Hiding Network Address Translation (NAT) Traffic

I live in a place with an oppressive network policy where everything is aggressively monitored. Among the many rules is a prohibition on using any device that generates Network Address Translation traffic (i.e. Wireless routers, vms...). They monitor network logs and disconnect anyone who uses such. Is there a开发者_StackOverflow社区ny way I can mask traffic (i.e the nat transltion generated by routers or virtual network devices) via encryption or the like so that it is indistinguishable from normal network traffic that would be generated by a single device using a single ip address to a monitor that is sniffing packets on the network?

(I already use a VPN to encrypt any sensitive traffic, but the NAT is applied post VPN encryption. )

I am not really sure why you need to dodge security, but one way to achieve this in your case is to use a trojan horse-like mecanism. Instead of having any peer or devices on your LAN trying to connect to the WAN, install some kind of application on a valid node behind the LAN to propagate traffic in an out of the LAN for other nodes. If necessary, have this node connect to another fix node on the WAN. Since it will use a valid connection, it won't be filtered.

Each device on your LAN should connect to the trojan node instead of trying to connect outside. The bandwidth will be slower, but this should work. That being said, this is most probably breaking the intentions of those who have implemented the security policy on your LAN. If they catch you, you're good for the electric chair...