NAT transversal

del.icio.us del.icio.us
Digg Digg
Furl Furl
Reddit Reddit
Rojo Rojo
Add to OnlyWire

NAT-T (NAT Traversal in the IKE) is a method of enabling IPsec-protected IP datagrams to pass through a Network address translator (NAT).

An IP packet is modified while passing through a network address translator device in a manner that is incompatible with Internet Protocol Security (IPsec). NAT-T protects the original IPsec encoded packet by encapsulating with another layer of UDP and IP headers.

The negotiation during the Internet key exchange (IKE) phase is defined in RFC 3947 and the UDP encapsulation itself is defined in RFC 3948.

Most major networking vendors support NAT-T for IKEv1 in their devices. In Microsoft Windows XP with Service Pack 2 the feature can be enabled.[1].


References

  • RFC 3715: IPsec-Network Address Translation (NAT) Compatibility Requirements
  • RFC 3947: Negotiation of NAT-Traversal in IKE
  • RFC 3948: UDP Encapsulation of IPsec ESP Packets
  1. ^ http://support.microsoft.com/kb/818043/en-us
Retrieved from "http://en.wikipedia.org/wiki/NAT-T"

This article is from Wikipedia. All text is available under the terms of the GNU Free Documentation License.

Giant Panda

Mercedes Car
James Bond Guide
This site monitored by SitePinger.net