I've configure a PIX using IPsec (ESP-DES) and ISAKMP with a non CISCO
device.
Between the equipments a router configured with NAT (Cisco 3620)
translates only addresses through a static one-to-one nat rule.
It works fine, but I need answer to one main question:
How it works if the ISAKMP protocol specifies that the "cookie" that
must be created to exchange data for the SA is dependent from the source
address, destinantion address and port numbers carried by the
packet ?
I need this answer to prove that no relaxing of the protocol was
develop to achieve this feature and the NAT isn't creating a lack of
security.