Does anyone know if the "crypto isakmp nat-traversal" command is mutually exclusive with the "crypto isamkp ipsec-over-tcp" command?
We use ipsec-over-tcp in our VPN configuration, but one of our users is having difficulty with large file copy via scp. It has been suggested that we use nat traversal to overcome this, and I know that you have to configure the client and the ASA firewall the same way relative to one option over the other. But researching both commands, I can't find anything that says they cannot be used simultaneously, side by side. Some VPN users operating via NAT traversal, and some via ispec-over-tcp. Anyone know if they can be configured simultaneously in the PIX? Any issues? Any additional config relations that need to be defined if you do operated them simultaneously?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...