Solved

Network address translation

Posted on 2004-04-06
9
180 Views
Last Modified: 2010-03-18
Hi,

What is the advantage/disadvantage of applying NAT at internet?

Thanks!
0
Comment
Question by:iecu
9 Comments
 
LVL 32

Expert Comment

by:LucF
ID: 10767235
This looks very much like a homework question to me..

LucF
0
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 43 total points
ID: 10767946
Another learning opportunity!  If this is a homework assignment, I'd recommend reading your text.  In either case, if you need supplemental text, try this:
http://computer.howstuffworks.com/nat.htm

This one looks like it deals more directly with your question:
http://stalin.iodynamics.com/education/nat.html
0
 
LVL 9

Assisted Solution

by:jamesreddy
jamesreddy earned 41 total points
ID: 10767952
LOL.  Possibly.  But maybe not.

NAT is a great way of saving money on public IP addresses for a company or any organization that wants to share a network connection.  It allows a range of internal IP addresses to be resolved into a single external IP address.  That external IP address is the only address that can be seen on the Internet.  Anyone attempting to trace the IP address from a remote location will be stopped dead at the router and unable to resolve individual PCs, so it does help with security as well.

The other side of that is that is that people within your network can theoretically do things "anonymously" because they are all being seen as the single external IP address.  So it is somewhat of a security flaw, as well, if you do not have the proper monitoring software.  Illegal Internet activity can occur like downloading copyrighted material through Kazaa, and any law enforcement officials that try to trace that will find only the public IP address and can hold them liable.  There is a big movement on throughout the country in trying to prosecute colleges for their students' illegal Internet activities.

Maybe that might help clarify some of the highpoints of NAT.

James
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 11

Assisted Solution

by:ewtaylor
ewtaylor earned 41 total points
ID: 10768259
I dol not think so he has been registered for a while. JAmes hit most of the pros and cons. I will see if I can add to them. VPN through NAT is complicated and normally needs a third party client or a win2k3 server. Some games cannot traverser NAT especially if more than one computer behind the firewall is trying to play at the same time. Big advantages are cost, and security.
0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10768325
I'll agree on the games and cost issue, but I've set up dozens of these and have thus far never had a problem with VPN/NAT compatibility.  Granted, I use a Cisco PIX firewall for my VPN and NAT device, so maybe Cisco just has it figured out, but so far...with my PIX's, I've never had an issue.
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10768538
Well it depends on the ios and the version of secure client. I have banged my head agains the wall enough times to know this. Used to be I would have to setup a real NAT (Not the pat everyone is calling NAT these days) to get multiple clients behind the pix to be able to connect via vpn. Thus using routable ip addresses. I know win2k3 vpn has NAT traversal and that there is downloadable upgrade to win2k and winxp for this, so it is not as big a problem as it used to be. However if you are using a win2k server as your vpn endpoint then you will have a problem
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question