Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
329
Views
0
Helpful
1
Replies

NAT TRAVERSAL ON PIX

ggozzi
Level 1
Level 1

‎10-29-2003 07:22 AM - edited ‎02-20-2020 11:04 PM

I have this prb:

Pix 506 with 6.3.3

Vpn client 4.0.1

I have the VPN client behin a NAT/PAT device whith udp encapsulation enabled.

On pix 506 I have configured the

isakmp NAT_traversal.

In the outside interace of pix i see the isakmp packet whith dest port 500 (not 4500)

and the phase 1 not start

Can anyone help me?

0 Helpful
1 Reply 1

mostiguy
Level 6
Level 6

‎10-29-2003 08:58 AM

After you added the isakmp nat-traversal command, did you re-enter isakmp enable outside to reinitialize the isakmp configuration? If not, try that.

That said, I think you will always see the first isakmp packet(s) go to 500, but as things get negiotatied (included nat-traversal), traffic will eventually use the 4500 port

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card