Problem with VPN Client passthrough on ASA 5505

delawarecity · ‎12-27-2007

I am having a problem with passing through a VPN client connection on an ASA 5505. The ASA is running version 8 and terminates an anyconnect VPN. The ASA is using PAT. When the inside user connects with the VPN client, it connects but no traffic passes through the tunnel. I see the error

305006 regular translation creation failed for protocol 50 src INSIDE:y.y.y.y dst OUTSIDE:x.x.x.x

UDP 500,4500 and ESP are allowed into the ASA. Ipsec inspection has also been setup on a global policy, but the user still cannot pass traffice to the remote VPN he is connected through.

At the Main Office we have an ASA 5510 that terminates a site to site VPN, allows remote connections with PAT and allows passthrough no problems. Any ideas?

AFSguru2007 · ‎12-31-2007

I am having a simuliar issue with my ASA 5505 that I have set up. I am trying to VPN into the Office. I have no problem accessing the Office network when I am on the internet without the ASA 5505. After I installed the 5505, and there is internet access, I try to connect to the Office network without success. The VPN connects with the following error.

3 Dec 31 2007 05:30:00 305006 xxx.xx.114.97

regular translation creation failed for protocol 50 src inside:192.168.1.9 dst outside:xxx.xx.114.97

HELP?

johnd2310 · ‎12-31-2007

hi,

Is the VPN server configured to use ipsec-over-tcp or NAT-T ?

John

**Please rate posts you find helpful**

AFSguru2007 · ‎12-31-2007

I just says IPSec

Also I am using (and can not change) version 4.6.02.0011 client SW to do the VPN to Office

AFSguru2007 · ‎12-31-2007

Interestingly enough, all I had to do is change it to IPSec over UDP (NAT/PAT) and it worked fine. I did not want to risk changes to the Office supplied VPN config, but what the heck, it worked. Thanks for the nudge!