NAT and firewalls determine how Internet traffic is routed to your computers, phones and other devices. These technologies facilitate peer-to-peer filesharing, VoIP calling, and other Internet-based communications. In this blog, we'll cover what NAT and firewalls are, and how they can impact your daily Internet activities.
NAT & Firewall Traversal: What Are They?
Network Address Translation (NAT): Switching Addresses
Network Address Translation (NAT) is a technology found on routers that helps direct Internet traffic to the right destination.
Everything on the Internet is delivered in packets, each one containing information about its source and destination in the form of IP addresses. Public IP addresses are typically assigned to entire networks, like the one in your office. This public IP address is accessible to anyone on the Internet. Private IP addresses, on the other hand, are assigned to individual devices on your local network. For example, each of your VoIP phones or computers will have its own IP address. These IP addresses are not visible to users outside your network.
A router uses NAT to 'translate' a public IP address into a private IP address for incoming traffic, and vice versa for outgoing traffic. It accomplishes this by rewriting the headers of data packets so that they have the correct IP address to reach the proper destination.
Firewalls: Filtering Out Bad Traffic
Firewalls are network security systems found on routers, computers, and other devices connected to the Internet. A firewall helps protect a network from hackers, viruses, and malicious applications.
Specifically, firewalls keep unwanted traffic from entering, or leaving, a network. A firewall inspects the packet headers of incoming traffic, and rejects the ones that appear undesirable or harmful. Unlike NAT, firewalls do not rewrite information within the packet itself. Once a packet has passed inspection successfully, it can continue on to its intended destination.
Better Network Security
Firewalls act more as gatekeepers, whereas NAT acts more like a translator. Both technologies are intended to add extra security to your local network. By maintaining private IP addresses for each of your devices and inspecting all incoming and outgoing packets, these technologies make it difficult for outside parties to illegally hack into or access your network.
When they work properly, and in harmony, NAT and firewalls vet insecure and indecipherable packets. They only let the packets pass when they make sense, and pose no threat to, the computers and devices on your local network.
NAT or Firewall Traversals for Business VoIP
In some cases, benign traffic can accidentally get rejected or mishandled by a NAT or firewall. When this happens, the packets are "dropped", and the quality of your Internet connection is diminished. This can result in inconsistent Internet speeds, choppy audio on VoIP calls, or buffering video feeds.
Unfortunately, NAT and firewalls often cause issues with SIP-based phone systems. If you're using a business VoIP service, this means you may need to change some settings on your phones, routers, or other devices in order for your calls to be properly connected.
There are two types of workarounds for NAT- and firewall-related issues: client-side solutions, which are implemented by you on your local network, and server-side solutions, which are handled by your service provider. These solutions are called NAT traversal or firewall traversal technologies, because they circumvent NAT or firewalls to deliver your packets successfully.
If your provider uses a server-side solution, they may ask you to turn off certain technologies on your VoIP phones, including SIP ALG (Application Layer Gateway), SIP SPI (Stateful Packet Inspection), and SIP Transformations. These settings can typically be found and updated in the web user interface of your router. If you are unsure, please consult with your service provider and firewall manual for more details.
NAT & Firewalls: Security First
NAT and firewall traversals might seem like obscure issues if you're not used to dealing with networking. But successful workarounds are key for a fast and reliable Internet connection if you employ a cloud phone system. Internet security is an issue that every business owner can get behind, regardless of background.
If you're using Internet applications such as group video conferencing, find out what settings your service provider recommends for NAT and firewall traversals. Your choppy Internet connection might just come down to a router setting that can be updated in a few minutes. You never know until you look.