This bureaucracy allows you to adumbrate (masquerade) your clandestine IP abode from a accessible network. This means, for example, that in your clandestine arrangement you can accept whatever clandestine IP you appetite which is again in about-face translated to the accessible arrangement IP accustomed to you by your arrangement provider. This tutorial can appropriately be acclimated by audience who appetite to affix to a arrangement after acute a change to the centralized IP acclamation of their LAN.
Example
In the afterward archetype we accept a wireless interface which connects to a accessible wireless arrangement and an Ethernet interface for the bounded clandestine network.
Suppose we accept 192.168.1.2/24 (Internal Clandestine Network)
Your RouterBoard's Ethernet interface is 192.168.1.1/24 (fixed Clandestine Arrangement IP)
Your RouterBoard's Wireless agenda is 10.140.1.30/26 (Public Network)
The Access Point you affix to is 10.140.1.1/26 (Public Arrangement gateway)


-->First set the two IP addresses of the ethernet and wireless interfaces



  • Second set the static route so that we can access the external Public network

most likely you will want to use 0.0.0.0/0 as the destination in your primary public route----



-->We start building the NAT as follows




  • First the Destination Network Address Translation setting (DST-NAT)

Only do this if you want to expose this specifice internal pc to all ports, this is the same as a DMZ-----



  • Then the Source Network Address Translation setting (SRC-NAT)
---On the Action Screen you could instead choose masquerade--- 


-->Private to Public Network Address Translation (NAT) is Complete!


Note: Network Address Translation (NAT) requires that connection tracking be enabled.

0 التعليقات:

Post a Comment