Information Technology Reference
In-Depth Information
3.
If you are creating a new interface, right-click NAT/Basic Firewall and select New
Interface. Select the adapter that you want to configure to support NAT, and click the
OK button. However, if you are modifying an existing interface, right-click the interface
object in the right pane, and select Properties.
4.
Specify the type of interface with which you want to configure this adapter. The options
are as follows:
Private Interface Connected to a Private Network:
Select this option if this interface
will connect one private network to another private network.
Public Interface Connected to the Internet:
Select this option if this interface is
connected to the untrusted network (typically the Internet).
Basic Firewall Only:
Select this option to configure basic firewall capabilities on the
interface. This option will not configure the interface for network address translation.
5.
Configure the packet filters. Click the Inbound Filters button if you want to manage the
packets that are permitted from the external to the internal network, or the Outbound
Filters button if you want to manage the packets that are passed from the internal to the
external network. See Recipe 5-9, “Managing Packet Filters,” for a description of filter-
management procedures and techniques.
6.
The following steps configure additional settings. If you chose the Private Interface
Connected to a Private Network option in step 4, you do not need to take any further
action. Click the OK button to complete the configuration of the interface.
7.
If you selected the Public Interface Connected to the Internet option in step 4, check the
Enable NAT on This Interface check box to permit clients on the private network to
access the untrusted network (the Internet). This forces the router to perform TCP and
UDP port translation in addition to IP address translation. Continue with step 9.
8.
If you selected the Basic Firewall Only option in step 4, check the Enable a Basic Firewall
on This Interface check box to configure the firewall to block unsolicited inbound traffic.
9.
Select the Address Pool tab. Click the Add button to enter the range of public (routable)
IP addresses that have been assigned to you by your Internet service provider and that
you want to add to this interface. Click the OK button when you have entered the address
range.
10.
Click the Reservations button if you want to map one of your public addresses (configured
in the previous step) to a host on the private network. Specify the public address and the
private address of the appropriate host, and enable the option to allow incoming sessions
to this host to make it publicly accessible. Click the OK button to accept the configuration.
11.
Select the Services and Ports tab. Select the services on your network to which you want
to provide access for Internet users. When you select a service, you will automatically be
presented with the service configuration dialog box. You must specify the IP address of
the internal host to which you want the respective packets forwarded. Click the OK
button when you have specified the address, and then check the check box next to the
service name.
