Take a scenario where there are two organizations. Organization 1 has an internet connection, which is shared by the users of the organization with a NAT device. Organization 2 has an internet connection, which is shared by the users of the organization by a proxy server. Let’s understand what happens in both the scenarios.
Assume that the default gateway address of the TCP/IP adapter setting of the users PC is configured with the IP address of the NAT device. At organization 1, when a user attempts to access a device on the internet through any protocol like HTTP, FTP, Ping, Telnet etc, the IP packet carrying the traffic would be sent to the default gateway and NAT applied on the packet. When NAT is applied, the source IP address of the IP packet generated by the user would be re-written with the IP address of the NAT device irrespective of the type of protocol. So all IP packets would be translated and most types of IP traffic can flow through NAT.
At organization 2, the default gateway configured on the TCP/IP adapter settings of the Users PC is the Proxy Servers IP address. Additionally, the browser is also configured with the Proxy Servers IP address. When a user initiates HTTP traffic ( Typing a URL on the browser ), the request would be sent to the Proxy server and the source IP address of the IP packet would be re-written with the Proxy Servers IP address. What would happen if the user tries to FTP or Ping a device which is on the internet? The request goes to the proxy server because the default gateway is the proxy servers IP address. But when the packet reaches the Server, it does not have the capacity to re-write the source, because the proxy server supports only packets carrying HTTP traffic. This is why also other packets apart from HTTP are dropped.
No comments:
Post a Comment