Tweet
To NAT or not to NAT...
OK, first some background:
I have a 24/7 512/256kbps ADSL connection with 8static IPs. Now only 6of them are usable. Three are statically assigned to my network, and the remainder are dished out by the router, Netgear DG815, via DHCP.
Machine one: My rig – see sig for specs
Machine two: The ‘girlie’ rig - K6-2 500, G100 running XP Pro.
Machine three: The server - P2 350, G100 running slackware 8.1
Ok, so here’s the dilemma.
I am wanting to set up a MS based http/file server with some VPN action and also a dedicated CounterStrike server for some of my mates.
Now I can just about do that now, but I have to forward enough ports for me to question if it is worth keeping NAT. By enabling NAT I of course loose all of my internet valid IPs. If I disable it, then my entire network is both visible and vulnerable to the outside world – with the exception of the server. Rugger made such a good job in configuring it so that even my computer still refuses to believe that it exists.
I don’t know much about MS security. A quick ‘netstat –a’ is horrifying. If I disable NAT then I need to close some ports or at least hide them with a software firewall. I would also need to do this on all three of my machines.
Have any of you considered doing something similar?
Is it best to keep NAT and configure it properly?
Any advice???
TIA!
I have a 24/7 512/256kbps ADSL connection with 8static IPs. Now only 6of them are usable. Three are statically assigned to my network, and the remainder are dished out by the router, Netgear DG815, via DHCP.
Machine one: My rig – see sig for specs
Machine two: The ‘girlie’ rig - K6-2 500, G100 running XP Pro.
Machine three: The server - P2 350, G100 running slackware 8.1
Ok, so here’s the dilemma.
I am wanting to set up a MS based http/file server with some VPN action and also a dedicated CounterStrike server for some of my mates.
Now I can just about do that now, but I have to forward enough ports for me to question if it is worth keeping NAT. By enabling NAT I of course loose all of my internet valid IPs. If I disable it, then my entire network is both visible and vulnerable to the outside world – with the exception of the server. Rugger made such a good job in configuring it so that even my computer still refuses to believe that it exists.
I don’t know much about MS security. A quick ‘netstat –a’ is horrifying. If I disable NAT then I need to close some ports or at least hide them with a software firewall. I would also need to do this on all three of my machines.
Have any of you considered doing something similar?
Is it best to keep NAT and configure it properly?
Any advice???
TIA!
)
- if these 'legacy' systems could cope with a fair level of demand it would make my life easier
Comment