Information Technology Reference
In-Depth Information
Remote-access and virtual private network (VPN) module, where public IP addresses
are used for selected connections
■
Stub Network
Public Network
NAT Router
Inside local addresses: 192.168.10.100
Inside global address: 200.100.10.100
Outside local addresses: 192.168.100.50
Outside global address: 30.100.2.50
Figure 8-4
Te r m i n o l o g y E x a m p l e
Use private IP addresses throughout the internal enterprise network.
Use NAT and PAT as needed to translate between private internal IP addresses to public
external addresses.
Use one private address to one public address NAT when servers on the internal network
need to be visible from the public network. In firewalls, this is a “static” NAT configuration.
Use PAT for many private to one public address translation for end systems that need to
access the public network.
Ta ble 8 -1 3 provides examples of where public or private IP addresses should be used in
the Cisco network architecture.
Ta b l e 8 -1 3
Public Versus Private IP Addresses
Network Location
Public or Private Address
E-commerce module
Public
Intranet website
Private
External DNS servers
Public
Remote-access/VPN module
Public
Inside global address
Public
Real IP address of WWW server located in internal network
Private
Ta ble 8 -1 4 summarizes NAT concepts.
Ta b l e 8 -1 4
NAT Co nc epts
Description
NAT Address
Type
Commonly used to assign a network device with internal private IP
address an unique public address so that they can be accessed from the
Internet.
Static NAT
