Windows Tips & Tricks UPDATE, August 11, 2003, —brought to you by the Windows & .NET Magazine Network and the Windows 2000 FAQ site
http://www.windows2000faq.com


This Issue Sponsored By

Argent Software
http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNT

Windows Scripting Solutions
http://www.winscriptingsolutions.com/rd.cfm?code=fsei263xup


1. Commentary

2. FAQs

  • Q. What's Network Address Translation (NAT)?
  • Q. What types of Network Address Translation (NAT) exist?
  • Q. What's the IPSec/L2TP NAT-T update for Windows XP and Windows 2000?
  • Q. After I upgraded my hard disk to NTFS under Windows XP, my computer displays an ntfs.sys "missing or corrupt" error and fails to start. How can I resolve this error?
  • Q. Why does the Disk Cleanup tool in Windows XP and Windows 2000 hang when I try to start it?

3. Announcements

  • Windows & .NET Magazine Connections: for Security-Minded IT Pros
  • Try Windows & .NET Magazine!

4. Event

  • New—Mobile & Wireless Road Show!

5. Contact Us

  • See this section for a list of ways to contact us.

Sponsor: Argent Software
NETWORK TESTING LABS COMPARES MOM TO THE ARGENT GUARDIAN
Network Testing Labs, one of the world's leading independent research companies, put together a comprehensive Comparison Paper on two leading enterprise monitoring solutions. Their conclusion: "The Argent Guardian easily beats out MOM in all our tests... The Argent Guardian will cost far less than MOM and yet provide significantly more functionality." Find out for yourself why organizations like Major League Baseball, GE Capital, AT& T, Harley Davidson, and Nokia all rely on The Argent Guardian for their enterprise monitoring and alerting needs. Download this Comparison Paper now:
http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNT


1. Commentary
by John Savill, FAQ Editor, jsavill@winnetmag.com

This week, I explain Network Address Translation (NAT) and describe the different types of NAT that exist. I also describe the IPSec/L2TP NAT-T update for Windows XP and Windows 2000, how to resolve an error after upgrading to NTFS in XP, and why the Disk Cleanup tool in XP and Win2K might hang when you try to start it.


Sponsor: Windows Scripting Solutions
Windows Scripting Solutions for the Systems Administrator
You might not be a programmer, but that doesn't mean you can't learn to create and deploy timesaving, problem-solving scripts. Discover Windows Scripting Solutions, the monthly print publication that helps you tackle common problems and automate everyday tasks with simple tools, tricks, and scripts. Try a sample issue today at:
http://www.winscriptingsolutions.com/rd.cfm?code=fsei263xup


2. FAQs

Q. What's Network Address Translation (NAT)?

A. NAT lets organizations hide their internal IP addresses and provides a means for connecting many more computers over TCP/IP than would be possible if every computer that accessed the Internet needed its own IP address. An organization or a site within an organization that uses NAT can use almost any IP address internally for any purpose, with the exception of a few IP address ranges that are reserved for internal network use (for information about these IP ranges, see the FAQ at http://www.windows2000faq.com/articles/index.cfm?articleid=14985).

Unlike machines on your internal network that can use just about any IP address, machines that connect to the Internet must use allocated (i.e., registered) IP addresses. However, you can use a NAT gateway to connect any machine on your internal network to the Internet. The gateway will communicate with the outside world on the internal machine's behalf and forward responses from the Internet to the originating machine on your internal network.

For example, if a company has 20 computers that all need Internet connectivity, you'd need to register 20 different IP addresses. However, if you used a NAT gateway, you'd need to register only one IP address for the gateway machine that connects to the Internet. (In practice, you'd probably establish several NAT gateways for fault tolerance and load-balancing purposes.) Then, you'd simply channel the other 19 machines through the gateway server. This figure illustrates how the three components (the internal network using an internal IP address subnet, the NAT with a registered Internet IP address, and the Internet) fit together.

The use of NAT has grown in popularity because the use of TCP/IP has grown in popularity. The original TCP/IP address format is based on a 32-bit structure, which provides 4,294,967,296 possible IP addresses. (Fewer addresses are actually available because certain classes or sets of addresses are allocated and reserved for specific purposes.) Because the need for new IP addresses is constant, we'll eventually run out of available addresses based on the original 32-bit format. In recognition of this shortcoming, the Internet Engineering Task Force (IETF) has prepared IPv6, which is the next-generation Internet protocol and will use a 128-bit format to provide an astronomical number of addresses (i.e., 3.4 x 10^38). The new protocol also does a better job than the current addressing scheme of concealing your internal IP address structure.

Q. What types of Network Address Translation (NAT) exist?

A. Three main types of NAT exist. In order of complexity (from simple to complex), they are

  • static NAT—With this type of NAT, a NAT router maintains a table that associates each internal IP address with a corresponding external allocated (i.e., registered) Internet IP address. With static NAT, you must register an IP address for every machine that connects to the Internet. This approach isn't used very often because it doesn't save on registering IP addresses. However, static NAT can be useful for making devices accessible from the Internet—the external IP address will always point to the internal address stored on the NAT router.
  • dynamic NAT—With dynamic NAT, a NAT router maintains a list of registered Internet IP addresses. Every time an internal client tries to access the Internet, the router maps it to one of the registered IP addresses that isn't currently in use. As a result, you need registered IP addresses only for the number of concurrent Internet users.
  • single-address NAT/overloading/masquerading/Network Address Port Translation (NAPT)—With this type of NAT, a NAT router has only one registered IP address. The NAT router maps each internal client that needs to communicate with the Internet to a different port from the registered IP address. The router writes the address request in the form x.x.x.x:y—for example, 10.0.0.1:100 would be IP address 10.0.0.1, port 100. Responses from the Internet include the originating port so that the router knows which internal IP address to map the response to.

This figure illustrates the use of single-address NAT. The NAT router in the figure maintains a translation table that specifies the port that each internal IP address uses for external communication, as follows:

Internal Address External Address
10.0.0.1 14.1.23.5:62450
10.0.0.2 14.1.23.5:62451
10.0.0.3 14.1.23.5:62452
10.0.0.4 14.1.23.5:62453

This type of NAT is the most popular form used.

Q. What's the IPSec/L2TP NAT-T update for Windows XP and Windows 2000?

A. The IPSec/L2TP NAT-T update is a Microsoft update for Layer Two Tunneling Protocol (L2TP) and IP Security (IPSec) for XP and Win2K. This update lets you operate VPN clients behind Network Address Translation (NAT) software or hardware. The update is available from the Windows Update Web site and requires XP Service Pack 1 (SP1) or later or Win2K SP3 or later.

After you install the update, clients behind the NAT device will be able to create IPSec connections and monitor those connections through the updated monitoring tool that installs as part of the update. For more information, see the Microsoft article "L2TP/IPSec NAT-T Update for Windows XP and Windows 2000".

Q. After I upgraded my hard disk to NTFS under Windows XP, my computer displays an ntfs.sys "missing or corrupt" error and fails to start. How can I resolve this error?

A. The full error you receive on start-up is

Windows could not start because the following
file is missing or corrupt:
System32\Drivers\Ntfs.sys

To resolve this error, you need to use the Recovery Console (RC) to replace the ntfs.sys file by performing the following steps:

  1. Insert the XP installation CD-ROM and reboot your machine.
  2. When the installation menu appears, press the R key to start an RC session.
  3. When prompted, select the installation and enter the Administrator password.
  4. At the console, navigate to the system32\drivers folder, assuming your Windows folder is called "windows," by typing
  5. cd \windows\system32\drivers
  6. Rename the current ntfs.sys file by typing
  7. ren ntfs.sys ntfs.bad
  8. Copy the ntfs.sys file from your installation CD-ROM to your current location by tying
  9. copy <drive letter>:\i386\ntfs.sys .</drive>

    Be sure you include the period at the end of the command to instruct your system to use the current location.

  10. Remove the XP installation CD-ROM, then restart your machine.

Q. Why does the Disk Cleanup tool in Windows XP and Windows 2000 hang when I try to start it?

A. A corrupt temporary file can often cause the Disk Cleanup utility to hang. To resolve this problem, try deleting all temporary files on your computer by performing the following steps:

  1. Close all running applications.
  2. From the Start menu, click Run and type
  3. %temp%

    to open the Temp folder on your computer.

  4. Type Ctrl+A or from the Edit menu click Select All to select all the files, press Delete, then click Yes to the confirmation.
  5. Close Windows Explorer.
  6. Open the Control Panel Internet Options applet.
  7. Select the General tab, then click Delete Files.
  8. Select the "Delete all offline content" check box, then click OK.

You should now be able to run the Disk Cleanup tool.

Hot Release (Advertisement)
Window's Deployment & Settings Mgt. by AutoProf
AutoProf's new Profile Maker 8 Professional provides point and click management of OS upgrades, service packs, software patches, network drive mappings, shared and TCP/IP printer connections. Visually manage Office & IE application settings, Outlook profiles, files, folders, and shortcuts. Configure based on over 25 filters. Free Trial!
http://www.AutoProf.com/ads/Update_TipsTricks_HotR_2003_08_11.html

3. Announcements
(from Windows & .NET Magazine and its partners)

  • Windows & .NET Magazine Connections: for Security-Minded IT Pros

  • How secure is your network? Have you ever been hacked? If you had to lock down 100 machines in 5 minutes, could you do it? How has Windows Server 2003 improved its security features? Want to stop spam? Register for Windows & .NET Magazine Connections 2003 coming this fall to Orlando, and get all the answers to these questions and much more!
    http://www.winconnections.com

  • Try Windows & .NET Magazine!

  • Every issue of Windows & .NET Magazine includes intelligent, impartial, and independent coverage of security, Active Directory, Microsoft Exchange Server, and more. Our expert authors deliver how-to content you simply can't find anywhere else. Try a sample issue today, and find out what more than 100,000 readers know that you don't!
    http://www.winnetmag.com/rd.cfm?code=fsei203xup

    4. Event
    (brought to you by Windows & .NET Magazine)

  • New—Mobile & Wireless Road Show!

  • Learn more about the wireless and mobility solutions that are available today! Register now for this free event!
    http://www.winnetmag.com/roadshows/wireless

    Sponsored Links

  • Ultrabac

  • FREE live trial-Backup & Disaster Recovery software w/ encryption
    http://ad.doubleclick.net/clk;5945485;8214395;x?http://www.ultrabac.com/default.asp?src=WINTxtLAug03tgt=./

  • CrossTec

  • Free Download - NEW NetOp 7.6 - faster, more secure, remote support
    http://ad.doubleclick.net/clk;5930423;8214395;j?http://www.crossteccorp.com/tryit/w2k.html

    5. Contact Us
    Here's how to reach us with your comments and questions:

    This weekly email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
    http://www.winnetmag.com/sub.cfm?code=wswi201x1z

    Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
    http://www.winnetmag.net/email