[SOLVED] Setting up NAT for a secondary network

Similar Messages

• I want to set up security for my linksys network.  I foll...

  I want to set up security for my linksys network.  I followed the directions outlined on the linksys web site.  I get through the process, create a password (key) and I save the settings.   When I try to log on from my laptop, I am asked for a password, however when I type the password in, the statement says "invalid number of caracters.  How do I get the password process to work so that I am able to secure my network.  Also, without security, can someone break into my laptop and corrupt my files.

  With WEP, you must enter WEP "key 1"  (found in the router)  into your computer, not the WEP password or passphase.
  However, you should be using WPA2, or at least WPA, and a strong password.
  If you use an unsecured wireless router, anyone within range can login and use your Internet connection. At a minumum, this means that they will be using your bandwidth. At worst, they could be uploading copyrighted music, sending spam email, distributing viruses, or downloading child pornography --- all from an account with your name on it!   Additionally, once someone is on your wireless network, they are in a very convenient spot to start attacking your computer.  They  have immediate access to all your shared files, and they could corrupt, steal, or delete them.  With some work, they could likely get to your other files also.  So my advice is --- secure your wireless network.
  To set up wireless security, you must use a computer that is wired to the router.
  Where to find the router settings: The router's login password is usually on one of the "Administration" pages. The other settings are all found in the "Wireless" section of the router's setup pages, located at 192.168.1.1
  First, give your router a unique SSID. Don't use "linksys".
  Make sure "SSID Broadcast" is set to "enabled".
  Next, leave the router at its default settings (except for the unique SSID), and then use your pc to connect wirelessly to the router. Test your wireless Internet connection and make sure it is working correctly. You must have a properly working wireless connection before setting up wireless security.
  To implement wireless security, you need to do one step at a time, then verify that you can still connect your wireless computer to the router.
  Next, encrypt your wireless system using the highest level of encryption that all of your wireless devices will support. Common encryption methods are:
  WEP - poor (see note below)
  WPA (sometimes called PSK, or WPA with TKIP) - good
  WPA2 (sometimes called PSK2, or WPA with AES) - best
  WPA and WPA2 sometimes come in versions of "personal" and "enterprise". Most home users should use "personal". Also, if you have a choice between AES and TKIP, and your wireless equipment is capable of both, choose AES. With any encryption method, you will need to supply a key (sometimes called a "password" ).
  The wireless devices (computers, printers, etc.) that you have will need to be set up with the SSID, encryption method, and key that matches what you entered in the router.
  Retest your system and verify that your wireless Internet connection is still working correctly.
  And don't forget to give your router a new login password.
  Picking Passwords (keys): You should never use a dictionary word as a password. If you use a dictionary word as a password, even WPA2 can be cracked in a few minutes. When you pick your login password and encryption key (or password or passphrase) you should use a random combination of capital letters, small letters, and numbers, but no spaces. A login password, should be 12 characters or more. WPA and WPA2 passwords should be at least 24 characters. Note: Your key, password, or passphrase must not have any spaces in it.
  Most home users should have their routers set so that "remote management" of the router is disabled. If you must have this option enabled, then your login password must be increased to a minumum of 24 random characters.
  One additional issue is that Windows XP requires a patch to run WPA2. Go to Microsoft Knowledge base, article ID=917021 and it will direct you to the patch.
  Sadly, the patch is not part of the automatic Windows XP updates, so lots of people are missing the patch.
  Note:
  WEP is no longer recommended. The FBI has demonstrated that WEP can be cracked in just a few minutes using software tools that are readily available over the Internet. Even a long random character password will not protect you with WEP. You should be using WPA or preferably WPA2 encryption.

• How do you set-up NAT for online gaming?

