On FW-1, you can use IP hide, IP source static and IP destination
static.
For IP hide, a number (or a pool) of unregistered internal IP address
can share a single external registered IP address.
For IP source static, a single internal unregisterd IP address will be
translated to a single external registered IP address.
For destination static, a single external registerd IP address will be
translated to a single internal unregisterd IP address.
Proxy and NAT works in a different way. Proxy server works on the
application level. NAT works on network level. For web access, I would
prefer using web proxy rather NAT. Web proxy server such as Netscape
Proxy server and SQUID, will help me lessen traffic on my internet link.
Hope this helps.
----
Jet B. Bagadion
*******************************************
* The aim of education is the knowledge *
* not of facts but of values. *
* -- William Ralph Inge *
*******************************************
Neil D. Quiogue wrote:
>
> On Wed, 16 Jul 1997, Frank Knobbe wrote:
>
> > If the whole private nework is hidden behind one external IP address,
> > than you have a proxy. If 5 private IP addresses are hidden behind 5
> > (different) external IP addresses, than you have NAT.
>
> Err, how does that save on ip addresses? Based on your explanation, I
> don't think it goes hand in hand with the original objective of NAT --
> save on depleting ip addresses. Just a thought...
>
> Maybe what you're trying to put is that for example, you have a number of
> local 'illegal' ip addresses then NAT translates them from your pool of
> 'legal' addresses. So it's not exactly having the same number of
> *different* external (legal) ip addresses as the internal ip addresses.
>
> Please correct me if my understanding is wrong....
>
> [---]
> Neil D. Quiogue
> IPhil Communications Network, Inc.
> e-mail: neil @
iphil .
net
References:
|
|
