Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2507
Views
0
Helpful
2
Replies

ASA 5510 nat-traversal problem

mljevakovic
Level 3
Level 3

‎11-13-2008 02:40 AM - edited ‎02-21-2020 03:06 AM

Our ASA 5510 has sw ver 8.0(2) and DM ver 6.0(2). Through ASDM on the menu Configuration>Site-to-site VPN>Advanced>IKE parameters under NAT transparency we checked "Enable IPSec over NAT-T" and wrote config to startup and also we did it manually. After power failure and start ASA 5510 lost this part from config file. So we have to put command "crypto isakmp nat-traversal" manually. Because through ASDM it hasn't effect. It's happened two times.

Any idea?

0 Helpful
2 Replies 2

nefkensp
Level 5
Level 5

‎11-13-2008 06:34 AM

Hello,

There are two bugs that could be related to it. If you have access to the bug toolkit, check CSCsj52581 and CSCsq65580.

I think it is the first bug, so an upgrade to ASA 8.0.4 (which I would recommend anyhow if you use the ASDM) would sovlve the problem.

Kind regards

P-J Nefkens

0 Helpful

acomiskey
Level 10
Level 10
In response to nefkensp

‎11-13-2008 07:20 AM

Or change the timeout to a non-default value.

crypto isakmp nat-traversal 21 (not default 20)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card