I have configured a remote access IPSec VPN with UDP encapsulation enabled which passes through a broadband router which in turn has IPSEC Passthrough enabled.
The remote access tunnel works fine with the IPSEC Passthrough enabled. However, if the Passthrough option is disabled the tunnel is not established. No ACLs have been configured on the broadband router.
What is the IPSEC Passthrough doing to allow the IPSEC packets to get through? I configured a second IPSEC VPN but without UDP encapsulation but enabled IPSEC Passthrough on the router which allowed phase one to be established but not phase two. I can understand this since it cannot NAT the encrypted phase two packets. But how are the encrypted phase one packets traversing the NAT device?
April 9, 2009 3:43 PM
April 19, 2013 8:09 PM