• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 307
  • Last Modified:

IPSEC NAT-T

i was hoping someone can just clear this up for me:

i want to set up a vpn and allow roaming users to connect.

the roaming users will ALL be connecting to the internet via a standard home type NAT broadband router(i.e users will be connecting from behind a firewall and don't have a public IP). They will be using SafeRemote which i know supports NAT-T. The VPN router at the work end does have a direct connection to the internet(it has a static public IP address).

so my question is, what devices need to support NAT-T for this to work? ...from my understanding only the client software(SafeRemote) and the work VPN router needs to support NAT-T ..is this correct? ....or does the home users broadband router have to support NAT-T too?



0
nutterx
Asked:
nutterx
1 Solution
 
naveedbCommented:
NAT-T works by autodecting NAT device between VPN server and VPN Client. So, to answer your question, Yes, only the client and server need to support NAT-T. The router at user end does not have to.

Having said that, there are some security concerns over NAT-T. Check the following articles.

http://support.microsoft.com/default.aspx?scid=kb;en-us;885348

http://www.computerworld.com/securitytopics/security/story/0,10801,102985,00.html
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now