How to create to public to private IP mapping in 2003 RRAS

C

Curtis Fray

Hi,

I'm trying to configure NAT in RRAS (Windows 2003 Server) so that it
forwards incoming traffic on a public IP to an internal machine's private
IP. The internal machine is running Windows XP (SP2) with its firewall
disabled.

So far I've done the following:

1) Added the NAT/Basic Firewall routing protocol into RRAS
2) Added the Public and Private interfaces to the NAT protocol
3) Added an address pool to the Public interface and made a reservation for
the internal machine's private IP

From what I've read I think I now need to configure the Services and Ports
tab, but I'm not sure exactly what to do here. Ideally I'd like to set it up
so I can ping the internal machine by using its public IP from a remote
site.

If anyone can tell me how to do this or point me in the direction of some
instructions I'd appreciate it.

Thanks,

Curtis.
 
R

Robert L [MS-MVP]

You may need to enable inbound connections.

NAT and Firewall
How to enable NAT name resolution How to enable inbound connections How to
configure 2000/2003 NAT services and ports NAT server can assign IP ...
www.chicagotech.net/nat.htm

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi,

I'm trying to configure NAT in RRAS (Windows 2003 Server) so that it
forwards incoming traffic on a public IP to an internal machine's private
IP. The internal machine is running Windows XP (SP2) with its firewall
disabled.

So far I've done the following:

1) Added the NAT/Basic Firewall routing protocol into RRAS
2) Added the Public and Private interfaces to the NAT protocol
3) Added an address pool to the Public interface and made a reservation for
the internal machine's private IP

From what I've read I think I now need to configure the Services and Ports
tab, but I'm not sure exactly what to do here. Ideally I'd like to set it up
so I can ping the internal machine by using its public IP from a remote
site.

If anyone can tell me how to do this or point me in the direction of some
instructions I'd appreciate it.

Thanks,

Curtis.
 
B

Bill Grant

Services and ports is only used to forward traffic on a particular port.
To map one of your public IPs to a machine on the private LAN you use the
Reservations option in NAT.
 
C

Curtis Fray

Thank you both for your input.

Robert - the website you pointed me to is very good as an overview of the
steps but do you know of one with more detailed instructions? I believe I
have already done all the things it suggests other than step 3 under "How to
enable inbound connections" which just says to "configure a special port".
It's at this bit I'm stuck as I need to know exactly what to do with the
special ports, if anything.

Bill - I have already made a reservation as you suggest but this doesn't
seem to be working. If I try and ping the machine's external IP it just
times out, but I can get a reply on its internal IP.

Thanks for your suggestions so far. If you have any other ideas I'd
appreciate it if you could let me know.

Regards,

Curtis.
 
C

Curtis Fray

Ok, I've discovered a connection is possible. Under the "Services and Ports"
tab I configured a Remote Desktop service to use the internal machine. Now,
when I remote desktop to the external IP it does connect me to the correct
internal workstation. However, I still can't work out how to PING the
internal machine using the external address.

Curtis.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top