Which source port does IKE use when NAT has been detected between two VPN gateways?
A.
TCP 4500
B.
TCP 500
C.
UDP 4500
D.
UDP 500
Which source port does IKE use when NAT has been detected between two VPN gateways?
Which source port does IKE use when NAT has been detected between two VPN gateways?
C:
If a NAT device has been determined to exist, NAT-T will change the ISAKMP transport with ISAKMP Main Mode messages five and six, at which point all ISAKMP packets change from UDP port 500 to UDP port 4500. NAT-T encapsulates the Quick Mode (IPsec Phase 2) exchange inside UDP 4500 as well. After Quick Mode completes data that gets encrypted on the IPsec Security Association is encapsulated inside UDP port 4500 as well, thus providing a port to be used in the PAT device for translation.