Abstract
A method for secure communication between a local area network and a wide area network includes integrating a NAT functionality in a firewall associated with the local area network, wherein the NAT functionality is suitable to translate the source port of outgoing data packets with a NAT port value obtained by adding to a NAT offset value the value of the session ED used in a session database. When reply data packets coming from the wide area network are received by the firewall, the session ID is extracted from the NAT port value and is used for directly pointing to the session database, thus reducing the time required to recognize the session.
Original language | English |
---|---|
Patent number | US2009323703 |
IPC | H04L 12/ 56 A I |
Priority date | 30/12/05 |
State | Published - 31 Dec 2009 |