Netgear FVS328 Manual De Referência
Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual
C-8
Networks, Routing, and Firewall Basics
May 2004, 202-10031-01
The router accomplishes this address sharing by translating the internal LAN IP addresses to a
single address that is globally unique on the Internet. The internal LAN IP addresses can be either
private addresses or registered addresses. For more information about IP address translation, refer
to RFC 1631, The IP Network Address Translator (NAT).
single address that is globally unique on the Internet. The internal LAN IP addresses can be either
private addresses or registered addresses. For more information about IP address translation, refer
to RFC 1631, The IP Network Address Translator (NAT).
The following figure illustrates a single IP address operation.
Figure 9-3: Single IP Address Operation Using NAT
This scheme offers the additional benefit of firewall-like protection because the internal LAN
addresses are not available to the Internet through the translated connection. All incoming
inquiries are filtered out by the router. This filtering can prevent intruders from probing your
system. However, using port forwarding, you can allow one PC (for example, a Web server) on
your local network to be accessible to outside users.
addresses are not available to the Internet through the translated connection. All incoming
inquiries are filtered out by the router. This filtering can prevent intruders from probing your
system. However, using port forwarding, you can allow one PC (for example, a Web server) on
your local network to be accessible to outside users.
192.168.0.2
192.168.0.3
192.168.0.4
192.168.0.5
192.168.0.1
172.21.15.105
Private IP addresses
assigned by user
assigned by user
Internet
IP addresses
assigned by ISP
assigned by ISP