How can NAT cause IPsec to fail?
- End-to-end IPv4 traceability is lost.
- Header values are modified, which causes issues with integrity checks.
- Network performance is degraded even more than with just NAT.
- Troubleshooting is made impossible.
Explanation: IPsec and other tunneling protocols do integrity checks. NAT must modify IP headers to translate private IP addresses to public addresses. Disadvantages of using NAT include causing end-to-end IPv4 traceability to be lost, complicating troubleshooting, and slowing down traffic such as VoIP, which cannot tolerate much delay.
Exam with this question: CCNA 2 v6 Chapter 9: Check Your Understanding
Please login or Register to submit your answer