My question is whether this needs to be disabled on both sides of the iPSEC tunnel for it to work correctly or will doing it just on one side work? We are seeing a potential issue due to this
Also, see highlighted in below output that the Kb value on the remote end is different from the Kb value on the local Device. While the Lifetime secs is set manually on the policy map, the global value is being used for the Kilobytes value.
My question is whether the Kilobytes value is counted globally for all tunnels or for each tunnel independently? If it is counted independently for each tunnel, im not sure why the Kb value is different remotely and locally for the same traffic flowing onto the tunnel on each side.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...