chapter 7: nat in internet and intranet designs
DESCRIPTION
Chapter 7: NAT in Internet and Intranet Designs. Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization. NAT and Microsoft Windows 2000. Network Address Translation (NAT) Is included in Routing and Remote Access - PowerPoint PPT PresentationTRANSCRIPT
1
Chapter 7: NAT in Internet and Intranet Designs
Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization
2
NAT and Microsoft Windows 2000
Network Address Translation (NAT) Is included in Routing and Remote Access Provides small office or home office (SOHO)
connectivity Supports translated connections only Is not available in Windows 2000
Professional
3
NAT Design Review
Amount and confidentiality of data Network resources accessed by remote
users Future growth plans Existing routers Network uptime
4
NAT Characteristics
NAT modifies the IP packet. IP header Transmission Control Protocol (TCP) header User Datagram Protocol (UDP) header IP packet data
NAT does not work with many protocols.
5
NAT Design Decisions
Base on organizational requirements. Decide what the design will support.
Connection type Client type Connection method Network filters Remote access methods Number of connections
6
Stand-Alone SOHO Design
7
NAT in SOHO Designs Provides automatic IP configuration to
Dynamic Host Configuration Protocol (DHCP) clients
Uses IP filters to restrict access Provides automatic network address
translation Supports public and private IP addressing Provides shared Internet access Provides Internet connectivity over
Windows 2000 network interface
8
Branch Office Connectivity Design
9
NAT in the Network Design
10
NAT Server Interfaces
Minimum of two network interfaces Persistent or nonpersistent connections IP address and subnet mask
11
IP Address Assignment
NAT automatic address assignment Manual configuration Automatic Private IP Assignment
(APIPA) DHCP server
12
DNS Name Resolution
Clients need fully qualified domain name (FQDN)–to–IP resolution.
Clients use the DNS server to resolve FQDNs. Manually configure for specific DNS servers Specify automatic use of the DNS server
NAT
13
Protecting SOHO Network Resources
Routing and Remote Access IP packet filters
NAT address mapping NAT address pools
14
Restricting Internet Access
Use Routing and Remote Access IP packet filters.
Restrict outbound traffic by specifying IP headers.
Allow or disallow users access to Internet resources.
15
Protecting Corporate Network Resources
16
NAT Optimization
Dedicate a computer to running NAT. Choose persistent Internet connection. Consider using Microsoft Proxy Server
2.0 or Routing and Remote Access routing.
17
Chapter Summary NAT is cost effective. The NAT server should be placed
between the network and the Internet. Resources can be protected by using
Routing and Remote Access packet filters NAT address mapping NAT address pools
Use virtual private network (VPN) to protect confidential data.
NAT can be optimized.