This is usually accomplished via "port mappings" or "port forwards" which instruct the device to pass all unsolicited traffic received on a certain port to a host behind NAT. For example, if you wanted to allow inbound connections to a web server, you would map port 80 to the IP address of the web server.
Some devices allow for "port translated mappings," whereby the mapped port and the target port on the private host may differ. For example, if you wished to host a second web server, accessible via port 81, you could map port 81 to port 80 at the address of the second web server.
If inbound conversations to a variety of ports on a certain host are required (perhaps for a multimedia application which uses multiple conversations for video, audio, text, etc) and defining port mappings is impractical or impossible, you will need to define the address of the host to be the "DMZ" or "default server." See here
for further details on this.
by Nick8 edited by JMGullett
last modified: 2007-06-05 16:40:20