The whole essence of the question is set out in the cap and in the diagram of the figure. There is a general network of the company (global) and in this network a local (local) network is raised, which has a router that has an address in both the local and global network. And there is one computer in the global network and one in the local. I need to find a way to get from a computer in the global to a computer on a local network. To be honest, I do not quite understand what needs to be done to do this. Apparently in the settings of the router, you must either configure forwarding routes, or forwarding ports. I do not get you.

Even after reading the answers here, it still does not become easier. https://toster.ru/q/472170

Thank you in advance ! [enter image description here ] 1

  • In general, you need nat and setting up routes. What are the ip on the machines and interfaces of the router? Which router? which default gateways? - Gregory

2 answers 2

Port forwarding. For a local computer, you need to set a constant (using the DHCP settings of the router) IP address, and then specify to the router all the necessary ports to this IP. Or turn on the local computer in the DMZ. All calls will be on the IP of the router, and he will redirect everything where necessary.

    First, you need to decide in what mode the router works - in the address translation mode (NAT) or normal. Well, there is still a bridge mode - but in this mode everything should work out of the box, so based on the presence of the question, I conclude that you do not have a bridge.

    In normal mode, you need to explain to each computer on the external network where to look for the internal one. In other words, register a route: to send packets to the local network (address and mask), send them to the ip_global address . For routers in the external network, this route should be assigned statically, other hosts should be distributed through a DHCP server. Of course, only admins of the external network can do all this.

    In NAT mode, your router "hides" the entire internal network at the same address, so you don’t need to register anything on other hosts, and the admins do, too. But all incoming connections will have to be resolved on the router manually (or via UPnP, but if UPnP worked for you, you would not ask a question). This is called port forwarding. To forward a port, you need to tell your router the following information:

    • protocol (TCP or UDP)
    • internal address
    • internal port
    • external port
    • in fact, you can also specify the external address, but most often it is only one

    After setting up port forwarding, the external "computers" can contact the endpoint "external address of the router: configured external port" and will still get to the end point "configured internal address: configured internal port".

    Summing up, we get the following:

    If the admin of all this - you need to use the normal mode of the router, register a static route to the internal network on the other routers and configure the sending route on the DHCP server.

    If you are not an admin and are hiding from admins - you need to enable NAT on the router and forward ports to all internal servers that you need to access from the outside.

    If you are not an admin, but do not hide from anyone - you just need to switch the router to the network bridge mode.