Owner`s manual
Continued
57
Interface
Interface is generally set to WAN in order to permit trafc coming from the Internet. You can
also select any optional interfaces here.
Optional interfaces might be useful on a DMZ interface to allow access from the DMZ to a
port on a host on your LAN. For example, if you want to use a LAN DNS server, you could
put an Inbound NAT rule in on the DMZ interface opening UDP port 72 to your DNS server’s
LAN IP address, and use Cortexa’s DMZ interface IP address as your DNS server on DMZ
hosts. There is no real advantage doing this versus putting in a rewall rule to permit this
trafc, and using the LAN IP address of the DNS server.
External address
External address is set to the WAN interface IP address. If you have multiple public IP’s, you
can use other addresses here that you have previously dened on the Server NAT tab.
Protocol
Choose which IP protocol the service you are using requires, TCP, UDP or TCP and UDP.
External port range
Either select the desired protocol from the drop down box, or type in the port range in the
text boxes. You can leave the “to” eld empty if you only want to map a single port.
Forward IP
This is the internal IP address of the machine to which you are mapping the ports. In the
given example, the LAN IP address of the web server is 192.168.10.4. This can also be a
host on an optional network, and ideally it will be to a host on a DMZ. You should avoid
opening ports to your LAN if possible.
Local port
This is the port on the Forward IP dened above to which we want to translate the connection.
In this case it is the same as the external port, but it doesn’t have to be.
Description
Optional, however we strongly recommend putting in a description so you remember the
purpose of this entry, and to make your rules easier to read and comprehend.
Cortexa 7202 ConfIguratIon utIlIty