Digi Connect SP User Manual page 41

particular subnet or network to connect to the device without having to manually specific each individual IP
address.
IP forwarding settings
When a Digi device acts as a router and communicates on both a private and public network with different interfaces,
it is sometimes necessary to forward certain connections to other devices. This is also known as Network Address
Translation (NAT) or Port Forwarding. When an incoming connection is made to the device on the private network,
the IP port is searched for in the table of port forwarding entries. If the IP port is found, that connection is forwarded
to another specific device on the public network. The options and features described in this section are only
supported on some products and some firmware versions.
Port Forwarding/NAT is useful when external devices can not communicate directly to devices on the public network
of the Digi device. For example, this may occur because the device is behind a firewall. By using port forwarding, the
connections can pass through the networks transparently. Also, Port Forwarding/NAT allows multiple devices on the
private network to communicate to devices on the public network by using a shared private IP address that is
controlled by Port Forwarding/NAT.
Use port forwarding to connect from a Digi device to a RealPort device. For this type of connection to occur, your
mobile wireless provider must be mobile-terminated.
IP Forwarding settings include:
•
Enable IP Routing: Enables or disables IP forwarding.
•
Apply the following static routes to the IP routing table: You can configure the Digi device with permanent
static routes. These routes are added to the IP routing table when this device boots, or afterward when network
interfaces become active or changes are made to this list of static routes. Use static routes to route IP datagrams
to a network that is not a local network or accessible through the default route.
•
Network Address Translation (NAT) Settings: A list of instances of NAT settings appears. For each instance, the
settings are:
Enable Network Address Translation (NAT): Permit the translation and routing of IP packets between

private (internal) and public (external) networks. Refer to NAT configuration options below. Some Digi device
models permit the configuration of NAT instances for more than one network interface.
NAT Public Interface: The name of the network interface for which NAT will perform address and port

translations. The list of interfaces available for NAT configuration varies according to the capabilities of your
Digi device model.
NAT Table Size Maximum: The maximum number of entries that can be added to the NAT table. These entries

include the configured port and protocol forwarding rules (see Forward TCP/UDP/FTP Connections and
Forward Protocol Connections below), the DMZ Forwarding rule (see Enable DMZ Forwarding to this IP
address below), as well as dynamic rules for connections that are created and removed during the normal
operation of NAT. You can configure the NAT table size maximum value for any value in the range 64 through
1024, with the default value of 256 entries. Note that this setting does not control the maximum number of
port or protocol forwarding rules that can be configured in their respective settings.
Enable DMZ Forwarding to this IP address: DMZ Forwarding allows you to specify a single host (DMZ Server)

on the private (internal) network that is available to anyone with access to the NAT Public Interface IP address,
for any TCP- and UDP-based services that haven't been configured. Services enabled directly on the Digi
device take precedence over (are not overridden by) DMZ Forwarding. Similarly, TCP and UDP port forwarding
rules take precedence over DMZ Forwarding (please see Forward TCP/UDP/FTP Connections below). DMZ
Forwarding is effectively a lowest priority default port forwarding rule that doesn't permit the same
remapping of port numbers between the public and private networks, as is possible if you use explicit port
forwarding rules.
If enabled, the incoming TCP and UDP packets from the public (external) network uses the DMZ Forwarding
rule, for which there is no other rule. These other rules include explicit port forwarding rules or existing
Digi Connect Family and ConnectPort TS Family User Guide 41