NAT Network Address Translation | Avocent Cyclades-PR2000 manual

Cyclades-PR2000

CHAPTER 11 NAT (NETWORK ADDRESS TRANSLATION)

NAT exists to convert local IP addresses into Internet “global” IP addresses. Internet IP addresses are assigned by Internet providers. Due to the explosion of the internet, these numbers are scarce. Certain ranges of IP addresses are reserved for internal use only — they may not have a direct connection to the Internet (for reference, they are 10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.16.255.255, and 192.168.0.0 - 192.168.255.255). These are used as local IP addresses. Figure 11.1 shows an example of the utility of NAT:

200.240.230.2

PR2000 With Expanded NAT

Global Address Range	ftp
- Network: 200.240.230.224	Server
- Mask: 255.255.255.240	192.168.0.30
	192.168.0.30
Host
Host
	PC

200.200.200.11

200.200.200.10

192.168.0.5

Router Ethernet Port

Primary IP Address: 192.168.0.1

Secondary IP Address: 200.200.200.1

FIGURE 11.1 NAT EXAMPLE

Networks 192.168.0.0 & 200.200.200.0

WWW

Server

192.168.0.31

In this example, the company has:

•14 global IP addresses available for NAT, 200.240.230.225 to 200.240.230.238,

•Two networks connected to the router via the Ethernet Interface, one of which will be translated,

•Two servers that are accessed via the same global IP address, assigned statically.

Chapter 11 - NAT

90

Image 90

Avocent Cyclades-PR2000 NAT Network Address Translation, Global Address Range Ftp Network Server Mask, Server 192.168.0.31

