NETWORKING

  • 01/07/2016
    7:30 AM
  • Rating: 
    0 votes
    +
    Vote up!
    -
    Vote down!

NAT Configuration Primer

Organizations often rely on Network Address Translation to reduce public IP address requirements. Here's a quick guide to NAT basics.

Comments

NAT

Thanks for this guide Andrew. Can you elaborate on your point about the misconception of NAT providing security benefits?

Re: NAT

Hi Marcia - Some people think that NAT provides a layer of security because it "hides" the true IP address structure from the outside world. But in reality, it all depends on what ports you have open to the world. Whether they are NAT'd or not adds nothing from a security perspective. 

Re: NAT

I see, thanks Andrew. This blog also talks about how NAT can actually impede security.

Re: NAT

I see your point @Andrew, but considering the fact that we modify network address information in IP datagram packet headers while they are in transit across a traffic routing device, some where or other we can say they do provide security.

Re: NAT
@Aditshar1 - Can you give the community an example of how you believe NAT can provide data security in an enterprise IT scenario? Thanks!
Re: NAT

I havent spoken or commented about data security, what i mean to say here is about Network Security. My previous comment share glimpse of only network and not data security. If i am not mistaken NAT can be considered as similar to encryption ..

Re: NAT

So, personnaly i think the security provided by NAT feature, is IMPLICIT! but done right.

Re: NAT

Doing it by preserving the number of public IP address, we have a little network security solution!

Re: NAT

Yes, i agree. Do it for NAT44 provide security. But usually, we have a few public IP for many internal host (users), so NAT provide this ability to send these internal trafic into the public network by hidden the source IP address (which qualified as private IP).

Re: NAT

Hi Marcia,

Good point and question. It probably would not have occurred to me to raise the issue of security implications, so I'm glad you did. I did a little more digging. Here's what Andrew may be referring to when he said "it "hides" the true IP address structure from the outside world." https://www.grc.com/nat/nat.htm. I consider Gibson Research a solid source for such matters.

NAT

whats the need for point to point NAT? why not use the public IP

NAT is still alive!

Hi Andrew, Thanks for this great post and raise the awesome networking stuff. The two well known advantages of using NAT, are : security and reduction of public IP needed in some cases.

Re: NAT is still alive!

Despite, the advent of IPv6, which provide a large range of public IP address, we have NAT66 and many companies will use it. A public IP is a cost! Can we predict the end of NAT ? maybe yes, at some part of the world. :)

NAT is still alive!

Hi Andrew, Thanks for this great post and raise the awesome networking stuff. The two well known advantages of using NAT, are : security and reduction of public IP needed in some cases.