Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 17. Configuring Tunnels for Secu... > Hiding Internal Addresses from the I...

17.3. Hiding Internal Addresses from the Internet

If you go through all this trouble to make sure that your traffic is secure, you may also want to hide your internal addresses from the rest of the Internet. Hiding them goes beyond just filtering out the internal addresses by using routing policy. You can go so far as to pull them out of all the IP headers that exit your network (not just control packets).

To hide your internal addresses, you configure the local tunnel endpoint to use Network Address Translation (NAT). Whenever traffic comes into your tunnel endpoint router, the router rewrites the source address in the IP header to its own address before sending it through the tunnel. All other routers downstream of the endpoint then see the traffic as having come from the local endpoint.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint