I-MO 520 Series Product Installation Manual - page 19
INSTALLATION MANUAL FOR THE EMS I-MO 540 SERIES APPLIANCE
Version
1.2
ELECTRONIC MEDIA SERVICES LIMITED
PASSFIELD BUSINESS CENTRE, LYNCHBOROUGH ROAD, LIPHOOK, HAMPSHIRE, GU30 7SB, UK
Tel: 01428 751655 | Fax: 01428 751654 | E-mail: imo@ems-uk.com
Page
19
of
58
The NAT option enables masquerading or NATting.
The “Masqueraded Networks” rule defines which internal computers/networks are allowed to access the
internet via masquerading.
The format of the rule is a space separated list of:
If the protocol is icmp then port is interpreted as ICMP type.
Examples:
• "0/0" unrestricted access to the internet
• "10.0.0.0/8" allows the whole 10.0.0.0 network with unrestricted access.
• "10.0.1.0/24,0/0,tcp,80 10.0.1.0/24,0/0,tcp,21" allows http and ftp traffic from the 10.0.1.0 network to
the internet.
• "10.0.1.0/24,0/0,tcp,1024:65535 10.0.2.0/24" the 10.0.1.0/24 network is allowed to access
unprivileged ports whereas 10.0.2.0/24 is granted unrestricted access.
The ““Non-Masqueraded Networks” rule defines which internal computers/networks to exclude from
masquerading.
The format of the rule is a space separated list of :
Examples:
• “0/0,10.0.0.0/8" do not masquerade packets from anywhere to the 10.0.0.0/8 network
The Forward rule defines which services or networks are routed through the firewall, regardless of which
zone they are in.