Posted: 23 Jul 2011 11:04 PM PDT
Can private local area network addresses be hidden and allow employees to access the Internet anonymously? This is especially important if you want to avoid external users from initiating conversation with employees or users located on the internal network while still allowing Internet access. This is where masquerade NAT comes to the rescue. Masquerade NAT enables multiple IP addresses to be identified as a single IP address on an internal network.
To use masquerade NAT, you need to specify the range of addresses that need to be translated by NAT. The translated IP addresses replace the source IP addresses on the IP header on all IP packets. A temporary port number replaces the IP source port number if it is available.
Set the MAXCON high enough to accommodate multiple conversations for each PC. The default is usually 128 but it can be set to any preferred value.
Set a HIDE rule statement by specifying the TIMEOUT which determines the time for conversations between the server and the personal computer located on the network. This value determines the waiting period before a response is received and is set to the default value of 16.
Always enable IP forwarding when using NAT by setting the IP datagram verification to YES under the TCP/IP attributes.
In masqueraded networks, only the PCs located inside the network can initiate a conversation or request. For example, a web browser on a PC can access a website while a web browser outside the masqueraded network cannot access a resource located inside the network. To enable 2-way communication, a feature called port forwarding or static NAT is used where administrators configure the translation tables to allow permanent access to resources located inside the masqueraded network.
Give careful attention to the details when implementing a network address translation (NAT) since it can have serious drawbacks on the quality of an Internet connection.
|You are subscribed to email updates from How to hide your ip |
To stop receiving these emails, you may unsubscribe now.
|Email delivery powered by Google|
|Google Inc., 20 West Kinzie, Chicago IL USA 60610|