Ipsec NAT-T


#1

I notice in some other forum threads, you recommend disabling the default Ipsec NAT-T. What does that actually do in each position?

I have four locations with Peplink routers. They are connected with a hub and spoke by Pep VPN. Combination of 380, 20, and Balance One devices. I can’t do enough direct cross links with Pep VPN because it would exceed the allowable number of Pep VPN connections. I can connect Pep VPN from router A>B>C but its a bit slow so I have an Ipsec directly from A>C. The Ipsec VPN is stable and I can communicate A>C but I am not able to send data C>A. I am wondering if this NAT-T setting might be the problem?

A>B>C and C>B>A work fine using only Pep VPN. When I enable Ipsec between A and C, with the PepVPN A>B>C still enabled, I can communicate A>C but cannot communicate C>A.


#2

Hi Don,

Can you provide network diagram to show the connectivity between these 4 locations? This allowed me to advice better.

Thank you.