Product Documentation

Operation Through Firewalls and Proxies

Jan 31, 2014

Users of the NetScaler Gateway Plug-in are sometimes located inside another organization’s firewall, as shown in the following figure:

Figure 1. Connection from user device through two internal firewalls
User connection through two internal firewalls

NAT firewalls maintain a table that allows them to route secure packets from NetScaler Gateway back to the user device. For circuit-oriented connections, NetScaler Gateway maintains a port-mapped, reverse NAT translation table. The reverse NAT translation table enables NetScaler Gateway to match connections and send packets back over the tunnel to the user device with the correct port numbers so that the packets return to the correct application.