- Network address translation (NAT) with configurable
settings and 6 rule types
- napt NAT rule: This type of rule
is used in the default configuration. The napt flavor translates
private source IP addresses to a single public IP address. The napt
rule also translates the source port numbers to port numbers that are
defined by the user.
- rdr NAT rule: 'Standard' port forwarding. Allows to
make a computer
on your LAN, such as a Web or FTP server, available to Internet users
without a public IP address for that computer.
The computer's private IP address is translated to the public IP
address in all incoming and outgoing data packets.
- B basic NAT rule: Performs 1:1 translations.
Translates the private
(LAN-side) IP address to a public (WAN-side) address, like napt rules.
However, unlike napt rules, basic rules do not also translate the port
numbers in the packet header; they are passed through untranslated.
- NAT filter rule: this filter rule translates public
and private IP
addresses on a one-to-one basis. The filter rule allows to do an
address translation to occur only when the LAN computers initiate
access to specific destinations. The destinations can be identified by
their IP addresses, server type (such as FTP or Web server), or both.
- Bimap NAT rule: Unlike other NAT flavors, the bimap
address translations in both the outgoing and incoming directions.
- Pass NAT rule: Allows specific addresses to pass
filtering functions to provide firewall protection for your computers
and LAN with filtering rules that accept or deny incoming or outgoing
- Configurable IP Filters: enables to create rules that
control the forwarding of incoming and
outgoing data between the LAN and the Internet.
- IP filter rules can be created to block attempts by certain
on the LAN to access certain types of data or Internet locations.
- Incoming access to computers on the LAN can be blocked.
- Blocks can be configured as either deny or allow and for
configuration through DHCP
server feature with multiple
IP pool settings and IP to MAC address assignment
- Protect the system
against denial of service (DoS) attacks and other types of malicious
accesses to the LAN.
- Allows to monitor attempted attacks, and who should be
- Includes Black List feature, protection to IP Spoofing,
Smurf and Fraggle, Land Attack, Ping of Death, SYN DoS, ICMP DoS,