Instance profiling vronat NAT configuration in Network Address Translation

For common routing users, the NAT configuration of the router is not very difficult, so I studied the detailed steps of the NAT configuration of the router in the network address translation, and I will share it with you here, I hope it will be useful to you. As the Internet rapidly expands at an explosive speed, IP address shortage and routing problems become increasingly prominent. To solve these problems, people have come up with a variety of solutions. Network Address Translation (NAT) is one of the most effective solutions in the current Network environment.

Three NAT applications

The so-called Network Address Translation refers to an enterprise network, where you do not need to apply for a custom IP address as needed), that is, an internal IP address. Within the Organization, computers communicate through internal IP addresses. When a computer in an organization needs to communicate with an external network, a device with the NAT Function, such as a router, is responsible for converting its internal IP address to an external IP address, that is, it communicates with the legal IP address applied by the Organization. In short, the router NAT configuration is to convert IP addresses in some way. In a network, NAT has the following applications:

1. connect to the Internet, but do not want all computers in the network to have a real Internet IP address. At this time, NAT can be used to manage the valid IP addresses in a unified manner. When the internal computer needs to communicate with the internet, it can dynamically or statically convert the internal IP address to a valid IP address.

2. If you do not want the external network to understand the internal network structure, you can use the vronat NAT configuration to isolate the internal network from the external, and the external users do not know the internal IP address.

3. The number of valid IP addresses requested is small, and there are many internal network users. In this case, you can use NAT to allow multiple users to share a valid IP address to communicate with the external network.

To implement NAT through a vro, The vro must have at least one Inside port and one Outside Port. The user in the network connected by the internal port uses the private IP address, that is, the internal port connects to the internal network, and the internal port can be associated with any switch port of the central switch (usually RJ45 port ). The external port is connected to an external network, such as the Internet. The external port can also be connected to the optical fiber (to be converted to RJ45 Interface) line provided by China Telecom.

Generally, vronat NAT is configured on the vro connecting the Intranet to the external public network. When an IP packet leaves the Intranet, NAT is responsible for converting the internal IP address to a valid IP address. When an IP packet enters the Intranet, NAT converts a valid IP address to an internal IP address. Note that the router that enables the NAT Function cannot broadcast the routing information of the internal network to the external network.

NAT translation configuration instance

NAT settings include Static address translation Static NAT), Dynamic address translation Dynamic NAT), and reuse overloading) Dynamic address translation. The following describes the vronat NAT configuration methods: here, the internal local address and the internal valid address are converted one to one, and the corresponding valid address must be specified for conversion. If the internal network has E-mail, FTP, and other servers that can provide services to external users, the IP addresses of these servers must adopt static address translation so that external users can use these services. In the instance, host 10.1.1.2) connects to the vro Ethernet port Gateway: 10.1.1.1/24) and converts the source IP address 10.1.1.2 to 195.1.1.100. :