A p p l i c a t i o n N o t e s C-3Configuring NAT UDP TimeoutWhen a non-TCP connection is made through NAT, a context block isallocated from the IAD’s memory. This context block is freed when thetimeout period has been exceeded with no data. In most applications, thedefault value of 2 min (120 s) will be sufficient. If the application features alarge number of very short UDP, AH, or ESP connections, this value mayneed to be lowered. If the application features connections with longer idletimes, this value may need to be increased.Accessing LAN Devices from the InternetIf you want to access a LAN device from the Internet (i.e., Web server, FTPserver, etc.), the device must be configured in NAT to allow access from theInternet. There are two ways to do this: through a NAT Local Server entry orthrough a NAT Alias entry.NAT Local Server ConfigurationA NAT Local Server entry is used when the local device shares its IP addresswith the WAN port of the IAD. Only the configured protocol and port will bevisible from the Internet. When the Local Server is configured, the followinginformation must be entered:• Translated IP address − local IP address, as seen from the LAN.• Protocol − TCP, UDP, AH, ESP, or both UDP and TCP.• Translated Port Number − port number on which the local server sees theservice (UDP and TCP only).• Standard Port Number − port number on which the Internet sees the service(UDP and TCP only).For current port number assignments, please see http://www.iana.org/assignments/port-numbers.Note that TCP port 1723 is used to select Point-to-Point Tunneling Protocol(PPTP) and TCP port 1720 is used to select ViaVideo. When using ViaVideounits through NAT, the following limitations apply.• Only one Via Video inside of NAT may accept calls.• All ViaVideo units in the network must be configured to use fixed ports 3230− 3235.• All ViaVideo units inside of NAT must be configured to use NAT and musthave the IAD’s WAN address configured.If Internet access of a local Telnet server at TCP port 23 is desired, it will benecessary to reconfigure the Telnet server port of the IAD. Refer to“Configure Port IP Address” on page 4-16 for further information.NAT Alias ConfigurationA NAT Alias entry is used when the local device is assigned a unique IPaddress from the WAN port of the IAD. The local device will be totally
