NATed Network Testing IxChariot



Similar documents
Testing Packet Switched Network Performance of Mobile Wireless Networks IxChariot

Denial of Service (DOS) Testing IxChariot

IPSec Virtual Private Networks Conformance and Performance Testing Sample Test Plans

Virtual Private LAN Service (VPLS) Conformance and Performance Testing Sample Test Plans

VoIP Testing IxChariot

Testing L7 Traffic Shaping Policies with IxChariot IxChariot

Successful IP Video Conferencing White Paper

Mail Gateway Testing. Test Plan W. Agoura Rd. Calabasas, CA (Toll Free US) FOR.IXIA (Int'l) (Fax)

Lab Configuring Access Policies and DMZ Settings

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

Enabling NAT and Routing in DGW v2.0 June 6, 2012

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

Configuring Global Protect SSL VPN with a user-defined port

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Fortinet Firewall. Overview

Lab Configure a PIX Firewall VPN

How To: Configure a Cisco ASA 5505 for Video Conferencing

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration

ASA/PIX: Load balancing between two ISP - options

PIX/ASA: Allow Remote Desktop Protocol Connection through the Security Appliance Configuration Example

Sample Configuration Using the ip nat outside source static

VPN Tracker for Mac OS X

VPN Tracker for Mac OS X

Load Balancer Configuration for Redundancy for SIP Federation

Sample Configuration Using the ip nat outside source list C

Cisco ASA and NetFlow Using ASA NetFlow with LiveAction Flow Software

Howto: How to configure static port mapping in the corporate router/firewall for Panda GateDefender Integra VPN networks

Lab Exercise Configure the PIX Firewall and a Cisco Router

Integrating Cisco Secure PIX Firewall and IP/VC Videoconferencing Networks

Flow Publisher v1.0 Getting Started Guide. Get started with WhatsUp Flow Publisher.

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall.

Instructions for Activating and Configuring the SAFARI Montage Managed Home Access Software Module

VPN Tracker for Mac OS X

Blue Coat Security First Steps Transparent Proxy Deployments

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1

Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall

Configure an IPSec Tunnel between a Firebox Vclass & a Check Point FireWall-1

Personal Telepresence. Place the VidyoPortal/VidyoRouter on a public Static IP address

DLink-655 Router Configuration Guide for VoIP

Workflow Guide. Establish Site-to-Site VPN Connection using Digital Certificates. For Customers with Sophos Firewall Document Date: November 2015

This Technical Support Note shows the different options available in the Firewall menu of the ADTRAN OS Web GUI.

Firewall Support for SIP

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

VPN Tracker for Mac OS X

- Network Address Translation -

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

How to configure DNAT in order to publish internal services via Internet

VPN Configuration Guide. Dealing with Identical Local and Remote Network Addresses

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Network Address Translation Commands

Video Conferencing and Firewalls

IP Router QUICK START GUIDE

HOWTO: How to configure IPSEC gateway (office) to gateway

Lab Configuring Access Policies and DMZ Settings

Cisco Secure PIX Firewall with Two Routers Configuration Example

Lab Configure Cisco IOS Firewall CBAC on a Cisco Router

IOS NAT Load Balancing for Two ISP Connections

Security and Access Control Lists (ACLs)

VMware vcloud Air Networking Guide

How to set up Inbound Load Balance under Drop-in Mode

VPN Configuration Guide. Cisco ASA 5500 Series

Configuring Static and Dynamic NAT Simultaneously

Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

SIP Trunking Configuration with

IxChariot Virtualization Performance Test Plan

Configuring an IPSec Tunnel between a Firebox & a Cisco PIX 520

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015

Polycom. RealPresence Ready Firewall Traversal Tips

Technical Support Information

MPLS Layer 2 VPNs Functional and Performance Testing Sample Test Plans

LOAD BALANCING 2X APPLICATIONSERVER XG SECURE CLIENT GATEWAYS THROUGH MICROSOFT NETWORK LOAD BALANCING

Supporting Multiple Firewalled Subnets on SonicOS Enhanced

Remote Firewall Deployment

Network Address Translation (NAT)

Certes Networks Layer 4 Encryption. Network Services Impact Test Results

UNCLASSIFIED. BlackBerry Enterprise Server Isolation in a Microsoft Exchange Environment (ITSG-23)

PPTP Server Access Through The

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

MilsVPN VPN Tunnel Port Translation. Table of Contents Introduction VPN Tunnel Settings...2

WhatsUpGold. v14.2. Getting Started with WhatsUp Gold MSP Edition

Firewalls P+S Linux Router & Firewall 2013

Topic 7 DHCP and NAT. Networking BAsics.

