UEU-co logo

ch22lev1sec2.html


Previous Page Next Page

Configuring NAT on the Server

As mentioned in Hour 18, the Routing and Remote Access Services (RRAS) are added to a server when you add the RRAS role in the Add Roles Wizard. (Open the Add Roles Wizard via the Initial Configuration Tasks window or the Server Manager.) When RRAS is enabled in the Routing and Remote Access snap-in, you can add NAT in the Routing and Remote Access Server Setup Wizard (discussed in Hour 18).

If you did not add NAT in the Routing and Remote Access Server Setup Wizard, you can add NAT as a routing protocol: In the RRAS snap-in, right-click the General node (in the node tree) and select New Routing Protocol from the shortcut menu. Select NAT in the New Routing Protocol dialog box. Then click OK.

NAT is configured as a protocol. After NAT has been added to the RRAS configuration, you then add an interface for the protocol and then provide configuration information for the protocol—in this case NAT. Let’s take a look at adding NAT Interfaces and then look at additional configuration information related to NAT.

By the Way

You cannot run the DHCP Relay Agent and NAT on the same RRAS server. So if you are using the server as a router (multihomed) computer, you need to deploy NAT on another server (that is also configured with at least two network interfaces)

When you add the NAT interfaces to the RRAS configuration, you need to add one private interface (this is connected to the private network) and an interface that will serve as the public interface. It is this interface that will be connected to the Internet.

To create a new NAT interface in the RRAS snap-in, right-click the NAT node in the IPv4 node (expand the IPV4 node) and select New Interface from the shortcut menu. The New Interface for IPNAT dialog box opens (see Figure 22.1).

Figure 22.1. Add the new NAT interface.

Select an interface in the New Interface for IPNAT dialog box. Then click OK. As already mentioned, you configure one interface as public and the other interface as private. Let’s take a look at creating a public interface and then a private interface.

In the Network Address Translation Properties dialog box (for the currently selected interface), select the Private Interface Connected to Private Network option button. Then click OK.

Repeat the process of creating a new NAT interface (select the interface in the IPNAT dialog box, and then click OK to open the NAT Properties dialog box for the interface). To create the public interface, click the Public Interface Connected to the Internet option button. Then click Enable NAT on This Interface (see Figure 22.2).

Figure 22.2. Enable NAT on the public interface.

You can now set the other properties for this NAT public interface. Click the Service and Ports tab of the Properties dialog box.

You can select Internet-related services requested on your private network that are redirected to the public interface (and Internet nodes). For example (see Figure 22.3), you can enable the FTP Server service, the Post Office Protocol Version 3 (POP3) email service, and the Web Server (HTTP) service.

Figure 22.3. Select the services you want to redirect from the private network to the public interface.

After you have finished making your selections you can close the dialog box. Click OK.

The only thing that you still need to configure related to NAT (and your private and public interfaces) is NAT’s capability to assign private IP addresses to the clients on your private network. Right-click the NAT node in the RRAS snap-in. Select Properties.

In the NAT Properties dialog box, click the Address Assignment tab. Then click the Automatically Assign IP Addresses by Using the DHCP Allocator check box (see Figure 22.4).

Figure 22.4. Configure the address assignment settings in the NAT Properties dialog box.

By default a private Class B subnet network address is provided and the appropriate subnet mask. You can use the IP address range provided or you can use any of the private networks (Class A, B, or C) to create your own subnet and mask. If you need to add exclusion to the IP address pool (for computers that need a fixed IP address from the pool), click the Exclude button and add reserved addresses as needed. When you have completed configuring the Address Assignment settings, click OK to close the NAT Properties dialog box.

If you have configured the NAT interfaces correctly, the NAT server should operate without errors. If computers on the network are having trouble communicating with the Internet or computers outside the network are have trouble communicating with computers on the private network, use the Event Viewer to check NAT-related log files. These should provide some insight into configuration errors that might have occurred when NAT was implemented on the server.

Previous Page Next Page

Leave a Reply


Time limit is exhausted. Please reload the CAPTCHA.

Categories

apply_now Pepperstone Group Limited