09-22-2004 08:01 AM - edited 02-21-2020 01:21 PM
I have my PIX 515, outside interface has a private IP address. It is NATted to a public IP address at the internet router.
If I am using PIX VPN client at the other end to contact PIX, will htere be any issue due to NAT ?
09-23-2004 10:46 AM
Your VPN client would need to encapsulate IPSec traffic in UDP. You would need to port forward UDP/4500 (the default UDP encap port #) from the internet-facing router to the PIX firewall.
09-24-2004 04:45 AM
You will also need to enable nat transversal on the pix; it is off by default.
I believe that the command is this: isakmp nat-transversal
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
