What Ports/Protocols to map through NAT for VPN Concentrator?
I have a VPN concentrator behind a NAT router (model 2621XM). The VPN concentrator is at the edge of my lab network. While travelling, I want to be able to use a VPN Client on a Windows box to traverse my NAT router and connect to my VPN concentrator so that I can then access my lab network remotely. I now that I need to create a static NAT translation in my IOS router. What ports/protocols do I need to statically map?
Re: What Ports/Protocols to map through NAT for VPN Concentrator
OK, I statically mapped through my NAT esp, udp 500 and udp 4500. Still nothing. The VPN client attemps to connect and then reports Reason 412: The remote peer is no longer responding.
I have attached the config from my NAT router and the log from the VPN client as well as the output as debug IP nat as I ran a connection attempt. I have set the VPN client to: Enable Transparent Tunneling and using IPSec over UDP (NAT/PAT). I have checked the log of the VPN concentrator and it does not appear that any connection attempt is being made - hence I dont think that I am making it through the NAT correctly.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...