< Home

nat traversal

Function

The nat traversal command enables NAT traversal.

The undo nat traversal command disables NAT traversal.

By default, the NAT traversal is enabled.

Format

nat traversal

undo nat traversal

Parameters

None

Views

IKE peer view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

In practice, if the initiator is located on a private network and the responder is located on the public network side. To ensure that an IPSec tunnel can be set up when the NAT device exists, NAT traversal needs to be configured.

NAT traversal allows ESP packets to pass through the NAT gateway during IKE negotiation.

Precautions

If NAT traversal is enabled, the IPSec proposal (ipsec proposal) supports only ESP.

Example

# Enable NAT traversal in IKE peer named peer1.

<sysname> system-view
[sysname] ike peer peer1
[sysname-ike-peer-peer1] nat traversal
Parent Topic: IPSec Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >