Your software release may not support all the features documented in this module. Gateways that run a cisco ios software release later than 12. Ios ipsec nat transparency with vpn client configuration. The information in this document is based on these software and hardware versions. Network address translation nat is a method of remapping an ip address space into another. When both natt and ipsec over udp are enabled, natt takes precedence. Configuring cisco ios hosted nat traversal for session border.
The most popular technique for tcp nat traversal is tcp hole punching, which requires the nat to follow the port. Ios router to pass a lantolan ipsec tunnel via pat cisco. Restrictions for ipsec nat transparency althoughthisfeatureaddressesmanyincompatibilitiesbetweennatandipsec,thefollowingproblemsstill exist. Udp encapsulated process for software engines transport mode and tunnel mode. Before you configure the cisco ios hosted nat traversal for session border controller feature, you should understand the concepts. Udp encapsulation of ipsec packets for nat traversal, on page 3. Im going to use the same configuration from the previous sitetosite ios vpn blog post but with one difference. Udp encapsulated process for software engines transport mode and tunnel mode esp. In a typical configuration, a local network uses one of the designated private ip address subnets rfc 1918. Boost your technical skill set by earning a cisco certified network associate ccna security certification. The configuration system tunneling protocols ipsec nat transparency screen.
Natt can also be used when connecting to a cisco router running cisco ios. Cisco software can selectively or dynamically perform nat. Configuring nat transparency on the client software. Prerequisites for configuring cisco ios hosted nat traversal for session border controller 146.
1596 305 374 1282 1328 1225 702 1079 1320 939 55 925 1503 1361 423 770 656 751 242 1264 651 173 583 1017 203 1287 1230 1005 419 658 472 1011 44 632 562