Information Technology Reference
In-Depth Information
How It Works
Configure network address translation (NAT) on your network when you want to provide a
rough level of anonymity on the Internet. Rather than each client having its own public IP
address, all requests that are sent out from your LAN will appear to come from the same
address—that of your NAT router.
In addition, network address translation is useful because it saves you the expense of paying
an Internet service provider for a large block of addresses. After all, for most businesses, there
is just no technical need for a public IP address on each node of the network. On a more global
scale, there would certainly be no IPv4 addresses left if every workstation had a public address.
Not only does NAT provide translation of IP addresses and TCP/UDP port numbers for
data packets transferred between the trusted (LAN) and the untrusted (WAN) networks, but it
also provides both addressing using the DHCP Allocator (comparable to DHCP Server) and
name resolution using the DNS proxy to devices on the LAN.
See Also
￿
Microsoft KB 324286: “How To Set Up Internet Connection Sharing in Windows Server
2003.” This article discusses NAT via Internet Connection Sharing (ICS) in a small- or
home-office environment.
￿
Microsoft TechNet: “Understanding Network Address Translation”
( http://technet2.microsoft.com/WindowsServer/en/Library/
321780ff-6027-4906-b1e5-3701f3105f0c1033.mspx ).
￿
Microsoft TechNet: “Setting Up Network Address Translation”
( http://technet2.microsoft.com/WindowsServer/f/?en/Library/
931361cf-ee8a-4c88-8854-039bb3a0d7861033.mspx ). This article discusses design and
deployment considerations.
￿
Microsoft TechNet: “Troubleshooting Network Address Translation”
( http://technet2.microsoft.com/WindowsServer/f/?en/Library/
b91c88e4-17f8-4ad3-87d0-6c5c20d9ac651033.mspx ).
RFC 1918 ( http://www.faqs.org/rfcs/rfc1918.html ). This RFC explains the IP addressing
scheme on private networks.
￿
5-2. Enabling and Configuring a Network Address Translation
Router with VPN Support
Problem
You want to enable RRAS and provide a method for your internal clients to access the Internet
using a single IP address. You also want to permit inbound VPN connections.
Search WWH ::




Custom Search