Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
292
Views
0
Helpful
2
Replies

Can you deploy FTDv in AWS using Site-to-Site IPSEC tunnels wo/ NAT-T?

red2play
Level 1
Level 1

‎11-09-2023 12:53 PM

We have a customer who uses a basic VPN service and it doesn't support NAT-T.  Been trying for days to get it to work but it won't work.  We contacted the Vendor and they stated that they don't support NAT-T IPSEC tunnels.  IS there a way to deploy an AWS FTDv solution with a direct public IP or without NAT-T specifically?

Labels:
0 Helpful
2 Replies 2

Pavan Gundu
Cisco Employee
Cisco Employee

‎11-15-2023 04:14 AM

Do you see in the debugs that NAT-T is detected and it is trying to switch to port 4500?

0 Helpful

MHM Cisco World
VIP
VIP

‎11-15-2023 04:54 AM

the NAT-T is oprtional not manadotry, 
so VPN S2S can work without any issue if both Peer use public IP. and not behind any NATing device.

0 Helpful
Customers Also Viewed These Support Documents