09-03-2008 10:07 AM
I have a VPN concentrator behind a NAT router (model 2621XM). The VPN concentrator is at the edge of my lab network. While travelling, I want to be able to use a VPN Client on a Windows box to traverse my NAT router and connect to my VPN concentrator so that I can then access my lab network remotely. I now that I need to create a static NAT translation in my IOS router. What ports/protocols do I need to statically map?
Jeff
09-03-2008 08:54 PM
esp, udp 500 or isakmp, udp 4500
good luck
if helpful Rate
09-09-2008 04:25 PM
OK, I statically mapped through my NAT esp, udp 500 and udp 4500. Still nothing. The VPN client attemps to connect and then reports Reason 412: The remote peer is no longer responding.
I have attached the config from my NAT router and the log from the VPN client as well as the output as debug IP nat as I ran a connection attempt. I have set the VPN client to: Enable Transparent Tunneling and using IPSec over UDP (NAT/PAT). I have checked the log of the VPN concentrator and it does not appear that any connection attempt is being made - hence I dont think that I am making it through the NAT correctly.
Jeff
09-04-2008 05:45 AM
Hello,
Note: that you will need one single dedicated ip for esp as it has no ports .
HTH
Saju
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide