Port Forwarding allows an IP port from one network to be used in another network. It is sometimes called port mapping. The firewall within the EIGR will block all communications originated on the WAN side. To pass certain messages through the firewall, use port forwarding. This allows a computer on the WAN side to reach a computer on the LAN side. For example, you may forward port 21 on the WAN side so that a WAN-side computer can have FTP access to an FTP server on the LAN side. In the WAN IP Port box, enter the WAN IP port number to be forwarded - then select the IP protocols to be forwarded: TCP, UDP or Both. Next enter the IP address of the computer on the LAN side which will receive these messages and the IP port (LAN IP Port) to which the messages will be addressed. Selecting Enable will cause the EIGR to utilize the entry.
NAT (Network Address Translation) is used to pass data from one IP address in one network to another IP address on a another network. Thus, the EIGR translates a WAN-side IP address to a specific LAN side IP address. The firewall within the EIGR will block all communications originated on the WAN side - unless you specify exceptions. To allow a specific IP device on the LAN side to be seen on the WAN side, enter the LAN device address in the NAT LAN IP Address boxes. In the WAN IP Address boxes, enter the address you want it to "appear as" on the WAN side. For example, if you want LAN device 192.168.1.2 to appear on the WAN network as 1.2.3.4 then put 192.168.1.2 in the LAN IP Address boxes and 1.2.3.4 in the WAN IP Address boxes - then enable this entry.
The firewall within the EIGR can be disabled on this page. It is enabled by default. When the firewall is disabled ALL requests from the WAN network will be transmitted to the LAN network of the EIGR. When enabled the firewall will block requests from the WAN network. It is recommended to enable the firewall when connecting the EIGR to the Internet. Disabling the firewall can be useful when interconnecting two private networks.