  Hi i have recently bought a time capsule as a backup system and a wireless router to replace my old Netgear router. I want to play Age of Empires 3 on my Acer PC running XP against other people on the internet. The game now fails to connect because the Time Capsule does not support UPnP. I've read about setting up NAT in the online manual, but I don't understand some of the details (e.g. on page 56 is says "enter the same IP address onto the host computer"). How do i do this? Indeed, would this even work with NAT instead of UPnP even if I did manage to do it? I really need an idiots guide. Can anyone please help?

  You need iCloud Control Panel:
  iCloud Control Panel 2.1.2 for Windows - Support - Apple

• Setting iOS DNS for All WiFi Networks

  This article describes how to set the DNS for WiFi connections on iOS:
  http://techinch.com/blog/change-your-dns-settings-on-iphone-ipod-touch-and-ipad
  The problem is that it specifies DNS for an individual network
  connection, not for all connections.
  Does anyone know a way to change iOS DNS for all WiFi networks in one
  fell swoop?

  I have my ios devices DNS set via DHCP
  You'd have to move to an MDM solution if you want over the air, push profile configuration setting to the devices
  such as osx server Profie Manager. You may be able to do it with custom settings, I haven't tried it myself
  The basic wifi setting in OSX server PM only allow settings for wifi SSID password etc
  no DNS settings ip address etc. alternative MDM solutions may give you more options

• Setting my NAT for use with XBOX 360

  I am having an issue with playing with certain friends on xbox live where their NAT is usually Moderate. Mine seems to fluctuate randomly between Open and Moderate and our connections always seem much better when they are both Moderate (they are the limiting factor, I think it's their ISP). I would like to know how to set the Time capsule so I can set my NAT to Moderate when I play with these folks and back to open other times. I know how to go into the 360 network settings and then I go into manual network setup, but I don't know the numbers to type in, and I also don't know how to connect to the time capsule's setting page. Is that on the web or is that a preference page on the mac somewhere. I haven't been able to find anything online on how to set the NAT to moderate, as I understand OPEN is generally better in most circumstances, any help would be much appreciated.

  The TC can be used in bridge mode plugged into the router.
  Yes, I should have been more clear. When you turn NAT "off", the TC will be in Bridge Mode. But, only one device will be able to connect to the Internet in this setting. If that device is the Xbox, fine.....but other users might not be pleased about this if they want to connect to the Internet as well.
  I think LaPastenagure nailed it when he noted that Apple products do not appear on the list of Xbox compatible devices.
  Xbox LIVE Compatible Hardware - Xbox.com

• [SOLVED] setting up permissions for mounted usb devices

  Hi all,
  I've been having the following problem when mounting my external hd: in order to mount the external hd I created a folder /mnt/usbstick/ giving permissions to a non-root user to read the files/directories in this folder (using chmod); however, after I mount the external hd, the set of permissions for /mnt/usbstick/ change so that a non-root user cannot  read the mounted files in /mnt/usbstick. This is a problem for me because, when I copy a file from the external hd to the non-root home folder, the copied file can only be read by the root user.   
  Do you know how I can solve this problem? Should I write a udev rule and place it at /etc/udev/rules.d/? Or should I simply add the non-root user to a specific group from /etc/group? Any ideas?
  Thanks!
  Last edited by falsum (2010-05-08 09:21:59)

  You could try adding an entry for your usb device in /etc/fstab and specify the option user to let non-superusers mount it.
  Here's an example of an entry for my external HD. I'm sure there are probably other (and better) ways to do this but it works for me.
  UUID=4376-0BFB /media/FIRELITE vfat rw,user,noauto,async 0 0
  Nice howto found on the wiki: http://wiki.archlinux.org/index.php/Fstab

