Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
436
Views
0
Helpful
3
Replies

How can i get a VPN Client's connection to be NAT-ted

Go to solution
mkoopsen
Level 1
Level 1

‎12-17-2002 02:41 AM - edited ‎02-21-2020 12:14 PM

I installed a router on a customer site to replace a PC that did NAT on a cable modem connection.

On the router NAT is done to get all of the PC's on the LAN to get to Internet.

But........one of the users is using a VPN-client to get to his office. With the PC installed there was no problem but since the router is in place he can not connect.

Because i specialized on dial-up networks my know;edge of NAT and VPN-clients.

Is there someone who knows how to get this user's VPN client-session to be NAT-ted?

Regards,

Martijn Koopsen

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jfrahim
Level 5
Level 5
In response to mkoopsen

‎12-17-2002 09:18 AM

If you have overload onfigured, then you are Patting the traffic. In any case, you should atleast be able to establish the connection, as IPSec uses UDP 500 for negotiating the tunnel. If you are not able to pass any traffic, that's another issue. Once the tunnel is established, the traffic can be encrypted using ESP protocol which cannot be patted in normal circumstances. If this is a cisco IPsec client, then you have to find out that is the termination device. If it is a 3K concentrator, then you could enable IPSec thru UDP to workaround the ESP problem

Hope that helps

Jazib

View solution in original post

0 Helpful
3 Replies 3

Go to solution
jfrahim
Level 5
Level 5

‎12-17-2002 07:55 AM

Hi Martijn,

Are you natting or patting the traffic? What I mean is, do you have a static one to one mapping configured on the router, or do you have "overload" keyword in the NAT statements on the router. What type of a router is that?

What ype of a VPN client is that? Is it s Cisco Client ? Where is the VPn connection getting terminated at?

Jazib

0 Helpful

Go to solution
mkoopsen
Level 1
Level 1
In response to jfrahim

‎12-17-2002 09:08 AM

I am natting the traffic. I am overloading the address configured on one of the interfaces. The router is a rather oldish one (2514) The client is not the Cisco Client for as far as i know but if you want to know for sure i can tell you later.

The VPN tunnel get terminated on the other "side" of the internet so that is behind the router and the cable modem in a network i don't control.

0 Helpful

Go to solution
jfrahim
Level 5
Level 5
In response to mkoopsen

‎12-17-2002 09:18 AM

If you have overload onfigured, then you are Patting the traffic. In any case, you should atleast be able to establish the connection, as IPSec uses UDP 500 for negotiating the tunnel. If you are not able to pass any traffic, that's another issue. Once the tunnel is established, the traffic can be encrypted using ESP protocol which cannot be patted in normal circumstances. If this is a cisco IPsec client, then you have to find out that is the termination device. If it is a 3K concentrator, then you could enable IPSec thru UDP to workaround the ESP problem

Hope that helps

Jazib

0 Helpful
Customers Also Viewed These Support Documents