10-28 User’s Reference Guide

First, navigate to the Show/Change Map List screen, select Easy-PAT List and then Show/Change Maps. Choose the Static Map you created and change the First Private Address from 192.168.1.1 to 192.168.1.4. Now the router, Web, and Mail servers’ IP addresses are no longer included in the range of static remappings and are therefore no longer accessible to the outside world. Users on the Internet will not be able to telnet, web, SNMP or ping to them. It is best also to navigate to the public range screen and change the Static Range to go from 206.1.1.5.

Next, navigate to Show/Change Server List and select Easy-Serversand then Add Server. You should export both the Web (www-http) and Mail (smtp) ports to one of the now free public addresses. Select Service... and from the resulting pop-up menu select www-http. In the resulting screen enter your Web server's address, 192.168.1.2 and the public address, for example, 206.1.1.2 and then select ADD NAT SERVER. Now return to Add Server, choose the smtp port and enter 192.168.1.3, your Mail server's IP address for the Server Private IP Address. You can decide if you want to present both your Web and Mail services as being on the same public address, 206.1.1.2, or if you prefer to have your Mail server appear to be at a different IP address, 206.1.1.3. For the sake of this example, alias both services to 206.1.1.2.

Now, as before, the PAT configuration will allow any user on the Netopia Router's LAN with an IP address in the range of 192.168.1.6 through 192.168.1.254 to initiate traffic flow to the Internet. Someone at the FTP server can access the Internet and the Internet can access all services of the FTP machine as if it were at 206.1.1.5. The router cannot directly communicate with the outside world. The only communication between the Web server and the Internet is through port 80, the web port, as if the server were located on a machine at IP address 206.1.1.2. Similarly, the only communication with the Mail server is through port 25, the SMTP port, as if it were located at IP address 206.1.1.2

Firmware upgrades and NAT

If you are upgrading from an earlier firmware version, your previous NAT configuration will continue to work as you have configured it.

A NAT map list, and possibly a server list, will be created for each enabled profile that has NAT enabled. For each profile with a unique local WAN IP address, a single outside PAT public range will be created whose address is the profile’s local WAN IP address. A map list will be created with as many maps as there are enabled subnets on the ethernet. Each of these maps will bind each subnet to the outside public range.

Likewise, if exports exist, a server list will be created for each NAT-enabled Connection Profile with a unique local WAN IP address that maps the interior server address and port to the local WAN IP address of the profile.

Both the map list and server list that applies to the particular profile will be bound to that profile.

Page 153 Page 155
Page 154
Image 154
Netopia R2020 manual Firmware upgrades and NAT
Page 153 Page 155
Top Page Image Contents