• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 8.7. Connection Sharing > Configuring Inbound Connections

Configuring Inbound Connections

NAT is normally used only for requests that originate on your internal network for the Internet. For example, a Web browser requests a new HTML page from a Web server. The NAT server directs the returned page to a client based on the outbound request. But what if you want Internet users to have access to services on your internal network (for example, hosting a Web server on your intranet that is accessible from the Internet as well)?

Security is a Concern with Inbound Connections

NAT provides limited security by not allowing access to the internal network by any packet that is not in response to a request that originated on the internal network. When you configure inbound connections, you are allowing requests that originate on the Internet to access your internal network. Inbound connections open specific ports on the outside interface of the NAT server and map them to specific ports on an internal network server. For example, you might map port 8080 on the external interface to port 80 on a specific Web server inside your network. Security on the internal server is the only security imposed on usage of these ports. Because the packet is already inside your network at that point, this is a security concern. Remember that each external port that you map to an internal port punches another hole in your NAT server and is another way for a hacker to try to invade your network.



PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint