From a security perspective is to hide your internal network private Ip scheme and have a NAT address be expose instead of your internal addresses,other reasons is to be able to communicate to other networks via internet routable addresses, also used for overcoming overlapping networks etc..
I've heard these arguments before but something about them isn't very compelling. If my network is behind a firewall and I'm not using NAT, you still can't get to my internal net. The types of attacks i've seen that can get past firewalls apply to setups with or without NAT.
If I build conduits to internal boxes, whether I run NAT or not the boxes are potentially vulnerable to attacks via the port the conduit allows.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...