hit counter script
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. RV016 - Small Business - 10/100 VPN Router
  6. User manual

Appendix D: Ipsec Nat Traversal; Overview; Before You Begin; Configuration Of Scenario 1 - Cisco RV016 User Manual

10/100 16-port vpn router business series
Hide thumbs Also See for RV016:
Table of Contents

Advertisement

Appendix D
Appendix D:
IPSec NAT Traversal

Overview

Network Address Translation (NAT) traversal is a technique
developed so that data protected by IPSec can pass
through a NAT. (See NAT 1 and NAT 2 in the diagram.)
Since IPSec provides integrity for the entire IP datagram,
any changes to the IP addressing will invalidate the data.
To resolve this issue, NAT traversal appends a new IP and
UDP header to the incoming datagram, ensuring that no
changes are made to the incoming datagram stream.
This chapter discusses two scenarios. In the first scenario,
Router A initiates IKE negotiation, while in the second
scenario, Router B initiates IKE negotiation. In the second
scenario, since the IKE responder is behind a NAT device, a
one-to-one NAT rule is required on the NAT device.

Before You Begin

The following is a list of equipment you need:
Two 4-Port SSL/IPSec VPN Routers (model number:
RVL200), one of which is connected to the Internet
Two 10/100 16-Port VPN Routers (model number:
RV016), one of which is connected to the Internet
10/100 16-Port VPN Router

Configuration of Scenario 1

In this scenario, Router A is the RVL200 Initiator, while
Router B is the RVL200 Responder.
WAN: 192.168.99.11
NAT 2 - RV016
LAN: 192.168.111.1
WAN: 192.168.111.101
NAT 1 - RV016
LAN: 192.168.11.1
WAN: 192.168.11.101
Router A - RVL200 Initiator
LAN: 192.168.1.0/24
192.168.1.101
Traffic in Scenario 1
NOTE:
Both the IPSec initiator and responder
must support the mechanism for detecting the
NAT router in the path and changing to a new
port, as defined in RFC 3947.

Configuration of Router A

Follow these instructions for Router A.
1.
Launch the web browser for a networked computer,
designated PC 1.
2.
Access the web-based utility of Router A. (Refer to the
User Guide of the RVL200 for details.)
3.
Click the
IPSec VPN tab.
4.
Click the
Gateway to Gateway tab.
5.
Enter a name in the
Tunnel Name field.
6.
For the VPN Tunnel setting, select
IPSec NAT Traversal
WAN: 192.168.99.22
Router B - RVL200
Responder
LAN: 192.168.2.0/24
192.168.2.100
Enable.
71
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco RV016

Related Content for Cisco RV016

This manual is also suitable for:

Quickvpn - pcLinksys rv016

Table of Contents