A method and apparatus for facilitating Internet Security Protocol (IPsec) communications through devices that employ address translation in a telecommunications network is disclosed. A device that employs address translation, such as a router using Network Address Translation (NAT), receives IPsec based messages from originator nodes in a network and generates a result value for each message based on an initial identifier for each message. The messages are sent to a responder node that generates a response message to each originator node with a subsequent identifier that is based on the corresponding initial identifier. The device matches each response messages to the appropriate originator node within the network based on the result values and the subsequent identifiers. For example, the initial identifiers may be originator Security Parameter Indexes (SPI), and the subsequent identifiers may be responder SPI's that are each based on a hash value of the corresponding originator SPI.