Confused...please help clarifying

capitanuionutcapitanuionut Member Posts: 55 ■■□□□□□□□□
in CCNA & CCENT
Hy guys,


I have this simple scenario i get confused on :



I am at home and i have a router and a pc with 192.168.1.2 ip address...and a friend of mine has the same configuration...we are trying to comunicate over the internet...

How this works...for example how can i ping the from my pc that has 192.168.1.2 ip address to his pc that has the same address ?



I cannot do simple : ping 192.168.1.2
If i have NAT configured...i will get translated...and the router will forward the packet with a public source address but with a destination of 192.168.1.2..?


I'm really confused..


Maybe it's only in theory but it's possible such a scenario no ?

I'm very confused about this...maybe someone with more experience can clarify...

Thanks in advance!.
· Share on FacebookShare on Twitter

Comments

  • odysseyeliteodysseyelite Member Posts: 504 ■■■■■□□□□□
    You will never be able to ping his private IP address. You will only be able to hit his public IP address. That is one of the drawbacks of NAT. It does provide a layer of security but also makes it harder to troubleshoot network issues.

    Say you wanted to remote into his desktop using RDP, you would need to setup a forward rule with port numbers on his router.
    Currently reading: Start with Why: How Great Leaders Inspire Everyone to Take Action
    · Share on FacebookShare on Twitter
  • capitanuionutcapitanuionut Member Posts: 55 ■■□□□□□□□□
    odysseyelite wrote: »
    You will never be able to ping his private IP address. You will only be able to hit his public IP address. That is one of the drawbacks of NAT. It does provide a layer of security but also makes it harder to troubleshoot network issues.

    Say you wanted to remote into his desktop using RDP, you would need to setup a forward rule with port numbers on his router.

    I see ... in theory that's what i was thinking also...because private addresses cannot be forwarded over the internet.. in such a case he needs to have a static nat configured...and i am able to ping his Inside global address...?

    What if there where many users that used nat overload...this wasn't possible...i think more of ...nat works when the request is from inside the network..something like that....

    And now as a conclusion : i am confused on how I ..from my private network i'm able to communicate over the internet with other users behind routers with same private ip addresses... I cannot explain how this communications has place...
    · Share on FacebookShare on Twitter
  • terryferaterryfera Member Posts: 71 ■■■□□□□□□□
    capitanuionut wrote: »
    And now as a conclusion : i am confused on how I ..from my private network i'm able to communicate over the internet with other users behind routers with same private ip addresses... I cannot explain how this communications has place...

    The way NAT (PAT in your case) works is that your computer is blissfully unaware that the private addressing scheme exists on the other side. The router will take whatever comes in on the internet side and assign it a port on the inside to talk to the local address.

    According to your computer, you're talking to the router's public IP. When you send something to the other host, the router knows this and translates from the public IP to the private IP + port number that it assigned to that "conversation" allowing the privately addressed computer to see the traffic.

    When it responds the router will step in again and translate that Private IP + Port back to the Public IP and send it on it's way.

    Basically you're computer and the computer on the far end have no idea they have the same address, the router have no idea what the private IP address on the other side is and everyone is happy just knowing public IPs :).
    · Share on FacebookShare on Twitter
  • capitanuionutcapitanuionut Member Posts: 55 ■■□□□□□□□□
    terryfera wrote: »
    The way NAT (PAT in your case) works is that your computer is blissfully unaware that the private addressing scheme exists on the other side. The router will take whatever comes in on the internet side and assign it a port on the inside to talk to the local address.

    According to your computer, you're talking to the router's public IP. When you send something to the other host, the router knows this and translates from the public IP to the private IP + port number that it assigned to that "conversation" allowing the privately addressed computer to see the traffic.

    When it responds the router will step in again and translate that Private IP + Port back to the Public IP and send it on it's way.

    Basically you're computer and the computer on the far end have no idea they have the same address, the router have no idea what the private IP address on the other side is and everyone is happy just knowing public IPs :).


    I know how PAT works.... i mean...what i understand is that when I from my PC open a communication....the router translate my private ip address on a public ip address : and port..in case of PAT and this is now the source address where then reponses will return... on that ip address with that port ...wich will be again translated ...

    But how knows the router to forward the packet on the right network....cause the destination address remains unchanged...maybe there are 3 routers on the way that have that private network address space as a directly connected network...
    · Share on FacebookShare on Twitter
  • capitanuionutcapitanuionut Member Posts: 55 ■■□□□□□□□□
    capitanuionut wrote: »
    I know how PAT works.... i mean...what i understand is that when I from my PC open a communication....the router translate my private ip address on a public ip address : and port..in case of PAT and this is now the source address where then reponses will return... on that ip address with that port ...wich will be again translated ...

    But how knows the router to forward the packet on the right network....cause the destination address remains unchanged...maybe there are 3 routers on the way that have that private network address space as a directly connected network...

    I researched a little...and what it seems...is that i need to know the public address....the packets with the destination address as a private one will not be forwarded on the internet....
    and if i want that someone from the internet to initiate a conection to a host behind my router i need to make PAT+ port forwarding...
    · Share on FacebookShare on Twitter
  • pham0329pham0329 Member Posts: 556
    capitanuionut wrote: »
    I researched a little...and what it seems...is that i need to know the public address....the packets with the destination address as a private one will not be forwarded on the internet....
    and if i want that someone from the internet to initiate a conection to a host behind my router i need to make PAT+ port forwarding...

    Ehh, isn't that what terryfera said?
    · Share on FacebookShare on Twitter
  • capitanuionutcapitanuionut Member Posts: 55 ■■□□□□□□□□
    pham0329 wrote: »
    Ehh, isn't that what terryfera said?
    I don't see something about port forwarding in what he said..he explained NAT (actually PAT)...but not port forwarding....

    my question was something like this (but not properly addressed): how an external network user can access a private network resource if he knows the public address ....the gateway router doesn't know for wich host the message is if no port forwarding is configured...

    So..port forwarding was the answer and a thing i didn't knew about...

    Thanks all for the answers...
    · Share on FacebookShare on Twitter
Sign In or Register to comment.