Chapter 3

Before You Begin

Configuring an ANG-3000/7000

 

NAT Server

RiverMaster’s NAT server feature provides support for security conscious administrators who want to conceal the physical IP address of their system (ANG or another Gateway) without affecting Aurorean service. By configuring a NAT Server with an alias IP address for the ANG (refer to page 41 for instructions), the real IP address of the ANG will remain hidden and any IP address received by the NAT Server will be translated to the real IP address of the destination for all incoming clients. This ensures that clients access the correct IP address and build a tunnel connection to the ANG without revealing physical addresses. The process is reversed for clients on the corporate LAN seeking to dial up remote destinations.

In Figure 15 below, the IP addresses received at the NAT Server for Servers #1, #2 and the ANG are translated into the real IP addresses of the destination servers.

Aurorean Client

INTERNET

 

 

NAT

NAT Server Received IP Addresses

 

 

Server #1: 165.32.46.34

 

 

Server

 

 

 

Server #2: 165.32.46.115

 

 

 

ANG: 165.32.46.98

 

 

 

Aurorean

Server #1

Server #2

 

Network

200.57.115.15

200.57.115.23

200.57.115.18

Gateway

 

Aurorean

Policy

Server

PC

PC

Figure 15 Aurorean Virtual Network’s NAT Server Feature

RiverMaster Administrator’s Guide

33

Page 45
Image 45
Enterasys Networks Network Card manual NAT Server, Aurorean, Gateway