Enrypted packets (FWZ, SKIP, IKE) cannot have NAT applied, as
their TCP/IP headers are encrypted, however IPSEC only encrypts the data
portion, leaving the headers free for NAT manipulation.
Also bear in mind that NAT won't work with protocols that use
embedded IP addresses (RPC, Oracle etc), unless a Proxy has been written for
them
----- Original Message -----
Sent: 23 March 2001 05:23
Subject: [FW1] Some packets do not get
NATted. Have you seen this before?
Hello friends,
I remember some time ago someone was discussing a
case in which some packets do not have NAT applied.
Anyone remembers other details?
Best wishes
Aylton
|