Manualshelf

Technical information

ManualsBrandsSchmid ManualsComputer equipmentWatson
51525354555657585960
Watson-SHDSL-Router-GUI-Manual.doc
Version 2.3-03
Watson SHDSL Router
Web-based Management Manual
Revision: 2012-02-29
8-11
An incoming request for access to a service in the home network, such as a Web-
server, is fielded by Watson. Watson will forward this request to the DMZ host (if
one is designated) unless the service is being provided by another PC in the home
network (assigned in Port Forwarding), in which case that PC will receive the re-
quest instead.
To designate a local computer as a DMZ Host:
Click 'DMZ Host' under the Firewall menu. The 'DMZ Host' screen appears.
Figure 8-13: DMZ Host
Enter the local IP address of the computer that you would like to designate as a
DMZ host, and select the check-box. Note that only one LAN computer may be
a DMZ host at any time.
Click 'OK' to save the settings.
You can disable the DMZ host so that it will not be fully exposed to the Internet, but
keep its IP address recorded on the 'DMZ Host' screen. This may be useful if you
wish to disable the DMZ host but expect that you will want to enable it again in the
future.
To disable the DMZ host so that it will not be fully exposed to the Internet, clear
the check-box next to the DMZ IP designation, and click 'OK'.
To reinstate it at a later time, simply reselect the check box.
8.2.5 Port Triggering
Port triggering can be used for dynamic port forwarding configuration. By setting
port triggering rules, you can allow inbound traffic to arrive at a specific LAN host,
using ports different than those used for the outbound traffic. This is called port
triggering since the outbound traffic triggers to which ports inbound traffic is di-
rected.
For example, consider an application server that is accessed using UDP protocol
on port 2222. The application server responds by connecting the user using UDP
on port 3333 when starting the application sessions. In such a case you must use
port triggering, since this scenario conflicts with the following default firewall set-
tings:
The firewall blocks inbound traffic by default.
The server replies to Watson's IP, and the connection is not sent back to your
host, since it is not part of a session.
In order to solve this you need to define a Port Triggering entry, which allows in-
bound traffic on UDP port 3333, only after a LAN host generated traffic to UDP port
2222. This will result in accepting the inbound traffic from the application server,