3 nat – Draytek 2800 Series User Manual

Page 40

background image

Vigor2800 Series User’s Guide

36

D

D

i

i

s

s

a

a

b

b

l

l

e

e

S

S

t

t

a

a

t

t

i

i

c

c

R

R

o

o

u

u

t

t

e

e

1.

Click the Index Number that you want to disable from the Static Route
Configuration
page.

2.

Select Inactive/Disable from the drop-down menu, and then click the OK button to
disable the route.

3

3

.

.

3

3

N

N

A

A

T

T

Usually, the router serves as an NAT (Network Address Translation) router. NAT is a
mechanism that one or more private IP addresses can be mapped into a single public one.
Public IP address is usually assigned by your ISP, for which you may get charged. Private IP
addresses are recognized only among internal hosts.

When the outgoing packets destined to some public server on the Internet reach the NAT
router, the router will change its source address into the public IP address of the router, select
the available public port, and then forward it. At the same time, the router shall list an entry
in a table to memorize this address/port-mapping relationship. When the public server
response, the incoming traffic, of course, is destined to the router’s public IP address and the
router will do the inversion based on its table. Therefore, the internal host can communicate
with external host smoothly.

The benefit of the NAT includes:

z

Save cost on applying public IP address and apply efficient usage of IP address.
NAT allows the internal IP addresses of local hosts to be translated into one public IP
address, thus you can have only one IP address on behalf of the entire internal hosts.

z

Enhance security of the internal network by obscuring the IP address. There are
many attacks aiming victims based on the IP address. Since the attacker cannot be
aware of any private IP addresses, the NAT function can protect the internal network.

On NAT page, you will see the private IP address defined in RFC-1918. Usually
we use the 192.168.1.0/24 subnet for the router. As stated before, the NAT facility
can map one or more IP addresses and/or service ports into different specified
services. In other words, the NAT function can be achieved by using port mapping
methods.

Below shows the menu items for NAT.