Which port should (or would) be open if VPN NAT-T was enabled
A.
port 4500 outside interface
B.
port 4500 in all interfaces where ipsec uses
C.
port 500
D.
port 500 outside interface
Explanation:
BD
NAT traversal: The encapsulation of IKE and ESP in UDP port 4500 enables these protocols to pass through a
device or firewall performing NAT.
Source: https://en.wikipedia.org/wiki/Internet_Key_Exchange
Also a good reference
Source: https://supportforums.cisco.com/document/64281/how-does-nat-t-work-ipsec