Your Opengear device is not just a remote access server, it also includes many features you might expect to find in a firewall router class device.
IP forwarding
By default, the Opengear device does not allow traffic to traverse its network interfaces. However you can enable network forwarding by clicking System -> Firewall -> Forwarding & Masquerading and selecting allowed Source and Destination Network pairs.
Combined with IP masquerading, this allows the Opengear device to act as a standalone Internet gateway – refer to this article for an example.
IP masquerading
IP masquerading or source NAT (SNAT) allows multiple internal network hosts to access an external network (e.g. the Internet) by routing via the Opengear device's internal IP address, and appearing to originate from the Opengear device's external IP address.
To enable, click System -> Firewall -> Forwarding & Masquerading, scroll down to Enable IP Masquerading (SNAT) and check the external interface(s) you want to forwarded traffic to appear to originate from.
Combined with IP forwarding, this allows the Opengear device to act as a standalone Internet gateway – refer to this article for an example.
Port forwarding
Port forwarding, aka destination NAT (DNAT), translates matching requests arriving on an Opengear device interface to forward them to another network host.
This allows external access to services running on internal networks behind the Opengear device, e.g. when acting as an Internet gateway for a private LAN, or when network forwarding to a segregated Management LAN has been left disabled for security reasons.
Port forwarding is configured under System -> Firewall -> Port/Protocol Forwarding, refer to this article for details.
DNS relay
With DNS relay, aka DNS masquerading, internal hosts can set the Opengear device's IP as their DNS server. DNS requests are proxied to whichever DNS servers the Opengear device has been configured to use. DNS masquerading is configured under System -> Services -> Service Settings -> Enable DNS Server/Relay.
DHCP server
The Opengear device's DHCP server can allocate network settings to network hosts attached to Network Interface or Management LAN. To simplify configuration of an Internet gateway scenario, the DHCP server can hand out the Opengear device's internal IP as DNS and default route. Refer to this article for details.
VPN
Traffic may be routed via OpenVPN or IPsec VPN tunnels – additionally VPN interface may be masqueraded if there are issues with return routes. Your Opengear device's VPN capabilities are discussed in detail in this article.
Static routing
Static routes are defined under System -> IP -> Route Settings. The Opengear device uses the route table when determining where to output or forward packets.
Dynamic routing protocols
On select models, advanced users can configure quagga routing services such as OSPF and RIP from the command line. See this article for an example application.
Stateful firewall
Refer to this article for details on customizing the built-in firewall to control access to the Opengear device, and between forwarded networks.
Comments
0 comments
Article is closed for comments.