I've just bought a 2820Vn and I'm setting it with my home LAN and NAT.

I'm trying to understand how NAT and the firewall firewall work.

First NAT: According to the FAQ Port Redirection forwards the packet to a specific PC and can also translate the port to another port locally. Open Ports is said to do the same but for a range of ports.

Now on the 2820Vn the Port Redirection seems to allow you to redirect a range of ports (I think this was not the case on older models). Haven't tried it yet but it seems the only difference now is the ability to translate a Public port to another Private Ports in Redirection, while Open Ports uses the same port numbers in and out of the LAN.

Once the ports are forwarded, the firewall will by default let them through (Data Filter is set to Pass by default).

If one changed the behavior of the data filter to drop everything unless it matches a certain rule, the firewall will drop everything included traffic for the open ports, necessitating patching firewall rules for each port range.

What I don't know in my ignorance is if there is a benefit to do this. Does it offer an extra degree of protection or is NAT enough by itself?