Re: [FW1] Some packets do not get NATted. Have you seen this before?

[Tim Holman]

Enrypted packets (FWZ, SKIP, IKE) cannot have NAT applied, as their TCP/IP headers are encrypted, however IPSEC only encrypts the data portion, leaving the headers free for NAT manipulation. Also bear in mind that NAT won't work with protocols that use embedded IP addresses (RPC, Oracle etc), unless a Proxy has been written for them ----- Original Message ----- From: Aylton Souza, CISSP To: fw-1-mailinglist Sent: 23 March 2001 05:23 Subject: [FW1] Some packets do not get NATted. Have you seen this before? Hello friends,   I remember some time ago someone was discussing a case in which some packets do not have NAT applied.   Anyone remembers other details?   Best wishes   Aylton