Re: Filter Internet NAT Redirection



In article <fkufj2d1rifpfitvblffti0ki8us7cqqdt@xxxxxxx>,
Nancy Pi Squared <weirdlinks@xxxxxxxxxxxxx> wrote:

Say I have a single computer, router, and modem.

I'll take it that you mean something like "DSL modem" rather than
acoustic modem.

Say my one computer has an ip address of 192.168.0.1
But my computer/router/modem ip address is 66.249.65.231

Say my computer is acting as a "server" for something.
Say that something is it's acting as an FTP server.

Say the router is not filtering NAT redirection.

Are you telling me that I can sit at my computer (server) at
192.168.0.1 to ftp 66.249.65.231 and that ftp request will go to the
router, to the modem, to the isp domain name server, and then loop
back to the modem, to the router, and finally back to the one computer
on my network that the router knows is at 66.249.65.231?

The router itself knows that its IP address is 66.249.65.231, so
the ftp request would go out from your computer to the router, which
would see that the destination was the same as the public IP of
the router, and so would rewrite the packet to be addressed to
192.168.0.1 and would send it back to the computer.

The ADSL modem and ISP DNS server would only be involved if you
were to ask for the resource by hostname and your computer's DNS
client asked the ISP DNS server to resolve the name and got told
your public IP address. The DNS request would go out via the ADSL
link to some server and come back again, but once the IP address of
the destination was known to your local computer, it would place
the ftp request by IP address, and your local router would
short-circuit the run.


Then I turn on the router option to filter NAT redirection.

I sit at my computer (server) at 192.168.0.1 to ftp 66.249.65.231 and
that ftp request will go to the router, to the modem, to the isp
domain name server, and then loop back to the modem, to the router,
and stop there never making it back to the computer only the router
knows is at 66.249.65.231?

Correct yet?

No, if the filtering was on, then when the outgoing request reached
your router, your router would see that the public IP of the
destination was one handled by the router, and the router would deny
the request without allowing it out to the ISP.
.



Relevant Pages

  • Re: SBS2003 and DSL Modems.
    ... let the router do the authentication rather than some software on the SBS ... > I am trying to get SBS2003 to play well with a DSL Modem/Router. ... > The Server has an inside and outside NIC card. ... The Modem dials out, but the IP address coming back ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Remote Access - without domain name
    ... and have lengthy phone calls and e-mails to Speedtouch ... It seems that because the router IP is 10.0.0.138 ... forwarding traffic onto the server will not work. ... This is why I am thinking of buying a modem, is your only criticism of this ...
    (microsoft.public.windows.server.sbs)
  • Setting up a web server with Netgear WGT 624 and Netgear 632
    ... an ADSL modem Netgear 632. ... router for HTTP pointing it to the PC where Tomcat is installed ... Default DMZ Server FALSE ... Use Router as DHCP Server FALSE ...
    (alt.internet.wireless)
  • SBS2003 and DSL Modems.
    ... I am trying to get SBS2003 to play well with a DSL Modem/Router. ... The Server has an inside and outside NIC card. ... #1, Connect the DSL Modem to the outside NIC, turn off the router functions, ... The Modem dials out, but the IP address coming back from ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Remote Access - without domain name
    ... I would definitely stick to external modem with router for PPPoE to keep ... connection active on Server restarts. ...
    (microsoft.public.windows.server.sbs)