• About us
  • Investors
  • Partners
  • Careers
Request demo
  • Solutions
    • SOLUTIONS
      • Zero Trust Suite
      • Quantum-Safe Cryptography (QSC)
      • SalaX Secure Collaboration
      • Security Risk Assessment, Quantification & Mitigation
    • By Topic
      • Just-in-Time Access
      • Secure vendor access
      • Credentials & Secrets Management
      • Hybrid & multi-cloud access management
      • Interactive tour: Privileged Access in the Cloud
      • M2M connections
      • IT Audits & Compliance
      • Secure file transfer
    • By Industry
      • Managed Service Providers (MSP)
      • Operational Technology (OT)
      • Federal Government Security
  • Products
    • SECURE ACCESS & SECRETS MANAGEMENT
      • PrivX™ Hybrid PAM
      • PrivX Key Manager
    • SECURE FILE TRANSFER & ENCRYPTION
      • NQX™ quantum-ready encryption
      • Tectia™ SSH Client/Server
      • Tectia™ z/OS
    • SalaX Secure Collaboration
      • Secure Mail 2024
      • Secure Messaging 2024
      • SalaX Secure Collaboration
Request demo
  • Solutions
    • SOLUTIONS
      • PrivX Zero Trust Suite
      • SalaX Secure Collaboration
      • Strong ID-based access with Entra ID & Zero Trust Suite
      • Quantum-Safe Cryptography (QSC)
      • Security Risk Assessment, Quantification & Mitigation
      • OpenSSH by SSH
      • Device trust & access and identity verification
      • Identity-based authentication & converged IAM and PAM
    • TOPICS
      • Just-in-Time Access
      • Secure vendor access
      • Credentials & Secrets Management
      • Hybrid & Multi-Cloud Access Management
      • Interactive tour: Privileged Access in the Cloud
      • M2M Connections Management
      • IT Audits & Compliance
      • Secure File Transfer
    • INDUSTRIES
      • Managed Service Providers (MSP)
      • Operational Technology (OT)
      • Federal Government Security
      • Healthcare Data Security
  • OT Security
    • IT/OT convergence of data & systems
    • Zero Trust Access and ZSP
    • Workflow approvals
    • Secure remote access 
    • Secure patch management 
    • OT Compliance
    • Discovery and threat intelligence
    • Phishing-resistant MFA & device trust
  • Products
    • SalaX SECURE COLLABORATION
      • Secure Mail
      • Secure Messaging
      • Secure Sign
      • SalaX Secure Collaboration
    • SECURE ACCESS & SECRETS MANAGEMENT
      • PrivX™ PAM3
      • PrivX™ OT Edition
      • PrivX Key Manager
    • SECURE FILE TRANSFER & ENCRYPTION
      • Tectia™ SSH Client/Server
      • Tectia™ SSH Server for IBM z/OS
      • NQX™ quantum-safe encryption
  • Services
    • SSH Risk Assessment™
    • Professional Services
    • Support
    • Contact us
  • Customer cases
    • PrivX Zero Trust PAM
    • Enterprise Key Management UKM
    • Tectia SFTP for servers & mainframes
    • SSH Secure Collaboration
  • Resources
    • SSH Academy
    • Content library
    • Blog
    • References
    • Press releases
    • Downloads
    • Manuals
    • Events & Webinars
    • Media
    • Legal
    • Report a vulnerability
  • Solutions
    • SOLUTIONS
      • PrivX Zero Trust Suite
      • SalaX Secure Collaboration
      • Strong ID-based access with Entra ID & Zero Trust Suite
      • Quantum-Safe Cryptography (QSC)
      • Security Risk Assessment, Quantification & Mitigation
      • OpenSSH by SSH
      • Device trust & access and identity verification
      • Identity-based authentication & converged IAM and PAM
    • TOPICS
      • Just-in-Time Access
      • Secure vendor access
      • Credentials & Secrets Management
      • Hybrid & Multi-Cloud Access Management
      • Interactive tour: Privileged Access in the Cloud
      • M2M Connections Management
      • IT Audits & Compliance
      • Secure File Transfer
    • INDUSTRIES
      • Managed Service Providers (MSP)
      • Operational Technology (OT)
      • Federal Government Security
      • Healthcare Data Security
  • OT Security
    • IT/OT convergence of data & systems
    • Zero Trust Access and ZSP
    • Workflow approvals
    • Secure remote access 
    • Secure patch management 
    • OT Compliance
    • Discovery and threat intelligence
    • Phishing-resistant MFA & device trust
  • Products
    • SalaX SECURE COLLABORATION
      • Secure Mail
      • Secure Messaging
      • Secure Sign
      • SalaX Secure Collaboration
    • SECURE ACCESS & SECRETS MANAGEMENT
      • PrivX™ PAM3
      • PrivX™ OT Edition
      • PrivX Key Manager
    • SECURE FILE TRANSFER & ENCRYPTION
      • Tectia™ SSH Client/Server
      • Tectia™ SSH Server for IBM z/OS
      • NQX™ quantum-safe encryption
  • Services
    • SSH Risk Assessment™
    • Professional Services
    • Support
    • Contact us
  • Customer cases
    • PrivX Zero Trust PAM
    • Enterprise Key Management UKM
    • Tectia SFTP for servers & mainframes
    • SSH Secure Collaboration
  • Resources
    • SSH Academy
    • Content library
    • Blog
    • References
    • Press releases
    • Downloads
    • Manuals
    • Events & Webinars
    • Media
    • Legal
    • Report a vulnerability
  • About us
  • Investors
  • Partners
  • Careers
Request demo

