Allow internet access (use stack, automatical IP replacing)



       NetCom has own NAT table. You can share your Internet (WAN) connection with other computers in your network. NetCom NAT works like showed on diagram:

 

       For example you'r network topology and configuration equal to represented on this diagram:

 

 

Network: 192.168.0.0
Subnet mask: 255.255.255.0
Server internal address: 192.168.0.1
Server external address: 207.46.130.108

 

If you want to allow access to the Intenet for workstations with addresses 192.168.0.12 and 192.168.0.14, do the following:

 

1. ALLOW ALL

Create rule to allow all network traffic from all to all - (it must be always last item in rules list):

Packet action equal to Allow

 

2. 192.168.0.12

Create rule with allowed access for 192.168.0.12 from internal to external network:

Packet action equal to Allow

Packets direction equal to Incoming (or Outgoing)

Protocols equal to Any IP

Source IP equal to 192.168.0.12

Destination IP NOT in range 192.168.0.0 - 192.168.0.255

Add data about packet to the NAT table [Enabled]

Replace source IP with: [Enabled], Automatically [Enabled]

Replace source Port with: [Enabled], Automatically [Enabled]

 

3. 192.168.0.14

Create rule with allowed access for 192.168.0.14 from internal to external network:

Packet action equal to Allow

Packets direction equal to Incoming (or Outgoing)

Protocols equal to Any IP

Source IP equal to 192.168.0.14

Destination IP NOT in range 192.168.0.0 - 192.168.0.255

Add data about packet to the NAT table [Enabled]

Replace source IP with: [Enabled], Automatically [Enabled]

Replace source Port with: [Enabled], Automatically [Enabled]

 

4. CHANGE RULES ORDER

You must change order of rules to this:

1. 192.168.0.12 - allow access to Internet;

2. 192.168.0.14 - allow access to Internet;

3. ALLOW ALL - needed for normal work of Internet connection and local network.

 

5. ENABLE FILTERING

Select both adapters for filtering (internal and external).

Note: if you use for Internet connection PPPoE, VPN or DialUp - you must select WAN-interface as external!

 

At this moment filtering started.

That's all...

 

NOTE:

       On client computers address of DNS-server(s) must be defined!

       Some firewalls can drop these NATed packets. Not recommended use other firewalls on the same machine with the Routix NetCom.