NAT Firewall: Add a basic packet filter to your VPN connection

Services affected: VyprVPN

Summary

Golden Frog's NAT Firewall blocks outside hosts from creating unsolicited connections to your host. In this article, we discuss how VyprVPN bypasses traditional wireless router features and how Golden Frog's NAT Firewall restores protections offered by those features.

Golden Frog's NAT Firewall VPN feature is a packet filter that stops third parties from connecting to your VyprVPN-connected system. This filter prevents malicious or corrupted Internet traffic from reaching your system. Such traffic is commonly used to find bugs in software that can be used to take control of your machine. To understand how our NAT Firewall works, let's first look at how your wireless router works.

What is NAT (Network Address Translation)?

If you have a wireless router at home, you probably connect to it with more than one device. Many people have one or more computers, a phone, and maybe even a gaming system all connected to their wireless router. Because your ISP only gives you one IP address, your wireless router has to figure out how to share that IP address with multiple devices. Your router uses NAT (Network Address Translation) to transform one public IP address to many private IP addresses. Wikipedia has more technical information on how NAT works.

One side effect of NAT is that it protects your home network from a lot of harmful traffic:

  • Malicious hackers on the Internet cannot reach your systems because the address translation only works for traffic initiated by your system.
  • The NAT acts like a very rudimentary firewall, blocking inbound traffic unless it is in response to some previous outgoing traffic.
  • Since your system is not constantly sending out requests for malicious traffic, NAT doesn't allow that traffic to get to you.

Why would I need a NAT Firewall with VyprVPN?

When you connect to VyprVPN, Golden Frog gives your system a public IP address reachable by anyone on the Internet.

  • Your VyprVPN IP address is not private, and the VPN tunnels through your wireless router's NAT protections.
  • Malicious hackers can send bad packet data to this public IP and your system will accept it - your wireless router cannot stop it since VyprVPN is delivering the traffic over your secure connection.

Golden Frog's NAT Firewall service functions just like your wireless router's NAT feature.

  • It does not allow unexpected malicious traffic to reach your VyprVPN IP address.
  • It will only let through Internet packets that respond to traffic initiated by your system, and that makes your system much less likely to get hacked.

Protect your system from unauthorized access while using VyprVPN. .