Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
NAT Traversal - Netscreen 5XP
- Thread starter briteeyez
- Start date
Hello,
Native IPSEC doesn't work well with NAT. To get around this, NAT Traversal can be used. This allows for the IPSEC traffic to be encapsulated within an UDP header and traverse the NAT device and Firewall. Without this, IKE Phase 1 will fail.
Check to see that both the your Firewall and ADSL modem support IPSEC with UDP Encap. Most ADSL modems that I have come across run into issues, we simply roll out Linksys Devices to protect our remote users. All of the Linksys Products support IPSEC via UDP and they tend to be flawless. Not a Cisco or Linksys pusher either, I am just relaying some feedback to you. Hope this helps.
Rgds,
John
Native IPSEC doesn't work well with NAT. To get around this, NAT Traversal can be used. This allows for the IPSEC traffic to be encapsulated within an UDP header and traverse the NAT device and Firewall. Without this, IKE Phase 1 will fail.
Check to see that both the your Firewall and ADSL modem support IPSEC with UDP Encap. Most ADSL modems that I have come across run into issues, we simply roll out Linksys Devices to protect our remote users. All of the Linksys Products support IPSEC via UDP and they tend to be flawless. Not a Cisco or Linksys pusher either, I am just relaying some feedback to you. Hope this helps.
Rgds,
John
- Status
Similar threads
