Intranet How to do port mapping

Due to the limited number of public network IP address, many ISPs are using a number of intranet users through the proxy and gateway routing shared a public network IP on the Internet, which limits the users on their own computer set up personal website, to achieve in these users to set up a website, the most critical point is that How to the multi-user intranet IP and one of their only share the Internet IP map! Just like in a LAN or Internet café, although you can set up more than one server and Web site, but the external network, you still have only an external IP address, how to map the IP network to the corresponding intranet IP address, this should be the intranet of the proxy server or gateway router should do, For our private IP address users that means this is our Access ISP service provider (China Telecom, Unicom, Netcom, railcom, etc.) should provide services, because the implementation of this technology for them is a little effort, and for us is more difficult, first of all, the support of the system administrator can be achieved. Because all of these settings must be done on the proxy server.

To do this, you can use Windows Server's port mapping feature, in addition to WinRoute Pro, as well as a variety of enterprise-class firewalls. For our ordinary users, I am afraid it is most convenient to use Windows Server.

Let's start by introducing Nat,nat (Network address translation) is a way to map an IP address domain to another IP address domain technology, thereby providing a transparent route for the terminal host. NAT includes static network address translation, dynamic network address translation, network address and port conversion, dynamic network address and port conversion, port mapping and so on. NAT is often used to convert private address domains to public address domains to address the lack of IP addresses. After NAT is implemented on the firewall, the internal topological structure of the protected network can be hidden and the security of the network is improved to some extent. If the reverse NAT provides dynamic network address and port conversion function, it can also achieve load balancing functions.

The port mapping feature allows a machine in the internal network to provide WWW services to the outside, not directly to the host that provides the WWW service, if so, there are two shelters, one is the internal machine is not safe, because in addition to WWW, The external network can access all the features of the machine through address translation, and the second is that when multiple machines need to provide this service, they must have the same number of IP addresses to convert, so as not to achieve the goal of saving IP addresses. The port mapping feature maps a host's bogus IP address to a true IP address, and when a user accesses a port that provides a mapped port host, the server transfers the request to a host that provides this particular service to the internal host The port mapping feature also allows you to map multiple ports of a true IP address machine to different ports on different machines on the inside. The port mapping function can also accomplish some specific agent functions, such as proxy pop,smtp,telnet and other protocols. Theoretically can provide more than 60,000 ports mapping, I am afraid we will never use the end.

First, the following to introduce the Internet through NAT sharing and the use of NAT to implement port mapping.

1. On Windows Routing, enter the Routing and Remote Access service from the Administrative Tools, right-click on the server,-"Configure and Enable Routing and Remote Access"

2, point "next"

3, choose "Internet connection Server", so that intranet host can access the Internet through this server.

(It is best to configure a good NAT sharing, so that the LAN host can be normal Internet, otherwise, after the port mapping to configure the NAT sharing is a bit of trouble, do not have a good NAT to share.) ）

4. Select "Set up a router with network address translation (NAT) routing protocol", and do not select "Set up Internet Connection Sharing (ICS)". (The difference between ICS and NAT is how easy it is to use, to enable ICS, you only need to select a check box, and in order to enable NAT, more configuration tasks are required, and the reason why ICS is used for small networks is that it requires a fixed range of IP addresses for internal hosts ; for communication with the external network, it is limited to a single public IP address; it only allows a single internal network interface. )