|
Lesson 3
Securing and Regulating Internet Access
3-31
Practice: Configuring a NAT Router
In this practice, you configure the RRAS module on Server01 to function as a
NAT
router connecting the private network with an ISP’s network. For this
exercise, the
Microsoft Loopback Adapter installed in the Server01 computer is presumed to
be con-
nected to a WAN device providing a connection to the ISP. The other adapter
is con-
nected to the local private network. Afterward, you disable the RRAS
configuration to
return the service to its original state.
Exercise 1: Configuring Routing And Remote Access as a NAT router
In this procedure, you use a predetermined configuration option supplied
with RRAS
to create a router that uses NAT and basic firewall techniques to protect
the private net-
work from intruders.
1. Log on to Server01 as Administrator.
2. Click Start, point to All Programs, point to Administrative Tools, and
then click
Routing And Remote Access. The Routing And Remote Access console appears,
and SERVER01 (local) is listed in the console tree.
3. Click SERVER01 (local), and from the Action menu, select Configure And
Enable
Routing And Remote Access. The Routing And Remote Access Server Setup Wizard
appears.
4. Click Next. The Configuration page appears.
5. Select the Network Address Translation (NAT). Allow Internal Clients To
Connect
To The Internet Using One Public IP Address option button, and then click
Next.
The NAT Internet Connection page appears.
6. With the Use This Public Interface To Connect To The Internet option
button
selected (as it is by default), select the WAN Connection interface. Note
the Enable
Security On The Selected Interface By Setting Up Basic Firewall. Basic
Firewall
Prevents Unauthorized Users From Gaining Access To This Server Through The
Internet check box is also selected by default. Click Next. The Completing
The
Routing And Remote Access Server Setup Wizard page appears.
7. Click Finish. The Routing and Remote Access service starts and
subheadings
appear under SERVER01 (local).
Note that the Internet Group Management Protocol (IGMP) has been installed,
providing support for IP multicasting.
8. Click the NAT/Basic Firewall subheading.
|
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)