Lab Configuring the PIX Firewall as a DHCP Server

Configuring Check Point VPN-1/FireWall-1 and SecuRemote Client with Avaya IP Softphone via NAT - Issue 1.0

How To Block On A Network With A Group Control On A Router On A Linux Box On A Pc Or Ip Access Group On A Pnet 2 On A 2G Router On An Ip Access-Group On A Ip Ip-Control On A Net

Multi-Homing Security Gateway

Creating a VPN with overlapping subnets

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

Fireware How To Network Configuration

F-SECURE MESSAGING SECURITY GATEWAY

configure WAN load balancing

PIX/ASA 7.x and above : Mail (SMTP) Server Access on Inside Network Configuration Example

Load Balancing Barracuda Web Filter. Deployment Guide

Microsoft Lync Server 2010

Application Description

Troubleshooting the Firewall Services Module

RackConnect User Guide

Configuring a Lan-to-Lan VPN with Overlapping Subnets with Juniper NetScreen/ISG/SSG Products

VPNC Interoperability Profile

Transcription:

TEST PLAN NATed Network Testing IxChariot www.ixiacom.com 915-6648-01, 2004

Contents 1. Test Overview...3 2. Configuring IxChariot for traditional static NAT...3 3. Configuring IxChariot for NAPT...7 Copyright 2004 Ixia. All rights reserved. The information in this document is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Ixia. Ixia assumes no responsibility or liability for any errors or inaccuracies that may appear in this document. Ixia and the Ixia logo are trademarks of Ixia. All other companies, product names, and logos are trademarks or registered trademarks of their respective holders. Ixia 26601 W. Agoura Road Calabasas, CA 91302 Phone: (818) 871-1800 Fax: (818) 871-1805 Email: info@ixiacom.com Internet: www.ixiacom.com 2 Copyright Ixia, 2004 IxChariot Testing in Address -Translated Environments

1. Test Overview Address-translated environments are a reality in virtually all IPv4- based test networks. This test primer explains the key concepts to effectively use IxChariot with devices performing traditional static Network Address Translation (i.e. one-to-one NAT) and static Network Address Port Translation (NAPT). Configuration parameters for the Device Under Test (DUT) are specific to a Cisco PIX. Objective Many firewalls, gateways and routers contain the ability to statically map a public (outside) IP address to a private (inside) IP address. This section will explain a typical network topology as well as the configuration parameters for IxChariot and the DUT. Setup The DUT in the topology shown below is performing traditional static NAT for Performance Endpoint 1 (E1). This means that private IP address 192.168.2.61 is translated to 'public' IP address 99.99.99.61. 3 Copyright Ixia, 2004 IxChariot Testing in Address -Translated Environments

Methodology IxChariot Configuration First, access 'Options' -> 'Change User Settings' -> 'Firewall' tab from the main IxChariot Console and verify the settings below (default settings). Figure 2. Change User Settings Option 4 Copyright Ixia, 2004 IxChariot Testing in Address -Translated Environments

When creating the Performance Endpoint pairs, use 192.168.2.61 as 'Endpoint 1 network address' and use 192.168.2.62 as 'Endpoint 2 network address'. Select the Network protocol, application script and any applicable Service quality policy. Figure 3. Add an Endpoint Pair Option 5 Copyright Ixia, 2004 IxChariot Testing in Address -Translated Environments

Next, go to 'Edit Pair Setup', uncheck 'Use Endpoint 1 values from pair' and type in the public IP address that is being used for the one-to-one mapping, i.e. 99.99.99.61. Leave "Use Endpoint 2 values from pair' checked. Figure 4. Edit Pair Setup Option DUT Configuration A summary of the PIX configuration is shown below: global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 access-list outside permit tcp host 99.99.99.100 host 99.99.99.61 eq 10115 access-group outside in interface outside static (inside, outside) 99.99.99.61 192.168.2.61 6 Copyright Ixia, 2004 IxChariot Testing in Address -Translated Environments

2. Configuring IxChariot for NAPT Objective and Setup The firewall in the Figure 1 is doing port redirection for all hosts behind it, including the Performance Endpoints. Incoming traffic destined to tcp port 10115 (default IxChariot TCP port for traffic between Console and E1) is translated to Performance Endpoint 1. Note: IxChariot allows you to change the default port number to an alternative number to comply with any access list policies you may have. See screenshot on how to change the default port 10115 to 10234. Methodology IxChariot Configuration The IxChariot configuration for NAPT is the same as for traditional static NAT described above. DUT Configuration global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface 10115 192.168.2.61 10115 netmask 255.255.255.255 0 0 7 Copyright Ixia, 2004 IxChariot Testing in Address -Translated Environments

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information