SnapGear 2.0.1 User Manual

Network Connections

48

Figure 3-9

Network Address Translation (NAT/masquerading)

The CyberGuard SG appliance can utilize IP Masquerading (a simple form of Network
Address Translation, or NAT) where PCs on the local network effectively share a single
external IP address. Masquerading allows insiders to get out, without allowing outsiders
in. By default, the Internet port is setup to masquerade.

Masquerading has the following advantages:

•

Added security because machines outside the local network only know the

gateway address.

•

All machines on the local network can access the Internet using a single ISP

account.

•

Only one public IP address is used and is shared by all machines on the local

network. Each machine has its own private IP address.

Note

It is strongly recommended that you leave Enable NAT on Internet Interface checked.

On SG570 and SG575 models, you may set up masquerading relationships between the
LAN, DMZ and Internet ports.