• How to set up NAT for two servers using same port with ASDM ASA 5505

  Hi there,
  We have a new installation of a ASA 5505 and are trying to get some NAT issues straightened out. Here is the scenario: On our internal network, we have two servers running Filemaker Server, a relational database server that clients connect with using port 5003. Our goal is to be able to allow users from the outside to access either of these servers as needed. I know how to set up a simple static NAT rule and matching Access rule in ASDM which would be fine for a case in which only one server using a given port is running on a network, but for simple static rules I seem to be blocked from entering a different translated port number from the orginal port number, which becomes a problem when two servers we need to access from the outside are running software using the same port number.
  What is the simplest way to address this need? I am guessing that I need to set up a scenario like this, where port 5004 (or any arbitrarily choosen unused port, can be used to access the second server:
  Outside user enters   FQDN:5004  and this translates to Database server # 1 as   192.168.1.40:5003
  and
  Outside user enters   FQDN:5003  and this translates to Database server # 1 as   192.168.1.38:5003
  If so, what is the easist way to get this done? Or is there a better what to handle this scenario?
  Thanks in advance,
  James

  I would create two objects and use object NAT
  object network Obj_5004
  host 192.168.1.40
  object network Obj_5004
  nat (inside,outside) static service tcp 5003 5004
  object network Obj_5003
  host 192.168.1.38
  object network Obj_5003
  nat (inside,outside) static service tcp 5003 5003
  Of course you will need to open your outside interface for tcp ports 5003 and 5004 to make this happen

• Some help needed setting up NAT in 2x Airport network

  I'm wondering if anyone can give me some advice on how to get port forwarding to work on my network.
  DSL comes into the house downstairs and from the DSL modem it goes right into an Airport Express. I am on the second floor though, and the Airport's signal isn't strong enough for my G5's antenna to pick up. That's why I have another Airport Express on the first floor, expanding the Airport network.
  The two Airport Express units are in a "WDS".
  I would like to run a home server, so I have to open up port 21 and forward it to my G5, which gets its internet from the 2nd Airport Express unit.
  How do I do this? The Airport's have IP's in the 10.0.0.x range. The G5 is in the 192.168.2.x range because it also connects to a wired router. Do they both have to be in the same range?
  Port Forwarding seems disabled on the Airports because I use WDS. I can check the Distribute IP checkbox in the Network tab, but then I get a warning it shouldn't be enabled with WDS on.
  Any ideas?
  Thanks in advance,
  Maarten

  Hi Henry,
  I managed to get it working. I thought port fowarding was greyed out on both Airport units, but it only was on the relay one. Not on the main one. Also, I first accidently forwarded port 21 to the G5's wired IP address instead of its wireless (Airport) IP address.
  The setup is exactly as you described (your 2nd paragraph). The wired router is only there to connect 4 PC's to the G5. They don't need internet (I don't want Windows to have internet), they just need just data transfer with the G5 (MIDI data and VNC control). It's on a different IP range than the Airport network.
  One issue I am still experiencing is that when Airport is turned on on the G5, the router network (the 4 PC's) don't appear in Finder > Network. When I turn off Airport, the router network appears within a second. So there is a file sharing conflict or something there.
  Thanks for your help,
  Maarten

• [SOLVED] Setting deletion age for files in /tmp

  Hi, I've just migrated to Arch from (K)ubuntu. In Ubuntu, I had "TMPTIME=1" in /etc/default/rcS. This meant that files in /tmp were deleted (during boot) only if they were older than 1 days.
  Is there an equivalent setting in Arch? I couldn't find a pre-existing /etc/default/rcS, nor /etc/init/mounted-tmp.conf, which runs the deletion in Ubuntu.
  Last edited by Salkay (2014-06-08 02:04:55)

  WonderWoofy wrote:/tmp doesn't neceessarily have to be on a tmpfs.  The file /usr/lib/systemd/system/tmp.mount is what makes it default to that.  But like all unit files, you can override it with your own.  So if you would like to have it on the normal disk, you can do that.  The tmpfiles.d config will still clean it up according to those intervals listed.
  Okay, thanks. I think I'll leave it for the moment. I'll live with the default for the moment. I've already spent tens of hours fiddling with my Arch install!
  WonderWoofy wrote:
  loqs wrote:You could use /var/tmp which is not on tmpfs and defaults to 30 days before file removal.
  I don't think that /var/tmp is really meant to be used in the same way as /tmp.  I recall seeing advice to not do this...
  Ah, that's a pity. It's a good idea in theory, although 30 days is probably too long for me.

• [Solved] Setting a cronjob for my user

  I want to create a cronjob speficially for my user to run offlineimap, so that it is run by my user.
  I do not understand, however, how to do that... When I run crontab -e as my user I am getting redirected to some file in /tmp/ ...
  EDIT: Exactly what was needed... Now it is working, it seems.
  If I get errors with the command I am running, where are they printed to? to /var/log/crond?
  Also.... I don't have the feeling the command is actually executed; I don't see mails popping up in my account.
  EDIT: Everything works nicely...
  Last edited by Stalafin (2009-02-03 22:45:34)

  Stalafin wrote:
  Vintendo: Thanks for the hijack, I wondered about that as well.
  fukawi2: Yeah, sorry; this is solved.
  brisbin33: I don't understand, what is the advantage of fcron over cron?
  Also, I don't keep offlineimap running, as that is not needed. In ~/.offlineimaprc, I have autorefresh deactivated. So what that leaves me with, is cron invoking offlineimap, which runs, synchronizes my mailboxes, and then quits.
  I think this makes more sense than your solution. You basically have offlineimap running and check every few minutes if it is still running, right?
  fcron has many advantages over cron, you can check their site.
  i want offlineimap running all the time and quick-syncing often so i get emails... um, when i get them.  offlineimap has a tendency to quit for no reason so i have that cronjob script that runs every five minutes, but - if offlineimap's already running it immediately exits w/o errors or consuming any extra resources.  seemed like the appropriate method to me.
  oh well, glad you found a solution that works for you.
  cheers,
  pat

• Creating NAT for multiple subnets

  Hello I want to create a 1 NAT for 5 sub networks on a windows 2008 machine the sub networks are; 192.168.224.0/27 192.168.224.32/27 192.168.224.64/27 192.168.224.96/27 192.168.224.128/27 I intend to have a server on the 192.168.224.0/27 sub network. After
  installing 2 network cards on the server, 1 for the private addressing scheme and 1 for the external network address and installing RRAS I am wondering how nodes on the other sub networks will find their way out to the external network, will RRAS take care
  of that? or is it not possible to have only 1 NAT for several sub networks?

    It is possible, but I would think that you would need six NICs in the server - one for the public connection and one for each private subnet.
    It sounds as if you want to implement VLANs. If you do, RRAS does not so that.
  Bill

• Time Capsule + Airport Express (no password for extended guest network)

  Hi guys,
  I´m using at home an Time Capsule combined with an Airport Express for extended range.
  I´ve activated the Guest Network on the Time Capsule, using an WPA2 Password for it.
  Problem is, the Airport Express is extending both the regular network and the guest network, but there´s no password set for the extended guest network.
  So basically there are 4 networks, 3 are properly secured (TC regular and guest and AE regular) but I can´t set a password for the Guest Network that´s being extended by the Airport Express.
  I have looked everywhere on the AirPort Utility with no luck whatsoever.
  I appreciate any help on this.
  Kainan-Maki.

  Time Capsule and Airport Express, Windows 7
  So you don't have a Mac or even iOS device to setup the TC and express?
  This addition of extending guest is new in later firmware.. but you need the 6.2 utility to control it.. AFAIK.

• Setting up static nat for ip addresses

  We recently switched to a verizon fios line. Our company has two offices (CA, NC). There are servers in NC that we need to be able to print to printers in CA. 
  We have 5 static IP's from Verizon, I set 3 of the remaining IPs as a static nat to the private ips of the printers. I cannot ping these static public ips. I even have the port forwarding from UDP/TCP set to any for both the Source and Destination ports. 
  Can anyone help me as to why I cannot ping these IP addresses?
  I can ping the private IP's from the private network (CA) that the printers are on.
  Solved!
  Go to Solution.

  No, it does not. But they are working this morning. Maybe the DNS needed to propigate? Not sure but it works now. 

• Guide or instruction about build and config NAT for network.

  Hey everybody. I’m having learn CCNA CISCO, I have a problem when I build a network, a network required that: Construct and build a topo network have 4 Router, 6 Switch, 8 PC, auto set and config IP address for communication between equipment in your topo network. Give some suggest : 3->4 IP front, 1 range 4 IP route, 2 range 8 IP route, 1 range 16 IP route. Les’t raise, give method and config NAT for it network with: Static NAT, Dynamic NAT, PAT and NAT co-ordinate.
  Please give some guide or instruction me about that lab, Thank very much

  Hey all here is a topo (model) network I do by myself and I have cofig NAT for it. Please see, check, fix error or guide me to fix error if it have error. Thank very much.
  As a subject I have propose use a IP range is 200.200.5.1/27
  b/Static NAT for IP PC8 192.16.6.1 to become IP 200.200.5.1 with a Network outside.
  Router3(config)#ip nat inside source static 192.168.1.2 200.200.5.1
  Router3(config)#interface fa 1/0
  Router3(config-if)#ip nat inside
  Router3(config-if)#interface s 0/0
  Router3(config-if)#ip nat outside
  a/ Accept PC in LAN 192.168.5.1/24 go out internet, this IP will be nat by IP range 200.200.5.1-> 200.200.5.6 (IP 200.200.5.1 have use for Static NAT but we can reuse).
  Router3(config)#access-list 1 permit 192.168.5.0 0.0.0.255
  Router3(config)#ip nat pool natdong 200.200.5.1 200.200.5.6 netmask 255.255.255.248
  Router3(config)#ip nat inside source list 1 pool natdong
  Router3(config)#interface fa 0/0
  Router3(config-if)#ip nat inside
  Router3(config-if)#interface s 0/0
  Router3(config-if)#ip nat outside
  c/ Accept PC in 2 LAN 192.168.1.0/24 and 192.168.2.0/24 go out internet, this IP range will be NAT by IP range 200.200.5.33-> 200.200.5.48 (16 Ip address)
  Router3(config)#access-list 1 permit 192.168.1.0 0.0.0.255
  Router3(config)#access-list 1 permit 192.168.2.0 0.0.0.255
  Router3(config)#ip nat pool natpat 200.200.5.33 200.200.5.48 netmask 255.255.255.224
  Router3(config)#ip nat inside source list 1 interface serial 0/0 overload
  Router3(config)#ip nat inside source list 1 pool natpat overload
  Router3(config)#interface fa 0/0
  Router3(config-if)#ip nat inside
  Router3(config)#interface fa 1/0
  Router3(config-if)#ip nat inside
  Router3(config-if)#interface s 0/0
  Router3(config-if)#ip nat outside
  [b]Note: My ability of English is not good so please sympathize for spelling mistake[/b]

• Setting up Bridge for multiple users on a network

  New Bridge user here
  Can anyone give me some advice on how to set up Bridge for use by multiple users over a network / server?
  We have a large image bank stored on a server and ideally if any one user adds keywords or other metadata to an image I would like the rest of the users to be able to view that data and be able to use it in searches. AS more than one user could add keywords at any time I was wondering is it possible to set up a central keyword file or cache so any updates are available to all users.
  Do I set up a shared cache? What happens if it becomes corrupted and has to be rebuilt, do the keywords disappear as well?
  Are the keywords associated with that particular cache or are they stored in a separate file?
  Thanks,
  Hazel

  Curt
  how do you know if your using the
  Central cache all distributed cache ?
  and are they both stored in the same place ?