Information Technology Reference
In-Depth Information
Remote
User
Public IP
Address
192.168.10.0/24
192.168.10.1
Internet
Windows Server 2012 R2
Remote Access
Windows Server 2012 R2
Active Directory Domain Services
Remote
User
FIGURE 3-35
NAT network design
Internal networks are typically configured with private IP addresses. These private IP ad-
dresses cannot be routed to the public Internet, so before computers with private addresses
can connect to the Internet, their private address needs to be translated into a public IP ad-
dress. Private address ranges for IPv4 were designated by the Internet Engineering Task Force
(IETF) Request for Comment (RFC) 1918. Those private addresses come in three ranges:
■
10.0.0.0/8
10.0.0.0 through 10.255.255.255 and a subnet mask of 255.0.0.0
■
172.16.0.0/12
172.16.0.0 through 172.32.255.255 and a subnet mask of 255.255.0.0
■
192.168.0.0/16
192.168.0.0 through 192.168.255.255 and a subnet mask of
255.255.0.0
When you run the Routing And Remote Access Server Setup Wizard, it enables NAT on
the IPv4 address of the public facing network adapter. The second adapter is connected to
the private, internal local area network (LAN). Packets to the public Internet are translated to
show that they came from the public IP address of the public facing network adapter. When a
reply comes back from the Internet, the Remote Access server reads the packet and routes it
onto the private internal LAN to the originating device.
When you configure NAT using the Routing And Remote Access console, you specify which
network adapter is connected to your private network and which adapter is connected to the
public network. The Routing And Remote Access Server Setup Wizard creates two additional
network interfaces, as shown in Figure 3-36: an internal interface, and a loopback interface.
