Re: Does ICS or Firewall have a NAT

Descartes wrote:
>> Yes, ICS uses NAT.
>>
>> What do you mean by "static mapping"? What exactly do you want to
>> do? --
> Well I read somewhere, that a NAT creates a mapping of an intranet
> computers request out to the Internet. When a response arrives from
> the internet, the NAT looks in its mapping, to which intranet
> computer it should forward the response. This mapping is created
> dynamically and deleted when not needed anymore. The side effect of
> this is that the NAT actually works as a kind of fire wall neglecting
> all inbound traffic for which it does not have a mapping. This is all
> OK and does not require static mapping. But, if I would set up a server
> (on the intranet) to be accessible
> from the Internet, the NAT would need a static (persistent) mapping
> to know to which computer forward the requests coming from the
> Internet and addressed to the server.
> Please correct me if this doesn't make sens at all.
>
> Best reagrds
> Descartes
>
>> Best Wishes,
>> Steve Winograd, MS-MVP (Windows Networking)
>>
>> Please post any reply as a follow-up message in the news group
>> for everyone to see. I'm sorry, but I don't answer questions
>> addressed directly to me in E-mail or news groups.
>>
>> Microsoft Most Valuable Professional Program
>> http://mvp.support.microsoft.com

Yes, ICS can do what you want. A stand alone router is a better idea for a
couple of reasons.

1) Using ICS the gateway computer is dirctly exposed to the Internet on the
public interface. A router will give all computers some level of protection
from malware. ICS will give all the other computers this level of protection
but the computer running ICS will still be exposed.

2) The computer running ICS must be on for the other computers to access the
Internet. The computer running ICS will run slower because of ICS. You may
or may not notice this depending what else the computer is used for.

Kerry


.

Relevant Pages

  • Re: IP address assignment for VPN computers
    ... To connect a windows 2000/2003 network to the Internet, you may use one of two methods: ICS and NAT. ... ICS is designed to provide a single step of configuration on the computer running Windows 2000/2003 to provide a translated connection to Internet for all of the hosts on the network. ...
    (microsoft.public.windows.server.networking)
  • Re: Does ICS or Firewall have a NAT
    ... that a NAT creates a mapping of an intranet ... >>> computers request out to the Internet. ... > I agree that a router is usually better than ICS, ...
    (microsoft.public.windowsxp.network_web)
  • Re: ZA problems (surprise)
    ... meant to imply it's a known issue if you are running NAT... ... Internet zone security level to "High," the computer running ICS will be ... > ZAP installs were corrupted (ie. installing ZAP over ZA or some other ...
    (comp.security.firewalls)
  • Re: Does ICS or Firewall have a NAT
    ... >>>A friend of mine said that there's a NAT functionality built into the ICS ... that a NAT creates a mapping of an intranet computers ... >request out to the Internet. ... the Windows Firewall to forward the desired traffic to a specific port ...
    (microsoft.public.windowsxp.network_web)
  • Re: Does ICS or Firewall have a NAT
    ... >>> Yes, ICS uses NAT. ... that a NAT creates a mapping of an intranet ... ICS can do what you want. ... I agree that a router is usually better than ICS, ...
    (microsoft.public.windowsxp.network_web)
Loading