IPSEC works with Dialup but not high speed....

Unanswered Question
Sep 15th, 2008

I have been fighting with this odd error for way too long now. I have an IPSEC VPN setup (this is on a Cisco 5510-ASA) and when I test it under our dialup account, "we use this just to test the VPNs" I can terminate and get my routes (split-tunneling is on). I can ping the hosts I setup without issue as well.

Now when I disconnect this VPN and try either my AT&T T1 here at the office or my cable connection at home, both on the same laptop that worked with dial-up, again I can terminate the VPN and get the routes yet this time I cannot ping the servers at all. I hate to recreate the wheel or in this case the VPN when it does appear to work...this is the strangest error I have seen yet. I have even called in the cable company to check their lines to see if they are blocking anything which they assured me they are not and all traffic for this connection are wide open. I can send traffic out the VPN but cannot receive anything.

Any assistance with this is greatly appreciated.

Rick

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
singhsaju Mon, 09/15/2008 - 05:40

Hi Rick,

I think IPsec (esp packets) is being blocked by NATing done by your cable ISP or AT&T T1 .

Enable NAT traversal on the VP head end device . In your case ASA ,

"isakmp nat-traversal 30"

HTH

Saju

Pls rate helpful posts

rickcorriveau Thu, 09/18/2008 - 06:11

Hey, thanks for the insight. I tried this out and got the same issue. I can send but receive nothing when connected via high speed.

Dial up still works fine though..

Rick

rickcorriveau Fri, 09/19/2008 - 05:44

Strange thing is, Dial up works yet high speed does not even though they terminate to the same device and credentials...

Rick

Actions

This Discussion