User`s guide
ZyXEL MAX-200M1 Series User’s Guide
Chapter 9 NAT 99
1 Jane requests a file from the Real Audio server (port 7070).
2 Port 7070 is a “trigger” port and causes the ZyXEL Device to record Jane’s computer IP
address. The ZyXEL Device associates Jane's computer IP address with the "incoming"
port range of 6970-7170.
3 The Real Audio server responds using a port number ranging between 6970-7170.
4 The ZyXEL Device forwards the traffic to Jane’s computer IP address.
5 Only Jane can connect to the Real Audio server until the connection is closed or times
out. The ZyXEL Device times out in three minutes with UDP (User Datagram Protocol),
or two hours with TCP/IP (Transfer Control Protocol/Internet Protocol).
9.1.2.2 Two Points To Remember About Trigger Ports
1 Trigger events only happen on data that is coming from inside the ZyXEL Device and
going to the outside.
2 If an application needs a continuous data stream, that port (range) will be tied up so that
another computer on the LAN can’t trigger it.
9.1.3 SIP ALG
Some applications, such as SIP, cannot operate through NAT (are NAT un-friendly) because
they embed IP addresses and port numbers in their packets’ data payload.
Some NAT routers may include a SIP Application Layer Gateway (ALG). An Application
Layer Gateway (ALG) manages a specific protocol (such as SIP, H.323 or FTP) at the
application layer.
A SIP ALG allows SIP calls to pass through NAT by examining and translating IP addresses
embedded in the data stream.
When the ZyXEL Device registers with the SIP register server, the SIP ALG translates the
ZyXEL Device’s private IP address inside the SIP data stream to a public IP address. You do
not need to use STUN or an outbound proxy (see Chapter 10 on page 105) if your ZyXEL
Device is behind a SIP ALG.
9.2 NAT Screens
9.2.1 NAT General Screen
Use this screen to enable and disable NAT and to allocate memory for NAT and firewall rules.
To access this screen, click Network > NAT > General.