NAT Security Question

tommyboy180 · Feb 22, 2010, 9:46 AM

When I disable a Firewall exception but leave a NAT entry for an internal device am I less secure than removing the unused NAT entry?

The reason I ask is I am wondering if its still possible to map internal addresses even though a Firewall Exception may not exist but a NAT entry is still in place.

Thank you.

danswartz · Feb 22, 2010, 4:46 PM

What do you mean by "firewall exception"?

Efonnes · Feb 22, 2010, 5:11 PM

If you have no firewall rules that would let it through, then it won't let it pass. If you still have the port forward enabled, you will see the port forward's target in your firewall log instead of your WAN IP address. Either way, it is going to block it when you don't have anything defined to let it pass.

tommyboy180 · Feb 25, 2010, 12:56 AM

Cool. Thank you.