No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

FAQ-Can NAT and IPSec VPN Be Used Together

Publication Date:  2015-07-02  |   Views:  765  |   Downloads:  0  |   Document ID:  EKB1000081394


Issue Description

Can NAT and IPSec VPN Be Used Together?


Yes. When they are used together, the firewall is generally deployed at the network egress and performs NAT over intranet packets destined for the Internet. A packet carrying a private address is transmitted to the headquarters over an IPSec tunnel, and it is transmitted over the Internet with a public IP address added. When receiving the packet, the firewall decapsulates the packet and identifies its home branch based on the private IP header. When specifying an ACL in the nat outbound command, note that NAT is not required for traffic destined for the headquarters.