[Techtalk] To NAT or not to NAT?

Michelle Murrain tech at murrain.net
Wed Nov 13 12:43:11 EST 2002

For years I've set up networks using NAT. I think initially because 
I'd read it was more secure, and at the time, I guess it was 
convenient. So, it is what I know how to do, now. I know huge tons 
more about security now, and a fair bit more about networks, and I'm 
realizing that maybe I don't need NAT.

Right now, I have a frac T1 with 32 IP addresses assigned to me. I'm 
running (for now, soon to upgrade because it has a 512K bandwidth 
limit) a Cisco 805 router. I'm kinda new to Cisco routers, and am 
learning a lot about them. But I'm really an IOS newbie.

So my questions are as follows:

Obviously, I'm going to use NAT for machines in my internal network 
that aren't servers. But in terms of the servers, what are the real 
advantages of NAT besides "security by obscurity" which I know isn't 
sufficient, and, right now isn't necessary, since I'm using IOS 
access lists as well as ipchains/tables on my servers?

And, is converting from NAT to "notNAT" as simple as changing the IP 
address on a server? Are there changes in the config of the router I 
need to do (except getting rid of the NAT translation)?


Michelle Murrain, Technology Consulting
tech at murrain.net     http://www.murrain.net
413-253-2874 ph
413-222-6350 cell
413-825-0288 fax
AIM:pearlbear0 Y!:pearlbear9 ICQ:129250575

"A vocation is where the world's hunger & your great gladness meet." 
Frederick Buechner

More information about the Techtalk mailing list