Network Address Translation (NAT) C-3

provides a firewall and hides the private local network from the outside world.

Figure C–1 NAT Example

Dynamic NAT When a local PC sends a packet destined for the WAN, the OfficeConnect Remote 840 puts the private source IP address and an IP address from the pool into an address translation table. A change is made in the data packet: the private source IP address is replaced by the IP address from the pool and sent to the WAN. When the reply returns, it contains the IP address from the pool. This address is used to search the address translation table for the original private IP address. The private IP address is put into a reply packet and sent to the Ethernet.

When all the pool addresses are in use, any new requests are rejected and the workstation on the LAN has to wait until one of the pool addresses is free for use. To ensure that addresses are not held indefinitely, a timer is associated with each table entry. An entry is freed after 5 minutes of inactivity or if the session between the workstation and the remote site is ended.

This method requires initiating incoming packets from the LAN. Packets from the WAN are rejected unless they have an IP address number that is in the pool and is currently in the address translation table.

Page 185
Image 185
3Com 3C840 manual Figure C-1 NAT Example