ADVANTECH Router App NAT User Guide

October 30, 2023
Advantech

ADVANTECH Router App NAT

Description of the module

The NAT router app is an additional feature that is not included in the standard router firmware. It allows the router to translate addresses from one IP address space to another by modifying network address information in the IP header of packets.

Web Interface

After installing the NAT router app, the module’s GUI can be accessed by clicking the module name on the Router apps page of the router’s web interface. The left part of the GUI contains a menu with three sections: Status, Configuration, and Customization. The main menu of the module’s GUI is shown in Figure 1.

Status

An overview of the current status can be viewed by clicking on the Overview item in the main menu of the module’s web interface. This page displays a list of SNAT and DNAT rules and information about whether the corresponding service is active or not. See Figure 2 for an example.

Configuration

SNAT

Source NAT (SNAT) is a common form of NAT that changes the source address of packets passing through the router. This is typically used when an internal (private) host needs to initiate a session to an external (public) host. The private IP address of the source host is changed to a public IP address by the device performing NAT. Configuration of SNAT can be done on the Global page under the Configuration menu section. All configuration items for SNAT configuration are described in the table below. SNAT configuration can handle up to 32 rules. See Figure 3 for an example.

Item Description
Enable SNAT Enabled, SNAT functionality of the module is turned on.
Interface Select the router interface for this rule.
Protocol Select the protocol for this rule. You can choose from Source

Port, Destination Port, To Source, and To Port.

Used symbols

  • Danger – Information regarding user safety or potential damage to the router.

  • Attention – Problems that may arise in specific situations.

  • Information or notice – Useful tips or information of special interest.

  • Example – Example of function, command, or script.

  • Advantech Czech s.r.o., Sokolska 71, 562 04 Usti nad Orlici, Czech Republic

  • Document No. APP-0081-EN, revised on September 5, 2022. Released in the Czech Republic.

Description of the module

  • The Router app NAT is not contained in the standard router firmware. Uploading of this router app is described in the Configuration manual (see Chapter Related Documents).
  • NAT router app allows routers to translate addresses from one IP address space into another by modifying network address information in the IP header of packets.

Web Interface

Once the installation of the module is complete, the module’s GUI can be invoked by clicking the module name on the Router apps page of the router’s web interface. The left part of this GUI contains a menu with a Status menu section and a Configuration menu section. The customization menu section contains only the Return item, which switches back from the module’s web page to the router’s web configuration pages. The main menu of the module’s GUI is shown in Figure 1.

Status

NAT rules
An overview of the current status can be viewed by clicking on the Overview item in the main menu of the module web interface. At the beginning of this page is a list of SNAT and DNAT rules and information about whether the corresponding service is active or not.

Configuration

SNAT
Source NAT (SNAT) is the most common form of NAT. SNAT changes the source address of the packets passing through the Router. SNAT is typically used when an internal (private) host needs to initiate a session with an external (public) host; in this case, the device that is performing NAT changes the private IP address of the source host to some public IP address. Configuration of SNAT can be done on the Global page, under the Configuration menu section. All configuration items for the SNAT configuration page are described in the table below. SNAT configuration can handle up to 32 rules.

Item Description
Enable SNAT Enabled, SNAT functionality of the module is turned on.
Interface Select the router interface for this rule.
Protocol Select the protocol for this rule. You can choose among:

•  all

•  TCP

•  UDP

•  TCP+UDP

•  UDP

Source| Enter a source IP address.
Port| Enter source port.
Destination| Enter the destination IP address.
Port| Enter the destination port.
To Source| Enter To Source IP address.
To Port| Enter To Source port.

Table 1: SNAT Configuration Example Items Description

DNAT

While SNAT changes the source address of packets, destination NAT (DNAT) changes the destination address of packets passing through the Router. DNAT is typically used when an external (public) host needs to initiate a session with an internal (private) host. The source address of return packets is automatically translated back to the IP address of the source host. Configuration of DNAT can be done on the Global page, under the Configuration menu section. All configuration items for DNAT configuration page are described in the table below. DNAT configuration can handle up to 32 rules.

Item Description
Enable DNAT Enabled, SNAT functionality of the module is turned on.
Interface Select the router interface for this rule.
Protocol Select the protocol for this rule. You can choose among:

•  all

•  TCP

•  UDP

•  TCP+UDP

•  UDP

Source| Enter the source IP address.
Port| Enter source port.
Destination| Enter the destination IP address.
Port| Enter the destination port.
To Destination| Enter To Destination IP address.
To Port| Enter To Destination port.

Table 2: DNAT Configuration Example Items Description.

NAT Example

SNAT (Source Network Address Translation) changes the private IP address of the source host to a public IP address. It may also change the source port in the TCP/UDP headers. SNAT is typically used by internal users to access the Internet. It is performed after the routing decision is made. DNAT (Destination Network Address Translation) changes the destination address in the IP header of a packet. It may also change the destination port in the TCP/UDP headers. DNAT is used when we need to redirect incoming packets with a destination of a public address/port to a private IP address/port inside your network. It is performed before the routing decision is made.

Related Documents

  • You can obtain product-related documents on Engineering Portal at icr. Advantech. cz address.
  • To get your router’s Quick Start Guide, User Manual, Configuration Manual, or Firmware go to the Router Models page, find the required model, and switch to the Manuals or Firmware tab, respectively.
  • The Router Apps installation packages and manuals are available on the Router Apps page.
  • For the Development Documents, go to the DevZone page.

References

Read User Manual Online (PDF format)

Loading......

Download This Manual (PDF format)

Download this manual  >>

Related Manuals