Site to Site VPN behind NAT

I need to setup a site to site VPN between two location, one of the locations has my VPN appliance and ASA 5505 NAT-ed behind the ISP router


The NAT is a one to many NAT.
The Site to Site VPN will be an IPSEC vpn.

My questions is can i setup the point to point in these conditions? i'm pretty sure i will need to setup some port address translations if it can work, the question is which ports will i need?

Who is Participating?
DonbooConnect With a Mentor Commented:
Yes it can be done like that.

You need to PAT/NAT port udp 500 and 4500 and your Remote VPN concentrator must be setup for NAT-T VPN connections.
Exactly what Donboo said.

With NAT you need to enable NAT-T (Nat traversal).
Traffic is send over UDP port 500/4500.
IPSec can then travel over NAT...
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.