Scenario: You have Internet access with a range of n public IP addresses. All of your computers are in an intranet. When accessing the Internet, they are masked behind a single IP address. You have a number of local servers. Problem description: The servers should be accessible directly from the Internet at a public address. However, IP masquerading is activated for the default route. IP masquerading prevents the servers from being accessed at a public IP address. Instead, they are available via port forwarding only. Solution: By combining N:N and N:1 mapping, servers can be accessed directly at a public IP address.
- For security reasons all servers are placed into a DMZ. This DMZ consists of a new private IP address range. On the default route, only the intranet is masked . N:N NAT is used to translate the servers in the DMZ into public addresses.
|
|