NAT

  • Thread starter Thread starter Manu
  • Start date Start date
M

Manu

Hi,

I have a Win2000server network as a domain.The
network uses static IP address.One of the client system
has a Win200 Professional installed which has a web
connection through a network card from ISP.No other
machine has Internet connection in this network.Now i am
planning to give Internet connection to some of the other
machines in this network.Can I use NAT for this?If I am
using this technique can i use any security for other
machines in network for "not accessing the web"?
Can anyone help me in setup NAT?
Regards,
Manu
 
Manu,
I assume you mean 'by a network card' that the workstation has access
through a cable modem or DSL? In that case, you would set up NAT through the
router that connects to the cable/DSL modem. For instance:

ISP assigns the address 172.25.25.64 to your modem. That connects to the WAN
(outside) port on your firewall/router. The LAN (inside) port has the
address 192.168.1.1. The workstations that you want to have Internet access
have the gateway address set for 192.168.1.1. The ones you don't want to
have access do not have a gateway assigned, just the IP address of
192.168.1.x and a netmask of 255.255.255.0.

You can go further than this by configuring your router as a DHCP server,
and reserving those addresses you want to have access. This way, they will
always have those addresses. You further set the firewall restrictions so
that only those addresses can access the Internet - the other ones are
blocked. This way, if a user figures out that she needs to add a gateway
address, it still won't let her access - she'd have to rip the network card
out of one of the allowed machines, and install it in hers - which is
somewhat unlikely (with my users, at least).

Hope this helps!
Kara
 
Back
Top