Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Julien87
Contributor

UDP HOLE FOR SPOKES ?

Hi ,

 

I have read the new feature in 6.4 release note, for advpn and shortcup behind NAT.  UDP Hole Punching.

 

But i have not look if this parameters is by defaut in 6.4 or if it' a parameter in fortigate?

 

I don't have found this information in forum or cookbook.  Anyone have  some information for that?

 

I try to use with advpn and OSPF routing.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-UDP-hole-punching-for-spokes-behind-NAT/ta...

 

 

Thanks,

 

 

Julien
1 Solution
akristof
Staff
Staff

Hello,

Thank you for your question. It is functionality built-in in ike. So with ADVPN, if both spokes are behind NAT, NAT holes will be opened to allow shortcut creation. You cannot disable it.

Adrian

View solution in original post

2 REPLIES 2
akristof
Staff
Staff

Hello,

Thank you for your question. It is functionality built-in in ike. So with ADVPN, if both spokes are behind NAT, NAT holes will be opened to allow shortcut creation. You cannot disable it.

Adrian
Julien87

Hi Adrian,

 

thanks for your reply. I'm off to check if the operator router is compatible with RFC 4787.  

Have a nice day.

 

 

Julien