Internet Connection Sharing allows multiple computers to use a single public Internet Protocol (IP) address. One computer, the Connection Sharing server, is connected to a public network and a private network. The Connection Sharing server modifies packets from computers on a private network that are destined for a public network so that such packets appear to come from the Connection Sharing computer. Likewise, the Connection Sharing server modifies packets received from the public network to send them to the appropriate computer on the private network.
Connection Sharing provides security for computers on the private network because private computers are not directly addressable from a public network. There is no way for a computer on a public network to send unsolicited traffic to a computer on a private network.
The Connection Sharing server also provides Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) services to the private network.
Internet Connection Firewall (ICF) extends the security that Connection Sharing provides to computers on the private network. ICF also provides security to the Connection Sharing server computer or a standalone computer, such as a computer that is connected to a single public network. By keeping track of the network traffic that programs on the computer generate, Connection Sharing prevents unsolicited traffic from being processed by the computer.
The main access point for the Connection Sharing and ICF configuration is the Advanced tab of the network connection properties. This user interface (UI) allows a user to enable and disable Connection Sharing and ICF and to configure various aspects of their operation. The following list describes these aspects:
The IP_NAT must be installed to use Connection Sharing or ICF.