Reflection X 14.x and Network Address Translation (NAT)
Technical Note 1513
Last Reviewed 30-Jun-2005
Applies To
Reflection X version 14.x
Summary

This technical note details how to configure Reflection X 14.x in a network environment using Network Address Translation (NAT), sometimes referred to as IP Masquerading, Transparent Proxying, or IP Address Overloading. Examples are provided for configuring Reflection X 14.x to interact with a Cisco 675e modem providing Network Address Translation.

Network Address Translation

Network Address Translation (NAT) is an IP translation method that allows local-area networks (LANs) to use one set of IP addresses for internal network traffic and a different IP address for contact into and out of the network. All contact between the internal network and the external network is funneled through the NAT routing table. From outside of the network, it appears that all inbound and outbound TCP/IP traffic from the internal network is originating from one externally exposed IP address.

Configuring NAT to Work with Reflection X

For NAT to work with Reflection X, you must configure NAT to associate an internal IP address with the externally exposed IP address, and to specify a different port number to be used for connections to and from each workstation.

For example, assume you have a network configured with a Cisco 675e modem providing Network Address Translation and you want to configure Reflection X to use the following settings:

Workstation IP address = 10.0.0.1
NAT device IP address = 192.11.1.4
Display port number = 6000

To configure NAT for this workstation you would issue the following command:

set nat entry add 10.0.0.1 6000 192.11.1.4 6000 tcp

To configure a second internal workstation to access the Internet using the NAT device, you would issue a command such as the following:

set nat entry add 10.0.0.2 6001 192.11.1.4 6001 tcp

The display number and destination port number are linked. If you increase the display number by one, the destination port is also increased by one. This fact makes it possible to use NAT and Reflection X on multiple machines using the same externally exposed NAT IP address by incrementing the display port number on each successive workstation. Therefore, each workstation must have the same IP address and a unique display number defined.

When using a Cisco 675e modem, enter the following command to see what IP addresses have been configured for NAT.

sh nat

You will need to refer to this IP address and associated port number information when configuring Reflection X to work with NAT.

Configuring Reflection X to Work with NAT

For Reflection X to work with NAT, you must configure Reflection X for the external NAT IP address, and specify a unique display port to be used by each Reflection X installation.

When you use Reflection X to display an xterm, Reflection X makes a connection to the host and launches the xterm executable residing on the host. The basic command used to launch an xterm takes the following format:

<path>\xterm -display %IP#%

or

<path>\xterm -display <IP address>:<display port number>

If you use the Reflection -display %IP#% command, Reflection X will dynamically obtain the IP address (IP) and the display port number (#) from values set in the Reflection X network and display settings panels. The Reflection X default .rxc files automatically use this command. You can use this command when creating a customized .rxc file, or you can manually key in the external NAT IP address and display port number.

For example, to configure Reflection X to display an xterm client on a workstation over port 6014 and the externally exposed NAT IP address is 192.11.1.4, you would need Reflection X to transmit the following commands to the host:

<path>\xterm -display %IP#%

or

<path>\xterm -display 192.11.1.4:14.0

Note: The default destination port for the X11 protocol is port 6000, which is noted as 0.0 when using the -display switch. Port 6000 is also used if no destination port is indicated.

Setting the Reflection X IP Address

In order for Reflection X to route X11 communication through the NAT, Reflection X needs to be configured for the externally exposed IP address being used by NAT.

Note the following:

  • The actual workstation IP address does not change.
  • You may be able to automate this process. For details, see Technical Note 1632.

Follow the steps below to configure the IP address used by Reflection X:

  1. Open the Reflection X Manager.
  2. Click Settings, and then click Network.
  3. Clear the Autodetect network interface check box.
  4. Enter the external PC's IP address, and then click OK. (This will cause Reflection X to pass the outside IP address to the X application.)

Setting the Reflection Display (Port) Number

The Reflection X display number must be edited to match the port number assigned to the workstation in the NAT routing table. If you have not already printed out a copy of the NAT configuration, you may wish to do so now before proceeding.

Follow the steps below to configure the display number used by Reflection X:

  1. If you are running Reflection X on a machine running Windows XP, follow these steps to create a static display number variable to Windows XP. If you are not using Windows XP, skip to step 2.
    1. Click Start, right-click My Network Places, and then click Properties.
    2. On the Advanced tab, click Environment Variables.
    3. In the System variables group, click New.
    4. In the Variable name field, enter RX_USE_STATIC_DISPLAY.
    5. In the Variable value field, enter 01.
    6. Click OK to save the changes and exit the System Properties dialog boxes.
  2. Open the Reflection X Manager.
  3. Click Settings, and then click Display.
  4. In the Display number field, enter the appropriate display number and then click OK.

Note: The display number must match the last two digits of the port number configured for this PC in the NAT routing table. (Example: If the port number is 6014, enter 14 for the display number.)

Related Technical Notes
1632 Using Reflection X IPIDd to Detect a VPN- or NAT-Assigned IP Address
9992 Reflection X Technical Notes

Did this technical note answer your question?

           



Need further help? For technical support, please contact Support.