NAT-T

From Wikipedia, the free encyclopedia

NAT-T (NAT Traversal in the IKE) is a mechanism in IPsec for UDP encapsulation of the ESP packets in order to better go through firewalls. The negotiation during the Internet key exchange (IKE) phase is defined in RFC 3947 and the UDP encapsulation itself is defined in RFC 3948.

This capability exists in Microsoft Windows XP with Service Pack 2 but must be enabled.

All the major vendors (Cisco, Juniper et. al) support NAT-T for IKEv1 in their devices as well.

[edit] NAT-T RFCs

RFC 3715: IPsec-Network Address Translation (NAT) Compatibility Requirements
RFC 3947: Negotiation of NAT-Traversal in IKE
RFC 3948: UDP Encapsulation of IPsec ESP Packets

This computer network-related article is a stub. You can help Wikipedia by expanding it.

Categories: Computer network stubs | Cryptographic protocols | Internet protocols | Tunneling protocols

Views

Interaction

Search

Languages

العربية

Powered by MediaWiki

Wikimedia Foundation

This page was last modified 08:29, 23 April 2008 by Wikipedia user ManiacK. Based on work by Wikipedia user(s) OwenX, LordAnubisBOT, IlyaHaykinson, Rearden9, Cburnett, MK8, EagleOne, Frap, Helix84, Mout, RobertG, Conscious and JidGom and Anonymous user(s) of Wikipedia.
All text is available under the terms of the GNU Free Documentation License. (See Copyrights for details.)
Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a U.S. registered 501(c)(3) tax-deductible nonprofit charity.
About Wikipedia
Disclaimers