This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
configuration:1to1_napt [2018/10/24 08:45] fachet |
configuration:1to1_napt [2024/04/18 13:34] (current) fachet |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== 1:1 Network NAT ====== | ====== 1:1 Network NAT ====== | ||
- | With 1:1 NAT you can Map a whole network IP-range into another. This can be handy if you want to maintain a common local ip range like 192.168.1.0/24 but also have the possibilty to connect to each IP from the outside | + | With 1:1 NAT you can Map a whole network IP-range into another. This can be handy if you want to maintain a common local ip range like 192.168.1.0/24 but also have the possibilty to connect to each device with a "global valid" IP from the outside. All devices are remotely connected via the back-end network 172.31.0.0/24. |
{{:configuration:1-1nat.jpg|}} | {{:configuration:1-1nat.jpg|}} | ||
- | Common Example: A Tram installed with a lot of devices like: ticketmachines, videocameras or WLAN Accesspoint. The local technican wants to connect | + | Common Example: |
- | * to the ticketmachine via **192.168.1.13**, | + | Vehicles have installed ticketmachines, videocameras and other devices. Each vehicle has the same local network (192.168.1.1/24). E.g. a local connected technican wants to connect |
- | * to the videocamera via **192.168.1.14** | + | * to the ticketmachine via **192.168.1.10**, |
- | * and the WLAN accesspoint via **192.168.1.15**. | + | * to the videocamera via **192.168.1.11** |
+ | * and all other devices via **192.168.1.XX**. | ||
- | But in the same moment you want to have a remote connection via WLAN and connect to each tram and device idividually. So would you want to have IPs like: | + | In addition you wan't have a remote connection to each device in each vehicle individually. |
- | * to the ticketmachine via **10.10.123.13**, | + | Vehicle 1 - 172.31.0.10: |
- | * to the videocamera via **10.10.123.14** | + | * to the ticketmachine via **10.8.1.10** |
- | * and the WLAN accesspoint **via 10.10.123.15**. | + | * to the videocamera via **10.8.1.11** |
- | + | * and all other devices via **via 10.8.1.XX** | |
- | Where 123 would be your vehicle/tram number. So each tram and device can be addressed directly. | + | Vehicle 2 - IP 172.31.0.11: |
+ | * to the ticketmachine via **10.8.2.10** | ||
+ | * to the videocamera via **10.8.2.11** | ||
+ | * and all other devices via **via 10.8.2.XX** | ||
+ | Vehicle NN - IP 172.31.0.YY: | ||
+ | * to the ticketmachine via **10.8.NN.10** | ||
+ | * to the videocamera via **10.8.NN.11** | ||
+ | * and all other devices via **via 10.8.NN.XX** | ||
To avoid creating 3 or even more NAPT rules you can use the network based rules and do this with only 2 Rules. | To avoid creating 3 or even more NAPT rules you can use the network based rules and do this with only 2 Rules. | ||
+ | |||
+ | ===== Networking Rules in the back-end ===== | ||
+ | 10.8.1.0/24 -> 172.31.0.10 | ||
+ | 10.8.2.0/24 -> 172.31.0.11 | ||
+ | 10.8.NN.0/24 -> 172.31.0.NN | ||
===== Basic Napt Rules ===== | ===== Basic Napt Rules ===== | ||
- | + | Vehicle 1: | |
- | * Inbound: Map 10.10.**123**.0/24 to 192.168.**1**.0/24 | + | * Inbound: Map 10.8.**1**.0/24 to 192.168.1.0/24 |
- | * Outbount: Map 192.168.**1**.0/24 to 10.10.**123**.0/24 | + | * Outbount: Map 192.168.1.0/24 to 10.8.**1**.0/24 |
+ | Vehicle 2: | ||
+ | * Inbound: Map 10.8.**2**.0/24 to 192.168.1.0/24 | ||
+ | * Outbount: Map 192.168.1.0/24 to 10.8.**2**.0/24 | ||
+ | Vehicle NN: | ||
+ | * Inbound: Map 10.8.**NN**.0/24 to 192.168.1.0/24 | ||
+ | * Outbount: Map 192.168.1.0/24 to 10.8.**NN**.0/24 | ||
===== Configuration ===== | ===== Configuration ===== | ||
- | To Configure this scenario all you need are two rules | + | To Configure this scenario all you need are two rules per router - Veihcle 1 |
* Inbound NAT Rule | * Inbound NAT Rule | ||
- | {{ :nrsw:screenshot_-_140415_-_11_32_57.png?600 |}} | + | {{ :configuration:napt_in.png?800 |}} |
* Outbound NAT Rule | * Outbound NAT Rule | ||
- | {{ :nrsw:screenshot_-_140415_-_11_39_52.png?600 |}} | + | {{ :configuration:napt_out.png?800 |}} |