• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 195
  • Last Modified:

Network address translation

Hi,

What is the advantage/disadvantage of applying NAT at internet?

Thanks!
0
iecu
Asked:
iecu
3 Solutions
 
LucFEMEA Server EngineerCommented:
This looks very much like a homework question to me..

LucF
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Another learning opportunity!  If this is a homework assignment, I'd recommend reading your text.  In either case, if you need supplemental text, try this:
http://computer.howstuffworks.com/nat.htm

This one looks like it deals more directly with your question:
http://stalin.iodynamics.com/education/nat.html
0
 
jamesreddyCommented:
LOL.  Possibly.  But maybe not.

NAT is a great way of saving money on public IP addresses for a company or any organization that wants to share a network connection.  It allows a range of internal IP addresses to be resolved into a single external IP address.  That external IP address is the only address that can be seen on the Internet.  Anyone attempting to trace the IP address from a remote location will be stopped dead at the router and unable to resolve individual PCs, so it does help with security as well.

The other side of that is that is that people within your network can theoretically do things "anonymously" because they are all being seen as the single external IP address.  So it is somewhat of a security flaw, as well, if you do not have the proper monitoring software.  Illegal Internet activity can occur like downloading copyrighted material through Kazaa, and any law enforcement officials that try to trace that will find only the public IP address and can hold them liable.  There is a big movement on throughout the country in trying to prosecute colleges for their students' illegal Internet activities.

Maybe that might help clarify some of the highpoints of NAT.

James
0
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

 
ewtaylorCommented:
I dol not think so he has been registered for a while. JAmes hit most of the pros and cons. I will see if I can add to them. VPN through NAT is complicated and normally needs a third party client or a win2k3 server. Some games cannot traverser NAT especially if more than one computer behind the firewall is trying to play at the same time. Big advantages are cost, and security.
0
 
jamesreddyCommented:
I'll agree on the games and cost issue, but I've set up dozens of these and have thus far never had a problem with VPN/NAT compatibility.  Granted, I use a Cisco PIX firewall for my VPN and NAT device, so maybe Cisco just has it figured out, but so far...with my PIX's, I've never had an issue.
0
 
ewtaylorCommented:
Well it depends on the ios and the version of secure client. I have banged my head agains the wall enough times to know this. Used to be I would have to setup a real NAT (Not the pat everyone is calling NAT these days) to get multiple clients behind the pix to be able to connect via vpn. Thus using routable ip addresses. I know win2k3 vpn has NAT traversal and that there is downloadable upgrade to win2k and winxp for this, so it is not as big a problem as it used to be. However if you are using a win2k server as your vpn endpoint then you will have a problem
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now