3d-connexion 17621 User Manual

Compatible Systems Setup Guides: NetworkAddress Translation Configuration GuideDocument ID: 17621Contents − Network Address Translation ConfigurationG

Systems NAT functionality:The NAT External Range in the NAT Router does not have to be directly related tothe IP address of the External NAT Port. How

(*) NOTES: IP sub−interface ports Ethernet 0.1 and 0.2 are shown as seperate connections in FIGURE 3 forclarity, but they really connect through the p

CONCLUDING EXPLANATION REMARKSIf these example explanations have not made the functionality of Network AddressTranslation a little clearer, please see

TCP FIN timeout period (sec.): 180Entered Internal ranges(s): 10.5.3.0/27Entered External ranges(s): 198.41.9.219

TCP SYN timeout period (sec.): 180The router will remove an active NAT Session for TCP after 180 seconds (three minutes) if aSYN TCP packet has no

address 10.5.3.20 and sent to the Internal NAT Network by the router.Line 1 shows a different option for the one−to−one address translation pairs. It

10.5.3.20:0 −>198.41.9.194:0 198.41.9.215:0 ICMP 236/922 105.00 104.0

Sessions Timed Out is the number of NAT Sessions removed from the NAT hash database asa result of a time limit being exceeded. This can occur in one o

| +−−−−−−−−− 10.5.3.20(#)(%) 198.41.9.192 −−−−−−−−−+−−−−−−−−− 198.41.9.194(@)(%) (255.255

<Keyword> = <Value>To find a list of valid keywords and additional help enter "?"[ NAT Global ]# ?Valid keywords for the &apo

EXTERNAL NAT PORTINTERNAL NAT PORT[ IP < Secton ID > ] configure commands and example keywords for Example ThreeEXTER NAL NAT PORTINTERNAL NAT P

(defined next). The NAT Router and the LANs and or WANs to which it is connected mustbe configured so that IP packets with addresses in the InternalRa

be able to communicate with/configure the NAT Router via the Command Line interface.Enabled Overall NAT capability in RouterAfter the InternalRan

Nat_2220> sh nat map[ NAT Map Database ]Total Number of Entries in NAT Map Database: 2−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

Ethernet 0 is the External NAT Port, Ethernet 1 is the Internal NAT Port. The IP protocol onthe Bridge, Wan 0, and Wan 1 has been disabled in this exa

INTERNAL NAT PORT, EXAMPLE 1The configuration of the Internal NAT Port and its relation to the [NAT Global] section isshown next.Nat_2220> config i

NAT functionality enabled (On/Off): OnNAT Response to external ICMPs (On/Off): OnCommunicate w/ Router through IP Ports (On/Off

<Keyword> = <Value>To find a list of valid keywords and additional help enter "?"[ IP Ethernet 0 ] # list[ IP Ethernet 0 ]Mode

and in [ IP Ethernet 0.1 ]:SubnetMask = 255.255.0.0IPAddress = 10.5.0.1Notes: All workstations on the LAN directly connected to the Internal NAT Po

All contents copyright © 1992−−2001 Cisco Systems Inc. Important Notices and Privacy Statement.Updated: Aug 19, 2004 Document ID: 17621

single IP address supplied by an ISP or the company System Administrator, rather than an IPaddress for each workstation −− a savings of nine valuable

Example Three: Very similar to Example Two, except that the External NAT Port, Internal NAT Port, andthe port for the NAT PassThru Range are all locat

CONFIGURATION SECTION. In Example One this is the Ethernet 0 IP interface.The IP Interface which is communicating with the External Network or Interne

On inbound packets, in response, all External NAT destination IP addresses {198.41.9.219}are changed to Internal NAT IP addresses {10.5.3.10}.The NAT

because other descriptions of NAT on the Internet have not explicitly said this and initiallycaused confusion.CONDITION 1: A NAT SESSION INITIATED FRO

allows the NAT Router to make the NAT Web server appear to be at 198.41.9.194. This NATMap Database entry allows the NAT software to create a NAT Sess

(*) NOTES: Private IP Addresses for the Frane Relay connection across the "WAN Cloud".(**) NOTES: All of the machines in the NAT network mus