Contents

Cyclades-PR2000 Cyclades-PR2000 Installation Manual FCC Warning StatementCanadian DOC Notice Table of Contents Static Routing Dynamic Routing 112 127 HOW to USE this Manual Installation Assumptions Text Conventions Icons CONFIG=INTERFACE=LConvention Description Icon Meaning Why CONFIGURATION=ALL Cyclades Technical Support and Contact Information Cyclades Corporation USA What is in the BOX To Wall Outlet Gender Changer DB-25 DB-9 MaleInterface RJ-45 Male RJ-45 to DB-25 DB-25 Male RS-232 Modem With DB-25 Interface Using CyROS Menus Login Prompt and Main Menu Lmi-typeANSI, Group of four, None Ansi CONFIGURATION=TO Flash Special Keys Cyros Management Utility CyROS Management Utility Cyclades-PR2000 Host STEP-BY-STEP Instructions for Common ApplicationsRS-232 Modem Network IP PC192.168.0.0 PR2000 Host 192.168.0.30 255.255.255.0 IP MTU Step ONEParameter Example Your Application NAT Step TWO Step Three Swan Network Protocol IP Menu Parameters Step Four Mlppp Step Five Step SIX Step Seven Step EightStep Nine Instructions for creating a backup of the configuration file Instructions for listing the configuration ETH0 PR2000 Example 2 a LAN-to-LAN Example Using Frame RelayNetwork IP Mask 200.240.230.1 10 Ethernet Network Protocol Menu Parameters 11 Swan Physical Menu Parameters 12 Swan Network Protocol IP Menu Parameters Snap IP LMICIR 14 DLC Configuration Menu Parameters Dlci 15 Static Route Menu Parameters Instructions for creating a backup of the configuration file Example 3 Link Backup 17 Traffic Control Parameters Swan 18 Addition of the Primary Main Link This parameter has no effect for link backup. For load 20 Multilink Circuit Attributes 21 Static Backup Route Parameters Instructions for creating a backup of the configuration file Configuration of the Ethernet Interface IP Network ProtocolParameter Description Config =RULES LIST=IP=CONFIGURE RULES=ADD RULE=ALLOW Incoming IP Accounting PR2000 Link PR3000 IP Bridge200.240.240.9 200.240.240.3 200.240.240.2 200.240.240.1 200.240.240.8 200.240.240.4 Other Parameters Swan and Async Interfaces Clock Source is always External Step TWO Protocol Be used for authentication Network Protocols Network Protocol IP Protocol Detailed Incoming IP Accounting Transparent Bridge Protocol DATA-LINK Protocols Encapsulation PPP The Point-to-Point Protocol PPP Menu Char Pppchar HdlcFrame Relay CONFIG=INTERFACE=SWAN =TRAFFIC Control =GENERAL =BANDWIDTH T391 Interval between the LMI Status Enquiry messages N391 Dlci 200.1.1.1 São Paulo Rio de Janeiro Network Salvador Recife Network For static address mapping Switch / DCE Router / DTE Menu CONFIG=INTERFACE=LINK=ENCAPSULATION =X.25 Menu With PAD Packet Assembler/Disassembler Static Routing Routing ProtocolsRouting Strategies Dynamic Routing 192.168.100.0 Static Routes142.10.0.0 Mask 10.0.0.0 Unnumbered Interfaces Add Static Route Menu Config =STATIC Routes =IP =ADD Route RIP Configuration Ospf Ospf Configuration on the Interface 10Mbps, 65 for T1, 1785 for 56kbps, etc Ospf Global Configurations CONFIG=STATIC ROUTES=IP=ADD ROUTE=OSPF Advertises this =PASSWORD=ROUTING Protocol =OSPF =ADVERTISE this NON-OSPF Interface Applies when Area Range N Status is Active Only when Virtual Link Status is Active =IP=OSPF=AREA=AUTHENTICATION Type BGP-4 Configuration Example System with PR2000 in AS 100 Being Configured 255.255.255.0 200.50.50.0 PR3000 200.200.200.2 Tele Brutus CONFIG=IP=BGP4=GLOBAL CONFIG=IP=BGP4=BGP NETWORK=ADD CONFIG=IP=BGP4=NEIGHBOR=ADD Route Reflector Client Step Three Route PR3000 Rred Up Ro 100.10.0.0/16Parameter Description Routes Seq Rule Message From Tele Popeye Route Map Parameter Description Seq Rule DiscardedDiscarded RoutesRoutesMessage From Tele Popeye Rule CONFIG=IP=BGP4=ROUTE MAP=ADD CONFIG=IP=BGP4=AGGREGATE ADDRESSES=ADD Creation of user accounts and passwords CYROS, the Operating SystemCreation of the host table Slip Detailed information can be accessed via Snmp IP Accounting Networks 192.168.0.0 NAT Network Address TranslationGlobal Address Range Ftp Network Server Mask Server 192.168.0.31 Translated Types of Address Translation Menu Option Description Interface. Five minutes is a reasonable time Step Four Configuration of IP Filters Rules and Filters Rules List Rule List Exterior Router Perimeter Network Slot 192.168.0.0 Bastion Host 10.0.0.0 Extension to Network Exterior Router Let Mail outLet Telnet Connections Out Filters and Rules 100 Output for Exterior Router Example Filters and Rules 102 Stop Forged Packets Don’t Allow Access to News Interior RouterStop Telnets From the Outside Except Bastion Host Output for Interior Router Example Traffic Rule Lists Link 33.33.33.1 25% or lessClient B Filters and Rules 106 Output Showing Parameters for Traffic Rule Example Filters and Rules 108 Mail Server Web Server Port 25 SmtpMail Server Web Client 10 Output Showing Parameters for Traffic Rule Example IPX Internetwork Packet Exchange Internal NetworkNumber Mac Address 00 60 2E 00 11 Configuring the Ethernet Interface Configuring Other InterfacesEnabling IPX Frame Relay RoutingParameter Value for the Example SAP Service Advertisement Protocol Table Routing Table for the Example Virtual Private Network Configuration Virtual Private Network Configuration 116 RSG3 Remote IP Network 9.1 Security Gateway Router Link Link IP10..255.255.0Router IP Address IP172.16.0.0 Link Virtual Private Network Configuration 118 Virtual Private Network Configuration 119 Test Appendix a TroubleshootingBoot Code step CPU What to Do if the Router Does Not Work or Stops Working Event CPU LED Morse code Testing the Ethernet Interface Host host00 Testing the WAN Interfaces Figure A.3 General Statistics Table Appendix a Troubleshooting 124 Cyclades PR2000 LEDs Appendix B Hardware Specifications External Interfaces WAN InterfacesLAN Interface Asynchronous Interface Console Interface Cables Straight-Through Cable TxClkDTE B Female Retention Screw Male DB-25 Female Signal Pin PGndDB-25 M.34 Adaptor TxClkDTE a ASY/Modem Cable Cross Cable Signal Pin Pin Signal PGnd TxD RxD Cross Cable20 DTR DB-25 Loopback Connector Figure B.10 Loopback Connector DB-25 Male Appendix C Configuration Without a Console ProcedureRequirements RIP Snmp Cyclades Philippines