Manuals / Netopia / Computer Equipment / Network Router

Netopia R2020 manual Features, Supported traffic

Models: R2020

1 312

Download 312 pages 50.29 Kb

Page 129

Multiple Network Address Translation and IP Setup 10-3

Public Addresses

Private Addresses

206.1.1.1	192.168.1.1
206.1.1.2	192.168.1.2
206.1.1.3	192.168.1.3
206.1.1.4	192.168.1.4
206.1.1.5	192.168.1.5
206.1.1.6	192.168.1.6 - 254

IP Host	NAT Type
Router	1:1 Static
Web Server	1:1 Static
Mail Server	1:1 Static
FTP Server #1	1:1 Static
FTP Server #2	1:1 Static
LAN Users	1:Many PAT

In order to support this type of mapping, the private addresses and public addresses are separated and are assigned to ranges. Each range consists of a contiguous set of one or more addresses. The router allocates the addresses in that range based on the type (static or PAT), and other relevant attributes. The range deﬁnes the rules for distributing the exterior addresses. NAT maps, kept in a list similar to a ﬁrewall or ﬁlter list, contain the private addresses and the name pointer of the range to use to get a public address. The maps function as an access control list to the resource contained in the range.

Features

The Netopia R2020 Router features the following:

■Default behavior consistent with previous ﬁrmware versions, including PAT to a DHCP- or PPP-assigned address.

■1-to-1 static NAT mapping.

An internal private address is permanently mapped to an external address. TCP and UDP port addresses are not altered.

■Multiple Many-to-1 PAT mappings on a single interface.

PAT addresses may be assigned to speciﬁc private address subnets; not all internal machines need to be included on a PAT remapping list.

■Coexistent mapped and unmapped trafﬁc on a public interface.

If the router's IP address is not included in a NAT list, it will be invisible to the external network.

■Mapped services (exports) may use multiple public addresses.

■NAT maps per interface, similar to the ﬁlter rules.

Supported traffic

MultiNat supports the following IP protocols:

■PAT: TCP/UDP trafﬁc which does not carry source or destination IP addresses or ports in the data stream (i.e., HTTP, telnet, ‘r’ commands, tftp, NFS, NTP, SMTP, NNTP, etc.).

■Static NAT: All IP protocol trafﬁc which does not carry or otherwise rely on the source or destination IP addresses in the data stream.

