NAT32E: Connecting Private LANS to the Internet Build 1057 ----------------------------------------------- ---------- (C) 2003 NAT Software Germany. ALL RIGHTS RESERVED ** NAT32 Enhanced Version 1.7 ** **** MFC free *** *** Built with BC55 ** Redistribution of this software without the prior written permission of the author is strictly prohibited. Version 1.7 WINDOWS 95/98/NT/2000/XP 8. July, 2003 --------------------------------------------------------------------------- NAT32E is a versatile Software Router which allows all computers on one or more private LANs to share one or more Internet connections. With appropriate configuration, NAT32E will bind to the following devices: Windows WAN devices: Modems, ISDN, ADSL, PPPoE, Microsoft VPN Windows LAN devices: Ethernet, Token Ring (but not emulated TR) Hybrid Devices: One-way cable modems, Satellite devices (DirecPC) NAT32E fully supports the Windows DUN/RAS Server, allowing dial-in access to machines which connect to the Internet via some other Interface. Administrators can remotely configure and interrogate NAT32E using a Java- enabled WEB Browser. A NAT32 password must be specified and Internet access to the NAT32E HTTP server is blocked per default. NAT32E is an IP Router, NOT a Proxy Server. Time-consuming reconfiguration of network applications is not required. All applications on your private LAN have address-mapped UDP, TCP and ICMP access to the Internet. NAT32E Version 1.7 supports "connection aggregation", a technique used for distributing Internet traffic over two or more modems (or other types of connections). The technique should not be confused with "modem bonding" or "multilink", which requires ISP support and is usually only available for ISDN services. Connection aggregation is particularly useful in cases where two or more Dial-Up Networking connections are available and router traffic is to be spread (more or less) evenly over multiple connections. The feature is also useful for DSL or Cable Modem users requiring a backup Internet connection. If the high-speed connection fails, the DUN Connection can be easily enabled for emergency use. Installation ------------ The NAT32E archive can be unzipped into any desired directory, the example below assumes the directory C:\NAT32E. You should then run the setup program setup.exe. This program makes NO major modifications to your system. In particular, no Windows DLLs or Drivers are overwritten or modified, and your networking configuration is not altered in any way. Only minor registry modifications are made. Only one file is copied: nat32.inf to your Windows INF directory. Before Running NAT32E: ---------------------- This version *requires* Internet Explorer 4 (or later). Even if you are a Netscape or Opera user, you must install IE, even if you uninstall it again afterwards. The IE uninstall procedure leaves all the needed DLL's on your system. WINDOWS 95 users should install the Microsoft DUN 1.2 (or later) upgrade before running NAT32E. This upgrade is an absolute must (even for Cable Modem users) because it contains the latest VIP.386 and TCP/IP upgrades, as well as vastly improved Dial-Up Networking support. The upgrade is available for free download from www.microsoft.com. IMPORTANT --------- You must turn off IP Header Compression for all DUN Connections you plan to use with NAT32 (95/98/NT4 platforms only). If you ran setup, this will have been done for you, but any connnections you add later will need to have IP Header Compression turned off manually. Installing NDIS3PKT ------------------- NAT32E uses a special version of Dan Lanciani's NDIS3PKT driver. DO NOT ATTEMPT to run NAT32E with any version of NDIS3PKT other than the one contained in this distribution. 1. Start the Control Panel Network Applet and click Add then Protocol. Under Windows 2000/XP, open Control Panel, Network and Dial-up Connections, and then right-click any Local Area Connection. Then click Install and select Protocol, Add. 2. Click the "Have Disk" button and specify the directory into which you unzipped NAT32E as the source directory. 3. Select the required .inf file: Windows 9X: NDIS3PKT.INF Windows NT: OEMSETUP.INF Windows 2K: NDIS3P2K.INF Windows XP: NDIS3P2K.INF 4. Click OK. 5. REBOOT WINDOWS, even if a reboot is not requested. Note that the NDIS3PKT driver can only bind to adapters which Windows enables at boot time. If you have disabled an adapter, reenable it and then reboot Windows so that NDIS3PKT can bind to it. Running NAT32E -------------- The first time NAT32E is run, it examines the existing Windows network configuration and generates several configuration files in the directory from which it was started. Click the Notepad Icon for more details. IMPORTANT --------- For NAT32E autoconfiguration to work correctly, you MUST have at least one private LAN adapter which has been assigned a FIXED IP address. That address should be private, but it needn't be. A Dialog Box will be presented listing all Network Interfaces available on your system, and you should then select the Interfaces you would like NAT32E to use. For each of the selected Interfaces, you must click a radio button indicating the type of network to which the interface connects (Internet, Private, or One-way). If Windows Internet Connection Sharing is enabled, please turn it off or click Help for further details. A yellow shortcut will be added to your Desktop, and you should use that shortcut whenever you subsequently wish to run NAT32E with the selected interfaces. A grey shortcut is also added. It can be used to start a new NAT32E configuration run. IMPORTANT --------- NAT32E can be run as a Service, but you MUST NOT start it as a service until it has been correctly configured and you have familiarized yourself with its operation. NAT32E is documented in the Windows Help File: nat32e.hlp. ************************* HOW TO UNINSTALL NAT32E ************************ * * * Click Start/Programs/NAT32/Uninstall * * * * Uninstall leaves a few configuration files in your NAT32 directory, so * * you should subsequently drag the NAT32 directory to the Reycle Bin. * * * * To uninstall NDIS3PKT, use Control Panel Network to remove the driver. * * * ************************************************************************** NAT32E is SHAREWARE and will run for 60 minutes to allow you to evaluate its features. NDIS3PKT has been modified to run with NAT32E only. ************************************************************************** * * * Online Registration: see menu item Help/Register * * * * Web Site: see menu item Help/About * * * * Support: see menu item Help/About * * * ************************************************************************** What's New in this Release -------------------------- DD.MM.YEAR 08.07.2003 BUILD 1057 GPQ now uses a CS for each queue. Routing Table now uses CS rather than a semaphore. Bpool now uses CS rather than a semaphore. IPPROC now checks the IP queues in round-robin order for fairer load distribution. Above measures increased throughput by 25%. 02.07.2003 BUILD 1056 Problem with legacy adapter names on 2K/XP fixed. Problem with private LANs using registered addresses fixed. Problem with unused PPP adapters fixed. Embedded browser support added (experimental). IE Version check for WEB support and Autodial (IE > 4 required). Httpd shell command added (uses pseudo-socket device). The httpd now understands: http://127.0.0.1:8080/shell?cmd=cmd+arg+arg.... Shell environment variables added. If command added: if variable cmd [args]+ The if command executes cmd [args]+ if variable is true. Unary negation operator added: !variable Set command added: set [name [value]] ICS support modified. On 2K platforms, the initial ICS state is restored on exit. An ics 0|1 line added to nat32ini. Toolbar code modified: only current adapter buttons shown, DUN buttons shown only if DUN is in use. Shell and Window code corrected so that P32Window proc exits cleanly and does not need to be killed on exit. Scrollbars added to windows. Icons and color added to Interface Selection dialog box. Netstart modified to check more config details. Java applets now work in Web window. RAS support modified for all RAS versions. Fixed bug in nd_get_conf for NDIS3PKT.386 26.04.2003 BUILD 1055 Function reflected() in netin2k modified. Main dialog now supports double-click of an entry to view adapter registry settings. NSERVER set only to values found for Internet-connected interfaces in netstart, winute and winutent. TclExec error fixed, shell command sh modified. About box now has clickable entries. 21.04.2003 BUILD 1054 Dhcpd modified. 20.04.2003 BUILD 1053 Command setw modified, new setw.htm man page posted. FTP problem: some FTP servers don't originate connections at port 20. Added a wild-card mechanism to fix this. Problem with PASV mode transfers fixed. NOTE ==== PASV mode may not work with non-UNIX compatible FTP servers. Check your FTP Client for details of supported server types. 14.04.2003 BUILD 1052 Nif diagnostic string added. Used to show Autodial trigger. WIN32 brush handle problem fixed. Refresh button added to Interface Selection dialog. DHCP server upgraded. Command ukmap added. See help page ukmap.htm for details. Ukmap can be used to map a range of port numbers to a single port number on a private machine. Used for some games and mapping scan traffic to honeypots. Command icmap upgraded. Now allows any number of private machines to ping and traceroute simultaneously. 22.03.2003 BUILD 1051 NAT32 now detects Windows 98SE/ME Internet Connection Sharing. Click Help, More Help in the Interface Selection dialog to view a detailed description of how NAT32 and ICS can coexist. ICMP FNADF packets now forwarded correctly. NAT32 Windows 2k/XP ICS detection added. 16.03.2003 BUILD 1050 *** NEW NDIS3PKT.386 *** *** NEW NDIS3PKT.SYS *** The new NDIS3PKT driver solves a MUX problem. Umap error fixed. Map_port now increments the new src port for each retransmitted SYN. The old MUX entry is deleted. This feature can be turned on and off using the setdf command. It should probably NOT be used for Satellite links. IP_IN no longer reschedules on receipt of a packet. DHCPD now allows 10 sec for ARP to complete (was 5 sec). Test for ICS (SharedAccess) service added. Test for ICS on 98 platforms added. MSTCP traffic monitoring added. Use command "mstcp ifn" to start the monitor, "mstcp ifn kill" to stop the monitor. Command "mstcp ifn block" will block all MSTCP traffic for the specified interface. Command "mstcp ifn allow" will allow all MSTCP traffic. Note that only one interface at a time can be monitored in this release. Main Dialog now indicates disabled adapters. Windows Account Name displayed. 01.03.2003 BUILD 1049 Mux problems solved temporarily. New NDIS3PKT driver pending. 28.02.2003 BUILD 1048 For DUN Connections, throughput is now calculated as the max of received and sent bytes per second. Unused bytes in short packets set to 0. Sendf again used in ip_in. Hex trace now dumps entire packet. Netstart now does a mux reset to clear the NDIS3PKT MUX table. OnExit does too. Pmdel now resets stalled TCP connections correctly. Map_port and unmap_port modified. Local traffic handling modified (ipgetp, ipproc, ipputp). 21.02.2003 BUILD 1047 DHCPD was adding PENDING ARP entries to NAT32 ARP cache. Resulted in new machines not being reachable from NAT32 for about 600 sec. Arpdel command fixed. Was failing if unconfigured interfaces were present. Experimental: if a TCP SYN segment is retransmitted, change the mapped source port. Some servers require this. 19.02.2003 BUILD 1046 IP_IN modified to not force packet deleivery when IP input queue is full. IP input queue size increased to 100 packets. Above measures increased throughput to 5.4 Mbps on 133 Pentiums. Trace indicates if a packet was dropped because of a full input queue. Local TCP traffic had incorrect source address if more than one gateway present. Rttimer: DHCP address change code modified. Bug on 9x platforms fixed: if multiple adapters with the same name were present, the adapter exclusion mechanism failed. The exclude file is no longer used. Fixed the problem with local traffic and multiple default routes DHCPD now allocates less memory. Dhcpd command syntax changed. IPPROC now uses NI_PRIMARY default route if no Interface Selection algorithm specified. Setis command syntax changed. Console lockup bug fixed. New window created in a seperate thread. Primary Interface semantics changed. The Primary Interface is now the interface used to communicate with the Internet. In cases where 2 or more such interfaces exist, the Primary interface will be used, unless the setis command has been used to enable interface selection by other means. Quick Dialog box now shows the settings for the Primary interface. Winio: ctrl-b problem fixed. 