I'm working with some software developers who are asking me to put some WebRTC boxes behind a "full cone" (RFC 3489 ) NAT scheme. After some discussion about the requirements, it sounds like they're asking for RFC 5128 Endpoint-Independent Filtering behavior.
The dev folks were shocked to learn that the behavior they need isn't standard fare for an IP masquerade/overload/dynamic NAT device.
Now, I'm not convinced that the plan (intended network architecture and application design) is well founded, but that's not really the point of this post. They're the customer, so I've raised concerns about it, and then told them I'd look into deploying the sort of NAT they've asked for.
So...
Anybody know where I can find this NAT capability in an enterprise-ish box? So far, it looks like Fortinet and A10 networks can do it.
Thanks!
No comments:
Post a Comment