Installation guide
BB005x Installation and Configuration Guide
translates the IP header but not the payload, IP packets may appear to contain
errors and can be discarded at their arrival at destination.
Firewall triggers are one possible solution. A trigger allows an application to
automatically open or close a secondary port when required and, at the same
time, it can search packets for the embedded IP address so NAT can translate
that properly.
To configure a trigger: ►
1. Click on Advanced Configuration and then on Security.
2. Make sure that the Firewall option is ticked as Enabled and click on
Change State
3. Go to Policies, Triggers and Intrusion section and Click on Firewall
Trigger Configuration. The Firewall Trigger Configuration page
appears.
4. Click on New Trigger link.
5. Configure the following items:
Transport type Select TCP or UDP from the drop down list.
Port number start Start point of the trigger port range.
Port number end End point of the trigger port range.
Allow multiple hosts Select allow to permit initiation to/from different
remote hosts or select block to permit only
initiation from same remote hosts.
Max activity interval Type max interval time for the secondary port
sessions.
Enable session
chaining
Select allow or block depending on whether you
want to allow multi-level TCP session chaining.
Enable UDP session
chaining
Select allow or block depending on whether you
want multi-level UDP and TCP session chaining.
Binary address
replacement
Select allow or block depending on whether you
want to use Binary address replacement.
Address translation
type
Select address replacement on a particular trigger.
52