ASA and Cisco VPN question

Answered Question
May 2nd, 2007

I am having an issue on a new ASA. I am able to connect to the customer?s network using the Cisco VPN client, but I am not able to PING or access anything on the customers network. What needs to be done to fix this???

There is a route on the customer?s router pointing back to the firewall for the IP range you get when you VPN in?

Thanks,

Chris

I have this problem too.
0 votes
Correct Answer by acomiskey about 9 years 7 months ago

Thanks, please rate.

No, it is needed for pix as well. ASA 7.2, the command is "crypto isakmp nat-traversal".

It is necessary if vpn client is connecting behind nat. Allows ipsec to be encapsulated in udp port 4500. The transport tab I mentioned is in the connection entry properties, if you click modify. You will see enable transparent tunneling over udp.

Correct Answer by acomiskey about 9 years 7 months ago

try adding to ASA...this is disabled by default

isakmp nat-traversal

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
acomiskey Wed, 05/02/2007 - 06:56

The config of the ASA would help. Without the config we can only guess, usually this is a nat-t issue. Make sure in vpn client config on the transport tab that you have "Enable transparent tunneling" checked.

Correct Answer
acomiskey Wed, 05/02/2007 - 07:18

try adding to ASA...this is disabled by default

isakmp nat-traversal

chris.damore Wed, 05/02/2007 - 07:32

That fixed it! You are the man!!

Is this something new you have to do for the ASA?

Thanks again,

Chris

Correct Answer
acomiskey Wed, 05/02/2007 - 07:38

Thanks, please rate.

No, it is needed for pix as well. ASA 7.2, the command is "crypto isakmp nat-traversal".

It is necessary if vpn client is connecting behind nat. Allows ipsec to be encapsulated in udp port 4500. The transport tab I mentioned is in the connection entry properties, if you click modify. You will see enable transparent tunneling over udp.

chris.damore Wed, 05/02/2007 - 07:41

I understand now...

Thank you very much for all of your help with this!!!!

Actions

This Discussion