A coworker says you shouldn't do an IPSec VPN tunnel over double NAT, because IPSec was not designed to work with NAT, but when I tried it by putting an ASA behind my home ISP router, it works fine to create a tunnel back to the ASA at the office, and I thought with UDP encapsulation it shouldn't be a problem. What's the verdict?
↧