Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

isakmp nat-traversal

We have a number of lan to lan vpns and all works well as well as remote access vpn.

however there are a number of people who cannot access remote access vpn and when i add : isakmp nat-traversal 10 it works.

Any idea?

Also, when configuring site to site vpn using the wizzard (asdm) it removes the nat-travesal.

Any idea?


Re: isakmp nat-traversal

NAT-T allows the negotiation of the VPN to be further encapsulated in UDP using port 4500.

This should be used when the remote end devices are performing NAT and do not understand or perform IPSEC pass-thru.

NAT-T is a global IKE setting.


New Member

Re: isakmp nat-traversal

I understand thank you.

I guess it cannot hurt to have it turned on all the time.

Thank you again Andrew!

Re: isakmp nat-traversal

np - glad to help.

CreatePlease to create content