Manualshelf

Specifications

ManualsBrandsAVM ManualsSoftwareAccess Server englisch
131132133134135136137138139140
AVM Access Server – Glossary 129
RFC 1918 (Address Allocation for Private Internets) reserves the
following parts of the IP address space for use in private networks:
10.0.0.010.255.255.255 (the 10/8 prefix)
172.16.0.0 – 172.31.255.255 (the 172.16/12 prefix)
192.168.0.0 – 192.168.255.255 (the 192.168/16 prefix)
IP mask: see “Subnet mask” on page 135
IP masquerading
Also known as Network Address Translation, or NAT. A whole network
can communicate with the Internet using just one IP address: A com-
puter situated between the private LAN and the public Internet, with
just one public, “official” Internet address, can forward all LAN com-
puters’ communications to computers in the Internet using its own IP
number as the source address, as if all the connections came from it.
The responses arriving from the Internet are then forwarded to which-
ever LAN computer actually requested the data. In this way the AVM
Access Server substitutes addresses in TCP, UDP and ICMP packets
coming from the LAN so that on the Internet only one IP address ap-
pears in all traffic from the local network. This means that the actual,
internal LAN IP addresses never appear in the Internet, and so do not
have to be “official” addresses. This also protects the local network
against unauthorized access from the Internet: the IP masquerading
gateway is significantly more difficult to break through than a good
packet filter firewall.
See also “NAT (Network Address Translation)” on page 131.
IPsec (IP Security Architecture)
A suite of standards for secure network-layer Internet communication.
IPsec is well suited for VPN connections and remote LAN access over
public telecommunication networks. IPsec uses the two security proto-
cols Authentication Header (AH) and Encapsulating Security Payload
(ESP). AH provides source authentication; ESP provides both authenti-
cation and encryption. Information specific to the security protocols is
transported in a packet header appended to the IP header.
Keep-alive packets
Keep-alive packets are sent periodically throughout the network to ver-
ify whether a client is still active. If the sending station receives no re-
sponse, it clears down the logical connection.