Which IKE negotiation mode does an AR support when NAT traversal is configured on the AR

5

When NAT traversal is configured on an IPSec-enabled AR router, the router supports aggressive and main modes.
Note: The main mode is supported in V200R005C00 and later versions.

Other related questions:
Does L2TP support NAT traversal
L2TP supports NAT traversal. L2TP uses UDP port 1701, so the destination port must be port 1701 when NATis used.

Does the AR enabled with L2TP support NAT traversal
L2TP supports NAT traversal. Because L2TP uses UDP port 1701, the destination port number must be 1701 during translation.

Does the AR router support H323's NAT traversal?
The AR router does not support H323 NAT traversal

Which forwarding mode does the AR support when it functions as an AC
The AR supports local forwarding but not centralized forwarding to transmit service data packets.

How are SAs aged on an AR
AR routers can age SAs in two ways: - The time-based lifetime indicates the period of time an SA can exist since it is established. - The traffic-based lifetime indicates the maximum traffic volume that an SA can process. When the specified time or traffic volume is reached, the SA becomes invalid. When the SA is about to expire, IKE will negotiate a new SA. In this manner, a new SA is established when the old SA becomes invalid. Before the new SA is established, the two ends use the old SA to protect data flows. When the new SA is established, the two ends immediately use the new SA.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top