05-02-2007 06:38 AM - edited 02-21-2020 03:00 PM
I am having an issue on a new ASA. I am able to connect to the customer?s network using the Cisco VPN client, but I am not able to PING or access anything on the customers network. What needs to be done to fix this???
There is a route on the customer?s router pointing back to the firewall for the IP range you get when you VPN in?
Thanks,
Chris
Solved! Go to Solution.
05-02-2007 07:18 AM
05-02-2007 07:38 AM
Thanks, please rate.
No, it is needed for pix as well. ASA 7.2, the command is "crypto isakmp nat-traversal".
It is necessary if vpn client is connecting behind nat. Allows ipsec to be encapsulated in udp port 4500. The transport tab I mentioned is in the connection entry properties, if you click modify. You will see enable transparent tunneling over udp.
05-02-2007 06:56 AM
The config of the ASA would help. Without the config we can only guess, usually this is a nat-t issue. Make sure in vpn client config on the transport tab that you have "Enable transparent tunneling" checked.
05-02-2007 07:04 AM
05-02-2007 07:18 AM
try adding to ASA...this is disabled by default
isakmp nat-traversal
05-02-2007 07:32 AM
That fixed it! You are the man!!
Is this something new you have to do for the ASA?
Thanks again,
Chris
05-02-2007 07:38 AM
Thanks, please rate.
No, it is needed for pix as well. ASA 7.2, the command is "crypto isakmp nat-traversal".
It is necessary if vpn client is connecting behind nat. Allows ipsec to be encapsulated in udp port 4500. The transport tab I mentioned is in the connection entry properties, if you click modify. You will see enable transparent tunneling over udp.
05-02-2007 07:41 AM
I understand now...
Thank you very much for all of your help with this!!!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: