
- • Position 587
- Option Description 596
- VOIP SIP USER LIST command 615
- VOIP SIP FDB LIST XXXXX X XXX 618
- VOIP SIP FDB SHOW XXXXX X XXX 618
- 6.3 VoIP phone ports 623
- 6.3.1 Port configuration 624
- Codec Notes 628
- • ntt-cw 633
- Commands for VoIP EP 640
- • on VAD enabled 674
- • off VAD disabled 674
- LOGUE LIST command 678
- 6.4.1 QoS 684
- 6.4.2 Media 684
- 6.4.3 DTMF-RELAY 685
- --> voip media show 693
- 7. Quality of Service 697
- • 14 bytes Ethernet header 704
- • Priority Queuing 707
- • WF2Q+ (WF2Qplus) 707
- 1. Scheduler profiles 708
- 7.1.4 ATM QoS Feature 711
- FIGURE 7-6 The ADSL Driver 712
- • Transmit scheduling 713
- • Queue depth limiting 713
- 00000000001 729
- Meter command reference QOS 739
- 7.2.1 Overview 756
- L2filter commands 758
- 8. ADSL Port 771
- 8.2.1 Overview 772
- 8.3 Port a1 775
- Possible values are: 785
- 8.4 Bridge 806
- VID 1 (tagged) a 807
- VID 1 (untagged) 807
- VID 1 (tagged) 807
- 8.4.2 Multiple VLAN support 808
- 8.5 Transports 819
- 8.6 Ethernet 828
- 8.7 PPPoE 832
- PPPoE Overview PPPoE 833
- PPPoE PPPoE command reference 838
- PPPoE command reference PPPoE 839
- 8.8 PPPoA 884
- PPPOA Command 885
- 8.9 RFC1483 921
- 9. Wireless 939
- (single PVC - multi VLANS) 940
- port wireless counters 963
- Possible values: 967
- --> port wireless show 970
- 9.1.6.3 WPA Commands 973
- 10. LAN Module Management 975
- 10.2 HPNA LAN Module 976
- 10.3 HPNA Command Reference 977
- 10.4 CES LAN Module 982
- 10.5.1 Overview 983
- CES commands 984
- 2 and PSPAN-2) 996
Related products and manuals for Gateways/controllers Allied Telesis AT-iMG634 - R2
(2 pages)© 2020, manymanuals.com. All rights reserved. | 0.170 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals