User manual
Issue 2 July 2006 41
NVVPNENCAPS
0 This parameter contains the
method of UDP encapsulation.
Values are:
0=4500-4500
1=Disable
2=2070-500
4= RFC (3947 and 3948)
Description:
The type of UDP encapsulation
method to use when there is a
NAT device between the
VPNremote Phone and the
security device.
● Set this parameter to 0 for
IKE negotiation to start with
source port 2070 and
destination port 500.
Negotiation switches to port
source port 4500 and
destination port 4500 if
peer supports port floating
(Ref RFC 3947,3948). Set
this parameter to 1 to
disable IKE NAT traversal.
● Set this parameter to 2to
disable port floating during
IKE NAT traversal.
● Set this parameter to 4 for
IKE negotiation to start with
source port 500 and
destination port 500.
Negotiation switches to port
source port 4500 and
destination port 4500 if
peer supports port floating
(Ref RFC 3947 and 3948).
Finally IPsec traffic is sent inside
UDP packets from and to port
4500 if supported by peer or port
2070<->500 if port floating is not
supported, and UDP
encapsulation is supported as
published in the initial draft
versions of RFC 3947 and 3948.
To set the UDP encapsulation
value to 1 when the script file is
not downloaded through the VPN
tunnel, use the following
command:
IF $VPNACTIVE SEQ 1 goto
skipencaps
SET NVVPNENCAPS 1 #
skipencaps
.
Table 5: VPNremote for 4600 Series IP Telephones Customizable System
Parameters (continued)
Parameter Name Default
Value
Description and Value Range Example
11 of 15