09-25-2009 10:11 AM - edited 03-11-2019 09:19 AM
What are the security advantages to make NAT between DMZ and inside??
Thanks a lot
09-25-2009 12:10 PM
One advantage is to hide your private IP scheme from external vendors connected to DMZ..
say your DMZ network is 172.16.1.0/24
and your inside is 192.168.1.0/24
DMZ vendor host 172.16.1.50 needs to access host on inside network 192.168.1.10 you can then use a 172.16.1.X address as NAT address for 192.168.1.10.. so DMZ will use 172.16.1.X to connect to 192.168.1.10 host.
09-25-2009 12:21 PM
Excuse-me but did not mention that had this concept, we would like to know is if there is some other advantage such as attacks
Thanks for help
09-25-2009 12:42 PM
Luciano, in your original post you had asked What are the security advantages to make NAT between DMZ and inside?? I gave you an answer that is commonly use in DMZs..
but in your second post you are asking something different.. NAT is a function of address translation and nothing else, NAT does not save you from network attacks such ip spoofing or sync attacks.
If I still missunderstand your first and second question PLS correct me.
Regards
09-28-2009 05:47 AM
It's all right, Thanks a lot.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: