PrepAway - Latest Free Exam Questions & Answers

Which source port does IKE use when NAT has been detected between two VPN gateways?

Which source port does IKE use when NAT has been detected between two VPN gateways?

PrepAway - Latest Free Exam Questions & Answers

A.
TCP 4500

B.
TCP 500

C.
UDP 4500

D.
UDP 500

One Comment on “Which source port does IKE use when NAT has been detected between two VPN gateways?

  1. Marcel says:

    C:

    If a NAT device has been determined to exist, NAT-T will change the ISAKMP transport with ISAKMP Main Mode messages five and six, at which point all ISAKMP packets change from UDP port 500 to UDP port 4500.  NAT-T encapsulates the Quick Mode (IPsec Phase 2) exchange inside UDP 4500 as well.  After Quick Mode completes data that gets encrypted on the IPsec Security Association is encapsulated inside UDP port 4500 as well, thus providing a port to be used in the PAT device for translation. 




    0



    0

Leave a Reply