Hi all,

I'm new to the Draytek way of doing things, I just want to check the setup process for allowing external access to internal machines. I've got a 2960 with one WAN and 8 IP addresses. I've got all the IPs listed as aliases and I'm using policy routing to assign the desired machines to specific IP addresses (static mapping in my old firewall language). I'm now looking to enable external access to these machines for a variety of ports - remote desktop, http/s, smtp, and a little bit of port redirection. I can see I can use port redirection under the NAT section and I can see I can use IP Filters under the firewall section but my question is do I need to use both of these, or just one?

In the firewalls I'm used to (Gnatbox) it's a case of allowing an inbound tunnel to the internal IP (the NAT part), then a remote access filter sites infront of that allowing the alias to talk to the inbound tunnel. I'd just like to get the setup of the Draytek correct from the off, as I'm likely to start using these more often!

Thanks on any replies.