05-02-2007 06:38 AM - edited 02-21-2020 03:00 PM
I am having an issue on a new ASA. I am able to connect to the customer?s network using the Cisco VPN client, but I am not able to PING or access anything on the customers network. What needs to be done to fix this???
There is a route on the customer?s router pointing back to the firewall for the IP range you get when you VPN in?
Thanks,
Chris
Solved! Go to Solution.
05-02-2007 07:18 AM
05-02-2007 07:38 AM
Thanks, please rate.
No, it is needed for pix as well. ASA 7.2, the command is "crypto isakmp nat-traversal".
It is necessary if vpn client is connecting behind nat. Allows ipsec to be encapsulated in udp port 4500. The transport tab I mentioned is in the connection entry properties, if you click modify. You will see enable transparent tunneling over udp.
05-02-2007 06:56 AM
The config of the ASA would help. Without the config we can only guess, usually this is a nat-t issue. Make sure in vpn client config on the transport tab that you have "Enable transparent tunneling" checked.
05-02-2007 07:04 AM
05-02-2007 07:18 AM
try adding to ASA...this is disabled by default
isakmp nat-traversal
05-02-2007 07:32 AM
That fixed it! You are the man!!
Is this something new you have to do for the ASA?
Thanks again,
Chris
05-02-2007 07:38 AM
Thanks, please rate.
No, it is needed for pix as well. ASA 7.2, the command is "crypto isakmp nat-traversal".
It is necessary if vpn client is connecting behind nat. Allows ipsec to be encapsulated in udp port 4500. The transport tab I mentioned is in the connection entry properties, if you click modify. You will see enable transparent tunneling over udp.
05-02-2007 07:41 AM
I understand now...
Thank you very much for all of your help with this!!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide