Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
617
Views
0
Helpful
0
Replies

match identity address with NAT-T

Srinivasan Nagarajan
Level 1
Level 1

‎12-26-2018 12:38 PM

Hi Experts,

 

 When using NAT-T, we're using Private address in the "match identity address" command. If we replace this private IP with the Public IP (1.2.3.4), the tunnel doesn't come up.

Can someone please assist how NAT-T working in the match identity address statements. Thanks in advance

 

Configs

====

Hub-Router #

 crypto keyring OUR_KEYRING

  pre-shared-key address 1.2.3.4 key <key>

 

crypto isakmp profile PROFILE_NAME

   vrf TEST

   keyring OUR_KEYRING

   match identity address 10.0.0.1 255.255.255.255

 

crypto map OUR_MAP  ipsec-isakmp

  set peer 1.2.3.4

  set isakmp-profile PROFILE_NAME

 

 

Cheers,

Sri

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card