User Guide
Consequences of
NA(P)T on layers
STPro solutions
16 Network Security - NAT & PAT
198 / 288
3EC 36231 ABAA TCZZA Ed. 01
The NA(P)T feature comes at the expense of the STPro
transparency. This because a number of protocols that are layered
on top of either TCP/IP or UDP/IP do not adhere to the ISO/OSI
reference model.
Note: The ISO Open Systems Interconnection (OSI) reference model promotes
the layered implementation of communications protocol stacks. Layers from
protocol stacks implemented according to this model can be changed without
affecting the upper or lower layers.
An important consequence is that changing IP addresses or
TCP/UDP ports via NA(P)T affects the other layers as well.
Due to these changes, applications that are the ultimate
consumers of the protocols cannot decode the information
correctly anymore.
The STPro offers some solutions to cope with this situation.
Basically these solutions boil down in transporting Public IP
addresses transparently through the STPro towards a device
where a more advanced NAT and/or PAT can be performed.
Some solutions are described in the following paragraphs:
ATMF25.6 (if equipped)
Via the PPPoAtoPPTP Relay
PPPtoDHCP Spoofing.