The NAT (Network Address Translation) device was designed in order to deal with the lack of public IPs. NAT can therefore convert IP addresses on a LAN into a public IP. NAT uses internal tables to manage the address conversions.
However, there is an incompatibility problem between NAT and the IPSec protocol. During the process of converting the IP addresses, NAT processes the headers of the IP packets. Given the characteristics of IPSec, NAT is not able to correctly interpret the IP packet headers.
The use of NAT transversal (NAT-T) will resolve this conflict in the case of VPN networks that use this protocol, as the IPSec NAT transversal defines the changes in the negotiation methods and the sending of protected data to allow IPSec packets to cross the firewalls used by NAT.
Instructions for enabling NAT transversal
- Go to the Panda GateDefender Integra administration console.
- Click on VPN in the panel on the left of the console.
- Select the VPN management option.
- Click on IPSEC VPN management
- Click on the Global configuration tab.
- Use the checkbox to enable NAT Transversal.
- Click on OK.