03-24-2006 07:09 AM - edited 03-03-2019 12:10 PM
I have a question regarding NAT Traversal for IPSEC using an 851. Typically with a PIX we specifically enable each peer end for NAT-T. I don't see a specific option for this in the IOS. It says in the spec that it is NAT-T aware. Can anyone clarifiy this?
Thanks
Solved! Go to Solution.
03-24-2006 01:42 PM
According to CCO:
' NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router running Cisco IOS Release 12.2(13)T. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated'
So you don't need to do anything at all.. it should just magically work :-)
Just one thing, though.. on the 851, you need one of the following images:
2.3(14)YT1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT1.bin
12.3(14)YT ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT.bin
12.3(8)YI3 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI3.bin
12.3(8)YI2 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI2.bin
12.3(8)YI1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI1.bin
Hope that helps - pls rate the post if it does.
Paresh
03-24-2006 01:42 PM
According to CCO:
' NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router running Cisco IOS Release 12.2(13)T. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated'
So you don't need to do anything at all.. it should just magically work :-)
Just one thing, though.. on the 851, you need one of the following images:
2.3(14)YT1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT1.bin
12.3(14)YT ADVANCED SECURITY c850-advsecurityk9-mz.12.3-14.YT.bin
12.3(8)YI3 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI3.bin
12.3(8)YI2 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI2.bin
12.3(8)YI1 ADVANCED SECURITY c850-advsecurityk9-mz.12.3-8.YI1.bin
Hope that helps - pls rate the post if it does.
Paresh
03-28-2006 02:55 AM
Thanks, I think the problem lies elsewhere and not IOS version. I will re-post with the exact nature of the NAT traversal problem.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide