Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

NAT & PAT

(Note: This message was posted as part of the "Ask the Expert" Event on Firewalling that took place August 4-18. Feel free to respond to or form discussions around this question)

Posted by jmalan

VPN client V1.1 should go through NAT (many-to-many), but it will not go through PAT (many-to-one). With respect to a PIX, is this referring to an outbound connection? And is it correct that a inbound VPN client connection can terminate on the inside interface allowing access to the trusted network?

3 REPLIES
New Member

Re: NAT & PAT

To my knowledge, the VPN client (as well as most VPN products on the market today) uses a specific IP protocol where Port Address

Translation only works with TCP & UDP. That is why you must have a valid IP address for the client (NAT is okay).

Silver

Re: NAT & PAT

I have seen the PIX terminate IPsec tunnels in any interface (outside, inside, any number of perimeters) in the lab but I know it

didn't work until recently.

New Member

Re: NAT & PAT

You must run PIX version 5.1(2) or greater to terminate tunnels on interfaces other than the outside. (Inside and all perimeters interfaces are now supported for tunnel termination.)

448
Views
0
Helpful
3
Replies
CreatePlease to create content