Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6983
Views
0
Helpful
1
Replies

crypto ipsec nat-transparency spi-matching

tizedboy1
Level 1
Level 1

‎04-29-2009 06:25 AM - edited ‎02-21-2020 04:13 PM

Hello,

could someone please help in undestanding this command. It is not clearly explained in ofiicial documents.

When and how to use it?

How does it differ from crypto ipsec nat-transparency udp-encapsulation?

etc.

Thanks

Labels:
0 Helpful
1 Reply 1

Not applicable

‎05-07-2009 02:55 PM

Security parameter index (SPI) matching is used to establish VPN connections between multiple pairs of destinations. NAT entries are immediately placed in the translation table for endpoints matching the configured access list. SPI Matching is available only for endpoints that choose SPIs according to the predictive algorithm implemented in Cisco IOS Release 12.2(15)T.

The generation of SPIs that are predictable and symmetric is enabled. SPI Matching should be used in conjunction with NAT devices when multiple ESP connections across a NAT device are desired.

SPI Matching is disabled. This task may be used to either enable SPI Matching.

0 Helpful
Customers Also Viewed These Support Documents