Routing / Firewall
eWON has a LAN interface and a WAN interface.
The WAN interface of the eWON can be either the Ethernet WAN, the 3G modem, the Wifi or the PSNT connection.
If eWON is connected to a VPN server, then a third interface (= the VPN interface) will be added.
eWON as a router, embeds several features to allow interaction between the WAN, VPN and LAN interface.
- NAT on LAN (called Plug'n Route), allows to reach Ethernet devices connected to the eWON LAN from a PC connected to the VPN or WAN interface of the eWON.
- NAT on WAN, allows eWON to act as an Internet router
- NAT on VPN, for special routing requirements inside VPN network.
A table of 10 entries is available to configure port forwarding to Ethernet devices which are connected to the eWON LAN.
For the external interface you can select between VPN, WAN , PPP incoming.
NAT 1:1 table
A table of 10 entries is available to configure NAT 1:1 to reach Ethernet devices behind the eWON.
The NAT 1:1 is a mode of NAT that maps an internal address (LAN) to one external address (WAN or VPN). So for every entry inside the NAT 1:1 table, eWON will create a new IP address on its WAN or VPN interface.
To block unwanted traffic on the WAN interface, you can on the eWON decide what type of connection you allow on the WAN interface.
To protect the network of the location where the eWON will be installed, eWON has also an option to block IP forwarding from LAN or VPN interface to the WAN interface.
For a Talk2M connection, the standard settings for the security options are:
- Wan Protection level = discard all traffic except VPN
- WAN IP Forwarding = disabled
However, some routing features listed here above, like for example NAT on WAN, requires changes of these settings.