[Techtalk] To NAT or not to NAT?
Michelle Murrain
tech at murrain.net
Wed Nov 13 12:43:11 EST 2002
For years I've set up networks using NAT. I think initially because
I'd read it was more secure, and at the time, I guess it was
convenient. So, it is what I know how to do, now. I know huge tons
more about security now, and a fair bit more about networks, and I'm
realizing that maybe I don't need NAT.
Right now, I have a frac T1 with 32 IP addresses assigned to me. I'm
running (for now, soon to upgrade because it has a 512K bandwidth
limit) a Cisco 805 router. I'm kinda new to Cisco routers, and am
learning a lot about them. But I'm really an IOS newbie.
So my questions are as follows:
Obviously, I'm going to use NAT for machines in my internal network
that aren't servers. But in terms of the servers, what are the real
advantages of NAT besides "security by obscurity" which I know isn't
sufficient, and, right now isn't necessary, since I'm using IOS
access lists as well as ipchains/tables on my servers?
And, is converting from NAT to "notNAT" as simple as changing the IP
address on a server? Are there changes in the config of the router I
need to do (except getting rid of the NAT translation)?
Thanks!
--
.Michelle
--------------------------
Michelle Murrain, Technology Consulting
tech at murrain.net http://www.murrain.net
413-253-2874 ph
413-222-6350 cell
413-825-0288 fax
AIM:pearlbear0 Y!:pearlbear9 ICQ:129250575
"A vocation is where the world's hunger & your great gladness meet."
Frederick Buechner
More information about the Techtalk
mailing list