Ever wondered how you are able to access a server outside of your corporate network, but the reverse is not possible directly. I mean say for example when you are in office, you go to your command prompt or shell and try the ipconfig (Windows) / ifconfig (UNIX) command you can get your machine’s IP address. Also let’s say that you are running a web application on your desktop. Now you go to an internet cafe and try to connect to the web application on your desktop using the IP. Do you think it would connect? Not really because your office network is protected by a firewall and any outgoing or incoming request/response has to go through the firewall. And unless an incoming request is authenticated and authorized the firewall will not allow incoming requests. The firewall applies an algorithm called Network Address Translation (NAT). The NAT translates the internal IP address to another IP address and exposes the translated IP. To better understand, when you open up your browser and open www.google.com, the Google server will receive an IP but that will not be the same as what you know of as your machine’s IP. When Google sends back the response http the firewall will map the destination IP to your machine and route the request to your machine. The map that keeps track of the IP translations is called NAT. More about NAT on Wikipedia.