NAT Traversal (NAT-T) Technology

 

What is NAT Traversal?

Network Address Translation (NAT) is a technology for connecting multiple devices to a single external IP address. Most ADSL modems, firewalls, and mobile operators perform network address translation. It happens in most homes, hotels, offices, and mobile data connections without users knowing of it.

NAT Traversal refers to techniques for making applications, such as voice-over-IP and multi-player games, work across devices that perform network address translation.

SSH-Academy
in-depth learning

How to get access via NAT and firewalls

If you have problems getting games or telephony applications working over NAT and firewalls, the following links may be helpful.

Open NAT – full tutorial

Learn more

Required ports for Steam

Learn more

How to get an Open NAT on Xbox etc.

Watch video

How to get an Open NAT on Call of Duty

Watch video

Information for developers

The following links may be useful for developers. This listing is for information only, not an endorsement:

  • NAT Punch-through for multiplayer games

  • How to make a multiplayer game work reliably behind NAT

  • PJNATH - Open Source ICE, STUN, and TURN Library (2.5.5) - PJSIP

  • Berkus: Libraries for NAT Traversal and hole punching

  • libnatpnp

  • Happytime NAT Traversal Library

  • NAT Traversal in Javascript

  • reTurn STUN/TURN server

  • Kademlia DHT with NAT Traversal

NAT Traversal Technology

Technology for NAT Traversal falls into a few categories:

  • IETF Standards for UDP: STUN, TURN, ICE. These standards are extremely widely used, including most smartphones, tablets, laptops, and games. There are also many proprietary variations of the same technology.

  • Interacting with NAT device to open a port: UPnP IGDP, NAT-PMP, PCP. The problem with these approaches is that 1) they need special support from the NAT device, and 2) they do not work across multiple NATs, which is a common scenario especially with mobile hotspots.

  • Forwarding gateway at the NAT device: SOCKS. These require special support from both the firewall and application and are generally only used with some enterprise firewalls.

  • Application layer gateways (ALG) in firewalls.

Of these alternatives, only the IETF standardized NAT traversal solutions and their proprietary variations work with all NATs in all networks - even when multiple NATs are present and the types or features of each NAT are not known. What's more important, they work automatically, without manual configuration.

SSH.COM and our role in the development of NAT Traversal

SSH Communications Security was active in the development of NAT Traversal technologies. The modern way of doing NAT traversal - now standardized in STUN, TURN, ICE, SIP-outbound, and many others - was invented by Tatu Ylonen and Tero Kivinen in 1997-1998 and patented by SSH Communications Security.

The SSH-invented NAT Traversal technology is the only known, practical way of reliably communicating across NAT, and NATs are ubiquitous on the Internet.

Today, the technology is extremely widely used in smartphones, tablets, laptops, IP telephones, smart TVs, and multiplayer games.

We at SSH secure communications between systems, automated applications, and people. We strive to build future-proof and safe communications for businesses and organizations to grow safely in the digital world.

  • Solutions
    • Zero Trust Suite
    • Zero Trust Suite & Entra ID Integration
    • Quantum-Safe Cryptography (QSC)
    • SalaX Secure Collaboration
    • Security Risk Mitigation
    • OT security
    • MSP Security
    • Device Trust
    • Monitoring & Threat Intelligence
    • Credentials & Secrets Management
    • IT Audits & Compliance
  • Products
    • PrivX™ Hybrid PAM
    • PrivX Key Manager
    • Tectia SSH Client/Server™
    • Tectia™ z/OS
    • Secure Messaging
    • Secure Mail
    • Secure Sign
    • NQX™ Quantum-Safe
  • Services
    • SSH Risk Assessment™
    • Professional Services
    • Support
  • Resources
    • Careers
    • References
    • Downloads
    • Manuals
    • Events & Webinars
    • Blog
  • Company
    • About us
    • Contact
    • Investors
    • Partners
    • Press

Stay on top of the latest in cybersecurity

Be the first to know about SSH’s new solutions, product updates, new features, and other SSH news!

Thanks for submitting the form.

© Copyright SSH • 2024 • Legal