User's Manual
Table Of Contents
- Chapter 1: Introduction
- Chapter 2: Installation
- Chapter 3: Network Planning
- Chapter 4: Initial Configuration
- Chapter 5: System Configuration
- Appendix A: Troubleshooting
- Appendix B: Cables
- Appendix C: Specifications
- Glossary
- Index
33
Network Services
3
Virtual Server
You can also map multiple local servers to the Gateway’s external IP address. In this
way, service requests from Internet users can be redirected to designated servers
on the local network. This allows you to define a single access point for all the
Internet services provided at your site, such as a local web server or an FTP server.
And then, just by entering the external IP address for your site (provided by your
ISP), Internet users can access the service they need at the local address to which
you redirect them.
NAT allows Internet users through to the services you designate, but because all
your internal IP addresses are private, this provides a natural firewall that prevents
direct access to local resources by hackers. NAT also simplifies address
management because changes to IP addresses for local services will not affect
access for Internet users accessing your site. For example, when you update an IP
address for an Internet server on your local network, Internet users can continue to
access the service via the same external IP address.
User-Definable Application Sensing Tunnel
You can define special applications that require multiple connections such as
Internet gaming, videoconferencing, and Internet telephony. The Gateway can then
sense the application type and open a multi-port TCP/UDP tunnel for it.
DMZ Host Support
DMZ allows a networked computer to be fully exposed to the Internet. This function
is used when the special application sensing tunnel is insufficient to allow an
application to function correctly.
Security
The Gateway supports security features that can deny Internet access to specified
users, or filter all requests for specific services the administrator does not want to
serve. The Gateway’s firewall can also block common hacker attacks, including IP
Spoofing, Land Attack, Ping of Death, IP with zero length, Smurf Attack, UDP port
loopback, Snork Attack, TCP null scan, and TCP SYN flooding.
It also supports the following additional security features:
• Disable Ping from the LAN or WAN side
• Discard port scans from the WAN side
• Filter specific MAC or IP addresses
• Block certain web sites based a specified URL
• Stateful Packet Inspection which accepts only legitimate packets based on
connection type