Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IPSec using NAT

Is it possible to use L2TP with IPSec through a Pix firewall running NAT? The setup would be, a Microsoft operating system using the embedded IPSec client attempting to connect to a Microsoft 2k server running IPSec. I seem to be reading contrasting documentation on the web. The latest I have read this is not possible using NAT due to the encryption of the transport layer.

2 REPLIES
New Member

Re: IPSec using NAT

Hi Eric,

You can not pass L2tp with IPSEC over PIX firewall doing PAT or NAT overloading.

You can pass PPTP or L2TP with IPSEC over static NAT or NAT Pool (not overloading, still one to one nat).

Best Regards,

Bronze

Re: IPSec using NAT

Hi Eric,

L2TP over IPSec with Transport mode is not compatible with any kind of NATing, be it Static or Dynamic, Tunnel mode works fine with Static(1-to-1, or many-to-many NATing only.

One example of L2TP over IPSec using Transport mode is when you connect to VPN3K concentrator, I'm not sure about MS ISA server.

Thanks,

Afaq

112
Views
0
Helpful
2
Replies
CreatePlease to create content