Image 129

Netopia R2020 manual Features, Supported traffic

Contents

Netopia¨ R2020 Dual Analog Router Part Number Contents Part II Advanced Configuration Contents Multiple Network Address Translation and IP Setup Aurp Snmp Contents Part III Appendixes Contents User’s Reference Guide Page Small Ofﬁce connection to the Internet Small Ofﬁce connection to the Internet Direct Connection to a Corporate Ofﬁce Telecommuter Conﬁgured to accept incoming dial-up connections Page Part I Getting Started User’s Reference Guide Features and capabilities Chapter IntroductionOverview How to use this guide Chapter Making the Physical Connections Find a locationWhat you need Ethernet Telco Identify the connectors and attach the cablesTelco Line ports Netopia R2020 Dual Analog Router Back Panel PortsMaking the Physical Connections Netopia R2020 LED front panel Netopia R2020 Dual Analog Router Status LightsChapter Setting up your Router with the SmartStart Wizard Installed and properly conﬁgured. SeeBefore running SmartStart User’s Reference Guide SmartStart Wizard conﬁguration screens Setting up your Router with the SmartStart WizardEasy or Advanced options screen. You can choose either Easy optionSetting up your Router with the SmartStart Wizard User’s Reference Guide Setting up your Router with the SmartStart Wizard Advanced option Dynamic conﬁguration recommended Conﬁguration tab Static conﬁguration optional Add. Repeat this process for the secondary DNS TCP/IP Conﬁguring TCP/IP on Macintosh computersTCP/IP or MacTCP Dynamic conﬁguration using MacIP optional User’s Reference Guide Readying computers on your local network Chapter Connecting Your Local Area NetworkUser’s Reference Guide 10Base-T Connecting to an Ethernet networkAdding an external modem Connecting to a LocalTalk network Wiring guidelines for PhoneNET cabling Chapter Console-based Management Snmp Simple Network Management Protocol. See Snmp on Connecting through a Telnet sessionConﬁguring Telnet software Connecting a local terminal console cable to your routerNavigating through the console screens Chapter Easy Setup Easy Setup console screensHow to access the Easy Setup console screens Screen similar to the following appears Easy Setup proﬁle Beginning Easy SetupIP Easy Setup Ethernet IP Address 192.168.1.1 Ethernet Subnet Mask Easy Setup Security Part II Advanced Configuration User’s Reference Guide Chapter WAN and System Configuration WAN Creating a new Connection ProﬁleDatalink PPP/MP Options Data Compression IPX Profile Parameters Remote IPX Network Viewing or editing connection proﬁles Change Connection Profile Profile Name System Conﬁguration screens Deleting connection proﬁlesNavigating through the System Conﬁguration screens System Conﬁguration featuresMaximum Packet Size 1500 Channel Usage Dynamic Bandwidth AllocationFilter Sets Firewalls Network Protocols SetupIP Address Serving Date and TimeConsole Conﬁguration Upgrade Feature Set Snmp Simple Network Management ProtocolSecurity Logging Installing the Syslog clientPPP MP Chapter Managing Data Calls Specifying telephone connectionsInternal Modem Conﬁguration screen appears Atdt Auxiliary serial port HD-15 female OFFDefault Answer Proﬁle for Dial-in Connections How the Default Answer Proﬁle worksCustomizing the default proﬁle PAP Call acceptance scenarios Scheduled connections Adding a scheduled connection Viewing scheduled connectionsADD Scheduled Connection Cancel Set Once-Only Schedule Set Weekly ScheduleModifying a scheduled connection Connection Metering Web-based management pagesDeleting a scheduled connection System Information Activity for your Frame relay DLCIs Accounting for switched interfaces onlyConnection Status Connect/Disconnect Router Budget Configuration Connection Budgets Connection Budget Configuration Budget Statistics WAN Event History Event History pagesDevice Event History Console-based management screens Connection Budget Setup Name Use Connection Profile Connection Budget Statistics Date and time setting Chapter Virtual Private Networks Tr ans it In tern etw ork Summary About Pptp tunnels on About Atmp Tunnels onPptp Configuration Configuration Add Connection ProfileAbout Pptp tunnels Chap Local WAN IP Address 0.0 Remote IP Address Encryption support VPN Default Answer Profile QuickView VPN QuickViewDial-Up Networking for VPN Installing Dial-Up NetworkingCreating a new Dial-Up Networking profile Configuring a Dial-Up Networking profile Virtual Private Networks Installing the VPN Client Windows 95 VPN installationWindows 98 VPN installation Connecting using Dial-Up Networking About Atmp Tunnels Atmp ConfigurationDES Local WAN IP Address 0.0 Remote IP Address Pptp Example Allowing VPNs though a firewallSelect Display/Change Input Filter Change Output Filter EnabledYes ForwardYes Source IP Address Atmp Example Source Port ID Dest. Port Compare Change Output Filter EnabledYes ForwardYes Source IP Address Chapter Multiple Network Address Translation and IP Setup User’s Reference Guide Supported traffic FeaturesNAT conﬁguration Easy Setup ProfileIP setup 255.255.255.0 NAT rules ADD NAT MAP Add NAT Map mymap Modifying map lists Show/Change NAT Map List screen appears Change NAT Map screen appears Moving mapsAdding server lists ADD NAT Server Modifying server lists Show/Change NAT Server List screen appears Deleting a server IP profile parameters Binding Map Lists and Server Lists+--NAT Map List Name Configuration Default Answer Profile Default Answer ProfileDefault Answer Proﬁle screen appears Associations NAT AssociationsNAT Associations +NAT Map List Name-+ MultiNAT Configuration Example Previous Screen Enter your ISP-supplied values as shown belowChange NAT Public Range ADD NAT MAP Firmware upgrades and NAT IP subnets For example Static routes Viewing static routes Adding a static route Rules of static route installation Modifying a static routeDeleting a static route Main Menu System Configuration IP Address Serving Client Default Gateway Dhcp NetBIOS Options NetBios Type To release these addresses, select Lease Management Served IP Addresses screen appearsDhcp Relay Agent MacIP Kip Forwarding Options You have ﬁnished your IP Setup IPX Features Chapter IPX SetupIPX Deﬁnitions Internetwork Packet Exchange IPXIPX address Service Advertising