JORGE RODRIGUEZ Fri, 09/25/2009 - 12:10
User Badges:
  • Green, 3000 points or more

One advantage is to hide your private IP scheme from external vendors connected to DMZ..

say your DMZ network is

and your inside is

DMZ vendor host needs to access host on inside network you can then use a 172.16.1.X address as NAT address for so DMZ will use 172.16.1.X to connect to host.

luciano_rangel Fri, 09/25/2009 - 12:21
User Badges:

Excuse-me but did not mention that had this concept, we would like to know is if there is some other advantage such as attacks

Thanks for help

JORGE RODRIGUEZ Fri, 09/25/2009 - 12:42
User Badges:
  • Green, 3000 points or more

Luciano, in your original post you had asked What are the security advantages to make NAT between DMZ and inside?? I gave you an answer that is commonly use in DMZs..

but in your second post you are asking something different.. NAT is a function of address translation and nothing else, NAT does not save you from network attacks such ip spoofing or sync attacks.

If I still missunderstand your first and second question PLS correct me.



This Discussion