Re: [FW-1] [SUSPECTED SPAM] Re: [FW-1] [SUSPECTED SPAM] Site to Site VPN and NAT-T

[Paolo Riviello www.paoloriviello.com]

Usually NAT-T is negotiated during ipsec fase 1 ike-isakmp negotiation and 
is a standard  so you shouldn't find any problem.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftipsnat.pdf
cheers

--

Paolo Riviello


Home: http://www.paoloriviello.com
E-mail: [EMAIL PROTECTED]
E-mail: [EMAIL PROTECTED]
Skype: pao_rivi Icq: 285354822

If men could get pregnant, abortion would be a sacrament. (H)





From: "André L." <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1              
<FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM>
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] [SUSPECTED SPAM] Re: [FW-1] [SUSPECTED SPAM] Site to Site 
VPN and NAT-T
Date: Fri, 9 Feb 2007 15:53:31 +0100

OK. We do just some NAT on the border device (IOS_router) and open the 
needed ports udp/500 (IKE), ESP and udp/4500 (NAT-T).

Without NAT-T (in case of Cisco on the remote site) no tunnel can be 
established. Right?


--
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================

_________________________________________________________________
Ogni ricerca da questo sito, una donazione per i bambini rifugiati 
http://click4thecause.live.com/Search/Charity/Default.aspx?locale=it-it

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================