NAT Security Options

In the advanced settings of WinRoute’s build 20 and above is a NAT security options menu that incorporates a silent mode. Silent Mode means that for incoming connection attempts, WinRoute can “drop” packets so that your network will appear invisible to the outside world.

NAT Security Options

Incoming ICMP echo request:

Internet Control Message Protocol (ICMP) is used by routers for sending control information across networks. Ping is one of the most commonly used utilities within ICMP and is used to test connectivity between nodes. In some cases you may want to drop ping requests. This can be configured in the packet filters, or more easily from the advanced security options.

Incoming packets with no entry in the NAT table:

When a packet arrives to a NAT'd interface, WinRoute checks the header against the NAT table. If the packet doesn't meet any port mapping criteria and there is no record of its existence, then WinRoute can be easily programmed to respond using either of the two following methods.

On Incoming UDP packets:

NAT logging options:

Within the advanced security dialog is the ability to record information of packets arriving to the WinRoute firewall that were not originally requested by someone from inside the LAN. This is useful for detecting port scans and incoming connection attempts to unauthorized services.

Logging incoming packets with no entry in the NAT table:

WinRoute offers two options for logging TCP packets that aren’t in the NAT table.

Logging to a file or window: