Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: IN REAL TIME UPTO HOW MANY PORTS CAN MAP IN NAT OVERLOAD

IN REAL TIME UPTO HOW MANY PORTS CAN MAP IN NAT OVERLOAD 6 years 7 months ago #34290

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
Hi all,

I have one Question upto how may private host we can assign NAT OVERLOAD to map the internal private ip address to the ports.

I understand normally we do not require that much of ports to map to access the private home/office computer from remote.

However for my knowledge i would like to clear this doubt.

let consider being patient one admin/network guy configure 50 PORTS MAPPED TO 50 INTERNAL IP ADDRESS to access 50 computers remotely. what if 200, 300, number of ports need to map the ip addresses WITH ONE PUBLIC IP ADDRESS, is there any other solution or any advanced NAT methods.

Guys i may need to clear some more doubts after your replies.

I appreciate your suggestion and replies and thanks in advance.

Thanks,

Rizin.
Known is a drop, unknown is an Ocean
The administrator has disabled public write access.

Re: IN REAL TIME UPTO HOW MANY PORTS CAN MAP IN NAT OVERLOAD 6 years 7 months ago #34291

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
theoretically you can have up to 65000 hosts with one real IP address.
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.

Re: IN REAL TIME UPTO HOW MANY PORTS CAN MAP IN NAT OVERLOAD 6 years 7 months ago #34292

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
65535 to be specific
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.

Re: IN REAL TIME UPTO HOW MANY PORTS CAN MAP IN NAT OVERLOAD 6 years 7 months ago #34296

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
Thanks Sose,

Well im concern about mapping when accessing remotely, in a scenario of 300 computers to be access remotely, Do we have to map the 300 ports to 300 ip addresses.

If we apply NAT OVERLOAD Commands in router according to Dear Ammar Muqaddas in technical knowledge topic, then how come we able to know that particular port is mapped to specific internal IP address.

R1(config)# access-list 100 remark == [Control NAT Service]==
R1(config)# access-list 100 permit ip 192.168.0.0 0.0.0.255 any

R1(config)# ip nat inside source list 100 interface serial 0/0 overload

R1# show ip nat translations
Pro Inside global ...........Inside local .........Outside local .......Outside global
udp 200.2.2.1:53427 .192.168.0.6:53427 ..74.200.84.4:53 ...74.200.84.4:53
udp 200.2.2.1:53427 .192.168.0.6:53427 ..195.170.0.1:53 ...195.170.0.1:53
tcp 200.2.2.1:53638 .192.168.0.6:53638 ..64.233.189.99:80 .64.233.189.99:80
tcp 200.2.2.1:57585 .192.168.0.7:57585 ..69.65.106.48:110 .69.65.106.48:110
tcp 200.2.2.1:57586 .192.168.0.7:57586 ..69.65.106.48:110 .69.65.106.48:110

In above commands i cannot see any Mapping of ports to specific ip addresses.

Then how come we can access particular computers without knowing their specific port numbers.

My main concern is accessing hundreds of computers each remotely, This will be helpful in IT Solutions Companies when they have Annual Maintenance contract.

I normally create mapping below ten computers with NAT given in ADSL Modem router of GUI Interface.

Suddenly i gave a thought What if computers increases to Hundred or more than that.

Is there any other solution rather than mapping hundreds of ports to hundreds of ip addresses.

I prefer preclude using Team Viewer, remote admin softwares.

I use Microsoft Remote Desktop or VMware, VNC which require Dyndns.

I like the articles and tutorials of dear ammar, My point to bring his topic just to clear my doubts not to find any error.

I appreciate your suggestions.

Thanks,

Rizin.
Known is a drop, unknown is an Ocean
The administrator has disabled public write access.

Re: IN REAL TIME UPTO HOW MANY PORTS CAN MAP IN NAT OVERLOAD 6 years 7 months ago #34297

  • Perlhack
  • Perlhack's Avatar
  • Offline
  • Frequent Member
  • Posts: 49
  • Karma: 0
The NAT that you have is for overload, if you want inbound initiated connections from the outside then static nat would be required. Nat is 5 tuple (source address/port, destination address/port and protocol. If there is a static mapping in the config like:

ip nat inside source static tcp 192.168.0.101 22 interface FastEthernet0 28

This would show up as an entry in the nat table and would not be available for overload entries (inbound -> outbound).
The administrator has disabled public write access.

Re: IN REAL TIME UPTO HOW MANY PORTS CAN MAP IN NAT OVERLOAD 6 years 7 months ago #34299

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
i have one public IP Address, and would like to operate 1000 computers each remotely, Now you give me the solution.

I do not want to use Teamviewer, any sort of Remote admin softwares.

I prefer to use those Remote desktop which use DynDns.
Known is a drop, unknown is an Ocean
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup