Hi ,
I have read at a few places that by floating the port to 4500 in case of NAT-T, it improves performance. I searched the net but couldnt find a reason why the the UDP encapsulation of ESP data packets is more efficient on port 4500 than 500.
Can anyone share his/her thoughts on this.?
Thanks Muhammad Imam
Nonsense.
cu
59cobalt
There *may* be a reason: some olds routers used some "IKE proxies" to try to allow IPSec traffic to pass through their NAT.
If your encapsulated IPSec flow passes through such a proxy (using NAT-T drafts 00-01), it may slow the tunnel down, and jumping to port
4500 will do it's job: skip the proxy.Yvan.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.