On a network that uses NAT to hide internal systems from the Internet, outside hosts cannot connect directly to those on the internal network. This is great for security, but can be annoying if there is some internal service that you do want to make available to the outside world. For example, your mail server system may not be the firewall host, which would normally make it inaccessible from the Internet. Fortunately, there is a solution to this problem—port forwarding.
This lets you redirect all connections to some port on the firewall system to a different host and port on your internal network. For a mail server, all data received on port 25 might be sent to the same port on the host that is actually being used for user email. Of course, this would make it impossible for your firewall system to receive email itself.
To set up port forwarding, follow these steps:
1. | On the main page of the Linux Firewall module on the gateway system, select Network address translation from the list next to the Showing IPtable button, then click the button. |
2. | In the Packets before routing section, click on Add rule to go to the rule creation form. The rule being added will redirect all external traffic received by the firewall to some internal address. |
3. | Set the Action to take to Destination NAT. |
4. | |
5. | Set the Network protocol to Equals and select TCP. |
6. | |
7. | Hit the Save button to create the rule and return to the main page, and then click the Apply Configuration button. |
The only problem with this method is that connections from inside your network to the firewall system will not be forwarded to the other host.
3.22.248.1