What Ports/Protocols to map through NAT for VPN Concentrator?

Unanswered Question
Sep 3rd, 2008

I have a VPN concentrator behind a NAT router (model 2621XM). The VPN concentrator is at the edge of my lab network. While travelling, I want to be able to use a VPN Client on a Windows box to traverse my NAT router and connect to my VPN concentrator so that I can then access my lab network remotely. I now that I need to create a static NAT translation in my IOS router. What ports/protocols do I need to statically map?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jeffrey.girard Tue, 09/09/2008 - 16:25

OK, I statically mapped through my NAT esp, udp 500 and udp 4500. Still nothing. The VPN client attemps to connect and then reports Reason 412: The remote peer is no longer responding.

I have attached the config from my NAT router and the log from the VPN client as well as the output as debug IP nat as I ran a connection attempt. I have set the VPN client to: Enable Transparent Tunneling and using IPSec over UDP (NAT/PAT). I have checked the log of the VPN concentrator and it does not appear that any connection attempt is being made - hence I dont think that I am making it through the NAT correctly.


singhsaju Thu, 09/04/2008 - 05:45


Note: that you will need one single dedicated ip for esp as it has no ports .




This Discussion