Cisco ASA Site-to-Site IKEv1 IPsec VPN

Hello Jones

Can you specify which lesson in particular you are referring to? There are several site to site VPN lessons using the ASA on the site. Let us know and we can answer your question more appropriately.

As for NAT-T, IPsec VPN clients can use NAT traversal to allow for ESP (Encapsulating Security Payload) packets traverse NAT. Several protocols within the IPsec framework must be enabled to traverse both firewalls and NAT including IKE, ESP, AH. UDP port 4500 is used for IPsec NAT traversal. These features are sometimes called IPsec Passthrough features.

If you would like Rene to consider including a lesson on NAT-T and IPsec, feel free to make a suggestion at the Lesson Ideas link below:

I hope this has been helpful!