Optionally Allowing Outbound Access

Outbound access describes IP packet connections from hosts on a higher security network to hosts on a lower security network. Depending on your network, this may not be necessary.

Tip: Outbound access allows specific devices, that have a private IP address within the higher security private Local Area Network (LAN), to connect to remote devices on a lower security network that would otherwise not be routable from the higher security network.

Allowing outbound access can be achieved through applying a custom outbound NAT rule that allows translation and an optional access rule to permit IP packets for a specific address and port pair (Inside IP Address, Inside IP Port) on the higher security network to be redirected to a specific address or range of address and a specific port or range of ports on the lower security network (Outside IP Address, Outside IP Port).

To provision a custom Outbound NAT Rule

Complete these steps in order to provision a custom outbound NAT rule.

  1. Open a browser or similar application to open your networking gateway’s configuration page.

  2. If authentication is enabled on your networking gateway provide the correct credentials to continue.

  3. Find the Port Redirection configuration setting. Each networking gateway will be slightly unique. The port redirection configurations settings may be labeled "Port Forwarding", "NAT access configuration", "Virtual Servers", or under "Advanced Settings".

  4. Create a custom entry:

    1. Enter a name for the mapping.

    2. Choose the protocol type. For OneXafe Mesh connections this should be TCP.

    3. Select the Internal and External ports you wish to map. For OneXafe nodes the internal port 40000 is used.

    4. Select the Internal and External IP addresses you wish to map.