1. Home
    2. /
  2. Manuals
    3. /
  3. Motorola
    4. /
  4. Netopia-3000
    5. /
  5. 18
Page 86 / 351 Scroll up to view Page 81 - 85
86
Typical Network Diagram.
A typical network using the NAT Default Server looks like
this:
You can also use the LAN-side address of the Gateway, 192.168.1.x to access the web
and telnet server.
NAT Combination Application.
Netopia’s NAT security feature allows you to con-
figure a sophisticated LAN layout that uses
both
the Pinhole and Default Server capabili-
ties.
WAN
LAN
Ethernet
Interface
192.168.1.3
192.168.1.2
192.168.1.1
LAN STN #3
LAN STN #2
NAT Default Server
Gateway
NAT
NAT Default
Embedded
Web Server
210.219.41.20
210.219.41.20
(Port 80 default)
NAT protected
Ethernet
Interface
Internet
Server
Page 87 / 351
87
Configure
With this topology, you configure the embedded administration ports as a first task, fol-
lowed by the Pinholes and, finally, the NAT Default Server.
When using both NAT pinholes and NAT Default Server the Gateway works with the follow-
ing rules (in sequence) to forward traffic from the Internet to the LAN:
1.
If the packet is a response to an existing connection created by outbound
traffic from a LAN PC, forward to that station.
2.
If not, check for a match with a pinhole configuration and, if one is found,
forward the packet according to the pinhole rule.
3.
If there’s no pinhole, the packet is forwarded to the Default Server.
IP-Passthrough.
Your Gateway offers an IP passthrough feature. The IP passthrough
feature allows a single PC on the LAN to have the Gateway’s public address assigned to it.
It also provides PAT (NAPT) via the same public IP address for all other hosts on the private
LAN subnet. Using IP passthrough:
The public WAN IP is used to provide IP address translation for private LAN computers.
The public WAN IP is assigned and reused on a LAN computer.
DHCP address serving can automatically serve the WAN IP address to a LAN computer.
When DHCP is used for addressing the designated passthrough PC, the acquired or
configured WAN address is passed to DHCP, which will dynamically configure a single-
servable-address subnet, and reserve the address for the configured MAC address.
This dynamic subnet configuration is based on the local and remote WAN address and
subnet mask. If the WAN interface does not have a suitable subnet mask that is
usable, for example when using PPP or PPPoE, the DHCP subnet configuration will
default to a class C subnet mask.
If you want to manually assign the WAN address to a LAN PC, do not check the
DHCP
Enable
checkbox.
If you check the
DHCP Enable
checkbox, the screen expands.
Page 88 / 351
88
The
Host Hardware Address
field displays. Here you enter the MAC address of the desig-
nated IP-Passthrough computer.
If this MAC address is not all zeroes, then it will use DHCP to set the LAN host's
address to the (configured or acquired) WAN IP address.
The MAC address must be six colon-delimited or dash-delimited sets of hex digits ('0' –
'FF').
If the MAC address is all zeroes, then the LAN host will have to be configured manually.
Once configured, the passthrough host's DHCP leases will be shortened to two minutes.
This allows for timely updates of the host's IP address, which will be a private IP address
before
the WAN connection is established.
After
the WAN connection is established and
has an address, the passthrough host can renew its DHCP address binding to acquire the
WAN IP address.
A restriction.
Since both the Gateway and the passthrough host will use the same IP
address, new sessions that conflict with existing sessions will be rejected by the Gateway.
For example, suppose you are a teleworker using an IPSec tunnel from the Gateway
and
from the passthrough host. Both tunnels go to the same remote endpoint, such as the VPN
access concentrator at your employer’s office. In this case, the first one to start the IPSec
traffic will be allowed; the second one – since, from the WAN, it's indistinguishable – will
fail.
Page 89 / 351
89
Configure
Link:
Diff
erentiated Ser
vices
When you click the
Diff
erentiated Ser
vices
link, the Differentiated Services configura-
tion screen appears.
Netopia Firmware Version 7.6 offers Differentiated Services (Diffserv) enhancements.
These enhancements allow your Gateway to make Quality of Service (QoS) decisions about
what path Internet traffic, such as Voice over IP (VoIP), should travel across your network.
For example, you may want streaming video conferencing to use high quality, but more
restrictive, connections, or, you might want e-mail to use less restrictive, but less reliable,
connections.
To enable Differentiated Services, check the
Enable
checkbox.
Enter a value from 60 to 100 (percent) in the
Low-High Priority Ratio
field. The
default is 92.
Differentiated Services uses the low-to-high priority queue ratio to regulate traffic flow.
For example, to provide the least possible latency and highest possible throughput for
high priority traffic, you could set the ratio to 100(%). This would cause the gateway to
forward low priority data
only after
the high priority queue is completely empty. In prac-
tice, you should set it to something less than 100%, since the low priority traffic might
have to wait too long to be passed, and consequently be subject to time-outs.
Click the
Submit
button.
Page 90 / 351
90
You can then define Custom Flows. If your applications do not provide Quality of Service
(QoS) control, Custom Flows allows you to define streams for some protocols, port ranges,
and between specific end point addresses.
To define a custom flow, click the
Ad
d
button.
The Custom Flow Entry screen appears.
• Name
– Enter a name in this field to
label the flow.
• Protocol
– Select the protocol from the
pull-down menu: TCP (default), UDP, ICMP,
or Other. “Other” is appropriate for set-
ting up flows on protocols with non-stan-
dard port definitions. IPSEC and PPTP are
common examples.
• Numerical Protocol
– If you select
“Other” protocol, this field appears for
you to provide its actual protocol number,
with a range of 0 – 255.
• Direction
– Choose Outbound (default),
Inbound, or Both from the pull-down
menu.
• Start Port
– For TCP or UDP protocols,
you can optionally specify a range of
ports. Enter the starting port here.
• End Port
– Enter the ending port here.
• Inside IP Address/Netmask
– For outbound flows, specify an IP address on your LAN.
For inbound flows, this setting is ignored. This setting marks packets from this LAN IP
host/network based on the address and netmask information. For outbound flows, the
Inside IP Address/Netmask is the source address. If you enter a zero IP address
(0.0.0.0), the IP address/netmask fields will be ignored.
• Outside IP Address/Netmask
– If you want traffic destined for and originating from a
certain WAN IP address to be controlled, enter the IP address and subnet mask here. If
you leave the default all-zeroes, the outside address check is ignored.
For outbound flows, the outside address is the destination IP address for traffic; for
inbound packets, the outside address is the source IP address.
Note:
When setting the Inside/Outside IP Address/Netmask settings, note that a netmask
value can be used to configure for a network rather than a single IP address.

Rate

4.7 / 5 based on 3 votes.

Popular Motorola Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top