Ipsec mobility and nat, Roaming from behind nat to behind nat – Panasonic 7 User Manual

150 Chapter 8 Configuring IPSec mobility and persistent mode

The Nortel VPN Client status monitor reports if roaming is enabled for the

session. The event log on the Nortel VPN Router reports on IPSec mobility
actions.

IPSec mobility and NAT

If Nortel VPN Client is behind a NAT box with NAT traversal enabled and
encapsulation for ESP protocol is used, UDP encapsulation is preserved after

roaming.

Roaming from behind NAT to behind NAT

In Figure 30, before roaming the client was connected via access point 1 (AP1)

and NAT box 1 and had an IP1 IP address. After roaming, the client is connected

via access point 2 (AP2) and NAT box 2 and gets an IP address IP2. In this case,
the client IP address and UDP port have been changed after roaming. When a new
IP address has been received by the client, it sends a NAT keep-alive so that the

server can find the ESP UDP port mapping and send the data to the client using

port mapping.

Figure 30

Roaming from behind NAT to behind NAT

NN46110-500