03-24-2006 07:09 AM - edited 03-03-2019 12:10 PM
I have a question regarding NAT Traversal for IPSEC using an 851. Typically with a PIX we specifically enable each peer end for NAT-T. I don't see a specific option for this in the IOS. It says in the spec that it is NAT-T aware. Can anyone clarifiy this?
Thanks
Solved! Go to Solution.
03-24-2006 01:42 PM
According to CCO:
' NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router running Cisco IOS Release 12.2(13)T. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated'
So you don't need to do anything at all.. it should just magically work :-)
Just one thing, though.. on the 851, you need one of the following images:
2.3(14)YT1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT1.bin
12.3(14)YT ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT.bin
12.3(8)YI3 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI3.bin
12.3(8)YI2 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI2.bin
12.3(8)YI1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI1.bin
Hope that helps - pls rate the post if it does.
Paresh
03-24-2006 01:42 PM
According to CCO:
' NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router running Cisco IOS Release 12.2(13)T. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated'
So you don't need to do anything at all.. it should just magically work :-)
Just one thing, though.. on the 851, you need one of the following images:
2.3(14)YT1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT1.bin
12.3(14)YT ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT.bin
12.3(8)YI3 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI3.bin
12.3(8)YI2 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI2.bin
12.3(8)YI1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI1.bin
Hope that helps - pls rate the post if it does.
Paresh
03-28-2006 02:55 AM
Thanks, I think the problem lies elsewhere and not IOS version. I will re-post with the exact nature of the NAT traversal problem.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: