How NAT improves the security of Network?

Network Address Translation (NAT) is used to convert a private IP address into a public IP address and also a public IP address into private IP address. We use NAT due to the shortage of IP addresses.

IP Version 4 is a 32- bit address and it has almost 4.3 billion IP addresses, but the population of the world is much higher and it is approximately 7.8 billion as of the latest reports of June 2020.

Most of them use multiple gadgets and devices like smartphones, laptops, tablets, and many more for accessing the internet for various needs. All these devices need an IP address.

So, 4.3 billion of IP addresses is not sufficient for more than 7.8 billion of people using , that is the reason why we are using NAT. NAT is used to convert a private IP address onto public and public IP address into private.

Now let us try to understand how NAT is more useful to improve the security of network:

If your network is NAT enabled one that means your Local area IP address (Private IP address) is under Mask.

This means, no one else from outside cannot easily identify which IP address is connected to your PC or local side machine.

This will help in terms of network means when attackers try to focus on your PC from the outside world to attack.

They cannot judge your machine IP address if your network is Nat enabled. Because they could see only the Public IP address. Private IP address is hidden due to Network address translation.

However, NAT is not a 100% secure mechanism that makes our network more secure. That is why we are adding Firewall along with NAT.

Working Example

Given below is a working example of NAT −

In this above example

Fa0/1 is configured for Local/Inside (LAN) and Fa0/0 is configured with outside.

Local side PC are connected with the following IP address,, with gateway

Outside Fa0/0 Ip address is configured with IP address

Consider the steps given below −

Step 1 − So if you need to configure NAT we need to first create access list

need to first create access list

Step 2 − Create NAT with OVERLOAD

IP NAT inside source list 1 interface FastEthernet0/0 overload

Step 3 − Interface configuration

Interface FastEthernet0/0

  • Description − Connected to OUTSIDE IP
  • Bandwidth : 50000
  • IP address:
  • IP NAT outside
  • IP virtual-reassembly
  • Duplex auto
  • Speed auto

Interface FastEthernet0/1

  • Description − Connected to INSIDE
  • IP address:
  • IP NAT inside
  • IP virtual-reassembly
  • Duplex auto
  • Speed auto

Updated on: 15-Sep-2021


Kickstart Your Career

Get certified by completing the course

Get Started