Network address translation and spa9x2 phones, Cisco confidential--first draft, Introducing linksys spa9x2 phones – Linksys BUSINESS SPA922 User Manual

Page 18

Advertising
background image

Linksys SPA9x2 Phone Administration Guide

Cisco Confidential--First Draft

11

Network Address Translation and SPA9x2 Phones

Introducing Linksys SPA9x2 Phones

If security is not a concern, you can disable stateful packet inspection (SPI) on your firewall (if
you have it). SPI allows a firewall to be aware of a packet’s state; only recently-sent requests are
allowed into the network.

Network Address Translation and SPA9x2 Phones

In a typical application of network address translation (NAT), all devices in a subscriber network
access the Internet through a router with a single public IP address. The IP address is assigned
by a service provider. The IP header of the packets sent from the private network to the public
network is substituted by NAT with the public IP address and a port assigned by the router. The
receiver of the packets on the public network sees the packets as coming from the external
address instead of the private address of the device.

You can implement NAT in three ways:

Full cone NAT (one-to-one NAT)— All requests from the same internal IP address and port
are mapped to the same external IP address and port. An external host can send a packet to
the internal host by sending a packet to the mapped external address

Restricted cone NAT—All requests from the same internal IP address and port are mapped
to the same external IP address and port. Unlike a full cone NAT, an external host cannot
send a packet to the internal host unless the internal host previously sent a packet to it.

Port-restricted cone NAT (symmetric NAT)—Similar to restricted cone NAT, but the
restriction includes port numbers. An external host can send a packet to a particular port on
the internal host only if the internal host previously sent a user datagram protocol (UDP)
packet from that port to the external host. UDP is a connectionless messaging protocol for
delivery of data packets.

See the following topics:

”Routers and Service Provider Support of NAT” section on page 12

SIP Proxy

Internet

ITSP

IP Router (firewall)
Broadband modem

Switch

Internet (WAN) Interface

SPA9000

UserA

UserB

UserC

ISP

Advertising
This manual is related to the following products:

BUSINESS SPA962, BUSINESS SPA932, BUSINESS SPA942

Popular Brands
Popular manuals