Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2060
Views
0
Helpful
1
Replies

EZ-VPN and NAT-T

m.chenetz
Level 5
Level 5

‎06-22-2006 06:16 AM

Is there a way to enable NAT-T over ezvpn on an ios router? I have a Cisco 871 that i am trying to enable NAT-T and ezvpn for use over a natted connection that talks to a VPN Concentrator.

The, "Show crypto ipsec client ezvpn", shows the following:

Tunnel name : ezconnect

Inside interface list: BVI1

Outside interface: FastEthernet4

Current State: IDLE

Last Event: TUNNEL_NO_PUBLIC_IP_ADD

Save Password: Allowed

Current EzVPN Peer: x.x.x.x

Labels:
0 Helpful
1 Reply 1

m.sir
Level 7
Level 7

‎06-23-2006 12:19 AM

NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router running Cisco IOS Release 12.2(13)T. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated.

Disabling NAT Traversal

You may wish to disable NAT traversal if you already know that your network uses IPSec-awareness NAT (spi-matching scheme). To disable NAT traversal, use the following commands:

SUMMARY STEPS:

1. enable

2. configure terminal

3. no crypto ipsec nat-transparency udp-encapsulation

Check this document for more infor

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455c72.html

M.

Hope that helps rate if it does

0 Helpful
Customers Also Viewed These Support Documents