10-11-2007 11:40 AM - edited 03-11-2019 04:24 AM
Hi all
I have a 6500 with a FWSM also a sup720/WISM and a 48port sfp.
Problem is when I setup a vpn connectivity through the FWSM from the inside going to the outside the session is terminated. The fwsm show src protocol 50 not translated error msg.
We have full permission to go out and in with protcol 50 and 51 , esd and iskmp.
the error appears to be the pat setup
we have a public network (172.16) natted or PAT'ed to a single ip. when we set a static rule it works. I've seen ipsec-udp
to bypass this and sysopt , but neither of these are on the FWSM. If there is a Lead to some documentation that would solve this it would be most appreciated.
10-11-2007 11:54 AM
Make sure the remote peer supports nat-t and it is enabled.
10-24-2007 04:17 AM
Thank you. Consulting our Secuirty Team it appears they do have NAT-T turned off on the Gate we are VPN'ing too. I will try another VPN gate to confirm. The two permanent solutions I am seeing is One - fix the VPN gate or two create a NAT-Pool the latter being the choice I have. Would there be other options that I am unaware of ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide