SSi Service Strategies Inc.

NAT

 
Home
Up
Information Request
Evaluation Request
Site Contents
Contact SSi
Glossary of Terms
Site search
Notices

 

 
SSi

Network Address Translation

Add an Additional Layer of Protection with NAT

One of the problems that derive from the attachment of existing IP Networks to the Internet is that local hosts must have globally unique addresses in order to be identified by the backbone routers of the Internet. The Internet routers won't be able to route packets if the IP addresses are not unique. End-users connected to hosts with duplicate addresses cannot be reached and cannot establish application sessions.

The NAT solves the problem by reassigning IP addresses. It contains a pool of available global addresses which are constantly reused . Internal network addresses are allocated according to internal considerations of the Network. Global addresses must remain unique in order to distinguish between different hosts. When a packet is routed, the NAT replaces the internal corporate address with a temporary global address. As soon as the application session is over, the global address is returned to the pool to be reassigned.

NAT in Action

NAT in Action

The NAT-enabled router in this diagram has an IP address of 10.25.1.1 for the inside network and an address of 126.22.99.144 for the outside network. Anytime a host on the inside network (10.25.1.x) makes a request to the Internet, the NAT device will translate the 10.25.1.x to 126.22.99.144. The internal machine can directly access any host on the external network, while from the outside, it appears that all outbound traffic is originating from the router’s single IP address.

NAT Advantages:

1. Enhances the level of security within the Network by hiding its internal structure.

2. Permits an almost unlimited number of users of one class C Network address because global addresses are required only when a user is connected to the Internet.

3. When an existing IP Network is attached to the Internet, there is no need to replace the IP address of each and every host on the internal net - the task is accomplished by the NAT.

To learn more about the SonicWALL firewall and its components and features, please visit our web site dedicated to SonicWALL by clicking on the button below.

 

  If you would like to request additional information on a subject or evaluate a product or service, please click on the appropriate button below.
   
 

 

 

Service Strategies Inc.

2392 Mount Vernon Rd

Dunwoody, GA 30338-3092

678-441-0020   800-662-1615

assist@ssimail.com
 
 

Copyright © 1998-2002 Service Strategies Inc. All rights reserved.
Revised: November 20, 2003.