10.02.2003 BUILD 1045 Connection name, IP address and Interface number now logged in rttimer function. W2000 and XP: major problem with connection aggregation fixed. DHCPD problem fixed: for two or more DUN connections, single adapter mode was being set. W2000 and XP: major problem with Interface Number in netin2k fixed. Setis command modified to provide more details. Connection name problem fixed for connections which come up while NAT32 is running. 28.01.2003 BUILD 1044 Calls to ppp.log were colliding. Only "connect" and "disc" now write to ppp.log. For 2000 and XP platforms, the connection name is now displayed for all connected NDISWANIP adapters. Command 'setmap' now has following syntax: setmap ["connection" [off | primary]] The command can be placed in the script file 'connect' and is used to turn mappings for a WAN connection on or off. If 'primary' is specified, the interface will become the Primary Interface. 21.01.2003 BUILD 1043 Command 'setmap IP [mask]' added. Turns on mappings for DUN connections which have an IP address matching 'IP' after it has been AND'ed with 'mask'. Use for Windows 2000 and XP only. 20.01.2003 BUILD 1042 Command 'setnsi [ifn]' added. Sets the NSERVERs to that of the specified interface. Use for Windows 2000/XP only. Bug in winio.c fixed (keyboard input during output was locking on W2K and XP). NifUpdate now also updates NSERVER if it is equal to 137.92.1.1. Winute bug fixed: ni_private was not being set. Command setsu clears all NSERVERs and then calls NifUpdate. Setsu mechanism modified and tested. Command 'setsu' prints the subunit table. Command 'setsu subunit' turns on mappings for the specified subunit, if the adapter is Internet connected. 06.01.2003 BUILD 1041 ***** EXPERIMENTAL ***** On W2K and XP platforms, this build detects DUN connections as they come up but does _not_ turn on the various port mappings unless the NDIS3PKT subunit numbers match or the connection is coming up for the first time. For the case where the subunit of a connection has changed, the mappings must be turned on via a new set subunit command: setsu subunit where 'subunit' is the subunit number of the desired Primary (DUN) Interface. The needed subunit number is displayed in the relevant Interface Configuration dialog box. The needed setsu command can be added to file 'connect'. A future build will automate this procedure. Command 'setsu subunit' searches for the established DUN connection with the matching subunit number and then does the following: 1. Adds a default route 2. Turns on IP mapping 3. Turns on Port Mapping 4. Turns on ICMP Mapping Command x_up now displays subunit and su_valid for each adapter. 20.12.2002 BUILD 1040 Registration bug fixed. 18.12.2002 BUILD 1039 Monitor bug fixed. Bug in cat command fixed. CURRPID modified in create function. 12.12.2002 BUILD 1038 All centered windows (and Trace) now have focus. Setup Version 1.4 is now compatible with WinZip INSTALL. Admin log problem fixed. Admin log file now opened in append mode. 30.11.2002 BUILD 1037 Redirection problem fixed in P32.C. QuickDlg again displays a TaskBar button. 11.11.2002 BUILD 1036 95/98 platforms: stale DHCP values no longer returned by GetDhcpDns95. Password problem fixed. TDI problem on NT/2000/XP platforms fixed. No more double ping replies after a private machine has pinged. DNS Help page fixed. 23.10.2002 BUILD 1035 Console window creation code modified. 22.10.2002 BUILD 1034 Netmeeting now works fully for outgoing connections to Internet. Incoming connection support coming soon. Quick command modified: throughput bar can be turned on/off as needed. Service behaviour modified: 1. Shutdown and logoff for NAT32 Service fixed. 2. No splash screen for NAT32 Service. 3. No Quick dialog for NAT32 Service at startup. Note that on 98 platforms, NAT32 assumes it is running as a service if a NAT32 value is present in the RunServices key. 12.10.2002 BUILD 1033 Hex dump mode in trace window added. Console mode network trace removed. DHCPD no longer pings 0.0.0.0. 10.10.2002 BUILD 1032 Permanent Port Mappings can now be made interface-specific. 