NETGEAR ProSafe FVS336Gv2 Reference Manual page 456

ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
SSL VPN Port Forwarding Overview
Note: SSL port forwarding does not apply if you configure full VPN tunnel
capability for an SSL portal. SSL VPN port forwarding is supported for
IPv4 connections only.
Port forwarding provides access to specific defined network services. To define these
services, you must specify the internal server addresses and port numbers for TCP
applications that are intercepted by the port forwarding client on the user's computer. This
client reroutes the traffic to the VPN firewall.
After you have configured port forwarding by defining the IP addresses of internal servers or
host computers and the port number for TCP applications or services that are available to
remote users, you can also specify host name-to-IP address resolution for the network
servers as a convenience for users. Host name resolution allows users to access TCP
applications at familiar addresses such as mail.example.com or ftp.customer.com, that is,
fully qualified domain names (FQDNs), rather than by IP addresses.
Any applications and services that you do not select for SSL port forwarding are not visible
from the SSL VPN portal. However, if users know the IP address of an application or service,
they can still access it unless you create SSL VPN access policies to prevent access to the
application or service.
The following table lists some commonly used TCP applications and port numbers that you
could use for port forwarding.
Table 8. Port forwarding applications and TCP port numbers
TCP Application
FTP data (usually not needed)
FTP Control Protocol
SSH
Telnet
SMTP (send mail)
HTTP (web)
POP3 (receive mail)
NTP (Network Time Protocol)
Citrix
Terminal Services
VNC (virtual network computing)
a. Users can specify the port number together with the host name or IP address.
Set Up Virtual Private Networking with SSL Connections
Port Number
20
21
a
22
a
23
25
80
110
123
1494
3389
5900 or 5800
454