Protocol SAPSocket Routing Information Protocol RIPNetBIOS IPX setupIPX Spooﬁng Default Gateway Address IPX in the answer proﬁle Menu Configuration Default Answer ProfileOff Main Menu Statistics & Logs IPX routing tablesUser’s Reference Guide Chapter AppleTalk Setup AppleTalk networksAppleTalk protocol AT Routing Table Routers and seeding MacIPInstalling AppleTalk Upgrade Feature Set Conﬁguring AppleTalk EtherTalk SetupLocalTalk Setup Aurp setup Viewing Aurp partnersAurp Free Trade Zone Modifying an Aurp partner Adding an Aurp partnerDeleting an Aurp partner Receiving Aurp connectionsConﬁguring Aurp Options AppleTalk Setup User’s Reference Guide Quick View status overview Chapter Monitoring ToolsGeneral Status Status lights Current StatusStatistics & Logs General StatisticsGeneral Statistics WAN Connection Statistics Event HistoriesWAN Event History Current Date Routing Tables IPX routing table IP routing tableAppleTalk routing table IPX Sap Bindery tableServed IP Addresses IP Address Lease Management screen appears Snmp Community strings Snmp Setup screenSnmp traps Viewing IP trap receivers Setting the IP trap receiversModifying IP trap receivers Deleting IP trap receiversUser’s Reference Guide Suggested security measures Chapter SecurityUser accounts Protecting the Security Options screenProtecting the conﬁguration screens Dial-in Console Access Telnet access Enable SmartStart/Web ServerAbout ﬁlters and ﬁlter sets What’s a ﬁlter and what’s a ﬁlter set?Filter priority How ﬁlter sets workPacket First filter Match? Yes ﬁlter’s actions How individual ﬁlters workﬁltering rule Parts of a ﬁlter161 Aurp AppleTalk 387 Internet service TCP portWho 513 Port number comparisonsInternet Control Message Protocol Putting the parts togetherTransmission Control Protocol User Datagram ProtocolFiltering example #2 Filtering example #1Disadvantages of ﬁlters Design guidelinesWorking with IP ﬁlters and ﬁlter sets An approach to using ﬁltersNaming a new ﬁlter set Adding a ﬁlter setInput and output ﬁlters-source and destination Netopia R-series RouterAdding ﬁlters to a ﬁlter set ADD this Filter NOW Cancel Viewing ﬁlters Viewing ﬁlter setsModifying ﬁlters Deleting ﬁltersModifying ﬁlter sets Deleting a ﬁlter setSample IP ﬁlter set TCP Icmp UDP Possible modiﬁcations User’s Reference Guide IPX ﬁlters Main Menu System Configuration Filter Sets FirewallsIPX packet ﬁlters Viewing and modifying packet ﬁltersAdding a packet ﬁlter Deleting a packet ﬁlter IPX packet ﬁlter setsViewing and modifying packet ﬁlter sets Adding a packet ﬁlter setADD Filter SET NOW Cancel IPX SAP ﬁlters Deleting a packet ﬁlter setViewing and modifying SAP ﬁlters Adding a SAP ﬁlter Deleting a SAP ﬁlter IPX SAP ﬁlter setsViewing and modifying SAP ﬁlter sets Adding a SAP ﬁlter setDeleting a SAP ﬁlter set Firewall tutorial General Firewall TermsBasic IP Packet Components Basic Protocol TypesExample TCP/UDP Ports Firewall design rules Firewall LogicBinary Representation Logical ANDing Implied RulesEstablished Connections Filter Basics Example IP Filter Set ScreenThis is an example of the Netopia IP ﬁlter set screen Example Filters Example NetworkExample Example Example Using the SecurID token card Token Security AuthenticationKey Security Authentication Features of the Netopia R2020 Securing network environmentsConﬁguring for security authentication Security authentication componentsEstablishing a dial-on-demand DOD connection call Connecting using security authenticationCurrent Connection Status Establishing a manual connection call Chapter Utilities and Diagnostics Start Ping PingUtilities and Diagnostics Stop Ping TimeTrace Route Telnet client Secure Authentication MonitorFactory defaults Disconnect Telnet Console SessionTransferring conﬁguration and ﬁrmware ﬁles with Tftp Updating ﬁrmware Downloading conﬁguration ﬁles Transferring conﬁguration and ﬁrmware ﬁles with Xmodem Uploading conﬁguration ﬁlesIdle Do you want to send a saved configuration to your Netopia? Restarting the system User’s Reference Guide Part III Appendixes User’s Reference Guide Conﬁguration problems Appendix a TroubleshootingSmartStart Troubleshooting Console connection problemsNetwork problems How to reach us Power outagesTechnical support Before contacting NetopiaOnline product information Netopia Bulletin Board Service 1Product information can be found in the following FAX-BackFinding an Internet service provider Appendix B Setting Up Internet ServicesUnique requirements Setting up a Netopia R2020 accountPricing and support ISP’s Point of presenceLocal LAN IP address information to obtain NAT-disabled Local LAN IP address information to obtain NAT enabledSmartIP Obtaining information from the ISPRemote WAN IP address information to obtain What is IP? Appendix C Understanding IP AddressingAbout IP addressing Subnets and subnet masks Subnet masks Example Using subnets on a Class C IP internetISP Network Network conﬁgurationExample Working with a Class C subnet Distributing IP addressesBackground 255.255.255.224 Technical note on subnet maskingNetopia R2020 Dhcp Server Characteristics ConﬁgurationDhcp Address Serving Manually distributing IP addresses Using address servingMacIP Serving Serve dynamic WAN clientsUnderstanding IP Addressing C-9 Tips and rules for distributing IP addressesDhcp example Internet Nested IP subnets0.0 C.1 WAN Packet header types BroadcastsUser’s Reference Guide Appendix D Binary Conversion Table Decimal Binary Appendix E Further Reading User’s Reference Guide Further Reading E-3 User’s Reference Guide Pinouts for Auxiliary Port Modem Cable Appendix F Technical Specifications and Safety InformationDescription Power requirementsEnvironment VDC input AmpsSoftware and protocols Agency approvalsRegulatory notices Declaration for Canadian users Important safety instructions Telecommunication installation cautionsBattery User’s Reference Guide Outbound data 33.6K 67.2K Inbound data 56K 112K Appendix G About 56K Line AccessUser’s Reference Guide Bps See bits per second GlossaryUser’s Reference Guide Glossary User’s Reference Guide Remapping See network number remapping User’s Reference Guide Glossary User’s Reference Guide Numerics IndexIndex-2 Index-3 Index-4 Index-5 Index-6 Limited Warranty and Limitation of Remedies User’s Reference Guide