What does NAT traversal (NAT-T) accomplish for VPNs?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Get ready for your networking concepts exam! Study with flashcards and multiple-choice questions that include hints and explanations. Enhance your understanding and achieve success!

Multiple Choice

What does NAT traversal (NAT-T) accomplish for VPNs?

Explanation:
NAT traversal for VPNs tackles the problem that IPsec’s ESP traffic isn’t NAT-friendly, since ESP isn’t carried in UDP or TCP and NAT devices rewrite addresses and ports. NAT traversal wraps the ESP payload inside a UDP packet, typically using UDP port 4500, so NAT devices can translate the addresses and ports and keep the session alive. This UDP-encapsulation lets the IPsec tunnel pass through NAT devices and continue carrying encrypted data between the VPN endpoints. That’s why the option describing tunneling ESP in UDP is the correct one. It isn’t about forcing ESP to avoid UDP, nor about preventing IPsec from passing through NAT, nor about IPv6-only VPNs.

NAT traversal for VPNs tackles the problem that IPsec’s ESP traffic isn’t NAT-friendly, since ESP isn’t carried in UDP or TCP and NAT devices rewrite addresses and ports. NAT traversal wraps the ESP payload inside a UDP packet, typically using UDP port 4500, so NAT devices can translate the addresses and ports and keep the session alive. This UDP-encapsulation lets the IPsec tunnel pass through NAT devices and continue carrying encrypted data between the VPN endpoints.

That’s why the option describing tunneling ESP in UDP is the correct one. It isn’t about forcing ESP to avoid UDP, nor about preventing IPsec from passing through NAT, nor about IPv6-only VPNs.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy