NAT Firewall add-on
Add a basic packet filter to your VPN connection.
Summary:
Astrill's NAT Firewall blocks outside hosts from creating unsolicited connections to your host. In this article, we discuss how Astrill bypasses traditional wireless router features and how Astrill's NAT Firewall restores protections offered by those features.
Astrill's NAT Firewall VPN feature is a packet filter that stops third parties from connecting to your Astrill-connected system. This filter prevents malicious or corrupted Internet traffic from reaching your system. Such traffic is commonly used to find bugs in software that can be used to take control of your machine. To understand how our NAT Firewall works, let's first look at how your wireless router works.
What is NAT (Network Address Translation)?
If you have a wireless router at home, you probably connect to it with more than one device. Many people have one or more computers, a phone, and maybe even a gaming system all connected to their wireless router. Because your ISP only gives you one IP address, your wireless router has to figure out how to share that IP address with multiple devices. Your router uses NAT (Network Address Translation) to transform one public IP address to many private IP addresses.
One side effect of NAT is that it protects your home network from a lot of harmful traffic:
Malicious hackers on the Internet cannot reach your systems because the address translation only works for traffic initiated by your system.
The NAT acts like a very rudimentary firewall, blocking inbound traffic unless it is in response to some previous outgoing traffic.
Since your system is not constantly sending out requests for malicious traffic, NAT doesn't allow that traffic to get to you.
Why would I need a NAT Firewall with Astrill?
When you connect to Astrill, we give your system a public IP address reachable by anyone on the Internet.
Your Astrill IP address is not private, and the VPN tunnels through your wireless router's NAT protections. Malicious hackers can send bad packet data to this public IP and your system will accept it - your wireless router cannot stop it since Astrill is delivering the traffic over your secure connection.
Astrill's NAT Firewall service functions just like your wireless router's NAT feature.
It does not allow unexpected malicious traffic to reach your Astrill IP address.
It will only let through Internet packets that respond to traffic initiated by your system, and that makes your system much less likely to get hacked.
Protect your system from unauthorized access while using Astrill.