User's Manual
001-5008-000 rev5_2.doc Page 70
Figure 7.18 shows the Private Network 192.168.205.0 being protected from the Public
Network 172.31.5.0. ViPR (1) NAT Eth interface is enabled and ViPR (2) NAT is disabled.
The Host 172.31.5.2 cannot send packets directly to the Private Network because it is
hidden. In this example, remember that Host 172.31.5.2 thinks the IP packets are coming
from 10.0.14.203.
Figure 7.18 NAT on ViPR: Port 2000 is redirected to 192.168.205.125:23
When Host 172.31.5.2 wants to send packets to Host 192.168.205.2 the packets are sent to
10.0.14.203. NAT port translation allows Host 172.31.5.2:1435 (port 1435) to send TCP
packets to 192.168.205.5:23 (port 23) by sending the packets to 10.0.14.203:2000 (port
2000). Figure 7.19 shows how the packets would be modified as they moved through the
network.
Figure 7.19 Packet flow, Port redirection
Packet (1)
Source Address
172.31.5.2:1435
Destination Address
192.168.205.2:23
Packet (1)
Source Address
172.31.5.2:1435
Destination Address
10.0.14.203:2000
Packet (1)
Source Address
172.31.5.2:1435
Destination Address
10.0.14.203:2000
Host 1
192.168.205.2
Host 2
172.31.5.2
V
iPR 1
NAT enabled, Eth is private
Port 2000 translate to Port 23
V
iPR 2
NAT disabled
Private Network
RF Network
Eth: 172.31.5.1
RF: 10.0.14.203
Port 2000
RF: 10.0.14.186
Eth: 192.168.205.1
Host 2
Eth: 172.31.5.2
Port 1435
ViPR (2)
(NAT disabled)
Private Network
Host 1
Eth: 192.168.205.2
Port 23
Public Network
RF Network
ViPR (1)
(NAT enabled,
Ethernet Interface is private, Port redirected)