Did you think that getting results from a search engine is as simple as connecting from A to B, from your device to a web server? No, multiple hidden tools check your traffic and ensure your network’s security. One such tool is the Network Address Translation or NAT firewall, which you most likely have on your router. Read on to find out more about NAT and whether it affects your VPN connection.
To understand what Network Address Translation (NAT) firewall is, we first need to understand what a firewall is and what it does. The simplest analogy to explain it is this: if your computer is a busy CEO, then a firewall is the CEO’s secretary. He or she sorts the mail and makes sure that the only mail that gets through is the mail that the CEO actually wants to get through.
When you browse online, send emails, or watch movies online, you send requests for information to specific website servers. The firewall stands in between your local network and the wider net. The firewall compares the information that’s returning with the information you requested – everything that’s a match gets through, and everything that it can’t recognize is discarded. This way, the firewall protects you from uninvited malicious internet traffic that might otherwise try to compromise your system.
There are different types of firewalls, which can be split into three categories – software, hardware, and cloud-based solutions. Different firewalls also apply different filtering methods, which make them more reliable than others. To find out more about firewalls and filtering methods, read our “What is a firewall?” post.
NAT stands for Network Address Translation. It was invented to solve a problem presented by the IPv4 protocol – a shortage of IP addresses. Back in the day, IPv4’s founders thought that 4.3 billion IP addresses would be sufficient for all internet-connected devices. However, considering that there are over 7 billion people in the world and many of us have more than one device, it’s evident that we don’t have enough.
A Network Address Translation (NAT) firewall operates on a router to protect private networks. It works by only allowing internet traffic to pass through if a device on the private network requested it. A NAT firewall protects the identity of a network and doesn’t show internal IP addresses to the internet.
This is because, when connected to the internet, your router is assigned a single public IP address. It’s visible to the wider net and is needed to communicate with web servers. Any devices connected to the router locally have private IP addresses, which do not allow them to directly ‘communicate’ with the required web servers. This is where NAT comes into play – it directs traffic back and forth.
For more information, check out our YouTube video, explaining how NAT firewalls work:
The NAT works as a hardware firewall solution, even though it’s not a security tool by design. So how does it protect you?
More sophisticated attacks can make it through, especially ones that employ phishing or social engineering methods. However, that doesn’t mean you shouldn’t use one. Without an NAT, it would be simple for any amateur hacker to access your computer simply by learning your IP address.
Some argue that a VPN shouldn’t be used with an NAT. Why? A VPN encrypts your traffic before it reaches the internet, making it indecipherable. The NAT needs to know some information about that traffic to do its job. Outdated VPN protocols (PPTP and IPSec) don’t give enough information to the NAT and can be blocked as a result. To solve this problem, your router needs a VPN passthrough.
The good news is that most routers have built-in VPN passthroughs. Even if they don’t, most popular VPN providers offer more advanced protocols that do not require passthroughs. NordVPN, for example, no longer uses these outdated protocols and even uses built-in NAT firewalls on its servers.
Try NordVPN now with a 30-day money-back guarantee!