[Vpn-help] How does NAT-T really works?

Matthew Grooms mgrooms at shrew.net
Fri Nov 21 07:52:48 CST 2008

Stefan Bauer wrote:
> Hi Matthew,
> i'm still confused, how nat-t really works. I've seen setups, where a
> single client can made up roadwarrior connections to his company
> through a nat without nat-t. Is there any _good!_ and _easy_
> documentation how a ipsec association works with nat-t? I'm looking
> for something detailed like:
> Client sends first package with destination-port 500 to ipsec-server.
> ipsec server answers to package ....
> Probably you get this questions asked often, but i'm really trying to
> understand this in principle. I appreciate your help.

There are two RFCs that describes the process in detail. One covers 
negotiation of NAT-Traversal and the other describes the UDP encapsulation.




More information about the vpn-help mailing list