800 Series Windows Client to Router VPN cannot Ping.

Unanswered Question
Jan 7th, 2009

Hello,

I am having trouble getting my VPN working, I think the trouble is in my nat statement.

I am only working with 3 devices, a laptop connected to WAN port, the router, a desktop connected to the lan side.

Laptop ip is 69.50.57.154 255.255.255.248, the cisco client connects and I receive a valid ip 192.168.15.101 the client is showing the secured route as 192.168.0.0

Desktop is configured as 192.168.0.10 255.255.252.0

I have attached the config.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Thu, 01/15/2009 - 14:50

NAT-Traversal or NAT-T allows VPN traffic to pass through NAT or PAT devices, such as a Linksys SOHO router. If NAT-T is not enabled, VPN Client users often appear to connect to the PIX or ASA without a problem, but they are unable to access the internal network behind the security appliance.

If you do not enable the NAT-T in the NAT/PAT Device, you can receive the regular translation creation failed for protocol 50 src inside:10.0.1.26 dst outside:10.9.69.4 error message in the PIX/ASA.

Similarly, if you are unable to do simultaneous login from the same IP address, the Secure VPN connection terminated locally by client. Reason 412: The remote peer is no longer responding. error message appears. Enable NAT-T in the head end VPN device in order to resolve this error.

Note: With Cisco IOS Software Release 12.2(13)T and later, NAT-T is enabled by default in Cisco IOS.

dianewalker Sun, 01/18/2009 - 21:05

I have the same problem. After the Cisco VPN client connects, the Remote office was not able to access the internal network (intranet web server and SQL database) even though the Split-tunnel is enabled. How do you enable NAT-T on the ASA 5550? Thanks.

Actions

This Discussion