Internet Gateway CapabilityWith no reconfiguration of network applications, the Network Address Translation (NAT) feature provides optimized and transparent Internet access for all computers on your private network.
Out of the box Internet Sharing for
up to 1000 computers on your private network(s) — with
Complete Internet Gateway SupportThe InJoy Firewall is pre-configured to deliver secure NAT routing for your internal network. Simply install the InJoy Firewall on the computer with the Internet connection and configure the internal LAN clients to use the Firewall PC as their Default Gateway.
By default, the InJoy Firewall is configured
(but not limited) to provide NAT for
the well-known reserved ranges of internal IP addresses:
NAT works transparently, regardless of the operating system and the connection type. It supports almost all Internet protocols, including NAT-challenged protocols such as ping, traceroute, IRC DCC and FTP.
InJoy NAT operates in full accordance with the chosen Firewall
security policy and it is tested for compatibility with IPSec
NAT-Traversal, PPPoE and PPTP.
Comprehensive real-time statistics for the internal LAN clients is available through the NAT monitor of the InJoy firewall GUI:
|Simple DHCP Server (plugin)||
Configuring a full-blown DHCP (Dynamic Host
Configuration Protocol) Server can be complicated
and may require more time, then the benefit of having it might justify.
To simplify the
task, the InJoy Firewall includes an extremely simple
DHCP Server Plugin, supporting assignment of all the basic
The DHCP Server installs seamlessly and is shipped with fully
functional default values — just waiting to be enabled.
|With DHCP enabled... it suffices to enable the "Obtain an IP address automatically" in the TCP/IP configuration on the private network. The DHCP Server then takes over the responsibility of assigning the TCP/IP parameters, significantly lowering the task of network maintenance.|
Intermediate Convenience Features
|MSS Auto Adjust||
The MSS (Maximum Segment Size) Auto Adjust
feature automatically tweaks the MSS value in the TCP connection
setup, to force hosts to exchange slightly smaller TCP data packets.
Smaller data packets prevent the extremely common MTU problems, which were mainly introduced by complex packet-enlarging features, such as IPSec, NAT, PPPoE and PPTP.
The typical MTU problems are web pages that won't fully load, large e-mail attachments that won't transfer properly and file-transfers that stalls after the first few packets. All these problems are typically solved by this extremely powerful convinience feature.
|DNS Forwarding||The InJoy Firewall has built-in DNS Forwarding to further simplify the configuration of internal work-stations. Simply point the internal work-stations to the DNS servers 220.127.116.11 and 18.104.22.168. The InJoy Firewall then forwards DNS queries on to the public DNS server addresses configured in the InJoy Firewall.|
NAT vs. Proxy Technology
While several viable Internet sharing technologies exist, the NAT standard has during the past few years proved itself as the prevailing Internet gateway technology.
The alternative to NAT, is a collection of application proxies. These proxies set up two TCP connections to relay traffic between the network service and the remote user. Proxies offer some benefits, such as user authentication options and application-level control, however due to their complexity, they tend to be both bug-filled, slow and hard to maintain.
Today's networking applications are designed to interact with NAT devices and while application proxies remain applicable for some Internet protocols, they are often seen phased out as the primary Internet sharing technology.
For the best of both worlds, the InJoy Firewall uses NAT as the core Internet sharing technology and also includes several proxies, such as the SafeMail and identd proxy server.