NAT Configure on IR900

1. Introduction Network Address Translation (NAT) simplifies and conserves IP addresses. It enables private IP networks to connect to the Internet using unregistered IP addresses (in the private address space specified in RFC 1918). NAT operates on a router, usually connecting two networks together, and is used to translate the private addresses in the internal network into legal routable addresses, before packets are forwarded to another network, because ISPs will not route RFC 1918 addresses. NAT offers the dual functions of security and address conservation, and is typically implemented in remote-access environments at the edge of the network where an enterprise connects to its ISP. 2. Configure NAT on IR900 From navigation panel, select Firewall>>NAT, then enter “NAT” page, as shown below.
http://www.m2mlib.com/uploads/article/20171101/c84de6e9a177cbf740766486e35dbc58.jpg
Click <Add> to add new NAT rules, as shown below.
http://www.m2mlib.com/uploads/article/20171101/124918098dfa6c601aa035647cff3d08.jpg
Page description is shown below: 
http://www.m2mlib.com/uploads/article/20171101/901e27540ed357edea2aaac0a185b47e.png
3. Examples Next we take two examples to explain the NAT function. Application Case 1- SNAT: SNAT allows IR900 to act as an Internet gateway for internal LAN clients by translating the clients' internal network IP Addresses into a public IP Address on IR900. Network topology as the following show. When the PCs in the LAN nework (192.168.1.0/24)need to access internet, IR900 will translate their source IP address to the IP address of one interface on IR900.
http://www.m2mlib.com/uploads/article/20171101/d7044ce659e18b9f6092d6eff0e998d3.jpg
Configure on IR900: Step 1: Configure ACL;
http://www.m2mlib.com/uploads/article/20171101/570111de339db142f4bf95d628397c85.jpg
Step 2: Configure NAT;
http://www.m2mlib.com/uploads/article/20171101/de7710529c559a17ea8c83ab65afef57.jpg
Step 3: Define inside and outside interface;
http://www.m2mlib.com/uploads/article/20171101/c76f8471c5cc32dd68298ca2f0c71c73.jpg
Application Case 2- DNAT(Port Mapping/Forwarding): Port mapping/forwarding allows remote computers (for example, computers on the Internet) to connect to a specific computer or service within a private local-area network (LAN). As the following show, Any device which is capable of reaching internet can access remote service (192.168.2.100:8000) via port mapping .
http://www.m2mlib.com/uploads/article/20171101/dcf6cc5f1fcf915ace0c3edba16425f7.jpg
Configure on IR900:
http://www.m2mlib.com/uploads/article/20171101/7608e5bb05b8fc882a20dffa3cb68960.jpg
http://www.m2mlib.com/uploads/article/20171101/e3f080c7e105d78b32cb2cbd7cce877d.jpg
  Contact us  Copyright © 2011 InHand Networks, All rights reserved.  Tel: 86-10-64391099-8022  Fax: 86-10-64399872  Address: Wangjing Science Park, Road Lizezhonger, Chaoyang District, Beijing, P. R. C, 100102  Website: http://www.inhandnetworks.com  Email: info@inhandnetworks.com  

0 个评论

要回复文章请先登录注册