Professional Documents
Culture Documents
Lbyec57 El 3 Balce Marianne Final
Lbyec57 El 3 Balce Marianne Final
Lbyec57 El 3 Balce Marianne Final
_______________
Marianne Y. Balce
FINAL REPORT
for
Lab Activity 9:
Introduction to NAT and Firewalls
Submitted by:
Balce, Marianne Y.
LBYEC57 EL
On
April 15, 2016
Group 3
Balce, Marianne Y.
Laset, John Paul
Osea, Gicel Mari I.
Otani, Joji P.
Sarmiento, Adrian Paul M.
A. Introduction
i.
Abstract
This experiment helped the students to be more familiar about Network
Address Translation (NAT) and Firewalls. The students implemanted and tested
NAT using an emulated router in GNS3 and the characterize network traffic
between internal and external network when NAT is used. This activity also
helped the students broaden their understanding regarding the different functions
of a firewall. The group used two XPVMs for this experiment and each one of it
was configured according to the setting stated at the manual. With the help of the
GNS3 software, the group was able to simulate and configure a NAT network.
ii.
iii.
Relevant Concepts
Router
A router is a network device that forwards data packets from one network
to another. Based on the address of the destination network in the incoming packet
and an internal routing table, the router determines which port to send out the
packet. [1] A router is connected to at least two networks, commonly
two LANs or WANs or a LAN and its ISP's network. Routers are located
at gateways, the places where two or more networks connect. Routers
use headers and forwarding tables to determine the best path for forwarding the
packets, and they use protocols such as ICMP to communicate with each other and
configure the best route between any two hosts. [2]
Ping
Ping is an abbreviation for Packet Internet Groper.
It is a
basic Internet program that allows a user to verify that a particular IP address exists
and can accept requests. It is used diagnostically to ensure that a host computer the
user is trying to reach is actually operating. Ping works by sending an Internet
Control Message Protocol (ICMP) Echo Request to a specified interface on the
network and waiting for a reply. It can be used for troubleshooting to test
connectivity and determine response time. [3]
Network Address Translation
Network Address Translation (NAT) is designed for IP address
conservation. It enables private IP networks that use unregistered IP addresses to
connect to the Internet. NAT operates on a router, usually connecting two networks
together, and translates the private addresses in the internal network into legal
addresses, before packets are forwarded to another network. NAT allows a single
device, such as a router, to act as an agent between the Internet and a local
network, which means that only a single unique IP address is required to represent
an entire group of computers to anything outside their network. [4]
Firewall
A firewall is a network security system, either hardware- or software-based,
that controls incoming and outgoing network traffic based on a set of rules. [5]
Firewalls are frequently used to prevent unauthorized internetusers from accessing
private networks connected to the Internet, especially intranets. All messages
entering or leaving the intranet pass through the firewall, which examines each
message and blocks those that do not meet the specified security criteria. [6]
9. Identify and select a tcp packet generated by the ncat communications from
XPVM2 in CapSession2
Source: 192.168.2.2
Destination: 192.168.2.1
Do both the source ip and mac address refer to XP VM2? yes
Do both the destination ip and mac addresses refer to the router? yes
Is this the expected behaviour? Yes
10. Identify and select a tcp packet generated by the ncat communications destined
for XPVM2 in CapSession2
Source: 192.168.2.1
Destination: 192.168.2.2
Do both the source ip and mac address refer to the router? yes
Do both the destination ip and mac addresses refer to the XP VM2? yes
Is this the expected behaviour? Yes
11. Identify and select a tcp packet generated by the ncat communications destined
for XPVM1 in CapSession1
Source: 192.168.2.2
Destination: 192.168.1.105
Do both the source ip and mac address refer to XP VM2 or the router? yes
Do both the destination ip and mac addresses refer to the XP VM1? yes
Is this the expected behaviour? Yes
12. Identify and select a tcp packet generated by the ncat communications from
XPVM1 in CapSession1
Source: 192.168.2.2
Destination: 192.168.2.1
Do both the source ip and mac address refer to XP VM1? yes
Do both the destination ip and mac addresses refer to the XP VM2 or the
router? yes
Is this the expected behaviour? Yes
D. Opening a port on the router
Due to the advancements in technology that we are currently enjoying, the use of
devices such as computers and internet are also in demand. Each computer must have a
unique IP address therefore we must utilize properly the available addresses that we have.
By using NAT, one can represent all the computers in a specific area with a single IP
address that you can use to connect to other private cloud.The security and privacy of
each user is also a priority when using the advancements stated earlier. One can ensure a
safe connection when NAT is implemented. This experiment helped the group to
understand how NAT works and showed its importance. The network we configured
consists of host and guess networks and using the NAT network, the host network is then
protected from other malicious connections. Lastly, firewall is also set in this experiment
to disallow network traffic by blocking all incoming ports excepts those ports that are
allowed.
D. References
[1] "router Definition from PC Magazine Encyclopedia", Pcmag.com, 2016. [Online]. Available:
http://www.pcmag.com/encyclopedia/term/50637/router. [Accessed: 17- Mar- 2016].
[2] V. Beal, "What is Router? A Webopedia Definition", Webopedia.com, 2016. [Online].
Available: http://www.webopedia.com/TERM/R/router.html. [Accessed: 17- Mar- 2016].
[3] M. Rouse, "What is Ping?", Tech Target, 2016. [Online]. Available:
http://searchnetworking.techtarget.com/definition/ping. [Accessed: 17- Mar- 2016].
[4] Network Address Translation (NAT) FAQ", Cisco, 2016. [Online]. Available:
http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/26704-nat-faq00.html. [Accessed: 14- Apr- 2016].
[5] "What is firewall? - Definition from WhatIs.com", SearchSecurity, 2016. [Online]. Available:
http://searchsecurity.techtarget.com/definition/firewall. [Accessed: 14- Apr- 2016].
[6] V. Beal, "What is Firewall (Firewall Techniques)? Webopedia Definition",Webopedia.com,
2016. [Online]. Available: http://www.webopedia.com/TERM/F/firewall.html. [Accessed: 14Apr- 2016].