[Shorewall-users] When to use one-to-one NAT?

Dan Delaney dan1 at fluidmind.org
Thu Mar 11 07:12:45 PST 2004

Hi all. The Shorewall documentation states:

"If all you want to do is forward ports to servers behind your 
firewall, you do NOT want to use one-to-one NAT. Port forwarding can 
be accomplished with simple entries in the rules file. Also, in most 
cases Proxy ARP provides a superior solution to one-to-one NAT 
because the internal systems are accessed using the same IP address 
internally and externally."

What it does not include is, when SHOULD you use one-to-one NAT? Are 
there situations where one-to-one NAT is a better choise than basic 
port forwarding or Proxy ARP?


More information about the Shorewall-users mailing list