Page 46 / 63 Scroll up to view Page 41 - 45
46
Virtual Circuit (VC):
The Virtual Circuit (VC) properties of the ATM VC interface
identify a unique path that your ADSL/Ethernet router uses to communicate via the
ATM-based network with the telephone company central office equipment.
NAT Status:
This filed shows the current status of the NAT function for the current
VC.
Number of IPs:
This field is to specify how many IPs are provided by your ISP for
current VC. It can be single IP or multiple IPs.
Note:
For VCs with single IP, they share the same DMZ & Virtual servers; for VCs
with multiple IPs, each VC cab set DMZ and Virtual servers. Furthermore, for VCs
with multiple IPs, they can define the Address Mapping rules; for VCs with single IP,
since they have only one IP, there is no need to individually define the Address
Mapping rule.
What NAT Does
NAT changes the source IP address in a packet received from a subscriber (the inside
local address) to another (the inside global address) before forwarding the packet to the
WAN side. When the response comes back, NAT translates the destination address (the
inside global address) back to the inside local address before forwarding it to the
original inside host. Note that the IP address (either local or global) of an outside host is
never changed.
The global IP addresses for the inside hosts can be either static or dynamically assigned
by the ISP. You may also designate servers, such as a Web server and a telnet server, on
your local network and make them accessible to the outside world. With no servers
defined, your ROUTER filters out all incoming inquiries, thus preventing intruders
Page 47 / 63
47
from probing your network. For more information on IP address translation, refer to
RFC 1631, The IP Network Address Translator (NAT).
Inside/outside indicates where a host is located relative to the ROUTER. The
computers hosts of your LAN are inside, while the Web servers on the Internet are
outside.
Global/local indicates the IP address of a host in a packet as the packet traverses a
router. The local address refers to the IP address of a host when the packet is in the local
network, while the global address refers to the IP address of the host when the same
packet is traveling in the WAN side.
Note that inside/outside refers to the location of a host, while global/local refers to the
IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP
address of an inside host of a packet when the packet is still in the local network, while
an inside global address (IGA) is the IP address of the same inside host when the packet
is on the WAN side.
The following table summarizes this information.
ITEM
DESCRIPTION
Inside
This refers to the host on the LAN.
Outside
This refers to the host on the WAN.
Local
This refers to the packet address (source or destination) as the
packet travels on the LAN.
Global
This refers to the packet address (source or destination) as the
packet travels on the WAN.
How NAT Works
Each packet has two addresses – a source address and a destination address. For
outgoing packets, the ILA is the source address on the LAN, and the IGA is the source
address on the WAN. For incoming packets, the ILA is the destination address on the
LAN, and the IGA is the destination address on the WAN. NAT maps private (local) IP
addresses to globally unique ones required for communication with hosts on other
networks. It replaces the original IP source address (and TCP or UDP source port
numbers for Many-to-One and Many-to-Many Overload NAT mapping) in each packet
and then forwards it to the Internet. The ROUTER keeps track of the original addresses
and port numbers so incoming reply packets can have their original values restored.
The following figure illustrates this.
Page 48 / 63
48
NAT Application
The following figure illustrates a possible NAT application, where three inside LANs
(logical LANs using IP Alias) behind the router can communicate with three distinct
WAN networks. More examples follow at the end of this chapter.
NAT Mapping Types
NAT supports five types of IP/port mapping. They are:
a.
One-to-One
: In One-to-One mode, the TC3162 EVM maps one local IP address to
one global IP address.
b.
Many-to-One
: In Many-to-One mode, the TC3162 EVM maps multiple local IP
addresses to one global IP address.
Page 49 / 63
49
c.
Many-to-Many Overload
: In Many-to-Many Overload mode, the TC3162 EVM
maps multiple local IP addresses to shared global IP addresses.
d.
Many-to-Many No Overload
: In Many-to-Many No Overload mode, the TC3162
EVM maps each local IP address to a unique global IP address.
e.
Server
: This type allows you to specify inside servers of different services behind the
NAT to be accessible to the outside world.
The following table summarizes these types.
TYPE
IP MAPPING
One-to-One
ILA1 IGA1
Many-to-One
(SUA/PAT)
ILA1 IGA1
ILA2 IGA1
Many-to-Many
Overload
ILA1 IGA1
ILA2 IGA2
ILA3 IGA1
ILA4 IGA2
Many-to-Many No
Overload
ILA1 IGA1
ILA2 IGA2
ILA3 IGA3
Server
Server 1 IP IGA1
Server 2 IP IGA1
Server 3 IP IGA1
°
3.10.1.1 Virtual Server
Go to
Advanced Setup ->NAT -> Virtual Server
to set virtual server as you need.
(known as Port Mapping).
The Virtual Server is the server or server(s) behind NAT (on the LAN), for example,
Web server or FTP server, that you can make visible to the outside world even though
NAT makes your whole inside network appear as a single machine to the outside world.
Rule Index:
The Virtual server rule index for this VC. You can specify up to 10 rules.
All the VCs with single IP will use the same Virtual Server rules.
Start & End port number:
Enter the specific Start and End Port number you want to
forward. If it is one port only, you can enter the End port number the same as Start port
Page 50 / 63
50
number. For example, set the FTP Virtual server, you can set the start and end port
number to 21.
Local IP Address:
Enter the IP Address for the Virtual Server in LAN side.
Virtual Server Listing:
This is a listing of all virtual servers your have set.
When you are done making changes, click on
SAVE
to save your changes,
DELETE
to delete the rule with the parameters you set,
BACK
to return to the previous screen or
CANCEL
to exit without saving.
°
3.10.1.2 DMZ Setting
Go to
Advanced Setup ->NAT -> DMZ
to set DMZ parameters.
A
DMZ
(de-militarized zone) is a host between a private local network and the
outside public network. It prevents outside users from getting direct access to s server
that has company data. Users of the public network outside the company can access
only the DMZ host.
DMZ:
Toggle the DMZ function Enabled or Disabled.
DMZ Host IP Address:
Enter the specified IP Address for DMZ host on the LAN
side

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top