Did you think that getting results from a search engine is as simple as connecting from A to B, from your device to a web server? No, multiple hidden tools check your traffic and ensure your network’s security. One such tool is the NAT firewall, which you most likely have on your router. Read on to find out more about NAT and whether it affects your VPN connection.
To understand what NAT firewall is, we first need to understand what a firewall is and what it does. The simplest analogy to explain it is this – if your computer is a busy CEO, then a firewall is the CEO’s secretary. He or she sorts the mail and makes sure that only mail that the CEO actually wants gets through.
When you browse the internet, send emails or watch movies online, you send requests for information to specific website servers. The firewall stands in between your local network and the wider net. The firewall compares the information that’s returning with the information you requested – everything that’s a match gets through, and everything that it can’t recognize is discarded. This way, the firewall protects you from uninvited malicious internet traffic that might otherwise try to compromise your system.
There are different types of firewalls, which can be split into three categories – software, hardware and cloud-based solutions. Different firewalls also apply different filtering methods, which makes them more reliable than others. To find out more about firewalls and filtering methods, read our “What is a firewall?” post.
NAT stands for Network Address Translation. It was invented to solve a problem presented by the IPv4 protocol – a shortage of IP addresses. Back in the day, IPv4’s founders thought that 4.3 billion IP addresses would be sufficient for all internet-connected devices. However, considering that there are over 7 billion people in the world and many of us have more than one device, it’s evident that we don’t have enough.
If the firewall is a secretary, the NAT firewall is a secretary that sorts mail for multiple recipients at a single office address. Your router that connects to the internet is assigned a single public IP address. It’s visible to the wider net and is needed to communicate with web servers. Any devices connected to the router locally have private IP addresses, which do not allow them to directly ‘communicate’ with the required web servers. This is where NAT comes into play – it directs traffic back and forth.
This is how NAT works:
For more information, check out our YouTube video, explaining how NAT firewalls work:
The NAT works as a hardware firewall solution, even though it’s not a security tool by design. So how does it protect you?
More sophisticated attacks can make it through, especially ones that employ phishing or social engineering methods. However, that doesn’t mean you shouldn’t use one. Without an NAT, it would be simple for any amateur hacker to access your computer simply by learning your IP address.
Some argue that a VPN shouldn’t be used with an NAT. Why? A VPN encrypts your traffic before it reaches the internet, making it indecipherable. The NAT needs to know some information about that traffic to do its job. Outdated VPN protocols (PPTP and IPSec) don’t give enough information to the NAT and can be blocked as a result. To solve this problem, your router needs a VPN passthrough.
The good news is that most routers have built-in VPN passthroughs. Even if they don’t, most popular VPN providers offer more advanced protocols that do not require passthroughs. NordVPN, for example, no longer uses these outdated protocols and even uses built-in NAT firewalls on its servers.
Try NordVPN now with a 30-day money-back guarantee!