Create a Post
Showing results for 
Search instead for 
Did you mean: 

NAT-T and VPN issues with a CISCO Firepower

How's it going?

I have a question that I would like to clarify.
I have a 6600 appliance which cannot establish a VPN with a CISCO Firepower, I have global NAT-T enabled in the appliance properties. On the CISCO side they use UDP encapsulation, but on the Check Point side the tunnel is established through IPSec and not NAT-T. So the behavior seems strange to me.
I changed offer_nat_t_initator parameter to true in order so if the peer wants to switch to using NAT-T port 4500 during the negotiation, we will offer it.

But this didn't work.

Can NAT-T be forced over a specific tunnel?

0 Kudos
2 Replies
This widget could not be displayed.