1 / 17

Chapter 7: NAT in Internet and Intranet Designs

Chapter 7: NAT in Internet and Intranet Designs. Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization. NAT and Microsoft Windows 2000. Network Address Translation (NAT) Is included in Routing and Remote Access

ivan-cunningham
Download Presentation

Chapter 7: NAT in Internet and Intranet Designs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 7: NAT in Internet and Intranet Designs • Designs That Include NAT • Essential NAT Design Concepts • Data Protection in NAT Designs • NAT Design Optimization

  2. NAT and Microsoft Windows 2000 • Network Address Translation (NAT) • Is included in Routing and Remote Access • Provides small office or home office (SOHO) connectivity • Supports translated connections only • Is not available in Windows 2000 Professional

  3. NAT Design Review • Amount and confidentiality of data • Network resources accessed by remote users • Future growth plans • Existing routers • Network uptime

  4. NAT Characteristics • NAT modifies the IP packet. • IP header • Transmission Control Protocol (TCP) header • User Datagram Protocol (UDP) header • IP packet data • NAT does not work with many protocols.

  5. NAT Design Decisions • Base on organizational requirements. • Decide what the design will support. • Connection type • Client type • Connection method • Network filters • Remote access methods • Number of connections

  6. Stand-Alone SOHO Design

  7. NAT in SOHO Designs • Provides automatic IP configuration to Dynamic Host Configuration Protocol (DHCP) clients • Uses IP filters to restrict access • Provides automatic network address translation • Supports public and private IP addressing • Provides shared Internet access • Provides Internet connectivity over Windows 2000 network interface

  8. Branch Office Connectivity Design

  9. NAT in the Network Design

  10. NAT Server Interfaces • Minimum of two network interfaces • Persistent or nonpersistent connections • IP address and subnet mask

  11. IP Address Assignment • NAT automatic address assignment • Manual configuration • Automatic Private IP Assignment (APIPA) • DHCP server

  12. DNS Name Resolution • Clients need fully qualified domain name (FQDN)–to–IP resolution. • Clients use the DNS server to resolve FQDNs. • Manually configure for specific DNS servers • Specify automatic use of the DNS server NAT

  13. Protecting SOHO Network Resources • Routing and Remote Access IP packet filters • NAT address mapping • NAT address pools

  14. Restricting Internet Access • Use Routing and Remote Access IP packet filters. • Restrict outbound traffic by specifying IP headers. • Allow or disallow users access to Internet resources.

  15. Protecting Corporate Network Resources

  16. NAT Optimization • Dedicate a computer to running NAT. • Choose persistent Internet connection. • Consider using Microsoft Proxy Server 2.0 or Routing and Remote Access routing.

  17. Chapter Summary • NAT is cost effective. • The NAT server should be placed between the network and the Internet. • Resources can be protected by using • Routing and Remote Access packet filters • NAT address mapping • NAT address pools • Use virtual private network (VPN) to protect confidential data. • NAT can be optimized.

More Related