Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAT-T Please explain

Hi,

 

I have seen the following option on the Cisco ASA and Fortigate. NAT-T I always leave this option unselected.

When would you use this option as I thought between site to site IPSEC you don't NAT and create a policy or ACL to define the interesting traffic. You don't want it to NAT to a public IP correct?

I'm guessing lets say you have a LAN subnet of 192.168.1.0 /24 it will NAT this to another private IP as it goes other the tunnel?

Why would you ever want to do this is it if both the LAN's are on the same subnet? also does this option have to be enabled at each side for the tunnel to come up?

1 REPLY

Hi James,This requires when

Hi James,

This requires when multiple clients uses the same NAT address ( Source Address) to reach/connect with the VPN Server. And more over the below mentioned post in learning network portal explained it better.

https://learningnetwork.cisco.com/thread/36740

Hope this clears your doubt.

 

Regards

Karthik

54
Views
0
Helpful
1
Replies