P-2000W_V2 User’s Guide
Figure 22 Full Cone NAT Example
12.11.2.2 Restricted Cone NAT
As in full cone NAT, a restricted cone NAT router maps all outgoing packets from an internal IP address and port to a single IP address and port on the external network. In the following example, the NAT router maps the source address of all packets sent from internal IP address 1 and port A to IP address 2 and port B on the external network.
The difference from full cone NAT is in how the restricted cone NAT router handles packets coming in from the external network. A host on the external network (IP address 3 or IP address 4 for example) can only send packets to the internal host if the internal host has already sent a packet to the external host’s IP address.
A Prestige with IP address 1 and port A sends packets to IP address 3 and IP address 4. The NAT router changes the Prestige’s IP address to 2 and port to B.
Both 4, D and 4, E can send packets to 2, B since 1, A has already sent packets to 4. The NAT router will perform NAT on the packets from 4, D and 4, E and send them to the Prestige at IP address 1, port A. Packets have not been sent from 1, A to 3 or 5, so 3 and 5 cannot send packets to 1, A.
Figure 23 Restricted Cone NAT Example
86 | Chapter 12 User Web Configurator Screens |
VoIPon www.voipon.co.uk | sales@voipon.co.uk Tel: +44 (0)1245 808195 Fax: +44 (0)1245 600030 |