cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
460
Views
0
Helpful
2
Replies

NAT traversal Cisco 851

rasoftware
Level 1
Level 1

I have a question regarding NAT Traversal for IPSEC using an 851. Typically with a PIX we specifically enable each peer end for NAT-T. I don't see a specific option for this in the IOS. It says in the spec that it is NAT-T aware. Can anyone clarifiy this?

Thanks

1 Accepted Solution

Accepted Solutions

pkhatri
Level 11
Level 11

According to CCO:

' NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router running Cisco IOS Release 12.2(13)T. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated'

So you don't need to do anything at all.. it should just magically work :-)

Just one thing, though.. on the 851, you need one of the following images:

2.3(14)YT1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT1.bin

12.3(14)YT ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT.bin

12.3(8)YI3 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI3.bin

12.3(8)YI2 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI2.bin

12.3(8)YI1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI1.bin

Hope that helps - pls rate the post if it does.

Paresh

View solution in original post

2 Replies 2

pkhatri
Level 11
Level 11

According to CCO:

' NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router running Cisco IOS Release 12.2(13)T. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated'

So you don't need to do anything at all.. it should just magically work :-)

Just one thing, though.. on the 851, you need one of the following images:

2.3(14)YT1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT1.bin

12.3(14)YT ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT.bin

12.3(8)YI3 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI3.bin

12.3(8)YI2 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI2.bin

12.3(8)YI1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI1.bin

Hope that helps - pls rate the post if it does.

Paresh

Thanks, I think the problem lies elsewhere and not IOS version. I will re-post with the exact nature of the NAT traversal problem.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco