NAT Technical Reference

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

NAT Technical Reference

Network address translation (NAT) provides a method for translating the Internet Protocol version 4 (IPv4) addresses of computers on one network into IPv4 addresses of computers on a different network. A NAT-enabled IP router deployed at the boundary where a private network, such as a corporate network, meets a public network, such as the Internet, allows computers on the private network to access computers on the public network by providing this translation service.

The impetus initiating the development of NAT technology was the need to provide a temporary solution to the IPv4 address-depletion problem faced by the Internet community. The number of available globally unique (public) IPv4 addresses is far too few to accommodate the rapidly increasing number of computers that need access to the Internet. Although the long-term solution — the development of Internet Protocol version 6 (IPv6) addresses — exists, IPv6 is not yet widely adopted. NAT technology lets computers on any network use reusable private addresses to connect to computers with globally unique public addresses on the Internet.

In the Microsoft Windows Server 2003 and Microsoft Windows 2000 Server operating systems, the Routing and Remote Access service supports a NAT solution by allowing the optional configuration of a routing protocol component that provides network address translation. Computers on a private network can access a public network by means of a NAT-enabled router that runs the Routing and Remote Access service. All traffic leaving, or entering, the private network must travel by way of the NAT-enabled router. The Windows Server 2003 Routing and Remote Access service improves on the NAT routing protocol component provided by Windows 2000 Server by adding support for a basic firewall, which helps protect the public interface of a computer that is configured to provide NAT, and by enabling connected remote access clients to access the Internet.

In this subject