![]() |
Reference Manual |
ABOUT Using NAT32 Version 2 on a stand-alone system.
This page gives an overview of the features that are new in Version 2. Of course, most of the features of Version 1.8 are still supported, many with functional improvements. A question and answer format is used, and links to further information are given in the SEE ALSO section.
I already have an external router, so what use is NAT32?
NAT32 Version 2 has numerous features that make it extremely useful on a single computer with one or more Internet connections and no private interfaces.NAT32 supports the simultaneous use of two or more Internet connections. This is something that no Windows version to date supports, and it means that you can choose to use none, one or more Internet connections with the click of a button. Multiple connections can be used evenly, or in accordance with several selectable algorithms (e.g. round-robin, best-capacity, application-type and so on).
NAT32 supports DNS black lists and white lists. This feature lets you block advertising and malware for any web site by adding keywords to a black list. Any URL that contains one of those keywords will resolve to a special IP address that actually redirects to the local NAT32 Honeypot. The keywords can be qualified by additional words in a white list, thus allowing accurate access control. The local honeypot gives the page you are viewing small, safe versions of what it asked for. For example, if the current web page requests a Javascript file from a black-listed site, the NAT32 Honeypot servess it a small, harmless script instead. Similarly, if the site requests an image file from a black-listed site, it gets just this placeholder image instead:
![]()
Finally, if the site requests HTML content, it gets just one short line of text: "(+)"NAT32 also supports a DNS grey list. This feature lets you block HTTPS connections to untrusted sites. Such connections are nearly always used for only one purpose: to bypass network firewalls. Of course, traffic to online banking sites, email servers and other trusted sites should always use HTTPS connections, so one would add those sites to the DNS white list.
The NAT32 honeypot saves you time and money, because undesirable content is not even downloaded to your computer in the first place. It also enhances privacy, because the site is never accessed by your computer, and your ISP's DNS server is not even contacted to do the DNS lookup.
NAT32 has fine-grained firewall functionality that is under your control, not Microsoft's. No matter how many Windows Firewall Policies are in place on your machine, NAT32 bypasses them all and applies only its own rules, i.e. rules that you have specified. NAT32 can do this because you gave it permission to install a low-level network driver over which Windows itself has no control. In addition, if Windows policies are allowing traffic that you don't want, you can block that traffic in NAT32 and there is nothing that Windows can do about it.
NAT32 supports a Software Access Point that lets your WiFi Adapter behave like a private router to which you can connect your mobile phone, Tablet or any other WiFi device. The connected devices have full Internet access via NAT32's Internet interfaces. Note that this feature is only available on Windows 7 and higher, and it works on Windows 7 Starter Edition too (unlike some other SoftAP products).
NAT32 supports the Windows RAS Server (Incoming Connections) and treats it as a private interface. Other computers on your router's network can set up a VPN connection to that server and NAT32 will then make your Internet connections available to all your VPN clients (with your permission of course).
NAT32 supports Bluetooth Personal Area Networks to which you can connect your mobile phone, PDA or other Bluetooth device. The connected devices have full Internet access via NAT32's Internet interfaces.
Doesn't Windows already support multiple simultaneous Internet connections?
No, not in the way NAT32 does. Windows will monitor an Internet connection and switch to another one when it notices that the present connection has failed. It will then stick with that connection for as long as it seems to be working. Meanwhile, the other connection may once again be functional, but even if it is a better connection than the present one, Windows will not switch back to it unless the present connection fails. In no case does Windows ever use both connections at the same time. The user has no control over the connection switching process, and Windows may switch to an expensive, slow WWAN connection without even asking you.
Download, ReadMe, Configuration, Reconfiguration, Security and Privacy