Development And Design Of The VPN Gateway Goes Through NAT

Virtual Private Network (VPN) is a network that uses the Internet or other network service as its backbone, and uses the security tunnel to simulate one exclusive line communication from point to point. In a VPN, so many filiales can connect each other if the enterprise rents the local connections to an Internet service provider (ISP) only. Using a virtual private network (VPN) to connect to enterprise networks has opened up a new world of flexible, cheaper, ease to manage etc.. The VPN will be adopted to build the enterprise WAN more and more in future.Network Address Translation was developed to make more efficient use of Internet Protocol (IP) addresses. NAT has subsequently gained popularity as a security mechanism and as a means of allowing many computers to share the same IP address. You may encounter NAT in many networking devices such as firewall/security gateways, routers.But many network administrators have tried to set up a virtual private network (VPN) client from a workstation with a private IP address only to find out much frustration with the network address translation (NAT) on the Internet router keeps the VPN client from making the connection. NAT can break the VPN tunnel. NAT changes the network IP address of a packet (and checksum values), whereas the tunneling, used by an IPSec or L2TP VPN gateway, encapsulates/encrypts the network IP address of a packet with another network IP address. This makes a trouble in compatible VPN with NAT.In this paper, I introduced the basic concept about the technology of VPN, NAT and the background, and introduced the application up to the minute, analysed the VPN and fireware products maded by the two famous companies. Tested the incompatible in VPN and NAT by building a virtual simulate circumstance, and found out the reason from theory. Based on that, I developed a new VPN gateway which is ease to manage and config to solve the incompatible VPN and NAT. I have discussed the design and IPSec in this paper. In the end, I analysed the infection of IPV6 standard and development in future.