LANCOM Reference Manual LCOS 3.50 Chapter 7: Routing and WAN connections
78
Routing and WAN
connections
7.3.2 Inverse masquerading
This masking operates in both directions: The local network behind the IP
address of the router is masked if a computer from the LAN sends a packet to
the Internet (simple masquerading).
If, on the other hand, a computer sends a packet from the Internet to, for
example, an FTP server on the LAN (’exposed host’), from the point of view of
this computer the router appears to be the FTP server. The router reads the IP
address of the FTP server in the LAN from the entry in the service table. The
packet is forwarded to this computer. All packets that come from the FTP
server in the LAN (answers from the server) are hidden behind the IP address
of the router.
The only small difference is that:
Access to a service (port) in the intranet from outside must be defined in
advance by specifying a port number. The destination port is specified
with the intranet address of, for example, the FTP server, in a service table
to achieve this.
When accessing the Internet from the LAN, on the other hand, the router
itself makes the entry in the port and IP address information table.
The table concerned can hold up to 2048 entries, that is it allows 2048
simultaneous transmissions between the masked and the unmasked
network.
After a specified period of time, the router, however, assumes that the
entry is no longer required and deletes it automatically from the table.
Source: 80.123.123.123
Target: 80.146.74.146, Port 21
Ports Targe t IP
20 to 21 10.0.0.10
IP: 10.0.0.10