Using Protocol Agents for NAT in application data

Protocol Agents on Firewalls can be used to assist with network address translation (NAT) in the application data.

For example, the H.323 conferencing protocol includes the source and destination address information in the data payload of the packets. In ‘normal’ traffic, all IP address information relevant to the communications is in reserved spaces in the packet headers.

The H323 Protocol Agent can examine the data payload and change the addresses according to the network address translation as needed. Therefore, when the source address is included in the protocol data, the source address is also translated in the data payload. The receiving system then responds to the proper address.