Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4472
Views
5
Helpful
7
Replies

UDP hole punching

Go to solution
prince.p
Level 1
Level 1

‎11-28-2017 12:06 AM - edited ‎03-08-2019 12:54 PM

can anyone explain what is udp hole punching in network . is udp hole punching is same s NAT

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP
In response to prince.p

‎12-04-2017 02:42 AM

It is more like a feature but can be enabled and disable. If I am not wrong, in Cisco firewall it is disabled by default and on Cisco router enabled by default.

You can take a look on the command " crypto isakmp nat-transversal"

 

 

-If I helped you somehow, please, rate it as useful.-

View solution in original post

7 Replies 7

Go to solution
Flavio Miranda
VIP
VIP

‎11-28-2017 12:26 AM

Hi @prince.p

  This is a technique used to traverse  NAT and allow UDP communication.

 A very good application for this technique is when you have a firewall behind a router  and the router  hold the public IP address but you need to establish VPN with firewall which have private IP address.

 You need UDP Hole punching technique on router in order for port 500 VPN make it through router and get to the firewall so that VPN can be established.

 There are lot of scenarios where is technique is necessary.

 So, this is a technique that allows UDP communication through NAT.

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
prince.p
Level 1
Level 1
In response to Flavio Miranda

‎11-28-2017 01:02 AM

can you share some brief about NAT traverse and udp hole punching

 

0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to prince.p

‎11-28-2017 01:15 AM

Of course. 

 On the example I mentioned and many others, UPD packets may have trouble traversing NAT. So the idea of punching is open a communication channel so that UDP can make it through the NAT (traverse).

 With hole punching after the "hole" is openned, the channel is maintained with empty udp packets with no communication is sent.

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
prince.p
Level 1
Level 1
In response to Flavio Miranda

‎12-03-2017 10:10 PM

hi thanks for your help to get knowledge about UDP hole punching. i am some
doubt in NAT traversal .

Is NAT Traversal can be configured manually in firewall to open the port
like port forwarding or it is working with some application program to open
the port permanently for UDP hole punching
0 Helpful

Go to solution
prince.p
Level 1
Level 1
In response to Flavio Miranda

‎12-03-2017 11:37 PM

hi thanks for your help to get knowledge about UDP hole punching. i am some
doubt in NAT traversal .

Is NAT Traversal can be configured manually in firewall to open the port
like port forwarding or it is working with some application program to open
the port permanently for UDP hole punching

0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to prince.p

‎12-04-2017 02:42 AM

It is more like a feature but can be enabled and disable. If I am not wrong, in Cisco firewall it is disabled by default and on Cisco router enabled by default.

You can take a look on the command " crypto isakmp nat-transversal"

 

 

-If I helped you somehow, please, rate it as useful.-

Go to solution
antonkolev
Level 1
Level 1
In response to Flavio Miranda

‎08-28-2019 08:32 AM

Have you actually tested if this works  for Site to Site VPN tunnels  between two ASA or FTD firewalls 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card