04.10.2002 BUILD 1031 Minor changes only. 28.09.2002 BUILD 1030 Command added: setis [1|2] The setis command sets the algorithm for choosing which of several Internet-connected interfaces should be used for an outgoing TCP connection. The value 1 sets the algorithm to choose the interface which had the least amount of traffic over the last second. The value 2 sets the algorithm to round-robin. This is the default. Additional algorithms will be added in future builds. Port Mapping now uses Critical Sections rather than Semaphores for mutual exclusion. Color change code modified. RTTIMER bug fixed: no longer turns on IP mapping when a DUN server connects. DNS bug fixed. DNS port number is now fixed at 53. DNS detection ignore servers that don't support recursion. Console Window redraw bug fixed for NT platforms. Dial-Up Networking dialog box modified: Properties button added. Interface Configuration dialog box modified: DUN Server modem number added (9X platforms only). This allows a particular DUN Server modem to be specified for each DUN Server interface. RAS not required if no PPP connections selected. 07.08.2002 BUILD 1029 Dial and Hangup mechanism modified. WinInet Commands: ** Work for ONE connection only ** dial ["connection name"] Dials "connection name" or the default connection hangup ["connection name"] Hangs up the specified connection or default connection. RAS Commands: ** Work for any number of connections ** rdial "connection name" Dials the specified connection via RAS. rhangup "connection name" Hangs up the specified connection via RasHangUp. Command "dun" lists details of all open connections. The Toolbar Dial Icons refer only to the Windows Default Connection. Use Config, Dial-Up Networking Settings, to dial or hangup connections other than the Windows Default Connection, or click the DUN list box entry in the Quick dialog. 03.08.2002 BUILD 1028 Console window now dimensions properly for non-default font sizes. Fixed PASV FTP problem when multiple connections are up. Modified the Gateway dialog box to display all default routes. 31.07.2002 BUILD 1027 Fixed TCP problem when multiple Internet connections are up. 31.07.2002 BUILD 1026 Interface Configuration now supports an "auto" interface speed. If a speed is specified, it overrides the speed reported by Windows. This was needed because Windows reports 10 Mbps for DSL connections, even though the actual service is usually much slower. The Quick dialog now calculates the total number of bits received each second on all Internet interfaces. It then displays that value as a bar graph. Each bar represents 2, 4, 8, 16 ... bits. 29.07.2002 BUILD 1025 Splash screen now closed in thread: pmain Registration check modified. 27.07.2002 BUILD 1024 Interface Selection dialog modified. Interface Configuration dialog modified. Speed variable added. Active thread no longer displays anything on Status Bar. Slowtime displays total received bits per second each second for all Internet-connected interfaces. 26.07.2002 BUILD 1023 Admin Backup saved in registry. Load balancing not done if a Source Route is specified on any Internet-connected interface. Mappings dialog box now shows all mappings. 25.07.2002 BUILD 1022 Load Balancing algorithm modified. Link speeds now included in algorithm. 24.07.2002 BUILD 1021 Admin list box log added, backup to registry added. 23.07.2002 BUILD 1020 FTP bug fixed. Only passive mode was working. 19.07.2002 BUILD 1019 Connection Aggregation now works in unregistered mode. 19.07.2002 BUILD 1018 DNS mapping modified: src IP address of responses to mapped queries set to the NAT32 private IP address of the interface. 08.07.2002 BUILD 1017 Minor changes only. 06.07.2002 BUILD 1016 Ndis3log command added. Usage: ndis3log [c|w] No args: print contents of ndis3log buffer Arg 'c': check log, copy output to buffer. Arg 'w': check log, copy output to buffer, wait for further output Ndis3log.exe fixed to not crash on 9X platforms. Admin buf fixed: IP addresses saved incorrectly in Registry. Admin display modified. Admin now displays bytes received from Internet for a private machine. Admin default is now "enabled". Slowtimer now adjusts sleep time for processing delays. 04.07.2002 BUILD 1015 Admin saves details to registry each minute. Setproms command added. Silent version of setprom. 03.07.2002 BUILD 1014 Umap port range bug fixed. Dots no longer printed for each ICMP source quench sent. 23.06.2002 BUILD 1013 Not released. 