Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Michael_Horne
Collaborator

Enable NAT Traversal per VPN community

Hello All,

Is there a supported way to enable NAT-T for a specific VPN community only?

As far as I can tell NAT-T can only be activated via SmartConsole for the entire gateway / cluster.  We have one VPN issue, where the remote party is saying that enabling NAT-T will solve the issue. We have had problems in the past when enabling NAT-T on a gateway cluster where the remote end of the VPN will try NAT-T and the checkpoint doesn't and neither end will switch over to use the method of the other gateway. 

We do not want to enable NAT-T on the gateway / cluster for the this Site to site VPN, due to the risk of breaking some of the already existing VPN tunnels.

We would prefer to enable NAT-T for the specific VPN community for testing. if this was possible.

Many thanks,

Michael

0 Kudos
4 Replies
This widget could not be displayed.