Allowing NAT Access to Non-Domain Members

[ZC Wong]

Hi,

RRAS with NAT was set up on a domain controller. Clients won't be able
to gain access via NAT unless they joined the domain. Is it possible to
allow this?

Thanks.

 

[Massimo]

RRAS with NAT was set up on a domain controller. Clients won't be able
to gain access via NAT unless they joined the domain.

This is absolutely false.
The NAT acts at the IP level, without any for of authentication.

Is it possible to allow this?

Simply give your clients a valid IP address/subnet mask and the IP of the
RRAS server as the default gateway.

Massimo

 

[ZC Wong]

"ZC Wong" <[email protected]> ha scritto nel messaggio




This is absolutely false.
The NAT acts at the IP level, without any for of authentication.




Simply give your clients a valid IP address/subnet mask and the IP of the
RRAS server as the default gateway.

Massimo

Thanks for your reply.

Did you actually tried yourself to set up NAT on a domain controller?

NAT will be available to all clients if active directory is not
configured, I suppose you are talking about in this case.

 

[Massimo]

Did you actually tried yourself to set up NAT on a domain controller?

Of course.
It works perfectly... as it should, since (as I said) NAT acts at the IP
level, where there is no authentication (unless you're using IPSec, but
that's a completely different matter).

NAT will be available to all clients if active directory is not
configured, I suppose you are talking about in this case.

No, NAT will *always* be available to any device that A) has a valid IP
address and B) is using the NAT router as the default gateway.

Massimo