Once upon a time, Joe Zeff <joe@xxxxxxx> said: > On 07/11/2013 11:12 AM, Chris Adams wrote: > >Use the firewall, ditch the NAT. NAT does not increase security over a > >firewall. In some cases, NAT prevents a user from accessing the > >Internet, rather than the other way around. > > Can you give a practical example, please. I've no reason to > disbelieve you, but I've also never run across such a case and would > like to see one. I've seen people with double-NAT issues before, where "special" protocols like FTP or game console can't traverse the double-NAT. Any newer attempted peer-to-peer protocol through an older NAT implementation that doesn't have ALGs for the protocol tends to fail (often in mysterious ways). IPsec through a NAT setup that doesn't have IPsec pass-through specifically enabled usually fails. I can't give you personal examples because I don't use NAT for my stuff. -- Chris Adams <linux@xxxxxxxxxxx> -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
