Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT no-wrapper

I believe Cisco IOS version 12.2 (2) XK for the 827 DSL router now supports IPSec with one-to-many NAT (PAT) without a TCP or UDP header added to the IPSec packet for session demuxing. Is this correct? If so, can someone explain how this works?

2 REPLIES
Cisco Employee

Re: NAT no-wrapper

Hi,

This is how the feature works:

" On Cisco routers, this feature allows the simultaneous use of multiple, PC-based IPSec clients on which IPSec packet wrapping is disabled or is not supported. When PCs connected to the router create an IPSec tunnel, NAT on the router translates the private IP addresses in these packets to public IP addresses. This NAT feature also supports multiple Point-to-Point Tunnel Protocol (PPTP) sessions, which may be initiated by PCs with PPTP client software."

Hope this helps,

Regards,

Aamir

-=-

New Member

Re: NAT no-wrapper

Aamir,

Please clarify further.

Are you saying that the new feature supports IPSec through a NAT one-to-one translation (no overload)? I believe that has always been supported -- this does not sound like anything new.

I was thinking the new feature allowed for the support of NAT overload (PAT) on the router with IPSec flows and no wrappers on the IPsec flows. That would be cool! Are you saying this combination is still not possible?

Thanks,

Toby Jessup

89
Views
0
Helpful
2
Replies
CreatePlease to create content