Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
397
Views
0
Helpful
1
Replies

ISAKMP and NAT

franzin
Level 1
Level 1

‎06-27-2002 03:45 PM - edited ‎03-08-2019 11:13 PM

I've configure a PIX using IPsec (ESP-DES) and ISAKMP with a non CISCO

device.

Between the equipments a router configured with NAT (Cisco 3620)

translates only addresses through a static one-to-one nat rule.

It works fine, but I need answer to one main question:

How it works if the ISAKMP protocol specifies that the "cookie" that

must be created to exchange data for the SA is dependent from the source

address, destinantion address and port numbers carried by the

packet ?

I need this answer to prove that no relaxing of the protocol was

develop to achieve this feature and the NAT isn't creating a lack of

security.

Labels:
0 Helpful
1 Reply 1

edadios
Cisco Employee
Cisco Employee

‎06-28-2002 08:14 PM

Cisco support ipsec standard. Try this for possible explanation:

http://www.ietf.org/html.charters/ipsec-charter.html .

Regards,

0 Helpful
Customers Also Viewed These Support Documents