SUMMARY

This step-by-step article describes how to configure the NAT service in Windows 2000. The Windows 2000 Routing and Remote Access service includes a Network Address Translation (NAT) routing protocol. When the NAT protocol is installed and configured on the RRAS server, internal network clients with private IP addresses can access the Internet through the external interface of the NAT server.

back to the top

Configure Windows 2000 RRAS NAT Server

When internal network clients send a request for the Internet, the NAT protocol driver intercepts the request and forwards the request to the destination Internet server. All requests appear to come from the external IP address of NAT server. This effectively hides your internal IP addresses scheme.

To configure the Windows 2000 RRAS NAT server:

1. On the Administrative Tools menu, click Routing and Remote Access.
2. In the Routing and Remote Access console, expand your server name and then expand the IP Routing node in the left pane of the console.
3. Right-click the General node, and then click New Routing Protocol.
4. In the New Routing Protocol dialog box, click to select the Network Address Translation (NAT) protocol, and then click OK.
5. Right-click the Network Address Translation (NAT) node in the left pane, and then click New Interface.
6. Select the interface that represents your internal network interface, and then click OK.
7. In the Network Address Translation Properties dialog box, click the Private interface connected to private network option, and then click OK.
8. Right-click the Network Address Translation (NAT) node in the left pane, and then click New Interface.
9. Select the interface that represents your external network interface, and then click OK.
10. In the Network Address Translation Properties dialog box, click the Public interface connected to the Internet option. Click to select the Translate TCP/UDP headers (recommended) check box. This is required if you have only a single IP address bound to the external interface. Click OK.

The Windows 2000 NAT server can automatically assign IP addresses to internal network clients. This is a viable option if you do not have a DHCP server already assigning addressing information to clients on the internal network.

back to the top

Configure RRAS NAT Service To Assign IP Addresses And Perform Proxy DNS Queries

The NAT server can also perform DNS queries on the behalf of NAT clients. The RRAS NAT server resolves the Internet host name that is included in the client request and then forward the IP address to the client.

To configure the RRAS NAT service to assign IP addresses and perform proxy DNS queries on the behalf of internal network clients:

1. Right-click the Network Address Translation (NAT) node in the left pane, and then click Properties.
2. In the Network Address Translation (NAT) Properties dialog box, click the Address Assignment tab. Click to select the Automatically assign IP addresses by using DHCP check box. You can type a network ID and subnet mask in the IP address and Mask boxes.
3. Click the Name Resolution tab. Click to select the Clients using Domain Name System (DNS) check box. If you use a demand-dial interface to connect to the Internet, click to select the Connect to the public network when a name needs to be resolved check box. Click the interface to dial in the Demand-dial interface box.
4. Click Apply, and then click OK.

NOTE: After you follow these basic configuration steps, internal network clients are able to access servers on the Internet.

back to the top