| 摘要 |
Method and apparatus for enhanced security for communication over a network, and more particularly to Network Address Translation (NAT) integration Internet Protocol Security (IPSec), is described. A client computer makes a second address request in order to prompt an address server to provide a public address. This address, recorded in a mapping table accessible by a gateway computer. This public address is used as a source address for packets from a client using IPSec. When the gateway computer identifies a packet's source address as one of it's public addresses, NAT is suspended for this packet, and the packet is routed without NAT. Incoming traffic is routed using the mapping table.
|
