Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
309
Views
5
Helpful
2
Replies

6500/wism/fwsm - Vpn tunnel failed on Pat ,protocol 50

Paul Lachance
Level 1
Level 1

‎10-11-2007 11:40 AM - edited ‎03-11-2019 04:24 AM

Hi all

I have a 6500 with a FWSM also a sup720/WISM and a 48port sfp.

Problem is when I setup a vpn connectivity through the FWSM from the inside going to the outside the session is terminated. The fwsm show src protocol 50 not translated error msg.

We have full permission to go out and in with protcol 50 and 51 , esd and iskmp.

the error appears to be the pat setup

we have a public network (172.16) natted or PAT'ed to a single ip. when we set a static rule it works. I've seen ipsec-udp

to bypass this and sysopt , but neither of these are on the FWSM. If there is a Lead to some documentation that would solve this it would be most appreciated.

Labels:
0 Helpful
2 Replies 2

acomiskey
Level 10
Level 10

‎10-11-2007 11:54 AM

Make sure the remote peer supports nat-t and it is enabled.

Paul Lachance
Level 1
Level 1
In response to acomiskey

‎10-24-2007 04:17 AM

Thank you. Consulting our Secuirty Team it appears they do have NAT-T turned off on the Gate we are VPN'ing too. I will try another VPN gate to confirm. The two permanent solutions I am seeing is One - fix the VPN gate or two create a NAT-Pool the latter being the choice I have. Would there be other options that I am unaware of ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card