Nat server, Internet – Enterasys Networks Network Card User Manual

RiverMaster Administrator’s Guide

33

Chapter 3

Before You Begin

Configuring an ANG-3000/7000

NAT Server

RiverMaster’s NAT server feature provides support for security conscious
administrators who want to conceal the physical IP address of their system
(ANG or another Gateway) without affecting Aurorean service. By
configuring a NAT Server with an alias IP address for the ANG (refer to
page 41 for instructions), the real IP address of the ANG will remain hidden
and any IP address received by the NAT Server will be translated to the real
IP address of the destination for all incoming clients. This ensures that clients
access the correct IP address and build a tunnel connection to the ANG
without revealing physical addresses. The process is reversed for clients on
the corporate LAN seeking to dial up remote destinations.

In Figure 15 below, the IP addresses received at the NAT Server for Servers #1,
#2 and the ANG are translated into the real IP addresses of the destination
servers.

Figure 15 Aurorean Virtual Network’s NAT Server Feature

Aurorean Client

NAT

Server

Server #1

Server #2

INTERNET

PC

PC

200.57.115.15

200.57.115.23

200.57.115.18

Server #1: 165.32.46.34

Server #2: 165.32.46.115

ANG: 165.32.46.98

NAT Server Received IP Addresses

Aurorean

Network

Gateway

Aurorean

Policy

Server