It's not an entirely accurate statement. It has to do with IPSEC and the fact that intermediary devices can not alter the packet in any way. Many vendors support using "IPSEC pass-thru" though, where by you permit certain ports/protocols to pass-thru untouched. I need to get to a meeting, but a quick google search should give you all the answers you want.
HTH Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS Senior QA Rep. BMC Software, Inc. (713) 918-2412 [EMAIL PROTECTED] http://www.bmc.com -----Original Message----- From: James Drake [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 10:03 To: [EMAIL PROTECTED] Subject: VPN and NAT I've been told that I cannot have NAT running on the router before the firewall if I want VPN functionality. Is there anyone who might be able to explain the reason for this? Thanks, James _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
