Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem with UDP Nat-T

Has anyone else seen a problem with the Cisco VPN client versions 4.8 and 5.0. We have always used the NAT-T successfully. After upgrading to version 4.8 and 5.0 the UDP connections no longer work. TCP works but UDP doesn't. All of the previos older clients work just fine. Anyone else seen this.

1 REPLY
Silver

Re: Problem with UDP Nat-T

IKE fragmentation on the Cisco VPN client 4.0.5.D and above is broken for UDP, and fragmentation at IP level is used instead, IKE fragmentation seems to work correctly for TCP encapsulated IKE packets (which are TCP/500), configuring TCP encapsulation could be used as a workaround. Change that affect the packets going from the main location to the spokes on the port UDP 500. When you enable nat-t you allowed the connection on a different port letting the other routers to be aware of it and try another port for connection.

139
Views
0
Helpful
1
Replies
CreatePlease login to create content