NAT firewall: all you need to know

Posted on 19th May 2021

Getting results from your search engine seems as easy as a piece of cake; however, it isn’t really so. In fact, there are tons of tools that you cannot see that check your traffic and make sure your network is secure enough. NAT firewall or the Network Address Translation is one of such tools. It might be invisible to you, but it’s working hard to keep your network secure and check your traffic. Now, you will be even more surprised- most likely, you have this tool on your router.

Before you go deep into it, you should realize what a firewall, in fact, is and whether you need it or not. Here is the easiest explanation: A firewall is a sort of a secretary for your computer. Just assume that your PC is a director having a secretary that sorts the PC’s mail and delivers only the mail the director wants to receive.

When browsing websites, watching movies, or just sending emails, you send specific requests for information to various servers of the websites. A firewall is situated between your local network and a large one. It sorts all information out and makes sure that the incoming information matches the outcoming requests. If it doesn’t, such information is discarded.

You know how much malicious software there is all over the web. Therefore, your firewall protects you from being compromised by it.

 Types of firewalls

There are different firewalls, and they can be divided into three categories:

• Software;
• Hardware;
• Cloud-based.

Naturally, different firewalls use different methods of sorting the information out. It means that their reliability is also different.

 What is a NAT?

Network Address Translation or NAT would be a solution to the problems caused by the IPv4 protocol. There is a lack of IP addresses. Before, it was believed that 4.3 billion of them would be enough for everyone who can be connected to the Internet.

Later, it became understandable that all those billions of people on earth might use multiple devices. Therefore, we lack IP addresses.

What is NAT firewall?

A NAT or Network Address Translation firewall protects private networks right in routers. It allows traffic to go through in case some device requested it on the network. It also protects the network identity. Moreover, your internal IP address cannot be seen on the internet.

Each router is provided a single public IP address when being connected to the internet. It is necessary to communicate with servers, and it is visible to a larger network. All devices linked to the router have their personal IP addresses. Those addresses don’t let them communicate directly with any web server. NAT firewall sends traffic in different directions.

How it works

If you wonder how a Network Address Translation firewall works, you should know that your device sends a request to a web server. This can be reached by delivering data packets. They include some specific data, such as the IP addresses of the sender and receiver, port numbers, and the requested information itself. A router passes the traffic with a NAT firewall.

The data packets’ private IPs are changed to the public ID of the router by the NAT firewall. The change is noted and added to the forwarding table of the NAT. After reaching the webserver, data packets get the necessary information.

That information goes back to the router. NAT returns the data to the device that made a request. If it didn’t do it, the same data would be received by all devices linked to the router. A forwarding table is used to define which of the devices requested that information.

Now, the public IP of the data packets is changed back to the previous private IP, and data packets are sent to the necessary device.

Does NAT protect you?

The NAT isn’t a safety tool and wasn’t intended to be, but it is a hardware tackle. It really protects users by hiding the IP addresses of all gadgets on your network from outside and providing them with a single IP address.

It makes sure that a particular device really asks for all incoming information. It rejects a malicious packet in case it isn’t listed as an expected communication. Some firewalls block undesired outgoing traffic by whitelisting. Therefore, even if you somehow contact malware, it will be prevented from contacting your device.

However, there are more proficient attacks, and they can break through. Those can use social engineering or phishing methods. Thanks to NAT, it is not that easy to access your computer for each hacker by finding out your IP address.

NAT and VPN

There is a belief that you shouldn’t use a VPN along with a NAT. Is that true, and why then?

A VPN is intended to encrypt your traffic before reaching the Internet. If you want your NAT to do what it has to, it should know something about that traffic. The VPN protocols are outdated and don’t allow NAT to get enough information. Thus, they can be simply blocked. If you don’t want to face that issue, make sure your router has a VPN pass-through.

Fortunately, most of them have such go-throughs; however, if yours doesn’t, the most popular VPNs currently offer more improved protocols that don’t cause such problems.