{"id":639,"date":"2021-07-23T12:34:35","date_gmt":"2021-07-23T12:34:35","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/11-nat\/"},"modified":"2021-07-23T12:34:35","modified_gmt":"2021-07-23T12:34:35","slug":"11-nat","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/11-nat\/","title":{"rendered":"1:1 NAT"},"content":{"rendered":"<\/p>\n<div class=\"col-md-9\">\n<div class=\"flex-column flex-md-row article-header\"><\/div>\n<hr>\n<h2 id=\"overview\">Overview<\/h2>\n<div class=\"callout callout-danger\">\n<div class=\"callout-heading\">Warning:<\/div>\n<div class=\"callout-content\">\n        We <strong>strongly<\/strong> recommend that you <strong>only<\/strong> perform these actions on a new installation of cPanel &#038; WHM. <strong>Do not<\/strong> attempt a 1:1 NAT configuration on an existing production server.\n    <\/div>\n<\/div>\n<p>When you install cPanel &#038; WHM, the installer will detect whether your server resides on a NAT-configured network. If the installer detects a NAT-configured network, your server will configure itself for NAT mode and attempt to automatically map local IP addresses to public IP addresses.<\/p>\n<div class=\"callout callout-info\">\n<div class=\"callout-heading\">Note:<\/div>\n<div class=\"callout-content\">\n<ul>\n<li>If you use a NAT environment, your server <strong>must<\/strong> reside in a 1:1 NAT configuration to install cPanel &#038; WHM.<\/li>\n<li>For a list of ports that you must open to allow cPanel &#038; WHM services to function on your server, read our How to Configure Your Firewall for cPanel &#038; WHM Services documentation.<\/li>\n<\/ul><\/div>\n<\/div>\n<h2 id=\"the-mapping-process\">The mapping process<\/h2>\n<p>The system attempts to map all non-loopback IP addresses bound to any network interface on the server to a public IP address.<\/p>\n<figure>\n    <img src=\"https:\/\/ssdsunucum.com\/blog\/wp-content\/uploads\/2021\/07\/nat-diagram.png\" title=\"nat-diagram\"><br \/>\n<\/figure>\n<p>To complete this process, the system performs the following actions:<\/p>\n<ol>\n<li>Your server will send an outgoing connection from each local IP address to the <code>http:\/\/myip.cpanel.net\/v1.0\/<\/code> server.<\/li>\n<li>The <code>http:\/\/myip.cpanel.net\/v1.0\/<\/code> server responds with the public IP address from which it received the request.<\/li>\n<li>The system maps the local IP address to this public IP address.<\/li>\n<\/ol>\n<div class=\"callout callout-danger\">\n<div class=\"callout-heading\">Warning:<\/div>\n<div class=\"callout-content\">\n        We do <strong>not<\/strong> recommend that you map more than one local IP map address to a single public IP address.\n    <\/div>\n<\/div>\n<h2 id=\"manage-ip-addresses\">Manage IP addresses<\/h2>\n<p>You can manage the maps for local and remote IP addresses with the following WHM interfaces:<\/p>\n<ul>\n<li>The<br \/>\n<em>Add a New IP Address<\/em><br \/>\ninterface (<em>WHM &gt;&gt; Home &gt;&gt; IP Functions &gt;&gt; Add a New IP Address<\/em>).<\/li>\n<li>The <em>Show or Delete Current IP Addresses<\/em> interface (<em>WHM &gt;&gt; Home  &gt;&gt; IP Functions &gt;&gt; Show or Delete Current IP Addresses<\/em>).<\/li>\n<li>The <em>IP Migration Wizard<\/em> interface (<em>WHM &gt;&gt; Home &gt;&gt; IP Functions &gt;&gt; IP Migration Wizard<\/em>).<\/li>\n<\/ul>\n<p>Each interface displays the warning notice <em>NAT mode enabled<\/em> if NAT is enabled on your server.<\/p>\n<div class=\"callout callout-danger\">\n<div class=\"callout-heading\">Warning:<\/div>\n<div class=\"callout-content\">\n        If multiple local IP addresses match the same public IP address, the system will <strong>only<\/strong> map the first local IP address in the <code>\/var\/cpanel\/cpnat<\/code> file.\n    <\/div>\n<\/div>\n<h2 id=\"the-build-cpnat-script\">The build_cpnat script<\/h2>\n<p>The <code>\/usr\/local\/cpanel\/scripts\/build_cpnat<\/code> script uses the <code>http:\/\/myip.cpanel.net\/v1.0\/<\/code> server to map local IP addresses to public IP addresses. However, if you wish to use a different IP address lookup service, perform the following steps:<\/p>\n<ol>\n<li>\n<p>Open the <code>\/etc\/cpsources.conf<\/code> file with a text editor and add the following line:<\/p>\n<pre><code>MYIP=https:\/\/ifconfig.me\/ip\n<\/code><\/pre>\n<\/li>\n<li>\n<p>Run the <code>\/usr\/local\/cpanel\/scripts\/build_cpnat<\/code> script.<\/p>\n<div class=\"callout callout-info\">\n<div class=\"callout-heading\">Note:<\/div>\n<div class=\"callout-content\">\n<ul>\n<li>\n<p>For more information about the <code>build_cpnat<\/code> script, run the following command:<\/p>\n<pre><code>\/usr\/local\/cpanel\/scripts\/build_cpnat --man\n<\/code><\/pre>\n<\/li>\n<li>\n<p>If you accidentally delete your <code>cpnat<\/code> file or the file becomes becomes corrupted, rebuild it with the <code>\/usr\/local\/cpanel\/scripts\/build_cpnat<\/code> script.<\/p>\n<\/li>\n<li>\n<p>The <code>\/var\/cpanel\/cpnat<\/code> file acts as a flag file for NAT mode. If the installer mistakenly detects a NAT-configured network, delete the<code>\/var\/cpanel\/cpnat<\/code> file to disable NAT mode.<\/p>\n<\/li>\n<\/ul><\/div>\n<\/div>\n<\/li>\n<li>\n<p>Update your cPanel accounts\u2019 local IP addresses in WHM\u2019s <em>IP Migration Wizard<\/em> interface (<em>WHM &gt;&gt; Home &gt;&gt; IP Functions &gt;&gt; IP Migration Wizard<\/em>).<\/p>\n<\/li>\n<\/ol><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Overview Warning: We strongly recommend that you only perform these actions on a new installation of cPanel &#038; WHM. Do not attempt a 1:1 NAT configuration on an existing production server. When you install cPanel &#038; WHM, the installer will detect whether your server resides on a NAT-configured network. If the installer detects a NAT-configured &hellip;<\/p>\n","protected":false},"author":1,"featured_media":640,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/639"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=639"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/639\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/640"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}