Westermo MRD-3x0 User Manual

117

6623-3201

General IPsec Configuration

Enabled
Check the box to enable the IPsec VPN. Default is disdisabled.

NAT traversal enabled & keepalive period (secs)
Check box to enable NAT Traversal and set the keepalive 
time.

NAT Traversal

•

When passing through a Network Address 
Translator (NAT) an IP packet is modified in such 
a way that is incompatible with Internet Protocol 
Security (IPsec). NAT-Traversal protects the 
original IPsec encoded packet by encapsulating it 
within another layer of UDP and IP headers. If the 
wireless interface of the MRD-3xx is allocated 
a dynamic and private IP address then the con-
nection to the Internet will be via a Network 
Address Translator (NAT), this will require the 
use of NAT-Traversal for IPsec to establish a con-
nection.

Keepalive Period

•

NAT keepalives are used to keep the dynamic 
NAT mapping alive during a connection between 
two peers. NAT keepalives are UDP packets 
with an unencrypted payload of 1 byte. Although 
similar to dead peer detection (DPD), NAT keep-
alives are different, DPD is used to detect peer 
status, while NAT keepalives are sent if the IPSec 
entity did not send or receive the packet at a 
specified period of time.

IPsec MTU
Maximum Transmission Unit (MTU) is the size (in bytes) of 
the largest packet which can be sent over the IPsec tunnel. 
Leave this value blank to use the default setting.