Hypertec ISDN 10T Router manual Nat

Page 23

Concepts and Principles of Operation

packets are to be filtered or forwarded. If no access list is specified, all valid packets will be forwarded. You can specify in the IP access list the following criteria: source IP address, destination IP address, source port number, destination port number, and the protocol which when matched will be forwarded or filtered.

NAT

The ISP generally offers two type of accounts to SOHO users. The Single User account, and the LAN Access (Multiple Users) account. The Single User account is often referred as Terminal Adapter or Modem account where single user Internet access is assumed. The LAN Access account cost more than the Single User account because multiple IP addresses are assigned. Network Translation (NAT) is designed to allow multiple users on the LAN to access Internet simultaneously using the Single User account. In addition to cost saving, NAT is also useful in areas in which security or convenience are a concern. It is convenient in the sense that, the users don’t have to change the private legacy IP addressed already in use.

In order for the outside world to access the TCP/IP servers on the LAN, the Hypertec Router allows a list of internal IP addresses to be associated with FTP, Telnet, HTTP, and Email servers. Traffic destined for the list servers are forwarded to the specified IP addresses. The inbound traffic distribution works only for static IP address arrangement where you can register an IP address against the domain names. You will not have an IP address to register or publish when access to the Internet is via a “single-user” account.

There are some limitation on the NAT application :

1.If the ISDN connection drops (e.g., because of an idle time-out), it is most likely that upon reconnection you will get a different IP address assigned. For example, if you are using a web browser and the connection drops because you go idle, if you then click on a link, you might get an error message because you now have a different IP address.

2.Certain applications, like some UDP-based Internet games and chat client programs, will work unreliably or not at all when using NAT because they report their private IP address to the server

instead of the "correct" dynamically assigned address. The remote application while sending UDP packets toward the private IP address will not be able to deliver.

3.

NAT is available for Internet connections only. The Intranet connection is not affected by the Internet NAT setting.

16

Image 23
Contents Hypertec Isdn 10T Router Introduction Contents Hypertec Isdn 10T Router Internet/Intranet EthernetRouter Software Analog ServicesSecurity Network ManagementHypertec Isdn 10T Router Packing List About this ManualGeneral Hardware InstallationInstallation Software Installation Installing the Hypertec Isdn 10T Router NMSInstalling EasyWeb Uninstalling NMSInstalling EasyWeb if there is no installed Http server Installing EasyWeb if there is an installed Http serverIsdn Overview Example using the Microsoft Personal web server on Win95Physical Interface Isdn Switch VariantsInterface Type National Isdn Variants Default Setting Isdn Permanent Nailed Circuit Service Profile Identifiers SPIDsService type Number of channels 56K/64K Rate AdaptionRouting Data Communication ServicesBridging IP Address, Un-Numbered, or Numbered Internet and Intranet Connection ProfilesIP Address and Subnet Mask Routing TableUnnumbered Isdn Link Dynamic IP address AssignmentIPX Frame Type IPX AddressIPX Spoofing RIPF1 F1 F2 F2 Packet Multilink PPPBandwidth on Demand Dial on DemandCallback Packet Filtering, IP Access ListData Compression Calling Line Identification ClidNAT Ordering the Isdn Line Line Provisioning ServiceVoice Preemption IntroductionSwitch type Isdn Service Isdn Switches and Services SupportedCapability Packages Using Isdn Order CodesCapability Isdn Service Package Provisioning the Isdn LineSolution Set Isdn Service Solution SetsMultiple Subscriber Numbering MSN Switch Feature ValueNational Isdn 1 & National Isdn Introduction Terminal TypesMore Information General NMS Menu Structure Configura NMS Windows LoginExample Sub-Menu window NMS System Menus Description Source Required or Optional NMS ToolbarRequired Information Logging Into NMS Starting NMSLocal Router Name Quick Configuration MenuLocal IP Mask Network Address Translation EnableDial-out Authentication Dial-out PasswordPhone Number Isdn Switch TypeLocal Ethernet Sub-menu Call-in AuthenticationCall-in Password Local MenuIP Address Switch TypeChannel Alarm Threshold Device NameLocal Isdn Window Route Table Phone 1 UsagePhone 2 Usage Data UsageRIP Protocol Access ListARP Proxy Gateway Address Local Dhcp Sub-menuIP Address Pool Start Address, End Address Subnet MaskLease Duration Dhcp EnableData Service Domain NameInternet PPP Window Remote Router NameIdle Ave IntervalUtil IP Address of Remote Ethernet Remote Snmp EnableIP Enable Internet IP Sub-menuIP Mask of Isdn Line IP Mask of Remote EthernetLocal End IP Address of Isdn Line Remote End IP Address of Isdn LineTelnet Server Starting PortFTP Server Http ServerCalling Num Clid12, Intranet PPP Window Encapsulation Protocol 13, Intranet IP Window Intranet IP MenuIntranet IPX Menu 14, Intranet IPX Window IPX SAP Table SpoofingAge IPX Route Table15, Snmp Window Snmp MenuLocation Trap EnableDescription NameBroadcasts ErrorsB2 Channel Status DiscardsChannel Status B1 Channel StatusB1 Utilisation Error FramesChannels Up Time Channels In UseTrap History Trouble ShootingDetail Log Enable Clear Trap ListManaging the Hypertec Router from a Console Isdn Data Call SuccessPPP Attempts PPP Success20, Console Login Screen Managing the Hypertec Router from a Browser 21, Console Quick Config ScreenRouter Isdn Express Route Troubleshooting Monitor the status of the Ethernet LEDs Monitor the status of the D channel LEDMonitor the status of the B channel LEDs If your are unable to make a data call IndexIf your are unable to make voice call Index Spid SPID-1 SPID-2 Product Warranty