How can I do DNAT and SNAT on Windows 7?

windows-7 networking firewall iptables nat
5,456

The SNAT is similar to ICS. Both of them change the source address in IP packet. But the ICS can not specify the source address. It will only use the address configured on the external adapter. As far as I know, Windows client can't perform SNAT by its built-in components.

The DNAT is same with port forwarding. Both of them change the destination address in IP packet. You may use the following command to configure the port forwarding on the Windows 7:

Netsh commands for Interface Portproxy

Share:
5,456
Ronan Paixão
Author by

Ronan Paixão

Updated on September 18, 2022

Comments

  • Ronan Paixão
    Ronan Paixão over 1 year

    I have a very old program which uses a fixed IP address as destination. I'm trying to revamp my network into something more modern but this legacy system is holding me back.

    As a simple solution, I thought about doing NAT (real NAT, not masquerading, ICS or "internet sharing"). That way, I could apply a DNAT in the outgoing packet and an SNAT in the returning one. That way, I could place the destination machine anywhere in the network and the routers would do what they're supposed to do.

    This should be easy to do in a Linux system with iptables, but I can't find a good way to do that in Windows 7, which I'm currently using.

    On Linux, I'd do something like:

    iptables -t nat -I PREROUTING -d 192.168.50.1 -j DNAT --to-destination 10.0.50.1
iptables -t nat -I POSTROUTING -s 192.168.50.1 -j SNAT --to-source 10.0.50.1

    Is there any way to do that on Windows with it's own tools or with free utilities? Preferably, I'd like to do that without having to resort to a Linux VM.

  • Ronan Paixão
    Ronan Paixão almost 8 years
    The problem with ICS-like SNAT is that it usually changes the source in the outgoing packet and the destination in the incoming one. In my question I have the problem reversed, since I want to change the destination in the outgoing packet and the source in the incoming one. It is more "like" port forwarding but for the IP address itself, but unfortunately the portproxy command is only available in Windows Server 2008 according to that page.
  • Steven Lee - MSFT
    Steven Lee - MSFT almost 8 years
    Have you tried the netsh interface portproxy command on your client? It should exist. It's not a server only feature.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

ubuntu iptables NAT & Router & Port Forwarding
How can I allow ssh connection from an IP subnet on port 10022 using iptables?
Correct way to masquerade IP in iptables
iptables allow just internet connection
How to configure iptables file to allow only specific ipaddress on all port and deny all other ipaddress?
ufw firewall deny outgoing but allow browser
NAT using iptables on Ubuntu 16.04 doesn't work
Warning: iptables-legacy tables present
Forwarding ports with iptables not working?
Configure UFW to allow only established and related conections (on IPv4)