Darksat IT Security Forums
June 03, 2020, 01:16:03 am
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Darksat IT Security Forum
From Firewall Support, AntiVirus Questions, Spyware problems, Linux and Windows Security, Black Hat SEO right down to Website Design and Multimedia
  Home Help Search Gallery Links Staff List Login Register  

Network Address Translation

Pages: [1]
Author Topic: Network Address Translation  (Read 964 times)
Posts: 3303

View Profile WWW
« on: April 08, 2007, 06:02:29 pm »

Your firewall’s number one job is to separate your private network from the Internet, and use that separation to keep the bad guys out. One firewall technology that helps to create this separation (and helps with the shortage of IP addresses) in Network Address Translation (NAT).

The main idea behind NAT is that most of the computers on your network should not be accessible from the Internet. One way to keep those computers from being Internet accessible is to assign them invalid IP addresses.

In a typical NAT deployment, the only valid IP address is assigned to the firewall, all of the machines protected by the firewall are assigned IP addresses that are valid only on the private network. When a PC on the private network needs to communicate with the outside world, the computer sends its request to the firewall. The firewall then places the request on behalf of the computer  that actually made the request. When the response to the request comes back, the request arrives at the firewall, and then the firewall sends the response to the appropriate computer on the private network.

For example, suppose that a user wanted to visit a Web site from a PC on the private network. The user would enter the site’s URL into their Web browser, and that would in turn get translated into an HTTP request. The request would go to the firewall, and then the firewall would use it’s own IP address to place the HTTP request on behalf of the user. When the request is answered, the response goes to the firewall, and the firewall passes the response back to the user who originally made the request.

Report Spam   Logged

Share on Facebook Share on Twitter

Pages: [1]
Jump to:  

Powered by EzPortal
eXTReMe Tracker
Security Forum
Bookmark this site! | Upgrade This Forum
SMF For Free - Create your own Forum

Powered by SMF | SMF © 2016, Simple Machines
Privacy Policy
Page created in 0.047 seconds with 15 queries.