SYSTEM FOR ALLOWING NETWORK TRAFFIC THROUGH FIREWALLS

摘要

A system and a method for allowing bi-directional network traffic to pass through a network address translation ("NAT")/firewall device (9) thereby allowing bi-directional traffic to flow between the private side of the NAT/firewall device (9) and the public side of the NAT/firewall device (9) while maintaining security between the public side and the private side is described. A network processing system (18) on the public side of the NAT/firewall device (9) anchors network traffic (1) to and from the private side of the NAT/firewall device (9). A traversal client resides on the private side of the NAT/firewall device (9) and has a secure connection with the network processing system. The traversal client is operable to pass signaling packets bound for a terminal on the private side of the NAT/firewall device (9) from the network processing system (18). The traversal client is also operable to send test packets through the NAT/firewall device (9) to create the allocations in the NAT/firewall device (9) to allow the bi-directional traffic to pass from the public side to the private side.