06-11-2010 04:51 AM - edited 03-04-2019 08:45 AM
One of our contractor wants a large range or private subnet. I told him the solution is not feasible as we need to monitor all our workstations remotely. To my knowedge, if we implement PAT, it would be impossible possible to manage internal workstations, unless we use Static NAT. r allocate a range of public IPs for the workstations. Furthermore, the edge router will be manage by the third party which will make life harder for us.
Are there any products or tools that allow private IP addresses (10.x.x.x & 172.16.x.x & 192.168.x.x ) to be accessesible from the Internet?
Thanks
06-11-2010 07:34 AM
I would consider some form of "jump server" that advertises 1 address to the internet and would support whatever connectivity or reporting you need
on the private side. It makes your infrastructure a bit more complicated, but would provide the functionality you need.
06-11-2010 07:59 AM
I would like to manage all our workstations remotely across the WAN, using NAT would be difficult to manage and troubleshoot. Both of my remote sites are connecting to a virtual private network cloud. In conclusion, NAT is the only solution for private IPs to be accessed across the internet?
06-11-2010 08:08 AM
Managing remotes over the WAN is done all the time. Depending on how many devices you need to manage you may not have an internet rotuable address big enough. Having some form of utility server at the remote would eliminate the need for natting all the workstations, and provide some measure of control over the envriornment.
06-11-2010 08:26 AM
Hi,
Thanks for your response,
Allow me to clarify.
The problem is that I have only 1 public ip address and 100 private IPs (for workstations servers and wireless APs). Therefore I have to use NAT. How can I to RDP/manage all 100 devices remotely/?
06-11-2010 09:16 AM
Unless you have enough public address space to assign a host to each device, you can't use NAT.
That’s why you need a serving device at the far end. You jump to it via the public address then manage your private address devices. The serving device would have 2 interfaces, public and private.
06-13-2010 04:16 AM
I suggest that you consider to use VPN and extend the private IP network across the Internet via the VPN to your management station.
/André
06-11-2010 06:14 PM
Can't you VPN to the site and manage everything through the VPN?
Or you need something like logmein.com , if you don't trust a commercial site you are going to make your own service.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: