NAT-T config problem

Answered Question
Aug 3rd, 2007
User Badges:

Hi. We are currently configuring an ASA5510 running v8.0(2). We have setup NAT traversal for ipsec using:


crypto isakmp nat-traversal 20


This works fine. The problem is, whenever I write the config (write mem) it doesn't retain this setting in the startup-config. A "show running-config" immediately after a reload contains the line:


no crypto isakmp nat-traversal


If I edit the config in a txt editor, and add "crypto isakmp nat-traversal 20", then copy it to startup-config, it works. This isn't sufficient though, as it only lasts until the next time the config is updated by a "write mem" command, whereby it is disabled again.


Is this a bug in 8.0(2)? Is there any way to add a persistent entry in the ASA config that is *always* retained when a "write mem" command is issued? Any help/advice appreciated.


Thanks.

Correct Answer by rochopra about 9 years 9 months ago

Yes a bug has been filed for this:

CSCsj52581


Check details about the bug here:

http://www.cisco.com/cgi-bin/Support/Bugtool/home.pl


~Rohit

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ceramisit Fri, 08/03/2007 - 08:02
User Badges:

Great, that's all I needed to know. Thanks for the info.

Actions

This Discussion