Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2751
Views
0
Helpful
4
Replies

what is the difference between nat traversal and nat exemption.

donnie
Level 1
Level 1

‎09-11-2007 01:34 AM

Hi all. In my site to site vpn connection both nat traversal and nat exemption are enabled. What is the difference between the 2 and why do i need both for my ipsec vpn to work. Thks in advance.

1 person had this problem
Labels:
0 Helpful
4 Replies 4

lgijssel
Level 9
Level 9

‎09-11-2007 02:08 AM

These are two different things.

isakmp nat traversal allows for VPN client traffic to be transported using the NAT-T feature.

nat exemption is what we use to not-NAT traffic that is sent over a VPN tunnel.

regards,

Leo

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎09-11-2007 06:41 AM

Hi

Just to expand on previous post.

Nat-traversal is needed when there is a device that sits somewhere in the path between your VPN devices that performs NAT on the packets.

Nat exemption is used to make sure that certain IP addresses are not subject to NAT and are left as is.

Jon

0 Helpful

hamedsol
Level 1
Level 1
In response to Jon Marshall

‎02-04-2020 03:26 PM

Then why we need nat between vpn devices at all?
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to hamedsol

‎02-08-2020 02:00 PM

Sometimes the design of the network places a device using ipsec inside of a device that is doing address translation at the outside edge of the network. In this case we need nat traversal.

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents