HI all,
I have disabled NAT-T on both VPN GWs and configured PAT on IR-GW. As per my understanding PAT can work only if NAT-T supported. However PATing is happening though NAT-T is disabled.
Could anyone explain that how it works ?I saw protocol ESP in the NAT translation table so I checked SPI which is bond along with ESP (Wireshark) but it was different than A6E39B (NAT table entry)
IR-GW#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
esp 12.0.0.1:0 11.0.0.1:A6E39B 12.0.0.2:0 12.0.0.2:0
esp 12.0.0.1:0 11.0.0.1:0 12.0.0.2:0 12.0.0.2:21B97BFC
NAT configuration:-
IR-GW
#sh running-config | include nat
ip nat inside
ip nat outside
ip nat inside source list NAT interface Ethernet0/1 overload
sh ip access-lists NAT
Extended IP access list NAT
10 permit ip any any (11 matches)
ESP has been used as protocol.
Thanks