Using NAT with two external IP

  • Thread starter Thread starter Vlad Zhurba
  • Start date Start date
V

Vlad Zhurba

Hi!

I use NAT on my Win2000 server with two IP addresses assigned to external
interface. Is it a way to tell NAT to use only one of them while server
itself will use another one? I need it to distinguish server traffic from
NAT clients traffic in the access lists on my router to intend clients to
use web-proxy, installed on this server, rather then connecting directly
through NAT. At the same time I need to use NAT to support some applications
(like ICQ and MSN), which doesn't work through web-proxy. I wouldn't like to
install additional SOCKS server for these clients, since IE may use it as
well.
Or may I control to which destination ports NAT may be used, denying any
other?

Vlad Zhurba
Network Administrator
Kaliningrad, Russia
 
I have had some trouble with the feature -- maybe I
configured it incorrectly, etc.

In the RRAS\NAT configuration there is a dialog box
on the Server or External interface where you can
choose the address pool.

There is another dialog where you can setup a DHCP
address pool -- these are not the same but on quick
examination it is possible to confuse the terminology.

Try that, if you have trouble and no one else posts, let
me know and I will work my way through it (again;
haven't done this in some time.)
 
Yes, I've tried to put one of my addresses in the "Adress pool" field. It
doesn't help. As I understood from the documentation, really you have two
choices - share one public address by all of your private clients or assign
for every private client it's own IP address from the public pool. It means
that you have to assign as many public IP addresses to your public interface
as many private clients you have. As far as I understand, the purpose of the
address pool dialog is that if you, for example, got 100 "legal" internet
addresses from your ISP but want your private clients to use only 50 of
them, you turn off "Translate TCP/UDP headers" checkbox, put that 50
addresses in the address pool and you'll allow only 50 clients to work
simultaneously through your NAT.
In my case the problem is that I have two IP's - x.x.x.220 and x.x.x.221 on
my public interface. My server sends it's traffic from x.x.x.220 address.
And no matter if I put x.x.x.221 in the address pool or not - NAT translates
all my private client's addresses into the same x.x.x.220 public address. So
all clients works from x.x.x.220 too! I see no way for now to say NAT to use
x.x.x.221 instead of x.x.x.220.

Vlad.
 
Hi Vlad,

First, I want to know how you realize the NAT function in the Windows 2000?

Second, I also want to know why you want to let the server to go with
another public IP?

And, would you please draw the network topology for me? How many physical
network cards are installed on the server?

I will check it and tell you whether we can realize the function.

Thanks for using Microsoft News Group!

Sincerely,

Steven Liu

Microsoft Online Partner Support

MCSE 2000

Get Secure! ¨C www.microsoft.com/security

This posting is provided ¡°as is¡± with no warranties and confers no rights.
--------------------
| From: "Vlad Zhurba" <[email protected]>
| Subject: Using NAT with two external IP
| Date: Fri, 18 Jul 2003 12:37:53 +0300
| Lines: 19
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <#[email protected]>
| Newsgroups: microsoft.public.win2000.ras_routing
| NNTP-Posting-Host: fregat.koenig.ru 194.186.20.69
| Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.ras_routing:5996
| X-Tomcat-NG: microsoft.public.win2000.ras_routing
|
| Hi!
|
| I use NAT on my Win2000 server with two IP addresses assigned to external
| interface. Is it a way to tell NAT to use only one of them while server
| itself will use another one? I need it to distinguish server traffic from
| NAT clients traffic in the access lists on my router to intend clients to
| use web-proxy, installed on this server, rather then connecting directly
| through NAT. At the same time I need to use NAT to support some
applications
| (like ICQ and MSN), which doesn't work through web-proxy. I wouldn't like
to
| install additional SOCKS server for these clients, since IE may use it as
| well.
| Or may I control to which destination ports NAT may be used, denying any
| other?
|
| Vlad Zhurba
| Network Administrator
| Kaliningrad, Russia
|
|
|
 
Ok. It seems like that. It just takes the first avaible address (rather
lowest one). Looks like there is no way to control it.
 
Back
Top