Table of Contents
Advertisement
MH-5000 User Manual
Step 5.b —
Insert an Many-to-Many
Rule
If your ISP has assigned a range of public IP to
your company, you can tell MH-5000 to translate
the private IP addresses into the pool of public IP
addresses. The MH-5000 will use the first public
IP until MH-5000 uses up all source ports for the
public IP. MH-5000 will then choose the second
public
IP
from
the
address
Many-to-Many from the Type. Enter the subnet
with an IP address and a netmask. Other fields
are the same with those of Many-to-One rules.
However, the MH-5000 will no longer choose the
device IP for you. It will choose the IP from the
address pool you have entered.
Step 5.c —
Insert an One-to-One Rule
Though you may have many public IP address for
translation, you may want to make some private
IP to always use a public IP. In this case, you can
select One-to-One from the Type, and enter the
private-public IP address pair in the Source IP
and the Translated Source IP fields.
Step 5.d —
Insert a One-to-One
(Bidirectional) Rule
The above three modes allow LAN/DMZ-to-WAN
sessions
establishment
WAN-to-LAN/DMZ sessions. WAN-to-LAN/DMZ
sessions are allowed by Virtual Server rules. You
can make the One-to-One NAT in the above to
incorporate the WAN-to-LAN/DMZ feature by
selecting the One-to-One (Bidirectional)
from the Type. Note that WAN-to-LAN/DMZ traffic
will be blocked by the Firewall in default. You
have to add a Firewall rule to allow such traffic. If
you expect a LAN/DMZ host to be fully accessed
by public Internet users, use this mode. Note that
this mode is extremely dangerous because the
host is fully exposed to the Internet and may be
cracked. Always use Virtual Server rules first.
Table 7-2 Add a NAT rule
ADVANCED SETTINGS > NAT > NAT Rules > Insert
pool.
Select
ADVANCED SETTINGS > NAT > NAT Rules > Insert
ADVANCED SETTINGS > NAT > NAT Rules > Insert
but
do
not
allow
62
Chapter 7
NAT
Advertisement
Table of Contents
