PAT with VPN doesnt work

Unanswered Question
Jun 19th, 2008

Hi guys,

with reference to the above, i dont know why only one ip in the 10.10.10.x range passes traffic via the tunnel while the rest does not. I have the following nat policy configured

nat (inside) 1 access-list xxx

global (outside) 1 200.200.200.1-200.200.200.30 netmask 255.255.255.0

access-list xxx permit ip 10.10.10.x 255.255.255.0 50.50.x.x 255.255.0.0

access-list crypto permit ip 200.200.200.0 255.255.255.0 host 50.50.50.5

isakmp nat-traversal 20

sysopt connection permit-vpn

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
owillins Wed, 06/25/2008 - 06:03

better disable the monitoring for the interface whose static translation is created.you need to open esp protocol for source and destination and also open udp port 500 ( isakmp) for vpn traffic to work .


Actions

This Discussion