Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
328
Views
0
Helpful
1
Replies

Cisco 506 NAT IPSec

lchristie
Level 1
Level 1

‎06-12-2002 01:37 PM - edited ‎02-21-2020 11:48 AM

I was wondering if it was possible to have an IPSec tunnel originate within a local area network that sits behind a 506 with NAT'ing enabled. I have tried to use the following command to get this to work to no avail.

sysopt connection permit-ipsec command

The IPSec client that resides behind the firewall requires authentication header and I assume that is where my problem lies. Much thanks in advance.

Labels:
0 Helpful
1 Reply 1

lisa.hall
Level 2
Level 2

‎06-18-2002 12:59 PM

As long as the client is getting a real NAT address and not a PAT address you should be fine. Does your client software support NAT transparency mode like the one for the Cisco VPN concentrators?

0 Helpful
Customers Also Viewed These Support Documents