Top
Port Forwarding - Internet to LAN
In this document, port forwarding provides a secure Internet access to a device located on the LAN.
In other words, port forwarding is set up to redirect a port on the Uplink interface of the Mediatrix unit, and forward it to the Lan1 Network interface, so that it connects to the the IP address and port of a server or PBX in the internal network.
- The external port on the Uplink interface of the Mediatrix unit is 8080.
- The internal IP and port of the internal device (Server or PBX) is 192.168.0.99 port 80.
Top
Information to Know Before Starting
Example Value | Description |
---|---|
8080 | External port on the Uplink interface of the Mediatrix unit. This can be changed, but will work in most environments. |
192.168.0.99 | Internal IP address of the internal device (PBX server).
|
80 | Internal port of the internal device (PBX server). This can be changed, but will work on most environments. |
Top
Port-forwarding Overview
- The external port on the Uplink interface of the Mediatrix unit is 8080.
- The internal IP and port of the internal device (Server or PBX) is 192.168.0.99 port 80.
- A connection request comes from the laptop.example.net to the external IP of the Mediatrix unit (eg: http://mediatrix.example.com:8080 ).
- A Destination NAT (DNAT) rule will transform this connection on port 8080 on the Uplink address into the real address of the internal service (eg http://192.168.0.99:80 ) refer to Creating a Destination NAT Rule for the Uplink Network Interface.
- The packet will be forwarded to the Lan1 interface.
-
However, since the external device and the internal service are on different
subnets, they will not be able to talk to each other, unless some Source NAT
(SNAT) rules are added. There are two possible options:
- Configuring the Mediatrix as a full NAT/Router to give access to all the LAN devices to the internet. This approach works well in simple small office/home office scenarios. However, it involves either reconfiguring devices on the LAN or installing a DHCP server, which is outside the scope of these configuration notes. It can also have security implications, or require much more configuration with some network topologies such as VLANs, VPNs, multiple routers or internet connections, etc.
- Use a simple Source NAT (SNAT) rule to make the connection appear as if it came directly from the Mediatrix unit Lan1 IP address. Refer to Creating a Source NAT Rule for the Lan1 Network Interface. This has the advantages of being very simple to configure, works with any network topology, and is fairly secure since it only allows access from a single port to a specific device and port. It does have one caveat: your internal device will see all traffic coming from the Mediatrix unit and won't be able to log the external source IP. If that's the case, you'll need to go the full NAT route.
Top
Enabling IPv4 Forwarding
- Go to Network/IP Routing.
- In the IP Routing configuration table, select Enable.
- Click Save.
Top
Enabling the NAT Service
- Go to System/Services.
- In the User Service table, on the same line as Network Address Translation (NAT), set the Startup Type to Auto.
- Click .
Top
Creating a Destination NAT Rule for the Uplink Network Interface
- Go to Network/NAT.
- In the Destination Network Address Translation Rules table, click .
- From the Activation selection list, choose Enable.
- In the Destination Address field, enter Uplink.
- From the Protocol selection list, choose TCP.
- In the Destination Port field, enter 8080
- In the New Address field, enter the local Web server address and port (e.g. 192.168.0.99:80)
- Click Save & Apply.
Top
Creating a Source NAT Rule for the Lan1 Network Interface
- Go to Network/NAT.
- In the Source Network Address Translation Rules table, click .
- From the Activation selection list, choose Enable.
- In the Destination Address field, enter the local Web Server address (e.g. 192.168.0.99)
- From the Protocol selection list, choose TCP.
- In the Destination Port field, enter the local Web server port (e.g. 80).
- In the New Address, enter Lan1.
- Click Save & Apply.
Top
DGW Documentation
Mediatrix devices are supplied with an exhaustive set of documentation.
Mediatrix user documentation is available on the Media5 Documentation Portal.
- Release notes: Generated at each GA release, this document includes the known and solved issues of the software. It also outlines the changes and the new features the release includes.
- Configuration notes: These documents are created to facilitate the configuration of a specific use case. They address a configuration aspect we consider that most users will need to perform. However, in some cases, a configuration note is created after receiving a question from a customer. They provide standard step-by-step procedures detailing the values of the parameters to use. They provide a means of validation and present some conceptual information. The configuration notes are specifically created to guide the user through an aspect of the configuration.
- Technical bulletins: These documents are created to facilitate the configuration of a specific technical action, such as performing a firmware upgrade.
- Hardware installation guide: They provide the detailed procedure on how to safely and adequately install the unit. It provides information on card installation, cable connections, and how to access for the first time the Management interface.
- User guide: The user guide explains how to customise to your needs the configuration of the unit. Although this document is task oriented, it provides conceptual information to help the user understand the purpose and impact of each task. The User Guide will provide information such as where and how TR-069 can be configured in the Management Interface, how to set firewalls, or how to use the CLI to configure parameters that are not available in the Management Interface.
- Reference guide: This exhaustive document has been created for advanced users. It includes a description of all the parameters used by all the services of the Mediatrix units. You will find, for example, scripts to configure a specific parameter, notification messages sent by a service, or an action description used to create Rulesets. This document includes reference information such as a dictionary, and it does not include any step-by-step procedures.
Top
Online Help
If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will bedisplayed.
Top
Copyright Notice
Copyright © 2023 Media5 Corporation.
This document contains information that is proprietary to Media5 Corporation.
Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.
This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.
Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.