Configuring NAT enables

NAT enable for the GUI™

It should be possible to administer your gateway using HTTP over the Internet with the permanent IP address 62.10.10.2 . For security reasons use external port 8080 , for example, instead of port 80 .

Go to the following menu to configure NAT entries.

  1. Go to Network -> NAT -> NAT Configuration -> New.

Network -> NAT -> NAT Configuration -> New

Proceed as follows:

  1. Enter a Description for the NAT configuration, e. g. GUI .

  2. Select the Interface for your NAT enable, e. g. LAN_EN1-4 .

  3. For the Type of traffic, select incoming (destination NAT) .

  4. Leave the Service set to User Defined .

  5. Set Protocol to TCP .

  6. Under Source IP Address/Netmask select Host and enter the gateway's external IP address, e. g. 62.10.10.2 .

  7. Under New Destination Port disable Original and enter 80 in the input field.

  8. Leave the remaining settings unchanged and confirm them with OK.

NAT enable for Web Server

The internal Web server should be reached under the IP address 62.10.10.3 . External default port 80 is used as the Web server serves as a Web host for public websites.

  1. Go to Network -> NAT -> NAT Configuration -> New.

Network -> NAT -> NAT Configuration -> New

Proceed as follows to configure the enable:

  1. Enter a Description for the NAT configuration, e. g. Web server .

  2. Set the Interface to LAN_EN1-4 .

  3. For the Type of traffic , select incoming (destination NAT) .

  4. Configure the Service to http .

  5. Under Source IP Address/Netmask select Host and enter the internal web server's IP address, e. g. 62.10.10.3 .

  6. Under New Destination IP Address/Netmask select Host andenter the internal IP address, for example 192.168.0.3 .

  7. Leave the remaining settings unchanged and confirm them with OK.

NAT Enable for Terminal Server

The internal terminal server should be reached under the IP address 62.10.10.4 . When port 3389 is open attackers can easily identify that you are using a terminal server. As a result, use a different port for external access using a remote desktop, for example port 5000 .

  1. Go to Network -> NAT -> NAT Configuration -> New.

Network -> NAT -> NAT Configuration -> New

Proceed as follows to configure the enable:

  1. Enter a Description for the NAT configuration, e. g. Terminal server .

  2. Set the Interface to LAN_EN1-4 .

  3. For the Type of traffic, select incoming (destination NAT) .

  4. Leave the Service set to User-defined .

  5. Set Protocol to TCP .

  6. Under Source IP Address/Netmask select Host and enter the internal terminal server's IP address, e. g. 62.10.10.4 .

  7. Under New Destination IP Address/Netmask select Host and enter the internal IP address, for example 192.168.0.2 .

  8. For New Destination Port disable Original and enter 3389 in the input field.

  9. Leave the remaining settings unchanged and confirm them with OK.

Copyright© Version 08/2020 bintec elmeg GmbH