 |
You must have a license to configure a stateful firewall filter and Network Address Translation (NAT). For license details, see the J-series Services Router Administration Guide. |
|
You must have a license to configure a stateful firewall filter and Network Address Translation (NAT). For license details, see the J-series Services Router Administration Guide. |
In a stateful firewall filter, all packets flowing from a trusted network to an untrusted network are allowed. Packets flowing from an untrusted network to a trusted network are allowed only if they are responses to a session originated by the trusted network, or if they are explicitly accepted by a term in the stateful firewall filter rule.
 |
If a packet does not match any terms in a firewall filter rule, the packet is discarded. Take care that you do not configure a firewall filter that prevents you from accessing the Services Router after you commit the configuration. For example, if you configure a firewall filter that does not match HTTP or HTTPS packets, you cannot access the router with the J-Web interface. |
When Network Address Translation (NAT) is enabled, the source address of a packet flowing from a trusted network to an untrusted network is replaced with an address chosen from a specified range, or pool, of addresses. In addition, you can configure the Services Router to dynamically translate the source port of the packet—a process called Network Address Port Translation (NAPT).
This section contains the following topics: