[Vpn-help] How does NAT-T really works?
Matthew Grooms
mgrooms at shrew.net
Fri Nov 21 07:52:48 CST 2008
Stefan Bauer wrote:
> Hi Matthew,
>
> i'm still confused, how nat-t really works. I've seen setups, where a
> single client can made up roadwarrior connections to his company
> through a nat without nat-t. Is there any _good!_ and _easy_
> documentation how a ipsec association works with nat-t? I'm looking
> for something detailed like:
>
> Client sends first package with destination-port 500 to ipsec-server.
> ipsec server answers to package ....
>
> Probably you get this questions asked often, but i'm really trying to
> understand this in principle. I appreciate your help.
>
There are two RFCs that describes the process in detail. One covers
negotiation of NAT-Traversal and the other describes the UDP encapsulation.
http://tools.ietf.org/html/rfc3947
http://tools.ietf.org/html/rfc3948
Thanks,
-Matthew
More information about the vpn-help
mailing list