NAT Traversal

Unanswered Question
Nov 13th, 2007
User Badges:

Hello!!


I just want to make sure of this...

Is NAT-T enable for this IPSec session ?


Below is the Output of the "show crypto isakmp sa detail nat" command...


Can you tell me ? thx :)


UACA-VPN#show crypto isakmp sa detail nat

Codes: C - IKE configuration mode, D - Dead Peer Detection

K - Keepalives, N - NAT-traversal

X - IKE Extended Authentication

psk - Preshared key, rsig - RSA signature

renc - RSA encryption

IPv4 Crypto ISAKMP SA


C-id Local Remote I-VRF Status Encr Hash Auth DH Lifetime Cap.


2024 201.196.33.30 200.122.146.38 ACTIVE 3des sha psk 2 17:46:11 N

Engine-id:Conn-id = AIM-VPN/SSL-1:24


NAT keepalive(sec) 0

In local 201.x.x.30:4500 remote 192.168.20.15:4500


IPv6 Crypto ISAKMP SA


UACA-VPN#


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
thult Wed, 11/14/2007 - 00:54
User Badges:

UDP Port 4500 indicates NAT-T. Without NAT-T it should use UDP port 500.

Actions

This Discussion