NAT equivalent

Unanswered Question
Jun 11th, 2010
User Badges:

One of our contractor wants a large range or private subnet. I told him the solution is not feasible as we need to monitor all our workstations remotely. To my knowedge, if we implement PAT, it would be impossible possible to manage internal workstations, unless we use Static NAT. r allocate a range of public IPs for the workstations. Furthermore, the edge router will be manage by the third party which will make life harder for us.


Are there any products or tools that allow private IP addresses (10.x.x.x & 172.16.x.x & 192.168.x.x ) to be accessesible from the Internet?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
vmiller Fri, 06/11/2010 - 07:34
User Badges:
  • Gold, 750 points or more

I would consider some form of "jump server" that advertises 1 address to the internet and would support whatever connectivity or reporting you need

on the private side. It makes your infrastructure a bit more complicated, but would provide the functionality you need.

after1111 Fri, 06/11/2010 - 07:59
User Badges:

I would like to manage all our workstations remotely across the WAN, using NAT would be difficult to manage and troubleshoot. Both of my remote sites are connecting to a virtual private network cloud. In conclusion, NAT is the only solution for private IPs to be accessed across the internet?

vmiller Fri, 06/11/2010 - 08:08
User Badges:
  • Gold, 750 points or more

Managing remotes over the WAN is done all the time. Depending on how many devices you need to manage you may not have an internet rotuable address big enough. Having some form of utility server at the remote would eliminate the need for natting all the workstations, and provide some measure of control over the envriornment.

after1111 Fri, 06/11/2010 - 08:26
User Badges:

Hi,


Thanks for your response,

Allow me to clarify.


The problem is that I have only 1 public ip address and 100 private IPs (for workstations servers and wireless APs). Therefore I have to use NAT. How can I to RDP/manage all 100 devices remotely/?

vmiller Fri, 06/11/2010 - 09:16
User Badges:
  • Gold, 750 points or more

Unless you have enough public address space to assign a host to each device, you can't use NAT.



That’s why you need a serving device at the far end. You jump to it via the public address then manage your private address devices. The serving device would have 2 interfaces, public and private.

abersven Sun, 06/13/2010 - 04:16
User Badges:

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi; mso-fareast-language:EN-US;} I suggest that you consider to use VPN and extend the private IP network across the Internet via the VPN to your management station.


/André

argnetworking Fri, 06/11/2010 - 18:14
User Badges:

Can't you VPN to the site and manage everything through the VPN?


Or you need something like logmein.com , if you don't trust a commercial site you are going to make your own service.

Actions

This Discussion