ZyXEL Communications P-202 User Manual

P-202H Plus v2 Support Notes

2. Configuring NAT
3. Address Mapping Sets and NAT Server Sets

•

NAT Server Sets

•

Examples

1. Internet Access Only
2. Internet Access with an Internal Server
3. Using Multiple Global IP addresses for clients and servers
4. Support Non NAT Friendly Applications

•

What is Multi-NAT?

NAT (Network Address Translation-NAT RFC 1631) is the translation of an
Internet Protocol address used within one network to a different IP address
known within another network. One network is designated the inside network and
the other is the outside. Typically, a company maps its local inside network
addresses to one or more global outside IP addresses and "unmaps" the global
IP addresses on incoming packets back into local IP addresses. The IP
addresses for the NAT can be either fixed or dynamically assigned by the ISP. In
addition, you can designate servers, e.g., a web server and a telnet server, on
your local network and make them accessible to the outside world. If you do not
define any servers, NAT offers the additional benefit of firewall protection. In such
case, all incoming connections to your network will be filtered out by the P-202H
Plus v2, thus preventing intruders from probing your network.

The SUA feature that the P-202H Plus v2 supports previously operates by
mapping the private IP addresses to a global IP address. It is only one subset of
the NAT. The ZyNOS V2.41 for the P-202H Plus v2 100IH is enhanced to
support the most of the features of the NAT based on RFC 1631, and we call this
feature as 'Multi-NAT'. For more information on IP address translation, please
refer to RFC 1631, The IP Network Address Translator (NAT).

•

How NAT works

If we define the local IP addresses as the Internal Local Addresses (ILA) and the
global IP addresses as the Inside Global Address (IGA), see the following figure.
The term "inside' refers to the set of networks that are subject to translation. NAT
operates by mapping the ILA to the IGA required for communication with hosts
on other networks. It replaces the original IP source address (and TCP or UDP
source port numbers) and then forwards each packet to the Internet ISP, thus
making them appear as if they had come from the NAT system itself (e.g., the P-
202H Plus v2 router). The P-202H Plus v2 keeps track of the original addresses
and port numbers so incoming reply packets can have their original values
restored.

All contents copyright © 2006 ZyXEL Communications Corporation.

117