Configure
P-335WT
Behind a NAT
Router
Some tips for this application:
- The NAT router must support to pass through IPSec protocol. Only ESP tunnel mode is
possible to work in NAT case. If the NAT router is ZyXEL NAT router (P300 series, P643,
P642, or P202) supporting IPSec pass through, default port and the P-335WT WAN IP must be
configured in their SUA/NAT Server Table.
- WAN IP of the NAT router is the tunneling endpoint for this case, not the WAN IP of
P-335WT.
- If firewall is turned on in P-335WT, you must forward IKE port in
Internet interface.
- If NAT are also enabled in P-335WT, NAT server is required for non-secure connections,
NAT server is not required for secure connections and the phyical private IP is used.
host----P-335WT----NAT Router----Internet----Secure host
\
\
Non-secure host