Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1597
Views
0
Helpful
3
Replies

NAT & PAT

ciscomoderator
Community Manager
Community Manager

‎08-23-2000 12:52 PM - edited ‎03-08-2019 07:46 PM

(Note: This message was posted as part of the "Ask the Expert" Event on Firewalling that took place August 4-18. Feel free to respond to or form discussions around this question)

Posted by jmalan

VPN client V1.1 should go through NAT (many-to-many), but it will not go through PAT (many-to-one). With respect to a PIX, is this referring to an outbound connection? And is it correct that a inbound VPN client connection can terminate on the inside interface allowing access to the trusted network?

Labels:
0 Helpful
3 Replies 3

bwalchez
Level 4
Level 4

‎08-30-2000 07:25 AM

To my knowledge, the VPN client (as well as most VPN products on the market today) uses a specific IP protocol where Port Address

Translation only works with TCP & UDP. That is why you must have a valid IP address for the client (NAT is okay).

0 Helpful

a-vazquez
Level 6
Level 6

‎08-31-2000 10:16 AM

I have seen the PIX terminate IPsec tunnels in any interface (outside, inside, any number of perimeters) in the lab but I know it

didn't work until recently.

0 Helpful

bob.short
Level 1
Level 1
In response to a-vazquez

‎08-31-2000 11:54 AM

You must run PIX version 5.1(2) or greater to terminate tunnels on interfaces other than the outside. (Inside and all perimeters interfaces are now supported for tunnel termination.)

0 Helpful
Customers Also Viewed These Support Documents