?
Solved

IPSEC NAT-T

Posted on 2006-04-26
1
Medium Priority
?
305 Views
Last Modified: 2010-03-19
i was hoping someone can just clear this up for me:

i want to set up a vpn and allow roaming users to connect.

the roaming users will ALL be connecting to the internet via a standard home type NAT broadband router(i.e users will be connecting from behind a firewall and don't have a public IP). They will be using SafeRemote which i know supports NAT-T. The VPN router at the work end does have a direct connection to the internet(it has a static public IP address).

so my question is, what devices need to support NAT-T for this to work? ...from my understanding only the client software(SafeRemote) and the work VPN router needs to support NAT-T ..is this correct? ....or does the home users broadband router have to support NAT-T too?



0
Comment
Question by:nutterx
1 Comment
 
LVL 10

Accepted Solution

by:
naveedb earned 500 total points
ID: 16549222
NAT-T works by autodecting NAT device between VPN server and VPN Client. So, to answer your question, Yes, only the client and server need to support NAT-T. The router at user end does not have to.

Having said that, there are some security concerns over NAT-T. Check the following articles.

http://support.microsoft.com/default.aspx?scid=kb;en-us;885348

http://www.computerworld.com/securitytopics/security/story/0,10801,102985,00.html
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question