Gents, KS shouldn't be behind NAT. True, that GDOI will fall back to UDP/4500 when NAT is detected (it was added in 12.4(15)T8 if I remember correctly). However, Rekey is still using port 848 and Rekey SA on GM shows internal (before NAT) address of the KS. Hence, the NAT is not possible between KS and GM.
HTH, Piotr 2010/6/3 Vybhav Ramachandran <[email protected]> > Yeah, i remember reading that on CLND... I think Paul was also > participating in that discussion along with "the" Scott Morris. > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
