(ASCEND) NAT question

To: ascend-users@max.bungi.com
Subject: (ASCEND) NAT question
From: root@austintx.net (AIA - root)
Date: Wed, 04 Feb 1998 13:18:00 +0600
Sender: owner-ascend-users@max.bungi.com

I wonder if I can get a little help on this.  I hope I explain the problem
neither too much nor too little...

I'm setting up a client's LAN.  Their P75 5.1Ap9 calls our M4k 5.0Ap42.
Great...

I want a few computers on their LAN to have actual Internet addresses so
those computers can run Server programs.  For the purpose of illustration,
let's suppose those few computers each need 20 various ports accessible
from the Internet.  And those computers need to be able to access the
Internet.

Then, there's a variety of other computers that I want to just be able to
access the Internet.

I have, let's say, 192.168.139.1xx numbers statically assigned (to avoid
potential confusing with losing DHCP leases on the local IPs) on all the
computers on the LAN, and the computers I want accessible From the Internet
ALSO have a 208.29.179.xxx IP statically assigned.

I have the Max connection profile setup for DHCP responses from the
particular pool that has the remaining IPs from their Internet subnet.

I would think I could set up Multi IP NAT on the P75 and do what I
described, but the problem is that the P75 seems to use it's own IP to map
one of the LAN computers like this (#s changed to protect the innocent):
 > natlan
NAT_PPP: 192.168.139.110 mapped to 209.29.179.129;
2D3390/DHCP_LEASED: 209.29.179.131 mapped to 209.29.179.132; expir...
2D3650/DHCP_LEASED: 192.168.139.107 mapped to 209.29.179.133; expir...
2D36D0/DHCP_LEASED: 209.29.179.130 mapped to 209.29.179.134; expir...

The MAX sees 209.29.179.129 (via the WAN link) as the gateway to that
subnet.  So when the Pipeline maps that 209.29.179.129 to another computer,
the Internet can't access the other computers that have statically assigned
IPs since the computer mapped with 209.29.179.129 (the 192.168.139.110 in
the case) won't (necessarily) forward the packets.

Within the operation of NAT, all the computers are able to access the
Internet.  The Internet is NOT able to access the computers with the
statically assigned IPs.

I've tried various combinations of configurations.  Presently, the Max
connection profile has LAN Adrs=209.29.179.129/28.  The P75 has IP
Adrs=192.168.139.100/24 and 2nd Adrs=209.29.179.129/28.

The Internet accessible computers don't actually need 20 ports visible... I
possibly could get away with 10 static mappings if that would allow me to
solve the problem.  I'd really like to use a default server IP to take care
of the one computer that has the most ports that need to be available, but
that doesn't work with Multi IP NAT and I believe I can't fulfill my other
needs with Single IP NAT.

Any help???


Joseph
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Prev by Date: Re: (ASCEND) SNMP for Max4004
Next by Date: Re: (ASCEND) NAT Routing
Prev by thread: Re: (ASCEND) NAT question
Next by thread: Re: (ASCEND) NAT question
Index(es):
- Main
- Thread