This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Amir_Arama
Advisor
‎2022-02-03 11:46 AM
Jump to solution

GWs decided on NAT-T while they have no nat device in the middle

hi

we have two GWs which having site to site vpn.

they located in different geographic location, but they have Layer 2 line, so they basically see each other by arp.

so let's say 192.168.1.2/29 and 192.168.1.6/29 (and by these addresses they know each other as peers)

for some reason, instead of using ESP over proto:50, they are deciding to use NAT-T

i can't figure out why. and i was hoping to fix it, to save the double encapsulation. is there a way to understand what is behind this decision?

thanks

gws are single gws with r80.40 latest take. managed by the same mgmt, share the same vpn community.

0 Kudos
4 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events