1. Multiple users, using cisco VPN client with no transparent tunneling enabled, connect to VPN peer through Cisco router (PAT). Can this be done?
2. Multiple users, using cisco VPN client with NAT-Traversal enabled, connect to VPN peer through Cisco router (PAT). Can this be done?
3. I heard if you want to have multiple VPN connections through Cisco router (PAT), you can only use encapsulation over TCP. NAT-Traversal only support single VPN connection through Cisco router (PAT). Is that true?
IOS version on router needs to be of a level that supports IPSec pass-through. Use ESP only and not AH. Because IKE uses UDP 500 it will NAT/PAT fine, but ESP does not use UDP , therefore the IPSec ESP packets will be dropped unless you have the IOS version that supports it. Can't remember the version off the top of my head!!
2. See below
3. NAT-Traversal supporting single connection? Not sure - wouldn't think so though.
You can use TCP or UDP to get though a NAT device , but it must be configured on both ends, such as a Concentrator and a client. UDP is enabled by default on the VPN Client, default port 10000.
As for NAT-T, I think it's to allow IPSec connections through a device such as a firewall, that does not allow IPSec connections. Uses UDP port 4500. I reckon this only aplpied to a firewall scenario and not a router (See 1)
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...