Hallo GForze,
dit is tekst m.b.t. NAPT achter Help, hier kom ik niet echt uit:
Network Address and Port Translation
Network address (and Port) translation (NAPT) is a technique used to share one IP address amongst several computers. For most common applications, enabling NAPT on a specific interface is adequate. From then on, all clients behind the NAPT router automatically share the same IP address. To run a server behind a NAPT router, extra configuration is needed. On the NAPT page, you can specify these settings.
The NAPT web page contains four tabs:
NAPT Entries
Multi-NAT Entries
Default Server
UPnP
NAPT Entries
For outgoing connections, NAPT entries are created dynamically whenever information migrating through this connection tries to reach a foreign host. For incoming connections however this is not done, mainly for security reasons, so therefore the NAPT entries table allows you to specify static NAPT entries. A static NAPT entry will redirect all incoming connections on a specified address/port to an address/port in the local network.
The SpeedTouch 500Series can have multiple IP addresses, therefore you can specify the IP address in the Outside IP box on which to perform NAPT, and the Outside port. Using 0.0.0.0 as outside IP address causes a template to be created, which will be valid for every one of the SpeedTouch 500Series' NAPT enabled IP addresses established AFTER the creation of the template. In the input boxes 'Inside IP' and 'Inside PORT' you can specify the local machine and port to which traffic needs to be redirected.
The Protocol selection box is used to specify the protocol of the traffic expected to be received on the inside IP
ORT. Keep in mind that the Inside and Outside Ports only need to be specified for the TCP and UDP protocols. All other protocols don't need a port to be specified.
Notice that saving static NAPT entries could be a problem if you work with dynamic IP addresses (for example, if you use a PPP link to connect to the internet, then the SpeedTouch 500Series will get a different IP address every time you establish a connection). In this case the only way to be able to save your settings is to use a template, so that you don't have to specify which SpeedTouch 500Series IP address to use.
Multi-NAT Entries
The Multi-NAT Entries table allows you to overview and add/delete network address mappings from inside (local) IP address (ranges) to outside (public) IP address (ranges).
While with Static NAPT entries both Network Address Translation as Port Translation (hence NAPT) is performed, Multi-NAT entries only perform network address translation leaving source and destination ports untouched.
Default Server
It is possible to specify a default server. All incoming connections will be forwarded to the IP address specified here. This setting should be adequate for most server applications.
UPnP
UPnP also provides NAPT Traversal: UPnP aware applications on a PC will automatically create NAPT entries on the SpeedTouch 500Series for incoming ports it needs. As a consequence these applications are able to traverse the SpeedTouch 500Series NAPT engine without the need for extra configuration: no NAPT algorithms - the so called NAPT Helper applications - are needed or activated. NAPT entries created by UPnP will be created as templates.
For security reasons you are able to configure the UPnP policy towards Windows XP and UPnP aware applications and Operating Systems. Select:
Full
Unlimited UPnP operation between a host running Windows XP and the SpeedTouch 500Series.
All UPnP-based communication between any local host and the SpeedTouch 500Series is allowed.
A local host is:
Allowed to connect/Disconnect the SpeedTouch 500Series Internet Gateway connection.
Allowed to add/delete NAPT port mappings for any host/application.
Secure
Limited UPnP operation between a host running Windows XP and the SpeedTouch 500Series.
UPnP-based communication between a local host and the SpeedTouch 500Series is limited, and host-specific restricted.
A local host is:
NOT allowed to connect/disconnect the SpeedTouch 500Series Internet Gateway connection.
Allowed to add/delete NAPT port mappings only for its own IP address, not for other local hosts.
Off
All UPnP support is disabled on the SpeedTouch 500Series. UPnP-based communication between a local host and the SpeedTouch 500Series is not possible.
-----------------
Voor wat betreft ZoneAlarm is het vrijgeven wel te doen, achter Firewall > Internet Zone Security > Custome > Internet Zone moet ik de keus maken tussen TCP-poorten en UDP-poorten in- en/of outgoing?
Much obliged, bij een voor mij (want in deze materie niet zo thuis) begrijpelijk antwoord,
gr. Mol.
