Great Circle Associates Firewalls
(June 1996)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Is a NAT invisible?
From: Paul Ferguson <pferguso @ cisco . com>
Date: Fri, 07 Jun 1996 12:22:10 -0400
To: John Burgess <jtburgess @ cohiba . predictive . com>
Cc: firewalls @ GreatCircle . COM

There's a couple of decent white-papers located at:

- paul

At 09:24 AM 6/7/96 -0400, John Burgess wrote:

>I'd like to understand a bit more about how Network Address Translation
>(NAT) works...
>Say I have one of the 192.168.x.0 private networks that I'd like to connect
>through a pure NAT to the internet (pure in the sense that I don't care
>about any firewall stuff).  I'll call this box a gateway.
>Can the NAT gateway operate purely at the network layer, i.e., by just
>changing my address in the IP header?
>Does this break any applications?
>I have a nagging suspicion that there are applications that put the source
>IP address in the "data".  What are they?
>I guess the worst case would be a user who telnets to a host through the
>gateway, and fires off an X client back to his/her Xserver.
>e.g., DISPLAY=192.168.x.y:0 ; Xsomething-or-other
>But with a suitable DNS implementation and user training, I think this can
>be solved.
>What other issues are there?
>Even better, is there a white paper explaining how a NAT works and answers
>these and other NAY-related issues?
>I tried checking the FAQ for this list, but foudn nothing.
>If such a doc exists, please send me the URL!
>John Burgess
>Predictive Systems, Inc.
>jtburgess @
 predictive .
>201-644-3019 x2057

Paul Ferguson                                           ||        ||
Consulting Engineering                                  ||        ||
Reston, Virginia   USA                                 ||||      ||||
tel: +1.703.716.9538                               ..:||||||:..:||||||:..
e-mail: pferguso @
 cisco .
 com                         c i s c o S y s t e m s

Indexed By Date Previous: TACACS SERVER
From: xmerino @ uio . satnet . net
Next: Re: cisco docs, user access
From: Paul Ferguson <pferguso @ cisco . com>
Indexed By Thread Previous: Re: Is a NAT invisible?
From: Blast <blast @ worldbit . com>
Next: Netscape Port
From: sameer @ wiproge . med . ge . com

Search Internet Search