Firmware upgrades and nat, Firmware upgrades and nat -28 – Netopia R2020 User Manual

10-28 User’s Reference Guide

■

First, navigate to the Show/Change Map List screen, select Easy-PAT List and then Show/Change Maps.
Choose the Static Map you created and change the First Private Address from 192.168.1.1 to
192.168.1.4. Now the router, Web, and Mail ser vers’ IP addresses are no longer included in the range of
static remappings and are therefore no longer accessible to the outside world. Users on the Internet will
not be able to telnet, web, SNMP or ping to them. It is best also to navigate to the public range screen and
change the Static Range to go from 206.1.1.5.

■

Next, navigate to Show/Change Server List and select Easy-Servers and then Add Server. You should
expor t both the Web (www-http) and Mail (smtp) por ts to one of the now free public addresses. Select
Service... and from the resulting pop-up menu select www-http. In the resulting screen enter your Web
ser ver's address, 192.168.1.2 and the public address, for example, 206.1.1.2 and then select ADD NAT
SERVER. Now return to Add Server, choose the smtp por t and enter 192.168.1.3, your Mail ser ver's IP
address for the Server Private IP Address. You can decide if you want to present both your Web and Mail
ser vices as being on the same public address, 206.1.1.2, or if you prefer to have your Mail ser ver appear
to be at a different IP address, 206.1.1.3. For the sake of this example, alias both ser vices to 206.1.1.2.

Now, as before, the PAT configuration will allow any user on the Netopia Router's LAN with an IP address in the
range of 192.168.1.6 through 192.168.1.254 to initiate traffic flow to the Internet. Someone at the FTP ser ver
can access the Internet and the Internet can access all ser vices of the FTP machine as if it were at 206.1.1.5.
The router cannot directly communicate with the outside world. The only communication between the Web
ser ver and the Internet is through por t 80, the web por t, as if the ser ver were located on a machine at IP
address 206.1.1.2. Similarly, the only communication with the Mail ser ver is through por t 25, the SMTP por t,
as if it were located at IP address 206.1.1.2

FFF

Fiiiirrrrm

m

m

mw

w

w

waa

a

arrrree

e

e u

u

u

up

p

p

pg

g

g

grrrraa

a

ad

d

d

dee

e

essss aa

a

an

n

n

nd

d

d

d N

N

N

NA

A

A

ATT

T

T

If you are upgrading from an earlier firmware version, your previous NAT configuration will continue to work as
you have configured it.

A NAT map list, and possibly a ser ver list, will be created for each enabled profile that has NAT enabled. For
each profile with a unique local WAN IP address, a single outside PAT public range will be created whose
address is the profile’s local WAN IP address. A map list will be created with as many maps as there are
enabled subnets on the ethernet. Each of these maps will bind each subnet to the outside public range.

Likewise, if expor ts exist, a ser ver list will be created for each NAT-enabled Connection Profile with a unique
local WAN IP address that maps the interior ser ver address and por t to the local WAN IP address of the profile.

Both the map list and ser ver list that applies to the par ticular profile will be bound to that profile.