20.06.2002 BUILD 1012 Bandwidth Limiting modified. Umap command now accepts a Destination Port Range as its third argument. Active thread now actually sends a UDP packet through Winsock to prevent Windows disconnection because of inactivity. 11.06.2002 BUILD 1011 ICMP code modified. 10.06.2002 BUILD 1010 Any number of Internet Interfaces and default routes supported. Registered version balances Internet traffic over all Internet interfaces. The best interface is the one over which the least number of bytes arrived during the last second. Wintrace now run as a thread when started from NAT32 menu. TDI command -R arg added. Writes Windows Routing Table to TDI_Buffer. Test command added. Prints the TDI_Buffer. Command usr added. Automatically configures the Primary interface for the 3Com U.S. Robotics Cable Modem VSP. Command rtdump added. Dumps NAT32 Routing Table, pointers and all. Bandwidth Limiting for administered hosts added (experimental). All dialog boxes (except Service Settings) now run in their own threads. Packet timestamps added. 01.06.2002 BUILD 1009 Interface Selection dialog redone. Interface Configuration dialog changed. 31.05.2002 BUILD 1008 Log files are now appended to rather than created each time NAT32 starts. Connection open and close logged to PPP.LOG. 29.05.2002 BUILD 1007 Interface selection on the basis of packets received during last second. Checkmtu bug fixed. Interface metric bug fixed. 25.05.2002 BUILD 1006 UDP bug fixed: UDP connections with checksum failed. DNS mapping: change destination address and then process as a normal UDP packet. 14.05.2002 BUILD 1005 TCP bug fixed: local TCP connections failed. 13.05.2002 BUILD 1004 Packets destined for private networks for which NAT32 has no network-specific route are now discarded in IPPROC, unless the default gateway is a private IP address. A provisional pmap entry is deleted if ipputp sends the packet on a non-mapped interface. 08.05.2002 BUILD 1003 DNS changes not logged to nat32.log New NDIS3PKT.386 30.04.2002 BUILD 1002 Port map deletion is now interface specific. Configuration bug fixed: only changing a Primary Interface number prompts for a confirmation. Route selection mechanism modified. The pmap table is searched only once. 24.04.2002 BUILD 1000 This is the initial Build and was generated from Build 4060 of NAT32P Version 1.4. NAT32E differs from NAT32P in that ALL mapping options are now interface-specific. In addition, multiple default routes are supported, each of which is distinguished via an optional Source Address and Metric. A Source Address is an IP Address (or Network Address) which can be used to influence a routing decision. For example, if two default routes exist, one which specifies a Source Network Address of 172.16.2.0, then only traffic from private machines on that network will be sent to the Internet via that default route. All traffic from other networks will be sent via the other default route. A Routing Metric can be specified so that traffic from any private machine can be routed via different default routes. The first default route has a Metric of 15, the second a Metric of 14 and so on. To use this feature, configure the preferred default route as the Primary Interface, the next default route as Primary Backup 1 and so on. Note that the Autodial mechanism (at present) works only for the Primary Interface, not for any Primary Backup Interfaces. To dial a Primary Backup Connection, use the Windows Dial-Up Networking user interface to dial (or hangup) the second connection. For the benefit of email spammers: postmaster@microsoft.comDownload Driver Pack
After your driver has been downloaded, follow these simple steps to install it.
Expand the archive file (if the download file is in zip or rar format).
If the expanded file has an .exe extension, double click it and follow the installation instructions.
Otherwise, open Device Manager by right-clicking the Start menu and selecting Device Manager.
Find the device and model you want to update in the device list.
Double-click on it to open the Properties dialog box.
From the Properties dialog box, select the Driver tab.
Click the Update Driver button, then follow the instructions.
Very important: You must reboot your system to ensure that any driver updates have taken effect.
For more help, visit our Driver Support section for step-by-step videos on how to install drivers for every file type.