User's Manual
Table Of Contents
- 1 VIPER OVERVIEW
- 2 SYSTEM ARCHITECTURE AND NETWORK PLANNING
- 3 DATARADIO VIPER QUICK START
- 4 VIPER WEB MANAGEMENT
- 5 UNIT STATUS
- 6 SETUP (BASIC)
- 7 SETUP (ADVANCED)
- 7.1 RF OPTIMIZATIONS
- 7.2 IP SERVICES
- 7.3 IP ADDRESSING
- 7.4 IP OPTIMIZATION
- 7.5 IP ROUTING (TABLE/ENTRIES)
- 7.6 TIME SOURCE
- 7.7 ALARM REPORTING
- 7.8 USER SETTINGS
- 8 SECURITY
- 9 STATISTICS
- 10 MAINTENANCE
- 11 NEIGHBOR MANAGEMENT
- 12 NETWORK OPTIMIZATION
- 13 UPGRADING YOUR FIRMWARE
- VIPER SPECIFICATIONS
- PRODUCT WARRANTY
- DEFINITIONS
7.2.4 NAT Overview
The purpose of the NAT protocol is to hide a private IP network from a public network. The
mechanism serves both as a firewall and to save IP address space.
The NAT enabled device translates the source address of packets transiting from the private
network to the public network. The original IP source address gets replaced by the NAT
enabled device’s IP address (address of the outgoing interface). The NAT module creates
an address translation table that is used when traffic is coming back from the public
network to the private network.
Packet (1)
Source Address 192.168.205.2
Destination Address 172.31.5.2
Packet (1)
Source Address 172.31.5.1
Destination Address 172.31.5.2
NAT Enabled Device
Packet (2)
Source Address 172.31.5.2
Destination Address 192.168.205.2
Packet (2)
Source Address 172.31.5.2
Destination Address 172.31.5.1
Host 1
192.168.205.2
Host 2
172.31.5.2
192.168.205.1
172.31.5.1
Public Network 172.31.5.0
Private Network 192.168.205.0
Figure 7.8 - Basic NAT Operation
In our example, Host 1 sends a packet to Host 2. The Host 2 device does not see the private
IP address of Host 1. When Host 2 sends a reply to Host 1, Host 2 uses the destination IP
address 172.31.5.1, which is translated back to the appropriate destination IP address by
the NAT enabled device. (See Figure 7.8)
NAT does a lot more than just translation of the source IP address. For the UDP and TCP
protocol, NAT will also translate the source port numbers. Special handling is also done for
more specific protocols like FTP (port 21) and Modbus (port 502).
7.2.5 NAT on Viper
The user can select which of two interfaces (Ethernet or RF) will be considered private. The
following examples illustrate how to configure the Vipers. The examples use a private
network of 192.168.205.X and a public network of 172.31.5.X.
001-5008-000(Rev8) Page 69